bloxorzgame.arcadesnail.com Open in urlscan Pro
69.162.125.38 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bloxorzgame.arcadesnail.com/
Submission Tags: phishingrod
Submission: On January 14 via api (January 14th 2024, 7:52:50 am UTC) from DE — Scanned from DE

Summary HTTP 40 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 11 domains to perform 40 HTTP transactions. The main IP is 69.162.125.38, located in United States and belongs to LIMESTONENETWORKS, US. The main domain is bloxorzgame.arcadesnail.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on October 19th 2023. Valid for: 3 months.

This is the only time bloxorzgame.arcadesnail.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	69.162.125.38 69.162.125.38	46475 (LIMESTONE...) (LIMESTONENETWORKS)
8	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
5	69.162.125.43 69.162.125.43	46475 (LIMESTONE...) (LIMESTONENETWORKS)
1 7	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
40	12

4 69.162.125.38 (United States)

ASN46475 (LIMESTONENETWORKS, US)
PTR: 38-125-162-69.static.reverse.lstn.net

bloxorzgame.arcadesnail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.162.125.43 (United States)

ASN46475 (LIMESTONENETWORKS, US)
PTR: 43-125-162-69.static.reverse.lstn.net

www.arcadecabin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	265 KB
7	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	46 KB
5	arcadecabin.com www.arcadecabin.com	140 KB
4	arcadesnail.com bloxorzgame.arcadesnail.com	6 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
2	gstatic.com www.gstatic.com fonts.gstatic.com	49 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	65 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	2 KB
0	addthis.com Failed s7.addthis.com Failed
0	cpmstar.com Failed server.cpmstar.com Failed
40	11

	Domain	Requested by
8	pagead2.googlesyndication.com	bloxorzgame.arcadesnail.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
7	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
7	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
5	www.arcadecabin.com	bloxorzgame.arcadesnail.com
4	bloxorzgame.arcadesnail.com	bloxorzgame.arcadesnail.com
2	www.googleadservices.com	bloxorzgame.arcadesnail.com
2	www.google.com	1 redirects tpc.googlesyndication.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
0	s7.addthis.com Failed	bloxorzgame.arcadesnail.com
0	server.cpmstar.com Failed	bloxorzgame.arcadesnail.com
40	13

This site contains links to these domains. Also see Links.

Domain
www.bloxorzgame.com
www.platformracing2.com
www.dolphinolympics.net
www.lineflyergame.net
www.freeridergame.net
www.jeepflyergame.com
www.johnnyrocketfingers.net
www.bloonsgame.net
www.worlddominationgame.com
www.fantasticcontraptiongame.com
www.arcadecabin.com

Subject Issuer	Validity	Valid
bloxorzgame.com cPanel, Inc. Certification Authority	`2023-10-19` - `2024-01-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
arcadecabin.com cPanel, Inc. Certification Authority	`2024-01-11` - `2024-04-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://bloxorzgame.arcadesnail.com/
Frame ID: 904015D7CF70AF99D64A3BCEC76C9A9B
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html
Frame ID: A14A0F163756258C9A12053D5602B59B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9161075271982183&output=html&h=15&slotname=1785284405&adk=1384478211&adf=1119259538&pi=t.ma~as.1785284405&w=728&lmt=1705218763&url=https%3A%2F%2Fbloxorzgame.arcadesnail.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705218762724&bpp=3&bdt=383&idt=333&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&correlator=3325726135067&frm=20&pv=2&ga_vid=405874362.1705218763&ga_sid=1705218763&ga_hid=2132277424&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=395&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079979%2C31080266%2C44795921%2C95320869%2C95320888&oid=2&pvsid=1649935375213665&tmod=1467128650&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=346
Frame ID: 9F5CE1CDD72D2826538592658FED2641
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9161075271982183&output=html&h=600&slotname=8720115540&adk=2419804212&adf=3108388030&pi=t.ma~as.8720115540&w=160&lmt=1705218763&format=160x600&url=https%3A%2F%2Fbloxorzgame.arcadesnail.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705218762727&bpp=1&bdt=386&idt=351&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_slotnames=1785284405&correlator=3325726135067&frm=20&pv=1&ga_vid=405874362.1705218763&ga_sid=1705218763&ga_hid=2132277424&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079979%2C31080266%2C44795921%2C95320869%2C95320888&oid=2&pvsid=1649935375213665&tmod=1467128650&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=353
Frame ID: CE4AD317E7159E1F453FF92DDE0B3F45
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9161075271982183&output=html&adk=1812271804&adf=3025194257&lmt=1705218763&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=356x1080_l%7C356x1080_r&format=0x0&url=https%3A%2F%2Fbloxorzgame.arcadesnail.com%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705218762740&bpp=1&bdt=399&idt=340&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&prev_slotnames=1785284405&nras=1&correlator=3325726135067&frm=20&pv=1&ga_vid=405874362.1705218763&ga_sid=1705218763&ga_hid=2132277424&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079979%2C31080266%2C44795921%2C95320869%2C95320888&oid=2&pvsid=1649935375213665&tmod=1467128650&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=347
Frame ID: CD35994EAD591A561F724781B6C21833
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E14BDFD7ACBBF68094127487FDDAE57C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VucML-pZXNsV9Bio95In_Vy1g44u5uVv1Eq8Y-LPojk.js
Frame ID: 8AF895453FBE6BBF4FCB65C73397D818
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5048DFD8115F05B4AE0369318986EA5B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8DFD01ED037B7345BCE4E549A928B9E2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bloxorz Game - Play Bloxorz Online

