www.psxhax.com Open in urlscan Pro
2606:4700:3037::ac43:a839 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.psxhax.com/
Submission Tags: falconsandbox
Submission: On February 27 via api (February 27th 2023, 1:27:45 am UTC) from US — Scanned from DE

Summary HTTP 187 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 31 IPs in 8 countries across 27 domains to perform 187 HTTP transactions. The main IP is 2606:4700:3037::ac43:a839, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.psxhax.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 6th 2022. Valid for: a year.

This is the only time www.psxhax.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	2606:4700:303... 2606:4700:3037::ac43:a839	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:cdb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:80c::200a	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:400d:804::2002	15169 (GOOGLE) (GOOGLE)
3	184.73.143.27 184.73.143.27	14618 (AMAZON-AES) (AMAZON-AES)
3 21	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:64:... 2a02:26f0:64::210:6ad8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	104.18.12.14 104.18.12.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.224.189.82 13.224.189.82	16509 (AMAZON-02) (AMAZON-02)
2	34.149.12.213 34.149.12.213	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
41	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	188.65.124.66 188.65.124.66	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.255.170.214 34.255.170.214	16509 (AMAZON-02) (AMAZON-02)
2 2	54.195.228.119 54.195.228.119	16509 (AMAZON-02) (AMAZON-02)
2 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
7	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4000:807::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400e::9	15169 (GOOGLE) (GOOGLE)
187	31

25 2606:4700:3037::ac43:a839 (United States)

ASN13335 (CLOUDFLARENET, US)

www.psxhax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:cdb (United States)

ASN13335 (CLOUDFLARENET, US)

tags.expo9.exponential.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:400d:804::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.73.143.27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-143-27.compute-1.amazonaws.com

k.intellitxt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700::6812:19ad (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdnx.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:64::210:6ad8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.12.14 (None, )

ASN13335 (CLOUDFLARENET, US)

a4.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.189.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-82.fra2.r.cloudfront.net

images.intellitxt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.12.213 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.12.149.34.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbc-eu3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.65.124.66 (Paris, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ingress-03-pub-prod-ix7.vip.dailymotion.com

public-prod-dspcookiematching.dmxleo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.170.214 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-170-214.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.195.228.119 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-228-119.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4000:807::2003 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

redirector.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e::9 (Ireland)

ASN15169 (GOOGLE, US)

r4---sn-5hnekn76.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 140	742 KB
25	psxhax.com www.psxhax.com	2 MB
23	tribalfusion.com 3 redirects s.tribalfusion.com — Cisco Umbrella Rank: 1813 a4.tribalfusion.com — Cisco Umbrella Rank: 27902 cdnx.tribalfusion.com — Cisco Umbrella Rank: 13179 a.tribalfusion.com — Cisco Umbrella Rank: 741	52 KB
20	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	209 KB
13	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	166 KB
7	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 391	134 KB
7	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 73 www.google.com — Cisco Umbrella Rank: 2	2 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	290 KB
5	intellitxt.com k.intellitxt.com — Cisco Umbrella Rank: 42489 images.intellitxt.com — Cisco Umbrella Rank: 56987	76 KB
4	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 475 rtb0.doubleverify.com — Cisco Umbrella Rank: 694 rtbc-eu3.doubleverify.com — Cisco Umbrella Rank: 15394	22 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30 region1.google-analytics.com — Cisco Umbrella Rank: 2425	20 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 306 fonts.googleapis.com — Cisco Umbrella Rank: 36	34 KB
3	pubmatic.com 3 redirects image6.pubmatic.com — Cisco Umbrella Rank: 725 simage2.pubmatic.com — Cisco Umbrella Rank: 668	1 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8947	818 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	193 KB
2	gvt1.com 1 redirects redirector.gvt1.com — Cisco Umbrella Rank: 3849 r4---sn-5hnekn76.gvt1.com	960 KB
2	spotxchange.com 2 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 709	1 KB
2	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531	2 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 198	2 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 265	560 B
2	exponential.com tags.expo9.exponential.com — Cisco Umbrella Rank: 10970	28 KB
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 313	239 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 585	338 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 422	304 B
1	dmxleo.com public-prod-dspcookiematching.dmxleo.com — Cisco Umbrella Rank: 4003	122 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 855	602 B
0	consensu.org Failed vibrant.mgr.consensu.org Failed
187	27

	Domain	Requested by
41	tpc.googlesyndication.com	googleads.g.doubleclick.net cdn.ampproject.org pagead2.googlesyndication.com tpc.googlesyndication.com
25	www.psxhax.com	www.psxhax.com
20	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.psxhax.com
18	pagead2.googlesyndication.com	www.psxhax.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
12	s.tribalfusion.com	tags.expo9.exponential.com www.psxhax.com
8	a.tribalfusion.com	3 redirects s.tribalfusion.com
7	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
6	www.gstatic.com	googleads.g.doubleclick.net
6	www.googletagservices.com	googleads.g.doubleclick.net
5	csi.gstatic.com	www.gstatic.com
4	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
3	fonts.googleapis.com	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
3	k.intellitxt.com	www.psxhax.com k.intellitxt.com
3	www.googletagmanager.com	www.psxhax.com www.googletagmanager.com
2	sync.search.spotxchange.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	dsum-sec.casalemedia.com	2 redirects
2	dpm.demdex.net	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	images.intellitxt.com	k.intellitxt.com images.intellitxt.com
2	a4.tribalfusion.com	www.psxhax.com
2	cdn.doubleverify.com	s.tribalfusion.com cdn.doubleverify.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	tags.expo9.exponential.com	www.psxhax.com cdn.doubleverify.com
1	r4---sn-5hnekn76.gvt1.com	googleads.g.doubleclick.net
1	redirector.gvt1.com	1 redirects
1	pixel.rubiconproject.com	s.tribalfusion.com
1	simage2.pubmatic.com	1 redirects
1	beacon.krxd.net	s.tribalfusion.com
1	us-u.openx.net	s.tribalfusion.com
1	public-prod-dspcookiematching.dmxleo.com	s.tribalfusion.com
1	cdnx.tribalfusion.com	www.psxhax.com
1	rtbc-eu3.doubleverify.com	cdn.doubleverify.com
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ajax.googleapis.com	www.psxhax.com
0	vibrant.mgr.consensu.org Failed	www.psxhax.com
187	41

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.twitter.com
www.youtube.com
s.tribalfusion.com
xenforo.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
exponential.com Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
k.intellitxt.com Amazon RSA 2048 M02	`2023-02-11` - `2024-03-11`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-07`	a year	crt.sh
images.intellitxt.com Amazon RSA 2048 M02	`2023-02-23` - `2023-11-07`	8 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh

This page contains 29 frames:

