nowblox.com Open in urlscan Pro
2606:4700:3036::ac43:995a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://share.nowblox.com/
Effective URL:
https://nowblox.com/index.php
Submission: On January 25 via api (January 25th 2024, 6:08:22 am UTC) from US — Scanned from DE

Summary HTTP 81 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 23 IPs in 2 countries across 19 domains to perform 81 HTTP transactions. The main IP is 2606:4700:3036::ac43:995a, located in United States and belongs to CLOUDFLARENET, US. The main domain is nowblox.com.
TLS certificate: Issued by GTS CA 1P5 on December 29th 2023. Valid for: 3 months.

This is the only time nowblox.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3034::6815:3097	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 13	2606:4700:303... 2606:4700:3036::ac43:995a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
5	2a02:26f0:480... 2a02:26f0:480:33::212:40d1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.207.250 143.204.207.250	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
5	23.36.162.200 23.36.162.200	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2016	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
5	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
81	23

1 2606:4700:3034::6815:3097 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

share.nowblox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3036::ac43:995a (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

share.nowblox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nowblox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:480:33::212:40d1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

tr.rbxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.207.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.36.162.200 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-200.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	nowblox.com 4 redirects share.nowblox.com nowblox.com	686 KB
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	226 KB
8	youtube.com www.youtube.com — Cisco Umbrella Rank: 75	1003 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	94 KB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 static.doubleclick.net — Cisco Umbrella Rank: 263	9 KB
5	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 922 tr6.snapchat.com — Cisco Umbrella Rank: 1368	799 B
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 752	143 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 jnn-pa.googleapis.com — Cisco Umbrella Rank: 220	41 KB
5	rbxcdn.com tr.rbxcdn.com — Cisco Umbrella Rank: 10644	111 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2	21 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	305 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6518	563 B
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	27 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	90 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 93	2 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2029	251 B
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1260	18 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 760	33 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2998	24 KB
81	19

	Domain	Requested by
12	nowblox.com	2 redirects nowblox.com
8	www.youtube.com	nowblox.com www.youtube.com
8	pagead2.googlesyndication.com	nowblox.com pagead2.googlesyndication.com tpc.googlesyndication.com
5	analytics.tiktok.com	nowblox.com analytics.tiktok.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.googletagmanager.com www.youtube.com
5	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
5	tr.rbxcdn.com	nowblox.com
4	tr.snapchat.com	sc-static.net
4	jnn-pa.googleapis.com	www.youtube.com
4	www.google.com	nowblox.com www.youtube.com tpc.googlesyndication.com
4	www.googletagmanager.com	nowblox.com www.googletagmanager.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	www.google.de	nowblox.com
2	cdn.jsdelivr.net	nowblox.com
2	cdnjs.cloudflare.com	nowblox.com cdnjs.cloudflare.com
2	share.nowblox.com	2 redirects
1	tr6.snapchat.com	sc-static.net
1	i.ytimg.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	region1.google-analytics.com	www.googletagmanager.com
1	fonts.googleapis.com	nowblox.com
1	sc-static.net	nowblox.com
1	code.jquery.com	nowblox.com
1	stackpath.bootstrapcdn.com	nowblox.com
81	25

This site contains links to these domains. Also see Links.

Domain
play.google.com
www.trustpilot.com
discord.gg

Subject Issuer	Validity	Valid
nowblox.com GTS CA 1P5	`2023-12-29` - `2024-03-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2023-11-30` - `2024-02-28`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.rbxcdn.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-06` - `2024-04-06`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
sc-static.net Amazon RSA 2048 M03	`2023-12-21` - `2025-01-18`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-12`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://nowblox.com/index.php
Frame ID: DD5410BF9EDB5E5CCB3BB31135028A61
Requests: 53 HTTP requests in this frame

Frame: https://www.youtube.com/embed/3rimScK_gJ0
Frame ID: F66016DF7F96873B4BF32F228B25B35C
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Frame ID: C6415E934F125B662D2010F9EB5678D6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1274188849119754&output=html&adk=1812271804&adf=3025194257&lmt=1706162897&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fnowblox.com%2Findex.php&pra=5&wgl=1&easpi=1&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706162897323&bpp=2&bdt=156&idt=181&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3230072719144&frm=20&pv=2&ga_vid=1293922028.1706162897&ga_sid=1706162898&ga_hid=1498451543&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532524%2C95320870%2C95320893%2C95321627%2C95322166&oid=2&pvsid=4300145380207974&tmod=1257290248&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=191
Frame ID: 699CCF59335D5ECF6AC1FE268538DA52
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=e39c9ece-d084-4636-a97d-14880e240979&u_scsid=98ccd14b-2032-4ed7-858e-05466eea2884&u_sclid=6beac61f-ad75-448d-8645-f3e6047b5cfe
Frame ID: 527443F81580BF4270BC585D837530C7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1E718726399706BF3E9A8F9F556A2605
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 23437361F402A23A4CFE4BE67D479E7F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nowblox - Exclusive Free Robux Earning Network

Page URL History Show full URLs

http://share.nowblox.com/ HTTP 301
https://share.nowblox.com/ HTTP 301
http://nowblox.com/invite.php?invite=/ HTTP 301
https://nowblox.com/invite.php?invite=/ HTTP 302
https://nowblox.com/index.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

81
Requests

100 %
HTTPS

88 %
IPv6

19
Domains

25
Subdomains

23
IPs

2
Countries

2833 kB
Transfer

7010 kB
Size

13
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://play.google.com/store/apps/details?id=com.Nowblox
Title: Read our reviews on the Google Play Store

Search URL Search Domain Scan URL

URL: https://www.trustpilot.com/review/nowblox.com
Title: Read our reviews on TrustPilot

Search URL Search Domain Scan URL

URL: https://discord.gg/2YWZV6YpRZ
Title: https://discord.gg/2YWZV6YpRZ

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://share.nowblox.com/ HTTP 301
https://share.nowblox.com/ HTTP 301
http://nowblox.com/invite.php?invite=/ HTTP 301
https://nowblox.com/invite.php?invite=/ HTTP 302
https://nowblox.com/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

81 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request index.php Show response
nowblox.com/
Redirect Chain

http://share.nowblox.com/
https://share.nowblox.com/
http://nowblox.com/invite.php?invite=/
https://nowblox.com/invite.php?invite=/
https://nowblox.com/index.php

20 KB
6 KB

186ms
186ms

Document
text/html

2606:4700:3036::ac43:995a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nowblox.com/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:995a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ca6811361918a8b46cd5ba18fbdd9c83dc275da0192b76ede2066d06caf727e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84ae573a2f6e796e-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 06:08:17 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lVZZosGeWs5b356sg9sG6rRiDPHy6QiFOFch7vnJ%2BCyB4%2FOkiISMk%2FalvYm4NnoZ4jmg1oYDgmxxWXPsSB057b7r5Ya%2B1eqTYzQVuhJ2n7n9Qdml1khjEupIr6%2B2TTckUZQcu%2F3LIZs7wA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84ae57380ce0796e-AMS
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 06:08:16 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: ./index.php
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3c412WNkThKUFb07kYAcgaCewkhw0abMs2GxN1gmeFsyHr%2FCsStaKyEGdxepYT3%2FfAz9efoj2ugHkQbvsUiJcVYwx9IR5NY3zX3AjWMC1lJhMp7Vp77WZnAxRzCkadh788JOLAdPFAMcnA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
92 KB 86ms
47ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9Q0SZEYCM1