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

Page Statistics

40
Requests

90 %
HTTPS

73 %
IPv6

11
Domains

13
Subdomains

12
IPs

2
Countries

575 kB
Transfer

1312 kB
Size

5
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: http://www.bloxorzgame.com/
Title: Bloxorz Game

Search URL Search Domain Scan URL

URL: http://www.platformracing2.com/
Title: Platform Racing 2

Search URL Search Domain Scan URL

URL: http://www.dolphinolympics.net/
Title: Dolphin Olympics Game

Search URL Search Domain Scan URL

URL: http://www.lineflyergame.net/
Title: Line Flyer Game

Search URL Search Domain Scan URL

URL: http://www.freeridergame.net/
Title: Free Rider Game

Search URL Search Domain Scan URL

URL: http://www.jeepflyergame.com/
Title: Jeep Flyer Game

Search URL Search Domain Scan URL

URL: http://www.johnnyrocketfingers.net/
Title: Johnny Rocketfingers

Search URL Search Domain Scan URL

URL: http://www.bloonsgame.net/
Title: Bloons Game

Search URL Search Domain Scan URL

URL: http://www.worlddominationgame.com/
Title: World Domination

Search URL Search Domain Scan URL

URL: http://www.fantasticcontraptiongame.com/
Title: Fantastic Contraption

Search URL Search Domain Scan URL

URL: http://www.arcadecabin.com/play/absorbed-2.html
Title: Absorbed 2

Search URL Search Domain Scan URL

URL: http://www.arcadecabin.com/play/curve-fever-2.html
Title: Curve Fever 2

Search URL Search Domain Scan URL

URL: http://www.arcadecabin.com/play/monkey-go-happy-ninja-hunt-2.html
Title: Monkey Go Happy Ninja Hu...

Search URL Search Domain Scan URL

URL: http://www.arcadecabin.com/play/asphalt-speed-racing.html
Title: Asphalt Speed Racing

Search URL Search Domain Scan URL

URL: http://www.arcadecabin.com/play/arm-fight.html
Title: Arm Fight

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 29

https://googleads.g.doubleclick.net/pagead/adview?ai=CFOUny5KjZfWfBtOLlgSP1ZmACtXshJd1h5rE-o0S2dkeEAEg66v2ImCV-o6CoAegAZDtuOMCyAEBqQI0SeIqfCcKPqgDAcgDywSqBIYCT9Bn32uyGma0AFKWrTQLmAmyWaeC-QICJ0OgXRr4DmOLH_mO7WkpWJqBrLOafTYqnVoDPiYcwdV9byUT_wTRBjubac-erNt72O1HrNa1UyUkHmm9xwzxvCPKQw9mkn2bh_Dms6WNZ98Kh_2i0z3wG6AjJlTA8wq3AzG5DlW00jDhPsdwt-7s6TfMeid6MGXcdLzl2jA0ILLq5nOSxCkGtdZ0JA4bNIB1TXNSPYaXE8V0rsqH_e5waXQLh-1_fi77uvuZgNNe55TEahGz7QRgi7V8R4irpOc_6UnwlUc41jId6fR9PzcaaGbEc9DPznIg6_W_DaZVxR5Pl60fSAHfxQl6tZjuYMAEq6KKi8sEiAWsy_z1TZIFBAgEGAGSBQQIBRgEgAfYksecAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEKTaTdIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYrPiN9bLcgwOaCcgBaHR0cHM6Ly9zdG9yZS5zdGVhbXBvd2VyZWQuY29tL2FwcC8yNDI2OTYwLz91dG1fc291cmNlPWdvb2dsZWFkd29yZHNfd2ViJnV0bV9jYW1wYWlnbj1IUV9TV19ERV9HQV9CUl9QQy1TVEVBTV9HRE5fMjQwMTA5JnV0bV9tZWRpdW09MjQwMTA5X0FsbF9BT19BbGxfU1RFQU0tbGF1bmNoX0RFJnV0bV9jb250ZW50PUFMTF9IUV9TdGVhbV9MYXVuY2hpbmeACgHICwGiDAgqBgoErLqxAtgTCogUBtAVAZgWAYAXAbIXHAoaCAASFHB1Yi05MTYxMDc1MjcxOTgyMTgzGAA&sigh=dxpJPB0SIkQ&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_iaOdpzd2E64i5bGeSioh-_Z-6Loob_lNKwsNPCBfKsd-89-CqItrxDGJMRPiQAiLJi_005oG70B3MProy4wou1qaF5OHPJnSuxgB&template_id=5020&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217469817620952946359%22,%22debug_reporting%22:true,%22destination%22:%22https://steampowered.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22745420432%22],%2222%22:[%22true%22],%224%22:[%2201-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213130020169453794705%22}&andc=true

