minecraftcommand.science Open in urlscan Pro
68.178.206.128 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://minecraftcommand.science/profile/refundhelen38
Submission: On January 04 via manual (January 4th 2024, 3:34:33 am UTC) from DE — Scanned from CH

Summary HTTP 192 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 69 IPs in 9 countries across 63 domains to perform 192 HTTP transactions. The main IP is 68.178.206.128, located in United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is minecraftcommand.science.
TLS certificate: Issued by R3 on December 19th 2023. Valid for: 3 months.

This is the only time minecraftcommand.science was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	68.178.206.128 68.178.206.128	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
2	2606:4700:303... 2606:4700:3038::6815:ea0b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:4780:23:... 2a02:4780:23:8977:378c:548e:e74d:f002	47583 (AS-HOSTINGER) (AS-HOSTINGER)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2400:52e0:1e0... 2400:52e0:1e00::1082:1	200325 (BUNNYCDN) (BUNNYCDN)
2	2606:4700:10:... 2606:4700:10::ac43:2483	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.98.49 143.204.98.49	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1691	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	18.239.69.131 18.239.69.131	16509 (AMAZON-02) (AMAZON-02)
1	108.128.207.160 108.128.207.160	16509 (AMAZON-02) (AMAZON-02)
2	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
2	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:212... 2600:9000:2127:4a00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	65.9.95.29 65.9.95.29	16509 (AMAZON-02) (AMAZON-02)
4 32	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
4	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	34.120.111.33 34.120.111.33	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::681a:9a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	34.255.103.93 34.255.103.93	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
4	184.30.211.26 184.30.211.26	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:10:... 2606:4700:10::6816:35ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::6816:545	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
4	52.214.64.222 52.214.64.222	16509 (AMAZON-02) (AMAZON-02)
1	178.63.241.79 178.63.241.79	24940 (HETZNER-AS) (HETZNER-AS)
13 18	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
7 9	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
4 4	198.47.127.205 198.47.127.205	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	18.239.64.29 18.239.64.29	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	216.52.2.39 216.52.2.39	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
4	217.182.178.224 217.182.178.224	16276 (OVH) (OVH)
2	2606:4700:440... 2606:4700:4400::ac40:994e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2607:f350:3:2... 2607:f350:3:2569:0:10:0:a	27630 (AS-XFERNET) (AS-XFERNET)
2 9	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	147.75.84.158 147.75.84.158	54825 (PACKET) (PACKET)
4	2602:803:c003... 2602:803:c003:200::91	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2606:4700:10:... 2606:4700:10::ac43:17ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 14	52.95.125.22 52.95.125.22	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
1 1	2600:9000:211... 2600:9000:211e:a000:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	35.156.83.210 35.156.83.210	16509 (AMAZON-02) (AMAZON-02)
4 4	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 1	23.212.88.20 23.212.88.20	16625 (AKAMAI-AS) (AKAMAI-AS)
2	3.67.60.172 3.67.60.172	16509 (AMAZON-02) (AMAZON-02)
2	23.35.229.251 23.35.229.251	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	164.132.25.180 164.132.25.180	16276 (OVH) (OVH)
2	52.205.210.55 52.205.210.55	14618 (AMAZON-AES) (AMAZON-AES)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
2 2	3.235.201.186 3.235.201.186	14618 (AMAZON-AES) (AMAZON-AES)
1	72.251.245.179 72.251.245.179	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 4	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
1 1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
12	2.19.104.211 2.19.104.211	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
4	18.239.50.19 18.239.50.19	16509 (AMAZON-02) (AMAZON-02)
8	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
1 1	2607:ae80:192... 2607:ae80:192:1::172	26558 (FREEWHEEL) (FREEWHEEL)
1	52.211.238.11 52.211.238.11	16509 (AMAZON-02) (AMAZON-02)
3 3	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:c091:b52b:1c22:fff1	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.208.118.80 52.208.118.80	16509 (AMAZON-02) (AMAZON-02)
3 3	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	104.124.11.16 104.124.11.16	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	216.52.2.30 216.52.2.30	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	172.64.146.152 172.64.146.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	54.146.218.6 54.146.218.6	14618 (AMAZON-AES) (AMAZON-AES)
192	69

4 68.178.206.128 (United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 128.206.178.68.host.secureserver.net

minecraftcommand.science	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3038::6815:ea0b (United States)

ASN13335 (CLOUDFLARENET, US)

minotar.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:4780:23:8977:378c:548e:e74d:f002 (Meppel, Netherlands)

ASN47583 (AS-HOSTINGER, CY)

g28carkeys.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2400:52e0:1e00::1082:1 (Germany)

ASN200325 (BUNNYCDN, SI)

hb.vntsm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:2483 (United States)

ASN13335 (CLOUDFLARENET, US)

hb.vntsm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-49.fra50.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1691 (United States)

ASN13335 (CLOUDFLARENET, US)

cadmus.script.ac	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.239.69.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-69-131.ams58.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.207.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-207-160.eu-west-1.compute.amazonaws.com

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:4a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-29.prg50.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 37.252.173.215 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fra1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.111.33 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 33.111.120.34.bc.googleusercontent.com

cdn.edkt.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.255.103.93 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-103-93.eu-west-1.compute.amazonaws.com

track.venatusmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

12942995ee2ce71e57f234c9b362dbe1.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.211.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-211-26.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:35ad (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)

proc.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.214.64.222 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-64-222.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.63.241.79 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.79.241.63.178.clients.your-server.de

shb.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 69.173.144.165 (Frankfurt am Main, Germany) 13 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 216.58.212.162 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.47.127.205 (United States) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.239.64.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-64-29.ams58.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 217.182.178.224 (France)

ASN16276 (OVH, FR)
PTR: ip224.ip-217-182-178.eu

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:994e (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f350:3:2569:0:10:0:a (United States)

ASN27630 (AS-XFERNET, US)

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2602:803:c003:200::91 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 52.95.125.22 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:a000:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.83.210 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-83-210.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.228.174.117 (United Kingdom) 4 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.212.88.20 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-88-20.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.67.60.172 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-60-172.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.229.251 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-251.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 164.132.25.180 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip180.ip-164-132-25.eu

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.205.210.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-210-55.compute-1.amazonaws.com

cs-server-s2s.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.235.201.186 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-235-201-186.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.245.179 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.46.130.91 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2.19.104.211 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-104-211.deploy.static.akamaitechnologies.com

dcdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.239.50.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-50-19.ams58.r.cloudfront.net

choices.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

crcdn01.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:ae80:192:1::172 (United States) 1 redirects

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.238.11 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-238-11.eu-west-1.compute.amazonaws.com

cs.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.79 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:c091:b52b:1c22:fff1 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.118.80 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-118-80.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.75.62.37 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.124.11.16 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-124-11-16.deploy.static.akamaitechnologies.com

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.146.152 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.146.218.6 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-218-6.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 356 secure.adnxs.com — Cisco Umbrella Rank: 793 dcdn.adnxs.com — Cisco Umbrella Rank: 8929 cdn.adnxs.com — Cisco Umbrella Rank: 2645 fra1-ib.adnxs.com — Cisco Umbrella Rank: 6775 acdn.adnxs.com — Cisco Umbrella Rank: 957	249 KB
25	rubiconproject.com 14 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 620 fastlane.rubiconproject.com — Cisco Umbrella Rank: 791 eus.rubiconproject.com — Cisco Umbrella Rank: 951 token.rubiconproject.com — Cisco Umbrella Rank: 744 pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2989	29 KB
24	amazon-adsystem.com 3 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 359 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 925 aax.amazon-adsystem.com — Cisco Umbrella Rank: 464 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 923 s.amazon-adsystem.com — Cisco Umbrella Rank: 398	91 KB
15	doubleclick.net 7 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 184 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 cm.g.doubleclick.net — Cisco Umbrella Rank: 338	167 KB
9	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 757 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 796 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194	6 KB
8	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 140 12942995ee2ce71e57f234c9b362dbe1.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 185	42 KB
7	pubmatic.com 7 redirects image2.pubmatic.com — Cisco Umbrella Rank: 1555 image8.pubmatic.com — Cisco Umbrella Rank: 1098	2 KB
5	smartadserver.com 1 redirects prg.smartadserver.com — Cisco Umbrella Rank: 2047 ssbsync.smartadserver.com — Cisco Umbrella Rank: 1167	16 KB
5	cpx.to p.cpx.to — Cisco Umbrella Rank: 14890 s.cpx.to — Cisco Umbrella Rank: 10600	5 KB
4	yahoo.com 4 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 819 ups.analytics.yahoo.com — Cisco Umbrella Rank: 505	1 KB
4	adnxs-simple.com crcdn01.adnxs-simple.com — Cisco Umbrella Rank: 6171	802 KB
4	trustarc.com choices.trustarc.com — Cisco Umbrella Rank: 1542	4 KB
4	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1623	106 KB
4	venatusmedia.com track.venatusmedia.com — Cisco Umbrella Rank: 30554	677 B
4	4dex.io script.4dex.io — Cisco Umbrella Rank: 2287 mp.4dex.io — Cisco Umbrella Rank: 3130	25 KB
4	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 594	871 B
4	minecraftcommand.science minecraftcommand.science	391 KB
3	yellowblue.io cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 3407 cs.yellowblue.io — Cisco Umbrella Rank: 2654	2 KB
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 857	2 KB
3	lijit.com ap.lijit.com — Cisco Umbrella Rank: 998 ce.lijit.com — Cisco Umbrella Rank: 1432	1 KB
3	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 2163 a.ad.gt — Cisco Umbrella Rank: 2414	5 KB
3	vntsm.com hb.vntsm.com — Cisco Umbrella Rank: 35350	308 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101 region1.google-analytics.com — Cisco Umbrella Rank: 1695	21 KB
2	connatix.com 1 redirects capi.connatix.com — Cisco Umbrella Rank: 1732	523 B
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 845	1 KB
2	liadm.com 2 redirects i.liadm.com — Cisco Umbrella Rank: 979	1 KB
2	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 797	34 B
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 590	907 B
2	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1119	375 B
2	sonobi.com apex.go.sonobi.com — Cisco Umbrella Rank: 4534	2 KB
2	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 878	405 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1218 id5-sync.com — Cisco Umbrella Rank: 658	34 KB
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 2057	104 B
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 2137 pixel.quantserve.com — Cisco Umbrella Rank: 1736	10 KB
2	vntsm.io hb.vntsm.io — Cisco Umbrella Rank: 41313	964 B
2	gstatic.com fonts.gstatic.com	97 KB
2	minotar.net minotar.net — Cisco Umbrella Rank: 379394	2 KB
1	ipredictive.com 1 redirects sync.ipredictive.com — Cisco Umbrella Rank: 1536	493 B
1	yahoo.net hb.yahoo.net — Cisco Umbrella Rank: 1385	319 B
1	bidr.io match.prod.bidr.io — Cisco Umbrella Rank: 972	433 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 778	885 B
1	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 958	514 B
1	company-target.com 1 redirects s.company-target.com — Cisco Umbrella Rank: 2957	424 B
1	adgrx.com cm.adgrx.com — Cisco Umbrella Rank: 2472	283 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 731	140 B
1	media.net 1 redirects cs.media.net — Cisco Umbrella Rank: 1972	672 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 2399	483 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1449	434 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 1035	446 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1338	284 B
1	google.com www.google.com — Cisco Umbrella Rank: 6	1 KB
1	richaudience.com shb.richaudience.com — Cisco Umbrella Rank: 4309	253 B
1	dotomi.com proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 4184	468 B
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 2313	10 KB
1	edkt.io cdn.edkt.io — Cisco Umbrella Rank: 14660	8 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1945	1 KB
1	script.ac cadmus.script.ac — Cisco Umbrella Rank: 3813	45 KB
1	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1774	920 B
1	rlcdn.com ats.rlcdn.com — Cisco Umbrella Rank: 6762	37 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	79 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	2 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1761	6 KB
1	g28carkeys.co.uk g28carkeys.co.uk	60 KB
192	63

	Domain	Requested by
16	fra1-ib.adnxs.com	minecraftcommand.science cadmus.script.ac cdn.adnxs.com
14	aax-eu.amazon-adsystem.com	2 redirects cadmus.script.ac aax-eu.amazon-adsystem.com ssum-sec.casalemedia.com cs-server-s2s.yellowblue.io
13	ib.adnxs.com	1 redirects cadmus.script.ac hb.vntsm.com acdn.adnxs.com aax-eu.amazon-adsystem.com
11	pixel.rubiconproject.com	7 redirects aax-eu.amazon-adsystem.com
9	cm.g.doubleclick.net	7 redirects aax-eu.amazon-adsystem.com
8	dcdn.adnxs.com	cadmus.script.ac minecraftcommand.science
7	token.rubiconproject.com	6 redirects eus.rubiconproject.com
5	securepubads.g.doubleclick.net	hb.vntsm.com cadmus.script.ac securepubads.g.doubleclick.net
4	acdn.adnxs.com	minecraftcommand.science
4	crcdn01.adnxs-simple.com	minecraftcommand.science
4	choices.trustarc.com	minecraftcommand.science
4	cdn.adnxs.com	cadmus.script.ac
4	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com aax-eu.amazon-adsystem.com
4	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
4	fastlane.rubiconproject.com	hb.vntsm.com
4	prg.smartadserver.com	hb.vntsm.com
4	image2.pubmatic.com	4 redirects
4	s.cpx.to	cadmus.script.ac
4	secure.cdn.fastclick.net	cadmus.script.ac
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	track.venatusmedia.com	hb.vntsm.com
4	match.adsrvr.org	cadmus.script.ac ssum-sec.casalemedia.com aax-eu.amazon-adsystem.com
4	minecraftcommand.science	minecraftcommand.science
3	ups.analytics.yahoo.com	3 redirects
3	image8.pubmatic.com	3 redirects
3	ssum-sec.casalemedia.com	1 redirects aax-eu.amazon-adsystem.com ssum-sec.casalemedia.com
3	sync.1rx.io	3 redirects
3	secure.adnxs.com	3 redirects
3	tpc.googlesyndication.com	cadmus.script.ac
3	c.amazon-adsystem.com	hb.vntsm.com c.amazon-adsystem.com
3	hb.vntsm.com	minecraftcommand.science hb.vntsm.com
2	capi.connatix.com	1 redirects aax-eu.amazon-adsystem.com
2	pixel.tapad.com	1 redirects aax-eu.amazon-adsystem.com
2	i.liadm.com	2 redirects
2	cs-server-s2s.yellowblue.io	aax-eu.amazon-adsystem.com cs-server-s2s.yellowblue.io
2	eus.rubiconproject.com	aax-eu.amazon-adsystem.com eus.rubiconproject.com
2	match.sharethrough.com	aax-eu.amazon-adsystem.com cs-server-s2s.yellowblue.io
2	x.bidswitch.net	2 redirects
2	prebid.a-mo.net	hb.vntsm.com
2	htlb.casalemedia.com	hb.vntsm.com
2	apex.go.sonobi.com	hb.vntsm.com
2	bidder.criteo.com	hb.vntsm.com
2	mp.4dex.io	hb.vntsm.com
2	ap.lijit.com	hb.vntsm.com
2	aax.amazon-adsystem.com	c.amazon-adsystem.com
2	id.hadron.ad.gt	cdn.hadronid.net
2	script.4dex.io	hb.vntsm.com script.4dex.io
2	i.clean.gg	cadmus.script.ac
2	hb.vntsm.io	hb.vntsm.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google-analytics.com	minecraftcommand.science www.google-analytics.com
2	minotar.net	minecraftcommand.science
1	sync.ipredictive.com	1 redirects
1	ce.lijit.com	aax-eu.amazon-adsystem.com
1	hb.yahoo.net	aax-eu.amazon-adsystem.com
1	match.prod.bidr.io	aax-eu.amazon-adsystem.com
1	px.ads.linkedin.com	aax-eu.amazon-adsystem.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	cs.yellowblue.io	cs-server-s2s.yellowblue.io
1	ads.stickyadstv.com	1 redirects
1	pixel-eu.rubiconproject.com	1 redirects
1	s.company-target.com	1 redirects
1	cm.adgrx.com	ssum-sec.casalemedia.com
1	id5-sync.com	cdn.id5-sync.com
1	eb2.3lift.com	aax-eu.amazon-adsystem.com
1	ssbsync.smartadserver.com	1 redirects
1	cs.media.net	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	ad.turn.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	lb.eu-1-id5-sync.com	cadmus.script.ac
1	a.ad.gt	cadmus.script.ac
1	www.google.com	cadmus.script.ac
1	shb.richaudience.com	hb.vntsm.com
1	proc.ad.cpe.dotomi.com	secure.cdn.fastclick.net
1	pixel.quantserve.com
1	cdn.id5-sync.com	cadmus.script.ac
1	cdn.hadronid.net	cadmus.script.ac
1	12942995ee2ce71e57f234c9b362dbe1.safeframe.googlesyndication.com	cadmus.script.ac
1	cdn.edkt.io	hb.vntsm.com
1	config.aps.amazon-adsystem.com	cadmus.script.ac
1	rules.quantcount.com	cadmus.script.ac
1	secure.quantserve.com	hb.vntsm.com
1	p.cpx.to	hb.vntsm.com
1	cadmus.script.ac	hb.vntsm.com
1	ad-delivery.net	hb.vntsm.com
1	ats.rlcdn.com	hb.vntsm.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.google-analytics.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	fonts.googleapis.com	minecraftcommand.science
1	maxcdn.bootstrapcdn.com	minecraftcommand.science
1	g28carkeys.co.uk	minecraftcommand.science
192	93

This site contains links to these domains. Also see Links.

Domain
www.g28carkeys.co.uk
twitter.com
www.facebook.com

Subject Issuer	Validity	Valid
minecraftcommand.science R3	`2023-12-19` - `2024-03-18`	3 months	crt.sh
minotar.net E1	`2023-12-09` - `2024-03-08`	3 months	crt.sh
g28carkeys.co.uk R3	`2023-11-09` - `2024-02-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2023-11-30` - `2024-02-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.vntsm.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-10` - `2024-04-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-08-07` - `2024-08-06`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
script.ac E1	`2023-12-29` - `2024-03-28`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
p.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2023-01-12` - `2024-01-13`	a year	crt.sh
quantserve.com R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
i.clean.gg GTS CA 1D4	`2023-11-14` - `2024-02-12`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
api.edkt.io GTS CA 1D4	`2023-11-25` - `2024-02-23`	3 months	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2023-10-23` - `2024-10-22`	a year	crt.sh
*.venatusmedia.com Amazon RSA 2048 M02	`2023-12-25` - `2025-01-22`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
hadronid.net GTS CA 1P5	`2023-12-03` - `2024-03-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-06-09` - `2024-07-10`	a year	crt.sh
s.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2023-01-12` - `2024-01-17`	a year	crt.sh
*.richaudience.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-02-27` - `2024-02-26`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2023-12-07` - `2025-01-07`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.a-mo.net R3	`2023-11-07` - `2024-02-05`	3 months	crt.sh
a.ad.gt E1	`2023-12-12` - `2024-03-11`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-06-21` - `2024-03-02`	8 months	crt.sh
*.eu-1-id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.yellowblue.io Amazon ECDSA 256 M02	`2023-04-18` - `2024-05-16`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-03` - `2024-03-31`	a year	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2024-01-01` - `2024-12-21`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2023-08-24` - `2024-08-24`	a year	crt.sh
*.trustarc.com Amazon RSA 2048 M02	`2023-04-17` - `2024-05-14`	a year	crt.sh
*.match.prod.bidr.io Amazon RSA 2048 M03	`2023-11-28` - `2024-12-26`	a year	crt.sh

This page contains 23 frames:

Primary Page: https://minecraftcommand.science/profile/refundhelen38
Frame ID: 2527DEDB21F496808F0096343ACE4EE8
Requests: 55 HTTP requests in this frame

Frame: https://hb.vntsm.com/v3/live/ad-manager.min.js
Frame ID: 620584887E43CF1973636C12CF9ADC8E
Requests: 35 HTTP requests in this frame

Frame: https://hb.vntsm.com/ab/live/3pcookie/cookieTest.html
Frame ID: 2DB17616C2211A0E13F91214148BF230
Requests: 1 HTTP requests in this frame

Frame: https://12942995ee2ce71e57f234c9b362dbe1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FB11CAC62310C631EA32A44DAE238D05
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9B9AEADF1800D5C0562166D40FCAB1C5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1AD37AE871168D1BED9B5518B219E80A
Requests: 2 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&dcc=t
Frame ID: 1EB1BA85FC6314B3F701463AB8347751
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 3B7D46F8E78FD4215FEA0522A0924BA1
Requests: 5 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: F5E9F1C44BD42A559649927BC0AA8DBA
Requests: 10 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: F0AAB933E9B315F62FBA87C0D0208F48
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Frame ID: CE58D20FA5ED3CAE075D04034A393611
Requests: 20 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=2769084103397201519&gdpr=0&gdpr_consent=
Frame ID: 1A214B9F9C077580A47B3C2C7EEC4A3C
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=8793155108359610414&ex=appnexus.com
Frame ID: 8F26D93D976F9B430E822006C02C2BDE
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Frame ID: 83FF8645F8F9A166F4ECE3FFD44FBB72
Requests: 5 HTTP requests in this frame

Frame: https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
Frame ID: EFE00256B4CC5F537E19CD6B367E5395
Requests: 1 HTTP requests in this frame

Frame: https://dcdn.adnxs.com/renderer-content/00ab0017-eaa0-49b1-9182-9492e7def993
Frame ID: 280E2905230D0CEE005FCEA9B94F87D8
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=806&pub_id=1091809
Frame ID: C87B485854AE80C617CF233AF1AFC234
Requests: 3 HTTP requests in this frame

Frame: https://dcdn.adnxs.com/renderer-content/a4f48727-485d-4363-8605-740ff3c0710e
Frame ID: 4508A53EB7D8316A863AD0004845C56D
Requests: 9 HTTP requests in this frame

Frame: https://dcdn.adnxs.com/renderer-content/a4f48727-485d-4363-8605-740ff3c0710e
Frame ID: 78FEAD7A5AD7623A4D7EEAE45E8EE672
Requests: 9 HTTP requests in this frame

Frame: https://dcdn.adnxs.com/renderer-content/00ab0017-eaa0-49b1-9182-9492e7def993
Frame ID: A760DFB218E24D447CB0D07611C2CE8D
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=806&pub_id=1091809
Frame ID: EAAF6B6F13240A98D769A2459981518D
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=806&pub_id=1091809
Frame ID: A95DAFB9F67C6B10999B14E6036225A7
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=806&pub_id=1091809
Frame ID: 532F7F8BA22B3F5E5D400110A098CBB1
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

User refundhelen38 - Minecraft Command Science

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

192
Requests

85 %
HTTPS

42 %
IPv6

63
Domains

93
Subdomains

69
IPs

9
Countries

2655 kB
Transfer

7164 kB
Size

73
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.g28carkeys.co.uk/bmw-car-key-replacements-near-me/
Title: keyless entry bmw

Search URL Search Domain Scan URL

URL: http://twitter.com/MCScienceDB
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/Minecraft-Command-Science/1421928798102912
Title: Facebook

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm HTTP 302
https://s.cpx.to/sync?dsp_uid=CAESEMvDD0YINYyF0YlOm7p3Y58&dsp=dbm&google_cver=1

Request Chain 58

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Ffire.js%3Fdsp%3Dapp_nexus%26dsp_uid%3D%24UID%26pid%3D13058%26url%3Dhttps%253A%252F%252Fminecraftcommand.science%252Fprofile%252Frefundhelen38%26hn_ver%3D72%26fid%3D4c0f2303-a939-4ea6-bc97-f4395bf567ba%26dsp%3Dpub_common%26dsp_uid%3D0a62afcc-da43-4b9a-85d7-403e79894b48 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Ffire.js%253Fdsp%253Dapp_nexus%2526dsp_uid%253D%2524UID%2526pid%253D13058%2526url%253Dhttps%25253A%25252F%25252Fminecraftcommand.science%25252Fprofile%25252Frefundhelen38%2526hn_ver%253D72%2526fid%253D4c0f2303-a939-4ea6-bc97-f4395bf567ba%2526dsp%253Dpub_common%2526dsp_uid%253D0a62afcc-da43-4b9a-85d7-403e79894b48 HTTP 302
https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=8793155108359610414&pid=13058&url=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38&hn_ver=72&fid=4c0f2303-a939-4ea6-bc97-f4395bf567ba&dsp=pub_common&dsp_uid=0a62afcc-da43-4b9a-85d7-403e79894b48

Request Chain 59

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID HTTP 302
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=38075D09-E000-4A78-8BD3-677F417BA43B

Request Chain 91

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&dcc=t

Request Chain 97

https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com/s%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=5d3cd70593

Request Chain 98

https://x.bidswitch.net/check_uuid/https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=mediagrid.com&id=4604c5ff-336d-4aee-84e1-4f6824666dd1

Request Chain 99

https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1704339271330 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=6193506209 HTTP 302
https://sync.1rx.io/usersync/turn/3504620326854103646?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-03be1281-fca7-4be1-a762-d1ea802c2be6-003?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Drhythmone.com%26id%3DRX-03be1281-fca7-4be1-a762-d1ea802c2be6-003 HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rhythmone.com&id=RX-03be1281-fca7-4be1-a762-d1ea802c2be6-003

Request Chain 100

https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=media.net&id=3473408717299857000V10

Request Chain 101

https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1

Request Chain 104

https://ssbsync.smartadserver.com/api/sync?callerId=2 HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=2769084103397201519&gdpr=0&gdpr_consent=

Request Chain 105

https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?id=8793155108359610414&ex=appnexus.com

Request Chain 110

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZZYnRwsphDK_tF43iTx4BwAAFLIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESED_8jHIRxVDe1a7KDyHRCyA&google_cver=1

Request Chain 111

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZZYnRwsphDK-tF43iTx4BwAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELp09vp0PF1-aYXDBpIxHfI&google_cver=1

Request Chain 112

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZZYnRwsphDK-tF43iTx4BwAA%265298&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZZYnRwsphDK-tF43iTx4BwAA%265298&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=0c9f6957f6604f92b329a50e4a90be3e HTTP 303
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0

Request Chain 116

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1720064071&external_user_id=ed7bda9d-2646-4bb5-840f-c9d095df6057

Request Chain 117

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8793155108359610414

Request Chain 123

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu&khaos=LQYNLHL6-5-LBNA HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?id=LQYNLHL6-5-LBNA&ex=d-rubiconproject.com&status=ok

Request Chain 131

https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
https://cs.yellowblue.io/cs?aid=11601&id=758fd75aaec4afea83f652ad358df5a&gdpr_consent=&gdpr=0

Request Chain 132

https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzgwNzVEMDktRTAwMC00QTc4LThCRDMtNjc3RjQxN0JBNDNC&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECqI_WoFVOk5XCnIOQDm5IE&google_cver=1 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=38075D09-E000-4A78-8BD3-677F417BA43B