Requested by

Host: nowblox.com
URL: https://nowblox.com/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a605a1b5e5369d13a8b9952d41d7c0ae425fc7654e980726c1d42043efa530cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nowblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 06:08:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93692
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 25 Jan 2024 06:08:17 GMT

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 152 KB
24 KB 277ms
24ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css

Requested by

Host: nowblox.com
URL: https://nowblox.com/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nowblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 06:08:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1078
age: 5020199
cdn-cachedat: 10/31/2023 18:59:49
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"a15c2ac3234aa8f6064ef9c1f7383c37"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 781fdf1c6e823e65290dac5eeb884a47
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 84ae573cebf79205-FRA
cdn-requestpullsuccess: True

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.0/css/ 58 KB
11 KB 279ms
20ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.0/css/all.min.css

Requested by

Host: nowblox.com
URL: https://nowblox.com/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea087dec3e1ab60a0cfc17d8ceb237d2076e7a872d55d00e92cac615aab43489

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nowblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 06:08:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6594556
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10472
last-modified: Tue, 29 Sep 2020 16:15:19 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f735d97-e7d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kgnPBtPFOg2sBWmW%2B9%2BQJdu1%2FwDPLVcM4Lc1NKA6fowKjbDi1MVM6urD%2FGgqwBnyRbMK3je6MGTdOWWfDSiaxZ%2F4DQnnWredByyJI%2Fc%2BYtxxN3OdN9oGe6j0NM%2Ff58rxqajCVO5Sp3ls%2BsrdQXrHs9IZ"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84ae573cedb61c42-FRA
expires: Tue, 14 Jan 2025 06:08:17 GMT

GET
H3 200 styles.css
nowblox.com/_css/ 9 KB
2 KB 36ms
36ms Stylesheet
text/css 2606:4700:3036::ac43:995a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nowblox.com/_css/styles.css?v=7
Requested by: Host: nowblox.com
URL: https://nowblox.com/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:995a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a129bf43a002f09f639949f4fbadbd382fc2075a65365d434153b5e894a0539d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nowblox.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 06:08:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 17 Aug 2023 21:14:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 23719
etag: W/"23fe-64de8dd0-857a0;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j14jMaCKuLKDHLx2c3zVknmaiYnVIJ0yO%2BbIEag27CPrvvJCXyt%2FBr1eKSo7aoWVSmQyg3Zk3ZtkPe4BBxlHjVGf5s%2FZY6hDTFcPQNOXIwGWv1BRj3eCOXXhEA7yds8LjTctjqg6pgoA1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 84ae573b5dc29226-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 31 Jan 2024 23:32:58 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 87ms
53ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: nowblox.com
URL: https://nowblox.com/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd6093f067a5713ac640526608ebe7d901c4e2820fb09bf775c08055b6fd397f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nowblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 06:08:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51013
x-xss-protection: 0
server: cafe
etag: 15248218171987760944
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 25 Jan 2024 06:08:17 GMT

GET
H3 200 nowblox-logo.png
nowblox.com/_img/ 27 KB
27 KB 22ms
21ms Image
image/png 2606:4700:3036::ac43:995a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nowblox.com/_img/nowblox-logo.png
Requested by: Host: nowblox.com
URL: https://nowblox.com/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:995a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 766b75346c9f8de1a0a18800a08238a0eee383d6ce77330f5ce0915f23f3a45f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nowblox.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 06:08:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23719
alt-svc: h3=":443"; ma=86400
content-length: 27326
last-modified: Thu, 17 Aug 2023 21:15:00 GMT
server: cloudflare
etag: "6abe-64de8dd4-857ad;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rVj8abDBIo4IIt8eB66ceCZ8ypODb2%2BTYUGrp4R%2BzXBbzK2nlpZeJG98j5DPO6iHtWgjL8%2Bi6AEoIgMQGioNh%2FMH%2BT1X4ZuClE6iAQ6rT%2Buzim9unh%2FBIuGPkHBlCTzbA%2BOIIzooG5u6EQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 84ae573b5dc39226-FRA
expires: Wed, 31 Jan 2024 23:32:58 GMT

GET
H3 200 entering.gif
nowblox.com/_img/ 168 KB
169 KB 37ms
37ms Image
image/gif 2606:4700:3036::ac43:995a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nowblox.com/_img/entering.gif
Requested by: Host: nowblox.com
URL: https://nowblox.com/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:995a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 235ed0da2789cb823722fba863adaed722bd7f9d31fef00dbc4c8f88725c0ea2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nowblox.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 06:08:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23719
alt-svc: h3=":443"; ma=86400
content-length: 172316
last-modified: Thu, 17 Aug 2023 21:14:59 GMT
server: cloudflare
etag: "2a11c-64de8dd3-857a8;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1vDaA95cAzSy3wwC1c2KOPwWAfOq6gRbp%2BVz08t78YEZUBmM8sL0KMwgqaDPETYGhdpv8FUCYozZJ8goQCiwRn4oiqjNoI9PrK%2FHtOOk6GxoYZUZezFOa9onRNJYEQp2pZ5BCK1p9Rpj8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 84ae573b5dc49226-FRA
expires: Wed, 31 Jan 2024 23:32:58 GMT

GET
H3 200 enteringMobile.gif
nowblox.com/_img/ 446 KB
446 KB 60ms
59ms Image
image/gif 2606:4700:3036::ac43:995a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nowblox.com/_img/enteringMobile.gif
Requested by: Host: nowblox.com
URL: https://nowblox.com/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:995a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55af8e0760638aa50b802f2b3f33de117761620665599b15fe09122c26f137aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nowblox.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 06:08:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23719
alt-svc: h3=":443"; ma=86400
content-length: 456444
last-modified: Thu, 17 Aug 2023 21:14:58 GMT
server: cloudflare
etag: "6f6fc-64de8dd2-857a5;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NYi4ZgxkchcbV0Ni9cQJYvzFhUNU51VN6luflkStuu1z8JOzG26qArwwh8Pe9jkwW1WozMAKZbq8iI42IAj6g9v8mLkud1ubWAx2m%2FIWSjhKIOJaHX1WYYOpxU9sm4qbGKzja7%2BKQEImSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 84ae573b6dcf9226-FRA
expires: Wed, 31 Jan 2024 23:32:58 GMT

GET
H3 200 irregular-shape-2-bottom.svg
nowblox.com/_img/ 610 B
843 B 78ms
77ms Image
image/svg+xml 2606:4700:3036::ac43:995a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nowblox.com/_img/irregular-shape-2-bottom.svg
Requested by: Host: nowblox.com
URL: https://nowblox.com/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:995a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 144bf448643d10a1597a3f6d3032c6cd23f57072dbe38142947b97104cae9aac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nowblox.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 06:08:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 17 Aug 2023 21:14:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 23719
etag: W/"262-64de8dd3-857aa;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hgBw1eE21Lu5QuuLwGuZozf1muFZ8B4S7pJ3q2mHTfNeswxVs%2F%2FRbHkPzi1W7hZEW2yZCwASDQhWjzwaXcz0g8dqPDt3pnfCjpfNouLfS3MmZxYD5iBQFFweh3bzfsVVrFQKSKNSo7vuEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
cf-ray: 84ae573b6dd19226-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 31 Jan 2024 23:32:58 GMT

GET
H3 200 abstract-shapes-10.png
nowblox.com/_img/ 16 KB
16 KB 79ms
77ms Image
image/png 2606:4700:3036::ac43:995a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nowblox.com/_img/abstract-shapes-10.png
Requested by: Host: nowblox.com
URL: https://nowblox.com/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:995a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3281e4c6e4a14c0408dee87feb788dbf8da96f106fcc48e5bd339da7b93c6160

