bloodhelpers.com Open in urlscan Pro
2400:8901::f03c:92ff:fe8a:f267 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://bloodhelpers.com/
Submission: On March 13 via manual (March 13th 2022, 6:22:38 pm UTC) from CR — Scanned from DE

Summary HTTP 83 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 12 domains to perform 83 HTTP transactions. The main IP is 2400:8901::f03c:92ff:fe8a:f267, located in Singapore, Singapore and belongs to LINODE-AP Linode, LLC, US. The main domain is bloodhelpers.com.

This is the only time bloodhelpers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
35	2400:8901::f0... 2400:8901::f03c:92ff:fe8a:f267	63949 (LINODE-AP...) (LINODE-AP Linode)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1 12	2600:9000:225... 2600:9000:225e:be00:3:c04e:c780:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	3.125.253.64 3.125.253.64	16509 (AMAZON-02) (AMAZON-02)
1	13.32.121.126 13.32.121.126	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
83	18

35 2400:8901::f03c:92ff:fe8a:f267 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)

bloodhelpers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:9000:225e:be00:3:c04e:c780:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

w.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ws.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.125.253.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-253-64.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-126.fra60.r.cloudfront.net

count-server.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	bloodhelpers.com bloodhelpers.com	103 KB
19	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 122	300 KB
15	sharethis.com 1 redirects w.sharethis.com — Cisco Umbrella Rank: 18176 ws.sharethis.com — Cisco Umbrella Rank: 7239 l.sharethis.com — Cisco Umbrella Rank: 4230 count-server.sharethis.com — Cisco Umbrella Rank: 11093	93 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276	31 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 57 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8832	914 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 246	25 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	36 KB
1	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 635	11 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 716	647 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	9 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 251	32 KB
83	12

	Domain	Requested by
35	bloodhelpers.com	bloodhelpers.com
10	ws.sharethis.com	w.sharethis.com ws.sharethis.com bloodhelpers.com
10	pagead2.googlesyndication.com	bloodhelpers.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
9	tpc.googlesyndication.com	bloodhelpers.com googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	l.sharethis.com	w.sharethis.com bloodhelpers.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	w.sharethis.com	1 redirects bloodhelpers.com
1	www.google.com	tpc.googlesyndication.com
1	s0.2mdn.net	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	googleads4.g.doubleclick.net	bloodhelpers.com
1	static.xx.fbcdn.net	www.facebook.com
1	count-server.sharethis.com	ws.sharethis.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.facebook.com	bloodhelpers.com
1	ajax.googleapis.com	bloodhelpers.com
83	18

This site contains no links.

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-21` - `2022-03-21`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
sharethis.com Amazon	`2021-07-19` - `2022-08-17`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh

This page contains 10 frames:

Primary Page: http://bloodhelpers.com/
Frame ID: FC1CC0666E21ADD8D027843DB82F98D3
Requests: 58 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fbloodhelpers.com&layout=standard&show_faces=true&width=450&action=recommend&font=lucida+grande&colorscheme=light&height=80
Frame ID: 56DC35A728076FE263092E252554049F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4081699989175167&output=html&h=600&slotname=1676498701&adk=214556337&adf=3687068580&pi=t.ma~as.1676498701&w=120&lmt=1647195753&url=http%3A%2F%2Fbloodhelpers.com%2F&flash=0&wgl=1&dt=1647195753494&bpp=36&bdt=377&idt=111&shv=r20220308&mjsv=m202203090101&ptt=5&saldr=sa&abxe=1&correlator=3504577607925&frm=20&pv=2&ga_vid=119441930.1647195754&ga_sid=1647195754&ga_hid=1575339724&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1164&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31065370%2C31065530%2C31065596%2C31063247%2C44756896%2C31064019&oid=2&pvsid=2088668297714911&pem=615&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=COvcO4rKPV&p=http%3A//bloodhelpers.com&dtd=123
Frame ID: FF63303E6CE8198A69730D7DAFBEAC31
Requests: 1 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv5dfSJTY4qpdoFLzSP1agLT2HsqLaXRjy-9rie_OFUJ17Jp0c7fvOad1n5R7YSUDw9pwpIkTC1B0r0PD2C0Su6JbNCkmC7cXY6cudklscaMXnWZSHUOM2yK9fP72YtYqOeR0H4avFFQ0DbyM3fmA8wJ5is2uP6TOMK8PlBJfrTVGh9rqnx_aymAh3EW5d2HuHg76KqgdOy2kf7iDUPUiZkcKXyqCCzujVoBQxlHPHxQHWGS8PqiXoMptGPY1PLQ2wyoB5doKwABuQoix1d3MjSzm0Z2etxvfnGKn95aTA0wF9NDkWYFNCOLo61uMahX8p10YTg0-o3B6RbIt8Ifw0DkHXauogi77uL-MBh0yMmWZLeE2aXL78of4JoYKg4KOdLzjLbgSYA8F9-cvT1g3CjbOYo__Wf0hQX_Au81hyONsXF7f3NLe7VR-cE05dQ8ghlKJFTypxfSUutkb-A7HS0dl5v4_5a_vVRiPzN35gF_pRo-a20au5JoN1m54G1X2HgkWCBWDLjvmVLVXAtNm5DXM3B2efqKJpM0GLdYfWse_DXC1HaVq-AHhjIGsnvxJb9_ffF0SLS72x4JoC0Jt4Eb-Ib8G5l_w2FxhuHIEsCBnPMfe1WIQo-fOVQmhaY-Fbr_JKgTN7lWLgN8zhqe4DK6XtzT7bYtsvd4uzfnstZNcfy6QuXViqGksd0iFHwqtruaoYxDuxdiFVdsWYhKHR5qWSoXaikNLw6QbcMoWn9VjGSk_hJ3TqLnnyz8QdqadCOmCUvYhoWqY49Sh0ghgoKjc9P_0WR-hPBmTo14xyEFefNOTzOzq0ZsJpc379vL8ljUA4aILkGkDeinfFgL1xdyBlaelprD2DoaB2EvSKlFORuWknxxpz7OpB02T9z2bzig1taRYlVyz6O-pvN1Bkc8Pjd8NNL3doFh6Jl3LvT87oCYCjPCHLiCpX8V57JjQq0wDF1varr0V7qLn-YyzHH0Q&sai=AMfl-YSLxg7wJyOikswtvtFfsbGgpJanm8HXtOIrXzaoQxc69clnusGxhRouiA&sig=Cg0ArKJSzB9w5SIpYXFHEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Frame ID: 81A698F34A5C7A4AA556579D39BA7CD1
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 83ED2C8AC1FA04E2644521EE29C0120C
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20190131/zrt_lookup.html
Frame ID: 74415C298917CF655982E12793818C4C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4081699989175167&output=html&adk=1812271804&adf=3025194257&lmt=1647195754&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fbloodhelpers.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1647195754535&bpp=2&bdt=1418&idt=2&shv=r20220308&mjsv=m202203090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D56f2698c81f7cb8b-2259b5005bcd000d%3AT%3D1647195753%3ART%3D1647195753%3AS%3DALNI_MZaFmtXdJNDH5bFLo_7_B2Iw_GJDQ&prev_slotnames=1676498701&nras=1&correlator=3504577607925&frm=20&pv=1&ga_vid=119441930.1647195754&ga_sid=1647195754&ga_hid=1575339724&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31065370%2C31065530%2C31065596%2C31063247%2C44756896%2C31064019&oid=2&pvsid=2088668297714911&pem=615&tmod=1556662101&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=21
Frame ID: 7A553F4E30C8900BDB1CF2110642D34E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C3E652DF1DC27C0A0828ADE55C39B465
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0CD5F4DB9C292DE6807C7A1A9CFEFDCF
Requests: 2 HTTP requests in this frame

Frame: https://ws.sharethis.com/secure5x/index.html
Frame ID: F036BD504AFDE05134C597FCC352A893
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Indian database of blood donors - Donate Blood ! Save a life !