40 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
bloxorzgame.arcadesnail.com/ 7 KB
3 KB 6650ms
5095ms Document
text/html 69.162.125.38
LIMESTONENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxorzgame.arcadesnail.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.162.125.38 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS: 38-125-162-69.static.reverse.lstn.net
Software: Apache / PHP/5.6.40
Resource Hash: 6caf918cc59b5dee2e14b91927a9bf7c6e1bb0523872700d21103a0524240d5d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 2457
Content-Type: text/html; charset=UTF-8
Date: Sun, 14 Jan 2024 07:52:36 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Vary: Accept-Encoding,User-Agent
X-Powered-By: PHP/5.6.40

GET
H/1.1 200
OK swfobject.js Show response
bloxorzgame.arcadesnail.com/ 7 KB
3 KB 128ms
127ms Script
application/javascript 69.162.125.38
LIMESTONENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxorzgame.arcadesnail.com/swfobject.js
Requested by: Host: bloxorzgame.arcadesnail.com
URL: https://bloxorzgame.arcadesnail.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.162.125.38 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS: 38-125-162-69.static.reverse.lstn.net
Software: Apache /
Resource Hash: f2172868bc46d74ad32f2715bc25a8716e07a784b2ecb24d9d077d2125c6c993

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzgame.arcadesnail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 07:52:41 GMT
Content-Encoding: gzip
Last-Modified: Tue, 29 Apr 2008 10:32:39 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2248

GET
H/1.1 200
OK scripts.js Show response
bloxorzgame.arcadesnail.com/ 283 B
516 B 257ms
128ms Script
application/javascript 69.162.125.38
LIMESTONENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxorzgame.arcadesnail.com/scripts.js
Requested by: Host: bloxorzgame.arcadesnail.com
URL: https://bloxorzgame.arcadesnail.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.162.125.38 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS: 38-125-162-69.static.reverse.lstn.net
Software: Apache /
Resource Hash: 4bdc6fbec6e2e916a4d06b9b3e78ec1e7fe6139bc525d0f78e1d6d99d9351a82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzgame.arcadesnail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 07:52:41 GMT
Content-Encoding: gzip
Last-Modified: Tue, 29 Apr 2008 10:32:38 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 204

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 97ms
66ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: bloxorzgame.arcadesnail.com
URL: https://bloxorzgame.arcadesnail.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c27ed57a9d7c50fd1d6e27660a7e96813046d1282d60aa033e329edbbfdf9d74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzgame.arcadesnail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 07:52:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51198
x-xss-protection: 0
server: cafe
etag: 6391588265046618553
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 14 Jan 2024 07:52:42 GMT

GET
H/1.1 200
OK absorbed-2.jpg
www.arcadecabin.com/images/thumbs/ 31 KB
31 KB 3300ms
133ms Image
image/jpeg 69.162.125.43
LIMESTONENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.arcadecabin.com/images/thumbs/absorbed-2.jpg
Requested by: Host: bloxorzgame.arcadesnail.com
URL: https://bloxorzgame.arcadesnail.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.162.125.43 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS: 43-125-162-69.static.reverse.lstn.net
Software: Apache /
Resource Hash: f79a119df35690625e5a92f11370ebd1fef26254daec82d3ae2e22906c03e92e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzgame.arcadesnail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 07:52:44 GMT
Last-Modified: Fri, 08 Apr 2016 19:16:19 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 31256

GET
H/1.1 200
OK curve-fever-2.jpg
www.arcadecabin.com/images/thumbs/ 23 KB
23 KB 3446ms
133ms Image
image/jpeg 69.162.125.43
LIMESTONENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.arcadecabin.com/images/thumbs/curve-fever-2.jpg
Requested by: Host: bloxorzgame.arcadesnail.com
URL: https://bloxorzgame.arcadesnail.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.162.125.43 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS: 43-125-162-69.static.reverse.lstn.net
Software: Apache /
Resource Hash: 953613fa8d8220c360c4e896444e6d48c1be67f5a6db5fe6e9a3d4c792959af1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzgame.arcadesnail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 07:52:44 GMT
Last-Modified: Fri, 08 Apr 2016 19:16:20 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 23123