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nowblox.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 06:08:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23719
alt-svc: h3=":443"; ma=86400
content-length: 15960
last-modified: Thu, 17 Aug 2023 21:14:56 GMT
server: cloudflare
etag: "3e58-64de8dd0-857a2;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vRlvAem6ILrdOryvGFbD%2Fo8ryt9F72A9GtdBDe%2Br08feCQgg4W9OsIQLhfhxLVXgNBS0Bj4bjqb1vDoU3aO3YicXbtkwQar8wrEUy7oTRyedbh2c4WUNitGw1CyBhKnHEEGmjH948o0pmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 84ae573b6dd29226-FRA
expires: Wed, 31 Jan 2024 23:32:58 GMT

GET
H2 200 isCircular
tr.rbxcdn.com/30DAY-AvatarHeadshot-389039582C21537EC56AB0AD0566C208-Png/180/180/AvatarHeadshot/WebP/ 31 KB
31 KB 131ms
15ms Image
image/webp 2a02:26f0:480:33::212:40d1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.rbxcdn.com/30DAY-AvatarHeadshot-389039582C21537EC56AB0AD0566C208-Png/180/180/AvatarHeadshot/WebP/isCircular

Requested by

Host: nowblox.com
URL: https://nowblox.com/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:33::212:40d1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Kestrel /

Resource Hash

8307f0023ef154c7fd3fb2cf27678590fc90ce7c087fc26ecd60b36a589d97e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nowblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-roblox-edge: lga2
strict-transport-security: max-age=3600
date: Thu, 25 Jan 2024 06:08:17 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
server: Kestrel
x-frame-options: SAMEORIGIN
roblox-machine-id: c19a9f0659b1
content-type: image/WebP
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
x-roblox-region: us-central
cache-control: max-age=31536000
access-control-allow-methods: GET
content-length: 31262
expires: Fri, 24 Jan 2025 06:08:17 GMT

GET
H2 200 isCircular
tr.rbxcdn.com/30DAY-AvatarHeadshot-4A61AF980DA0996FD17F785930736760-Png/180/180/AvatarHeadshot/WebP/ 13 KB
14 KB 158ms
41ms Image
image/webp 2a02:26f0:480:33::212:40d1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.rbxcdn.com/30DAY-AvatarHeadshot-4A61AF980DA0996FD17F785930736760-Png/180/180/AvatarHeadshot/WebP/isCircular

Requested by

Host: nowblox.com
URL: https://nowblox.com/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:33::212:40d1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Kestrel /

Resource Hash

d484d5213570558d270eb23ed9a2360a28cb35bfd055810af704fb51c5fe5237

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nowblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-roblox-edge: atl1
strict-transport-security: max-age=3600
date: Thu, 25 Jan 2024 06:08:17 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
server: Kestrel
x-frame-options: SAMEORIGIN
roblox-machine-id: a500fe27bcf5
content-type: image/WebP
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
x-roblox-region: us-central
cache-control: max-age=31536000
access-control-allow-methods: GET
content-length: 13751
expires: Fri, 24 Jan 2025 06:08:17 GMT

GET
H2 200 isCircular
tr.rbxcdn.com/30DAY-AvatarHeadshot-8CAD0539B44419B5B8D07F453F5AC4EC-Png/180/180/AvatarHeadshot/WebP/ 17 KB
18 KB 159ms
42ms Image
image/webp 2a02:26f0:480:33::212:40d1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.rbxcdn.com/30DAY-AvatarHeadshot-8CAD0539B44419B5B8D07F453F5AC4EC-Png/180/180/AvatarHeadshot/WebP/isCircular

Requested by

Host: nowblox.com
URL: https://nowblox.com/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:33::212:40d1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Kestrel /

Resource Hash

53477b5416bbd1603208069b90d5f2090db260dffffed5b476e425087e704545

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nowblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-roblox-edge: mia4
strict-transport-security: max-age=3600
date: Thu, 25 Jan 2024 06:08:17 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
server: Kestrel
x-frame-options: SAMEORIGIN
roblox-machine-id: 45589d44dade
content-type: image/WebP
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
x-roblox-region: us-central
cache-control: max-age=31536000
access-control-allow-methods: GET
content-length: 17609
expires: Fri, 24 Jan 2025 06:08:17 GMT

GET
H2 200 isCircular
tr.rbxcdn.com/30DAY-AvatarHeadshot-5C679B8BA530CC2F077B25DB3FDE92D7-Png/180/180/AvatarHeadshot/WebP/ 16 KB
16 KB 155ms
39ms Image
image/webp 2a02:26f0:480:33::212:40d1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.rbxcdn.com/30DAY-AvatarHeadshot-5C679B8BA530CC2F077B25DB3FDE92D7-Png/180/180/AvatarHeadshot/WebP/isCircular

Requested by

Host: nowblox.com
URL: https://nowblox.com/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:33::212:40d1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Kestrel /

Resource Hash

b4a8c7acd95c88ae78f230ae028766d61edeb353f4df447dc16a58fdbe95c24a

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nowblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-roblox-edge: iad4
strict-transport-security: max-age=3600
date: Thu, 25 Jan 2024 06:08:17 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
server: Kestrel
x-frame-options: SAMEORIGIN
roblox-machine-id: 637e389dedf4
content-type: image/WebP
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
x-roblox-region: us-central
cache-control: max-age=31536000
access-control-allow-methods: GET
content-length: 16263
expires: Fri, 24 Jan 2025 06:08:17 GMT

GET
H2 200 isCircular
tr.rbxcdn.com/30DAY-AvatarHeadshot-93B639874FB3C19CF0812FE3199FBB7C-Png/180/180/AvatarHeadshot/WebP/ 32 KB
32 KB 143ms
27ms Image
image/webp 2a02:26f0:480:33::212:40d1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.rbxcdn.com/30DAY-AvatarHeadshot-93B639874FB3C19CF0812FE3199FBB7C-Png/180/180/AvatarHeadshot/WebP/isCircular

Requested by

Host: nowblox.com
URL: https://nowblox.com/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:33::212:40d1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Kestrel /

Resource Hash

24b71b74ed153e41e8e8df0116768ac483cd1980aa36eda8e1e7b9b8b0ce6283

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nowblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-roblox-edge: iad4
strict-transport-security: max-age=3600
date: Thu, 25 Jan 2024 06:08:17 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
server: Kestrel
x-frame-options: SAMEORIGIN
roblox-machine-id: 445ac06dbdc7
content-type: image/WebP
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
x-roblox-region: us-central
cache-control: max-age=31536000
access-control-allow-methods: GET
content-length: 32530
expires: Fri, 24 Jan 2025 06:08:17 GMT

GET
H3 200 email-decode.min.js Show response
nowblox.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 81ms
80ms Script
application/javascript 2606:4700:3036::ac43:995a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nowblox.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: nowblox.com
URL: https://nowblox.com/index.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:995a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nowblox.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 06:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Jan 2024 11:04:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65af9d3b-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Q0h61mkbgX8SkkW0mDSrR%2FH20MALptGrb4iYUFaf2F48bnGEkTlcdTWujB2Vr4Yx3DHnemOwOEuCsq%2BOykWXRUpa2bBNNwDHRToISlejYQLE%2FHz7MLyLCady6v55PZILLbjMLvZSQkxdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 84ae573b6dd39226-FRA
expires: Sat, 27 Jan 2024 06:08:17 GMT