Primary Page: https://www.psxhax.com/
Frame ID: 826EC77F0C68F01DB477C141D1CF7ADB
Requests: 68 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/zrt_lookup.html
Frame ID: 0EB696CCE59D84BEEC831DA295260FCF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8005854987520958&output=html&adk=85976724&adf=3412083302&lmt=1677461257&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fwww.psxhax.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677461257623&bpp=840&bdt=256&idt=1104&shv=r20230222&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7039962653905&frm=20&pv=2&ga_vid=695592936.1677461259&ga_sid=1677461259&ga_hid=78615684&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C44759837%2C31071756%2C31072349%2C31072479&oid=2&pvsid=865209615759606&tmod=925318156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1135
Frame ID: 9C14247C818F93DBB0957573D54977CE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8005854987520958&output=html&h=280&slotname=8632507878&adk=3092499905&adf=1881517600&pi=t.ma~as.8632507878&w=1180&fwrn=4&fwrnh=100&lmt=1677461257&rafmt=1&format=1180x280&url=https%3A%2F%2Fwww.psxhax.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677461258471&bpp=4&bdt=1105&idt=291&shv=r20230222&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7039962653905&frm=20&pv=1&ga_vid=695592936.1677461259&ga_sid=1677461259&ga_hid=78615684&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C44759837%2C31071756%2C31072349%2C31072479&oid=2&pvsid=865209615759606&tmod=925318156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WzdUTnwChd&p=https%3A//www.psxhax.com&dtd=296
Frame ID: 3BE64F446729639AC74901FEC15AC22D
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8005854987520958&output=html&h=280&slotname=3467030852&adk=4073035317&adf=2491610110&pi=t.ma~as.3467030852&w=336&fwrn=4&fwrnh=100&lmt=1677461257&rafmt=1&format=336x280&url=https%3A%2F%2Fwww.psxhax.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677461258476&bpp=7&bdt=1109&idt=302&shv=r20230222&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1180x280&nras=1&correlator=7039962653905&frm=20&pv=1&ga_vid=695592936.1677461259&ga_sid=1677461259&ga_hid=78615684&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=459&ady=839&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C44759837%2C31071756%2C31072349%2C31072479&oid=2&pvsid=865209615759606&tmod=925318156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=cE77dPpdAE&p=https%3A//www.psxhax.com&dtd=306
Frame ID: 44C4C6D1D9A1D5F32B003B2C2277E86D
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8005854987520958&output=html&h=280&slotname=6154217023&adk=1388165302&adf=1854885621&pi=t.ma~as.6154217023&w=336&fwrn=4&fwrnh=100&lmt=1677461257&rafmt=1&format=336x280&url=https%3A%2F%2Fwww.psxhax.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677461258489&bpp=2&bdt=1122&idt=299&shv=r20230222&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1180x280%2C336x280&nras=1&correlator=7039962653905&frm=20&pv=1&ga_vid=695592936.1677461259&ga_sid=1677461259&ga_hid=78615684&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=459&ady=1454&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C44759837%2C31071756%2C31072349%2C31072479&oid=2&pvsid=865209615759606&tmod=925318156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=cYTUXGcnFl&p=https%3A//www.psxhax.com&dtd=303
Frame ID: 824D472C49282FBF7983D8156AA4A7ED
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E8FFAFBE989E4AC62F1D019A536A8C58
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Frame ID: 11069C62121D6108CC3296CE36C28D24
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Frame ID: 104486136B3C8F29B69CD0461F82618E
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Frame ID: C29510C1C52B877413435E9F3D5D1EC0
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js
Frame ID: 8C774EDBCA30CFDA4B0D2951414692E7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A1DB2F84484D8E4F2B996E892FBCDFF8
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=agmU0hpT7W5U3WWbvFWAr3REQ4SsrrPHjr0H7nVmvp4GU5YbUDUmPq5mQ6PAMD4HFr0HQAnHTm5mYQ3srcTs3lWGBkSPnoWtv3TFM32r2oUqMxWT37QqMFScQJRr6mPtviWsMS5rTxmWqmYEyx3dnZdQcJA4ABKptTsVWJhXrfa1UF91EqmRbrBUFQ4TtQ2orfqPbjrXqMO4Efh5E7RoTMI1rJZaUtMXWbPZcPDApTHfomUEZaIv&mediaDataID=6347136&mediaName=frame.html
Frame ID: 4CF50D3B66E1BF1BBBED3F876A663706
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=ahmU0hPbQEWUYXTd31ob3oRUBp1T3n4Tja5Tv1mE7I1FB9TtbXnAUZdmcMooHfA5TFh3d6N56nEnbMZa0GnVYsQT0cFMmTJ45Fv2WrnDVP74REY0QsrmSdfr1HvpT6Mw4GYUXrUZdUAXw46ZbdQPfC3WYO0tMZanWTO4mZbS3srgTsJdUc78SmFOTtvPTbr35bEpUqUsVaQaPavGRGjZbQUuvPH7iUVvw4r6xWCZbmvnJwwdbqNmZd7lh&mediaDataID=6546596&mediaName=frame.html
Frame ID: 2B9F19C392FC1A1CB455B93D56C33C3C
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aimU0hWd3TWrbY5rZaqWaYmTTFbPqMZdRcfCQF6mRWMiUcnU5ruxndInYTqx2dbGSVMG46YHoHPNTHJ90bn8YFZb70EInSbFZbWFMSWHJ0nbQnRUJsYqvp5qfa4T7YoTbB1FZbfUdbTnm3Bns7rptMB2EY73WZao5mnLmbfZc0Gn0YsF2XGbnmqv33bU4WUFDUAv5RE34QVUsPHjs0dFtWAbp4sBU0UQcTAiwvrqdnb2DwWZbEo9vUq4&mediaDataID=8039566&mediaName=frame.html
Frame ID: 8233E83780466070D613746967BCBB6F
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=ajmU0h5U3UTFfEW6U5QE3XScvOPH3N1dBuWPMw2c3U0bYJUAqw5PncQA7C2tZbsXHJKntZao5AJ15cr8VcQ7Wsf6RmvNTdZb3WbBP2U2rVajpTTraPTQIRcjCPFuoPHvbUcM54butnWAOXEey3WnHPG7Za4PrLoWPnUH370bnkYFYfXaeMSFJAWb35WHM0orJmRUZbnYq3t4ajd5q33nqMI1rUfWH7MmmfBV9XrSCIAxEZb0OZay3oM&mediaDataID=6807466&mediaName=frame.html
Frame ID: C2072FBA76708E74A9453A9162F06243
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=akmVCGWUY0TtQXmF3mQFFt1EMm4aYl5qYRnabBYbJfWtfRnmnBmG3qpdrB3aZbe5duq5PfGnUjGXVnR1c300VjpnqFR5bY2TUZbZcVm7YQTb1Sc3nPtfy1tFuVAfO4GnW0bZbZdTmyq5PMePmfJ2HZbs0HnZdmH2v36MV5VMcTGJaVVZbfPAnyWW33UbM05bEuWEjqTTn7PTZbZbRcbCPbavSW3dWGvP5UirnWIo0qep4dbZdQtQH2mI8WpbmpSEL0crUi2yMLq&mediaDataID=5578346&mediaName=frame.html
Frame ID: BAD13330C8130CF832A691B33BC067BB
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=almU0hWrbY5bEoWaYmWqrcSTrGRsFZbQFAvStvbWGv52rqnnWiOYqTM3HvHQGrF26BZbotIyTtYfXrnc1UBl0q6ORFrBWbYSTdrWnFQsQFrq1Evt4Ejg4E3RmaMD1rZb6WtbXm6nZbmsUwotfG2qYf2taN56FKnFjJYVbP1c3V0VvxpTb42rFQWFfZaVA3YREM0ScroQHZbN0HBxWmYy3VBU0UZbDVmm546ZbetFEFMRisyWBxOMy5rA&mediaDataID=6719746&mediaName=frame.html
Frame ID: 1BC9D6CE8A2ACD79C33491E2EB61FB4D
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aAmU0hTFfHUAv5RTMXQc3qSt7u0tZboW63p3GY2XFQDVAum56UeQ6BE3tQt0WBJptTu5mQY5VbeTsQbUcbkRAQmUHvQWFfP5r6uVEjqWEJbSTMZcSGFZbQrEvRt7dUVMV2ruxmHipYE2p2WbAPs7E5m3HoHamTdYcYrba1UB90qqtPbUZbTrB4WdY2obBsRUjr1EMp5aZbl5TYQnEBHXUUfWHMXoArans7wU8PGyBiextmFOSRM64&mediaDataID=6530936&mediaName=frame.html
Frame ID: BC0CB16C8706BF1AF00E1E48C7D2F48B
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aBmU0hTtQ4orJpPUZbpXTJr3Tjf4qn1nEFIXFZb6UW7XomMLmsvwpHUH2aQf3Wmt3PnZanbrEXc7XYs34XG7MnEj23rvPTr7ZcUP3TQqb2PsZbtStFv1WZboVmYp2GB40UUKVAqw4mUaQPJK2dZbm1dUImdIo5AMU5GbdUsFdUcb8RAFuWdY3TUM42UZarVEvqTTQaSTvKScJJQFAwSW39Vsb52F6xode0XEepxC2AmDTFumJyunllID&mediaDataID=5436426&mediaName=frame.html
Frame ID: 5D953C4F02D305B5DE5C2D98B37763CC
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aCmU0h5bEnUqrnWqQ6SEUZaQVYLQFInSHYiVcMV4UyxoW6rYEmp3dYBPcfE4PJZcmtPsTHBhXF7iYFBhXainRr3ZdUrM5THrWobjxQbrpXTFs3Tfh2Tr1oaBIYFU8WHbQomnBncvspt3J3qZbk2Has4AjGnUYIXs7WXsJ2XG7nnEvT5UY2WbnZaWP3WRqn2ScUsStjw1H7pWP3m3cM0YrZbDVmiw2PQZbPPMKxoqmxR6JWd2JOa82i8&mediaDataID=9148826&mediaName=frame.html
Frame ID: 26D36D6488FD612D94BE9412004FA043
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8005854987520958&output=html&h=280&slotname=1965698180&adk=1386472052&adf=2045625126&pi=t.ma~as.1965698180&w=336&fwrn=4&fwrnh=100&lmt=1677461257&rafmt=1&format=336x280&url=https%3A%2F%2Fwww.psxhax.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677461259953&bpp=9&bdt=2586&idt=9&shv=r20230222&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c93f3f59585745a-2256986e2fdd00fa%3AT%3D1677461258%3ART%3D1677461258%3AS%3DALNI_MY9M-htH5o3T4BW8kivrXRvGoHHKQ&gpic=UID%3D00000bbc5d4adccc%3AT%3D1677461258%3ART%3D1677461258%3AS%3DALNI_Mb02iAyD5pzt4_1nEEcn6vRttJmug&prev_fmts=0x0%2C1180x280%2C336x280%2C336x280%2C180x500%2C180x500%2C1005x124&nras=4&correlator=7039962653905&frm=20&pv=1&ga_vid=695592936.1677461259&ga_sid=1677461259&ga_hid=78615684&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1054&ady=2026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C44759837%2C31071756%2C31072349%2C31072479&oid=2&psts=AD37Y7sdOsC8kBnqcaSxc-CXIKAej0ssAmgrjPIlmroL9oO4W9W3ZULkRanU9x6T0Nw5o4R6igewxwsUARy5Xm78Og%2CAD37Y7ui5bezjN-t3LCYP06N0uLAg42MKzgaIGeZI_X5cO4ZHHB_d2v9oy1edMYlBBcvMqD-UuR5rV-5_Zd3F01Hykj2f0ighgS7NQLVlaKd%2CAD37Y7vlBakIy3fv7fJdK7l6tExWqITQ4lZ1FmOQSVK13t60Rw5JeYfrSv61RLg_Hsu65MBkXE3zplORug1RjD3k8VDrmaqFyDYM5y42arbm%2CAD37Y7tgFZ9ZBuaatA4KSEWn2zPqby4nFMsqOYkvwjdNtYh_fHqg2Tuw3kQ3IVhE_raszRjkZw4BsfrmfcN7Lx_-orpLVlUwIBZmio1cqEPHYfQ&pvsid=865209615759606&tmod=925318156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=tQPhjeWEAe&p=https%3A//www.psxhax.com&dtd=14
Frame ID: DFC866426E8E2E40FEAAA8CA9B908B05
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js
Frame ID: C82D30DC062C37B00BDC29F4BF752176
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js
Frame ID: 121660E45166A441A487BE3D3F20DD46
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js
Frame ID: 1EDC052F40109823B0B0109E27BB9333
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js
Frame ID: 9A74941E3C33A7EA5C8042A4F758F6AB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js
Frame ID: 8F8354F915AE4BD3413481633E726E34
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 222338F11C6BA0EF24C2EB458F11A279
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ED75274FA9A87413FB25497C70D056A3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PSXHAX - PSXHACKS