GET
H/1.1 200
OK monkey-go-happy-ninja-hunt-2.jpg
www.arcadecabin.com/images/thumbs/ 36 KB
36 KB 2991ms
130ms Image
image/jpeg 69.162.125.43
LIMESTONENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.arcadecabin.com/images/thumbs/monkey-go-happy-ninja-hunt-2.jpg
Requested by: Host: bloxorzgame.arcadesnail.com
URL: https://bloxorzgame.arcadesnail.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.162.125.43 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS: 43-125-162-69.static.reverse.lstn.net
Software: Apache /
Resource Hash: 208aa684007eae3c600f8227524e593e336cb8932dc6492d4b49c7039f1c27ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzgame.arcadesnail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 07:52:44 GMT
Last-Modified: Fri, 08 Apr 2016 19:16:19 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 36466

GET
H/1.1 200
OK asphalt-speed-racing.jpg
www.arcadecabin.com/images/thumbs/ 14 KB
14 KB 3250ms
137ms Image
image/jpeg 69.162.125.43
LIMESTONENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.arcadecabin.com/images/thumbs/asphalt-speed-racing.jpg
Requested by: Host: bloxorzgame.arcadesnail.com
URL: https://bloxorzgame.arcadesnail.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.162.125.43 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS: 43-125-162-69.static.reverse.lstn.net
Software: Apache /
Resource Hash: 4441c38ef62ea0657f24f0e58c0aa19b7cba4102b8f371e6d683921d31844bd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzgame.arcadesnail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 07:52:44 GMT
Last-Modified: Fri, 08 Apr 2016 19:16:20 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 13978

GET
H/1.1 200
OK arm-fight.jpg
www.arcadecabin.com/images/thumbs/ 36 KB
37 KB 3251ms
134ms Image
image/jpeg 69.162.125.43
LIMESTONENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.arcadecabin.com/images/thumbs/arm-fight.jpg
Requested by: Host: bloxorzgame.arcadesnail.com
URL: https://bloxorzgame.arcadesnail.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.162.125.43 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS: 43-125-162-69.static.reverse.lstn.net
Software: Apache /
Resource Hash: 3b5dbc3c953fa71352047925b9d482ddc6ab0216412bd71cb040c35c5169c1ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzgame.arcadesnail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 07:52:44 GMT
Last-Modified: Fri, 08 Apr 2016 19:25:00 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 37334

GET view.aspx
server.cpmstar.com/ 0
0

GET textad.js
server.cpmstar.com/cached/ 0
0

GET addthis_widget.js
s7.addthis.com/js/250/ 0
0

GET
H/1.1 200
OK black.png
bloxorzgame.arcadesnail.com/ 569 B
828 B 127ms
127ms Image
image/png 69.162.125.38
LIMESTONENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxorzgame.arcadesnail.com/black.png
Requested by: Host: bloxorzgame.arcadesnail.com
URL: https://bloxorzgame.arcadesnail.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.162.125.38 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS: 38-125-162-69.static.reverse.lstn.net
Software: Apache /
Resource Hash: e9f72aa7f5e37282c2c592133a3a18607723a29f719a37d192fba95574936857

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzgame.arcadesnail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 07:52:41 GMT
Last-Modified: Wed, 06 Aug 2014 19:38:09 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 569

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/ 402 KB
136 KB 72ms
72ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9161075271982183&plah=bloxorzgame.arcadesnail.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ee8bc255b59097964508436dd521d619bbebcc9b8f9a7a2c81b3b02bfbc3de2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzgame.arcadesnail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 07:52:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139384
x-xss-protection: 0
server: cafe
etag: 11731809300727640285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 14 Jan 2024 07:52:42 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/ Frame A14A 9 KB
4 KB 31ms
8ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxorzgame.arcadesnail.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 40350
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 20:40:12 GMT
etag: 9219409622527106327
expires: Sat, 27 Jan 2024 20:40:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9F5C 603 B
245 B 35ms
35ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9161075271982183&output=html&h=15&slotname=1785284405&adk=1384478211&adf=1119259538&pi=t.ma~as.1785284405&w=728&lmt=1705218763&url=https%3A%2F%2Fbloxorzgame.arcadesnail.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705218762724&bpp=3&bdt=383&idt=333&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&correlator=3325726135067&frm=20&pv=2&ga_vid=405874362.1705218763&ga_sid=1705218763&ga_hid=2132277424&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=395&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079979%2C31080266%2C44795921%2C95320869%2C95320888&oid=2&pvsid=1649935375213665&tmod=1467128650&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=346