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

ShareThis (Widgets) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

83
Requests

55 %
HTTPS

76 %
IPv6

12
Domains

18
Subdomains

18
IPs

3
Countries

643 kB
Transfer

1722 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

http://w.sharethis.com/button/buttons.js HTTP 301
https://w.sharethis.com/button/buttons.js

Request Chain 32

http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fbloodhelpers.com&layout=standard&show_faces=true&width=450&action=recommend&font=lucida+grande&colorscheme=light&height=80 HTTP 307
https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fbloodhelpers.com&layout=standard&show_faces=true&width=450&action=recommend&font=lucida+grande&colorscheme=light&height=80

83 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
bloodhelpers.com/ 82 KB
14 KB 565ms
229ms Document
text/html 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://bloodhelpers.com/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 5119dc60d2446ee9b993502f9655361f03229814a76c51a5ddbb0911f85f964b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Sun, 13 Mar 2022 18:22:32 GMT
Server: Apache/2.4.18 (Ubuntu)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 13678
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK bloodhelper.css
bloodhelpers.com/css/ 15 KB
3 KB 164ms
163ms Stylesheet
text/css 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://bloodhelpers.com/css/bloodhelper.css
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 465d576714c8de5cf1f7f962251bcf51d64fb73155a41ebf3ac2525938501a2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Jul 2017 09:22:21 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "3d0a-55599916e6221-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3216

GET
H/1.1 200
OK chosen.css
bloodhelpers.com/css/ 15 KB
3 KB 302ms
163ms Stylesheet
text/css 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://bloodhelpers.com/css/chosen.css
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: fd0d2d25b0bae9f94ab8afb18b9b5341bec98a9f20926e91bbb528acdccf5dc0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Jul 2017 09:22:21 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "3dfc-55599916e6221-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2669

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.4/ 90 KB
32 KB 43ms
8ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.4/jquery.min.js

Requested by

Host: bloodhelpers.com
URL: http://bloodhelpers.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

232066e3f6f1351afdaee1acb70c409766641fd5669e0b55ce7c77fac0a857ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 12:21:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 194456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32222
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Mar 2023 12:21:37 GMT

GET
H/1.1 200
OK chosen.jquery.js Show response
bloodhelpers.com/js/ 38 KB
8 KB 333ms
172ms Script
application/javascript 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://bloodhelpers.com/js/chosen.jquery.js
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: e498735abec99119623c06b3b289a236709fe4bae0e75f8a2bcdc236c4fa7416

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Jul 2017 09:22:28 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "998e-5559991d128b1-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 7769

GET
H/1.1 200
OK logo.jpg
bloodhelpers.com/images/ 6 KB
6 KB 161ms
160ms Image
image/jpeg 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/images/logo.jpg
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 90ae6a92534dd5280d5dd7ee4e2ae906e67b238cd99eb101d1cd9b8ce448ef97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:33 GMT
Last-Modified: Sun, 30 Jul 2017 08:35:02 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "1641-55584ca566570"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 5697

GET
H/1.1 200
OK tab_top.jpg
bloodhelpers.com/images/ 2 KB
2 KB 164ms
163ms Image
image/jpeg 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/images/tab_top.jpg
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 4f0b8a92c4b966af8298f43c059ec089461ee7a36fe53ee407ab39485194e358

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:33 GMT
Last-Modified: Sun, 30 Jul 2017 08:35:02 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "69f-55584ca566570"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1695

GET
H/1.1 200
OK inform.gif
bloodhelpers.com/i/ 2 KB
2 KB 165ms
163ms Image
image/gif 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/i/inform.gif
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: c4b8a8c6703278963efa13c2536ca546ed08f55a0dbab145d5500f850691d8a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:33 GMT
Last-Modified: Sun, 30 Jul 2017 08:34:58 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "6ea-55584ca1ea691"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1770

GET
H/1.1 200
OK tab_bottom.jpg
bloodhelpers.com/images/ 1 KB
2 KB 246ms
244ms Image
image/jpeg 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/images/tab_bottom.jpg
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: aa7d7130a1412cd7df7976029c244e17ae541393962321ef3798d4fd31a8c1fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:33 GMT
Last-Modified: Sun, 30 Jul 2017 08:35:02 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "5f6-55584ca566570"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1526

GET
H/1.1 200
OK logintop.jpg
bloodhelpers.com/images/ 932 B
1 KB 983ms
163ms Image
image/jpeg 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/images/logintop.jpg
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 72733f17413f79408f89e9d85b9e44fcd10c9a8351d26c204b497d2769b67fc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:34 GMT
Last-Modified: Sun, 30 Jul 2017 08:35:02 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "3a4-55584ca566570"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 932

GET
H/1.1 200
OK loginbottom.jpg
bloodhelpers.com/images/ 962 B
1 KB 983ms
164ms Image
image/jpeg 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/images/loginbottom.jpg
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: c1abbde5f157de3a571a6e12ceea7466953640d23fbe0e5b7339d04c4b0e73ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:34 GMT
Last-Modified: Sun, 30 Jul 2017 08:35:02 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "3c2-55584ca566570"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 962

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 113 KB
40 KB 29ms
23ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: bloodhelpers.com
URL: http://bloodhelpers.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55b07c80ff0d27b48d6763009a894a09bb57941097ea408b2b07c368f839a71d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Sun, 13 Mar 2022 18:22:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 15418056887128562117
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 40001
X-XSS-Protection: 0
Expires: Sun, 13 Mar 2022 18:22:33 GMT

GET
H/1.1 200
OK tabsearhtop.jpg
bloodhelpers.com/images/ 2 KB
2 KB 585ms
160ms Image
image/jpeg 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/images/tabsearhtop.jpg
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: e7f3e6e7de4d0e4b7b1ac851f43188836a609a0e77b4c6f5ade29b8c9b80e946

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:34 GMT
Last-Modified: Sun, 30 Jul 2017 08:35:02 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "66f-55584ca566570"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1647

GET
H/1.1 200
OK tabsearhbottom.jpg
bloodhelpers.com/images/ 1 KB
2 KB 585ms
163ms Image
image/jpeg 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/images/tabsearhbottom.jpg
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 7c1dc78e5284f0f937fc9159ca5418fd27aac3e93eb813bf6477cca5c34bf998

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:34 GMT
Last-Modified: Sun, 30 Jul 2017 08:35:02 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "5b0-55584ca566570"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1456

GET
H/1.1 200
OK tabrequesttop.jpg
bloodhelpers.com/images/ 2 KB
2 KB 556ms
160ms Image
image/jpeg 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/images/tabrequesttop.jpg
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 248efbcc76b3d0a7264cb4cbc225aa44606b05c639dc6bd1ddf40157f72d43c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:34 GMT
Last-Modified: Sun, 30 Jul 2017 08:35:02 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "6e4-55584ca566570"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1764

GET
H/1.1 200
OK tabrequestbottom.jpg
bloodhelpers.com/images/ 2 KB
2 KB 702ms
163ms Image
image/jpeg 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/images/tabrequestbottom.jpg
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: e8d4ff5367de8df94634d960c32dd62bceb138308cffddbc2656492fcfd7a934

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:34 GMT
Last-Modified: Sun, 30 Jul 2017 08:35:02 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "6a3-55584ca566570"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1699

GET
H/1.1 200
OK male.jpg
bloodhelpers.com/i/ 25 KB
25 KB 705ms
163ms Image
image/jpeg 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/i/male.jpg
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: fdf2ce1dd291ed85237de3ca32c8595089ea91b09439ed40afc63a240549e4fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:34 GMT
Last-Modified: Sun, 30 Jul 2017 08:34:58 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "6368-55584ca1ea691"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 25448