Detected technologies

XenForo (Message Boards) Expand

Overall confidence: 100%
Detected patterns

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

187
Requests

95 %
HTTPS

62 %
IPv6

27
Domains

41
Subdomains

31
IPs

8
Countries

4554 kB
Transfer

8787 kB
Size

25
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/PSXHAX/

Search URL Search Domain Scan URL

URL: https://www.twitter.com/PSXHaxDOTcom

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@PSXHaxDOTcom

Search URL Search Domain Scan URL

URL: https://s.tribalfusion.com/h.click/a4mV8EprMZb0GnUYVQ5XVFupTBQ2Fn5VFJZcWPMYRqr0ScvmQWbs1dvqV63O3sUW0UrJUPPo4PZbcPmJF2W3O0HnKnHTx4AvU5cjdUG37UVb8RAFuWd33UrJ25UPrVEjoTTUlQEUGSGQLPbIsSd7dUVYP4bmtmHqsYEXu4tQBSsjZa4mUZamdZaoTdQ70brkXrYj0EANSUrAWUYXTtnXmFJmQbZbMXTvp4qUa2a7RoT7jYFUfo8EWQFIIWG7Bfk1o5k/http://www.cidi.org/NepalRelief?utm_medium=banner&utm_source=exponential&utm_campaign=adcouncil&utm_content=nepal

Search URL Search Domain Scan URL

URL: https://xenforo.com/
Title: Community platform by XenForo® © 2010-2022 XenForo Ltd.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 92

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 124

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 131

https://a.tribalfusion.com/i.match?p=b24&u=18072662250093743627&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662250093743627

Request Chain 132

https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662250093743627&_origin=1&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662250093743627&_origin=1&redir=true&verify=true HTTP 302
https://a.tribalfusion.com/i.match?p=b17&u=y-1MXMWH1E2uhwhN52bRx.VSpK9Hmi91k-~A

Request Chain 134

https://a.tribalfusion.com/i.match?p=b22&u=18072662250093743627&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662250093743627

Request Chain 135

https://dpm.demdex.net/ibs:dpid=22054&dpuuid=18072662250093743627&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22054&dpuuid=18072662250093743627&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D HTTP 302
https://a.tribalfusion.com/i.match?p=b13&u=75170783316888296191649425908179333557

Request Chain 136

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662250093743627&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D&cm_dsp_id=131&external_user_id=18072662250093743627&C=1 HTTP 302
https://a.tribalfusion.com/i.match?p=b20&u=Y-wHDMx9LkVdzN5yCBaUuAAA

Request Chain 137

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D18072662250093743627%2526r%253Dhttps%25253A//a.tribalfusion.com/i.match%25253Fp%25253Db11%252526u%25253D%252524%25257BPUBMATIC_UID%25257D HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D18072662250093743627%2526r%253Dhttps%25253A//a.tribalfusion.com/i.match%25253Fp%25253Db11%252526u%25253D%252524%25257BPUBMATIC_UID%25257D&rdf=1 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662250093743627&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_UID%7D HTTP 302
https://a.tribalfusion.com/i.match?p=b11&u=AB9C5370-6F7C-43EF-928D-F631477BF252

Request Chain 138

https://a.tribalfusion.com/i.match?p=b10&u=18072662250093743627&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662250093743627&expires=180

Request Chain 139

https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662250093743627&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662250093743627&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID&__user_check__=1&sync_id=ed1edcdd-b63d-11ed-b22e-180e33a50206 HTTP 302
https://a.tribalfusion.com/i.match?p=b19&u=ed1edc83-b63d-11ed-b22e-180e33a50206

Request Chain 172

https://redirector.gvt1.com/videoplayback?id=51ff753b6f8b6181&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1677468460&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=6F2909624030F12C1416627E21C932C191B5338B.276DEA0D9082253125F36A680B373E0014B9E0C5&key=ck2 HTTP 302
https://r4---sn-5hnekn76.gvt1.com/videoplayback?id=51ff753b6f8b6181&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1677468460&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=47E38F31775D5BBB580A93E90E4848B82FC8C34C.143B5B9319DE9EAD0897A649863B2385E13E5CDD&key=cms1&cms_redirect=yes&mh=0L&mip=2a03:1b20:6:f011::9e&mm=28&mn=sn-5hnekn76&ms=nvh&mt=1677459970&mv=u&mvi=4&pl=48

187 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.psxhax.com/ 71 KB
14 KB 768ms
731ms Document
text/html 2606:4700:3037::ac43:a839
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.psxhax.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:a839 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a47a8a24cb3e6da390d4280d4b8037c7059f5a4d461e8924f3d394199842560f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 79fd2395eb2635e0-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 27 Feb 2023 01:27:37 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
last-modified: Mon, 27 Feb 2023 01:27:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TKWhhFhfzek%2FemlejyAx%2FVNhwVqUeKAjDekkSbfePAaJq6tVOf9auasPYIWf4Q2Rb1hM3yTXMvAJESBgU3yr%2BnoP1aV2M3ebAqFClysE%2FveyUu%2BarxTFbeBKRYbJzo4MuWxAeIyxxgjy10LKzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
49 KB 180ms
73ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8005854987520958

Requested by

Host: www.psxhax.com
URL: https://www.psxhax.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d60cda7691b0c9bb87c98dc37cf9752e3617019b9a78412f13cb3bd353cbafe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.psxhax.com/
Origin: https://www.psxhax.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49620
x-xss-protection: 0
server: cafe
etag: 1610698738628677911
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 27 Feb 2023 01:27:37 GMT

GET
H2 200 fa-regular-400.woff2
www.psxhax.com/styles/fonts/fa/ 165 KB
165 KB 24ms
22ms Font
font/woff2 2606:4700:3037::ac43:a839
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.psxhax.com/styles/fonts/fa/fa-regular-400.woff2?_v=5.15.3
Requested by: Host: www.psxhax.com
URL: https://www.psxhax.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a839 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938

Request headers

Referer: https://www.psxhax.com/
Origin: https://www.psxhax.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:37 GMT
cf-cache-status: HIT
last-modified: Sun, 11 Jul 2021 06:16:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2232206
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ntbqNXPakjPV0bo1eR2X%2FrYuEk0zmLM07uJFwYoK0gyQrTjmAjZ0ZFS032%2FUDMF%2BE9QWX6%2BDhImPjlbunwgkR8AYoJGSkcTtv75xJYKJJkPkMVItt8i7izUMGPmF65Cza6bOefmsSpF%2Bf9i0XA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=2592000
cf-ray: 79fd239a9e0835e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 03 Mar 2023 05:24:10 GMT

GET
H2 200 fa-solid-900.woff2
www.psxhax.com/styles/fonts/fa/ 134 KB
134 KB 41ms
40ms Font
font/woff2 2606:4700:3037::ac43:a839
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.psxhax.com/styles/fonts/fa/fa-solid-900.woff2?_v=5.15.3
Requested by: Host: www.psxhax.com
URL: https://www.psxhax.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a839 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c

Request headers

Referer: https://www.psxhax.com/
Origin: https://www.psxhax.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:37 GMT
cf-cache-status: HIT
last-modified: Sun, 11 Jul 2021 06:16:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2232206
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KemBq9ev4v%2FQR0haCITR4VeDKeIekRtYEh9GfrFKf%2BgE9QDuiE10sIjaXHvKWG2nubdndUkw9rffef6s62t7K%2BwZxBtP7z9L9nrXO%2BEnmbKg7KNxodBzYLqHrcwmsxZvKPeXcJ4NYuht9cZyNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=2592000
cf-ray: 79fd239a9e0a35e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 03 Mar 2023 05:24:10 GMT

GET
H2 200 fa-brands-400.woff2
www.psxhax.com/styles/fonts/fa/ 75 KB
75 KB 41ms
40ms Font
font/woff2 2606:4700:3037::ac43:a839
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.psxhax.com/styles/fonts/fa/fa-brands-400.woff2?_v=5.15.3
Requested by: Host: www.psxhax.com
URL: https://www.psxhax.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a839 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2497d559960ba9e1c68f41674e8bc980d3b229155e068bc7f42f157f81c4388

Request headers

Referer: https://www.psxhax.com/
Origin: https://www.psxhax.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:37 GMT
cf-cache-status: HIT
last-modified: Sun, 11 Jul 2021 06:16:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2232206
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9FiLe5nM43FrSJDtMnYb2BITz7jfA0xOxcLB3I80Sv2ayWkb8G5%2BzgZh4jSKNLQCQsvFlK3ZTm4hzmjXRiEpGWtzp818ggE1eBBWfagPEqjs6QVnNx0l6swur3rdIpE%2FN11k3BSy7MH%2BgU00eQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=2592000
cf-ray: 79fd239a9e0d35e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 03 Mar 2023 05:24:10 GMT

GET
H2 200 css.php
www.psxhax.com/ 405 KB
65 KB 546ms
545ms Stylesheet
text/css 2606:4700:3037::ac43:a839
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.psxhax.com/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=13&l=1&d=1677016264&k=2e657b89a55a75504825801bc2fa6a6b5233b106

Requested by

Host: www.psxhax.com
URL: https://www.psxhax.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:a839 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fc850737e688d6d4a3f2b0a12c3fbc59a55f2ee935c0104e5e363222c7eb9ee