GET
H2 200 jquery-1.12.4.min.js Show response
code.jquery.com/ 95 KB
33 KB 47ms
11ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.12.4.min.js
Requested by: Host: nowblox.com
URL: https://nowblox.com/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nowblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 06:08:17 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 11362290
x-cache: HIT, HIT
content-length: 33738
x-served-by: cache-lga21956-LGA, cache-fra-eddf8230035-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1706162897.218105,VS0,VE0
etag: W/"28feccc0-17b8b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 210, 2325815

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ 82 KB
23 KB 54ms
25ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js

Requested by

Host: nowblox.com
URL: https://nowblox.com/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nowblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 06:08:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4754127
x-jsd-version: 4.5.3
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230075-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"148b8-qycDEVlyTiQh9v9ccPSOZXq+nTk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hJ5ihv1VumEyOlqxcI%2FlXSqEW2dtHo1dVSgK0tYlL3F2QnwUzHiSH6OMhnjMvXxwADt93H7F2S4KOqi6hd399gAi3a8vpd8lqijWq%2B82uytchfI6%2BXgOv02iGNGNzEwSbUBL6vpah69Ez4O9KTE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 84ae573b9f5a4da8-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 196 KB
72 KB 54ms
27ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-664192231

Requested by

Host: nowblox.com
URL: https://nowblox.com/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1d09738f8b5ed9a86b3fd229f6a070a8df19e43c017cde7cde274ee3a0d31cc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nowblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 06:08:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 72840
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 25 Jan 2024 06:08:17 GMT

GET
H2 200 lite-youtube.js Show response
cdn.jsdelivr.net/npm/@justinribeiro/lite-youtube@0.6.2/ 9 KB
4 KB 55ms
19ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@justinribeiro/lite-youtube@0.6.2/lite-youtube.js

Requested by

Host: nowblox.com
URL: https://nowblox.com/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69a6b023b276845d090a6a1f43c43409fdea1bf815036d234b72efdc8b03aa6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nowblox.com/
Origin: https://nowblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 06:08:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7262035
x-jsd-version: 0.6.2
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220103-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"2482-XtB38nDrCcQSzhZfyT6TAaGwtwY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=erqpsBHh1dU5AK5XEz%2FXKZ1dZ6X6DpgHCjXhffuFxKdfkVaP69uvfvBi49HGbIMKooeilzTc8%2FcfORA9AyhmRa9Kmc7QLrlhqVXSnUYBAl8ezJ2hJhhgTjSEsmhrAukTxN7CACpkzzIfv9srUqA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 84ae573b89053a52-FRA

GET
H3 200 typed.min.js Show response
nowblox.com/_js/ 11 KB
4 KB 82ms
81ms Script
application/x-javascript 2606:4700:3036::ac43:995a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nowblox.com/_js/typed.min.js
Requested by: Host: nowblox.com
URL: https://nowblox.com/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:995a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d180a87fcc37baec7a18a3a6aa47f65fd73012426c5d6851851535f53c1e3778

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nowblox.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 06:08:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 17 Aug 2023 21:15:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 23719
etag: W/"2dbe-64de8dd9-857c5;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GLhDkvsBeFELoP5H6%2FR%2BpoiLLOoWZHP%2BInICxEFFwT77R6FQsocE3pbAnJND7FTDGEkOhZwpuncvPMNyPzHuDCONhn0kos3A5UCRv1p9uOaAfwIE6fQkYypE11ItKI3xajNu8tK%2B7oKVLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 84ae573b6dd49226-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 31 Jan 2024 23:32:58 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 41 KB
18 KB 115ms
26ms Script
application/javascript 143.204.207.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: nowblox.com
URL: https://nowblox.com/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-250.fra53.r.cloudfront.net
Software: CloudFront /
Resource Hash: e5fdb3ea4cc4cf6b0f77fce3b54d03d78a697bec33bb1a023b964e8be16aea5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nowblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 06:08:17 GMT
content-encoding: gzip
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 17883
x-amz-cf-id: htMjJVjVVHgBQH1pqJVZ8mQuWe_txniBopNdG2grHTuwyIDa32Aeiw==

GET
H2 200 3rimScK_gJ0 Show response
www.youtube.com/embed/ Frame F660 91 KB
40 KB 344ms
62ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/3rimScK_gJ0

Requested by

Host: nowblox.com
URL: https://nowblox.com/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

34f71fa860568e78b03a016ceb7944b4154ca7b54b63a59c0ea976581fdb420a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nowblox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 06:08:17 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 55ms
24ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap

Requested by

Host: nowblox.com
URL: https://nowblox.com/_css/styles.css?v=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e40dbc6da95b47d932014e5a93f35b13a341a37ea6fe7559dca041dc77271cd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nowblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 25 Jan 2024 06:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 25 Jan 2024 04:47:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Jan 2024 06:08:17 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 52ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-9Q0SZEYCM1&gtm=45je41m0v9132983624&_p=1706162897180&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1293922028.1706162897&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1706162897&sct=1&seg=0&dl=https%3A%2F%2Fnowblox.com%2Findex.php&dt=Nowblox%20-%20Exclusive%20Free%20Robux%20Earning%20Network&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3103
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9Q0SZEYCM1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nowblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 06:08:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nowblox.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 197 KB
71 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11305068790&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9Q0SZEYCM1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d9d1239d7d6b30c4638132c4791e86b8721972a10710d35e7079992d9f8e4f7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nowblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 06:08:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 72844
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 25 Jan 2024 06:08:17 GMT

GET
H3 200 roblox-webfont.woff2
nowblox.com/fonts/ 11 KB
12 KB 20ms
20ms Font
font/woff2 2606:4700:3036::ac43:995a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nowblox.com/fonts/roblox-webfont.woff2
Requested by: Host: nowblox.com
URL: https://nowblox.com/_css/styles.css?v=7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:995a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f02e4874c77170d241382c3ac260a7f4f2a2f8a4ae845872b8b598a626beec75

Request headers

Referer: https://nowblox.com/_css/styles.css?v=7
Origin: https://nowblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 06:08:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23718
alt-svc: h3=":443"; ma=86400
content-length: 11412
last-modified: Thu, 17 Aug 2023 21:15:43 GMT
server: cloudflare
etag: "2c94-64de8dff-85889;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G7jagJMi4x%2F0S%2Fg4386duqj69TwUJuvhr7%2BV4Pjw9xzla9a1mdW9%2BtOaANf2mlbQA9APuYVKpbwAELik6vwh4oaCIQcJC9IPH%2BBo255MeHQqnXWfwZWjcZhI5ZA3tHCvBH4ulKkXY7ATXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 84ae573c3e709226-FRA
expires: Wed, 31 Jan 2024 23:32:58 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 46ms
14ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nowblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:28:30 GMT
x-content-type-options: nosniff
age: 110387
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 23:28:30 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 42ms
10ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nowblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 19:34:29 GMT
x-content-type-options: nosniff
age: 38028
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jan 2025 19:34:29 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/ 403 KB
137 KB 67ms
67ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1274188849119754&plah=nowblox.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