GET
H2

200

buttons.js Show response
w.sharethis.com/button/
Redirect Chain

http://w.sharethis.com/button/buttons.js
https://w.sharethis.com/button/buttons.js

59 KB
17 KB

67ms
19ms

Script
application/javascript

2600:9000:225e:be00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://w.sharethis.com/button/buttons.js

Requested by

Host: bloodhelpers.com
URL: http://bloodhelpers.com/

Protocol

Server

2600:9000:225e:be00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

7ba38c636940db54018406db91e3a02040d14fd6ce7dabf8bdb011067ba8eb41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 01:19:05 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 234208
x-cache: Hit from cloudfront
content-length: 16739
server: nginx/1.20.1
etag: W/"61e1c3a2-ea95"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
via: 1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
cache-control: max-age=259200
x-amz-cf-pop: FRA60-P4
x-robots-tag: noindex, nofollow
x-amz-cf-id: ePayf0ztudnRu3kIR_0-yaSXbq-emz0khVso-Gv4s3Wu5AYZT1YM_w==
expires: Mon, 14 Mar 2022 01:19:05 GMT

Redirect headers

Date: Sun, 13 Mar 2022 18:22:33 GMT
Via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA60-P4
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://w.sharethis.com/button/buttons.js
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: uBuoDCwMxwuBeieXKc_SOyLdZxvmn8Nkxy_8NHU4rsQviZgKNZ3EwA==

GET
H/1.1 200
OK sliderHeader.jpg
bloodhelpers.com/images/ 431 B
716 B 307ms
160ms Image
image/jpeg 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/images/sliderHeader.jpg
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 5e0eb783dd1df7d0d104169c210fe8775412af11f797b5c9fd368c6d0b5b1c93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/css/bloodhelper.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:33 GMT
Last-Modified: Sun, 30 Jul 2017 08:35:02 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "1af-55584ca566570"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 431

GET
H/1.1 200
OK tab_bg.jpg
bloodhelpers.com/images/ 422 B
708 B 312ms
162ms Image
image/jpeg 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/images/tab_bg.jpg
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: fc345ad17d1564c82cf169a6e0a9be99d6a67f66568396c49575678d0179f4d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/css/bloodhelper.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:33 GMT
Last-Modified: Sun, 30 Jul 2017 08:35:02 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "1a6-55584ca566570"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 422

GET
H/1.1 200
OK loginbg.jpg
bloodhelpers.com/images/ 356 B
641 B 313ms
163ms Image
image/jpeg 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/images/loginbg.jpg
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 776654f7b3bf08c9ad34b8a4346af6dd89590ebee0c4f7c6dd8d7f34ea1f1698

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/css/bloodhelper.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:33 GMT
Last-Modified: Sun, 30 Jul 2017 08:35:02 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "164-55584ca566570"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 356

GET
H/1.1 200
OK navBg.jpg
bloodhelpers.com/images/ 429 B
714 B 312ms
162ms Image
image/jpeg 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/images/navBg.jpg
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 5457dbdf5b8ea7afe9c7d54038caee3eb372bf261b751577a20de58a98e024ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/css/bloodhelper.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:33 GMT
Last-Modified: Sun, 30 Jul 2017 08:35:02 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "1ad-55584ca566570"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 429

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203090101/ 293 KB
106 KB 52ms
31ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203090101/show_ads_impl_with_ama_fy2019.js?client=pub-4081699989175167&plah=bloodhelpers.com&bust=31065596

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

019f24cbabf62e4598817bd0d288d4e59868c6ff936159a228f367c29e8f1f94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 18:22:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108311
x-xss-protection: 0
server: cafe
etag: 2614671802784223973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 13 Mar 2022 18:22:33 GMT

GET
H/1.1 200
OK navleft.jpg
bloodhelpers.com/images/ 1009 B
1 KB 448ms
160ms Image
image/jpeg 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/images/navleft.jpg
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 608e0382cd5327f9ee7c19cefe7d6fd4447233ae38e1ddcf0074765a09e4293e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/css/bloodhelper.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:33 GMT
Last-Modified: Sun, 30 Jul 2017 08:35:02 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "3f1-55584ca566570"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1009

GET
H/1.1 200
OK navright.jpg
bloodhelpers.com/images/ 1019 B
1 KB 288ms
160ms Image
image/jpeg 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/images/navright.jpg
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 266d11c6058f9a59e25b5a5232f571dc69eb3578beb0faec8fa3d2088836388c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/css/bloodhelper.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:33 GMT
Last-Modified: Sun, 30 Jul 2017 08:35:02 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "3fb-55584ca566570"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1019

GET
H/1.1 200
OK bloddRegister.gif
bloodhelpers.com/i/ 2 KB
2 KB 439ms
244ms Image
image/gif 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/i/bloddRegister.gif
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 4f197c444784333a55ff4b224157f0d800e70c9daa39d86bcedc8c7ef162915d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/css/bloodhelper.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:33 GMT
Last-Modified: Sun, 30 Jul 2017 08:34:58 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "622-55584ca1e998b"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1570

GET
H/1.1 200
OK RegisterIcon.gif
bloodhelpers.com/i/ 2 KB
2 KB 440ms
163ms Image
image/gif 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/i/RegisterIcon.gif
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 10b02de004b97512fd30c6f064abbdee71b11f73eb02929c24e5b0133e692b97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/css/bloodhelper.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:33 GMT
Last-Modified: Sun, 30 Jul 2017 08:34:58 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "76d-55584ca1e8c86"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1901

GET
H/1.1 200
OK searchIcon.gif
bloodhelpers.com/i/ 2 KB
2 KB 440ms
163ms Image
image/gif 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/i/searchIcon.gif
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 5608227c7f669c0d9a2becf40df6b1e818c4bf5031cff42356ea83b953079541

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/css/bloodhelper.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:33 GMT
Last-Modified: Sun, 30 Jul 2017 08:34:58 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "691-55584ca1eb396"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1681

GET
H/1.1 200
OK postIcon.jpg
bloodhelpers.com/images/ 2 KB
2 KB 431ms
160ms Image
image/jpeg 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/images/postIcon.jpg
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 0697c07c0ab6e661ea446ec8242304225e7cec860c1913ac9d0c2f25611b96e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/css/bloodhelper.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:33 GMT
Last-Modified: Sun, 30 Jul 2017 08:35:02 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "7da-55584ca566570"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2010

GET
H/1.1 200
OK tickerbg.gif
bloodhelpers.com/i/ 125 B
408 B 441ms
164ms Image
image/gif 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/i/tickerbg.gif
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: eba396bb2d056206fff4af829b6e6edfd05ab820e06fed281e762c9bfe6f2911

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/css/bloodhelper.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:33 GMT
Last-Modified: Sun, 30 Jul 2017 08:34:58 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "7d-55584ca1eb396"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 125

GET
H/1.1 200
OK tabsearchbg.jpg
bloodhelpers.com/images/ 411 B
696 B 677ms
243ms Image
image/jpeg 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/images/tabsearchbg.jpg
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 0eefc2d7f64647f430757895d13bd823e9106b542cacf8ed5adc05c772ea2cde

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/css/bloodhelper.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:34 GMT
Last-Modified: Sun, 30 Jul 2017 08:35:02 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "19b-55584ca566570"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 411

GET
H/1.1 200
OK chosen-sprite.png
bloodhelpers.com/i/ 646 B
930 B 556ms
163ms Image
image/png 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/i/chosen-sprite.png
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/chosen.css
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: e670fdcaf8cd467a9a1a67e9a5c1f73288089f59dc08031b118dc26fbd233c80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/css/chosen.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:34 GMT
Last-Modified: Sun, 30 Jul 2017 08:34:58 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "286-55584ca1ea691"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 646