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9161075271982183&plah=bloxorzgame.arcadesnail.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxorzgame.arcadesnail.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jan 2024 07:52:43 GMT
expires: Sun, 14 Jan 2024 07:52:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CE4A 128 KB
42 KB 918ms
918ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9161075271982183&output=html&h=600&slotname=8720115540&adk=2419804212&adf=3108388030&pi=t.ma~as.8720115540&w=160&lmt=1705218763&format=160x600&url=https%3A%2F%2Fbloxorzgame.arcadesnail.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705218762727&bpp=1&bdt=386&idt=351&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_slotnames=1785284405&correlator=3325726135067&frm=20&pv=1&ga_vid=405874362.1705218763&ga_sid=1705218763&ga_hid=2132277424&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079979%2C31080266%2C44795921%2C95320869%2C95320888&oid=2&pvsid=1649935375213665&tmod=1467128650&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=353

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce843512a6cd796dec9ad3e617de076bb3b07983c7060ed20e0bc0e1335ac031

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxorzgame.arcadesnail.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42315
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jan 2024 07:52:43 GMT
expires: Sun, 14 Jan 2024 07:52:43 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CD35 0
19 B 21ms
21ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9161075271982183&output=html&adk=1812271804&adf=3025194257&lmt=1705218763&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=356x1080_l%7C356x1080_r&format=0x0&url=https%3A%2F%2Fbloxorzgame.arcadesnail.com%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705218762740&bpp=1&bdt=399&idt=340&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&prev_slotnames=1785284405&nras=1&correlator=3325726135067&frm=20&pv=1&ga_vid=405874362.1705218763&ga_sid=1705218763&ga_hid=2132277424&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079979%2C31080266%2C44795921%2C95320869%2C95320888&oid=2&pvsid=1649935375213665&tmod=1467128650&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=347

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxorzgame.arcadesnail.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jan 2024 07:52:43 GMT
expires: Sun, 14 Jan 2024 07:52:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame CE4A 14 KB
2 KB 38ms
16ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9161075271982183&output=html&h=600&slotname=8720115540&adk=2419804212&adf=3108388030&pi=t.ma~as.8720115540&w=160&lmt=1705218763&format=160x600&url=https%3A%2F%2Fbloxorzgame.arcadesnail.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705218762727&bpp=1&bdt=386&idt=351&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_slotnames=1785284405&correlator=3325726135067&frm=20&pv=1&ga_vid=405874362.1705218763&ga_sid=1705218763&ga_hid=2132277424&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079979%2C31080266%2C44795921%2C95320869%2C95320888&oid=2&pvsid=1649935375213665&tmod=1467128650&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=353

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 14 Jan 2024 07:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 14 Jan 2024 07:34:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Jan 2024 07:52:44 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame CE4A 2 KB
903 B 56ms
15ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 21:28:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37461
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 21:28:23 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame CE4A 23 KB
9 KB 51ms
12ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 11:25:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73616
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 11:25:48 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E14B 143 B
166 B 7ms
7ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9161075271982183&output=html&h=600&slotname=8720115540&adk=2419804212&adf=3108388030&pi=t.ma~as.8720115540&w=160&lmt=1705218763&format=160x600&url=https%3A%2F%2Fbloxorzgame.arcadesnail.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705218762727&bpp=1&bdt=386&idt=351&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_slotnames=1785284405&correlator=3325726135067&frm=20&pv=1&ga_vid=405874362.1705218763&ga_sid=1705218763&ga_hid=2132277424&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079979%2C31080266%2C44795921%2C95320869%2C95320888&oid=2&pvsid=1649935375213665&tmod=1467128650&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=353
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 863
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jan 2024 07:38:21 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame CE4A 3 KB
1 KB 55ms
16ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:19:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55982
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 16:19:42 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame CE4A 20 KB
9 KB 49ms
10ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45153
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 19:20:11 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame CE4A 205 KB
65 KB 58ms
20ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 07:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jan 2024 07:52:44 GMT

GET
H2 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame CE4A 37 KB
16 KB 34ms
9ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:49:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 04:29:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 11 Apr 2024 18:49:09 GMT

GET
DATA 200
OK truncated
/ Frame CE4A 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E14B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

22ms
22ms

Document
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jan 2024 07:52:44 GMT
expires: Sun, 14 Jan 2024 07:52:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jan 2024 07:52:44 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CE4A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e1ba35752b34af7209fda12d6c55d7b0cd0c8488fc6e975ed7ad71b1c9ccbad

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame CE4A 33 KB
34 KB 30ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:19:37 GMT
x-content-type-options: nosniff
age: 459187
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 00:19:37 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame CE4A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CFOUny5KjZfWfBtOLlgSP1ZmACtXshJd1h5rE-o0S2dkeEAEg66v2ImCV-o6CoAegAZDtuOMCyAEBqQI0SeIqfCcKPqgDAcgDywSqBIYCT9Bn32uyGma0AFKWrTQLmAmyWaeC-QICJ0OgXRr...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217469817620952946359%22,%22debug_reporting%22:true,%22destination%22:%22https://steampowered.com%22,%22event_report_window...