350d0b99a4a4bb27416abf95008f22eb14b018b57ade2ffdd43f15497500f6a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nowblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 06:08:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139801
x-xss-protection: 0
server: cafe
etag: 15256993979455418785
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 06:08:17 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/ Frame C641 9 KB
5 KB 38ms
11ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nowblox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 23260
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 23:40:37 GMT
etag: 3890843268177463596
expires: Wed, 07 Feb 2024 23:40:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11305068790/ 3 KB
2 KB 56ms
47ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11305068790/?random=1706162897354&cv=11&fst=1706162897354&bg=ffffff&guid=ON&async=1&gtm=45be41m0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tag_exp=71847096&u_w=1600&u_h=1200&url=https%3A%2F%2Fnowblox.com%2Findex.php&hn=www.googleadservices.com&frm=0&tiba=Nowblox%20-%20Exclusive%20Free%20Robux%20Earning%20Network&pscdl=noapi&auid=1255452190.1706162897&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11305068790&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97a335395624d3c1d194f648cdbf5f434960cdc8d183d03f48ba698c2aa0b305

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nowblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 06:08:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/11305068790/ 42 B
455 B 62ms
23ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11305068790/?random=1706162897354&cv=11&fst=1706162400000&bg=ffffff&guid=ON&async=1&gtm=45be41m0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnowblox.com%2Findex.php&frm=0&tiba=Nowblox%20-%20Exclusive%20Free%20Robux%20Earning%20Network&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_IWvcJa-zdOoAUWwOG0K5gglpVvAG0Q&random=2758700098&rmt_tld=0&ipr=y

Requested by

Host: nowblox.com
URL: https://nowblox.com/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nowblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 06:08:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11305068790/ 42 B
455 B 54ms
24ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11305068790/?random=1706162897354&cv=11&fst=1706162400000&bg=ffffff&guid=ON&async=1&gtm=45be41m0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnowblox.com%2Findex.php&frm=0&tiba=Nowblox%20-%20Exclusive%20Free%20Robux%20Earning%20Network&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_IWvcJa-zdOoAUWwOG0K5gglpVvAG0Q&random=2758700098&rmt_tld=1&ipr=y

Requested by

Host: nowblox.com
URL: https://nowblox.com/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nowblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 06:08:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nowblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:31:14 GMT
x-content-type-options: nosniff
age: 110223
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 23:31:14 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.0/webfonts/ 78 KB
79 KB 36ms
19ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.0/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.0/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec33cc021ea00d6a98c21a82a37d7a669c933e833656a868b614e280370cb80c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.0/css/all.min.css
Origin: https://nowblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 06:08:17 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 43656
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 80240
last-modified: Tue, 29 Sep 2020 16:15:19 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f735d97-13970"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2OcQBjHrglW5VGs0XyTkCsj3eRgEYD8%2BFdEdM8QEO5I4N5bb%2FhSDrnKPk6nvcDLNhV2cepNVykWj%2B%2BE9Gs%2FGr1K%2F%2F25c0YsItVSm6ZiH1CgdG3AGkLVkSsDK9fRVDborBd%2FV2Is3HR6ly87ldDa8%2ByOC"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84ae573d3dbc68fe-FRA
expires: Tue, 14 Jan 2025 06:08:17 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 197 KB
71 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-664192231&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9Q0SZEYCM1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

08a956e605169026f7cf597d3c20efa0b6412c7a6a23adc8af09db5d6919475f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nowblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 06:08:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 72787
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 25 Jan 2024 06:08:17 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 150ms
112ms Script
application/javascript 23.36.162.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1KAJDHT0U322RQQ3D8G&lib=ttq
Requested by: Host: nowblox.com
URL: https://nowblox.com/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.200 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-200.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5b822921747cbfd1fb550fcc24cab38adef8403ef2362c454f43e57312266907

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nowblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-akamai-request-id: 54c94e9
date: Thu, 25 Jan 2024 06:08:17 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2401250608171EC33396A26A092C20F6-15D06D05D591C76D-00
x-cache: TCP_MISS from a23-206-213-200.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=0, origin; dur=94
content-length: 1530
pragma: no-cache
server: nginx
x-tt-logid: 202401250608171EC33396A26A092C20F6
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 94,23.206.213.200
x-tt-trace-host: 01d55804a83afb49601886fcc6c620f33426fc51f0ce9561d55cb67d753fc5c94cdded0a920bfdb0c4e55d069acee8f003b867ed1530f90f61a94bd26af1e950c977651b59fb4ba8f6699c884ae38e142737db99d0381e9212d69709d121cae16e
expires: Thu, 25 Jan 2024 06:08:17 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/664192231/ 3 KB
2 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/664192231/?random=1706162897495&cv=11&fst=1706162897495&bg=ffffff&guid=ON&async=1&gtm=45be41m0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fnowblox.com%2Findex.php&hn=www.googleadservices.com&frm=0&tiba=Nowblox%20-%20Exclusive%20Free%20Robux%20Earning%20Network&pscdl=noapi&auid=1255452190.1706162897&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-664192231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d97a467b4a0ae426084b97053be6a5c1aa28469c721897f8a07fa7f418150347

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nowblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 06:08:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1286
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 699C 603 B
345 B 183ms
183ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1274188849119754&output=html&adk=1812271804&adf=3025194257&lmt=1706162897&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fnowblox.com%2Findex.php&pra=5&wgl=1&easpi=1&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706162897323&bpp=2&bdt=156&idt=181&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3230072719144&frm=20&pv=2&ga_vid=1293922028.1706162897&ga_sid=1706162898&ga_hid=1498451543&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532524%2C95320870%2C95320893%2C95321627%2C95322166&oid=2&pvsid=4300145380207974&tmod=1257290248&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=191

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1274188849119754&plah=nowblox.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nowblox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 06:08:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=nowbloxLoader&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: nowblox.com
URL: https://nowblox.com/index.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nowblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 06:08:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=nowbloxLoader&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: nowblox.com
URL: https://nowblox.com/index.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nowblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 06:08:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/717a6f94/ Frame F660 359 KB
47 KB 11ms
11ms Stylesheet
text/css 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/717a6f94/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/3rimScK_gJ0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

750b740cf3d6feb3e22d428027094fd0fc10899748f9616271b124cc1b7136d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/3rimScK_gJ0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 20:10:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35855
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47496
x-xss-protection: 0
last-modified: Tue, 23 Jan 2024 05:15:46 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 23 Jan 2025 20:10:42 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F660 15 KB
15 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/3rimScK_gJ0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 05:31:50 GMT
x-content-type-options: nosniff
age: 261387
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Jan 2025 05:31:50 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F660 15 KB
15 KB 12ms
12ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/3rimScK_gJ0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 09:09:14 GMT
x-content-type-options: nosniff
age: 161943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 09:09:14 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/717a6f94/player_ias.vflset/de_DE/ Frame F660 53 KB
17 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/717a6f94/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/3rimScK_gJ0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1825ad6640f1770259a4ec2ad682f149bcf013fe19dfc6a6371d2c57c0c8740

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/3rimScK_gJ0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:35:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 109971
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16799
x-xss-protection: 0
last-modified: Tue, 23 Jan 2024 05:15:46 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 22 Jan 2025 23:35:26 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/717a6f94/www-embed-player.vflset/ Frame F660 319 KB
95 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/717a6f94/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/3rimScK_gJ0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4be4b6cf62390d84fed6d22f6da9be085a883166f3a502084d11a0b0088154dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/3rimScK_gJ0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2816
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97397
x-xss-protection: 0
last-modified: Tue, 23 Jan 2024 05:15:46 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 24 Jan 2025 05:21:21 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/717a6f94/player_ias.vflset/de_DE/ Frame F660 2 MB
771 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/717a6f94/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/3rimScK_gJ0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1da0320cffd6ef93b1ae81589668c8bc5e97ac2f1c48560c8bc8945de7d6867