GET
H/1.1 200
OK tabrequestBg.jpg
bloodhelpers.com/images/ 405 B
690 B 552ms
163ms Image
image/jpeg 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/images/tabrequestBg.jpg
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: ffc5b915284c210bfb56d123358c80408200d967819e1a52979fb7572a98ba65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/css/bloodhelper.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:34 GMT
Last-Modified: Sun, 30 Jul 2017 08:35:02 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "195-55584ca566570"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 405

GET
H2

200

like.php Show response
www.facebook.com/plugins/ Frame 56DC
Redirect Chain

http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fbloodhelpers.com&layout=standard&show_faces=true&width=450&action=recommend&font=lucida+grande&colorscheme=light&height=80
https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fbloodhelpers.com&layout=standard&show_faces=true&width=450&action=recommend&font=lucida+grande&colorscheme=light&height=80

15 KB
9 KB

155ms
136ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fbloodhelpers.com&layout=standard&show_faces=true&width=450&action=recommend&font=lucida+grande&colorscheme=light&height=80

Requested by

Host: bloodhelpers.com
URL: http://bloodhelpers.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

08811d755c5b967b92cf09c2e8d93e2b911c018b372577d2dfb4341d1dedaf28

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: K+B4DvF6VG6A/C1UvyFEZyt2RUELVudmzyZJTm3DoiJqobI2Z0KVxzYhx5a4oh8WJGeCeABcgMJqHtaTN///mA==
date: Sun, 13 Mar 2022 18:22:33 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Location: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fbloodhelpers.com&layout=standard&show_faces=true&width=450&action=recommend&font=lucida+grande&colorscheme=light&height=80
Cross-Origin-Resource-Policy: Cross-Origin
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK recentusers_top.gif
bloodhelpers.com/i/ 647 B
931 B 687ms
160ms Image
image/gif 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/i/recentusers_top.gif
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 6da64d35e0719af8338c2ca65f4597386a5d95632da247f6eabea44087e94f73

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:34 GMT
Last-Modified: Sun, 30 Jul 2017 08:34:58 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "287-55584ca1eb396"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 647

GET
H/1.1 200
OK recentusers_bg.gif
bloodhelpers.com/i/ 90 B
372 B 847ms
160ms Image
image/gif 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/i/recentusers_bg.gif
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 31db83f7dee8772cf449eb52412da6d98ede3db1f1266cf772e53fa3d10579bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:34 GMT
Last-Modified: Sun, 30 Jul 2017 08:34:58 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "5a-55584ca1eb396"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 90

GET
H/1.1 200
OK recentusers_bot.gif
bloodhelpers.com/i/ 661 B
945 B 701ms
162ms Image
image/gif 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/i/recentusers_bot.gif
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: de9beb5ad10173669f0b41c34c327f869c48dd0e4300d398e72603eb4a119a48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:34 GMT
Last-Modified: Sun, 30 Jul 2017 08:34:58 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "295-55584ca1eb396"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 661

GET
H/1.1 200
OK family.gif
bloodhelpers.com/i/ 8 KB
8 KB 866ms
164ms Image
image/gif 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/i/family.gif
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 694d659009eac3d41baa98f316082395d708e93affbfddbba5fed6289b2560c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/css/bloodhelper.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:34 GMT
Last-Modified: Sun, 30 Jul 2017 08:34:58 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "1f52-55584ca1ea691"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 8018

GET
H/1.1 200
OK spacer.gif
bloodhelpers.com/i/ 43 B
325 B 701ms
162ms Image
image/gif 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/i/spacer.gif
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/css/bloodhelper.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:34 GMT
Last-Modified: Sun, 30 Jul 2017 08:34:58 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "2b-55584ca1eb396"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 43

GET
H/1.1 200
OK feedback_trans_tab.png
bloodhelpers.com/i/ 2 KB
2 KB 862ms
243ms Image
image/png 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/i/feedback_trans_tab.png
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 9a9908a313001cfb6df4c6dc006c43f13dfcca49840f203ca7fc81d71e9366f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/css/bloodhelper.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:34 GMT
Last-Modified: Sun, 30 Jul 2017 08:34:58 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "695-55584ca1ea691"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1685

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 220 B
647 B 50ms
15ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=bloodhelpers.com&callback=_gfp_s_&client=ca-pub-4081699989175167

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203090101/show_ads_impl_with_ama_fy2019.js?client=pub-4081699989175167&plah=bloodhelpers.com&bust=31065596

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8463892df7beec9a830a241ad73c1370999ca767662685e6191cb188bf10e6b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 18:22:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 39ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bloodhelpers.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Mar 2022 18:22:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 38ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bloodhelpers.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Mar 2022 18:22:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FF63 58 KB
26 KB 583ms
560ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4081699989175167&output=html&h=600&slotname=1676498701&adk=214556337&adf=3687068580&pi=t.ma~as.1676498701&w=120&lmt=1647195753&url=http%3A%2F%2Fbloodhelpers.com%2F&flash=0&wgl=1&dt=1647195753494&bpp=36&bdt=377&idt=111&shv=r20220308&mjsv=m202203090101&ptt=5&saldr=sa&abxe=1&correlator=3504577607925&frm=20&pv=2&ga_vid=119441930.1647195754&ga_sid=1647195754&ga_hid=1575339724&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1164&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31065370%2C31065530%2C31065596%2C31063247%2C44756896%2C31064019&oid=2&pvsid=2088668297714911&pem=615&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=COvcO4rKPV&p=http%3A//bloodhelpers.com&dtd=123

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62fd1f44d1b27105a2fe8cfffc506f38b4469ef81147371aa776adca62f3aacc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 13 Mar 2022 18:22:34 GMT
server: cafe
content-length: 26452
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 13 Mar 2022 18:22:34 GMT
cache-control: private

GET
H2 200 async-buttons.js Show response
ws.sharethis.com/button/ 89 KB
19 KB 30ms
10ms Script
application/javascript 2600:9000:225e:be00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/button/async-buttons.js

Requested by

Host: w.sharethis.com
URL: http://w.sharethis.com/button/buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:be00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

38bdaa6ffa7c071fd9af7eb4fc6e34125cbac8965ad71fb0e93a0d2140dd2842

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 07:04:02 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 213511
x-cache: Hit from cloudfront
content-length: 18813
server: nginx/1.20.1
etag: W/"61e1c3fb-16245"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
via: 1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
cache-control: max-age=259200
x-amz-cf-pop: FRA60-P4
x-robots-tag: noindex, nofollow
x-amz-cf-id: z5y934xPmsDhzDNY1gzMaEdOvUD3lJWTCrtzuJIIFHRn2kcBLuvz5w==
expires: Mon, 14 Mar 2022 07:04:02 GMT

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
402 B 40ms
8ms XHR
text/plain 3.125.253.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1647195753627.47796&hostname=bloodhelpers.com&location=%2F&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Fbloodhelpers.com%2F&title=Indian%20database%20of%20blood%20donors%20-%20Donate%20Blood%20!%20Save%20a%20life%20!&sop=false&description=Indian%20database%20of%20blood%20donors%20%3A%20Help%20in%20saving%20lives%20of%20those%20who%20are%20in%20immediate%20need%20of%20blood.%20Register%20as%20blood%20donor%20and%20save%20life

Requested by

Host: w.sharethis.com
URL: http://w.sharethis.com/button/buttons.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.125.253.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-125-253-64.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:33 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Allow-Origin: http://bloodhelpers.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 buttons-secure.css
ws.sharethis.com/button/css/ 23 KB
4 KB 8ms
8ms Stylesheet
text/css 2600:9000:225e:be00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/button/css/buttons-secure.css

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:be00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 03:03:15 GMT
content-encoding: gzip
last-modified: Fri, 14 Jan 2022 18:42:03 GMT
server: nginx/1.20.1
age: 55158
etag: W/"61e1c3fb-5a76"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: noindex, nofollow
content-length: 3851
x-amz-cf-id: Ih0rMZIkPMyJ8B2IhbQZdzB-9uJW5gLB_usjQO7G2vAoA9elUPt9cg==