0
0

60ms
43ms

Fetch
text/css

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217469817620952946359%22,%22debug_reporting%22:true,%22destination%22:%22https://steampowered.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22745420432%22],%2222%22:[%22true%22],%224%22:[%2201-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213130020169453794705%22}&andc=true

Requested by

Host: bloxorzgame.arcadesnail.com
URL: https://bloxorzgame.arcadesnail.com/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 07:52:44 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"17469817620952946359","debug_reporting":true,"destination":"https://steampowered.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["745420432"],"22":["true"],"4":["01-14"],"6":["true"]},"priority":"500","source_event_id":"13130020169453794705"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 14 Jan 2024 07:52:44 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 14 Jan 2024 07:52:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"17469817620952946359","debug_reporting":true,"destination":"https://steampowered.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["745420432"],"22":["true"],"4":["01-14"],"6":["true"]},"priority":"500","source_event_id":"13130020169453794705"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 VucML-pZXNsV9Bio95In_Vy1g44u5uVv1Eq8Y-LPojk.js Show response
pagead2.googlesyndication.com/bg/ Frame 8AF8 50 KB
19 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VucML-pZXNsV9Bio95In_Vy1g44u5uVv1Eq8Y-LPojk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56e70c2fea595cdb15f418a8f79227fd5cb5838e2ee6e56fd44abc63e2cfa239

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 01:20:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 109937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19703
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 01:20:27 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 70ms
46ms Preflight
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 14 Jan 2024 07:52:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CE4A 42 B
64 B 62ms
46ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvJqi8__6TCWg00UzPxT-kF8kf0grRJshxAraF-569Nj-BQOEsgM17BrJ6jVjFeqyikL7x5OPMH8ovCi45rTcIeUh4k6BN_L4yY4j_vIk7F_-qjhsWZHvda9AumK3Uh2JveBtzJi3fDLSuLN8Dmxln2gku_&sai=AMfl-YQ8G0rNexqolX2f7rd8JvTtg9gUU1vorTKbd1IutIt5ekCaPLsrqCq2lJHuaFVXzZ5hphXZrzpC0rJ5SjgKBcaAN6DpAvqouP52AlCCAc6k4a2BWxiAA0I9VVokqRTYurdMNuNtY_YZbJGfd8up&sig=Cg0ArKJSzPo63h8nvk_UEAE&cid=CAQSTgAvHhf_iaOdpzd2E64i5bGeSioh-_Z-6Loob_lNKwsNPCBfKsd-89-CqItrxDGJMRPiQAiLJi_005oG70B3MProy4wou1qaF5OHPJnSuxgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2419804212&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705218763080&rpt=1093&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 07:52:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 58ms
58ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240109&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0391f424b5f0e06454c8f3eba8722ceb9cb2f01a85b2bce9bead1c3b9fa09886

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzgame.arcadesnail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 07:52:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12329
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzgame.arcadesnail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 07:52:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 Jan 2024 07:52:46 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5048 13 KB
5 KB 9ms
8ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxorzgame.arcadesnail.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 41884
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 20:14:42 GMT
expires: Sun, 12 Jan 2025 20:14:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8DFD 829 B
999 B 19ms
19ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