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 21 Feb 2023 21:51:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: text/css; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=53HbLFaxuJdZljwJBLc0ohNESANKPpQ0MDRGmBB5w6irltbIIQ1ZHp1mlTwXlETOWiwweE%2B09M9BSefaAwcyLmyZgx32mLU34s2umNggNLoEyTEAE9gtuF08ARwifTpVCz9%2FpR3T%2Fhg9Ig1LaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 79fd239a9e0b35e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 27 Feb 2024 01:27:37 GMT

GET
H2 200 css.php
www.psxhax.com/ 52 KB
9 KB 528ms
527ms Stylesheet
text/css 2606:4700:3037::ac43:a839
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.psxhax.com/css.php?css=public%3AEWRporta.less%2Cpublic%3AEWRporta_articles.less%2Cpublic%3Amessage.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Aextra.less&s=13&l=1&d=1677016264&k=7664906e3b25606c051cf0712546000be124ab2c

Requested by

Host: www.psxhax.com
URL: https://www.psxhax.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:a839 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c2ff2b081ffb0a6be13a2c93c2d212f51ca3b615ced598b2554e77743a7324f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 21 Feb 2023 21:51:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: text/css; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BuZlLeZGhlSDS%2BIdxUmQNY58nHLhQcyYSJ0f8JhXsvfqxgOdQKz5MKpcBsPDUjk2FbZUVPgDP3KtBZB892V1G%2BXnrx1DawWOHR3AoFXX33FhylIcfKRth3QkwicEkMClmwp3YCF9R4GaFiMxCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 79fd239a9e0c35e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 27 Feb 2024 01:27:37 GMT

GET
H2 200 preamble.min.js Show response
www.psxhax.com/js/xf/ 3 KB
2 KB 41ms
41ms Script
application/javascript 2606:4700:3037::ac43:a839
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.psxhax.com/js/xf/preamble.min.js?_v=0620dde7
Requested by: Host: www.psxhax.com
URL: https://www.psxhax.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a839 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c803ce6d437915781a624a97755010f88deffd73bcf1a8e40fe98fc2d0e1ca3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Dec 2022 02:00:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 254329
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2Fxt7N%2F5jRFqInhSC0aFvGTNUFDECudbSZZoPBoMMXDJ%2FVMl7fnvQNgMu2envMTadR%2BZYmRp069kun34JAjkF1g6UPiHu%2BX8ep0GLDWcBGzSzDpncizrSvoJ9ry35xEnBj5sUQQps4voecW96g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 79fd239a9e0e35e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 26 Mar 2023 02:48:48 GMT

GET consent_widget.js
vibrant.mgr.consensu.org/ 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 163 KB
60 KB 143ms
51ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-97902629-1

Requested by

Host: www.psxhax.com
URL: https://www.psxhax.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

07b0ad1bc3c3b0639fd0c0cc9abdf0360b7c0479a98dbb03e603028786cab310

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 61131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 27 Feb 2023 01:27:38 GMT

GET
H3 200 logo.png
www.psxhax.com/styles/default/xenforo/ 5 KB
5 KB 50ms
48ms Image
image/png 2606:4700:3037::ac43:a839
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.psxhax.com/styles/default/xenforo/logo.png
Requested by: Host: www.psxhax.com
URL: https://www.psxhax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:a839 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7602d5ede590debc68e8aa1b09ecd91f9cfed9cb1dce3d750130bfc6b2193fab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:38 GMT
cf-cache-status: HIT
last-modified: Thu, 09 May 2019 17:32:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2239920
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zwn%2FQ7ZT2me%2Ft9LATRZnnAL8JPY%2BpmSHSCvrgDOlAFrvc4vvr2vqjYrXJMn%2BCWBSTTAoxMIonA3DJLG8idt0XodVNBfEcJn41IocRk2jfS7ROf3Bsy2HCBhwml%2F9LcfgCNWZHfVrl6DlMJnsPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 79fd23a16be837cc-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4747
expires: Fri, 03 Mar 2023 03:15:38 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
49 KB 143ms
60ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.psxhax.com
URL: https://www.psxhax.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62a4de2f1e555aecfb672450842ad5074f9c36da3e87db0c27184a4ee377b1e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49630
x-xss-protection: 0
server: cafe
etag: 6514477263501705224
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 27 Feb 2023 01:27:38 GMT

GET
H2 200 tags.js Show response
tags.expo9.exponential.com/tags/PS3News/Portal/ 59 KB
14 KB 221ms
185ms Script
application/x-javascript 2606:4700::6812:cdb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.expo9.exponential.com/tags/PS3News/Portal/tags.js
Requested by: Host: www.psxhax.com
URL: https://www.psxhax.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:cdb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 461d807c1206e92d0e6c19fc7dd837098ecd7c9fb5c40ee4705267368445b927

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:38 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14180
x-function: 151
last-modified: Fri, 17 Feb 2023 18:05:21 GMT
server: cloudflare
x-reuse-index: 3
etag: 4653270685136467926
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600, private
cf-ray: 79fd239eb9ac373a-FRA
expires: Mon, 27 Feb 2023 02:27:38 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 179ms
47ms Script
text/javascript 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.psxhax.com
URL: https://www.psxhax.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 19:30:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 367055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Feb 2024 19:30:03 GMT

GET
H3 200 vendor-compiled.js Show response
www.psxhax.com/js/vendor/ 43 KB
13 KB 25ms
24ms Script
application/javascript 2606:4700:3037::ac43:a839
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.psxhax.com/js/vendor/vendor-compiled.js?_v=0620dde7
Requested by: Host: www.psxhax.com
URL: https://www.psxhax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:a839 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3507ca14c84cbffccd872e634a84d93f50882c817e66ffdf2643a7ed884a205e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Sep 2021 05:23:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2239920
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3hXS9h7vsDJ5LPQ4RshiPu6fCXzXqBGlNf5KpW9cZO8PEhLOFg8fYjTNP10Wuw067vvEHvIeYafdrT%2FL2Ypr3mMS2mu3R3m6zYdySfmW6KWzDiku8%2BuPvArh9aS%2F153ZSHxgRciH%2Bqim6VMH2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 79fd23a0eb9137cc-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 03 Mar 2023 03:15:38 GMT

GET
H3 200 core-compiled.js Show response
www.psxhax.com/js/xf/ 209 KB
61 KB 26ms
25ms Script
application/javascript 2606:4700:3037::ac43:a839
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.psxhax.com/js/xf/core-compiled.js?_v=0620dde7
Requested by: Host: www.psxhax.com
URL: https://www.psxhax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:a839 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24e884826b5cd569ce84c3359aa45f74b5f2fc4ea999ec5a351f2f654b024b18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Dec 2022 02:00:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2240205
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gpZdfE2GZ9fypNGfiDP%2BY9SAztgl7GJCQt5%2BHLBqfnICSWXWFHqZhwwOv1vsU6YOwQOHS%2F3a6nFH5Sg2BJrlPg8p2kfELI2XWWcaMNJoNCq4Wti1%2FPbUaA5CdWpFE5D8NhTGsHST6kKI0yXzog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 79fd23a16be337cc-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 03 Mar 2023 03:10:53 GMT

GET
H3 200 portal.js Show response
www.psxhax.com/js/8wayrun/porta/ 7 KB
2 KB 24ms
24ms Script
application/javascript 2606:4700:3037::ac43:a839
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.psxhax.com/js/8wayrun/porta/portal.js?_v=0620dde7
Requested by: Host: www.psxhax.com
URL: https://www.psxhax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:a839 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05b719452e7a240b691564a0e0bb3280195cde4ece957993a3fe28f2250fb914

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 29 Nov 2020 20:26:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2239920
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rspJJgsVUnsWwXUADmiUx4B1y9Mk3iIEVLCVp4k%2FsZV%2BW4Sw6ErdAsY7%2FTw5q5koOrpUOFzJ5LDX9P9SLIJvM8HYqcrQJFGrqxtGYNWFlLlhSV8dCgA6GWWGC9aVHQqkLYmHPhDvCuKBGPQZhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 79fd23a16be637cc-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 03 Mar 2023 03:15:38 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/ 366 KB
120 KB 150ms
68ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8005854987520958&plah=www.psxhax.com&bust=31072479

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8005854987520958

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6e01b3d66e1eaea3fe19724980199a21c0942e0c886821d55959337d061e77d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123272
x-xss-protection: 0
server: cafe
etag: 11375280881528376816
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 27 Feb 2023 01:27:38 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/ Frame 0EB6 10 KB
5 KB 176ms
45ms Document
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8005854987520958

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.psxhax.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 52015
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Feb 2023 11:00:42 GMT
etag: 10353107486223812946
expires: Sun, 12 Mar 2023 11:00:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 front.asp Show response
k.intellitxt.com/intellitxt/ 2 KB
2 KB 349ms
108ms Script
application/javascript 184.73.143.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://k.intellitxt.com/intellitxt/front.asp?ipid=89912
Requested by: Host: www.psxhax.com
URL: https://www.psxhax.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.73.143.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-73-143-27.compute-1.amazonaws.com
Software: / Kormorant
Resource Hash: 2dec4db6a28ba53832770dd003af3cc78bf7375b7d67d0f7a1439cf65ad7b852

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 01:27:38 GMT
x-powered-by: Kormorant
vary: *
content-type: application/javascript; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
content-length: 2025
expires: Fri, 08 Jan 2016 00:00:00 GMT