GET
H2 200 get_counts Show response
count-server.sharethis.com/v2.0/ 454 B
816 B 85ms
27ms Script
text/javascript 13.32.121.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://count-server.sharethis.com/v2.0/get_counts?url=http%3A%2F%2Fbloodhelpers.com%2F&cb=stButtons.processCB&wd=true

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-126.fra60.r.cloudfront.net

Software

Resource Hash

e5de687008731a829c3b3112506e4a4718b915f3786df8d38bdbb1b204f8475c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 18:22:29 GMT
via: 1.1 1877c1d3c1c0435e896415d580d52c52.cloudfront.net (CloudFront)
age: 4
etag: 0a94eeee13e88afb41ad5d0e6c49c13f
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-pop: FRA60-P1
content-length: 454
apigw-requestid: O71v4iQBIAMES6g=
x-amz-cf-id: wLn5GoUYOCZBZ0x747yX4XjJgQOeVvzHg_FdnlVADjxi_qWGE5X7Cw==

GET
H/1.1 204
No Content pview
l.sharethis.com/ 0
380 B 9ms
8ms Image
text/plain 3.125.253.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: bloodhelpers.com
URL: http://bloodhelpers.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.125.253.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-125-253-64.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:33 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 twitter_counter.png
ws.sharethis.com/images/2017/ 2 KB
3 KB 7ms
6ms Image
image/png 2600:9000:225e:be00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ws.sharethis.com/images/2017/twitter_counter.png

Requested by

Host: bloodhelpers.com
URL: http://bloodhelpers.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:be00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

aeae37bae2130513ef8b5ea4fde8fd776b32ff8969b848b59399a63d9455e29a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 03:47:34 GMT
via: 1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
server: nginx/1.20.1
age: 16727699
etag: "612ef1b8-9ae"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 2478
x-amz-cf-id: 2iQ2Z1tfJZUE1EuOg5uFJpD0_rf80xI0I1_m04t5O8QW-UXaP4u3Yg==
expires: Thu, 01 Sep 2022 03:47:34 GMT

GET
H2 200 facebook_counter.png
ws.sharethis.com/images/2017/ 2 KB
3 KB 7ms
7ms Image
image/png 2600:9000:225e:be00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ws.sharethis.com/images/2017/facebook_counter.png

Requested by

Host: bloodhelpers.com
URL: http://bloodhelpers.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:be00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

3488c49147b809d1e457c14a37bf3a79b0455fd159c121325e8f737eea45eb75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 03:47:34 GMT
via: 1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
server: nginx/1.20.1
age: 16727699
etag: "612ef1b8-977"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 2423
x-amz-cf-id: mJTf9gpQPTM0bl3_GRU17Tfdfasf-SKZ6l9B423jPA0QgTXf7xHMqg==
expires: Thu, 01 Sep 2022 03:47:34 GMT

GET
H2 200 reddit_16.png
ws.sharethis.com/images/2017/ 895 B
1 KB 7ms
7ms Image
image/png 2600:9000:225e:be00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ws.sharethis.com/images/2017/reddit_16.png

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/css/buttons-secure.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:be00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

1600444c9b4125557ffab061b614813ee35aea6a10101fdd47c236d7d8a4c435

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ws.sharethis.com/button/css/buttons-secure.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 03:47:36 GMT
via: 1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
server: nginx/1.20.1
age: 16727697
etag: "612ef1b8-37f"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 895
x-amz-cf-id: ceyZz7V4_lQ1K9TicnMoo_R6UXQr97OJ4kRftyk-rMgjKKKaOrc1cQ==
expires: Thu, 01 Sep 2022 03:47:36 GMT

GET
H2 200 digg_16.png
ws.sharethis.com/images/2017/ 706 B
1 KB 6ms
6ms Image
image/png 2600:9000:225e:be00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ws.sharethis.com/images/2017/digg_16.png

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/css/buttons-secure.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:be00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

62f041ce8a15ab6b5dda668380d3191d5b95b914a14cc65140a7fd717e6381a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ws.sharethis.com/button/css/buttons-secure.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 14:15:01 GMT
via: 1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
server: nginx/1.20.1
age: 13838852
etag: "612ef1b8-2c2"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 706
x-amz-cf-id: _h0_90fdhbaGFaRPupNolNqwQq2tOl7UrV3sedXlIxbiDABlEHonvQ==
expires: Tue, 04 Oct 2022 14:15:01 GMT

GET
H2 200 afuZUdAykvX.css
static.xx.fbcdn.net/rsrc.php/v3/yM/l/0,cross/ Frame 56DC 43 KB
11 KB 34ms
11ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yM/l/0,cross/afuZUdAykvX.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fbloodhelpers.com&layout=standard&show_faces=true&width=450&action=recommend&font=lucida+grande&colorscheme=light&height=80

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d8594767931b331f35229e3380e1aa121e1a76febf066268e0ae5f4f437d94e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 18:22:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: d9H3bf2xDZrG7vk4xXlkDg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 10442
x-fb-rlafr: 0
x-fb-debug: Fh9JyfQMhWPPeHFVjuk2V0jH1EDvdQUUFA4l9vl9bhIejTEhaOBzXf/28ty2SQoDNfIFPBaF3ji8wbFmQCjVzA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 11 Mar 2023 16:19:17 GMT

GET
H2 200 bubble_arrow_below.png
ws.sharethis.com/secure/images/ 969 B
1 KB 7ms
7ms Image
image/png 2600:9000:225e:be00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ws.sharethis.com/secure/images/bubble_arrow_below.png

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/css/buttons-secure.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:be00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

10ad65fee3c7f0fc6a2122915ac606daf88347db9f6173aa67e3457598665677

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ws.sharethis.com/button/css/buttons-secure.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 02:10:46 GMT
via: 1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
server: nginx/1.20.1
age: 9475907
etag: "6179dc46-3c9"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 969
x-amz-cf-id: oXBU47nlz4pnR2Vn7GosgqLHcg9rhhn7GGEnF5Lom1FlOesAZXrgAg==
expires: Thu, 24 Nov 2022 02:10:46 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 81A6 0
0 75ms
38ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv5dfSJTY4qpdoFLzSP1agLT2HsqLaXRjy-9rie_OFUJ17Jp0c7fvOad1n5R7YSUDw9pwpIkTC1B0r0PD2C0Su6JbNCkmC7cXY6cudklscaMXnWZSHUOM2yK9fP72YtYqOeR0H4avFFQ0DbyM3fmA8wJ5is2uP6TOMK8PlBJfrTVGh9rqnx_aymAh3EW5d2HuHg76KqgdOy2kf7iDUPUiZkcKXyqCCzujVoBQxlHPHxQHWGS8PqiXoMptGPY1PLQ2wyoB5doKwABuQoix1d3MjSzm0Z2etxvfnGKn95aTA0wF9NDkWYFNCOLo61uMahX8p10YTg0-o3B6RbIt8Ifw0DkHXauogi77uL-MBh0yMmWZLeE2aXL78of4JoYKg4KOdLzjLbgSYA8F9-cvT1g3CjbOYo__Wf0hQX_Au81hyONsXF7f3NLe7VR-cE05dQ8ghlKJFTypxfSUutkb-A7HS0dl5v4_5a_vVRiPzN35gF_pRo-a20au5JoN1m54G1X2HgkWCBWDLjvmVLVXAtNm5DXM3B2efqKJpM0GLdYfWse_DXC1HaVq-AHhjIGsnvxJb9_ffF0SLS72x4JoC0Jt4Eb-Ib8G5l_w2FxhuHIEsCBnPMfe1WIQo-fOVQmhaY-Fbr_JKgTN7lWLgN8zhqe4DK6XtzT7bYtsvd4uzfnstZNcfy6QuXViqGksd0iFHwqtruaoYxDuxdiFVdsWYhKHR5qWSoXaikNLw6QbcMoWn9VjGSk_hJ3TqLnnyz8QdqadCOmCUvYhoWqY49Sh0ghgoKjc9P_0WR-hPBmTo14xyEFefNOTzOzq0ZsJpc379vL8ljUA4aILkGkDeinfFgL1xdyBlaelprD2DoaB2EvSKlFORuWknxxpz7OpB02T9z2bzig1taRYlVyz6O-pvN1Bkc8Pjd8NNL3doFh6Jl3LvT87oCYCjPCHLiCpX8V57JjQq0wDF1varr0V7qLn-YyzHH0Q&sai=AMfl-YSLxg7wJyOikswtvtFfsbGgpJanm8HXtOIrXzaoQxc69clnusGxhRouiA&sig=Cg0ArKJSzB9w5SIpYXFHEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: bloodhelpers.com
URL: http://bloodhelpers.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sun, 13 Mar 2022 18:22:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 13 Mar 2022 18:22:34 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 81A6 41 KB
15 KB 36ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: bloodhelpers.com
URL: http://bloodhelpers.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 13:19:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 190992
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Mar 2023 13:19:22 GMT