Request Chain 136

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/7woTEBEjuPa03XoCvc0l2g?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Y_J1_wlE2oJc2eKccXLGeTVQlomgSR8rQOqDlA--~A

Request Chain 137

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQYNLHL6-5-LBNA

Request Chain 139

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFFZTkxITDYtNS1MQk5B HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEQZnNIIvxPoMPo-DHOQ9xE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFZTkxITDYtNS1MQk5B&google_push=

Request Chain 140

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=NA3xqc5zQEW7uAF40FMBDQ&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=NA3xqc5zQEW7uAF40FMBDQ

Request Chain 141

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=MLT26_NISeisEKy79wEm8g&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=MLT26_NISeisEKy79wEm8g

Request Chain 142

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGJmYzM3MjhjNmJlNTY5ZjkxNGEyM2QzNTg2NzgxMjBmMjAwYTRjMg

Request Chain 143

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECjCOnrL_cwwKSDV3jmNH8c&google_cver=1

Request Chain 144

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
https://s.amazon-adsystem.com/ecm3?id=LQYNLHL6-5-LBNA&ex=d-rubiconproject.com&status=ok

Request Chain 146

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQYNLHL6-5-LBNA&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQYNLHL6-5-LBNA&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LQYNLHL6-5-LBNA&redir=true HTTP 302
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1qdGhKMG5SRTJ1R3NWNUEzRjRhSFU1U2doZlpBWEwuRX5B&ovsid=LQYNLHL6-5-LBNA&dpid=58160

Request Chain 147

https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
https://ce.lijit.com/merge?pid=80&3pid=LQYNLHL6-5-LBNA

Request Chain 148

https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQYNLHL6-5-LBNA HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LQYNLHL6-5-LBNA

Request Chain 149

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQYNLHL6-5-LBNA

Request Chain 150

https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
https://capi.connatix.com/us/pixel?puid=LQYNLHL6-5-LBNA&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://capi.connatix.com/us/pixel?puid=LQYNLHL6-5-LBNA&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true

Request Chain 151

https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=17d26e15-4caa-432c-b300-ca919adfdb78&expires=30

192 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request refundhelen38 Show response
minecraftcommand.science/profile/ 33 KB
33 KB 1247ms
904ms Document
text/html 68.178.206.128
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://minecraftcommand.science/profile/refundhelen38

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

68.178.206.128 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

128.206.178.68.host.secureserver.net

Software

nginx/1.20.1 + Phusion Passenger(R) 6.0.18 / Phusion Passenger(R) 6.0.18

Resource Hash

7553a6fe0244fabf4dd63f2fe3ab559d3facfb548feb74b7912a63dc244b7525

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Date: Thu, 04 Jan 2024 03:34:27 GMT
ETag: W/"440282a728635d94a2aae9c91c9417bd"
Server: nginx/1.20.1 + Phusion Passenger(R) 6.0.18
Status: 200 OK
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Powered-By: Phusion Passenger(R) 6.0.18
X-Request-Id: f973e4bd-e7c1-46cb-819e-20f6638e0227
X-Runtime: 0.566903
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK application-73699e5533d189f34a09c47c1808a3117a833c07bc3abec85deae400a8a7f7d5.css
minecraftcommand.science/assets/ 1 MB
92 KB 168ms
167ms Stylesheet
text/css 68.178.206.128
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://minecraftcommand.science/assets/application-73699e5533d189f34a09c47c1808a3117a833c07bc3abec85deae400a8a7f7d5.css
Requested by: Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/refundhelen38
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.178.206.128 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 128.206.178.68.host.secureserver.net
Software: nginx/1.20.1 /
Resource Hash: 73699e5533d189f34a09c47c1808a3117a833c07bc3abec85deae400a8a7f7d5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/profile/refundhelen38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 03:34:27 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Oct 2017 15:07:51 GMT
Server: nginx/1.20.1
ETag: "59db90c7-16dce"
Content-Type: text/css
Cache-Control: max-age=315360000, public
Connection: keep-alive
Content-Length: 93646
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 21
minotar.net/avatar/char/ 196 B
905 B 101ms
25ms Image
image/png 2606:4700:3038::6815:ea0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://minotar.net/avatar/char/21
Requested by: Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/refundhelen38
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3f19a1ade6474b8661f810e930f94e8f4c4fd26f21cd03eaa0ac648dcaa3131

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 03:34:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend: ingress-ingress-nginx-controller-q422m, ingress-ingress-nginx-controller-w8sqr
age: 3466
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 196
server: cloudflare
etag: 441da14551f196fba45710419f07e292778f54cfb85bcf3fad2735b9b856715a
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YgWH%2FkxBVcC625PpD7Y6RgJWWRnzJplMaEogt7KbrHxVy7uz61oFBDKJx1NeNZ5D6DQa1bNNKNyFXtzqdIklPrUgLGTOK15mBHZFnic1d0wCNCwE%2FlS1joUakILZJDNRqJBDdivLSDrwRg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=21600
accept-ranges: bytes
cf-ray: 84006d067ef3ba9f-MXP
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
x-req-url: /avatar/char/21

GET
H/1.1 200
OK application-bc3a01e9fcf80054708c94f3c48595ef7171cc11b64d741ca3e6c034c9b9b8f1.js Show response
minecraftcommand.science/assets/ 1 MB
262 KB 671ms
335ms Script
application/javascript 68.178.206.128
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://minecraftcommand.science/assets/application-bc3a01e9fcf80054708c94f3c48595ef7171cc11b64d741ca3e6c034c9b9b8f1.js
Requested by: Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/refundhelen38
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.178.206.128 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 128.206.178.68.host.secureserver.net
Software: nginx/1.20.1 /
Resource Hash: bc3a01e9fcf80054708c94f3c48595ef7171cc11b64d741ca3e6c034c9b9b8f1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/profile/refundhelen38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 03:34:27 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Jan 2018 16:09:22 GMT
Server: nginx/1.20.1
ETag: "5a5397b2-415a9"
Content-Type: application/javascript
Cache-Control: max-age=315360000, public
Connection: keep-alive
Content-Length: 267689
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 40.png
minotar.net/avatar/refundhelen38/ 402 B
811 B 420ms
345ms Image
image/png 2606:4700:3038::6815:ea0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://minotar.net/avatar/refundhelen38/40.png
Requested by: Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/refundhelen38
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a96570884248680f13fcb764449d55a74fccc7bfbf81478f79e88e87d0466bd4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 03:34:27 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend: ingress-ingress-nginx-controller-8m9xz, ingress-ingress-nginx-controller-q422m
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 402
server: cloudflare
etag: 98903c1609352e11552dca79eb1ce3d6
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2FTw7xYmMXk7nGXpedbHWEMIw03dIRIDwO1viW9KZWqVr%2BrdROVvJzTUAXutkSj7XmB1LFaZtL7mlBMfSOd2L%2BU3xYCAcdjO0%2BGUki33giunfR3cGLuk3jK0ZHTdytPjCnnC1mWRgb6y5A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=21600
accept-ranges: bytes
cf-ray: 84006d067ef1ba9f-MXP
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
x-req-url: /avatar/refundhelen38/40.png

GET
H2 200 FIAT.png
g28carkeys.co.uk/wp-content/uploads/2023/10/ 60 KB
60 KB 1014ms
731ms Image
image/webp 2a02:4780:23:8977:378c:548e:e74d:f002
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g28carkeys.co.uk/wp-content/uploads/2023/10/FIAT.png
Requested by: Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/refundhelen38
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:4780:23:8977:378c:548e:e74d:f002 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: a6f2607eb5570a902daf36bf676fc27fd1fd271409b32807b8c60e30469146de

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 03:34:28 GMT
x-hcdn-cache-status: MISS
server: hcdn
x-hcdn-request-id: 2dcea0b98ff07d66c138a03b59ea7cfb-srv-edge1
content-type: image/webp
cache-control: max-age=31536000
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 0.703
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 61306
expires: Thu, 11 Jan 2024 03:34:28 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 69ms
22ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/refundhelen38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 04 Jan 2024 03:22:25 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 722
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 04 Jan 2024 05:22:25 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 23 KB
6 KB 55ms
22ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/refundhelen38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 03:34:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 632, 617, 617
age: 3031523
cdn-cachedat: 2021-06-08 21:08:57
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: e6a55b08fe5091f45c9e99ce9e9f98c2
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 84006d086bde24c2-ZRH
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 33 KB
2 KB 79ms
31ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,700italic,400,300,700

Requested by

Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/refundhelen38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c5813242b4b35a236d4ef477d0bcc41e47f2d195703dc95f928852381be4c509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 04 Jan 2024 03:34:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 04 Jan 2024 03:17:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Jan 2024 03:34:27 GMT

GET
H/1.1 200
OK MCS-logo.png
minecraftcommand.science/images/ 3 KB
4 KB 167ms
167ms Image
image/png 68.178.206.128
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://minecraftcommand.science/images/MCS-logo.png
Requested by: Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/refundhelen38
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.178.206.128 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 128.206.178.68.host.secureserver.net
Software: nginx/1.20.1 /
Resource Hash: 29e052c25b24f6d8f7df3f31422cdbd4c66e6d25316576e896b2cd616f710cd9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/profile/refundhelen38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 03:34:27 GMT
Last-Modified: Mon, 14 Aug 2017 22:41:41 GMT
Server: nginx/1.20.1
ETag: "59922725-d98"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3480

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
227 B 27ms
27ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=121522785&t=pageview&_s=1&dl=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38&ul=en-us&de=UTF-8&dt=User%20refundhelen38%20-%20Minecraft%20Command%20Science&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=501213893&gjid=2029650883&cid=1124578720.1704339268&tid=UA-100359114-1&_gid=1954014052.1704339268&_r=1&_slc=1&z=103644965

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

943b93d375f7d0df4fdb35c444ddcf42e764b2ea9075492645871be142c76d08

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 69ms
20ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,700italic,400,300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://minecraftcommand.science
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 06:01:29 GMT
x-content-type-options: nosniff
age: 595979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Dec 2024 06:01:29 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
351 B 122ms
56ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-100359114-1&cid=1124578720.1704339268&jid=501213893&gjid=2029650883&_gid=1954014052.1704339268&_u=IEBAAEAAAAAAACAAI~&z=1230820952

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 04 Jan 2024 03:34:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
79 KB 85ms
36ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MTB0WFGVZX&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5bf98b49a10a8dd9340801c887594a59d636f7477cdb80a2d963b61a100da510

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 03:34:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80934
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 04 Jan 2024 03:34:28 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
259 B 91ms
36ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-MTB0WFGVZX&gtm=45je3bt0v9119136280&_p=1704339267986&gcd=11l1l1l1l2&dma=0&ul=en-us&sr=1600x1200&cid=1124578720.1704339268&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38&dt=User%20refundhelen38%20-%20Minecraft%20Command%20Science&sid=1704339268&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1883
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MTB0WFGVZX&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad-manager.min.js Show response
hb.vntsm.com/v3/live/ Frame 6205 1017 KB
300 KB 118ms
24ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Requested by: Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/refundhelen38
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 2116c65abca7bd2f71caa0e2f67ed5dde2eebddb7ebbfbf1ca30b7b2e65ecba9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 03:34:28 GMT
content-encoding: br
cdn-edgestorageid: 1081
x-amz-server-side-encryption: AES256
cdn-cachedat: 01/03/2024 19:01:41
cdn-pullzone: 131999
last-modified: Wed, 03 Jan 2024 13:24:18 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"a76f40ca5f4bb7001c4a779f751df138"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
access-control-expose-headers: x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
cache-control: public, max-age=86400
x-bl: 0
cdn-requestid: fa03933c6ba925646f2867b16892b14b
cdn-requestcountrycode: CH
access-control-allow-headers: cdn-requestcountrycode,Content-Type,x-bl,ref_url
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v40/ 49 KB
49 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,700italic,400,300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://minecraftcommand.science
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 06:36:28 GMT
x-content-type-options: nosniff
age: 593880
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50296
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:10:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Dec 2024 06:36:28 GMT

GET
H2 200 content.html Show response
hb.vntsm.io/ Frame 6205 32 B
674 B 521ms
454ms Fetch
text/html 2606:4700:10::ac43:2483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.io/content.html
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 03:34:29 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: HEAGEBBHNQT1FXQ2
content-length: 32
x-amz-id-2: 4L2P9TqEPIn1HSEc/9sxdch+Mp8ortttVqK80osE3qRiCz7vnxSSnJv+RqCJVV+Fz6jAYIn0gQJlhF+Q0jQZZDY7ZpD+sside2xzJ87JC4s=
geo: CH
last-modified: Thu, 14 Oct 2021 10:47:47 GMT
server: cloudflare
etag: "2f58b9ff601fd509249a9e7628a21c33"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84006d0fce74bb1f-MXP

GET
H2 200 59b1012e46e0fb00016a7b73.enc Show response
hb.vntsm.com/v2/live/ Frame 6205 46 KB
7 KB 71ms
24ms XHR
text/plain 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.com/v2/live/59b1012e46e0fb00016a7b73.enc
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 65b10d43bc68bbcc8ce8c539376422177785089220b216a273a75f868b3a3629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 03:34:29 GMT
content-encoding: br
cdn-edgestorageid: 1081
x-amz-server-side-encryption: AES256
cdn-cachedat: 01/03/2024 19:07:20
cdn-pullzone: 131999
last-modified: Thu, 16 Nov 2023 12:17:01 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"2e065aec27e717a658b07171ccf44de1"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/plain
access-control-allow-origin: *
cdn-cache: STALE
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
access-control-expose-headers: x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
access-control-allow-credentials: true
x-bl: 0
cache-control: public, max-age=86400
cdn-requestid: eec18dfedfbce7bdae0f374abbfb0cc0
cdn-requestcountrycode: CH
access-control-allow-headers: cdn-requestcountrycode,Content-Type,x-bl,ref_url
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 cookieTest.html Show response
hb.vntsm.com/ab/live/3pcookie/ Frame 2DB1 967 B
1 KB 24ms
24ms Document
text/html 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.com/ab/live/3pcookie/cookieTest.html
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 5963155991ef6cccaa5ccde93b269c06161b4e36b2784be6028b78c954a3c569

Request headers

Referer: https://minecraftcommand.science/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-headers: cdn-requestcountrycode,Content-Type,x-bl,ref_url
access-control-allow-methods: GET, OPTIONS
access-control-expose-headers: x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
cache-control: public, max-age=86400
cdn-cache: HIT
cdn-cachedat: 01/03/2024 19:01:26
cdn-edgestorageid: 1080
cdn-proxyver: 1.04
cdn-pullzone: 131999
cdn-requestcountrycode: CH
cdn-requestid: 809fb40923f963be7b7c3165a173746e
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-status: 200
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
content-encoding: br
content-type: text/html
date: Thu, 04 Jan 2024 03:34:29 GMT
etag: W/"d80b9831e6e7896aa97e84d70f49e545"
last-modified: Sun, 10 Sep 2023 14:04:21 GMT
server: BunnyCDN-DE1-1082
vary: Accept-Encoding
x-amz-server-side-encryption: AES256
x-bl: 0

GET
H2 200 content.html Show response
hb.vntsm.io/ Frame 6205 32 B
290 B 459ms
459ms Fetch
text/html 2606:4700:10::ac43:2483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.io/content.html
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 03:34:29 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: HEAGEBBHNQT1FXQ2
content-length: 32
x-amz-id-2: 4L2P9TqEPIn1HSEc/9sxdch+Mp8ortttVqK80osE3qRiCz7vnxSSnJv+RqCJVV+Fz6jAYIn0gQJlhF+Q0jQZZDY7ZpD+sside2xzJ87JC4s=
geo: CH
last-modified: Thu, 14 Oct 2021 10:47:47 GMT
server: cloudflare
etag: "2f58b9ff601fd509249a9e7628a21c33"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84006d0fde79bb1f-MXP

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 110 KB
37 KB 87ms
27ms Script
text/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-49.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2aa2577c105dab138246b4e0a1f575b3c92c30d5aced108d3f73897bd46823f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: x5VtTe.o38AhKNl9GXJ.IeIaII4uy0GZ
content-encoding: gzip
via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
date: Wed, 03 Jan 2024 07:47:37 GMT
last-modified: Thu, 19 Oct 2023 08:25:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 84790
x-amz-server-side-encryption: AES256
etag: W/"b248cc9d0fdeb36bdeb7efabad1132ee"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: l80ZrmNQWR2HxqwCg_OBvSVftX57Y7_rq2K_WLz2o3DJtsXBpary1A==

GET
H2 200 px.gif Show response
ad-delivery.net/ Frame 6205 43 B
920 B 75ms
27ms Fetch
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 03:34:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 236445
x-guploader-uploadid: ABPtcPrh8dKJ39HCggVckim4Y8WGFnua5TXLQtXksKlXXHIfORAccx48CgC9Vfz_nbff3rV8bqU5xR3Egw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lCwMH3m%2BKEq%2BDLRtKCX2poVBUrRZD6iF6jdgRVWtGW7CTJjsqpy155ii0EuJfNPWMau9lyv8eK6H5EBfJDZH7wS1I4%2BDQY2ir1naifApC9mpoBydSbeV%2BFWlrKE5EqGtGb1yhrBTjZ80rkvAzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 84006d1309350e8f-MXP
expires: Mon, 01 Jan 2024 10:10:55 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
29 KB 129ms
80ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

33110fbabe1bedc75caa0fdae230908432c7aebd1dfd12dc06ebe70cc1c5e95c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 03:34:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29086
x-xss-protection: 0
server: cafe
etag: 385 / 19726 / m202312070101 / config-hash: 10365728498389725555
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 04 Jan 2024 03:34:29 GMT

GET
H2 200 script.js Show response
cadmus.script.ac/d1oykxszdrgjgl/ 129 KB
45 KB 63ms
21ms Script
application/javascript 2606:4700::6812:1691
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07addf3375eedff5e82a126903c263eaf10bee17d4ed2aca0da749625395cdd6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 03:34:29 GMT
content-encoding: gzip
last-modified: Wed, 03 Jan 2024 22:34:17 GMT
server: cloudflare
age: 0
etag: W/"8202fc96bcb9115ecf295a3f5bd23d1f652a49f7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray: 84006d14ce6f0211-ZRH

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 282 KB
70 KB 106ms
33ms Script
application/javascript 18.239.69.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-131.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 03:13:10 GMT
content-encoding: gzip
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront), 1.1 d0ade5b002ae847eefd25c219f24b24c.cloudfront.net (CloudFront)
last-modified: Tue, 12 Dec 2023 22:20:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, AMS58-P4
age: 1280
x-amz-server-side-encryption: AES256
etag: W/"d6937d02acbbf691a008906e9d0617e0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: Fu7r2Dw82qiQPxMjthGYHKYTKwNZBhvAQcReDNdEVyHHI8hhG78D0Q==

GET
H2 200 px.js Show response
p.cpx.to/p/13058/ 4 KB
4 KB 158ms
41ms Script
application/javascript 108.128.207.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/13058/px.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.207.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-207-160.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 961813c2cc407cc2f799d1d4b17e1bb11730d890608625f8b74513143614f9b2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 03:34:29 GMT
cache-control: public, max-age=2419200
content-length: 4396
content-type: application/javascript; charset=UTF-8

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 94ms
21ms Script
application/javascript 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 03:34:29 GMT
content-encoding: gzip
etag: "bvEECQq4Zy6gU9J/qv1O6Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 11 Jan 2024 03:34:29 GMT

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 149ms
108ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://minecraftcommand.science
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Thu, 04 Jan 2024 03:34:30 GMT
server: nginx/1.21.6
via: 1.1 google

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 109ms
108ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 04 Jan 2024 03:34:30 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 rules-p-Hwnr8j7tWA3Nu.js Show response
rules.quantcount.com/ 2 KB
1 KB 95ms
28ms Script
application/javascript 2600:9000:2127:4a00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-Hwnr8j7tWA3Nu.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:4a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b80a4d9175dc7cb05b42205ce1f8235139b7cc754653a82974f340dbb9bcf408

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 03:05:39 GMT
content-encoding: gzip
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 1758
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Oct 2022 23:45:13 GMT
server: AmazonS3
etag: W/"25e2d4f54b5bb37c6c82b554454ef41a"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: oEAfWVwWQVcd5u9SzBARGU_OyUWUDnz-9RWXD1N9YN_ZknCSZ6smiQ==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/ 432 KB
135 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

013fc39efb38a28d8eccab58189059646847bc5c54e1c4b637e874b6109ee0ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 15:43:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42687
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138203
x-xss-protection: 0
server: cafe
etag: 14959461090202361603
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 02 Jan 2025 15:43:02 GMT

GET
H2 200 70247b00-ff8f-4016-b3ab-8344daf96e09 Show response
config.aps.amazon-adsystem.com/configs/ 564 B
839 B 111ms
34ms Script
application/javascript 65.9.95.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/70247b00-ff8f-4016-b3ab-8344daf96e09
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-29.prg50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 1e7c172871601fadf7b144e494a0f9bd1a5644028a490b0c62df89a678347b72

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 02:46:53 GMT
via: 1.1 f18b0bd4a5b62e5fb49428cc4789689e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: PRG50-C1
age: 2857
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 564
x-amz-cf-id: UVkOdqzNqMGt6h04EozTl5-oA8vm01hmTKf6qFNWfBo1OC9C-t3Ycw==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 2 KB
3 KB 53ms
53ms XHR
application/json 18.239.69.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fminecraftcommand.science&pubid=70247b00-ff8f-4016-b3ab-8344daf96e09
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-131.ams58.r.cloudfront.net
Software: Server /
Resource Hash: 4b56c73fc679df3678714fc5f2b472950c698f4ddcc76de9f67be729cd4e14e5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 03:12:37 GMT
via: 1.1 d0ade5b002ae847eefd25c219f24b24c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P4
age: 1313
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://minecraftcommand.science
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 2353
x-amz-cf-id: 3jLHdG-7VIxCf-kuI8P1eiJitAwZ57LIVhEomfuugWqsb96-mkD0ug==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 88ms
30ms XHR
application/javascript 18.239.69.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-131.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 d1b1cc661d55a3f8a88f240826e4f38c.cloudfront.net (CloudFront)
date: Wed, 03 Jan 2024 06:37:51 GMT
x-amz-cf-pop: AMS58-P4
age: 75400
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: zAipoSGR_KoqRXP_2uR9yhi29z6izJmQ7FtPPzXy2jlbzSVAH-NMiA==

GET
H2 200 getuidj Show response
ib.adnxs.com/ 11 B
579 B 77ms
23ms Fetch
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:30 GMT
an-x-request-uuid: 459a8678-34e0-4488-943d-5119dd11c6ef
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 176.10.107.230; 176.10.107.230; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
427 B 202ms
42ms Fetch
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=0fkciot&fmt=json
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: ee1e369625c48edb31d85c886b0dfe6d5f0143040d9997a49d0b2ca5373fe105

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 03:34:30 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://minecraftcommand.science
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Sat, 03 Feb 2024 03:34:30 GMT

GET
H2 200 edgekit.min.js Show response
cdn.edkt.io/rNn9xk/ Frame 6205 23 KB
8 KB 54ms
16ms Script
text/javascript 34.120.111.33
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.edkt.io/rNn9xk/edgekit.min.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.111.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 33.111.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 52edb8a053b824a4bf919e8489aadd1420d86f20b6d622d7188ee5aa5e955d91

Request headers

Referer: https://minecraftcommand.science/
Origin: https://minecraftcommand.science
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 05:14:07 GMT
content-encoding: gzip
age: 80423
x-guploader-uploadid: ABPtcPo0M6DsW5cMWE-mtkPAbHnGrhEOJeG1cBENiHPuesoAvDTdNQ7hbGHRNaRsQygVgDA1WGN44-l-5pbiYgYJPqH_8w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7874
last-modified: Wed, 20 Dec 2023 18:07:58 GMT
server: UploadServer
etag: "ca3331c8da5854fb047074298f911730"
x-goog-generation: 1703095678379268
x-goog-hash: crc32c=/eqo/g==, md5=yjMxyNpYVPsEcHQpj5EXMA==
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 7874
accept-ranges: bytes
expires: Thu, 04 Jan 2024 05:14:07 GMT

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ Frame 6205 483 B
1020 B 74ms
25ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 03:34:30 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Mon, 27 Nov 2023 07:14:08 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 591582
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LT8fQ4LBmKVLO8ZS2RYnDVmXqVCoJxWky0hcILEtXOpBQealuL08t9YJXt%2Fvj0ccq%2FxhM55sk8VLRbA3p4R4vAf0htpFpzbH%2B2bC%2BCODjmrm98rm93pttdD1njqyxFnFXRl7ivCIeC7bjNDC"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 84006d15ea1d5271-MXP

POST
H2 200 track_enc Show response
track.venatusmedia.com/dual/ Frame 6205 16 B
170 B 129ms
40ms XHR
application/json 34.255.103.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.venatusmedia.com/dual/track_enc
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.103.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-103-93.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://minecraftcommand.science
date: Thu, 04 Jan 2024 03:34:30 GMT
access-control-allow-credentials: true
content-length: 16
vary: Origin
content-type: application/json

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 754 B
415 B 222ms
221ms Fetch
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

723616d5825ebfd924dab0b0d04a377acc3b1a4c7c50d71f1a9a27fd00a2dd79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 03:34:30 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 384
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 116ms
67ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312070101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2cb8bc62166161e9a2927ff14b5f8f3febb694aa31a5604a54a5fb21713fdd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 03:34:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12431
x-xss-protection: 0

GET
H2 200 container.html Show response
12942995ee2ce71e57f234c9b362dbe1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FB11 6 KB
3 KB 110ms
28ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12942995ee2ce71e57f234c9b362dbe1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://minecraftcommand.science/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 04 Jan 2024 03:34:30 GMT
expires: Fri, 03 Jan 2025 03:34:30 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 104ms
23ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 03:34:30 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Thu, 04 Jan 2024 03:49:30 GMT

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 55 KB
10 KB 78ms
28ms Script
application/javascript 2606:4700:10::6816:35ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38&ref=&_it=amazon&partner_id=288
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 03:34:30 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 29 Nov 2023 15:31:45 GMT
server: cloudflare
x-amz-request-id: 01CC8G5F16RM7B26
age: 4668
etag: W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 84006d16383a0e6f-MXP
x-amz-id-2: HXRUR8HjAo6USwQLdtHY+PYQf8tGuqDCh/+7XnINsX6lV9HyCEeo0/fdHmm/D8O2xprGCoT8y84=

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 151 KB
33 KB 80ms
31ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 03:34:30 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 07 Dec 2023 12:57:20 GMT
server: cloudflare
x-amz-request-id: CSV639XZVAXYW523
age: 698
etag: W/"7229163a9092e2cee472ddee92dcb6ba"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 84006d163faf4c4a-MXP
x-amz-id-2: 2FD09HytchNN4KZw9qpref2jJ8SFBdPh6xwocagLbSQ3ztkUE4k3zGMqLEK0+pPGT3YbVZbToRMXLIjgA9AzmA==