571ebb6971fc4d29fdf7a9fc1dc1bc3232011587c4ee58516b26592878564dfd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qP9vaw4m5Xs3z6U4rOxX_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bloxorzgame.arcadesnail.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-qP9vaw4m5Xs3z6U4rOxX_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jan 2024 07:52:46 GMT
expires: Sun, 14 Jan 2024 07:52:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 5048 39 KB
15 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 16:19:44 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8DFD 0
0 43ms
42ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240109&jk=1649935375213665&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5048 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?mXl3Rw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 07:52:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
45ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240109&jk=1649935375213665&bg=!XF-lXxDNAAaumcC-jpk7ADQBe5WfOAuXMqlMLOTGO-ezYAu4YXq7IRKPm5BufvNAlaKwdaVC70H9A3q_PXMCJYmSBCiPAgAAADxSAAAAAmgBBwoAXmO_byqZi_7YNSb-XoC06MvNbtLZnx_KhDMOTWZIMhoTu1VoBQ6A48FPWWuEifBydOBm-qCe13jTcUsg-FCneYDVYYKvLoEmADNZUkT595NWGxq3ybxDtPLNlPgFeC-ZAscu41Eq85LWpKaHfpeWvGH_1i-JVnm9f3WNQlStUGs4cO7U48OaZ1WcQYGxLnWKrzjKhT2xlvhE8snH5NTjRttKhKmBlGlKaoubaZgWvNxOjvztAiqPzpCPIJxsHedx0x5bKARUIQ0OMIPjngCGhb0TXW5k_GfCouicwFCtz0Y3uiF8rsfiBxkw708LmMx6_Byg23oJmiY1KvSBmmjuY2O-56XaIt9gk-A-xsPIu9r2mOavfqG9nR7ZHXfHAoSGGiS_jd88qGMiQFcPoIZZEsduJEinsb1kBLF9qGmjbN3ymmd0U7C5tQtR_kcOEdBCA9a7EAMwzhu4wxr3foXiTYfMIXGZt-pxHOaavL-eor5LPnbwRDXQNTNIW20QOzdveuirK2QQJHysPl7HpEAJBeKYBdaholmbtLXkp3lUSELo0PlcW6PjjJjFmpq3pej4PwYXuY_zGB-2mnE4V-sOLOrzMPMa9BgqaRAgnyI1dsSNjS5MxsgciwrBBhHudaO0eHLCvKW7Fya-02ZLJvwc_Sxx0BLbX8WnmWCTbq214S__QlrJrVM58v2ZQ1MPthN-fE87g6dLsrGfFX6KfoAgoaDWwRjMjuLd_ZSTAxMeZVlKB7m7BCD-DVDA3IxjZQOR4d7FzSgsUsM50jsTTUJq7UMczNQ6wQ3bgSgblO04RiqMdymLdUL_4bNqAQ1OVmP7IOWSk_Tk0CZgEbWmjSFNIvM0HaSLoly4wMXG4XivZgz74aT4mvlFJaa0zzFKMZtikESDroQd9in1m-JajjNIJgOqQK99TjdraOBqbx-nN_UAUan6ba-vyATMck8VSTeafBPtODItWXjDpc-penzFXMD37m8fbmmQPZYC9ccJZQ5XBPUmPMQfSeKtvsZUz--brl1wKyv4P2-fD6JPDN2sXg5gQeIOWSnzVrd_JNM3rhgeBneAllcqsGA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzgame.arcadesnail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: server.cpmstar.com
URL: http://server.cpmstar.com/view.aspx?poolid=11498&multi=4&script=1

Domain: server.cpmstar.com
URL: http://server.cpmstar.com/cached/textad.js

Domain: s7.addthis.com
URL: http://s7.addthis.com/js/250/addthis_widget.js

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.arcadesnail.com/	1970-01-21 03:01:54	Name: __gads Value: ID=49f990f02b25db2a:T=1705218763:RT=1705218763:S=ALNI_MaGofIepDwJktUxTSOX6nFs_l1x8g
.arcadesnail.com/	1970-01-21 03:01:54	Name: __gpi Value: UID=00000d40d483f549:T=1705218763:RT=1705218763:S=ALNI_MZP7UVjIboU1XNqqdOFWkpTIwlVDQ
.doubleclick.net/	1970-01-20 17:40:22	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 03:01:54	Name: IDE Value: AHWqTUlm9YolTYUd0Lr5uJ-e1ALMtn3EDnegUp6g6aqiPRjeakPmFeTC8lQUL_ck-sw
.googleadservices.com/	1970-01-20 19:49:54	Name: ar_debug Value: 1