GET
H2 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 81A6 32 KB
13 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/m_js_controller_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4081699989175167&output=html&h=600&slotname=1676498701&adk=214556337&adf=3687068580&pi=t.ma~as.1676498701&w=120&lmt=1647195753&url=http%3A%2F%2Fbloodhelpers.com%2F&flash=0&wgl=1&dt=1647195753494&bpp=36&bdt=377&idt=111&shv=r20220308&mjsv=m202203090101&ptt=5&saldr=sa&abxe=1&correlator=3504577607925&frm=20&pv=2&ga_vid=119441930.1647195754&ga_sid=1647195754&ga_hid=1575339724&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1164&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31065370%2C31065530%2C31065596%2C31063247%2C44756896%2C31064019&oid=2&pvsid=2088668297714911&pem=615&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=COvcO4rKPV&p=http%3A//bloodhelpers.com&dtd=123

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

684506d9d8135537d90392d008a89c4b57a6878ab17f88d66153a630bbe773dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 17:54:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1665
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13100
x-xss-protection: 0
server: cafe
etag: 17326570059298415575
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Mar 2022 17:54:49 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 81A6 2 KB
1 KB 37ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 18:18:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 266
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Mar 2022 18:18:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 81A6 117 KB
36 KB 57ms
18ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 18:22:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 13 Mar 2022 18:22:34 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 81A6 15 KB
6 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 18:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1178
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6397
x-xss-protection: 0
server: cafe
etag: 14404976697706490601
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Mar 2022 18:02:56 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/ Frame 81A6 19 KB
8 KB 34ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7e3f3f9a87439492d58ee8a90cdc8741bd44e9f5ebc5a1be461ded2df7a155e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 18:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7865
x-xss-protection: 0
server: cafe
etag: 17470246482903461409
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Mar 2022 18:19:44 GMT

GET
H2 200 4883066607337726472
s0.2mdn.net/simgad/ Frame 81A6 24 KB
25 KB 57ms
7ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/4883066607337726472

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24544a029170ef3c9cc44c2b6330ce4ad4560d16e2b6d8d00c4598cd300d3f93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 14:25:58 GMT
x-content-type-options: nosniff
age: 14196
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24671
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 17:55:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 13 Mar 2023 14:25:58 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 83ED 22 KB
8 KB 8ms
8ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Mar 2022 13:19:22 GMT
expires: Sat, 11 Mar 2023 13:19:22 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 190992
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js Show response
pagead2.googlesyndication.com/bg/ Frame 83ED 35 KB
14 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 12 Mar 2022 19:55:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80803
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13820
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Mar 2023 19:55:51 GMT

GET
DATA 200
OK truncated
/ Frame 81A6 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 54378f881da816ca3f716125ef62c4d6cd2b533298f4404bb77877615582e6e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 83ED 0
20 B 30ms
30ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BionhaTYuYu-2KOLP7_UPvuGIwAIAAAAAOAHgBAI&bg=!lpWlldHNAAb7UztL-1M7ACkAdvg8WrFhZhKM-xwENGCuGaOI5PNCe3lJXMxusdk-blwwsFasHUnOHwIAAABTUgAAAAJoAQeZAyhIVx8NV4i0QfmU6fpLRzQRO5nGdtVJwgUceZoisco0vVvl5tEZusym3IBWQZEPAgDB_-LdME4fdmxUBHtmie9aGbDg4F7aLVe8cvIjEUrmdeXcuxE4ppogwS2GseP1IIL7BDnefmRdg99kBKNMdZimjXaN1biorLVel78xetzWtHq9WMYPR3pn-yqlr7gbnHi8Sptdq8jZVeLZqvUTguiBLNp6a_m5JBulj2J5KDJ3CdqJacA8AKJ4NziPUwjrSzPvb6ZbgEo6sW4nXydvfdpmdjmthzGUUHvo4uORBVUXbFo7r7HgCdQYyKJWJerko1_oB2WZg3ndoQWrHEuwEy9DtjL1Y-QxluzGTWeNVGtm4_ww86OZkxVtAk1-yy5skjtuxUvVKwzGjLPz6MOPfmSum09NLEvPLJjLy_BXZsVsH0NCUEi5vVMYFtWCVUoAcfB2WCake7dUcQ-7ra9HiMMNIgrGCnGUJ_n2IGvTS0eNjy1yiOdlWF3rWf2byVhCIitljqqO67_eX9mpXDHNjwCc9ylapkcZK-i5jIchVPoAzIPMCCKaaoYFo4KO0-gBwFGFj4nKgfwiMvSWyYM8baGlLjcHjvPZBWxHjoZVLn_xhRDrveuw9FB88S4KSQGTnXa05QIwba1y9T7ByN62nGSGoW2tnQD1-VtXXMwSazUQeSBZfiaz6dASwbfvy0rkH9E4O9vNqib73uMs9c4I7naEeJm7rRKCMGQnONW1quXiXxuj0OWzQkDqTw10Mr0oDhMgjTCXm8JVL-p3olrZYCoz-7kuSp44K5V5QJO5oqeaVXddUXoyjq_twsbgdF0Qy3MVz27BTcFxzVpSrdjYOfVlsXZC0vgBkTQX_93ysNcP91SHHDH_KK-GzBPfCSuThBAEEmIBf1S609EYffP-UY6pjD-j0axV2JYuolkQQaQ59pRhs7agYtGLxHPpSqNKM1w7lgJ-Z4fNoBe7X_rn1HUzd2IpGu4grAd49u__91CHn98vENhBxIm5gbAK-0-KifRbY4Xufw7IDai6IF1G_1YqS1Nby87GQ4hh4PcMrkieRR9CRQueJYBw

Requested by

Host: bloodhelpers.com
URL: http://bloodhelpers.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Mar 2022 18:22:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
53 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

beabf2857240041587c97bcdf14ab0cf7c896809020a90b36a5386025fe84a0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 18:22:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54654
x-xss-protection: 0
server: cafe
etag: 2126680836631211499
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 13 Mar 2022 18:22:34 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 37ms
22ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220308&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb674a8acf8b78224c902a0ac41d3546dea77768b73129fe08da864fbd99e2a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Mar 2022 18:22:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10486
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 18:22:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 13 Mar 2022 18:22:34 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220308/r20190131/ Frame 7441 10 KB
4 KB 154ms
7ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220308/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Sat, 12 Mar 2022 23:41:54 GMT
expires: Sat, 26 Mar 2022 23:41:54 GMT
cache-control: public, max-age=1209600
age: 67240
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 33ms
18ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bloodhelpers.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Mar 2022 18:22:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 32ms
17ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bloodhelpers.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Mar 2022 18:22:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7A55 0
16 B 18ms
16ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4081699989175167&output=html&adk=1812271804&adf=3025194257&lmt=1647195754&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fbloodhelpers.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1647195754535&bpp=2&bdt=1418&idt=2&shv=r20220308&mjsv=m202203090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D56f2698c81f7cb8b-2259b5005bcd000d%3AT%3D1647195753%3ART%3D1647195753%3AS%3DALNI_MZaFmtXdJNDH5bFLo_7_B2Iw_GJDQ&prev_slotnames=1676498701&nras=1&correlator=3504577607925&frm=20&pv=1&ga_vid=119441930.1647195754&ga_sid=1647195754&ga_hid=1575339724&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31065370%2C31065530%2C31065596%2C31063247%2C44756896%2C31064019&oid=2&pvsid=2088668297714911&pem=615&tmod=1556662101&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=21