GET
H3 200 /
www.psxhax.com/articles/attachments/latest-backported-ps4-pkg-games-released-in-playstation-4-scene-png.8110/ 120 KB
121 KB 633ms
633ms Image
image/png 2606:4700:3037::ac43:a839
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.psxhax.com/articles/attachments/latest-backported-ps4-pkg-games-released-in-playstation-4-scene-png.8110/

Requested by

Host: www.psxhax.com
URL: https://www.psxhax.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:a839 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

090410043ee58852a8b85e0e303ca3c5cc96cbed13b2473abdfab0458189b644

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:39 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="Latest Backported PS4 PKG Games Released in PlayStation 4 Scene.png"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 27 Feb 2023 01:27:38 GMT
server: cloudflare
etag: W/"1677365517-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KdpLPv3NvbqZeHavYWbbkAdOyQv2B9ziorzfekPp3wH837aZqzFimLxuk1OT8mjAUzIOd%2BLt%2BDzSDjWndul6aVuAn1mhqRB9RQp%2FjBvMsCM4wqeH8RSyV6kp2jlMyNjtZ71DaQDp2mugsivQqg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private, no-cache, max-age=0
cf-ray: 79fd23a17bf437cc-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 /
www.psxhax.com/articles/attachments/miraculous-rise-of-the-sphinx-v1-03-backported-ps4-fake-pkg-fpkg-png.8109/ 77 KB
78 KB 596ms
596ms Image
image/png 2606:4700:3037::ac43:a839
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.psxhax.com/articles/attachments/miraculous-rise-of-the-sphinx-v1-03-backported-ps4-fake-pkg-fpkg-png.8109/

Requested by

Host: www.psxhax.com
URL: https://www.psxhax.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:a839 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2df8af9e166d0820e41c363dd3016989135f9c52630782b87f26dafadb3ff66b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:39 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="Miraculous Rise of the Sphinx v1.03 Backported PS4 Fake PKG (FPKG).png"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 27 Feb 2023 01:27:38 GMT
server: cloudflare
etag: W/"1677216793-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3zRbTnTGZHAGj2QZRSNpe2l0i8lBXlDi7FTIQ0xEeeLDor1%2BJeNhVExjmoumkx14hMOqLdvELZ%2FEhF7fKTpZwUzIuumX5CnM5iHYu2LKda%2FRZ83KBR%2BcQtTzRugOJexwu2khoTgTIp8DbBClJA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private, no-cache, max-age=0
cf-ray: 79fd23a17bf537cc-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 /
www.psxhax.com/articles/attachments/next-playstation-state-of-play-on-february-23-ps-vr2-reveals-more-png.8106/ 63 KB
64 KB 573ms
572ms Image
image/png 2606:4700:3037::ac43:a839
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.psxhax.com/articles/attachments/next-playstation-state-of-play-on-february-23-ps-vr2-reveals-more-png.8106/

Requested by

Host: www.psxhax.com
URL: https://www.psxhax.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:a839 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b55201112fe21a0737eae946afdde2cc495c5150ccbafb1105c1bebeeb3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:39 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="Next PlayStation State of Play on February 23, PS VR2 Reveals & More!.png"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 27 Feb 2023 01:27:38 GMT
server: cloudflare
etag: W/"1677038317-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6amW8Mn38RwMutfkFi3YrKadtIS3Sfobso8iGom9ZeLn5EOm6KqFiMQeeSZqLekfCqVaPA6C9owrbforwT55AWtivyIp4IiuUvkuN1oENwe06qd%2FuQkhesU3M1w5i6qL27zhxhV88WrY4A1%2B%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private, no-cache, max-age=0
cf-ray: 79fd23a19bfd37cc-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 /
www.psxhax.com/articles/attachments/atomic-heart-premium-edition-assassins-creed-valhalla-ps4-pkgs-png.8108/ 126 KB
127 KB 585ms
584ms Image
image/png 2606:4700:3037::ac43:a839
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.psxhax.com/articles/attachments/atomic-heart-premium-edition-assassins-creed-valhalla-ps4-pkgs-png.8108/

Requested by

Host: www.psxhax.com
URL: https://www.psxhax.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:a839 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05cfb7a0197d0db39e9115c9388f6808d1aa4411e7c578042a35bc6fe046085b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:39 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="Atomic Heart Premium Edition & Assassin's Creed Valhalla PS4 PKGs.png"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 27 Feb 2023 01:27:38 GMT
server: cloudflare
etag: W/"1677127751-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BBB2fwojiC8v%2BcvrYYSqM5aucGbxI1oNCE4hpERswEZi5Z71efmqUH%2Fcdje16egi184mMIHQykEXHg3NUO3nd%2BQbxKF8l%2FWAbXXswjFkzTfmcljkZpKo4rzD07hnDNdQMer%2F67DwfihY1k6eSw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private, no-cache, max-age=0
cf-ray: 79fd23a19bfe37cc-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 displayAd.js Show response
s.tribalfusion.com/ 677 B
916 B 219ms
168ms Script
application/x-javascript 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/displayAd.js?dver=0.9&th=7997709702
Requested by: Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/PS3News/Portal/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fdf2f6e6ccde71ef78801016c08a8d810233c1095ec1b48c0645c685ffd9e7e

Request headers

Referer: https://www.psxhax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 27 Feb 2023 01:27:38 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-function: 153
last-modified: Fri, 17 Feb 2023 18:04:49 GMT
server: cloudflare
x-reuse-index: 1236
vary: Accept-Encoding
content-type: application/x-javascript
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: private
cf-ray: 79fd23a1fc9e9b9e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 329
expires: Sun, 28 May 2023 01:27:38 GMT

GET
H3 200 /
www.psxhax.com/articles/attachments/retroarch-ps2-emulators-pack-for-ps4-ps5-scene-by-markus95-png.8107/ 106 KB
107 KB 692ms
691ms Image
image/png 2606:4700:3037::ac43:a839
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.psxhax.com/articles/attachments/retroarch-ps2-emulators-pack-for-ps4-ps5-scene-by-markus95-png.8107/

Requested by

Host: www.psxhax.com
URL: https://www.psxhax.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:a839 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52e4a8f7d613a3c0b79f02622ae61f93ac544a3075f4f8b4c91047c499beb277

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:39 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="RetroArch PS2 Emulators Pack for PS4 & PS5 Scene by Markus95.png"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 27 Feb 2023 01:27:38 GMT
server: cloudflare
etag: W/"1677125522-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aKzd0Szj1mPUS1ZbNtyeMkIQ3kvmGE0ZXIeF0KJxcVTRXoAUAZrsE%2FxLvAGhskeu%2Fw0GLjf5DTs52An0xbgx97UiCO86NgeeBbHdg1kdlvWX5dW5ircd%2FkuxOl7kMKHwVOWwuPJeqcIKZmC2%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private, no-cache, max-age=0
cf-ray: 79fd23a1ac0a37cc-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 /
www.psxhax.com/articles/attachments/sony-reveals-10-new-ps-vr2-titles-launch-window-lineup-over-40-games-jpg.8104/ 70 KB
70 KB 736ms
734ms Image
image/jpeg 2606:4700:3037::ac43:a839
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.psxhax.com/articles/attachments/sony-reveals-10-new-ps-vr2-titles-launch-window-lineup-over-40-games-jpg.8104/

Requested by

Host: www.psxhax.com
URL: https://www.psxhax.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:a839 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f1e5c227263c141d5ce2acbc5d2a4a2b5fbf4c07e33a0b311e804bf53a89014

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:39 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="Sony Reveals 10 New PS VR2 Titles, Launch Window Lineup Over 40 Games.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 27 Feb 2023 01:27:39 GMT
server: cloudflare
etag: W/"1677019408-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5rV2jadystC30G5mCwVkaBxGb02BIEjzO4V1qKPfXKT4woEnVXOQL2iCnx6TVOyr75IFznl4sMu%2BX5Oga9IjkoJA%2BAcPcDwF8Jaq2CDGakSK0BVIceeUXYcdbakU2cQ0KmROZTo0hA%2FEQcjEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private, no-cache, max-age=0
cf-ray: 79fd23a1ac0e37cc-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 /
www.psxhax.com/articles/attachments/beats-of-rage-ps2-homebrew-game-mods-on-ps4-ps5-by-markus95-jpg.8105/ 83 KB
84 KB 680ms
678ms Image
image/jpeg 2606:4700:3037::ac43:a839
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.psxhax.com/articles/attachments/beats-of-rage-ps2-homebrew-game-mods-on-ps4-ps5-by-markus95-jpg.8105/

Requested by

Host: www.psxhax.com
URL: https://www.psxhax.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:a839 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86dbdb58da84e2ea85f4620a126984e174ea1b04ff6e1d7eec6bf86245fe21bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:39 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="Beats of Rage PS2 Homebrew Game Mods on PS4 & PS5 by Markus95.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 27 Feb 2023 01:27:38 GMT
server: cloudflare
etag: W/"1677033468-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z2fOi%2FPOssZTlldb0Apjz6cy2NeUN4wpAyq6KFbmwOnw2Cg0KPyWhyRzqnzd%2FKNl5QuHEDRKacC7v7XG80SCAF9g0VsZPMHYw2JcIMimj1qF%2Bfm9jd6HtXM%2FiTtTf6f%2Faky%2FaXGixo3zNbdeDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private, no-cache, max-age=0
cf-ray: 79fd23a1ac0f37cc-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 /
www.psxhax.com/articles/attachments/mount-blade-ii-bannerlord-and-the-callisto-protocol-dlc-ps4-pkgs-png.8103/ 131 KB
132 KB 648ms
646ms Image
image/png 2606:4700:3037::ac43:a839
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.psxhax.com/articles/attachments/mount-blade-ii-bannerlord-and-the-callisto-protocol-dlc-ps4-pkgs-png.8103/