GET
H2 200 launcher-stub.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 14 KB
5 KB 102ms
22ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 03:34:30 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "38c0-5e92054540ea5-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 5252
expires: Thu, 04 Jan 2024 03:49:30 GMT

GET
H2 200 pixel;r=879084985;labels=All.Title.User%20refundhelen38%2CAll.Type.website%20tool%2CAll.Site.MinecraftCommand%20Science%2CAll.Url.https%3A%2F%2Fminecraftcommand%20science%2Fprofile%2Frefundhelen38;...
pixel.quantserve.com/ 35 B
372 B 53ms
23ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=879084985;labels=All.Title.User%20refundhelen38%2CAll.Type.website%20tool%2CAll.Site.MinecraftCommand%20Science%2CAll.Url.https%3A%2F%2Fminecraftcommand%20science%2Fprofile%2Frefundhelen38;rf=0;a=p-Hwnr8j7tWA3Nu;url=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38;uht=2;fpan=1;fpa=P0-397789036-1704339269937;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=minecraftcommand.science;dst=1;et=1704339270066;tzo=-60;ogl=title.User%20refundhelen38%2Cimage.%2F%2Fminecraftcommand%252Escience%2Fimages%2Fmc-social%252Epng%2Ctype.website%252Etool%2Curl.https%3A%2F%2Fminecraftcommand%252Escience%2Fprofile%2Frefundhelen38%2Clocale.en_US%2Clocale%3Aalternate.de_DE%2Clocale%3Aalternate.de_CH%2Csite_name.MinecraftCommand%252EScience;ses=0c47155e-e4df-4a7b-ab8c-d0ada9c98243;mdl=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:30 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ Frame 6205 75 KB
24 KB 67ms
28ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 03:34:30 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 332159
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 27 Nov 2023 07:14:07 GMT
Server: cloudflare
ETag: W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BHKuL1LDBPQPfITXLMB9lkZ4RpEsPlaUPofJhKt8cwVbGG%2BGvXPlQcvDHlrrBrI%2FZQuqfHekLQ4VZGZkp2rugGXgRDrV8SwBn0Tvfal6BeOI50pGW1B7JlbGHlqo09UavYBvkfBzTAjfmd41"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 84006d165f6f4bd9-MXP

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 109 B
296 B 180ms
180ms XHR
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=288&sync=0&domain=minecraftcommand.science&url=https://minecraftcommand.science/profile/refundhelen38
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38&ref=&_it=amazon&partner_id=288
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b652ceea01f558db56d2cfe99abc69c571922def782951bf46c638b2c60d1c1

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 04 Jan 2024 03:34:30 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: private,max-age=30
access-control-allow-credentials: true
debug: NON-OPTIONS
access-control-allow-headers: authorization
cf-ray: 84006d17ea880d6a-MXP

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 228ms
172ms Preflight
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=288&sync=0&domain=minecraftcommand.science&url=https://minecraftcommand.science/profile/refundhelen38
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://minecraftcommand.science
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 84006d16ca1f0d6a-MXP
content-length: 0
content-type: application/json
date: Thu, 04 Jan 2024 03:34:30 GMT
debug: OPTIONS block
expires: Fri, 03 Jan 2025 03:34:30 GMT
server: cloudflare

GET
H2 200 launcher.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 49 KB
17 KB 25ms
25ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 03:34:30 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "c4b6-5e920545406d3-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17042
expires: Thu, 04 Jan 2024 03:49:30 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 241ms
185ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 03:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 03:34:30 GMT

GET
H2 200 launcher Show response
proc.ad.cpe.dotomi.com/cvx/client/direct/ 190 B
468 B 126ms
25ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 03:34:30 GMT
server: nginx
accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
vary: Origin
content-type: application/json
access-control-allow-origin: https://minecraftcommand.science
cache-control: max-age=1800
access-control-allow-credentials: true
content-length: 190
expires: Thu, 04 Jan 2024 04:04:30 GMT

POST
H2 200 fire.js Show response
s.cpx.to/ 43 B
333 B 156ms
43ms Fetch 52.214.64.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.cpx.to/fire.js?pid=13058&url=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38&hn_ver=72&fid=4c0f2303-a939-4ea6-bc97-f4395bf567ba&dsp=pub_common&dsp_uid=0a62afcc-da43-4b9a-85d7-403e79894b48
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.64.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-64-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 5b4122cd2abb1fe4a6f9de82ccf1d4cb111c294a9c66e20546615a1f8609713a

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://minecraftcommand.science
date: Thu, 04 Jan 2024 03:34:30 GMT
access-control-allow-credentials: true
expires: Thu, 04 Jan 2024 03:34:30 GMT
content-length: 43
vary: Origin
p3p: CP="NOI DEV ADM"

POST
H2 200 / Show response
shb.richaudience.com/hb/ Frame 6205 1 B
253 B 102ms
45ms XHR
text/html 178.63.241.79
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.63.241.79 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.79.241.63.178.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 04 Jan 2024 03:34:30 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://minecraftcommand.science
access-control-allow-credentials: true

GET
H2 200 coreid.min.js Show response
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 229 KB
66 KB 22ms
22ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 03:34:30 GMT
content-encoding: gzip
last-modified: Mon, 23 Oct 2023 16:23:46 GMT
server: Apache
etag: "394d0-60864a57eaadc-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 67550
expires: Thu, 04 Jan 2024 03:49:30 GMT

GET
H/1.1 204
No Content token
pixel.rubiconproject.com/ 0
653 B 121ms
26ms Image
text/plain 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/token?pid=34010&customParamenters
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 579d6dd278f76ae39d067788043e4297
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

sync
s.cpx.to/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm
https://s.cpx.to/sync?dsp_uid=CAESEMvDD0YINYyF0YlOm7p3Y58&dsp=dbm&google_cver=1

0
304 B

43ms
43ms

Image
text/plain

52.214.64.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/sync?dsp_uid=CAESEMvDD0YINYyF0YlOm7p3Y58&dsp=dbm&google_cver=1
Protocol: H2
Server: 52.214.64.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-64-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Thu, 04 Jan 2024 03:34:30 GMT
date: Thu, 04 Jan 2024 03:34:30 GMT
p3p: CP="NOI DEV ADM"

Redirect headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.cpx.to/sync?dsp_uid=CAESEMvDD0YINYyF0YlOm7p3Y58&dsp=dbm&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 284
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

fire.js
s.cpx.to/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Ffire.js%3Fdsp%3Dapp_nexus%26dsp_uid%3D%24UID%26pid%3D13058%26url%3Dhttps%253A%252F%252Fminecraftcommand.science%252Fprofile%252Frefundhelen3...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Ffire.js%253Fdsp%253Dapp_nexus%2526dsp_uid%253D%2524UID%2526pid%253D13058%2526url%253Dhttps%25253A%25252F%25252Fminecraft...
https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=8793155108359610414&pid=13058&url=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38&hn_ver=72&fid=4c0f2303-a939-4ea6-bc97-f4395bf567ba&...

33 B
33 B

44ms
42ms

Image
text/plain

52.214.64.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=8793155108359610414&pid=13058&url=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38&hn_ver=72&fid=4c0f2303-a939-4ea6-bc97-f4395bf567ba&dsp=pub_common&dsp_uid=0a62afcc-da43-4b9a-85d7-403e79894b48
Protocol: H2
Server: 52.214.64.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-64-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p: CP="NOI DEV ADM"
date: Thu, 04 Jan 2024 03:34:30 GMT
content-length: 33
expires: Thu, 04 Jan 2024 03:34:30 GMT

Redirect headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:30 GMT
an-x-request-uuid: d5fb7a5a-0b67-4f53-9cf1-f44ff880fafd
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=8793155108359610414&pid=13058&url=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38&hn_ver=72&fid=4c0f2303-a939-4ea6-bc97-f4395bf567ba&dsp=pub_common&dsp_uid=0a62afcc-da43-4b9a-85d7-403e79894b48
x-proxy-origin: 176.10.107.230; 176.10.107.230; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

sync
s.cpx.to/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=38075D09-E000-4A78-8BD3-677F417BA43B

0
313 B

43ms
43ms

Image
text/plain

52.214.64.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=38075D09-E000-4A78-8BD3-677F417BA43B
Protocol: H2
Server: 52.214.64.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-64-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Thu, 04 Jan 2024 03:34:30 GMT
date: Thu, 04 Jan 2024 03:34:30 GMT
p3p: CP="NOI DEV ADM"

Redirect headers

location: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=38075D09-E000-4A78-8BD3-677F417BA43B
date: Thu, 04 Jan 2024 03:34:30 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 714 B
1 KB 406ms
321ms XHR
text/javascript 18.239.64.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38&pid=lbirCtaeevxLP&cb=0&ws=1600x1200&v=23.1211.1645&t=3500&slots=%5B%7B%22sd%22%3A%2259b1026d46e0fb00016a7b79-1010%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F21726375739%2C22327028904%2FVM_59b1012e46e0fb00016a7b73%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!venatus.com%2C59b100dc46e0fb00012e46aa%2C1%2C%2C%2C&pubid=70247b00-ff8f-4016-b3ab-8344daf96e09&gdprl=%7B%22status%22%3A%22no-cmp%22%2C%22cmpTimeout%22%3A5100%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.64.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-64-29.ams58.r.cloudfront.net

Software

Server /

Resource Hash

a43eee8c3e4003540e309186c1799493c6ec85963fa52df0dd7f4d1af5d27462

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 03:34:30 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 033f456f54ceb7135f57b018b334dfdc.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P4
x-amz-rid: DPZEQ0VRRHHB55GN5J83
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://minecraftcommand.science
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 714
x-amz-cf-id: pi8_pXF6kKArpjWsCpA8uZS_1l3oBTFC7rpagz6i9hSNJe4GjYiYvA==

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9B9A 13 KB
5 KB 22ms
21ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://minecraftcommand.science/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 29027
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 19:30:43 GMT
expires: Thu, 02 Jan 2025 19:30:43 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1AD3 829 B
1 KB 79ms
31ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

10a2e321f031c616b8783bb3f2e8cebcff73ecbfa4dce37671e70200d71e45ee

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ddqEAzn1iwbWW7zTfjFYEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://minecraftcommand.science/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ddqEAzn1iwbWW7zTfjFYEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 04 Jan 2024 03:34:30 GMT
expires: Thu, 04 Jan 2024 03:34:30 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 223 B
668 B 432ms
362ms XHR
text/javascript 18.239.64.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38&pid=lbirCtaeevxLP&cb=1&ws=1600x1200&v=23.1211.1645&t=3500&slots=%5B%7B%22sd%22%3A%225a33dd5b46e0fb0001950103-1002%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F21726375739%2C22327028904%2FVM_59b1012e46e0fb00016a7b73%22%7D%2C%7B%22sd%22%3A%225a33dd5b46e0fb0001950103-1006%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F21726375739%2C22327028904%2FVM_59b1012e46e0fb00016a7b73%22%7D%2C%7B%22sd%22%3A%22616edee55310b2196c628475-1001%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F21726375739%2C22327028904%2FVM_59b1012e46e0fb00016a7b73%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!venatus.com%2C59b100dc46e0fb00012e46aa%2C1%2C%2C%2C&pubid=70247b00-ff8f-4016-b3ab-8344daf96e09&gdprl=%7B%22status%22%3A%22no-cmp%22%2C%22cmpTimeout%22%3A5100%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.64.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-64-29.ams58.r.cloudfront.net

Software

Server /

Resource Hash

dc50652099044a0da566da2a361fc6bb2cc05964baffba5025b83d45d951f286

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 03:34:30 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 033f456f54ceb7135f57b018b334dfdc.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P4
x-amz-rid: 76003QZTJN9V31DTPKBW
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://minecraftcommand.science
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 223
x-amz-cf-id: p_oGbsD9DM8xck4-DmW9PuzQDMbDISnuYs2gQRlrIb1XFEjKNgRW9g==

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 9B9A 39 KB
15 KB 63ms
20ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:59:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34510
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Jan 2025 17:59:20 GMT

POST
H2 200 track_enc Show response
track.venatusmedia.com/dual/ Frame 6205 16 B
169 B 40ms
40ms XHR
application/json 34.255.103.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.venatusmedia.com/dual/track_enc
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.103.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-103-93.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://minecraftcommand.science
date: Thu, 04 Jan 2024 03:34:30 GMT
access-control-allow-credentials: true
content-length: 16
vary: Origin
content-type: application/json

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 6205 94 B
509 B 166ms
90ms XHR
application/json 216.52.2.39
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.35.0
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: fe624bd154d91e977573d9edf1cd51492030b5d8ab786ef29c39117ff11dfce6

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 04 Jan 2024 03:34:30 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://minecraftcommand.science
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 98

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 6205 930 B
2 KB 362ms
117ms XHR
application/json 217.182.178.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.178.224 , France, ASN16276 (OVH, FR),
Reverse DNS: ip224.ip-217-182-178.eu
Software: /
Resource Hash: 39bcdb06387fa69fcfaa770eae0113766416b5d5492afca2fee5e7d629a02a4b

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:30 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://minecraftcommand.science
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 prebid Show response
mp.4dex.io/ Frame 6205 0
273 B 90ms
48ms XHR
text/plain 2606:4700:4400::ac40:994e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:30 GMT
x-err: Parsing the Prebid Request. org/site not found
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 84006d190896020d-ZRH
expires: 0

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame 6205 14 KB
7 KB 235ms
234ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

753e37752f70874f5c4b31a8dc91cdf9ceabd2dd2a95b5366d4abdc151a459a5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:30 GMT
content-encoding: gzip
an-x-request-uuid: ee1aed9b-1a28-43a8-9c66-1e73a49ad971
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 176.10.107.230; 176.10.107.230; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 6205 0
203 B 172ms
121ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.35.0&cb=23962707525&lsavail=1

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://minecraftcommand.science
date: Thu, 04 Jan 2024 03:34:30 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 trinity.json Show response
apex.go.sonobi.com/ Frame 6205 137 B
914 B 612ms
130ms XHR
application/json 2607:f350:3:2569:0:10:0:a
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2217e847316f4005d%22%3A%22ad0a968e0332cebbaf19%7C728x90%2C970x250%2C970x90%7Cc%3Dd%2C%22%2C%22188b46fe6dedc1e%22%3A%2237f6f047861e9ebaa291%7C728x90%2C970x250%2C970x90%7Cc%3Dd%2C%22%2C%2219c828ab5652abe%22%3A%22f3c076631eb036cabb3d%7C728x90%2C970x250%2C970x90%7Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38&s=dd4c3b60-fe2b-4721-84e9-044465fcada8&pv=496e1df3-c2a8-47d9-953d-5f30b5904e1f&vp=mobile&lib_name=prebid&lib_v=7.35.0&us=8&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38%22%2C%22domain%22%3A%22minecraftcommand.science%22%2C%22keywords%22%3A%22Minecraft1.9%22%2C%22publisher%22%3A%7B%22domain%22%3A%22minecraftcommand.science%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatus.com%22%2C%22sid%22%3A%2259b100dc46e0fb00012e46aa%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%22619ed69a-04ae-42ba-9c03-a27fbcdd0abd%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22619ed69a-04ae-42ba-9c03-a27fbcdd0abd%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f350:3:2569:0:10:0:a , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

f070af4c90f6b4a994546afc0d1138b19b87f4be5aa5e03d9e4e18eff60e75c8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:31 GMT
content-encoding: gzip
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-153
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type: application/json
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
tcn: Choice
content-length: 131
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ Frame 6205 37 B
673 B 74ms
38ms XHR
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=171882
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d213a2e91cb1b62f40d35c1f21cf6e33bf3b2d398ad9b596d046a35a71acb65b

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xWjvet%2BB761mOqL2zZ2IfTqhOV9ucFvsLD%2FCTztQzcWN5cfsbdr4w2vYqsyEYHCObq7io9Hm%2BEhn3qPWnqMSKP7eCjbWL0Fu4uNGrZimqZUYsP4AijbgEE14e1pre93XJuUGKHZ%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 84006d190d230219-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame 6205 0
255 B 94ms
28ms XHR
text/plain 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 7a
date: Thu, 04 Jan 2024 03:34:30 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://minecraftcommand.science
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 6205 365 B
579 B 189ms
109ms XHR
application/json 2602:803:c003:200::91
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=160026&zone_id=767258&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!venatus.com,59b100dc46e0fb00012e46aa,1,,,&eid_pubcid.org=619ed69a-04ae-42ba-9c03-a27fbcdd0abd%5E1&rf=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38&kw=Minecraft1.9&tg_i.page=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38&tg_i.domain=minecraftcommand.science&tk_flint=pbjs_lite_v7.35.0&x_source.tid=e89edbad-8117-4bdf-9f58-050ebbac46a9&l_pb_bid_id=262aac4405c54bd&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2FVM_59b1026d46e0fb00016a7b79%2F1010&slots=1&rand=0.8829417606424124
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::91 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 1f6ed2ede7d7b48c1a9043cc5b23785d1e14c0a8abc3c7a36247319b37c1cd41

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:30 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 365
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1AD3 0
0 88ms
88ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312070101&jk=3296551704616449&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 288 Show response
a.ad.gt/api/v1/u/matches/ 12 KB
4 KB 93ms
28ms Script
application/javascript 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/288?_it=amazon
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 258918e53038345b3ca0617e3147d9a66aca73424ec8d5b60f09874a56fe5023

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 03:34:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 04 Jan 2024 03:30:33 GMT
server: cloudflare
age: 237
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 84006d196a69bb25-MXP

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9B9A 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?UkkCQg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 03:34:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 trinity.json Show response
apex.go.sonobi.com/ Frame 6205 137 B
914 B 519ms
132ms XHR
application/json 2607:f350:3:2569:0:10:0:a
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22296ef4469e036cd%22%3A%2202ab3655a0ef67a517df%7C160x600%7Cc%3Dd%2C%22%2C%2230b32e9ecafc929%22%3A%2202ab3655a0ef67a517df%7C160x600%7Cc%3Dd%2C%22%2C%223144c6bf3238134%22%3A%228e95c2151bcd41d7c724%7C728x90%2C970x90%7Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38&s=4e3649a7-a34e-42b8-b704-4658a64fcf5f&pv=496e1df3-c2a8-47d9-953d-5f30b5904e1f&vp=mobile&lib_name=prebid&lib_v=7.35.0&us=8&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38%22%2C%22domain%22%3A%22minecraftcommand.science%22%2C%22keywords%22%3A%22Minecraft1.9%22%2C%22publisher%22%3A%7B%22domain%22%3A%22minecraftcommand.science%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatus.com%22%2C%22sid%22%3A%2259b100dc46e0fb00012e46aa%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%22619ed69a-04ae-42ba-9c03-a27fbcdd0abd%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22619ed69a-04ae-42ba-9c03-a27fbcdd0abd%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f350:3:2569:0:10:0:a , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

f587399e68dc53b742a5b6faa52b4c30a7f6df6f66e3a4ed5d303de558f59bfe

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:31 GMT
content-encoding: gzip
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-112
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type: application/json
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
tcn: Choice
content-length: 132
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 6205 342 B
376 B 99ms
98ms XHR
application/json 2602:803:c003:200::91
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=160026&zone_id=767258&size_id=9&rp_schain=1.0,1!venatus.com,59b100dc46e0fb00012e46aa,1,,,&eid_pubcid.org=619ed69a-04ae-42ba-9c03-a27fbcdd0abd%5E1&rf=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38&kw=Minecraft1.9&tg_i.page=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38&tg_i.domain=minecraftcommand.science&tk_flint=pbjs_lite_v7.35.0&x_source.tid=6c5d3146-5491-4ad3-966d-cf8d1c587a89&l_pb_bid_id=3303a321041da96&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2FVM_5a33dd5b46e0fb0001950103%2F1002&slots=1&rand=0.6909819146393648
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::91 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: da51c802ff9553c6107a8670a17c71080815c58deee23f8b03268e8acd507356

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:30 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 342
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 6205 342 B
376 B 115ms
115ms XHR
application/json 2602:803:c003:200::91
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=160026&zone_id=767258&size_id=9&rp_schain=1.0,1!venatus.com,59b100dc46e0fb00012e46aa,1,,,&eid_pubcid.org=619ed69a-04ae-42ba-9c03-a27fbcdd0abd%5E1&rf=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38&kw=Minecraft1.9&tg_i.page=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38&tg_i.domain=minecraftcommand.science&tk_flint=pbjs_lite_v7.35.0&x_source.tid=bb752fd0-3ad3-48de-b51b-5ca5178f38e3&l_pb_bid_id=3408b4e99cf9433&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2FVM_5a33dd5b46e0fb0001950103%2F1006&slots=1&rand=0.2112924466345023
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::91 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 85a2c47aa93ac7a646e226ee87d032790941254ac9c5391462d089d4f121bf35

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:30 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 342
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 6205 362 B
396 B 118ms
118ms XHR
application/json 2602:803:c003:200::91
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=160026&zone_id=767258&size_id=2&alt_size_ids=55&rp_schain=1.0,1!venatus.com,59b100dc46e0fb00012e46aa,1,,,&eid_pubcid.org=619ed69a-04ae-42ba-9c03-a27fbcdd0abd%5E1&rf=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38&kw=Minecraft1.9&tg_i.page=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38&tg_i.domain=minecraftcommand.science&tk_flint=pbjs_lite_v7.35.0&x_source.tid=cc3a3883-362b-4e3b-92a7-f1aab9b8ed30&l_pb_bid_id=35a9722144cbd8a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2FVM_616edee55310b2196c628475%2F1001&slots=1&rand=0.724848896025853
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::91 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 10743075cb4e758fe616fe3e06a28ac9ab72b105a4cc3fd128e407bf852959cd

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:30 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 362
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 6205 94 B
509 B 130ms
72ms XHR
application/json 216.52.2.39
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.35.0
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: 0e0feddbdb6febe969da68fffd4b55496de07f2ce27ebb9c7c3a7bcc84c5a2ae

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 04 Jan 2024 03:34:30 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://minecraftcommand.science
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 98

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ Frame 6205 37 B
313 B 44ms
43ms XHR
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=171882
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42f6e3d964f79ab4124031a17d162914ba2703bad53c5b8b996717623e1241ac

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xn%2BL4iu9B%2FH%2FfpxQEJuOMcownSYlnFfsUuBJXPmgwtuv7N%2F%2FGlnrmimFJ3AJAPQmWF7IuHC1va7nkmLaYfZPHX0PO32m9G1cGMYq2kSK25HlIASX15gCQLlznqEdXzx0foNWATek"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 84006d196d650219-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame 6205 43 KB
10 KB 290ms
290ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

05f003284bc69d145d257c8c39ff76a05813dfb7d7836c802a54fca09ce1d0d5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:30 GMT
content-encoding: gzip
an-x-request-uuid: f4695d59-fc81-4ce2-81e1-003292ac07a3
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 176.10.107.230; 176.10.107.230; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 6205 0
202 B 136ms
136ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.35.0&cb=70155460851&lsavail=1

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://minecraftcommand.science
date: Thu, 04 Jan 2024 03:34:29 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 prebid Show response
mp.4dex.io/ Frame 6205 0
40 B 40ms
39ms XHR
text/plain 2606:4700:4400::ac40:994e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:30 GMT
x-err: Parsing the Prebid Request. org/site not found
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 84006d1968d8020d-ZRH
expires: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 6205 895 B
2 KB 271ms
128ms XHR
application/json 217.182.178.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.178.224 , France, ASN16276 (OVH, FR),
Reverse DNS: ip224.ip-217-182-178.eu
Software: /
Resource Hash: 403d7133bd2fb1655a33384c55a4e65aa9ac408c6127532c0eaea0eb6adcbad7

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:30 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://minecraftcommand.science
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 6205 29 KB
10 KB 260ms
121ms XHR
application/json 217.182.178.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.178.224 , France, ASN16276 (OVH, FR),
Reverse DNS: ip224.ip-217-182-178.eu
Software: /
Resource Hash: 4804eb01ba20b0bc0636e21599ccf3da3d4abc89e9a88bfd5957a3d414e1de29

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:29 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://minecraftcommand.science
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 6205 1 KB
2 KB 255ms
113ms XHR
application/json 217.182.178.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.178.224 , France, ASN16276 (OVH, FR),
Reverse DNS: ip224.ip-217-182-178.eu
Software: /
Resource Hash: aaa50b0f76ba769f197c0447e07b33caf55ac9d800a203e260c9b2f1df007d98

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:30 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://minecraftcommand.science
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame 6205 0
120 B 27ms
26ms XHR
text/plain 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 7a
date: Thu, 04 Jan 2024 03:34:29 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://minecraftcommand.science
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1

GET
H/1.1

200
OK

iu3 Show response
aax-eu.amazon-adsystem.com/s/ Frame 1EB1
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&dcc=t

358 B
1 KB

219ms
219ms

Document
text/html

52.95.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&dcc=t

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

914f5d7dd1a6c1f8260dfb5e79b2b19d41801b45277d0adcf719ddce9b9e7695

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://minecraftcommand.science/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 358
Content-Type: text/html;charset=ISO-8859-1
Date: Thu, 04 Jan 2024 03:34:31 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: W8RGA27XS3F5FM1CJ832

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Thu, 04 Jan 2024 03:34:30 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: Q4P2722YWPP8GAJ83Y4N