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/3rimScK_gJ0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 08:24:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 164615
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 788956
x-xss-protection: 0
last-modified: Tue, 23 Jan 2024 05:15:46 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 22 Jan 2025 08:24:42 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/664192231/ 42 B
108 B 27ms
26ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/664192231/?random=1706162897495&cv=11&fst=1706162400000&bg=ffffff&guid=ON&async=1&gtm=45be41m0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnowblox.com%2Findex.php&frm=0&tiba=Nowblox%20-%20Exclusive%20Free%20Robux%20Earning%20Network&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_LJ7_8r-EI_baeKJ_5raA84yFYrwpyBJZIv80C7bCKVnnibuh&random=1892997419&rmt_tld=0&ipr=y

Requested by

Host: nowblox.com
URL: https://nowblox.com/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nowblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 06:08:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/664192231/ 42 B
108 B 270ms
269ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/664192231/?random=1706162897495&cv=11&fst=1706162400000&bg=ffffff&guid=ON&async=1&gtm=45be41m0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnowblox.com%2Findex.php&frm=0&tiba=Nowblox%20-%20Exclusive%20Free%20Robux%20Earning%20Network&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_LJ7_8r-EI_baeKJ_5raA84yFYrwpyBJZIv80C7bCKVnnibuh&random=1892997419&rmt_tld=1&ipr=y

Requested by

Host: nowblox.com
URL: https://nowblox.com/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nowblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 06:08:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame F660 113 B
159 B 19ms
18ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/717a6f94/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f19389de388ca12e12507d84994ef7269d718c19ee01a06c0e0ce0ccc3c40b2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 06:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame F660 29 B
495 B 39ms
11ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/717a6f94/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:55:32 GMT
x-content-type-options: nosniff
age: 765
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 25 Jan 2024 06:10:32 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 57ms
19ms Preflight
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 25 Jan 2024 06:08:17 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame F660 87 KB
40 KB 32ms
32ms XHR
application/json+protobuf 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/717a6f94/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

51f889d2aa137ec681cbe15e7d4335bb8762653296f33824318a7c476e185a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 25 Jan 2024 06:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40983
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/717a6f94/player_ias.vflset/de_DE/ Frame F660 117 KB
33 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/717a6f94/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/717a6f94/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8843bc347fb35d7451d70cccdec5270fe68bde6705eff45d2c5f60243918dfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/3rimScK_gJ0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:24:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 110609
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33908
x-xss-protection: 0
last-modified: Tue, 23 Jan 2024 05:15:46 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 22 Jan 2025 23:24:48 GMT

GET
H3 200 GmRahjSf3JbDLJ_8drlGuzLn-semBsnMOpTLfEePKCI.js Show response
www.google.com/js/th/ Frame F660 51 KB
19 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/GmRahjSf3JbDLJ_8drlGuzLn-semBsnMOpTLfEePKCI.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/717a6f94/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a645a86349fdc96c32c9ffc76b946bb32e7fac7a606c9cc3a94cb7c478f2822

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 04:53:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19865
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Jan 2025 04:53:45 GMT

GET
H2 200 2.webp
i.ytimg.com/vi_webp/3rimScK_gJ0/ Frame F660 2 KB
2 KB 59ms
24ms Image
image/webp 2a00:1450:4001:827::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/3rimScK_gJ0/2.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/3rimScK_gJ0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12d85c6946ff26363e4e2df7b8ba0352962a9c54e4cde53627b7ae416638e2e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 06:08:17 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1592
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 25 Jan 2024 08:08:17 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame F660 90 B
134 B 33ms
33ms XHR
application/json+protobuf 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/717a6f94/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7ae892ef57fdaaf8c30cb4d2c81c49dfc613ccef0010fe0aa3d6d9c8c2ebbfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 25 Jan 2024 06:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 41ms
24ms Preflight
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 25 Jan 2024 06:08:17 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 main.MWI0MWYzMDk5MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 378 KB
102 KB 19ms
15ms Script
application/javascript 23.36.162.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI0MWYzMDk5MA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1KAJDHT0U322RQQ3D8G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.200 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-200.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e14cfdff7c80a9f1f400cb90dc1adf7f3f49a6c183279187e0411e2511efb27f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nowblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-akamai-request-id: 54c99c0
date: Thu, 25 Jan 2024 06:08:17 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240123151536AB50998B2990B993DCEC
x-tt-trace-id: 00-240123151536AB50998B2990B993DCEC-581289B0CACBD9EF-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-206-213-200.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01e527322fb0fa686bf9079f7692c0172284bd4352df7ced0f719f9c60c13b3e2270d27f5e73f83c49f58d6d1197a69100bd680bd1c864d14dd407c874c4635ca67816893c8db25b2186e485db73e2a66b736468e9aebbcbbe34bfcd8e1dad9a23
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=18
content-length: 103896

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame F660 4 KB
2 KB 76ms
27ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/717a6f94/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 06:08:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 Jan 2024 06:08:18 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame F660 0
10 B 18ms
15ms Image
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?zCSozw
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/3rimScK_gJ0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/3rimScK_gJ0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 06:08:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 identify_0a875.js Show response
analytics.tiktok.com/i18n/pixel/static/ 137 KB
37 KB 14ms
13ms Script
application/javascript 23.36.162.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_0a875.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI0MWYzMDk5MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.200 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-200.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nowblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-akamai-request-id: 54c9aef
date: Thu, 25 Jan 2024 06:08:18 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240123151538729DA4B1C47DB0BDFF8F
x-tt-trace-id: 00-240123151538729DA4B1C47DB0BDFF8F-132CC1C3B970F843-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-206-213-200.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01d20dcec83214709db4d30e1a223b297becc8e55e7399f61bf6bb6473e99893713aff867ac5fca36b6f1d7cc3a4194585c60c3ca321440c6c8b6a2f157c4bd58cfc638a0e64bd859185eb0455704c3f8169f0f33bcb6bf1e1d290f26a14bf5188
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=11
content-length: 36982

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
849 B 155ms
155ms Ping
text/plain 23.36.162.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI0MWYzMDk5MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.200 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-200.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nowblox.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 432a47c5.54c9b6c
date: Thu, 25 Jan 2024 06:08:18 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240125060818427FC82005D43535878B-48FBE68EE0DCDC76-00
x-cache: TCP_MISS from a23-206-213-200.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
x-parent-response-time: 135,23.206.213.200
server-timing: cdn-cache; desc=MISS, edge; dur=90, origin; dur=52, inner; dur=48
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240125060818427FC82005D43535878B
x-cache-remote: TCP_MISS from a23-201-31-222.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 53,23.201.31.222
x-tt-trace-host: 01d55804a83afb49601886fcc6c620f3343ba553118fcfa126b5d54656c6248f00fa1b67f09e9d43d4cd382aa3c1aba84de9835f24d3f6763d8c55a13a76a0494d9fd0d396da33150335cdea886b34bff74c2fb4acb8a5a6883cb0ec9e528595869142573551481cb5e4c36f1f4aa828cb
access-control-allow-headers: Authorization,*
expires: Thu, 25 Jan 2024 06:08:18 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame F660 50 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 23:21:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24397
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 25 Jan 2024 23:21:41 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 75ms
56ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240122&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b412c4007ae8d11d64fa2849f3720e7c3ac42c6997372b8e7231cdbcf43bee03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nowblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 06:08:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12166
x-xss-protection: 0