Requested by

Host: www.psxhax.com
URL: https://www.psxhax.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:a839 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

690577ffb7b424234d23d717f8919dd6b58f86a4b1d2d93b88323863e24ccba2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:39 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="Mount & Blade II Bannerlord and The Callisto Protocol + DLC PS4 PKGs.png"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 27 Feb 2023 01:27:38 GMT
server: cloudflare
etag: W/"1676953736-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ds6f4AWsToffv0JBy7o2nCYUgf2%2BZ1tJwGGfVKvXkhhQNj%2FqpLKt1jERUbmO2K%2B3XsFkt5uoXcVXWYv2OmmdlpRhwzLZWAJIGOYcF8cMq3AVomIbI3DvQjlxOoBs2aMIDnoWcR4WHjjy7aBSrg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private, no-cache, max-age=0
cf-ray: 79fd23a1ac1037cc-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 sprite_sheet_emojione.png
www.psxhax.com/styles/default/xenforo/smilies/emojione/ 80 KB
80 KB 24ms
22ms Image
image/png 2606:4700:3037::ac43:a839
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.psxhax.com/styles/default/xenforo/smilies/emojione/sprite_sheet_emojione.png
Requested by: Host: www.psxhax.com
URL: https://www.psxhax.com/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=13&l=1&d=1677016264&k=2e657b89a55a75504825801bc2fa6a6b5233b106
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:a839 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6ebd5451c5ac8155217093ed656a5eef49ab9d1ffe0c979de54bfb5a2f958c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=13&l=1&d=1677016264&k=2e657b89a55a75504825801bc2fa6a6b5233b106
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:38 GMT
cf-cache-status: HIT
last-modified: Sun, 29 Nov 2020 20:13:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2239918
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ZjjYNg2jyZSZZ9KAliinWfD2WsQJihwbnoVL5Hmde9Bu42dEWs5IGeU5A4OrdDUwDWScHZxNN%2FhiZ3Of97eVrzYzCJqYxHyChoi5zE4Z3NBaud13%2FrtnfOuLYuxjqK%2BarNwkm5t2i8N%2B%2BWPLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 79fd23a1ac1137cc-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 81639
expires: Fri, 03 Mar 2023 03:15:40 GMT

GET
H3 200 /
www.psxhax.com/articles/attachments/new-ps5-ps-vr2-game-trailer-videos-in-playstation-5-scene-jpg.8102/ 81 KB
82 KB 704ms
703ms Image
image/jpeg 2606:4700:3037::ac43:a839
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.psxhax.com/articles/attachments/new-ps5-ps-vr2-game-trailer-videos-in-playstation-5-scene-jpg.8102/

Requested by

Host: www.psxhax.com
URL: https://www.psxhax.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:a839 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

537bf54420bb62c05494d6f7d335b4acb15b9ce0bbc9cd31882ac802a43c69bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:39 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="New PS5 & PS VR2 Game Trailer Videos in PlayStation 5 Scene.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 27 Feb 2023 01:27:39 GMT
server: cloudflare
etag: W/"1676946647-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pMvqRtS2dLPS4M2HdjGNfsiLGS8Xoa4Apl7PkasRoHaKtFb%2Fq%2B8%2Bm5qMOUiWkujmF2XHL3ljrrcp9ODV%2BxlhEY2fnZ9%2FrheRCRewSX%2BW08JUm3vsWzmCii3W6XbkmZ6BmNSxBvQmpMq8SExh2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private, no-cache, max-age=0
cf-ray: 79fd23a1ac1337cc-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 /
www.psxhax.com/articles/attachments/latest-ps4-fake-pkg-fpkg-games-arrive-in-playstation-4-scene-png.8101/ 120 KB
121 KB 654ms
652ms Image
image/png 2606:4700:3037::ac43:a839
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.psxhax.com/articles/attachments/latest-ps4-fake-pkg-fpkg-games-arrive-in-playstation-4-scene-png.8101/

Requested by

Host: www.psxhax.com
URL: https://www.psxhax.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:a839 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6d9aff8dd7c2f65f16c77e451555fc8a3cc542e90ae02070d258a2ab275cfc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:39 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="Latest PS4 Fake PKG (FPKG) Games Arrive in PlayStation 4 Scene.png"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 27 Feb 2023 01:27:38 GMT
server: cloudflare
etag: W/"1676852081-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RjIX3RdUmLi%2BsfR5d2QvIPbstu7laoJa7R5Q9zVPskPMKguMBHqCa6WiQVkl9l6Xexc6d0zzLxHsrecZS%2FOEnlJpDoJLO%2Fzz54eu34PS24yazCoHOhdNX7JI6mXxJUjGe9LkmCedifeG1EMH%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private, no-cache, max-age=0
cf-ray: 79fd23a1ac1437cc-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 235 KB
81 KB 73ms
72ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P2FNCYD56C&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-97902629-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ceaaae50bbaddeef8ce7921a4eee48a70dd2732986ee8b7fc636df24657a8b76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82500
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 27 Feb 2023 01:27:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 133 KB
53 KB 51ms
51ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-352644057&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-97902629-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f40bc51626ab62cf700d5f776661e29938b0d44a23a0e414a812ff172765e0df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53686
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 27 Feb 2023 01:27:38 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 123ms
38ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-97902629-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Feb 2023 00:14:50 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4368
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 27 Feb 2023 02:14:50 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
602 B 131ms
46ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.psxhax.com&callback=_gfp_s_&client=ca-pub-8005854987520958

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8005854987520958&plah=www.psxhax.com&bust=31072479

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83b59a029a0db2bc865481a5268bf671a1d4a8248174764245aeaeb5f102660e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 157ms
47ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.psxhax.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 144ms
46ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.psxhax.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9C14 370 KB
66 KB 616ms
614ms Document
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8005854987520958&output=html&adk=85976724&adf=3412083302&lmt=1677461257&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fwww.psxhax.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677461257623&bpp=840&bdt=256&idt=1104&shv=r20230222&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7039962653905&frm=20&pv=2&ga_vid=695592936.1677461259&ga_sid=1677461259&ga_hid=78615684&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C44759837%2C31071756%2C31072349%2C31072479&oid=2&pvsid=865209615759606&tmod=925318156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1135

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e5078e029cecec0cb3ed133773f0345ff4a7ec2866f95dff0c537deb25a55f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.psxhax.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 67354
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 01:27:39 GMT
expires: Mon, 27 Feb 2023 01:27:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3BE6 96 KB
33 KB 1009ms
1008ms Document
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8005854987520958&output=html&h=280&slotname=8632507878&adk=3092499905&adf=1881517600&pi=t.ma~as.8632507878&w=1180&fwrn=4&fwrnh=100&lmt=1677461257&rafmt=1&format=1180x280&url=https%3A%2F%2Fwww.psxhax.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677461258471&bpp=4&bdt=1105&idt=291&shv=r20230222&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7039962653905&frm=20&pv=1&ga_vid=695592936.1677461259&ga_sid=1677461259&ga_hid=78615684&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C44759837%2C31071756%2C31072349%2C31072479&oid=2&pvsid=865209615759606&tmod=925318156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WzdUTnwChd&p=https%3A//www.psxhax.com&dtd=296

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e70d2d76e64988bc90450f1ce0f9c1d87894d3e51b91fad964cfde3be126ae31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.psxhax.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33427
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 01:27:39 GMT
expires: Mon, 27 Feb 2023 01:27:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 j.ad Show response
s.tribalfusion.com/ 6 KB
3 KB 179ms
178ms Script
application/x-javascript 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7997709702&tagKey=1258583474&site=ps3news&adSpace=portal&center=1&size=300x600,300x250&env=display&url=https%3A%2F%2Fwww.psxhax.com%2F&f=0&p=1181617&tKey=aJmneMPsnsQdJw0drsWPYNPF3kR9UuQC&a=1&adContainerId=richmedia_2&rnd=1179636
Requested by: Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/PS3News/Portal/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83a085295631ebdab7f6be50bb3f7d3a190a950956724bb2feaf7aa9f6e0b3b7

Request headers

Referer: https://www.psxhax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 01:27:38 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-function: 101
server: cloudflare
x-reuse-index: 184
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: private, no-cache, no-store, proxy-revalidate
cf-ray: 79fd23a36d899b9e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2784
expires: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 44C4 105 KB
35 KB 1795ms
1794ms Document
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8005854987520958&output=html&h=280&slotname=3467030852&adk=4073035317&adf=2491610110&pi=t.ma~as.3467030852&w=336&fwrn=4&fwrnh=100&lmt=1677461257&rafmt=1&format=336x280&url=https%3A%2F%2Fwww.psxhax.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677461258476&bpp=7&bdt=1109&idt=302&shv=r20230222&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1180x280&nras=1&correlator=7039962653905&frm=20&pv=1&ga_vid=695592936.1677461259&ga_sid=1677461259&ga_hid=78615684&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=459&ady=839&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C44759837%2C31071756%2C31072349%2C31072479&oid=2&pvsid=865209615759606&tmod=925318156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=cE77dPpdAE&p=https%3A//www.psxhax.com&dtd=306

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0978b69cf9f462ef95abbd673d3f4795edba8b87f4dd4ba4df6e90310a45412