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://bloxorzgame.arcadesnail.com/ Message: Mixed Content: The page at 'https://bloxorzgame.arcadesnail.com/' was loaded over HTTPS, but requested an insecure element 'http://www.arcadecabin.com/images/thumbs/absorbed-2.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://bloxorzgame.arcadesnail.com/ Message: Mixed Content: The page at 'https://bloxorzgame.arcadesnail.com/' was loaded over HTTPS, but requested an insecure element 'http://www.arcadecabin.com/images/thumbs/curve-fever-2.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://bloxorzgame.arcadesnail.com/ Message: Mixed Content: The page at 'https://bloxorzgame.arcadesnail.com/' was loaded over HTTPS, but requested an insecure element 'http://www.arcadecabin.com/images/thumbs/monkey-go-happy-ninja-hunt-2.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://bloxorzgame.arcadesnail.com/ Message: Mixed Content: The page at 'https://bloxorzgame.arcadesnail.com/' was loaded over HTTPS, but requested an insecure element 'http://www.arcadecabin.com/images/thumbs/asphalt-speed-racing.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://bloxorzgame.arcadesnail.com/ Message: Mixed Content: The page at 'https://bloxorzgame.arcadesnail.com/' was loaded over HTTPS, but requested an insecure element 'http://www.arcadecabin.com/images/thumbs/arm-fight.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://bloxorzgame.arcadesnail.com/ Message: Mixed Content: The page at 'https://bloxorzgame.arcadesnail.com/' was loaded over HTTPS, but requested an insecure script 'http://server.cpmstar.com/view.aspx?poolid=11498&multi=4&script=1'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://bloxorzgame.arcadesnail.com/ Message: Mixed Content: The page at 'https://bloxorzgame.arcadesnail.com/' was loaded over HTTPS, but requested an insecure script 'http://server.cpmstar.com/cached/textad.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://bloxorzgame.arcadesnail.com/ Message: Mixed Content: The page at 'https://bloxorzgame.arcadesnail.com/' was loaded over HTTPS, but requested an insecure script 'http://s7.addthis.com/js/250/addthis_widget.js'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://bloxorzgame.arcadesnail.com/(Line 133) Message: Mixed Content: The page at 'https://bloxorzgame.arcadesnail.com/' was loaded over HTTPS, but requested an insecure element 'http://www.arcadecabin.com/images/thumbs/absorbed-2.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://bloxorzgame.arcadesnail.com/(Line 133) Message: Mixed Content: The page at 'https://bloxorzgame.arcadesnail.com/' was loaded over HTTPS, but requested an insecure element 'http://www.arcadecabin.com/images/thumbs/curve-fever-2.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://bloxorzgame.arcadesnail.com/(Line 133) Message: Mixed Content: The page at 'https://bloxorzgame.arcadesnail.com/' was loaded over HTTPS, but requested an insecure element 'http://www.arcadecabin.com/images/thumbs/monkey-go-happy-ninja-hunt-2.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://bloxorzgame.arcadesnail.com/(Line 133) Message: Mixed Content: The page at 'https://bloxorzgame.arcadesnail.com/' was loaded over HTTPS, but requested an insecure element 'http://www.arcadecabin.com/images/thumbs/asphalt-speed-racing.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://bloxorzgame.arcadesnail.com/(Line 133) Message: Mixed Content: The page at 'https://bloxorzgame.arcadesnail.com/' was loaded over HTTPS, but requested an insecure element 'http://www.arcadecabin.com/images/thumbs/arm-fight.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bloxorzgame.arcadesnail.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
s7.addthis.com
server.cpmstar.com
tpc.googlesyndication.com
www.arcadecabin.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
s7.addthis.com
server.cpmstar.com
142.250.186.66
2a00:1450:4001:802::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::200a
2a00:1450:4001:812::2003
2a00:1450:4001:828::2003
2a00:1450:4001:828::2004
2a00:1450:4001:831::2002
69.162.125.38
69.162.125.43
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0391f424b5f0e06454c8f3eba8722ceb9cb2f01a85b2bce9bead1c3b9fa09886
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
208aa684007eae3c600f8227524e593e336cb8932dc6492d4b49c7039f1c27ca
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d
3b5dbc3c953fa71352047925b9d482ddc6ab0216412bd71cb040c35c5169c1ad
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
4441c38ef62ea0657f24f0e58c0aa19b7cba4102b8f371e6d683921d31844bd2
4bdc6fbec6e2e916a4d06b9b3e78ec1e7fe6139bc525d0f78e1d6d99d9351a82
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56e70c2fea595cdb15f418a8f79227fd5cb5838e2ee6e56fd44abc63e2cfa239
571ebb6971fc4d29fdf7a9fc1dc1bc3232011587c4ee58516b26592878564dfd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f
6caf918cc59b5dee2e14b91927a9bf7c6e1bb0523872700d21103a0524240d5d
8e1ba35752b34af7209fda12d6c55d7b0cd0c8488fc6e975ed7ad71b1c9ccbad
8ee8bc255b59097964508436dd521d619bbebcc9b8f9a7a2c81b3b02bfbc3de2
953613fa8d8220c360c4e896444e6d48c1be67f5a6db5fe6e9a3d4c792959af1
c27ed57a9d7c50fd1d6e27660a7e96813046d1282d60aa033e329edbbfdf9d74
ce843512a6cd796dec9ad3e617de076bb3b07983c7060ed20e0bc0e1335ac031
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
e9f72aa7f5e37282c2c592133a3a18607723a29f719a37d192fba95574936857
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2172868bc46d74ad32f2715bc25a8716e07a784b2ecb24d9d077d2125c6c993
f79a119df35690625e5a92f11370ebd1fef26254daec82d3ae2e22906c03e92e

bloxorzgame.arcadesnail.com Open in urlscan Pro 69.162.125.38 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

40 Requests

90 %HTTPS

73 %IPv6

11 Domains

13 Subdomains

12 IPs

2 Countries

575 kBTransfer

1312 kBSize

5 Cookies

15 Outgoing links

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

bloxorzgame.arcadesnail.com Open in urlscan Pro
69.162.125.38 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

90 %
HTTPS

73 %
IPv6

11
Domains

13
Subdomains

12
IPs

2
Countries

575 kB
Transfer

1312 kB
Size

5
Cookies

40 HTTP transactions
2 data transactions