GET
H2 200 e39c9ece-d084-4636-a97d-14880e240979.js Show response
tr.snapchat.com/config/com/ 186 B
452 B 143ms
118ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/e39c9ece-d084-4636-a97d-14880e240979.js?v=3.8.0-2401042024

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

187660d8472e48e525f0f49e57e29ff371f2a34c12b33c2fe44945e68b6293fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://nowblox.com/
Origin: https://nowblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 06:08:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://nowblox.com
x-envoy-upstream-service-time: 96
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 186

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 5274 0
201 B 43ms
20ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=e39c9ece-d084-4636-a97d-14880e240979&u_scsid=98ccd14b-2032-4ed7-858e-05466eea2884&u_sclid=6beac61f-ad75-448d-8645-f3e6047b5cfe

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://nowblox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 25 Jan 2024 06:08:18 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

POST
H2 200 p
tr.snapchat.com/ 0
89 B 23ms
23ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://nowblox.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 25 Jan 2024 06:08:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://nowblox.com
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 71ms
26ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nowblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 06:08:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 Jan 2024 06:08:18 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
846 B 211ms
210ms Ping
text/plain 23.36.162.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI0MWYzMDk5MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.200 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-200.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nowblox.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 432a48b2.54c9f67
date: Thu, 25 Jan 2024 06:08:18 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240125060818A1BF55A012EBF533AAE1-7921340ED10CCF6C-00
x-cache: TCP_MISS from a23-206-213-200.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
x-parent-response-time: 106,23.206.213.200
server-timing: cdn-cache; desc=MISS, edge; dur=93, origin; dur=22, inner; dur=20
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240125060818A1BF55A012EBF533AAE1
x-cache-remote: TCP_MISS from a23-201-31-222.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 22,23.201.31.222
x-tt-trace-host: 01d55804a83afb49601886fcc6c620f3343ba553118fcfa126b5d54656c6248f00fa1b67f09e9d43d4cd382aa3c1aba84d49247f679a0a22352dd4d5d8949da1c585c70a8b70b23b540a3f49700adc0bcb1c511d439fbf973a34ceadd0ce2ddd2098deb72a7102f354e8bfe407bb21f043
access-control-allow-headers: Authorization,*
expires: Thu, 25 Jan 2024 06:08:18 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1E71 13 KB
5 KB 13ms
12ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nowblox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 41430
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 18:37:48 GMT
expires: Thu, 23 Jan 2025 18:37:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2343 829 B
560 B 22ms
22ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

24bf2cccf3d09b6afd3e219427b409c021b31605547f0166fc1e5a310a9c4d39

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-m604Q_meKRvG5weQ8-aoaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nowblox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-m604Q_meKRvG5weQ8-aoaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 06:08:18 GMT
expires: Thu, 25 Jan 2024 06:08:18 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 1E71 39 KB
15 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 21:28:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31207
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Jan 2025 21:28:11 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2343 0
0 39ms
39ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240122&jk=4300145380207974&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

POST
H2 200 p
tr6.snapchat.com/ 0
42 B 52ms
24ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://nowblox.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 25 Jan 2024 06:08:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
via: 1.1 google
server: API Gateway
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1E71 0
10 B 13ms
13ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?p0Z_Wg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 06:08:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 200 p
tr.snapchat.com/ 0
15 B 25ms
24ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://nowblox.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 25 Jan 2024 06:08:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://nowblox.com
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 41ms
40ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240122&jk=4300145380207974&bg=!6eql6qXNAAa8BdJLnAU7ADQBe5WfOP-4p3Ks91PLq32GlLyHIskti5QfgN_1kk94dSKOrAAVgJnLv0B5PWRZ7EMyEboKAgAAAOVSAAAAAmgBBwoAPjHQHNCHWknGVK5xjbUIqYAjSC-sk-ChOiU_09gVhvwVASfRr0iPaZZ7Fo0UHtC8nzc5v991u0bmLIdqJPXwmQK73EEp1WIVfnw_0MwqRDzxpg6Y1T9bn894m6roOks06M_Qs50Kjj4wobQ2N4LibsLkrsXd6QPl4G34dxUngNTn50qSdVv3ZTKnzsMlX1YXeUoWbLUV4ZsNP1haxDZEICh3hxM03mCb9OkSDPesLQG_3QDNXpAzslEE3UZEI6NW_6q-mdxwbRkWyADZ1nVIqn0PKjWzhHXMDi24pkDuTwGMOIKTCzWYSlZagpXSn6VD4DE_8s35uTnilOy459Z6d4xXI1gszc8pcqHG8YT92Z6gD-uAQogPCCBcamsqUdEB-6pG6MTv-bJmsnfQplvHr_WflmnpIfOue0c5f_RSr-WHGwdheaAmwY-43B0lFKdx4fpDiF-qQOkuS9jGqujnvFMSsdlpimxgGDfPoy_KvREGkCwTVebzkr4NoSznlFa3bzedElJmS79wRdjclCluI4AB4m9RuJRatJWdFMgEXD7rcoV7jcJqnPV3f1vGNTM7RDZg8H_ZPrnFajOqDYurSajRJMXwwoko496rZ0bB6Yjjy1M2oBvlU6EK5z-3_ba6A6H41Q3HV_KKOC39XZLCYI0R9GWjUycWuyCeT8g7WFyrNck5DXJ48vLrr9iB5lXBFu4NEkOiBhp9HkQQVLTilyAoe1UE07nE2ZKDvdHIsOd0ZbADRcSLOfIM99FA5ekv2dEM41mfSsLMfow4me8zasHJF38gPk-jys6fCQIAMAOQv_sfAtZGiKsels45Z7DKymZDlsDENH9_nqk8vRspIqk1FqFVrZdh2PMmRwBMl8nXsaZrpUwY2BWadxJdFmtfKDpmPCJcEwwUJava_MVyv-rob87_07pNBc_7orhYLC5cflKWB_gVpJYy9QL-4vdTG0b4ows8biBoori3tE5UwXyITpSjMZYIEECHyaHKX0ObFxiY2jYSqjKBdZkS
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nowblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame F660 28 B
54 B 26ms
25ms XHR
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/717a6f94/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
X-Goog-Request-Time: 1706162899815
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/3rimScK_gJ0
X-YouTube-Client-Version: 1.20240122.01.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtoWG54LTVlVDQ3cyjR9cetBjIKCgJERRIEEgAgMA%3D%3D
X-YouTube-Ad-Signals: dt=1706162897610&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image&bid=ANyPxKrQWthfUJMm3xVCeCy1uZgs9AF-Uy2DHLkSJy7wifwjnADunZglWQNHgkiHboqmlBuw4JpkY6tymR91J6TaI4pqIk_SLw

Response headers

date: Thu, 25 Jan 2024 06:08:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Thu, 25 Jan 2024 06:08:19 GMT