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.psxhax.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 35686
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 01:27:40 GMT
expires: Mon, 27 Feb 2023 01:27:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 824D 83 KB
31 KB 413ms
412ms Document
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8005854987520958&output=html&h=280&slotname=6154217023&adk=1388165302&adf=1854885621&pi=t.ma~as.6154217023&w=336&fwrn=4&fwrnh=100&lmt=1677461257&rafmt=1&format=336x280&url=https%3A%2F%2Fwww.psxhax.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677461258489&bpp=2&bdt=1122&idt=299&shv=r20230222&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1180x280%2C336x280&nras=1&correlator=7039962653905&frm=20&pv=1&ga_vid=695592936.1677461259&ga_sid=1677461259&ga_hid=78615684&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=459&ady=1454&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C44759837%2C31071756%2C31072349%2C31072479&oid=2&pvsid=865209615759606&tmod=925318156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=cYTUXGcnFl&p=https%3A//www.psxhax.com&dtd=303

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27e1e0f7700307d18bb40a09bf5e6d7272f26f1791ee0a1ebcfc524cc1fd9767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.psxhax.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 31610
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 01:27:39 GMT
expires: Mon, 27 Feb 2023 01:27:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
245 B 50ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-352644057&gtm=45je32m0&_p=78615684&cid=695592936.1677461259&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677461258&sct=1&seg=0&dl=https%3A%2F%2Fwww.psxhax.com%2F&dt=PSXHAX%20-%20PSXHACKS&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-352644057&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 01:27:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.psxhax.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 23ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-P2FNCYD56C&gtm=45je32m0&_p=78615684&cid=695592936.1677461259&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677461258&sct=1&seg=0&dl=https%3A%2F%2Fwww.psxhax.com%2F&dt=PSXHAX%20-%20PSXHACKS&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P2FNCYD56C&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 01:27:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.psxhax.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
k.intellitxt.com/go/ 5 KB
5 KB 120ms
119ms Script
text/javascript 184.73.143.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://k.intellitxt.com/go/?ipid=89912&consentstr=&consenttype=&referer=https%3A%2F%2Fwww.psxhax.com%2F&script=c
Requested by: Host: k.intellitxt.com
URL: https://k.intellitxt.com/intellitxt/front.asp?ipid=89912
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.73.143.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-73-143-27.compute-1.amazonaws.com
Software: / Kormorant
Resource Hash: b6706b5e35359938604c944a8b3f6e032aa5b292b869ce69c016f42215892c85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 01:27:38 GMT
x-powered-by: Kormorant
vary: *
content-type: text/javascript; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
content-length: 4637
expires: Fri, 08 Jan 2016 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
206 B 45ms
44ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=78615684&t=pageview&_s=1&dl=https%3A%2F%2Fwww.psxhax.com%2F&ul=en-us&de=UTF-8&dt=PSXHAX%20-%20PSXHACKS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=971544280&gjid=2051301422&cid=695592936.1677461259&tid=UA-97902629-1&_gid=1583740305.1677461259&_r=1&gtm=457e32m0&z=694469784

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.psxhax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 01:27:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.psxhax.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ 2 KB
3 KB 71ms
8ms Script
application/javascript 2a02:26f0:64::210:6ad8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=3758893&cmp=29304295&plc=359257813&sid=5745037&dvregion=0&unit=300x250
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7997709702&tagKey=1258583474&site=ps3news&adSpace=portal&center=1&size=300x600,300x250&env=display&url=https%3A%2F%2Fwww.psxhax.com%2F&f=0&p=1181617&tKey=aJmneMPsnsQdJw0drsWPYNPF3kR9UuQC&a=1&adContainerId=richmedia_2&rnd=1179636
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::210:6ad8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7

Request headers

Referer: https://www.psxhax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 27 Feb 2023 01:27:39 GMT
X-GUploader-UploadID: ADPycduduemke1lO9k-yfBr0ms8obQlWcHfxy_beKbo6V1Iwrn4f3l_41ZcAyuC4tr_0-t46n1w5F70zzTyrGdyM_yKWW99LxCSi
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
Content-Length: 1922
Last-Modified: Tue, 10 Jan 2023 11:02:09 GMT
Server: UploadServer
x-goog-meta-previous-generation-number: 1673253614982549
ETag: "87b6182d03ee779aa68e37632f67656e"
x-goog-generation: 1673348529482061
Content-Type: application/javascript
x-goog-hash: crc32c=lOOx4w==, md5=h7YYLQPud5qmjjdjL2dlbg==
Cache-Control: max-age=86400
x-goog-stored-content-length: 1922
Accept-Ranges: bytes
x-goog-meta-pipeline-id: 742670731
Expires: Wed, 18 Jan 2023 14:03:13 GMT

GET
H2 200 ipg
a4.tribalfusion.com/ 43 B
310 B 293ms
260ms Image
image/gif 104.18.12.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a4.tribalfusion.com/ipg?ip6=2a03:1b20:6:f011::9e&kv=%7B%22ord%22%3A%201712924775%2C%20%22clientID%22%3A%20770113%7D
Requested by: Host: www.psxhax.com
URL: https://www.psxhax.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.12.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 01:27:39 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 79fd23a4b9632bc9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 kormorant-1.33.19.min.js Show response
images.intellitxt.com/k/ 215 KB
62 KB 42ms
8ms Script
application/javascript 13.224.189.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.intellitxt.com/k/kormorant-1.33.19.min.js
Requested by: Host: k.intellitxt.com
URL: https://k.intellitxt.com/go/?ipid=89912&consentstr=&consenttype=&referer=https%3A%2F%2Fwww.psxhax.com%2F&script=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-82.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5aeccd2ca34fb7ba2049ac9a11d28598674c3edde575433bc28eb9ee70fe5180

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 03:30:27 GMT
content-encoding: gzip
via: 1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified: Thu, 04 Aug 2022 15:51:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 856633
etag: W/"5d84636ff2d30d38c8dbd7bb846afa33"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: fyZd4EYcfBgPahRh7kC1hGVNop3rXUiBLrrmFcrHufLjbOBbc7PnSw==

GET
H/1.1 200
OK dvbs_src_internal117.js Show response
cdn.doubleverify.com/ 57 KB
19 KB 8ms
8ms Script
application/javascript 2a02:26f0:64::210:6ad8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=3758893&cmp=29304295&plc=359257813&sid=5745037&dvregion=0&unit=300x250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::210:6ad8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c

Request headers

Referer: https://www.psxhax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 27 Feb 2023 01:27:39 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 11:00:18 GMT
Server: Microsoft-IIS/10.0
ETag: "0cda5b9e224d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18840

GET
H2 200 kormorant-1.33.19.min.css
images.intellitxt.com/k/ 26 KB
7 KB 8ms
7ms Stylesheet
text/css 13.224.189.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.intellitxt.com/k/kormorant-1.33.19.min.css
Requested by: Host: images.intellitxt.com
URL: https://images.intellitxt.com/k/kormorant-1.33.19.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-82.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: acf59fc0c783f301c9c29c076ed1dffb35db7d8748b696074087ca30e2e672e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 09:10:46 GMT
content-encoding: gzip
via: 1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified: Thu, 04 Aug 2022 15:51:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 577014
etag: W/"273bddccdb5d252b47417a3fd907d0c8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: N5h5QKium9qD_oBpvNQY_l_UTv0LICb9jO-B3rMZ1KFNfhXILLLL5w==

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ 753 B
724 B 225ms
30ms Script
text/javascript 34.149.12.213
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_195173365168&jsTagObjCallback=__tagObject_callback_195173365168&num=6&ctx=3758893&cmp=29304295&plc=359257813&sid=5745037&advid=&adsrv=&unit=300x250&isdvvid=&uid=195173365168&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&brid=3&brver=110&bridua=3&dup=null&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=0&htmlmsging=1&tstype=1&m1=13&noc=4&fcifrms=5&brh=2&fwc=0&fcl=425&flt=18&fec=493&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DADI92I%5D4%40%3ETau&dvp_exetime=16.90&callbackName=__verify_callback_195173365168
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 96177240c84a6aa5de79191dca2cd556250124c874c8670c032eae6b15d5db33

Request headers

Referer: https://www.psxhax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Mon, 27 Feb 2023 01:27:39 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Expires: 02/26/2023 01:27:39

GET
H2 200 6183049517649848941
tpc.googlesyndication.com/simgad/ Frame 824D 15 KB
15 KB 156ms
50ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6183049517649848941?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkN76UOB5iBLZVN-MAPKRHFzHEHBA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8005854987520958&output=html&h=280&slotname=6154217023&adk=1388165302&adf=1854885621&pi=t.ma~as.6154217023&w=336&fwrn=4&fwrnh=100&lmt=1677461257&rafmt=1&format=336x280&url=https%3A%2F%2Fwww.psxhax.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677461258489&bpp=2&bdt=1122&idt=299&shv=r20230222&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1180x280%2C336x280&nras=1&correlator=7039962653905&frm=20&pv=1&ga_vid=695592936.1677461259&ga_sid=1677461259&ga_hid=78615684&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=459&ady=1454&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C44759837%2C31071756%2C31072349%2C31072479&oid=2&pvsid=865209615759606&tmod=925318156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=cYTUXGcnFl&p=https%3A//www.psxhax.com&dtd=303

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c14c44f9400c6362d84a6d1e30955fb1b648bbcf248ebff1c6730687cfc17fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 15:42:01 GMT
x-content-type-options: nosniff
age: 294338
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15413
x-xss-protection: 0
last-modified: Fri, 03 Dec 2021 18:36:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 23 Feb 2024 15:42:01 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/ Frame 824D 22 KB
9 KB 143ms
37ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 14:01:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 14:01:05 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 824D 3 KB
1 KB 149ms
48ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 20:04:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19385
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 20:04:34 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 824D 20 KB
8 KB 144ms
42ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 14:01:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 14:01:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 824D 158 KB
49 KB 159ms
51ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Feb 2023 01:27:39 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 824D 33 KB
13 KB 199ms
99ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea488b4ce9e192ce45a4da3bccae3141a3b7ded30dccc39c09923c3b0dbf6105