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 13 Mar 2022 18:22:34 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C3E6 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 13 Mar 2022 18:12:44 GMT
expires: Mon, 13 Mar 2023 18:12:44 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 590
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0CD5 783 B
1 KB 40ms
16ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e1f744e2cc63e3d9500d3910f1551426b46249cee145cfcd82fc0772868efb4d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-+EphuGKCPdwmO9wYWTTq9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 13 Mar 2022 18:22:34 GMT
date: Sun, 13 Mar 2022 18:22:34 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-+EphuGKCPdwmO9wYWTTq9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js Show response
pagead2.googlesyndication.com/bg/ Frame C3E6 35 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 12 Mar 2022 19:55:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80803
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13820
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Mar 2023 19:55:51 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0CD5 0
0 59ms
59ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220308&jk=2088668297714911&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C3E6 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?lTYYrQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 18:22:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 81A6 42 B
64 B 30ms
30ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsulMFZ7-KeNsZZ8Xxn0SG7XdtccsiAC8PmnCaYk9pKu_8GGFGinE1nMmI430jbTqeGo2l_OZuqBaKfPEuV9TO8xAEUxjzYuis2_okN9_4dqAJt9PwtphrN6j3ENLz459QBKIxh46oa827tWQ9NcRnXzih4cZ5gZFNdexoL9i6bBrQ&sai=AMfl-YSzATOhRTe3DVqOjkIf7N7jtrL-LM7G_hElCRWsTyQoYW_X1N7F03x0tsRdDfKv9Wpe-UzFOrq_wWXr&sig=Cg0ArKJSzOXK4JtUO8TiEAE&id=lidar2&mcvt=1000&p=0,0,450,120&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220309&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=214556337&rs=2&la=0&cr=0&vs=4&r=v&rst=1647195754212&rpt=101&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Mar 2022 18:22:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 31ms
30ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220308&jk=2088668297714911&bg=!qKulq-_NAAb7UztL-1M7ACkAdvg8WkvmEwye4bb_nZgvvh6F-WOLsA9Ll7tYsWziFmdUhC5QW6F7mAIAAABeUgAAAARoAQeZAsodprop0J1Q6oV80cZVJNjxNS0fY-yX7zfwn7Abo55zvgJluPWk3OSwBaTqbTcUTt88KRBlEJD9DU7QmASTk66vmrXMCVZww31giu0rVyDnYLq5WO03JYaEtDjdwHanPNB5XpPVYQJR3I5o3o8oYxZb89bmcwNqkIHEMhlto4tHUClynteAPjUAikVCM2d42G8XwZ-UCdFS2ztWiwzqEZJN0KyCi4eEU_XeXkVjWde_KQmIuUpk1Tcup9IdXAUQB3_OXr1qExWjwmITOsx1dvBIEZFOpLsGWEmXE2Q3Hq4pAa1JJuvVNSXOAaWXv4QG0sFvbo66copu2ci6kZCyQCxFYcNEZV9G99VwScIdJZ0VTnoq36YsvSpd-6bF8zPAw4Y9BAr32eTo-DfNfk0jTuqj1J31Q720cM2Ak3birVz97w3owrc42LaT8Ih5zr_rAPe6wemZ9aQJNza7mn1Bs-WO_5kC215w_5PXfCrk_SVbaotObKs7zqrUYeLEWSoED-f4p986oLPQ7gx6pIuJ8UEqUkHh6V9Iz0rs609A6u5-k2TSOSMRAE0f_ktDsfnsIAg8nPaGvCrdrtIP0iDYPVAs_bCxm4jmbGnVTbiEm6JGY951QquA6Kr6t39qYmFGTPM4P6HNrE-2h7ZrheMtdVEHGc7TdUfPFHtGdHsrdCm17aZDLGLRJam3G_SMDYxwhtgPqA2uPeitxdp1U-hI3CZRThCmk7ak-l2MkQGtlttNmmb9p1ynE9Xbdf97PZbG_4sKF1pvCRwGeP4Pj08iovOFn6fHbG53OAe78waLwHs1gaKONM818eRKdpCh2oaAc3pXXBiVzM62lANf30Yg7vuMw-5eNYBasjlJ4A6D9wP4LGwC2Jeggztc7BGzY40EJ5amWFhguYkWGMFzga6V-F3PubXF4lEjDwTEfH-gIRw2s69_j2Kd5B1IywY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Mar 2022 18:22:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.html Show response
ws.sharethis.com/secure5x/ Frame F036 14 KB
4 KB 7ms
6ms Document
text/html 2600:9000:225e:be00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/secure5x/index.html

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:be00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

40279417deb789df672f0165a0817b4c84893685d47a4fd8e20770e838ef4367

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/

Response headers

content-type: text/html
content-length: 4082
content-encoding: gzip
date: Sat, 12 Mar 2022 19:01:23 GMT
etag: W/"61e1c3fb-390f"
last-modified: Fri, 14 Jan 2022 18:42:03 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
via: 1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: Yke3jZBp5lbHCLyn2Hrj9fd0sF5oNxQLV0662a0-WDfHKpMMkiw8vw==
age: 84071

GET
H2 200 stcommon.1f60705adac788a51a8240cf535237b0.js Show response
ws.sharethis.com/secure5x/js/ Frame F036 16 KB
6 KB 7ms
6ms Script
application/javascript 2600:9000:225e:be00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/secure5x/js/stcommon.1f60705adac788a51a8240cf535237b0.js

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure5x/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:be00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

2d200d90966b8380a648972d71130785371751cf24bb7398f2854be23afb4a65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ws.sharethis.com/secure5x/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 03:47:33 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 16727702
x-cache: Hit from cloudfront
content-length: 5630
server: nginx/1.20.1
etag: W/"612ef1fe-40f6"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
via: 1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P4
x-robots-tag: noindex, nofollow
x-amz-cf-id: OMxeyEd6wFIxJ4qkWIBNRw_9fJBotPwqREnSGpeS-Yl1YfCCAMpToQ==
expires: Thu, 01 Sep 2022 03:47:33 GMT

GET
H2 200 st.31cb6fcb48e558d491ec5da1e80ebf3d.js Show response
ws.sharethis.com/secure5x/js/ Frame F036 132 KB
32 KB 10ms
10ms Script
application/javascript 2600:9000:225e:be00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/secure5x/js/st.31cb6fcb48e558d491ec5da1e80ebf3d.js

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure5x/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:be00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

ffd7d8f21205b5a8c3d1e2fd124fd554edbc9ab1ef756b679fcf276bb00a229f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ws.sharethis.com/secure5x/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 00:51:53 GMT
content-encoding: gzip
server: nginx/1.20.1
age: 11813442
etag: W/"6179dc46-20e82"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P4
strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: noindex, nofollow
x-amz-cf-id: AMjXR66eRMZzSKj0tzxbWU51_jhO0VwdKQDuFMK0JBcwctii3X8h5A==
expires: Fri, 28 Oct 2022 00:51:53 GMT