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
58ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312070101&jk=3296551704616449&bg=!LS6lLmHNAAY3kmNgF5I7ADQBe5WfOMr-FXJv-qBz9G2ELDB7ffqG12iVl3szWy5xmACcaqp2k5ir1xD18XbJnkVeOB6fAgAAADFSAAAAAmgBB5kCxi4Y3F8oPsP121oTplWM-YAVWbIiVQJj0ufBL-7sEcJFQDnchB-WJmxqY7rxamAWgJyObwAmAnpR38w9m_NDYKiy65mLj0Yfdhn1pMKEVa-usJ9lSHwH9wfOhQLIb80Jal5LaljqvS-B2CSCaBeg7oE7443brrz5VKg_-QJFGyamTXz5j7QGHPagqY6gKPq-KqMtgZVSUijRLmXEY87Co0ISy4ZKIpYkrTEvKqhIoElXFrfrYp2sBaSwcPIczWDH-z1dzWTHXfhyxRSLvyZ5GlcuuV4iA7egYRxPR4uu4nksepZQDYSXJx3fSx88CE-V7OX91xd9hGHbyMmpr0vi47QpyhM83u7qUEjUGNYWJ1XkMN1-pNO6yNS1_EBdVF1aF8FIYAsSkkL41D69ODFopLh-9d_E770XstBaKPQyg9EDil1qQt22j26rPTUMgyZfUAPO39b17VKcUfluli87WyfZRQqk_4mA9kYKkJaeOkbxMXAlMqXzNX0MpxBSUW1ELIG_kLj4Qqw1g2mz9030sGOfT7eTLOY_dKDVePDPU9mzbhUFh26kZlKsg6rMIcTX9wtDRoZ4OTusBmQkKvTgEMLUE23gJCIoBgEzekM3TKmV0zTD8c_LacfzvAi8pWli-C1rhI1EMm4MMzLrkHJxeqe068X7NVOrfTOcjkXfapPgHOqncLTi_MfPaE0M17c243wbUuFk1EAlT-uxONpI_zI7kgdGfJM49xC97LOhSEoMg2YgwgmOpEgZC07YlrFjeBy5CCLcGy-INTmRYnw7ODW9F8-15aLUDVfBh9T1RiIB3oHhqkyBfQhGLj6elYHADTfnqtJs4gbXkr6bzkLfv09WANf0h10qTS3oI_XnJ1x307GKcYbkkBZk0GQdTXvgUV2vRPtTRAh8v8v7jkd3wj9qNn_XmXygSKvHMr17WeI8ImkSQoqU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 372 B
149 B 224ms
224ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b8f9639db0df3378e968273ee60171736de8173c69fb0200617785c33f03d8dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 03:34:31 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
173 B 566ms
565ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3296551704616449&correlator=3928794600262162&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fifs&tfua=0&tfcd=0&iu_parts=21726375739%3A22327028904%2CVM_59b1012e46e0fb00016a7b73&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=160x600%2C160x600%2C728x90%7C970x90&ifi=3&sfv=1-0-40&sc=1&cookie=ID%3De2b8768a74da5fb8%3AT%3D1704339270%3ART%3D1704339270%3AS%3DALNI_MZwgMx9L1ONTIZ7JDYO1M2UEUAM7g&gpic=UID%3D00000d37eb41db72%3AT%3D1704339270%3ART%3D1704339270%3AS%3DALNI_MYxd9kecNpnFiKCRuhp4iHZZWs49A&abxe=1&dt=1704339271166&lmt=1704339271&adxs=35%2C1405%2C436&adys=60%2C60%2C1156&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38&vis=1&psz=160x-1%7C160x-1%7C1600x-1&msz=160x-1%7C160x-1%7C728x-1&fws=516%2C516%2C512&ohw=160%2C160%2C0&ga_vid=1124578720.1704339268&ga_sid=1704339270&ga_hid=121522785&ga_fc=true&dlt=1704339267507&idt=2525&prev_scp=hb_pb%3D0.16%26hb_adid%3D5a33dd5b46e0fb0001950103-1002%26hb_iv%3D1%26sv%3D1%26re_ve%3D1bef162b-v7.35.0%26pg_ld_id%3Df7e0d2fe-7b8c-4b9e-96fa-b1666163c204%26mo%3Dscan%26ac_id%3D59b100dc46e0fb00012e46aa%26si_id%3D59b1012e46e0fb00016a7b73%26pl_id%3D5a33dd5b46e0fb0001950103%26co%3DCH%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2023-11-16%252012%253A16%253A58%26ta_si%3D160x600%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse%26v_c%3D%26ss_id%3Dbfedfc7d-d9a8-45fa-b6d1-70a829c2e932%26tpcs%3Denabled%26cdl%3D%26st_ty%3Dvert%26bf_br%3D27600000%26af_im%3D27600000%26amznbid%3D2%26amzniid%3D%26amznsz%3D0x0%26amznp%3D2%7Chb_pb%3D0.16%26hb_adid%3D5a33dd5b46e0fb0001950103-1006%26hb_iv%3D1%26sv%3D1%26re_ve%3D1bef162b-v7.35.0%26pg_ld_id%3Df7e0d2fe-7b8c-4b9e-96fa-b1666163c204%26mo%3Dscan%26ac_id%3D59b100dc46e0fb00012e46aa%26si_id%3D59b1012e46e0fb00016a7b73%26pl_id%3D5a33dd5b46e0fb0001950103%26co%3DCH%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2023-11-16%252012%253A16%253A58%26ta_si%3D160x600%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse%26v_c%3D%26ss_id%3Dbfedfc7d-d9a8-45fa-b6d1-70a829c2e932%26tpcs%3Denabled%26cdl%3D%26st_ty%3Dvert%26bf_br%3D27600000%26af_im%3D27600000%26amznbid%3D2%26amzniid%3D%26amznsz%3D0x0%26amznp%3D2%7Chb_pb%3D0.13%26hb_adid%3D616edee55310b2196c628475-1001%26hb_iv%3D1%26sv%3D1%26re_ve%3D1bef162b-v7.35.0%26pg_ld_id%3Df7e0d2fe-7b8c-4b9e-96fa-b1666163c204%26mo%3Dscan%26ac_id%3D59b100dc46e0fb00012e46aa%26si_id%3D59b1012e46e0fb00016a7b73%26pl_id%3D616edee55310b2196c628475%26co%3DCH%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2023-11-16%252012%253A16%253A58%26ta_si%3D728x90%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse%26v_c%3D%26ss_id%3Dbfedfc7d-d9a8-45fa-b6d1-70a829c2e932%26tpcs%3Denabled%26cdl%3D%26st_ty%3Dhorb%26bf_br%3D27600000%26af_im%3D27600000%26amznbid%3D2%26amzniid%3D%26amznsz%3D0x0%26amznp%3D2&adks=3462135008%2C3462135036%2C1414712841&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed1bd447b34643fbb1d1586905fbc2bb98f0f52a656bbcf237e83f44b4d42cf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 03:34:31 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 143
x-xss-protection: 0
google-lineitem-id: -2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
284 B 73ms
21ms Fetch
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

0f2b339daf1b2ae7b108c2e3e37f3fed353dfb9860626a5e25ff313f08f1c2d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://minecraftcommand.science
date: Thu, 04 Jan 2024 03:34:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK pr Show response
aax-eu.amazon-adsystem.com/s/v3/ Frame 3B7D 3 KB
3 KB 43ms
42ms Document
text/html 52.95.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3

Requested by

Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

e7a60ca6db573993a6629bc4b5857da19a65ee4ad11f39048c0e49c97c7508c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&dcc=t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 2581
Content-Type: text/html;charset=ISO-8859-1
Date: Thu, 04 Jan 2024 03:34:31 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: 1NCY9TYKPQVNK8DY01M4

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3B7D
Redirect Chain

https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com/s%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=5d3cd70593

43 B
479 B

45ms
44ms

Image
image/gif

52.95.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=5d3cd70593

Requested by

Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Server

52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Jan 2024 03:34:31 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: YCMSNRTZQXZVYDNXS8R0
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Thu, 04 Jan 2024 03:33:41 GMT
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
age: 50
x-cache: Hit from cloudfront
location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=5d3cd70593
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: UYgZQ0YisZ3H3CUks79mymFDesTb-eRnBglh8NCwLP4O4RqiC_Umeg==

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3B7D
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=mediagrid.com&id=4604c5ff-336d-4aee-84e1-4f6824666dd1

43 B
479 B

104ms
43ms

Image
image/gif

52.95.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=mediagrid.com&id=4604c5ff-336d-4aee-84e1-4f6824666dd1

Requested by

Protocol

HTTP/1.1

Server

52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Jan 2024 03:34:31 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 90ZJCNJ9BFB4RS4RSEWP
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=mediagrid.com&id=4604c5ff-336d-4aee-84e1-4f6824666dd1
date: Thu, 04 Jan 2024 03:34:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3B7D
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1704339271330
https://ad.turn.com/r/cs?pid=45&rndcb=6193506209
https://sync.1rx.io/usersync/turn/3504620326854103646?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-03be1281-fca7-4be1-a762-d1ea802c2be6-003?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Drhythmone.com%26id%3DRX-03be1281-fca7-4be1-...
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rhythmone.com&id=RX-03be1281-fca7-4be1-a762-d1ea802c2be6-003

43 B
479 B

46ms
46ms

Image
image/gif

52.95.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rhythmone.com&id=RX-03be1281-fca7-4be1-a762-d1ea802c2be6-003

Requested by

Protocol

HTTP/1.1

Server

52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Jan 2024 03:34:31 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 897M5QD80KX5187GWWTR
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rhythmone.com&id=RX-03be1281-fca7-4be1-a762-d1ea802c2be6-003
date: Thu, 04 Jan 2024 03:34:31 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX03be1281fca74be1a762d1ea802c2be6003
content-type: text/html

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3B7D
Redirect Chain

https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=media.net&id=3473408717299857000V10

43 B
479 B

123ms
45ms

Image
image/gif

52.95.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=media.net&id=3473408717299857000V10

Requested by

Protocol

HTTP/1.1

Server

52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Jan 2024 03:34:31 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 94ZS7PFNB81VDW87RQPH
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 04 Jan 2024 03:34:31 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=media.net&id=3473408717299857000V10
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Thu, 04 Jan 2024 03:34:31 GMT

GET
H3

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame F5E9
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1

2 KB
1 KB

38ms
38ms

Document
text/html

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70e9056b1fa1f736bfa4390b6af1c7854f64cb58c6ee29a135edb0f34d3bd1f7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 84006d1d8a1b01e3-ZRH
content-encoding: br
content-type: text/html
date: Thu, 04 Jan 2024 03:34:31 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2BVh2qkcVEyYkPz2PoLXEElpkk4P8myWLZHuGhFoQZa2biFuHJvCA%2FkDw1R1hFYwMT9eXLEpKLgidq68EP8Gy9bYtF3UMgdhcbgN%2FVQqs7yfWZALUNoS6nSQvjODU5crzVnGBrVGs0vQog%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 84006d1d588d0219-ZRH
content-length: 0
date: Thu, 04 Jan 2024 03:34:31 GMT
expires: 0
location: /usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7OeRHYfpDl6AHVXB8M%2FYb2GBAoyprGR51VvE8OOzivB%2Fe5xYebEalx4InOQTdx%2FV%2BnZEALcB9uqWElvh%2FYCz5VdKO%2BU2M0GLC439COHLearjyqFtUB3ARPaudPv2fjuJZgxUduXK6Ar%2FDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 204 /
match.sharethrough.com/jwumXNuB/v1/ Frame F0AA 0
0 108ms
21ms Document
text/plain 3.67.60.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.60.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-60-172.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

date: Thu, 04 Jan 2024 03:34:31 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame CE58 281 B
555 B 74ms
21ms Document
text/html 23.35.229.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-251.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 04 Jan 2024 03:34:31 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1

200
OK

ecm3 Show response
aax-eu.amazon-adsystem.com/s/ Frame 1A21
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=2
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=2769084103397201519&gdpr=0&gdpr_consent=

43 B
479 B

54ms
45ms

Document
image/gif

52.95.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=2769084103397201519&gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Thu, 04 Jan 2024 03:34:31 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: KYHNT3HHNCVJT44ZFJV5

Redirect headers

content-length: 0
date: Thu, 04 Jan 2024 03:34:30 GMT
location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=2769084103397201519&gdpr=0&gdpr_consent=

GET
H/1.1

200
OK

ecm3 Show response
aax-eu.amazon-adsystem.com/s/ Frame 8F26
Redirect Chain

https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com
https://aax-eu.amazon-adsystem.com/s/ecm3?id=8793155108359610414&ex=appnexus.com

43 B
479 B

44ms
44ms

Document
image/gif

52.95.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?id=8793155108359610414&ex=appnexus.com

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Thu, 04 Jan 2024 03:34:31 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: FBQ0YMK64G7EPGG2ZV8J

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: 1dbd371c-934d-4c35-a0fe-59b195a62f85
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Thu, 04 Jan 2024 03:34:31 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://aax-eu.amazon-adsystem.com/s/ecm3?id=8793155108359610414&ex=appnexus.com
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.23.4
x-proxy-origin: 176.10.107.230; 176.10.107.230; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H2 200 sync-iframe Show response
cs-server-s2s.yellowblue.io/ Frame 83FF 570 B
1021 B 351ms
121ms Document
text/html 52.205.210.55
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.205.210.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-210-55.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 4d3a8ad550ab9f36d17388d40c5532bc287844a7458fdd2f1482fce3f38ddb36

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: cs-server-s2s.yellowblue.io
content-length: 570
content-type: text/html
date: Thu, 04 Jan 2024 03:34:31 GMT
server: istio-envoy
x-envoy-upstream-service-time: 8

GET
H2 200 getuid Show response
eb2.3lift.com/ Frame EFE0 37 B
140 B 64ms
21ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Thu, 04 Jan 2024 03:34:31 GMT

POST
H2 200 v3 Show response
id5-sync.com/gm/ 319 B
609 B 72ms
21ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

85ea5f656c0d0e066a6a5163df465db3305605e6900d35db4591fe8306240690

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://minecraftcommand.science
date: Thu, 04 Jan 2024 03:34:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame CE58 45 KB
13 KB 22ms
22ms Script
text/html 23.35.229.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-251.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: fa614642f7e3e6eab1f82e2fd370e94d6ab3816f94654f5a5b5917788b7930f4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 03:34:31 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Jan 2024 07:28:05 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=13992
Connection: keep-alive
Content-Length: 13174
Expires: Thu, 04 Jan 2024 07:27:43 GMT

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame F5E9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZZYnRwsphDK_tF43iTx4BwAAFLIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESED_8jHIRxVDe1a7KDyHRCyA&google_cver=1

43 B
732 B

33ms
33ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESED_8jHIRxVDe1a7KDyHRCyA&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0b5dDHLHWlYzvxHQEr9NVkNOI1qNWqm7hczE8yj5%2BAoS4bIgIa2oGK9oDdHT0EgSvMhgodl1CDAx7ssjhfJCxsHn6YsdUJMf%2Bh01yoiCnIVwHqPynJYwV6c8hisMiLFkh49AbXSP4o3%2BCA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84006d1dfa8301e3-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESED_8jHIRxVDe1a7KDyHRCyA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame F5E9
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZZYnRwsphDK-tF43iTx4BwAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELp09vp0PF1-aYXDBpIxHfI&google_cver=1

43 B
738 B

34ms
34ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELp09vp0PF1-aYXDBpIxHfI&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KIkLWxzv2HvXPOT%2FzhziRvR8L8gCGUYb1x2O8Oqb%2BFr9w4eO8NakY7f%2FMV5MZHXUWh6T8SxT%2BK85VtoL59Db9t4f6B05MZwKWJzlQ5cCUR5QNDGZyHhmYPQiTe6aXK%2FyLn3l6GT4rLIcIw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84006d1e4ac301e3-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELp09vp0PF1-aYXDBpIxHfI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame F5E9
Redirect Chain

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZZYnRwsphDK-tF43iTx4BwAA%265298&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZZYnRwsphDK-tF43iTx4BwAA%265298&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=0c9f6957f6604f92b329a50e4a90be3e
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0

70 B
148 B

42ms
42ms

Image
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: H2
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 03:34:32 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Redirect headers

Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Date: Thu, 04 Jan 2024 03:34:32 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 1

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame F5E9 70 B
148 B 43ms
42ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 03:34:31 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 bridge
cm.adgrx.com/ Frame F5E9 43 B
283 B 132ms
30ms Image
image/gif 72.251.245.179
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.245.179 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:31 GMT
server: Cowboy
content-type: image/gif
p3p: CP="NOI OTC OTP OUR NOR"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx: ams-delivery-7
content-length: 43
expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame F5E9 43 B
479 B 349ms
116ms Image
image/gif 52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZZYnRwsphDK_tF43iTx4BwAAFLIAAAIB&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Jan 2024 03:34:31 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: TN0GEA458SKMY3XF1Z8V
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame F5E9
Redirect Chain

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1720064071&external_user_id=ed7bda9d-2646-4bb5-840f-c9d095df6057

43 B
734 B

36ms
36ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1720064071&external_user_id=ed7bda9d-2646-4bb5-840f-c9d095df6057
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xu9BmrHLTsRlBpkvxvShGR9vFu0%2B746GvfsmOcpWb%2BY%2FcrGjXLXjlOeE257SleKP7hy6ai%2FHLhLFLNmzeLYYuDct%2BbaJyFBT4adtpikF35HCdiTCi1NRaHseob1i9AShuMSjxTw6ONrDZg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84006d1f1ba401e3-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Thu, 04 Jan 2024 03:34:31 GMT
via: 1.1 google
access-control-allow-methods: GET,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *.casalemedia.com
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1720064071&external_user_id=ed7bda9d-2646-4bb5-840f-c9d095df6057
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 157

GET
H2

200

crum
dsum-sec.casalemedia.com/ Frame F5E9
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8793155108359610414

43 B
342 B

35ms
35ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8793155108359610414
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8az6yloUeBb7CqyCkNFHe%2FMBuPhwhykmqZgbtmufsheemj1zpd15I5LnDAqeEmmV4cOeQTIHwVK2Ctkrd%2F3NSt5G3YGSO%2F869UhBdykx%2BiY8EgP6zqdgNtwPu%2Fe%2F4zrRwB38HeYELjVh%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84006d1df8ea0219-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:31 GMT
an-x-request-uuid: d3494af6-e24e-4392-aab9-9c63c4b118a2
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8793155108359610414
x-proxy-origin: 176.10.107.230; 176.10.107.230; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ecm3
aax-eu.amazon-adsystem.com/s/ Frame F5E9 43 B
479 B 85ms
43ms Image
image/gif 52.95.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=index.com&id=ZZYnRwsphDK_tF43iTx4BwAAFLIAAAIB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Jan 2024 03:34:31 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 3N24SMAE331DCEANR2T1
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame CE58 7 B
819 B 171ms
24ms XHR
application/json 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
Expires: 0

GET
H/1.1 200
OK 00ab0017-eaa0-49b1-9182-9492e7def993 Show response
dcdn.adnxs.com/renderer-content/ Frame 280E 11 KB
3 KB 134ms
26ms Script
text/javascript 2.19.104.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dcdn.adnxs.com/renderer-content/00ab0017-eaa0-49b1-9182-9492e7def993
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.104.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-104-211.deploy.static.akamaitechnologies.com
Software: nginx/1.21.3 /
Resource Hash: 68df248136accc1c2fcb2f530149bfdf33ef08102ed325c94a2676bac6dec36a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 03:34:31 GMT
Content-Encoding: gzip
x-b3-traceid: fe6c2acfcf3443f7
an-served-by: hbapi-proxy-production-bfc9874b9-ff2w8
Connection: keep-alive
Content-Length: 3040
Server: nginx/1.21.3
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
Cache-Control: max-age=32732
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
Expires: Thu, 04 Jan 2024 12:40:03 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/240/ Frame 280E 80 KB
27 KB 130ms
31ms Script
application/x-javascript 2.19.104.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/240/trk.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.104.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-104-211.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 03:34:31 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 14:06:46 GMT
Server: AkamaiNetStorage
ETag: "ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27680
Expires: Fri, 03 Jan 2025 03:34:31 GMT

POST
H2 200 track_enc Show response
track.venatusmedia.com/dual/ Frame 6205 16 B
169 B 40ms
40ms XHR
application/json 34.255.103.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.venatusmedia.com/dual/track_enc
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.103.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-103-93.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://minecraftcommand.science
date: Thu, 04 Jan 2024 03:34:31 GMT
access-control-allow-credentials: true
content-length: 16
vary: Origin
content-type: application/json

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame CE58
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu&khaos=LQYNLHL6-5-LBNA
https://aax-eu.amazon-adsystem.com/s/ecm3?id=LQYNLHL6-5-LBNA&ex=d-rubiconproject.com&status=ok

43 B
479 B

44ms
44ms

Image
image/gif

52.95.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?id=LQYNLHL6-5-LBNA&ex=d-rubiconproject.com&status=ok

Requested by

Protocol

HTTP/1.1

Server

52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Jan 2024 03:34:31 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: NXT7EZTYXX0Q1GNTQD7T
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://aax-eu.amazon-adsystem.com/s/ecm3?id=LQYNLHL6-5-LBNA&ex=d-rubiconproject.com&status=ok
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
Expires: 0

GET
H/1.1 200
OK 300
dcdn.adnxs.com/shftr/https%253A%252F%252Fcrcdn01.adnxs-simple.com%252Fcreative20%252Fp%252F1178%252F2023%252F12%252F20%252F53100001%252F5aa9b82a-6ba0-4cee-9ec7-64df3d98ff80.jpg/0/300/ Frame 280E 6 KB
5 KB 27ms
27ms Image
image/jpeg 2.19.104.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcdn.adnxs.com/shftr/https%253A%252F%252Fcrcdn01.adnxs-simple.com%252Fcreative20%252Fp%252F1178%252F2023%252F12%252F20%252F53100001%252F5aa9b82a-6ba0-4cee-9ec7-64df3d98ff80.jpg/0/300/300
Requested by: Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/refundhelen38
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.104.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-104-211.deploy.static.akamaitechnologies.com
Software: nginx/1.21.3 /
Resource Hash: ff27aaf0251f1297775f311ea19bfc6ce02a722f428b37315b6b57bea2448f6f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 03:34:31 GMT
Content-Encoding: gzip
Server: nginx/1.21.3
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
Cache-Control: max-age=10799
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 4662
Expires: Thu, 04 Jan 2024 06:34:30 GMT

GET
H2 200 get
choices.trustarc.com/ Frame 280E 739 B
1 KB 106ms
30ms Image
image/png 18.239.50.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-full-tl.png
Requested by: Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/refundhelen38
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-19.ams58.r.cloudfront.net
Software: nginx /
Resource Hash: 3e736be7e34c844a2d363f75a932ad7f305fc65507c697f698fc4f080f47730b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Mon, 11 Dec 2023 01:11:02 GMT
via: 1.1 0f5a5feace742eb20ef71e34731fb1fa.cloudfront.net (CloudFront)
last-modified: Thu, 26 Oct 2023 03:20:37 GMT
server: nginx
x-amz-cf-pop: AMS58-P3
age: 2082209
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 739
x-amz-cf-id: JRG3H4vgDi-olND95bADtyMAuMNYKyVTPfY0bYLNq8NsmudwS4kG3g==
expires: Wed, 10 Jan 2024 01:11:02 GMT

GET
H/1.1 200
OK 215ebbf0-3fe0-4127-b047-cb9e03b07e81.jpg
crcdn01.adnxs-simple.com/creative20/p/1178/2023/12/20/53099958/ Frame 280E 200 KB
201 KB 69ms
19ms Image
image/jpeg 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crcdn01.adnxs-simple.com/creative20/p/1178/2023/12/20/53099958/215ebbf0-3fe0-4127-b047-cb9e03b07e81.jpg
Requested by: Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/refundhelen38
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.21.3 /
Resource Hash: 4d180417c61a57d9e3888d6561b67c80f470c90019e9641552035e865f843fe1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires: Sat, 03 Feb 2024 17:51:59 GMT
x-ms-blob-type: BlockBlob
Date: Thu, 04 Jan 2024 03:34:31 GMT
Via: 1.1 varnish, 1.1 varnish
Content-MD5: 3CcVqFNY4gRR98DHJtIwXA==
Age: 1244551
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 204670
X-Served-By: cache-lga21971-LGA, cache-mxp6934-MXP
x-ms-lease-status: unlocked
Last-Modified: Wed, 20 Dec 2023 17:15:07 GMT
Server: nginx/1.21.3
X-Timer: S1704339272.589374,VS0,VE1
ETag: 0x8DC017F37308F76
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
x-ms-request-id: 1c0b979c-901e-0044-716d-339fc5000000
Cache-Control: max-age=3888000
x-ms-version: 2009-09-19
Accept-Ranges: bytes
X-Cache-Hits: 260, 1

GET
H2 200 it
fra1-ib.adnxs.com/ Frame 280E 0
647 B 29ms
23ms Image
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38&e=wqT_3QKSC_DQkgUAAAMA1gAFAQjGztisBhD_2Lfk9oKjshMYrsC-hbr_44N6KjYJuEcKoShzyD8ROGUGiQ8Ewz8ZAAAAwB6F_z8hHMPO2o5lxz8pMPXzpiIVzj8xAAAAANejwD8w1PncBTimBkCaCUgCUOOV-ucBWLmUVGAAaIUdeM6HBoABAYoBA1VTRJIBA1VTRJgBAaABAagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaHVmKCdhJywgNDY4NzQ1LCAwKTt1ZignaScsIDYwNTkzMzAVFCxnJywgMjE5NDcyODgVFQBzARUcODc0MTAxNTcVFixyJywgNDg2NDQzNzQJFvC2kgLBBCFGSEd4UWdpUWo1Y2JFT09WLXVjQkdBQWd1WlJVTUFBNEFFQUFTSm9KVU5UNTNBVllBR0NlQTJnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFhZ0JBYkFCQUxrQkVCSjBjcHFaeVRfQkFhYms0UkUtRmM0X3lRRUFBQUFBQUFEd1A5a0JRWnF4YURvNzZ6X2dBY0xxOFFMMUFjM016RDZZQWdDZ0FnRzFBZ0FBQUFDOUFnATnwgURBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0STRlaWZMUkFCR0FJdHpjek1QcUlERGdqaDZKOHRFQXNZQWkzTnpNdy11Z01KUmxKQk1UbzJOVGcyNEFPdlJZQUV2LVdUQ29nRTRQMjNDNUFFQVpnRUFjRUUBhgkBCERKQgkJBQEYMkFRQThRUQUMBQFESWdGdWpPWUJlMlBob2tCcVFVBRccQUFEd1A3RUYNDQEQBEJCATccS0NabWRrX3kuKAAAOTIoAABaBSgBAbhQQV80QVhPdHdId0Jaakh1d3I0QlluT0hJSUdBME5JUm9nR0JKQUdBWmdHQUtFRwEzAQEsOEQtb0JnU3lCaVFKARANAQBSDQgBAQBaAQUNAQBoDQgkQUFBQzRCZ3FCQwELAag0Y2tfmgKZASFLeFRya1E6RQIoTG1VVkNBQUtBQXgBMAEBiDhEODZDVVpTUVRFNk5qVTROa0N2UlVsQm1yRm9PanZyUDFFAScJAQRGawkIAQEER0UBBgkBAEcdGABIHRgMSGdBaS5ZAvQqAXcuLtgCH-AC7pAB6gI2aHR0cHM6Ly9taW5lY3JhZnRjb21tYW5kLnNjaWVuY2UvcHJvZmlsZS9yZWZ1bmRoZWxlbjM4gAMAiAMBkAMAmAMXoAMBqgMAwAPgqAHIAwDYA9L7feADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4xNzYuMTAuMTA3LjIzMKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDjExNzgjRlJBMTo2NTg22gQCCAHgBAHwBOOV-ucBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF7bkN-gUECAAQAJAGAZgGALgGAMEGAAAAAAAA8D_QBuAD2gYWChAACTUVAXQQABgA4AYM8gYCCACABwGIBwCgB0HIB86HBtIHDQkRJwEmDNoHBggFCbjgBwDqBwIIAPAHv4MNiggCEACVCAAAgD-YCAHACB_SCA4IgYKEiJCgwIABEAAYAA..&s=d862f9d00e280958164e2f8454ea0c4dfd6d2315