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 17:57:29	Name: X-AB Value: dc4e3509882e40c68a170453af779220
nowblox.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 233i68q823odktm8229jr3cvrk
.nowblox.com/	1970-01-21 03:32:02	Name: _ga_9Q0SZEYCM1 Value: GS1.1.1706162897.1.0.1706162897.0.0.0
.nowblox.com/	1970-01-21 03:32:02	Name: _ga Value: GA1.1.1293922028.1706162897
.nowblox.com/	1970-01-20 20:05:38	Name: _gcl_au Value: 1.1.1255452190.1706162897
.nowblox.com/	1970-01-21 03:25:49	Name: _scid Value: 0d538772-809f-4a51-933c-61bef0b88157
.nowblox.com/	1970-01-21 03:25:49	Name: _scid_r Value: 0d538772-809f-4a51-933c-61bef0b88157
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: YVvdP8StbbE
.youtube.com/	1970-01-20 22:15:14	Name: VISITOR_INFO1_LIVE Value: hXnx-5eT47s
.tiktok.com/	1970-01-21 03:17:38	Name: _ttp Value: 2bR160PbBRY0j0tBXpsud9XS9MH
.doubleclick.net/	1970-01-21 03:17:38	Name: IDE Value: AHWqTUlOxngfJMHT4215MJcxApBKDFDJABrszJb6YKcCCd8HCfVMIJ3cgZ3orCetZWE
.nowblox.com/	1970-01-21 03:17:38	Name: _tt_enable_cookie Value: 1
.nowblox.com/	1970-01-21 03:17:38	Name: _ttp Value: b0aO1hb8JCItS9dL-oBRA5wnSaE

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1274188849119754&output=html&adk=1812271804&adf=3025194257&lmt=1706162897&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fnowblox.com%2Findex.php&pra=5&wgl=1&easpi=1&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706162897323&bpp=2&bdt=156&idt=181&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3230072719144&frm=20&pv=2&ga_vid=1293922028.1706162897&ga_sid=1706162898&ga_hid=1498451543&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532524%2C95320870%2C95320893%2C95321627%2C95322166&oid=2&pvsid=4300145380207974&tmod=1257290248&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=191 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
nowblox.com
pagead2.googlesyndication.com
region1.google-analytics.com
sc-static.net
share.nowblox.com
stackpath.bootstrapcdn.com
static.doubleclick.net
tpc.googlesyndication.com
tr.rbxcdn.com
tr.snapchat.com
tr6.snapchat.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.youtube.com
143.204.207.250
2001:4860:4802:32::36
23.36.162.200
2606:4700:3034::6815:3097
2606:4700:3036::ac43:995a
2606:4700::6810:5514
2606:4700::6811:190e
2606:4700::6812:bcf
2a00:1450:4001:802::2001
2a00:1450:4001:806::2002
2a00:1450:4001:808::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:811::200e
2a00:1450:4001:827::2003
2a00:1450:4001:827::2016
2a00:1450:4001:828::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2006
2a02:26f0:480:33::212:40d1
2a04:4e42:200::649
35.190.43.134
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
08a956e605169026f7cf597d3c20efa0b6412c7a6a23adc8af09db5d6919475f
12d85c6946ff26363e4e2df7b8ba0352962a9c54e4cde53627b7ae416638e2e4
144bf448643d10a1597a3f6d3032c6cd23f57072dbe38142947b97104cae9aac
187660d8472e48e525f0f49e57e29ff371f2a34c12b33c2fe44945e68b6293fd
1a645a86349fdc96c32c9ffc76b946bb32e7fac7a606c9cc3a94cb7c478f2822
1d09738f8b5ed9a86b3fd229f6a070a8df19e43c017cde7cde274ee3a0d31cc4
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
235ed0da2789cb823722fba863adaed722bd7f9d31fef00dbc4c8f88725c0ea2
24b71b74ed153e41e8e8df0116768ac483cd1980aa36eda8e1e7b9b8b0ce6283
24bf2cccf3d09b6afd3e219427b409c021b31605547f0166fc1e5a310a9c4d39
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2ca6811361918a8b46cd5ba18fbdd9c83dc275da0192b76ede2066d06caf727e
3281e4c6e4a14c0408dee87feb788dbf8da96f106fcc48e5bd339da7b93c6160
34f71fa860568e78b03a016ceb7944b4154ca7b54b63a59c0ea976581fdb420a
350d0b99a4a4bb27416abf95008f22eb14b018b57ade2ffdd43f15497500f6a6
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4be4b6cf62390d84fed6d22f6da9be085a883166f3a502084d11a0b0088154dd
51f889d2aa137ec681cbe15e7d4335bb8762653296f33824318a7c476e185a64
53477b5416bbd1603208069b90d5f2090db260dffffed5b476e425087e704545
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55af8e0760638aa50b802f2b3f33de117761620665599b15fe09122c26f137aa
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b822921747cbfd1fb550fcc24cab38adef8403ef2362c454f43e57312266907
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
69a6b023b276845d090a6a1f43c43409fdea1bf815036d234b72efdc8b03aa6e
750b740cf3d6feb3e22d428027094fd0fc10899748f9616271b124cc1b7136d4
766b75346c9f8de1a0a18800a08238a0eee383d6ce77330f5ce0915f23f3a45f
8307f0023ef154c7fd3fb2cf27678590fc90ce7c087fc26ecd60b36a589d97e1
8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01
97a335395624d3c1d194f648cdbf5f434960cdc8d183d03f48ba698c2aa0b305
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
a129bf43a002f09f639949f4fbadbd382fc2075a65365d434153b5e894a0539d
a605a1b5e5369d13a8b9952d41d7c0ae425fc7654e980726c1d42043efa530cd
a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df
a8843bc347fb35d7451d70cccdec5270fe68bde6705eff45d2c5f60243918dfe
b1da0320cffd6ef93b1ae81589668c8bc5e97ac2f1c48560c8bc8945de7d6867
b412c4007ae8d11d64fa2849f3720e7c3ac42c6997372b8e7231cdbcf43bee03
b4a8c7acd95c88ae78f230ae028766d61edeb353f4df447dc16a58fdbe95c24a
d180a87fcc37baec7a18a3a6aa47f65fd73012426c5d6851851535f53c1e3778
d1825ad6640f1770259a4ec2ad682f149bcf013fe19dfc6a6371d2c57c0c8740
d484d5213570558d270eb23ed9a2360a28cb35bfd055810af704fb51c5fe5237
d7ae892ef57fdaaf8c30cb4d2c81c49dfc613ccef0010fe0aa3d6d9c8c2ebbfe
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d97a467b4a0ae426084b97053be6a5c1aa28469c721897f8a07fa7f418150347
d9d1239d7d6b30c4638132c4791e86b8721972a10710d35e7079992d9f8e4f7f
dd6093f067a5713ac640526608ebe7d901c4e2820fb09bf775c08055b6fd397f
e14cfdff7c80a9f1f400cb90dc1adf7f3f49a6c183279187e0411e2511efb27f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40dbc6da95b47d932014e5a93f35b13a341a37ea6fe7559dca041dc77271cd6
e5fdb3ea4cc4cf6b0f77fce3b54d03d78a697bec33bb1a023b964e8be16aea5f
ea087dec3e1ab60a0cfc17d8ceb237d2076e7a872d55d00e92cac615aab43489
ec33cc021ea00d6a98c21a82a37d7a669c933e833656a868b614e280370cb80c
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02e4874c77170d241382c3ac260a7f4f2a2f8a4ae845872b8b598a626beec75
f19389de388ca12e12507d84994ef7269d718c19ee01a06c0e0ce0ccc3c40b2a
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

nowblox.com Open in urlscan Pro 2606:4700:3036::ac43:995a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

81 Requests

100 %HTTPS

88 %IPv6

19 Domains

25 Subdomains

23 IPs

2 Countries

2833 kBTransfer

7010 kBSize

13 Cookies

3 Outgoing links

Page URL History

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

nowblox.com Open in urlscan Pro
2606:4700:3036::ac43:995a Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

100 %
HTTPS

88 %
IPv6

19
Domains

25
Subdomains

23
IPs

2
Countries

2833 kB
Transfer

7010 kB
Size

13
Cookies

81 HTTP transactions
0 data transactions