Verdicts & Comments Add Verdict or Comment

216 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bloodhelpers.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: hm0t1qtoiesdaso18faj658ip2
.bloodhelpers.com/	1970-01-20 10:54:51	Name: __gads Value: ID=56f2698c81f7cb8b-2259b5005bcd000d:T=1647195753:RT=1647195753:S=ALNI_MZaFmtXdJNDH5bFLo_7_B2Iw_GJDQ
.doubleclick.net/	1970-01-20 10:54:51	Name: IDE Value: AHWqTUk1DKQpsttbDLb7yCwoX18FJRTQmnxDsrQA98pxCGvna-6JKv1fuzEd4DenoW0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
bloodhelpers.com
count-server.sharethis.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
l.sharethis.com
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
static.xx.fbcdn.net
tpc.googlesyndication.com
w.sharethis.com
ws.sharethis.com
www.facebook.com
www.google.com
www.googletagservices.com
13.32.121.126
142.250.181.226
142.250.185.130
2400:8901::f03c:92ff:fe8a:f267
2600:9000:225e:be00:3:c04e:c780:93a1
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2006
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.125.253.64
019f24cbabf62e4598817bd0d288d4e59868c6ff936159a228f367c29e8f1f94
0697c07c0ab6e661ea446ec8242304225e7cec860c1913ac9d0c2f25611b96e9
08811d755c5b967b92cf09c2e8d93e2b911c018b372577d2dfb4341d1dedaf28
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0eefc2d7f64647f430757895d13bd823e9106b542cacf8ed5adc05c772ea2cde
10ad65fee3c7f0fc6a2122915ac606daf88347db9f6173aa67e3457598665677
10b02de004b97512fd30c6f064abbdee71b11f73eb02929c24e5b0133e692b97
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1600444c9b4125557ffab061b614813ee35aea6a10101fdd47c236d7d8a4c435
232066e3f6f1351afdaee1acb70c409766641fd5669e0b55ce7c77fac0a857ef
24544a029170ef3c9cc44c2b6330ce4ad4560d16e2b6d8d00c4598cd300d3f93
248efbcc76b3d0a7264cb4cbc225aa44606b05c639dc6bd1ddf40157f72d43c7
266d11c6058f9a59e25b5a5232f571dc69eb3578beb0faec8fa3d2088836388c
2d200d90966b8380a648972d71130785371751cf24bb7398f2854be23afb4a65
31db83f7dee8772cf449eb52412da6d98ede3db1f1266cf772e53fa3d10579bf
3488c49147b809d1e457c14a37bf3a79b0455fd159c121325e8f737eea45eb75
38bdaa6ffa7c071fd9af7eb4fc6e34125cbac8965ad71fb0e93a0d2140dd2842
40279417deb789df672f0165a0817b4c84893685d47a4fd8e20770e838ef4367
465d576714c8de5cf1f7f962251bcf51d64fb73155a41ebf3ac2525938501a2d
4f0b8a92c4b966af8298f43c059ec089461ee7a36fe53ee407ab39485194e358
4f197c444784333a55ff4b224157f0d800e70c9daa39d86bcedc8c7ef162915d
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5119dc60d2446ee9b993502f9655361f03229814a76c51a5ddbb0911f85f964b
54378f881da816ca3f716125ef62c4d6cd2b533298f4404bb77877615582e6e3
5457dbdf5b8ea7afe9c7d54038caee3eb372bf261b751577a20de58a98e024ae
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b07c80ff0d27b48d6763009a894a09bb57941097ea408b2b07c368f839a71d
5608227c7f669c0d9a2becf40df6b1e818c4bf5031cff42356ea83b953079541
5e0eb783dd1df7d0d104169c210fe8775412af11f797b5c9fd368c6d0b5b1c93
608e0382cd5327f9ee7c19cefe7d6fd4447233ae38e1ddcf0074765a09e4293e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f041ce8a15ab6b5dda668380d3191d5b95b914a14cc65140a7fd717e6381a2
62fd1f44d1b27105a2fe8cfffc506f38b4469ef81147371aa776adca62f3aacc
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
684506d9d8135537d90392d008a89c4b57a6878ab17f88d66153a630bbe773dc
694d659009eac3d41baa98f316082395d708e93affbfddbba5fed6289b2560c6
6da64d35e0719af8338c2ca65f4597386a5d95632da247f6eabea44087e94f73
72733f17413f79408f89e9d85b9e44fcd10c9a8351d26c204b497d2769b67fc1
776654f7b3bf08c9ad34b8a4346af6dd89590ebee0c4f7c6dd8d7f34ea1f1698
7ba38c636940db54018406db91e3a02040d14fd6ce7dabf8bdb011067ba8eb41
7c1dc78e5284f0f937fc9159ca5418fd27aac3e93eb813bf6477cca5c34bf998
8463892df7beec9a830a241ad73c1370999ca767662685e6191cb188bf10e6b8
90ae6a92534dd5280d5dd7ee4e2ae906e67b238cd99eb101d1cd9b8ce448ef97
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05
9a9908a313001cfb6df4c6dc006c43f13dfcca49840f203ca7fc81d71e9366f6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa7d7130a1412cd7df7976029c244e17ae541393962321ef3798d4fd31a8c1fa
aeae37bae2130513ef8b5ea4fde8fd776b32ff8969b848b59399a63d9455e29a
b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
beabf2857240041587c97bcdf14ab0cf7c896809020a90b36a5386025fe84a0a
c1abbde5f157de3a571a6e12ceea7466953640d23fbe0e5b7339d04c4b0e73ab
c4b8a8c6703278963efa13c2536ca546ed08f55a0dbab145d5500f850691d8a3
d7e3f3f9a87439492d58ee8a90cdc8741bd44e9f5ebc5a1be461ded2df7a155e
d8594767931b331f35229e3380e1aa121e1a76febf066268e0ae5f4f437d94e8
de9beb5ad10173669f0b41c34c327f869c48dd0e4300d398e72603eb4a119a48
e1f744e2cc63e3d9500d3910f1551426b46249cee145cfcd82fc0772868efb4d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e498735abec99119623c06b3b289a236709fe4bae0e75f8a2bcdc236c4fa7416
e5de687008731a829c3b3112506e4a4718b915f3786df8d38bdbb1b204f8475c
e670fdcaf8cd467a9a1a67e9a5c1f73288089f59dc08031b118dc26fbd233c80
e7f3e6e7de4d0e4b7b1ac851f43188836a609a0e77b4c6f5ade29b8c9b80e946
e8d4ff5367de8df94634d960c32dd62bceb138308cffddbc2656492fcfd7a934
eb674a8acf8b78224c902a0ac41d3546dea77768b73129fe08da864fbd99e2a7
eba396bb2d056206fff4af829b6e6edfd05ab820e06fed281e762c9bfe6f2911
ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc345ad17d1564c82cf169a6e0a9be99d6a67f66568396c49575678d0179f4d7
fd0d2d25b0bae9f94ab8afb18b9b5341bec98a9f20926e91bbb528acdccf5dc0
fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b
fdf2ce1dd291ed85237de3ca32c8595089ea91b09439ed40afc63a240549e4fa
ffc5b915284c210bfb56d123358c80408200d967819e1a52979fb7572a98ba65
ffd7d8f21205b5a8c3d1e2fd124fd554edbc9ab1ef756b679fcf276bb00a229f

bloodhelpers.com Open in urlscan Pro 2400:8901::f03c:92ff:fe8a:f267 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

83 Requests

55 %HTTPS

76 %IPv6

12 Domains

18 Subdomains

18 IPs

3 Countries

643 kBTransfer

1722 kBSize

3 Cookies

0 Outgoing links

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bloodhelpers.com Open in urlscan Pro
2400:8901::f03c:92ff:fe8a:f267 Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

55 %
HTTPS

76 %
IPv6

12
Domains

18
Subdomains

18
IPs

3
Countries

643 kB
Transfer

1722 kB
Size

3
Cookies

83 HTTP transactions
1 data transactions