Requested by

Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/refundhelen38

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:31 GMT
an-x-request-uuid: f98afe99-80f5-4c9a-ae12-6234d97e36e3
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 176.10.107.230; 176.10.107.230; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame C87B 52 KB
17 KB 73ms
19ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=806&pub_id=1091809
Requested by: Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/refundhelen38
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://minecraftcommand.science/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 79647
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 04 Jan 2024 03:34:31 GMT
ETag: W/"623de86a-cf34"
Expires: Sun, 17 Dec 2023 05:31:30 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 337, 215641
X-Served-By: cache-lga13626-LGA, cache-mxp6980-MXP
X-Timer: S1704339272.594489,VS0,VE0

GET
H2 200 rd_log Show response
fra1-ib.adnxs.com/ Frame 280E 0
647 B 29ms
25ms Script
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38&e=wqT_3QKBDvDQAQcAAAMA1gAFAQjGztisBhD_2Lfk9oKjshMYrsC-hbr_44N6KjYJuEcKoShzyD8ROGUGiQ8Ewz8ZAAAAwB6F_z8hHMPO2o5lxz8pMPXzpiIVzj8xAAAAANejwD8w1PncBTimBkCaCUgCUOOV-ucBWLmUVGAAaIUdeM6HBoABAYoBA1VTRJIBA1VTRJgBAaABAagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaHVmKCdhJywgNDY4NzQ1LCAwKTt1ZignaScsIDYwNTkzMzAVFCxnJywgMjE5NDcyODgVFQBzARUcODc0MTAxNTcVFixyJywgNDg2NDQzNzQJFvC2kgLBBCFGSEd4UWdpUWo1Y2JFT09WLXVjQkdBQWd1WlJVTUFBNEFFQUFTSm9KVU5UNTNBVllBR0NlQTJnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFhZ0JBYkFCQUxrQkVCSjBjcHFaeVRfQkFhYms0UkUtRmM0X3lRRUFBQUFBQUFEd1A5a0JRWnF4YURvNzZ6X2dBY0xxOFFMMUFjM016RDZZQWdDZ0FnRzFBZ0FBQUFDOUFnATnwgURBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0STRlaWZMUkFCR0FJdHpjek1QcUlERGdqaDZKOHRFQXNZQWkzTnpNdy11Z01KUmxKQk1UbzJOVGcyNEFPdlJZQUV2LVdUQ29nRTRQMjNDNUFFQVpnRUFjRUUBhgkBCERKQgkJBQEYMkFRQThRUQUMBQFESWdGdWpPWUJlMlBob2tCcVFVBRccQUFEd1A3RUYNDQEQBEJCATccS0NabWRrX3kuKAAAOTIoAABaBSgBAbhQQV80QVhPdHdId0Jaakh1d3I0QlluT0hJSUdBME5JUm9nR0JKQUdBWmdHQUtFRwEzAQEsOEQtb0JnU3lCaVFKARANAQBSDQgBAQBaAQUNAQBoDQgkQUFBQzRCZ3FCQwELAag0Y2tfmgKZASFLeFRya1E6RQIoTG1VVkNBQUtBQXgBMAEBiDhEODZDVVpTUVRFNk5qVTROa0N2UlVsQm1yRm9PanZyUDFFAScJAQRGawkIAQEER0UBBgkBAEcdGABIHRgMSGdBaS5ZAvBldy4u2AIf4ALukAHqAjZodHRwczovL21pbmVjcmFmdGNvbW1hbmQuc2NpZW5jZS9wcm9maWxlL3JlZnVuZGhlbGVuMzjyAhAKBkFEVl9JRBIGNDY4NzQ18gISCgZDUEdfSUQSCDIxaXwY8gISCgVDUAEUAAl1ezzyAg0KCEFEVl9GUkVREgEwBRAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPAVkRDxALCgdDUBUOEBAKBUlPAWEgBzYwNTkzMzDyASEESU8VITgTCg9DVVNUT01fTU9ERUwBKxQA8gIaChYyFgAcTEVBRl9OQU0FcQgeCho2HQAIQVNUAT4QSUZJRUQBPhwVCghTUExJVAFNGdnwsIADAIgDAZADAJgDF6ADAaoDAMAD4KgByAMA2APS-33gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMTc2LjEwLjEwNy4yMzCoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADSBA4xMTc4I0ZSQTE6NjU4NtoEAggB4AQB8ATjlfrnAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAUMaAAA2AUB4AUB6gUQCgtpcy12aWV3YWJsZRIBMQETBAxNURosMS45EgDqBQwKB2luBSYFIjAPCgpsb29wLWluZGV4BRK4BwoCaHASATDqBQ0KCGluLWZvY3VzEgEx8AXtuQ36BQQIABAAkAYBmAYAuAYAwQYJhSjwP9AG4APaBhYKEAkRGQF0EAAYAOAGDPIGAggAgAcBiAcAoAdByAfOhwbSBw0JESgBJgjaBwYBXaAYAOAHAOoHAggA8Ae_gw2KCAIQAJUIAACAP5gIAcAIH9IIBggAEAAYAA..&s=105b9e092c633f2a8877d0395de2c4a8d622422e&bdref=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38,https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38&

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:31 GMT
an-x-request-uuid: 928da2e0-4652-4d40-abee-f3bf3e9f7442
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 176.10.107.230; 176.10.107.230; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
fra1-ib.adnxs.com/ Frame 280E 0
668 B 24ms
23ms Ping
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38&e=wqT_3QKSC_DQkgUAAAMA1gAFAQjGztisBhD_2Lfk9oKjshMYrsC-hbr_44N6KjYJuEcKoShzyD8ROGUGiQ8Ewz8ZAAAAwB6F_z8hHMPO2o5lxz8pMPXzpiIVzj8xAAAAANejwD8w1PncBTimBkCaCUgCUOOV-ucBWLmUVGAAaIUdeM6HBoABAYoBA1VTRJIBA1VTRJgBAaABAagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaHVmKCdhJywgNDY4NzQ1LCAwKTt1ZignaScsIDYwNTkzMzAVFCxnJywgMjE5NDcyODgVFQBzARUcODc0MTAxNTcVFixyJywgNDg2NDQzNzQJFvC2kgLBBCFGSEd4UWdpUWo1Y2JFT09WLXVjQkdBQWd1WlJVTUFBNEFFQUFTSm9KVU5UNTNBVllBR0NlQTJnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFhZ0JBYkFCQUxrQkVCSjBjcHFaeVRfQkFhYms0UkUtRmM0X3lRRUFBQUFBQUFEd1A5a0JRWnF4YURvNzZ6X2dBY0xxOFFMMUFjM016RDZZQWdDZ0FnRzFBZ0FBQUFDOUFnATnwgURBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0STRlaWZMUkFCR0FJdHpjek1QcUlERGdqaDZKOHRFQXNZQWkzTnpNdy11Z01KUmxKQk1UbzJOVGcyNEFPdlJZQUV2LVdUQ29nRTRQMjNDNUFFQVpnRUFjRUUBhgkBCERKQgkJBQEYMkFRQThRUQUMBQFESWdGdWpPWUJlMlBob2tCcVFVBRccQUFEd1A3RUYNDQEQBEJCATccS0NabWRrX3kuKAAAOTIoAABaBSgBAbhQQV80QVhPdHdId0Jaakh1d3I0QlluT0hJSUdBME5JUm9nR0JKQUdBWmdHQUtFRwEzAQEsOEQtb0JnU3lCaVFKARANAQBSDQgBAQBaAQUNAQBoDQgkQUFBQzRCZ3FCQwELAag0Y2tfmgKZASFLeFRya1E6RQIoTG1VVkNBQUtBQXgBMAEBiDhEODZDVVpTUVRFNk5qVTROa0N2UlVsQm1yRm9PanZyUDFFAScJAQRGawkIAQEER0UBBgkBAEcdGABIHRgMSGdBaS5ZAvQqAXcuLtgCH-AC7pAB6gI2aHR0cHM6Ly9taW5lY3JhZnRjb21tYW5kLnNjaWVuY2UvcHJvZmlsZS9yZWZ1bmRoZWxlbjM4gAMAiAMBkAMAmAMXoAMBqgMAwAPgqAHIAwDYA9L7feADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4xNzYuMTAuMTA3LjIzMKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDjExNzgjRlJBMTo2NTg22gQCCAHgBAHwBOOV-ucBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF7bkN-gUECAAQAJAGAZgGALgGAMEGAAAAAAAA8D_QBuAD2gYWChAACTUVAXQQABgA4AYM8gYCCACABwGIBwCgB0HIB86HBtIHDQkRJwEmDNoHBggFCbjgBwDqBwIIAPAHv4MNiggCEACVCAAAgD-YCAHACB_SCA4IgYKEiJCgwIABEAAYAA..&s=d862f9d00e280958164e2f8454ea0c4dfd6d2315&type=nv&nvt=5&jm=1003&px=437&py=55&bw=728&bh=60&sid=1401602541656917557&vd=ct~0|rr~0&sv=240&tv=native1-18hs&ua=chrome52&pl=win&x=v&tag_id=12008660&cid=3&cr=nv&sw=1600&sh=1200&pw=1600&ph=3018&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:31 GMT
an-x-request-uuid: 110c4ca2-f1ab-4378-9999-d8cc5f3a0034
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 176.10.107.230; 176.10.107.230; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

cs
cs.yellowblue.io/ Frame 83FF
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
https://cs.yellowblue.io/cs?aid=11601&id=758fd75aaec4afea83f652ad358df5a&gdpr_consent=&gdpr=0

0
330 B

136ms
39ms

Image
application/javascript

52.211.238.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.yellowblue.io/cs?aid=11601&id=758fd75aaec4afea83f652ad358df5a&gdpr_consent=&gdpr=0
Requested by: Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol: H2
Server: 52.211.238.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-238-11.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-server-s2s.yellowblue.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 03:34:31 GMT
server: istio-envoy
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0

Redirect headers

Pragma: no-cache
Date: Thu, 04 Jan 2024 03:34:31 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cs.yellowblue.io/cs?aid=11601&id=758fd75aaec4afea83f652ad358df5a&gdpr_consent=&gdpr=0
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1704339271504055-402

GET
H2

200

cs
cs-server-s2s.yellowblue.io/ Frame 83FF
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzgwNzVEMDktRTAwMC00QTc4LThCRDMtNjc3RjQxN0JBNDNC&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECqI_WoFVOk5XCnIOQDm5IE&google_cver=1
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=38075D09-E000-4A78-8BD3-677F417BA43B

0
329 B

113ms
113ms

Image
application/javascript

52.205.210.55
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=38075D09-E000-4A78-8BD3-677F417BA43B
Requested by: Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol: H2
Server: 52.205.210.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-210-55.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-server-s2s.yellowblue.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 03:34:32 GMT
server: istio-envoy
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0

Redirect headers

location: https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=38075D09-E000-4A78-8BD3-677F417BA43B
date: Thu, 04 Jan 2024 03:34:31 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 115
content-type: text/html; charset=utf-8

GET
H2 204 v1
match.sharethrough.com/universal/ Frame 83FF 0
34 B 22ms
21ms Image
text/plain 3.67.60.172
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
Requested by: Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.60.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-60-172.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-server-s2s.yellowblue.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 03:34:31 GMT

GET
H/1.1 200
OK ecm3
aax-eu.amazon-adsystem.com/s/ Frame 83FF 43 B
479 B 45ms
44ms Image
image/gif 52.95.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rise.com&id=l6Y6oxgzCp_s

Requested by

Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-server-s2s.yellowblue.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Jan 2024 03:34:31 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: PGRCTHCT4ZK882HS7C69
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame C87B 0
597 B 23ms
23ms Script
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=806&pub_id=1091809&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=806&pub_id=1091809

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:31 GMT
an-x-request-uuid: 86b9678e-83b4-49cb-97a9-857933570543
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 176.10.107.230; 176.10.107.230; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame CE58
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/7woTEBEjuPa03XoCvc0l2g?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Y_J1_wlE2oJc2eKccXLGeTVQlomgSR8rQOqDlA--~A

42 B
884 B

24ms
24ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Y_J1_wlE2oJc2eKccXLGeTVQlomgSR8rQOqDlA--~A
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: aca6c52e983509e86b136a052e19be23
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Thu, 04 Jan 2024 03:34:31 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Y_J1_wlE2oJc2eKccXLGeTVQlomgSR8rQOqDlA--~A
content-length: 0

GET
H2

200

setuid
px.ads.linkedin.com/ Frame CE58
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQYNLHL6-5-LBNA

0
885 B

260ms
218ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQYNLHL6-5-LBNA
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 03:34:30 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 44607C2E4CD14028A2E93B5282916909 Ref B: ZRHEDGE0906 Ref C: 2024-01-04T03:34:31Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-source-fabric: prod-ltx1
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYOFmjfNe1ri1/lYV0AzQ==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQYNLHL6-5-LBNA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame CE58 70 B
148 B 42ms
42ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 03:34:31 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CE58
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFFZTkxITDYtNS1MQk5B
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEQZnNIIvxPoMPo-DHOQ9xE&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFZTkxITDYtNS1MQk5B&google_push=

170 B
188 B

34ms
33ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFZTkxITDYtNS1MQk5B&google_push=

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFZTkxITDYtNS1MQk5B&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame CE58
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=NA3xqc5zQEW7uAF40FMBDQ&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=NA3xqc5zQEW7uAF40FMBDQ

43 B
479 B

140ms
121ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=NA3xqc5zQEW7uAF40FMBDQ

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Jan 2024 03:34:31 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: SVKW6J55E5AHWEZ8AED1
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=NA3xqc5zQEW7uAF40FMBDQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame CE58
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=MLT26_NISeisEKy79wEm8g&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=MLT26_NISeisEKy79wEm8g

43 B
479 B

45ms
44ms

Image
image/gif

52.95.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=MLT26_NISeisEKy79wEm8g

Requested by

Protocol

HTTP/1.1

Server

52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Jan 2024 03:34:31 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: NGYKNRNEAT4MAZ3NCMMR
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=MLT26_NISeisEKy79wEm8g
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 579d6dd278f76ae39d067788043e4297
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CE58
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGJmYzM3MjhjNmJlNTY5ZjkxNGEyM2QzNTg2NzgxMjBmMjAwYTRjMg

170 B
188 B

31ms
31ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGJmYzM3MjhjNmJlNTY5ZjkxNGEyM2QzNTg2NzgxMjBmMjAwYTRjMg

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGJmYzM3MjhjNmJlNTY5ZjkxNGEyM2QzNTg2NzgxMjBmMjAwYTRjMg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: aca6c52e983509e86b136a052e19be23
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame CE58
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECjCOnrL_cwwKSDV3jmNH8c&google_cver=1

42 B
884 B

27ms
26ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECjCOnrL_cwwKSDV3jmNH8c&google_cver=1
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 579d6dd278f76ae39d067788043e4297
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECjCOnrL_cwwKSDV3jmNH8c&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame CE58
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
https://s.amazon-adsystem.com/ecm3?id=LQYNLHL6-5-LBNA&ex=d-rubiconproject.com&status=ok

43 B
479 B

264ms
119ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=LQYNLHL6-5-LBNA&ex=d-rubiconproject.com&status=ok

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Jan 2024 03:34:31 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: JFPHASK27HBW480NSANB
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?id=LQYNLHL6-5-LBNA&ex=d-rubiconproject.com&status=ok
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 579d6dd278f76ae39d067788043e4297
Expires: 0

GET
H/1.1 200
OK rp
match.prod.bidr.io/cookie-sync/ Frame CE58 43 B
433 B 170ms
40ms Image
image/gif 52.208.118.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.118.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-208-118-80.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 04 Jan 2024 03:34:31 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
content-type: image/gif
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cksync
hb.yahoo.net/ Frame CE58
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQYNLHL6-5-LBNA&redir=true
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQYNLHL6-5-LBNA&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LQYNLHL6-5-LBNA&redir=true
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1qdGhKMG5SRTJ1R3NWNUEzRjRhSFU1U2doZlpBWEwuRX5B&ovsid=LQYNLHL6-5-LBNA&dpid=58160

56 B
319 B

127ms
45ms

Image
image/gif

104.124.11.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync?cs=63&axid_e=eS1qdGhKMG5SRTJ1R3NWNUEzRjRhSFU1U2doZlpBWEwuRX5B&ovsid=LQYNLHL6-5-LBNA&dpid=58160

Requested by

Protocol

Server

104.124.11.16 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-124-11-16.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ad22af17099959c6c05cc8f11cfac5e225e81216a65e70f296bfca34b60e9789

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Thu, 04 Jan 2024 03:34:31 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 56
x-mnet-hl2: E
expires: Thu, 04 Jan 2024 03:34:31 GMT

Redirect headers

location: https://hb.yahoo.net/cksync?cs=63&axid_e=eS1qdGhKMG5SRTJ1R3NWNUEzRjRhSFU1U2doZlpBWEwuRX5B&ovsid=LQYNLHL6-5-LBNA&dpid=58160
date: Thu, 04 Jan 2024 03:34:31 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame CE58
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
https://ce.lijit.com/merge?pid=80&3pid=LQYNLHL6-5-LBNA

0
311 B

94ms
32ms

Image
text/plain

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=80&3pid=LQYNLHL6-5-LBNA
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: HTTP/1.1
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires: Fri, 20 Mar 2009 00:00:00 GMT
Pragma: no-cache
Date: Thu, 04 Jan 2024 03:34:31 GMT
X-MERGE: GDPR Optout true
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
P3P: CP="CUR ADM OUR NOR STA NID"

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ce.lijit.com/merge?pid=80&3pid=LQYNLHL6-5-LBNA
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 579d6dd278f76ae39d067788043e4297
Expires: 0

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame CE58
Redirect Chain

https://token.rubiconproject.com/token?pid=37556&a=1
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQYNLHL6-5-LBNA
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LQYNLHL6-5-LBNA

95 B
428 B

32ms
32ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LQYNLHL6-5-LBNA

Requested by

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 03:34:31 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Thu, 04 Jan 2024 03:34:31 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LQYNLHL6-5-LBNA
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

setuid
ib.adnxs.com/prebid/ Frame CE58
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQYNLHL6-5-LBNA

43 B
1 KB

23ms
23ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQYNLHL6-5-LBNA

Requested by

Protocol

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:31 GMT
an-x-request-uuid: be6d9d24-285d-4d0d-9a4e-d5a2f2dbe046
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 176.10.107.230; 176.10.107.230; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQYNLHL6-5-LBNA
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: aca6c52e983509e86b136a052e19be23
Expires: 0

GET
H2

200

pixel
capi.connatix.com/us/ Frame CE58
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=19564
https://capi.connatix.com/us/pixel?puid=LQYNLHL6-5-LBNA&pId=11&gdpr=&gdpr_consent=&us_privacy=
https://capi.connatix.com/us/pixel?puid=LQYNLHL6-5-LBNA&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true

82 B
82 B

55ms
54ms

Image
image/gif

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/us/pixel?puid=LQYNLHL6-5-LBNA&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 03:34:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
surrogate-control: no-cache, no-store, must-revalidate, max-age=0
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 84006d21beb824c2-ZRH
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 04 Jan 2024 03:34:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
location: https://capi.connatix.com/us/pixel?puid=LQYNLHL6-5-LBNA&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 84006d214e4b24c2-ZRH
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame CE58
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=17d26e15-4caa-432c-b300-ca919adfdb78&expires=30

42 B
884 B

27ms
27ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=17d26e15-4caa-432c-b300-ca919adfdb78&expires=30
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 579d6dd278f76ae39d067788043e4297
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=17d26e15-4caa-432c-b300-ca919adfdb78&expires=30
Date: Thu, 04 Jan 2024 03:34:32 GMT
Connection: keep-alive
X-CI-RTID: ff44bf30-3ba3-4d9d-a3a9-58a0f8104f40
Content-Length: 144
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK a4f48727-485d-4363-8605-740ff3c0710e Show response
dcdn.adnxs.com/renderer-content/ Frame 4508 11 KB
3 KB 27ms
26ms Script
text/javascript 2.19.104.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dcdn.adnxs.com/renderer-content/a4f48727-485d-4363-8605-740ff3c0710e
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.104.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-104-211.deploy.static.akamaitechnologies.com
Software: nginx/1.21.3 /
Resource Hash: 75ad2dd279270a84f188b9327a5a4f63eede7e4c38821012751f4986b7e9234d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 03:34:31 GMT
Content-Encoding: gzip
x-b3-traceid: fc5f39941dca1213
an-served-by: hbapi-proxy-production-bfc9874b9-ff2w8
Connection: keep-alive
Content-Length: 3026
Server: nginx/1.21.3
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
Cache-Control: max-age=62407
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
Expires: Thu, 04 Jan 2024 20:54:38 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/240/ Frame 4508 80 KB
27 KB 35ms
35ms Script
application/x-javascript 2.19.104.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/240/trk.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.104.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-104-211.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 03:34:31 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 14:06:46 GMT
Server: AkamaiNetStorage
ETag: "ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27680
Expires: Fri, 03 Jan 2025 03:34:31 GMT

GET
H/1.1 200
OK a4f48727-485d-4363-8605-740ff3c0710e Show response
dcdn.adnxs.com/renderer-content/ Frame 78FE 11 KB
3 KB 48ms
29ms Script
text/javascript 2.19.104.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dcdn.adnxs.com/renderer-content/a4f48727-485d-4363-8605-740ff3c0710e
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.104.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-104-211.deploy.static.akamaitechnologies.com
Software: nginx/1.21.3 /
Resource Hash: 75ad2dd279270a84f188b9327a5a4f63eede7e4c38821012751f4986b7e9234d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 03:34:31 GMT
Content-Encoding: gzip
x-b3-traceid: fc5f39941dca1213
an-served-by: hbapi-proxy-production-bfc9874b9-ff2w8
Connection: keep-alive
Content-Length: 3026
Server: nginx/1.21.3
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
Cache-Control: max-age=62407
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
Expires: Thu, 04 Jan 2024 20:54:38 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/240/ Frame 78FE 80 KB
27 KB 67ms
35ms Script
application/x-javascript 2.19.104.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/240/trk.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.104.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-104-211.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 03:34:31 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 14:06:46 GMT
Server: AkamaiNetStorage
ETag: "ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27680
Expires: Fri, 03 Jan 2025 03:34:31 GMT

GET
H/1.1 200
OK 00ab0017-eaa0-49b1-9182-9492e7def993 Show response
dcdn.adnxs.com/renderer-content/ Frame A760 11 KB
3 KB 75ms
34ms Script
text/javascript 2.19.104.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dcdn.adnxs.com/renderer-content/00ab0017-eaa0-49b1-9182-9492e7def993
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.104.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-104-211.deploy.static.akamaitechnologies.com
Software: nginx/1.21.3 /
Resource Hash: 68df248136accc1c2fcb2f530149bfdf33ef08102ed325c94a2676bac6dec36a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 03:34:31 GMT
Content-Encoding: gzip
x-b3-traceid: fe6c2acfcf3443f7
an-served-by: hbapi-proxy-production-bfc9874b9-ff2w8
Connection: keep-alive
Content-Length: 3040
Server: nginx/1.21.3
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
Cache-Control: max-age=32732
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
Expires: Thu, 04 Jan 2024 12:40:03 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/240/ Frame A760 80 KB
27 KB 73ms
32ms Script
application/x-javascript 2.19.104.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/240/trk.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.104.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-104-211.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 03:34:31 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 14:06:46 GMT
Server: AkamaiNetStorage
ETag: "ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27680
Expires: Fri, 03 Jan 2025 03:34:31 GMT

POST
H2 200 track_enc Show response
track.venatusmedia.com/dual/ Frame 6205 16 B
169 B 40ms
40ms XHR
application/json 34.255.103.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.venatusmedia.com/dual/track_enc
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.103.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-103-93.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://minecraftcommand.science
date: Thu, 04 Jan 2024 03:34:31 GMT
access-control-allow-credentials: true
content-length: 16
vary: Origin
content-type: application/json

GET
H/1.1 200
OK 300
dcdn.adnxs.com/shftr/https%253A%252F%252Fcrcdn01.adnxs-simple.com%252Fcreative20%252Fp%252F1178%252F2023%252F12%252F20%252F53100001%252F5aa9b82a-6ba0-4cee-9ec7-64df3d98ff80.jpg/0/300/ Frame 4508 6 KB
5 KB 59ms
29ms Image
image/jpeg 2.19.104.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcdn.adnxs.com/shftr/https%253A%252F%252Fcrcdn01.adnxs-simple.com%252Fcreative20%252Fp%252F1178%252F2023%252F12%252F20%252F53100001%252F5aa9b82a-6ba0-4cee-9ec7-64df3d98ff80.jpg/0/300/300
Requested by: Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/refundhelen38
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.104.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-104-211.deploy.static.akamaitechnologies.com
Software: nginx/1.21.3 /
Resource Hash: ff27aaf0251f1297775f311ea19bfc6ce02a722f428b37315b6b57bea2448f6f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 03:34:31 GMT
Content-Encoding: gzip
Server: nginx/1.21.3
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
Cache-Control: max-age=10799
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 4662
Expires: Thu, 04 Jan 2024 06:34:30 GMT

GET
H2 200 get
choices.trustarc.com/ Frame 4508 739 B
1 KB 30ms
30ms Image
image/png 18.239.50.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-full-tl.png
Requested by: Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/refundhelen38
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-19.ams58.r.cloudfront.net
Software: nginx /
Resource Hash: 3e736be7e34c844a2d363f75a932ad7f305fc65507c697f698fc4f080f47730b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Mon, 11 Dec 2023 01:11:02 GMT
via: 1.1 0f5a5feace742eb20ef71e34731fb1fa.cloudfront.net (CloudFront)
last-modified: Thu, 26 Oct 2023 03:20:37 GMT
server: nginx
x-amz-cf-pop: AMS58-P3
age: 2082209
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 739
x-amz-cf-id: P6AU5D2MccdaVCJFiE1aOPiT5aqrN6NM81lx5oDPFxyAdJzZhXWpfQ==
expires: Wed, 10 Jan 2024 01:11:02 GMT

GET
H/1.1 200
OK 215ebbf0-3fe0-4127-b047-cb9e03b07e81.jpg
crcdn01.adnxs-simple.com/creative20/p/1178/2023/12/20/53099958/ Frame 4508 200 KB
201 KB 18ms
18ms Image
image/jpeg 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crcdn01.adnxs-simple.com/creative20/p/1178/2023/12/20/53099958/215ebbf0-3fe0-4127-b047-cb9e03b07e81.jpg
Requested by: Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/refundhelen38
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.21.3 /
Resource Hash: 4d180417c61a57d9e3888d6561b67c80f470c90019e9641552035e865f843fe1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires: Sat, 03 Feb 2024 17:51:59 GMT
x-ms-blob-type: BlockBlob
Date: Thu, 04 Jan 2024 03:34:31 GMT
Via: 1.1 varnish, 1.1 varnish
Content-MD5: 3CcVqFNY4gRR98DHJtIwXA==
Age: 1244551
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 204670
X-Served-By: cache-lga21971-LGA, cache-mxp6934-MXP
x-ms-lease-status: unlocked
Last-Modified: Wed, 20 Dec 2023 17:15:07 GMT
Server: nginx/1.21.3
X-Timer: S1704339272.789207,VS0,VE0
ETag: 0x8DC017F37308F76
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
x-ms-request-id: 1c0b979c-901e-0044-716d-339fc5000000
Cache-Control: max-age=3888000
x-ms-version: 2009-09-19
Accept-Ranges: bytes
X-Cache-Hits: 260, 2

GET
H2 200 it
fra1-ib.adnxs.com/ Frame 4508 0
647 B 24ms
23ms Image
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38&e=wqT_3QKTC_DQkwUAAAMA1gAFAQjGztisBhCH6vrC-LOiwG8YrsC-hbr_44N6KjYJZaP0wVlQyT8R0v6fuhewwz8ZAAAAwB6FAUAhHMPO2o5lxz8pMPXzpiIVzj8xAAAAQOF6xD8wu--ABjimBkCaCUgCUOOV-ucBWLmUVGAAaIUdeMuHBoABAYoBA1VTRJIBA1VTRJgBAaABAagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaHVmKCdhJywgNDY4NzQ1LCAwKTt1ZignaScsIDYwNTkzMzAVFCxnJywgMjE5NDcyODgVFQBzARUcODc0MTAxNTcVFixyJywgNDg2NDQzNzQJFvC2kgLBBCFuWEJOZ2dpUWo1Y2JFT09WLXVjQkdBQWd1WlJVTUFBNEFFQUFTSm9KVUx2dmdBWllBR0NlQTJnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFhZ0JBYkFCQUxrQkVCSjBjcHFaeVRfQkFhYms0UkUtRmM0X3lRRUFBQUFBQUFEd1A5a0JRWnF4YURvNzZ6X2dBY0xxOFFMMUFjM016RDZZQWdDZ0FnRzFBZ0FBQUFDOUFnATnwgURBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0STRlaWZMUkFCR0FJdHpjek1QcUlERGdqaDZKOHRFQXNZQWkzTnpNdy11Z01KUmxKQk1UbzJOVGswNEFPdlJZQUV2LVdUQ29nRTRQMjNDNUFFQVpnRUFjRUUBhgkBCERKQgkJBQEYMkFRQThRUQUMBQFESWdGd2pPWUJlMlBob2tCcVFVBRccQUFEd1A3RUYNDQEQBEJCATccS0NabWRrX3kuKAAAOTIoAABaBSgBAbhQQV80QVhPdHdId0Jaakh1d3I0QlluT0hJSUdBME5JUm9nR0JKQUdBWmdHQUtFRwEzAQEsOEQtb0JnU3lCaVFKARANAQBSDQgBAQBaAQUNAQBoDQgkQUFBQzRCZ3FCQwELAag0Y2tfmgKZASFLaFNta1E6RQIoTG1VVkNBQUtBQXgBMAEBiDhEODZDVVpTUVRFNk5qVTVORUN2UlVsQm1yRm9PanZyUDFFAScJAQRGawkIAQEER0UBBgkBAEcdGABIHRgMSGdBaS5ZAvQqAXcuLtgCH-AC7pAB6gI2aHR0cHM6Ly9taW5lY3JhZnRjb21tYW5kLnNjaWVuY2UvcHJvZmlsZS9yZWZ1bmRoZWxlbjM4gAMAiAMBkAMAmAMXoAMBqgMAwAPgqAHIAwDYA9L7feADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4xNzYuMTAuMTA3LjIzMKgEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADSBA4xMTc4I0ZSQTE6NjU5NNoEAggB4AQB8ATjlfrnAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBe25DfoFBAgAEACQBgGYBgC4BgDBBgAAAAAAAPA_0AbgA9oGFgoQDTUVAXQQABgA4AYM8gYCCACABwGIBwCgB0HIB8uHBtIHDQkRJwEmDNoHBggFCbjgBwDqBwIIAPAHv4MNiggCEACVCAAAgD-YCAHACB_SCA4IgYKEiJCgwIABEAAYAA..&s=1b02c5a2122f7bc1e5f89b931c99ea3abc8d942e

Requested by

Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/refundhelen38

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:31 GMT
an-x-request-uuid: 082a2739-3c91-4698-a33d-7e6b2e6dd046
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 176.10.107.230; 176.10.107.230; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame EAAF 52 KB
17 KB 19ms
19ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=806&pub_id=1091809
Requested by: Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/refundhelen38
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://minecraftcommand.science/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 79647
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 04 Jan 2024 03:34:31 GMT
ETag: W/"623de86a-cf34"
Expires: Sun, 17 Dec 2023 05:31:30 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 337, 215642
X-Served-By: cache-lga13626-LGA, cache-mxp6980-MXP
X-Timer: S1704339272.791702,VS0,VE0

GET
H2 200 rd_log Show response
fra1-ib.adnxs.com/ Frame 4508 0
647 B 25ms
25ms Script
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38&e=wqT_3QKCDvDQAgcAAAMA1gAFAQjGztisBhCH6vrC-LOiwG8YrsC-hbr_44N6KjYJZaP0wVlQyT8R0v6fuhewwz8ZAAAAwB6FAUAhHMPO2o5lxz8pMPXzpiIVzj8xAAAAQOF6xD8wu--ABjimBkCaCUgCUOOV-ucBWLmUVGAAaIUdeMuHBoABAYoBA1VTRJIBA1VTRJgBAaABAagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaHVmKCdhJywgNDY4NzQ1LCAwKTt1ZignaScsIDYwNTkzMzAVFCxnJywgMjE5NDcyODgVFQBzARUcODc0MTAxNTcVFixyJywgNDg2NDQzNzQJFvC2kgLBBCFuWEJOZ2dpUWo1Y2JFT09WLXVjQkdBQWd1WlJVTUFBNEFFQUFTSm9KVUx2dmdBWllBR0NlQTJnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFhZ0JBYkFCQUxrQkVCSjBjcHFaeVRfQkFhYms0UkUtRmM0X3lRRUFBQUFBQUFEd1A5a0JRWnF4YURvNzZ6X2dBY0xxOFFMMUFjM016RDZZQWdDZ0FnRzFBZ0FBQUFDOUFnATnwgURBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0STRlaWZMUkFCR0FJdHpjek1QcUlERGdqaDZKOHRFQXNZQWkzTnpNdy11Z01KUmxKQk1UbzJOVGswNEFPdlJZQUV2LVdUQ29nRTRQMjNDNUFFQVpnRUFjRUUBhgkBCERKQgkJBQEYMkFRQThRUQUMBQFESWdGd2pPWUJlMlBob2tCcVFVBRccQUFEd1A3RUYNDQEQBEJCATccS0NabWRrX3kuKAAAOTIoAABaBSgBAbhQQV80QVhPdHdId0Jaakh1d3I0QlluT0hJSUdBME5JUm9nR0JKQUdBWmdHQUtFRwEzAQEsOEQtb0JnU3lCaVFKARANAQBSDQgBAQBaAQUNAQBoDQgkQUFBQzRCZ3FCQwELAag0Y2tfmgKZASFLaFNta1E6RQIoTG1VVkNBQUtBQXgBMAEBiDhEODZDVVpTUVRFNk5qVTVORUN2UlVsQm1yRm9PanZyUDFFAScJAQRGawkIAQEER0UBBgkBAEcdGABIHRgMSGdBaS5ZAvBldy4u2AIf4ALukAHqAjZodHRwczovL21pbmVjcmFmdGNvbW1hbmQuc2NpZW5jZS9wcm9maWxlL3JlZnVuZGhlbGVuMzjyAhAKBkFEVl9JRBIGNDY4NzQ18gISCgZDUEdfSUQSCDIxaXwY8gISCgVDUAEUAAl1ezzyAg0KCEFEVl9GUkVREgEwBRAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPAVkRDxALCgdDUBUOEBAKBUlPAWEgBzYwNTkzMzDyASEESU8VITgTCg9DVVNUT01fTU9ERUwBKxQA8gIaChYyFgAcTEVBRl9OQU0FcQgeCho2HQAIQVNUAT4QSUZJRUQBPhwVCghTUExJVAFNGdnwmoADAIgDAZADAJgDF6ADAaoDAMAD4KgByAMA2APS-33gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMTc2LjEwLjEwNy4yMzCoBACyBBAIABABGKABINgEKAAwADgCuAQAwAQAyAQA0gQOMTE3OCNGUkExOjY1OTTaBAIIAeAEAfAE45X65wGIBQGYBQCgBf______AQUYAcAFAMkFAAUBFPA_0gUJCQULmAAAANgFAeAFAeoFDAoHaW4tdmlldxIBMeoFDwoKbG9vcC1pbmRleAUSEBAKC2lzBSEMYWJsZQ0TBAxNUTxEMS45EgDqBQ0KCGluLWZvY3VzBSN4BwoCaHASATDwBe25DfoFBAgAEACQBgGYBgC4BgDBBgGCMAAA8D_QBuAD2gYWChAJERkBcBAAGADgBgzyBgIIAIAHAYgHAKAHQcgHy4cG0gcNFcUBJgjaBwYBXaAYAOAHAOoHAggA8Ae_gw2KCAIQAJUIAACAP5gIAcAIH9IIBggAEAAYAA..&s=257ffbdeabd2b9021df8728d8e8414ea109aca25&bdref=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38,https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38&

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:31 GMT
an-x-request-uuid: 9f5b31b0-ee9c-43a8-bc8b-ead44cb73ad2
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 176.10.107.230; 176.10.107.230; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame EAAF 0
596 B 24ms
23ms Script
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=806&pub_id=1091809&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=806&pub_id=1091809

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:31 GMT
an-x-request-uuid: a5ffcf1b-00b5-4555-a8c4-f04e80f7dd26
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 176.10.107.230; 176.10.107.230; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK 300
dcdn.adnxs.com/shftr/https%253A%252F%252Fcrcdn01.adnxs-simple.com%252Fcreative20%252Fp%252F1178%252F2023%252F12%252F20%252F53100001%252F5aa9b82a-6ba0-4cee-9ec7-64df3d98ff80.jpg/0/300/ Frame 78FE 6 KB
5 KB 30ms
27ms Image
image/jpeg 2.19.104.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcdn.adnxs.com/shftr/https%253A%252F%252Fcrcdn01.adnxs-simple.com%252Fcreative20%252Fp%252F1178%252F2023%252F12%252F20%252F53100001%252F5aa9b82a-6ba0-4cee-9ec7-64df3d98ff80.jpg/0/300/300
Requested by: Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/refundhelen38
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.104.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-104-211.deploy.static.akamaitechnologies.com
Software: nginx/1.21.3 /
Resource Hash: ff27aaf0251f1297775f311ea19bfc6ce02a722f428b37315b6b57bea2448f6f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 03:34:31 GMT
Content-Encoding: gzip
Server: nginx/1.21.3
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
Cache-Control: max-age=10799
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 4662
Expires: Thu, 04 Jan 2024 06:34:30 GMT

GET
H2 200 get
choices.trustarc.com/ Frame 78FE 739 B
1 KB 31ms
30ms Image
image/png 18.239.50.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-full-tl.png
Requested by: Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/refundhelen38
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-19.ams58.r.cloudfront.net
Software: nginx /
Resource Hash: 3e736be7e34c844a2d363f75a932ad7f305fc65507c697f698fc4f080f47730b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Mon, 11 Dec 2023 01:11:02 GMT
via: 1.1 0f5a5feace742eb20ef71e34731fb1fa.cloudfront.net (CloudFront)
last-modified: Thu, 26 Oct 2023 03:20:37 GMT
server: nginx
x-amz-cf-pop: AMS58-P3
age: 2082209
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 739
x-amz-cf-id: vZr9X2Iyo6AuRKSSFlf1IW_Q7Udk4_ndmMNZwYRKfkT_obQl_7GzVg==
expires: Wed, 10 Jan 2024 01:11:02 GMT

GET
H/1.1 200
OK 215ebbf0-3fe0-4127-b047-cb9e03b07e81.jpg
crcdn01.adnxs-simple.com/creative20/p/1178/2023/12/20/53099958/ Frame 78FE 200 KB
201 KB 19ms
18ms Image
image/jpeg 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crcdn01.adnxs-simple.com/creative20/p/1178/2023/12/20/53099958/215ebbf0-3fe0-4127-b047-cb9e03b07e81.jpg
Requested by: Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/refundhelen38
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.21.3 /
Resource Hash: 4d180417c61a57d9e3888d6561b67c80f470c90019e9641552035e865f843fe1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires: Sat, 03 Feb 2024 17:51:59 GMT
x-ms-blob-type: BlockBlob
Date: Thu, 04 Jan 2024 03:34:31 GMT
Via: 1.1 varnish, 1.1 varnish
Content-MD5: 3CcVqFNY4gRR98DHJtIwXA==
Age: 1244551
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 204670
X-Served-By: cache-lga21971-LGA, cache-mxp6934-MXP
x-ms-lease-status: unlocked
Last-Modified: Wed, 20 Dec 2023 17:15:07 GMT
Server: nginx/1.21.3
X-Timer: S1704339272.826604,VS0,VE0
ETag: 0x8DC017F37308F76
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
x-ms-request-id: 1c0b979c-901e-0044-716d-339fc5000000
Cache-Control: max-age=3888000
x-ms-version: 2009-09-19
Accept-Ranges: bytes
X-Cache-Hits: 260, 3

GET
H2 200 it
fra1-ib.adnxs.com/ Frame 78FE 0
648 B 27ms
26ms Image
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38&e=wqT_3QKfFfDQnwoAAAMA1gAFAQjGztisBhDhi4_kuYOG53UYrsC-hbr_44N6KjYJZaP0wVlQyT8R0v6fuhewwz8ZAAAAwB6FAUAhHMPO2o5lxz8pMPXzpiIVzj8xAAAAQOF6xD8wu--ABjimBkCaCUgCUOOV-ucBWLmUVGAAaIUdeMuHBoABAYoBA1VTRJIBA1VTRJgBAaABAagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaHVmKCdhJywgNDY4NzQ1LCAwKTt1ZignaScsIDYwNTkzMzAVFCxnJywgMjE5NDcyODgVFQBzARUcODc0MTAxNTcVFixyJywgNDg2NDQzNzQJFvC2kgLNDiFESDlSOGdpUWo1Y2JFT09WLXVjQkdBQWd1WlJVTUFBNEFFQUFTSm9KVUx2dmdBWllBR0NlQTJnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFhZ0JBYkFCQUxrQkVCSjBjcHFaeVRfQkFhYms0UkUtRmM0X3lRRUFBQUFBQUFEd1A5a0JRWnF4YURvNzZ6X2dBY0xxOFFMMUFjM016RDZZQWdDZ0FnRzFBZ0FBQUFDOUFnATnwi0RBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0STRlaWZMUkFCR0FJdHpjek1QcUlERGdqaDZKOHRFQXNZQWkzTnpNdy11Z01KUmxKQk1UbzJOVGswNEFPdlJZQUV2LVdUQ29nRTRQMjNDNUFFQVpnRUFhb0V4QWNJX19fX19fCQUIQVJECQkFAQw4QkdQBQkJAQh3RWcJCQkBCEFTagkJBQEIOEJNNiwAADQFFw0BBEFVNlgAAFMyLAAERlENJwUBBEFWNlgAAFk2LAAAbwUlDQEEQVg2WAAUZUFHQUFmDR0BAQh3R0k6EAAAUToQAABZOhAAAGc6EAAAbzoQAAB3OhAAADQ2EAAASDqAAABIOoAAAEg6gAAASDqAAABIOoAAAEg6gAAASDqAAABIOoAADEdBQXYB-Q0BIQA2EAAcUUFxWUdtQUwNIQEBCDhCbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAEZ0EuJQIIOEJpOhAAAGs6EAAAbToQAABvOhAAAHE6EAAAczoQAAB1OhAAAHc6EAAAeToQAAAwOhAAADI6EAAANDoQAAA2OhAAADg6EAAALToQAAhnQVQhyQ0BIQA2EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBWA38AQEhADYQAABrOhAAAG06EAAId1FRoZEJAQhNa0UJCQEBGERZQkFEeEIBCw0BQGlBWENNNWdGN1ktR2lRR3BCETsUUEFfc1FVDSYUQUFBTUVGAQccb0ptWjJUX0ouKAAAMC4oAAROawUoAQG4OERfZ0JjNjNBZkFGbU1lN0N2Z0ZpYzRjZ2dZRFEwaEdpQVlFa0FZQm1BWUFvUVkBMwRBQcGAJDZnR0JMSUdKQWsBEQkBAEIdxwRCawkUAQEAQx0YGExnR0NvRUkBFwGoOHlUOC6aApkBIUtoU21rUTpRByhMbVVWQ0FBS0FBeAExAQGIOEQ4NkNVWlNRVEU2TmpVNU5FQ3ZSVWxCbXJGb09qdnJQMUUBJwkBAEYdhQBHHYUARx0YAEgdGAxIZ0FpLmUH9CoBdy4u2AIf4ALukAHqAjZodHRwczovL21pbmVjcmFmdGNvbW1hbmQuc2NpZW5jZS9wcm9maWxlL3JlZnVuZGhlbGVuMziAAwCIAwGQAwCYAxegAwGqAwDAA-CoAcgDANgD0vt94AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjE3Ni4xMC4xMDcuMjMwqAQAsgQQCAAQARigASDYBCgAMAA4ArgEAMAEAMgEANIEDjExNzgjRlJBMTo2NTk02gQCCAHgBAHwBOOV-ucBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF7bkN-gUECAAQAJAGAZgGALgGAMEGAAAAAAAA8D_QBuAD2gYWChANNRUBdBAAGADgBgzyBgIIAIAHAYgHAKAHQcgHy4cG0gcNCREnASYM2gcGCAUJuOAHAOoHAggA8Ae_gw2KCAIQAJUIAACAP5gIAcAIH9IIDgiBgoSIkKDAgAEQABgA&s=8c7b8e6613a0f3b6ca2cb97a41a4d627900b3541

Requested by

Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/refundhelen38

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:31 GMT
an-x-request-uuid: d4f984e4-6f71-45f2-92bb-f45576345a51
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 176.10.107.230; 176.10.107.230; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame A95D 52 KB
17 KB 20ms
19ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=806&pub_id=1091809
Requested by: Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/refundhelen38
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://minecraftcommand.science/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 79647
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 04 Jan 2024 03:34:31 GMT
ETag: W/"623de86a-cf34"
Expires: Sun, 17 Dec 2023 05:31:30 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 337, 215643
X-Served-By: cache-lga13626-LGA, cache-mxp6980-MXP
X-Timer: S1704339272.827911,VS0,VE0

GET
H2 200 rd_log Show response
fra1-ib.adnxs.com/ Frame 78FE 0
647 B 26ms
24ms Script
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:31 GMT
an-x-request-uuid: f6b85114-1f21-49a3-bcb6-ef09ce4fced8
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 176.10.107.230; 176.10.107.230; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
fra1-ib.adnxs.com/ Frame 4508 0
668 B 24ms
24ms Ping
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38&e=wqT_3QKTC_DQkwUAAAMA1gAFAQjGztisBhCH6vrC-LOiwG8YrsC-hbr_44N6KjYJZaP0wVlQyT8R0v6fuhewwz8ZAAAAwB6FAUAhHMPO2o5lxz8pMPXzpiIVzj8xAAAAQOF6xD8wu--ABjimBkCaCUgCUOOV-ucBWLmUVGAAaIUdeMuHBoABAYoBA1VTRJIBA1VTRJgBAaABAagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaHVmKCdhJywgNDY4NzQ1LCAwKTt1ZignaScsIDYwNTkzMzAVFCxnJywgMjE5NDcyODgVFQBzARUcODc0MTAxNTcVFixyJywgNDg2NDQzNzQJFvC2kgLBBCFuWEJOZ2dpUWo1Y2JFT09WLXVjQkdBQWd1WlJVTUFBNEFFQUFTSm9KVUx2dmdBWllBR0NlQTJnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFhZ0JBYkFCQUxrQkVCSjBjcHFaeVRfQkFhYms0UkUtRmM0X3lRRUFBQUFBQUFEd1A5a0JRWnF4YURvNzZ6X2dBY0xxOFFMMUFjM016RDZZQWdDZ0FnRzFBZ0FBQUFDOUFnATnwgURBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0STRlaWZMUkFCR0FJdHpjek1QcUlERGdqaDZKOHRFQXNZQWkzTnpNdy11Z01KUmxKQk1UbzJOVGswNEFPdlJZQUV2LVdUQ29nRTRQMjNDNUFFQVpnRUFjRUUBhgkBCERKQgkJBQEYMkFRQThRUQUMBQFESWdGd2pPWUJlMlBob2tCcVFVBRccQUFEd1A3RUYNDQEQBEJCATccS0NabWRrX3kuKAAAOTIoAABaBSgBAbhQQV80QVhPdHdId0Jaakh1d3I0QlluT0hJSUdBME5JUm9nR0JKQUdBWmdHQUtFRwEzAQEsOEQtb0JnU3lCaVFKARANAQBSDQgBAQBaAQUNAQBoDQgkQUFBQzRCZ3FCQwELAag0Y2tfmgKZASFLaFNta1E6RQIoTG1VVkNBQUtBQXgBMAEBiDhEODZDVVpTUVRFNk5qVTVORUN2UlVsQm1yRm9PanZyUDFFAScJAQRGawkIAQEER0UBBgkBAEcdGABIHRgMSGdBaS5ZAvQqAXcuLtgCH-AC7pAB6gI2aHR0cHM6Ly9taW5lY3JhZnRjb21tYW5kLnNjaWVuY2UvcHJvZmlsZS9yZWZ1bmRoZWxlbjM4gAMAiAMBkAMAmAMXoAMBqgMAwAPgqAHIAwDYA9L7feADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4xNzYuMTAuMTA3LjIzMKgEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADSBA4xMTc4I0ZSQTE6NjU5NNoEAggB4AQB8ATjlfrnAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBe25DfoFBAgAEACQBgGYBgC4BgDBBgAAAAAAAPA_0AbgA9oGFgoQDTUVAXQQABgA4AYM8gYCCACABwGIBwCgB0HIB8uHBtIHDQkRJwEmDNoHBggFCbjgBwDqBwIIAPAHv4MNiggCEACVCAAAgD-YCAHACB_SCA4IgYKEiJCgwIABEAAYAA..&s=1b02c5a2122f7bc1e5f89b931c99ea3abc8d942e&type=nv&nvt=5&jm=1003&px=35&py=60&bw=160&bh=245&sid=1401602541656917557&vd=ct~0|rr~0&sv=240&tv=native1-18hs&ua=chrome52&pl=win&x=v&tag_id=12597179&cid=3&cr=nv&sw=1600&sh=1200&pw=1600&ph=2974&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:31 GMT
an-x-request-uuid: 2a501700-4c9b-416f-bd4a-c645af24b428
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 176.10.107.230; 176.10.107.230; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame A95D 0
596 B 28ms
28ms Script
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=806&pub_id=1091809&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=806&pub_id=1091809

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:31 GMT
an-x-request-uuid: 9bf8a5dc-fa15-42b9-8409-48d3194908e8
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 176.10.107.230; 176.10.107.230; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK 300
dcdn.adnxs.com/shftr/https%253A%252F%252Fcrcdn01.adnxs-simple.com%252Fcreative20%252Fp%252F1178%252F2023%252F12%252F20%252F53100001%252F5aa9b82a-6ba0-4cee-9ec7-64df3d98ff80.jpg/0/300/ Frame A760 6 KB
5 KB 29ms
29ms Image
image/jpeg 2.19.104.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcdn.adnxs.com/shftr/https%253A%252F%252Fcrcdn01.adnxs-simple.com%252Fcreative20%252Fp%252F1178%252F2023%252F12%252F20%252F53100001%252F5aa9b82a-6ba0-4cee-9ec7-64df3d98ff80.jpg/0/300/300
Requested by: Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/refundhelen38
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.104.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-104-211.deploy.static.akamaitechnologies.com
Software: nginx/1.21.3 /
Resource Hash: ff27aaf0251f1297775f311ea19bfc6ce02a722f428b37315b6b57bea2448f6f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 03:34:31 GMT
Content-Encoding: gzip
Server: nginx/1.21.3
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
Cache-Control: max-age=10799
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 4662
Expires: Thu, 04 Jan 2024 06:34:30 GMT

GET
H2 200 get
choices.trustarc.com/ Frame A760 739 B
1 KB 30ms
30ms Image
image/png 18.239.50.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-full-tl.png
Requested by: Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/refundhelen38
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-19.ams58.r.cloudfront.net
Software: nginx /
Resource Hash: 3e736be7e34c844a2d363f75a932ad7f305fc65507c697f698fc4f080f47730b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Mon, 11 Dec 2023 01:11:02 GMT
via: 1.1 0f5a5feace742eb20ef71e34731fb1fa.cloudfront.net (CloudFront)
last-modified: Thu, 26 Oct 2023 03:20:37 GMT
server: nginx
x-amz-cf-pop: AMS58-P3
age: 2082209
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 739
x-amz-cf-id: BD4Oc1wZ2paUuYXDsGnkp0_ir9lzIcwWpJczi2v5iUPkz65CHF0NWA==
expires: Wed, 10 Jan 2024 01:11:02 GMT

GET
H/1.1 200
OK 215ebbf0-3fe0-4127-b047-cb9e03b07e81.jpg
crcdn01.adnxs-simple.com/creative20/p/1178/2023/12/20/53099958/ Frame A760 200 KB
201 KB 18ms
18ms Image
image/jpeg 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crcdn01.adnxs-simple.com/creative20/p/1178/2023/12/20/53099958/215ebbf0-3fe0-4127-b047-cb9e03b07e81.jpg
Requested by: Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/refundhelen38
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.21.3 /
Resource Hash: 4d180417c61a57d9e3888d6561b67c80f470c90019e9641552035e865f843fe1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires: Sat, 03 Feb 2024 17:51:59 GMT
x-ms-blob-type: BlockBlob
Date: Thu, 04 Jan 2024 03:34:31 GMT
Via: 1.1 varnish, 1.1 varnish
Content-MD5: 3CcVqFNY4gRR98DHJtIwXA==
Age: 1244551
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 204670
X-Served-By: cache-lga21971-LGA, cache-mxp6934-MXP
x-ms-lease-status: unlocked
Last-Modified: Wed, 20 Dec 2023 17:15:07 GMT
Server: nginx/1.21.3
X-Timer: S1704339272.860565,VS0,VE0
ETag: 0x8DC017F37308F76
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
x-ms-request-id: 1c0b979c-901e-0044-716d-339fc5000000
Cache-Control: max-age=3888000
x-ms-version: 2009-09-19
Accept-Ranges: bytes
X-Cache-Hits: 260, 4

GET
H2 200 it
fra1-ib.adnxs.com/ Frame A760 0
647 B 29ms
29ms Image
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38&e=wqT_3QKSC_DQkgUAAAMA1gAFAQjGztisBhCc5oejk8PDtWkYrsC-hbr_44N6KjYJM6ipaxsoxD8R-u7D7otavz8ZAAAAQDMz-z8hHMPO2o5lxz8pMPXzpiIVzj8xAAAAIIXrwT8wldb9CjimBkCaCUgCUOOV-ucBWLmUVGAAaIUdeMuHBoABAYoBA1VTRJIBA1VTRJgBAaABAagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaHVmKCdhJywgNDY4NzQ1LCAwKTt1ZignaScsIDYwNTkzMzAVFCxnJywgMjE5NDcyODgVFQBzARUcODc0MTAxNTcVFixyJywgNDg2NDQzNzQJFvC2kgLBBCEzM0RDNkFpUWo1Y2JFT09WLXVjQkdBQWd1WlJVTUFBNEFFQUFTSm9KVUpYV19RcFlBR0NlQTJnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFhZ0JBYkFCQUxrQkVCSjBjcHFaeVRfQkFhYms0UkUtRmM0X3lRRUFBQUFBQUFEd1A5a0JRWnF4YURvNzZ6X2dBY0xxOFFMMUFjM016RDZZQWdDZ0FnRzFBZ0FBQUFDOUFnATnwgURBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0STRlaWZMUkFCR0FJdHpjek1QcUlERGdqaDZKOHRFQXNZQWkzTnpNdy11Z01KUmxKQk1UbzJOVGswNEFPdlJZQUV2LVdUQ29nRTRQMjNDNUFFQVpnRUFjRUUBhgkBCERKQgkJBQEYMkFRQThRUQUMBQFESWdGd2pPWUJlMlBob2tCcVFVBRccQUFEd1A3RUYNDQEQBEJCATccS0NabWRrX3kuKAAAOTIoAABaBSgBAbhQQV80QVhPdHdId0Jaakh1d3I0QlluT0hJSUdBME5JUm9nR0JKQUdBWmdHQUtFRwEzAQEsOEQtb0JnU3lCaVFKARANAQBSDQgBAQBaAQUNAQBoDQgkQUFBQzRCZ3FCQwELAag0Y2tfmgKZASFLaFNta1E6RQIoTG1VVkNBQUtBQXgBMAEBiDhEODZDVVpTUVRFNk5qVTVORUN2UlVsQm1yRm9PanZyUDFFAScJAQRGawkIAQEER0UBBgkBAEcdGABIHRgMSGdBaS5ZAvQqAXcuLtgCH-AC7pAB6gI2aHR0cHM6Ly9taW5lY3JhZnRjb21tYW5kLnNjaWVuY2UvcHJvZmlsZS9yZWZ1bmRoZWxlbjM4gAMAiAMBkAMAmAMXoAMBqgMAwAPgqAHIAwDYA9L7feADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4xNzYuMTAuMTA3LjIzMKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDjExNzgjRlJBMTo2NTk02gQCCAHgBAHwBOOV-ucBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF7bkN-gUECAAQAJAGAZgGALgGAMEGAAAAAAAA8D_QBuAD2gYWChAACTUVAXQQABgA4AYM8gYCCACABwGIBwCgB0HIB8uHBtIHDQkRJwEmDNoHBggFCbjgBwDqBwIIAPAHv4MNiggCEACVCAAAgD-YCAHACB_SCA4IgYKEiJCgwIABEAAYAA..&s=4018095768c36f58e397466e4415c7d07075b59a

Requested by

Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/refundhelen38

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:31 GMT
an-x-request-uuid: 85a328a9-e52a-4c64-9c3c-25419561a170
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 176.10.107.230; 176.10.107.230; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 532F 52 KB
17 KB 19ms
19ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=806&pub_id=1091809
Requested by: Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/refundhelen38
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://minecraftcommand.science/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 79647
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 04 Jan 2024 03:34:31 GMT
ETag: W/"623de86a-cf34"
Expires: Sun, 17 Dec 2023 05:31:30 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 337, 215644
X-Served-By: cache-lga13626-LGA, cache-mxp6980-MXP
X-Timer: S1704339272.862864,VS0,VE0

GET
H2 200 rd_log Show response
fra1-ib.adnxs.com/ Frame A760 0
647 B 26ms
26ms Script
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:31 GMT
an-x-request-uuid: 5d7adab1-15e3-43e9-b4b7-2590559e5279
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 176.10.107.230; 176.10.107.230; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
fra1-ib.adnxs.com/ Frame 78FE 0
668 B 24ms
24ms Ping
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38&e=wqT_3QKfFfDQnwoAAAMA1gAFAQjGztisBhDhi4_kuYOG53UYrsC-hbr_44N6KjYJZaP0wVlQyT8R0v6fuhewwz8ZAAAAwB6FAUAhHMPO2o5lxz8pMPXzpiIVzj8xAAAAQOF6xD8wu--ABjimBkCaCUgCUOOV-ucBWLmUVGAAaIUdeMuHBoABAYoBA1VTRJIBA1VTRJgBAaABAagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaHVmKCdhJywgNDY4NzQ1LCAwKTt1ZignaScsIDYwNTkzMzAVFCxnJywgMjE5NDcyODgVFQBzARUcODc0MTAxNTcVFixyJywgNDg2NDQzNzQJFvC2kgLNDiFESDlSOGdpUWo1Y2JFT09WLXVjQkdBQWd1WlJVTUFBNEFFQUFTSm9KVUx2dmdBWllBR0NlQTJnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFhZ0JBYkFCQUxrQkVCSjBjcHFaeVRfQkFhYms0UkUtRmM0X3lRRUFBQUFBQUFEd1A5a0JRWnF4YURvNzZ6X2dBY0xxOFFMMUFjM016RDZZQWdDZ0FnRzFBZ0FBQUFDOUFnATnwi0RBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0STRlaWZMUkFCR0FJdHpjek1QcUlERGdqaDZKOHRFQXNZQWkzTnpNdy11Z01KUmxKQk1UbzJOVGswNEFPdlJZQUV2LVdUQ29nRTRQMjNDNUFFQVpnRUFhb0V4QWNJX19fX19fCQUIQVJECQkFAQw4QkdQBQkJAQh3RWcJCQkBCEFTagkJBQEIOEJNNiwAADQFFw0BBEFVNlgAAFMyLAAERlENJwUBBEFWNlgAAFk2LAAAbwUlDQEEQVg2WAAUZUFHQUFmDR0BAQh3R0k6EAAAUToQAABZOhAAAGc6EAAAbzoQAAB3OhAAADQ2EAAASDqAAABIOoAAAEg6gAAASDqAAABIOoAAAEg6gAAASDqAAABIOoAADEdBQXYB-Q0BIQA2EAAcUUFxWUdtQUwNIQEBCDhCbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAEZ0EuJQIIOEJpOhAAAGs6EAAAbToQAABvOhAAAHE6EAAAczoQAAB1OhAAAHc6EAAAeToQAAAwOhAAADI6EAAANDoQAAA2OhAAADg6EAAALToQAAhnQVQhyQ0BIQA2EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBWA38AQEhADYQAABrOhAAAG06EAAId1FRoZEJAQhNa0UJCQEBGERZQkFEeEIBCw0BQGlBWENNNWdGN1ktR2lRR3BCETsUUEFfc1FVDSYUQUFBTUVGAQccb0ptWjJUX0ouKAAAMC4oAAROawUoAQG4OERfZ0JjNjNBZkFGbU1lN0N2Z0ZpYzRjZ2dZRFEwaEdpQVlFa0FZQm1BWUFvUVkBMwRBQcGAJDZnR0JMSUdKQWsBEQkBAEIdxwRCawkUAQEAQx0YGExnR0NvRUkBFwGoOHlUOC6aApkBIUtoU21rUTpRByhMbVVWQ0FBS0FBeAExAQGIOEQ4NkNVWlNRVEU2TmpVNU5FQ3ZSVWxCbXJGb09qdnJQMUUBJwkBAEYdhQBHHYUARx0YAEgdGAxIZ0FpLmUH9CoBdy4u2AIf4ALukAHqAjZodHRwczovL21pbmVjcmFmdGNvbW1hbmQuc2NpZW5jZS9wcm9maWxlL3JlZnVuZGhlbGVuMziAAwCIAwGQAwCYAxegAwGqAwDAA-CoAcgDANgD0vt94AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjE3Ni4xMC4xMDcuMjMwqAQAsgQQCAAQARigASDYBCgAMAA4ArgEAMAEAMgEANIEDjExNzgjRlJBMTo2NTk02gQCCAHgBAHwBOOV-ucBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF7bkN-gUECAAQAJAGAZgGALgGAMEGAAAAAAAA8D_QBuAD2gYWChANNRUBdBAAGADgBgzyBgIIAIAHAYgHAKAHQcgHy4cG0gcNCREnASYM2gcGCAUJuOAHAOoHAggA8Ae_gw2KCAIQAJUIAACAP5gIAcAIH9IIDgiBgoSIkKDAgAEQABgA&s=8c7b8e6613a0f3b6ca2cb97a41a4d627900b3541&type=nv&nvt=5&jm=1003&px=1405&py=60&bw=160&bh=245&sid=1401602541656917557&vd=ct~0|rr~0&sv=240&tv=native1-18hs&ua=chrome52&pl=win&x=v&tag_id=12597179&cid=3&cr=nv&sw=1600&sh=1200&pw=1600&ph=2974&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:31 GMT
an-x-request-uuid: 474986f1-18cc-4032-a3b0-8c11463ccada
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 176.10.107.230; 176.10.107.230; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 532F 0
596 B 23ms
23ms Script
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=806&pub_id=1091809&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=806&pub_id=1091809

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:31 GMT
an-x-request-uuid: 1d0cc38a-da46-4c74-8a5a-1cd3d52027e3
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 176.10.107.230; 176.10.107.230; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
fra1-ib.adnxs.com/ Frame A760 0
669 B 23ms
23ms Ping
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38&e=wqT_3QKSC_DQkgUAAAMA1gAFAQjGztisBhCc5oejk8PDtWkYrsC-hbr_44N6KjYJM6ipaxsoxD8R-u7D7otavz8ZAAAAQDMz-z8hHMPO2o5lxz8pMPXzpiIVzj8xAAAAIIXrwT8wldb9CjimBkCaCUgCUOOV-ucBWLmUVGAAaIUdeMuHBoABAYoBA1VTRJIBA1VTRJgBAaABAagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaHVmKCdhJywgNDY4NzQ1LCAwKTt1ZignaScsIDYwNTkzMzAVFCxnJywgMjE5NDcyODgVFQBzARUcODc0MTAxNTcVFixyJywgNDg2NDQzNzQJFvC2kgLBBCEzM0RDNkFpUWo1Y2JFT09WLXVjQkdBQWd1WlJVTUFBNEFFQUFTSm9KVUpYV19RcFlBR0NlQTJnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFhZ0JBYkFCQUxrQkVCSjBjcHFaeVRfQkFhYms0UkUtRmM0X3lRRUFBQUFBQUFEd1A5a0JRWnF4YURvNzZ6X2dBY0xxOFFMMUFjM016RDZZQWdDZ0FnRzFBZ0FBQUFDOUFnATnwgURBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0STRlaWZMUkFCR0FJdHpjek1QcUlERGdqaDZKOHRFQXNZQWkzTnpNdy11Z01KUmxKQk1UbzJOVGswNEFPdlJZQUV2LVdUQ29nRTRQMjNDNUFFQVpnRUFjRUUBhgkBCERKQgkJBQEYMkFRQThRUQUMBQFESWdGd2pPWUJlMlBob2tCcVFVBRccQUFEd1A3RUYNDQEQBEJCATccS0NabWRrX3kuKAAAOTIoAABaBSgBAbhQQV80QVhPdHdId0Jaakh1d3I0QlluT0hJSUdBME5JUm9nR0JKQUdBWmdHQUtFRwEzAQEsOEQtb0JnU3lCaVFKARANAQBSDQgBAQBaAQUNAQBoDQgkQUFBQzRCZ3FCQwELAag0Y2tfmgKZASFLaFNta1E6RQIoTG1VVkNBQUtBQXgBMAEBiDhEODZDVVpTUVRFNk5qVTVORUN2UlVsQm1yRm9PanZyUDFFAScJAQRGawkIAQEER0UBBgkBAEcdGABIHRgMSGdBaS5ZAvQqAXcuLtgCH-AC7pAB6gI2aHR0cHM6Ly9taW5lY3JhZnRjb21tYW5kLnNjaWVuY2UvcHJvZmlsZS9yZWZ1bmRoZWxlbjM4gAMAiAMBkAMAmAMXoAMBqgMAwAPgqAHIAwDYA9L7feADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4xNzYuMTAuMTA3LjIzMKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDjExNzgjRlJBMTo2NTk02gQCCAHgBAHwBOOV-ucBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF7bkN-gUECAAQAJAGAZgGALgGAMEGAAAAAAAA8D_QBuAD2gYWChAACTUVAXQQABgA4AYM8gYCCACABwGIBwCgB0HIB8uHBtIHDQkRJwEmDNoHBggFCbjgBwDqBwIIAPAHv4MNiggCEACVCAAAgD-YCAHACB_SCA4IgYKEiJCgwIABEAAYAA..&s=4018095768c36f58e397466e4415c7d07075b59a&type=nv&nvt=5&jm=1003&px=436&py=1110&bw=728&bh=125&sid=1401602541656917557&vd=ct~0|rr~0&sv=240&tv=native1-18hs&ua=chrome52&pl=win&x=v&tag_id=23030549&cid=3&cr=nv&sw=1600&sh=1200&pw=1600&ph=3064&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:31 GMT
an-x-request-uuid: ed959c6f-dcb9-41e3-94f3-635b592b5487
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 176.10.107.230; 176.10.107.230; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame C87B 0
596 B 23ms
23ms Script
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=806&pub_id=1091809&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=806&pub_id=1091809

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:32 GMT
an-x-request-uuid: 018b69d7-a41e-4842-9fe7-09e1428578ce
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 176.10.107.230; 176.10.107.230; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
fra1-ib.adnxs.com/ Frame 280E 0
668 B 29ms
29ms Ping
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38&e=wqT_3QKSC_DQkgUAAAMA1gAFAQjGztisBhD_2Lfk9oKjshMYrsC-hbr_44N6KjYJuEcKoShzyD8ROGUGiQ8Ewz8ZAAAAwB6F_z8hHMPO2o5lxz8pMPXzpiIVzj8xAAAAANejwD8w1PncBTimBkCaCUgCUOOV-ucBWLmUVGAAaIUdeM6HBoABAYoBA1VTRJIBA1VTRJgBAaABAagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaHVmKCdhJywgNDY4NzQ1LCAwKTt1ZignaScsIDYwNTkzMzAVFCxnJywgMjE5NDcyODgVFQBzARUcODc0MTAxNTcVFixyJywgNDg2NDQzNzQJFvC2kgLBBCFGSEd4UWdpUWo1Y2JFT09WLXVjQkdBQWd1WlJVTUFBNEFFQUFTSm9KVU5UNTNBVllBR0NlQTJnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFhZ0JBYkFCQUxrQkVCSjBjcHFaeVRfQkFhYms0UkUtRmM0X3lRRUFBQUFBQUFEd1A5a0JRWnF4YURvNzZ6X2dBY0xxOFFMMUFjM016RDZZQWdDZ0FnRzFBZ0FBQUFDOUFnATnwgURBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0STRlaWZMUkFCR0FJdHpjek1QcUlERGdqaDZKOHRFQXNZQWkzTnpNdy11Z01KUmxKQk1UbzJOVGcyNEFPdlJZQUV2LVdUQ29nRTRQMjNDNUFFQVpnRUFjRUUBhgkBCERKQgkJBQEYMkFRQThRUQUMBQFESWdGdWpPWUJlMlBob2tCcVFVBRccQUFEd1A3RUYNDQEQBEJCATccS0NabWRrX3kuKAAAOTIoAABaBSgBAbhQQV80QVhPdHdId0Jaakh1d3I0QlluT0hJSUdBME5JUm9nR0JKQUdBWmdHQUtFRwEzAQEsOEQtb0JnU3lCaVFKARANAQBSDQgBAQBaAQUNAQBoDQgkQUFBQzRCZ3FCQwELAag0Y2tfmgKZASFLeFRya1E6RQIoTG1VVkNBQUtBQXgBMAEBiDhEODZDVVpTUVRFNk5qVTROa0N2UlVsQm1yRm9PanZyUDFFAScJAQRGawkIAQEER0UBBgkBAEcdGABIHRgMSGdBaS5ZAvQqAXcuLtgCH-AC7pAB6gI2aHR0cHM6Ly9taW5lY3JhZnRjb21tYW5kLnNjaWVuY2UvcHJvZmlsZS9yZWZ1bmRoZWxlbjM4gAMAiAMBkAMAmAMXoAMBqgMAwAPgqAHIAwDYA9L7feADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4xNzYuMTAuMTA3LjIzMKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDjExNzgjRlJBMTo2NTg22gQCCAHgBAHwBOOV-ucBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF7bkN-gUECAAQAJAGAZgGALgGAMEGAAAAAAAA8D_QBuAD2gYWChAACTUVAXQQABgA4AYM8gYCCACABwGIBwCgB0HIB86HBtIHDQkRJwEmDNoHBggFCbjgBwDqBwIIAPAHv4MNiggCEACVCAAAgD-YCAHACB_SCA4IgYKEiJCgwIABEAAYAA..&s=d862f9d00e280958164e2f8454ea0c4dfd6d2315&type=pv&jm=1003&px=437&py=55&bw=728&bh=125&sf=1&sid=1401602541656917557&vd=ct~0|rr~5&sv=240&tv=native1-18hs&ua=chrome52&pl=win&x=v&tag_id=12008660&cid=3&cr=nv&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:32 GMT
an-x-request-uuid: 2af89b4c-038d-4e47-879e-6b9f7808cd20
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 176.10.107.230; 176.10.107.230; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame EAAF 0
596 B 23ms
23ms Script
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=806&pub_id=1091809&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=806&pub_id=1091809

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:32 GMT
an-x-request-uuid: 6928715f-63e1-4ec4-88a0-8ed4831868dc
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 176.10.107.230; 176.10.107.230; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
fra1-ib.adnxs.com/ Frame 4508 0
668 B 23ms
23ms Ping
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38&e=wqT_3QKTC_DQkwUAAAMA1gAFAQjGztisBhCH6vrC-LOiwG8YrsC-hbr_44N6KjYJZaP0wVlQyT8R0v6fuhewwz8ZAAAAwB6FAUAhHMPO2o5lxz8pMPXzpiIVzj8xAAAAQOF6xD8wu--ABjimBkCaCUgCUOOV-ucBWLmUVGAAaIUdeMuHBoABAYoBA1VTRJIBA1VTRJgBAaABAagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaHVmKCdhJywgNDY4NzQ1LCAwKTt1ZignaScsIDYwNTkzMzAVFCxnJywgMjE5NDcyODgVFQBzARUcODc0MTAxNTcVFixyJywgNDg2NDQzNzQJFvC2kgLBBCFuWEJOZ2dpUWo1Y2JFT09WLXVjQkdBQWd1WlJVTUFBNEFFQUFTSm9KVUx2dmdBWllBR0NlQTJnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFhZ0JBYkFCQUxrQkVCSjBjcHFaeVRfQkFhYms0UkUtRmM0X3lRRUFBQUFBQUFEd1A5a0JRWnF4YURvNzZ6X2dBY0xxOFFMMUFjM016RDZZQWdDZ0FnRzFBZ0FBQUFDOUFnATnwgURBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0STRlaWZMUkFCR0FJdHpjek1QcUlERGdqaDZKOHRFQXNZQWkzTnpNdy11Z01KUmxKQk1UbzJOVGswNEFPdlJZQUV2LVdUQ29nRTRQMjNDNUFFQVpnRUFjRUUBhgkBCERKQgkJBQEYMkFRQThRUQUMBQFESWdGd2pPWUJlMlBob2tCcVFVBRccQUFEd1A3RUYNDQEQBEJCATccS0NabWRrX3kuKAAAOTIoAABaBSgBAbhQQV80QVhPdHdId0Jaakh1d3I0QlluT0hJSUdBME5JUm9nR0JKQUdBWmdHQUtFRwEzAQEsOEQtb0JnU3lCaVFKARANAQBSDQgBAQBaAQUNAQBoDQgkQUFBQzRCZ3FCQwELAag0Y2tfmgKZASFLaFNta1E6RQIoTG1VVkNBQUtBQXgBMAEBiDhEODZDVVpTUVRFNk5qVTVORUN2UlVsQm1yRm9PanZyUDFFAScJAQRGawkIAQEER0UBBgkBAEcdGABIHRgMSGdBaS5ZAvQqAXcuLtgCH-AC7pAB6gI2aHR0cHM6Ly9taW5lY3JhZnRjb21tYW5kLnNjaWVuY2UvcHJvZmlsZS9yZWZ1bmRoZWxlbjM4gAMAiAMBkAMAmAMXoAMBqgMAwAPgqAHIAwDYA9L7feADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4xNzYuMTAuMTA3LjIzMKgEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADSBA4xMTc4I0ZSQTE6NjU5NNoEAggB4AQB8ATjlfrnAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBe25DfoFBAgAEACQBgGYBgC4BgDBBgAAAAAAAPA_0AbgA9oGFgoQDTUVAXQQABgA4AYM8gYCCACABwGIBwCgB0HIB8uHBtIHDQkRJwEmDNoHBggFCbjgBwDqBwIIAPAHv4MNiggCEACVCAAAgD-YCAHACB_SCA4IgYKEiJCgwIABEAAYAA..&s=1b02c5a2122f7bc1e5f89b931c99ea3abc8d942e&type=pv&jm=1003&px=35&py=60&bw=160&bh=245&sf=1&sid=1401602541656917557&vd=ct~0|rr~6&sv=240&tv=native1-18hs&ua=chrome52&pl=win&x=v&tag_id=12597179&cid=3&cr=pv&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:32 GMT
an-x-request-uuid: a12f166a-e265-402a-9473-5168b5f5b96e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 176.10.107.230; 176.10.107.230; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame A95D 0
596 B 23ms
23ms Script
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=806&pub_id=1091809&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=806&pub_id=1091809

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:32 GMT
an-x-request-uuid: f6074993-0674-41b7-bc4a-bf1c79546a3d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 176.10.107.230; 176.10.107.230; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
fra1-ib.adnxs.com/ Frame 78FE 0
668 B 23ms
23ms Ping
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38&e=wqT_3QKfFfDQnwoAAAMA1gAFAQjGztisBhDhi4_kuYOG53UYrsC-hbr_44N6KjYJZaP0wVlQyT8R0v6fuhewwz8ZAAAAwB6FAUAhHMPO2o5lxz8pMPXzpiIVzj8xAAAAQOF6xD8wu--ABjimBkCaCUgCUOOV-ucBWLmUVGAAaIUdeMuHBoABAYoBA1VTRJIBA1VTRJgBAaABAagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaHVmKCdhJywgNDY4NzQ1LCAwKTt1ZignaScsIDYwNTkzMzAVFCxnJywgMjE5NDcyODgVFQBzARUcODc0MTAxNTcVFixyJywgNDg2NDQzNzQJFvC2kgLNDiFESDlSOGdpUWo1Y2JFT09WLXVjQkdBQWd1WlJVTUFBNEFFQUFTSm9KVUx2dmdBWllBR0NlQTJnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFhZ0JBYkFCQUxrQkVCSjBjcHFaeVRfQkFhYms0UkUtRmM0X3lRRUFBQUFBQUFEd1A5a0JRWnF4YURvNzZ6X2dBY0xxOFFMMUFjM016RDZZQWdDZ0FnRzFBZ0FBQUFDOUFnATnwi0RBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0STRlaWZMUkFCR0FJdHpjek1QcUlERGdqaDZKOHRFQXNZQWkzTnpNdy11Z01KUmxKQk1UbzJOVGswNEFPdlJZQUV2LVdUQ29nRTRQMjNDNUFFQVpnRUFhb0V4QWNJX19fX19fCQUIQVJECQkFAQw4QkdQBQkJAQh3RWcJCQkBCEFTagkJBQEIOEJNNiwAADQFFw0BBEFVNlgAAFMyLAAERlENJwUBBEFWNlgAAFk2LAAAbwUlDQEEQVg2WAAUZUFHQUFmDR0BAQh3R0k6EAAAUToQAABZOhAAAGc6EAAAbzoQAAB3OhAAADQ2EAAASDqAAABIOoAAAEg6gAAASDqAAABIOoAAAEg6gAAASDqAAABIOoAADEdBQXYB-Q0BIQA2EAAcUUFxWUdtQUwNIQEBCDhCbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAEZ0EuJQIIOEJpOhAAAGs6EAAAbToQAABvOhAAAHE6EAAAczoQAAB1OhAAAHc6EAAAeToQAAAwOhAAADI6EAAANDoQAAA2OhAAADg6EAAALToQAAhnQVQhyQ0BIQA2EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBWA38AQEhADYQAABrOhAAAG06EAAId1FRoZEJAQhNa0UJCQEBGERZQkFEeEIBCw0BQGlBWENNNWdGN1ktR2lRR3BCETsUUEFfc1FVDSYUQUFBTUVGAQccb0ptWjJUX0ouKAAAMC4oAAROawUoAQG4OERfZ0JjNjNBZkFGbU1lN0N2Z0ZpYzRjZ2dZRFEwaEdpQVlFa0FZQm1BWUFvUVkBMwRBQcGAJDZnR0JMSUdKQWsBEQkBAEIdxwRCawkUAQEAQx0YGExnR0NvRUkBFwGoOHlUOC6aApkBIUtoU21rUTpRByhMbVVWQ0FBS0FBeAExAQGIOEQ4NkNVWlNRVEU2TmpVNU5FQ3ZSVWxCbXJGb09qdnJQMUUBJwkBAEYdhQBHHYUARx0YAEgdGAxIZ0FpLmUH9CoBdy4u2AIf4ALukAHqAjZodHRwczovL21pbmVjcmFmdGNvbW1hbmQuc2NpZW5jZS9wcm9maWxlL3JlZnVuZGhlbGVuMziAAwCIAwGQAwCYAxegAwGqAwDAA-CoAcgDANgD0vt94AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjE3Ni4xMC4xMDcuMjMwqAQAsgQQCAAQARigASDYBCgAMAA4ArgEAMAEAMgEANIEDjExNzgjRlJBMTo2NTk02gQCCAHgBAHwBOOV-ucBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF7bkN-gUECAAQAJAGAZgGALgGAMEGAAAAAAAA8D_QBuAD2gYWChANNRUBdBAAGADgBgzyBgIIAIAHAYgHAKAHQcgHy4cG0gcNCREnASYM2gcGCAUJuOAHAOoHAggA8Ae_gw2KCAIQAJUIAACAP5gIAcAIH9IIDgiBgoSIkKDAgAEQABgA&s=8c7b8e6613a0f3b6ca2cb97a41a4d627900b3541&type=pv&jm=1003&px=1405&py=60&bw=160&bh=245&sf=1&sid=1401602541656917557&vd=ct~0|rr~6&sv=240&tv=native1-18hs&ua=chrome52&pl=win&x=v&tag_id=12597179&cid=3&cr=pv&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:32 GMT
an-x-request-uuid: 42bcf69b-7a7f-4a47-9f23-8fb326cc5cc9
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 176.10.107.230; 176.10.107.230; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 532F 0
596 B 23ms
23ms Script
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=806&pub_id=1091809&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=806&pub_id=1091809

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:32 GMT
an-x-request-uuid: d6a48532-6759-4049-b230-b46f10a25db1
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 176.10.107.230; 176.10.107.230; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
fra1-ib.adnxs.com/ Frame A760 0
668 B 24ms
24ms Ping
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Frefundhelen38&e=wqT_3QKSC_DQkgUAAAMA1gAFAQjGztisBhCc5oejk8PDtWkYrsC-hbr_44N6KjYJM6ipaxsoxD8R-u7D7otavz8ZAAAAQDMz-z8hHMPO2o5lxz8pMPXzpiIVzj8xAAAAIIXrwT8wldb9CjimBkCaCUgCUOOV-ucBWLmUVGAAaIUdeMuHBoABAYoBA1VTRJIBA1VTRJgBAaABAagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaHVmKCdhJywgNDY4NzQ1LCAwKTt1ZignaScsIDYwNTkzMzAVFCxnJywgMjE5NDcyODgVFQBzARUcODc0MTAxNTcVFixyJywgNDg2NDQzNzQJFvC2kgLBBCEzM0RDNkFpUWo1Y2JFT09WLXVjQkdBQWd1WlJVTUFBNEFFQUFTSm9KVUpYV19RcFlBR0NlQTJnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFhZ0JBYkFCQUxrQkVCSjBjcHFaeVRfQkFhYms0UkUtRmM0X3lRRUFBQUFBQUFEd1A5a0JRWnF4YURvNzZ6X2dBY0xxOFFMMUFjM016RDZZQWdDZ0FnRzFBZ0FBQUFDOUFnATnwgURBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0STRlaWZMUkFCR0FJdHpjek1QcUlERGdqaDZKOHRFQXNZQWkzTnpNdy11Z01KUmxKQk1UbzJOVGswNEFPdlJZQUV2LVdUQ29nRTRQMjNDNUFFQVpnRUFjRUUBhgkBCERKQgkJBQEYMkFRQThRUQUMBQFESWdGd2pPWUJlMlBob2tCcVFVBRccQUFEd1A3RUYNDQEQBEJCATccS0NabWRrX3kuKAAAOTIoAABaBSgBAbhQQV80QVhPdHdId0Jaakh1d3I0QlluT0hJSUdBME5JUm9nR0JKQUdBWmdHQUtFRwEzAQEsOEQtb0JnU3lCaVFKARANAQBSDQgBAQBaAQUNAQBoDQgkQUFBQzRCZ3FCQwELAag0Y2tfmgKZASFLaFNta1E6RQIoTG1VVkNBQUtBQXgBMAEBiDhEODZDVVpTUVRFNk5qVTVORUN2UlVsQm1yRm9PanZyUDFFAScJAQRGawkIAQEER0UBBgkBAEcdGABIHRgMSGdBaS5ZAvQqAXcuLtgCH-AC7pAB6gI2aHR0cHM6Ly9taW5lY3JhZnRjb21tYW5kLnNjaWVuY2UvcHJvZmlsZS9yZWZ1bmRoZWxlbjM4gAMAiAMBkAMAmAMXoAMBqgMAwAPgqAHIAwDYA9L7feADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4xNzYuMTAuMTA3LjIzMKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDjExNzgjRlJBMTo2NTk02gQCCAHgBAHwBOOV-ucBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF7bkN-gUECAAQAJAGAZgGALgGAMEGAAAAAAAA8D_QBuAD2gYWChAACTUVAXQQABgA4AYM8gYCCACABwGIBwCgB0HIB8uHBtIHDQkRJwEmDNoHBggFCbjgBwDqBwIIAPAHv4MNiggCEACVCAAAgD-YCAHACB_SCA4IgYKEiJCgwIABEAAYAA..&s=4018095768c36f58e397466e4415c7d07075b59a&type=pv&jm=1003&px=436&py=1110&bw=728&bh=125&sf=0.72&sid=1401602541656917557&vd=ct~0|rr~5&sv=240&tv=native1-18hs&ua=chrome52&pl=win&x=v&tag_id=23030549&cid=3&cr=nv&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 03:34:32 GMT
an-x-request-uuid: 9fbcbfdc-079a-4e67-8789-139b9aa20997
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 176.10.107.230; 176.10.107.230; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

73 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 18:08:51	Name: _li_ss Value: CgcKBQgKEPIW
minecraftcommand.science/	1969-12-31 23:59:59	Name: _McTool_session Value: SVU1WTBxUWhOb3dVVHlZdW1aRVpVMkFHeVl6LzJ6OHNTNExtbkZNZDZQNllaZnc2eG95NTFXODZDQ3l0bkdxdlpxNGNncFFONkU0SUdpRmwzdWdjbVdrR1JwQXR5cG1SRk5DQldqNVozWVdja29pZ0kwWnZVUVpES21mb1IwOVVKK1daRGR4bHluRno1YllWQVpEeno0c1RqVkdhWi9Uc1FHbTkvQnZuajRFPS0tQ0VKQURWb3lGdmFqcDZHdDB5WlhmQT09--488d38b723e5fc2fd3586b91667bd8ec16403f67
.minecraftcommand.science/	1970-01-21 03:01:39	Name: _ga Value: GA1.2.1124578720.1704339268
.minecraftcommand.science/	1970-01-20 17:27:05	Name: _gid Value: GA1.2.1954014052.1704339268
.minecraftcommand.science/	1970-01-20 17:25:39	Name: _gat Value: 1
.minecraftcommand.science/	1970-01-21 03:01:39	Name: _ga_MTB0WFGVZX Value: GS1.2.1704339268.1.0.1704339268.0.0.0
minecraftcommand.science/	1970-01-20 18:08:51	Name: _pbjs_userid_consent_data Value: 3524755945110770
.quantserve.com/	1970-01-21 02:55:53	Name: mc Value: 65962746-1a48c-4ac55-bf9a2
.minecraftcommand.science/	1970-01-21 02:50:08	Name: __qca Value: P0-397789036-1704339269937
.minecraftcommand.science/	1970-01-21 02:47:15	Name: __gads Value: ID=e2b8768a74da5fb8:T=1704339270:RT=1704339270:S=ALNI_MZwgMx9L1ONTIZ7JDYO1M2UEUAM7g
.minecraftcommand.science/	1970-01-21 02:47:15	Name: __gpi Value: UID=00000d37eb41db72:T=1704339270:RT=1704339270:S=ALNI_MYxd9kecNpnFiKCRuhp4iHZZWs49A
.cpx.to/	1970-01-21 02:11:15	Name: cpSess Value: 116c18f3871fcdb
.adnxs.com/	1970-01-20 19:35:15	Name: uuid2 Value: 8793155108359610414
.pubmatic.com/	1970-01-20 19:35:15	Name: KTPCACOOKIE Value: true
.cpx.to/	1970-01-21 02:11:15	Name: dsp_app_nexus Value: 8793155108359610414#1704339270439
.cpx.to/	1970-01-21 02:11:15	Name: dsp_pub_common Value: 0a62afcc-da43-4b9a-85d7-403e79894b48#1704339270439
.doubleclick.net/	1970-01-21 03:01:39	Name: IDE Value: AHWqTUk2Knaeg0Lj1DnsnSgl_6qvsqYCZIkVPGeB7JbHr0GbRnzXQlDMNMAg0ADlwQ8
.pubmatic.com/	1970-01-21 02:11:15	Name: KADUSERCOOKIE Value: 38075D09-E000-4A78-8BD3-677F417BA43B
.rubiconproject.com/	1970-01-21 02:11:15	Name: khaos Value: LQYNLHL6-5-LBNA
.cpx.to/	1970-01-21 02:11:15	Name: dsp_dbm Value: CAESEMvDD0YINYyF0YlOm7p3Y58#1704339270486
.cpx.to/	1970-01-21 02:11:15	Name: dsp_pubmatic Value: 38075D09-E000-4A78-8BD3-677F417BA43B#1704339270498
.casalemedia.com/	1970-01-21 02:11:15	Name: receive-cookie-deprecation Value: 1
prebid.a-mo.net/	1970-01-20 17:25:39	Name: _Amc_b Value: 0
.adnxs.com/	1970-01-20 19:35:15	Name: icu Value: ChgI4dFCEAoYASABKAEwxs7YrAY4AUABSAEQxs7YrAYYAA..
.smartadserver.com/	1970-01-21 02:12:41	Name: pbw Value: %24b%3d16890%3b%24o%3d11100
.smartadserver.com/	1969-12-31 23:59:59	Name: vs Value: 320796=5789014
.smartadserver.com/	1969-12-31 23:59:59	Name: TestIfCookie Value: ok
.smartadserver.com/	1970-01-21 02:12:41	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 17:27:05	Name: sasd Value: %24qc%3D1500016409%3B%24ql%3DHigh%3B%24qpc%3D6331%3B%24qt%3D73_82_98174t%3B%24dma%3D0
.smartadserver.com/	1970-01-21 02:12:41	Name: pid Value: 2769084103397201519
.smartadserver.com/	1970-01-20 17:27:05	Name: sasd2 Value: q=%24qc%3D1500016409%3B%24ql%3DHigh%3B%24qpc%3D6331%3B%24qt%3D73_82_98174t%3B%24dma%3D0&c=1&l=1047347517&lo=1852618765&lt=638399360707853949&o=1
.go.sonobi.com/	1970-01-20 17:27:05	Name: _usd_minecraftcommand.science Value: 496e1df3-c2a8-47d9-953d-5f30b5904e1f
.go.sonobi.com/	1970-01-20 18:08:51	Name: __uis Value: 6392e51c-9730-479d-9f1f-469e83e1a1eb
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s85112\|ZZYnS
.amazon-adsystem.com/	1970-01-20 23:55:53	Name: ad-id Value: A9N7sNiEj0y_ocQVzuw0eTI
.amazon-adsystem.com/	1970-01-21 03:01:39	Name: ad-privacy Value: 0
.casalemedia.com/	1970-01-21 02:11:15	Name: CMID Value: ZZYnRwsphDK-tF43iTx4BwAA
.casalemedia.com/	1970-01-20 19:35:15	Name: CMPS Value: 5298
.casalemedia.com/	1970-01-20 19:35:15	Name: CMPRO Value: 5298
.smaato.net/	1970-01-20 17:55:53	Name: SCM Value: 5d3cd70593
.smaato.net/	1970-01-20 17:55:53	Name: SCMaps Value: 5d3cd70593
.bidswitch.net/	1970-01-21 02:11:15	Name: tuuid Value: 4604c5ff-336d-4aee-84e1-4f6824666dd1
.bidswitch.net/	1970-01-21 02:11:15	Name: c Value: 1704339271
.bidswitch.net/	1970-01-21 02:11:15	Name: tuuid_lu Value: 1704339271
.media.net/	1970-01-21 02:11:15	Name: visitor-id Value: 3473408717299857000V10
.turn.com/	1970-01-20 21:44:51	Name: uid Value: 3504620326854103646
.company-target.com/	1970-01-21 03:01:39	Name: tuuid Value: ed7bda9d-2646-4bb5-840f-c9d095df6057
.company-target.com/	1970-01-21 03:01:39	Name: tuuid_lu Value: 1704339271\|ix:0
.1rx.io/	1970-01-21 02:11:15	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-03be1281-fca7-4be1-a762-d1ea802c2be6-003%22%7D
.yellowblue.io/	1970-01-20 18:08:51	Name: wrvUserID Value: l6Y6oxgzCp_s
.targeting.unrulymedia.com/	1970-01-21 02:11:15	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-03be1281-fca7-4be1-a762-d1ea802c2be6-003%22%7D
pixel.rubiconproject.com/	1970-01-20 19:35:15	Name: receive-cookie-deprecation Value: 1
pixel-eu.rubiconproject.com/	1970-01-20 19:35:15	Name: receive-cookie-deprecation Value: 1
.pubmatic.com/	1970-01-20 17:27:05	Name: pi Value: 160295:3
.ads.stickyadstv.com/	1970-01-20 18:08:51	Name: UID Value: 758fd75aaec4afea83f652ad358df5a
.yahoo.com/	1970-01-21 02:11:36	Name: A3 Value: d=AQABBEcnlmUCEFNSTWqe7A26o86qwWXFz3YFEgEBAQF4l2WgZbti0CMA_eMAAA&S=AQAAAoDGIAPlTHuZ-RIAs5_dPN4
.adnxs.com/	1970-01-20 19:35:15	Name: anj Value: dTM7k!M40DF7/.XF']wIg2H`iKR5GA!@wnf-Te9(S@n$G2lWU]rm9U(pQyR5ZNI6yo8kESI?aPR52Ir9:4=sB!>`t@S<t:a
.adnxs.com/	1970-01-20 19:35:15	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxRWU5MSEw2LTUtTEJOQSIsImV4cGlyZXMiOiIyMDI0LTA0LTAzVDAzOjM0OjMxWiJ9fSwiYmlydGhkYXkiOiIyMDI0LTAxLTA0VDAzOjM0OjMxWiJ9
.pubmatic.com/	1970-01-20 19:35:15	Name: SyncRTB3 Value: 1705536000%3A220_21
.tapad.com/	1970-01-20 18:52:03	Name: TapAd_TS Value: 1704339271840
.tapad.com/	1970-01-20 18:52:03	Name: TapAd_DID Value: f4aa4c48-81e2-4c48-a57d-30b7271ab5f8
.analytics.yahoo.com/	1970-01-21 02:11:15	Name: IDSYNC Value: "18vk~2fzf:19e0~2fzf"
.tapad.com/	1970-01-20 18:52:03	Name: TapAd_3WAY_SYNCS Value:
.pubmatic.com/	1970-01-20 19:35:15	Name: KRTBCOOKIE_80 Value: 22987-CAESECqI_WoFVOk5XCnIOQDm5IE&KRTB&23025-CAESECqI_WoFVOk5XCnIOQDm5IE&KRTB&23386-CAESECqI_WoFVOk5XCnIOQDm5IE
.pubmatic.com/	1970-01-20 18:08:51	Name: PugT Value: 1704339270
.linkedin.com/	1970-01-21 02:11:15	Name: bcookie Value: "v=2&d4584aff-4994-4c6a-8178-ebe01321ab2a"
.linkedin.com/	1970-01-20 21:44:51	Name: li_gc Value: MTswOzE3MDQzMzkyNzE7MjswMjHomjmpkM3bkfk06ECBmDaScETf4zMgaIi6rROZg+MsCg==
.linkedin.com/	1970-01-20 17:27:05	Name: lidc Value: "b=OGST05:s=O:r=O:a=O:p=O:g=2925:u=1:x=1:i=1704339271:t=1704425671:v=2:sig=AQHSJs5Asz1A3HuhIIDltP0UcWd20WQ-"
.connatix.com/	1970-01-20 18:08:51	Name: cnx_userId Value: 8847885db7394b709d434a0175b957b7
.pubmatic.com/	1970-01-20 19:35:15	Name: chkChromeAb67Sec Value: 3
.liadm.com/	1970-01-21 03:01:39	Name: lidid Value: 0c9f6957-f660-4f92-b329-a50e4a90be3e
.ipredictive.com/	1970-01-21 02:11:15	Name: cu Value: 17d26e15-4caa-432c-b300-ca919adfdb78\|1704339272224
.rubiconproject.com/	1970-01-21 02:11:15	Name: audit Value: 1\|kQUV63sC2OQh5Y1yaZ7RNgfyVNOJ77gZXGJ1GwoxcpRIhBvrXh0k4G+oDXqARUCMLWsltqwJYx3yUhTWCqUS/Easv6MpIV38rNMcRMwX7vZPFMrdked536ZsIlP80lOrknORSVj+yM2yqVI1k5poNA==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12942995ee2ce71e57f234c9b362dbe1.safeframe.googlesyndication.com
a.ad.gt
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.turn.com
ads.stickyadstv.com
ap.lijit.com
apex.go.sonobi.com
ats.rlcdn.com
bidder.criteo.com
c.amazon-adsystem.com
cadmus.script.ac
capi.connatix.com
cdn.adnxs.com
cdn.edkt.io
cdn.hadronid.net
cdn.id5-sync.com
ce.lijit.com
choices.trustarc.com
cm.adgrx.com
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
crcdn01.adnxs-simple.com
cs-server-s2s.yellowblue.io
cs.media.net
cs.yellowblue.io
dcdn.adnxs.com
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fra1-ib.adnxs.com
g28carkeys.co.uk
hb.vntsm.com
hb.vntsm.io
hb.yahoo.net
htlb.casalemedia.com
i.clean.gg
i.liadm.com
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
image2.pubmatic.com
image8.pubmatic.com
lb.eu-1-id5-sync.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
maxcdn.bootstrapcdn.com
minecraftcommand.science
minotar.net
mp.4dex.io
p.cpx.to
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prg.smartadserver.com
proc.ad.cpe.dotomi.com
px.ads.linkedin.com
region1.google-analytics.com
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
s.cpx.to
script.4dex.io
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
shb.richaudience.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sync.1rx.io
sync.ipredictive.com
sync.targeting.unrulymedia.com
token.rubiconproject.com
tpc.googlesyndication.com
track.venatusmedia.com
ups.analytics.yahoo.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
x.bidswitch.net
104.124.11.16
104.18.36.155
108.128.207.160
141.95.98.65
143.204.98.49
147.75.84.158
151.101.129.108
162.19.138.116
164.132.25.180
172.64.146.152
178.63.241.79
18.239.50.19
18.239.64.29
18.239.69.131
184.30.211.26
185.64.190.79
198.47.127.205
2.19.104.211
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
216.52.2.30
216.52.2.39
216.58.212.162
217.182.178.224
23.212.88.20
23.35.229.251
2400:52e0:1e00::1082:1
2600:9000:211e:a000:1b:5138:8a40:93a1
2600:9000:2127:4a00:6:44e3:f8c0:93a1
2602:803:c003:200::91
2606:4700:10::6816:35ad
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:10::ac43:2483
2606:4700:10::ac43:266a
2606:4700:20::681a:246
2606:4700:20::681a:9a9
2606:4700:3038::6815:ea0b
2606:4700:4400::ac40:994e
2606:4700::6812:1691
2606:4700::6812:bcf
2607:ae80:192:1::172
2607:f350:3:2569:0:10:0:a
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2620:1ec:21::14
2a00:1450:4001:808::2001
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::200e
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::200a
2a00:1450:400c:c00::9b
2a02:2638:3::7
2a02:4780:23:8977:378c:548e:e74d:f002
2a02:fa8:8806:16::1460
2a05:d018:d29:3601:c091:b52b:1c22:fff1
3.235.201.186
3.67.60.172
3.75.62.37
34.111.113.62
34.120.111.33
34.255.103.93
34.95.69.49
34.96.71.22
35.156.83.210
35.71.131.137
37.252.173.215
46.228.174.117
52.205.210.55
52.208.118.80
52.211.238.11
52.214.64.222
52.46.130.91
52.95.125.22
54.146.218.6
65.9.95.29
68.178.206.128
69.173.144.139
69.173.144.165
72.251.245.179
76.223.111.18
013fc39efb38a28d8eccab58189059646847bc5c54e1c4b637e874b6109ee0ef
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
05f003284bc69d145d257c8c39ff76a05813dfb7d7836c802a54fca09ce1d0d5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07addf3375eedff5e82a126903c263eaf10bee17d4ed2aca0da749625395cdd6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
0e0feddbdb6febe969da68fffd4b55496de07f2ce27ebb9c7c3a7bcc84c5a2ae
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f2b339daf1b2ae7b108c2e3e37f3fed353dfb9860626a5e25ff313f08f1c2d6
10743075cb4e758fe616fe3e06a28ac9ab72b105a4cc3fd128e407bf852959cd
10a2e321f031c616b8783bb3f2e8cebcff73ecbfa4dce37671e70200d71e45ee
12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29
1e7c172871601fadf7b144e494a0f9bd1a5644028a490b0c62df89a678347b72
1f6ed2ede7d7b48c1a9043cc5b23785d1e14c0a8abc3c7a36247319b37c1cd41
2116c65abca7bd2f71caa0e2f67ed5dde2eebddb7ebbfbf1ca30b7b2e65ecba9
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2
258918e53038345b3ca0617e3147d9a66aca73424ec8d5b60f09874a56fe5023
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
29e052c25b24f6d8f7df3f31422cdbd4c66e6d25316576e896b2cd616f710cd9
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
33110fbabe1bedc75caa0fdae230908432c7aebd1dfd12dc06ebe70cc1c5e95c
39bcdb06387fa69fcfaa770eae0113766416b5d5492afca2fee5e7d629a02a4b
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e736be7e34c844a2d363f75a932ad7f305fc65507c697f698fc4f080f47730b
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
403d7133bd2fb1655a33384c55a4e65aa9ac408c6127532c0eaea0eb6adcbad7
42f6e3d964f79ab4124031a17d162914ba2703bad53c5b8b996717623e1241ac
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4804eb01ba20b0bc0636e21599ccf3da3d4abc89e9a88bfd5957a3d414e1de29
4b56c73fc679df3678714fc5f2b472950c698f4ddcc76de9f67be729cd4e14e5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b652ceea01f558db56d2cfe99abc69c571922def782951bf46c638b2c60d1c1
4d180417c61a57d9e3888d6561b67c80f470c90019e9641552035e865f843fe1
4d3a8ad550ab9f36d17388d40c5532bc287844a7458fdd2f1482fce3f38ddb36
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4
52edb8a053b824a4bf919e8489aadd1420d86f20b6d622d7188ee5aa5e955d91
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5963155991ef6cccaa5ccde93b269c06161b4e36b2784be6028b78c954a3c569
5b4122cd2abb1fe4a6f9de82ccf1d4cb111c294a9c66e20546615a1f8609713a
5bf98b49a10a8dd9340801c887594a59d636f7477cdb80a2d963b61a100da510
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65b10d43bc68bbcc8ce8c539376422177785089220b216a273a75f868b3a3629
68df248136accc1c2fcb2f530149bfdf33ef08102ed325c94a2676bac6dec36a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70e9056b1fa1f736bfa4390b6af1c7854f64cb58c6ee29a135edb0f34d3bd1f7
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
723616d5825ebfd924dab0b0d04a377acc3b1a4c7c50d71f1a9a27fd00a2dd79
73699e5533d189f34a09c47c1808a3117a833c07bc3abec85deae400a8a7f7d5
753e37752f70874f5c4b31a8dc91cdf9ceabd2dd2a95b5366d4abdc151a459a5
7553a6fe0244fabf4dd63f2fe3ab559d3facfb548feb74b7912a63dc244b7525
75ad2dd279270a84f188b9327a5a4f63eede7e4c38821012751f4986b7e9234d
85a2c47aa93ac7a646e226ee87d032790941254ac9c5391462d089d4f121bf35
85ea5f656c0d0e066a6a5163df465db3305605e6900d35db4591fe8306240690
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
914f5d7dd1a6c1f8260dfb5e79b2b19d41801b45277d0adcf719ddce9b9e7695
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
943b93d375f7d0df4fdb35c444ddcf42e764b2ea9075492645871be142c76d08
961813c2cc407cc2f799d1d4b17e1bb11730d890608625f8b74513143614f9b2
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a2aa2577c105dab138246b4e0a1f575b3c92c30d5aced108d3f73897bd46823f
a43eee8c3e4003540e309186c1799493c6ec85963fa52df0dd7f4d1af5d27462
a6f2607eb5570a902daf36bf676fc27fd1fd271409b32807b8c60e30469146de
a96570884248680f13fcb764449d55a74fccc7bfbf81478f79e88e87d0466bd4
aaa50b0f76ba769f197c0447e07b33caf55ac9d800a203e260c9b2f1df007d98
ad22af17099959c6c05cc8f11cfac5e225e81216a65e70f296bfca34b60e9789
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2cb8bc62166161e9a2927ff14b5f8f3febb694aa31a5604a54a5fb21713fdd1
b3f19a1ade6474b8661f810e930f94e8f4c4fd26f21cd03eaa0ac648dcaa3131
b80a4d9175dc7cb05b42205ce1f8235139b7cc754653a82974f340dbb9bcf408
b8f9639db0df3378e968273ee60171736de8173c69fb0200617785c33f03d8dd
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc3a01e9fcf80054708c94f3c48595ef7171cc11b64d741ca3e6c034c9b9b8f1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5813242b4b35a236d4ef477d0bcc41e47f2d195703dc95f928852381be4c509
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d213a2e91cb1b62f40d35c1f21cf6e33bf3b2d398ad9b596d046a35a71acb65b
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
da51c802ff9553c6107a8670a17c71080815c58deee23f8b03268e8acd507356
dc50652099044a0da566da2a361fc6bb2cc05964baffba5025b83d45d951f286
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7a60ca6db573993a6629bc4b5857da19a65ee4ad11f39048c0e49c97c7508c6
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce
ed1bd447b34643fbb1d1586905fbc2bb98f0f52a656bbcf237e83f44b4d42cf0
ee1e369625c48edb31d85c886b0dfe6d5f0143040d9997a49d0b2ca5373fe105
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f070af4c90f6b4a994546afc0d1138b19b87f4be5aa5e03d9e4e18eff60e75c8
f587399e68dc53b742a5b6faa52b4c30a7f6df6f66e3a4ed5d303de558f59bfe
fa614642f7e3e6eab1f82e2fd370e94d6ab3816f94654f5a5b5917788b7930f4
fe624bd154d91e977573d9edf1cd51492030b5d8ab786ef29c39117ff11dfce6
ff27aaf0251f1297775f311ea19bfc6ce02a722f428b37315b6b57bea2448f6f

minecraftcommand.science Open in urlscan Pro 68.178.206.128 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

192 Requests

85 %HTTPS

42 %IPv6

63 Domains

93 Subdomains

69 IPs

9 Countries

2655 kBTransfer

7164 kBSize

73 Cookies

3 Outgoing links

Redirected requests

192 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

minecraftcommand.science Open in urlscan Pro
68.178.206.128 Public Scan

Screenshot
Live screenshot

Full Image

192
Requests

85 %
HTTPS

42 %
IPv6

63
Domains

93
Subdomains

69
IPs

9
Countries

2655 kB
Transfer

7164 kB
Size

73
Cookies

192 HTTP transactions
0 data transactions