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 14:01:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13432
x-xss-protection: 0
server: cafe
etag: 14260516833774306430
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 14:01:05 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 824D 0
0 89ms
89ms Fetch
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C03HGCgf8Y__uMs-_9u8P8_K9mAeZ27SWb_-sn_afEAoQASDZtZcDYJXikIKgB6ABmY7Z6gLIAQKoAwHIA8kEqgTHAU_QNPTr6DXnFDhGaL_OTtgam6xdenoFXVgxGpfzguGZGk624ntJEs4o6OPEZR68ZNMVp22u89qIuureSJI8iZkwRxYcXHOmfnkx3PdGmkPXUIBfDvATqpaI3I1BDH0vde3ESIc7MDOp4OCQOXZ6mTdlZQRBuKUfMf5NPNfQrVW05bYw46-KgBN3YknQINLbHFlaY9JwYjW7BkLchQ7QGnfBOu7c4y2L1fZs7fc83L1uSgNBUqqIHTRnxggYiPNbfoKE9saXOkrABJSgtfX5A5IFBAgEGAGSBQQIBRgEoAYCgAfs1PbpAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEPfuDNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTgwMDU4NTQ5ODc1MjA5NTgYAA&sigh=Ia35TG4NMyo&uach_m=[UACH]&cid=CAQSGwDUE5ymofdt_L1Gi4D5qHhHBB7UXwG82Ptj6BgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8005854987520958&output=html&h=280&slotname=6154217023&adk=1388165302&adf=1854885621&pi=t.ma~as.6154217023&w=336&fwrn=4&fwrnh=100&lmt=1677461257&rafmt=1&format=336x280&url=https%3A%2F%2Fwww.psxhax.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677461258489&bpp=2&bdt=1122&idt=299&shv=r20230222&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1180x280%2C336x280&nras=1&correlator=7039962653905&frm=20&pv=1&ga_vid=695592936.1677461259&ga_sid=1677461259&ga_hid=78615684&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=459&ady=1454&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C44759837%2C31071756%2C31072349%2C31072479&oid=2&pvsid=865209615759606&tmod=925318156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=cYTUXGcnFl&p=https%3A//www.psxhax.com&dtd=303
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 27 Feb 2023 01:27:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 27 Feb 2023 01:27:39 GMT

POST
H/1.1 204
No Content bsevent.gif
rtbc-eu3.doubleverify.com/ 0
234 B 55ms
22ms Ping
text/plain 34.149.12.213
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-eu3.doubleverify.com/bsevent.gif?flvr=0&impid=80ca77f0c80e4621b7f988436ca214dc&vfdur=226&cbust=1677461259331806
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Mon, 27 Feb 2023 01:27:39 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 02/26/2023 01:27:39

GET
H2 200 tags.js Show response
tags.expo9.exponential.com/tags/ContentVerification/AdVerificationBackup_DV/ 59 KB
14 KB 186ms
185ms Script
application/x-javascript 2606:4700::6812:cdb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.expo9.exponential.com/tags/ContentVerification/AdVerificationBackup_DV/tags.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:cdb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba19faac6bd73edb5f9e01ba689cf1e5422c01a1ad1d6632dd75d282307ff3ed

Request headers

Referer: https://www.psxhax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 27 Feb 2023 01:27:39 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14148
x-function: 151
last-modified: Fri, 17 Feb 2023 18:05:21 GMT
server: cloudflare
x-reuse-index: 8
etag: 17340110318259111333
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600, private
cf-ray: 79fd23a6df02373a-FRA
expires: Mon, 27 Feb 2023 02:27:39 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/ 150 KB
51 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/reactive_library_fy2021.js?bust=31072479

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

487eed958338e0f116a58a980300edd0aefe126e24bc7a45815919f4b8ca3be9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52044
x-xss-protection: 0
server: cafe
etag: 9335993977596071055
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Feb 2023 01:27:39 GMT

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/ 87 KB
30 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/slotcar_library_fy2021.js?bust=31072479

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8005854987520958

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4419b4060c0303d336099b4a3fdae889bc607150c833a9a0c1c36e15162c0d3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30550
x-xss-protection: 0
server: cafe
etag: 16773896253103891301
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Feb 2023 01:27:39 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E8FF 143 B
166 B 48ms
48ms Document
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8005854987520958&output=html&h=280&slotname=6154217023&adk=1388165302&adf=1854885621&pi=t.ma~as.6154217023&w=336&fwrn=4&fwrnh=100&lmt=1677461257&rafmt=1&format=336x280&url=https%3A%2F%2Fwww.psxhax.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677461258489&bpp=2&bdt=1122&idt=299&shv=r20230222&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1180x280%2C336x280&nras=1&correlator=7039962653905&frm=20&pv=1&ga_vid=695592936.1677461259&ga_sid=1677461259&ga_hid=78615684&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=459&ady=1454&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C44759837%2C31071756%2C31072349%2C31072479&oid=2&pvsid=865209615759606&tmod=925318156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=cYTUXGcnFl&p=https%3A//www.psxhax.com&dtd=303
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 944
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 01:11:55 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 824D 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c41951d1a73eead732038b53f90bbcefce48eb622446eed59c5431b01afbda8c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 j.ad Show response
s.tribalfusion.com/ 835 B
1 KB 277ms
275ms Script
application/x-javascript 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7997709702&tagKey=1258583474&site=contentverification&adSpace=adverificationbackup_dv&center=1&size=300x250&env=display&url=https%3A%2F%2Fwww.psxhax.com%2F&f=0&p=1181617&tKey=aJmneMPsnsQdJw0drsWPYNPF3kR9UuQC&a=3&adContainerId=richmedia_4&rnd=1184520
Requested by: Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/PS3News/Portal/tags.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 200fb7b935a9e421c3489841a3b89f69cc3381c2ef175f09289fc62fec221b8a

Request headers

Referer: https://www.psxhax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 01:27:39 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-function: 101
server: cloudflare
x-reuse-index: 235
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: private, no-cache, no-store, proxy-revalidate
cf-ray: 79fd23a80bea3a8e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 619
expires: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 49ms
48ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.psxhax.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 51ms
51ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.psxhax.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/ Frame 1106 10 KB
4 KB 48ms
47ms Document
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.psxhax.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 52016
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Feb 2023 11:00:43 GMT
etag: 10353107486223812946
expires: Sun, 12 Mar 2023 11:00:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/ Frame 1044 10 KB
4 KB 47ms
47ms Document
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.psxhax.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 52016
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Feb 2023 11:00:43 GMT
etag: 10353107486223812946
expires: Sun, 12 Mar 2023 11:00:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/ Frame C295 10 KB
4 KB 47ms
47ms Document
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.psxhax.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 52016
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Feb 2023 11:00:43 GMT
etag: 10353107486223812946
expires: Sun, 12 Mar 2023 11:00:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 1106 8 KB
1 KB 131ms
49ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 27 Feb 2023 01:27:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 00:35:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Feb 2023 01:27:39 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 1106 2 KB
846 B 38ms
37ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 14:01:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41195
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 14:01:04 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/ Frame 1106 22 KB
9 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 14:01:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 14:01:05 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 1106 3 KB
1 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 20:04:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19385
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 20:04:34 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 1106 20 KB
8 KB 49ms
47ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 14:01:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 14:01:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1106 158 KB
48 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Feb 2023 01:27:39 GMT

GET
H2 200 ed8ae2896763956dad3710d8730c1299.js Show response
www.gstatic.com/mysidia/ Frame 1106 33 KB
14 KB 141ms
38ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ed8ae2896763956dad3710d8730c1299.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9282b885825f1f265eb093acf11379fc90dd4e156588a02790c1515822e79858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:36:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 363043
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14007
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 03:30:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 23 May 2023 20:36:56 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 1044 2 KB
799 B 39ms
39ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 14:01:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41195
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 14:01:04 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/ Frame 1044 22 KB
9 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 14:01:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 14:01:05 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 1044 3 KB
1 KB 44ms
42ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 20:04:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19385
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 20:04:34 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 1044 20 KB
8 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 14:01:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 14:01:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1044 158 KB
48 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Feb 2023 01:27:39 GMT

GET
H2 200 ed8ae2896763956dad3710d8730c1299.js Show response
www.gstatic.com/mysidia/ Frame 1044 33 KB
14 KB 136ms
48ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ed8ae2896763956dad3710d8730c1299.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9282b885825f1f265eb093acf11379fc90dd4e156588a02790c1515822e79858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:36:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 363043
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14007
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 03:30:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 23 May 2023 20:36:56 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C295 0
0 97ms
96ms Fetch
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CDWZBCgf8Y7jjMP6g7_UP1NKdmAWZ27SWb8fHn_afEAoQASDZtZcDYJXikIKgB6ABmY7Z6gLIAQKoAwHIA8kEqgTOAU_QbX4ntuFmk_8dh9iE_TzLPIXS1WxkCpBb9dno3FHia7zgzkXFaWSOZCyu35fWWLkBRwpmsCNvkCX0HbI0RmPO-rFdwBd8mZBwQT79yWIwyWzHe3Er31aXXZOkG5DbOvvizPvvSiqN1WP49c6tb2Lx8zFt-skJbyvZD1Eg6tJttDD_TjHlnxVqcyXtF35e2UQIzYzx4TfuD_qJVhS1_rDrHVyXdlXeCfjtHbjjkP_HkFqK04imYXiT-8RVB4Ec3dD0Ig77WvhJu7xuCuEbwATkpbX1-QOSBQQIBBgBkgUECAUYBKAGAoAH7NT26QKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD4zx7SCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi04MDA1ODU0OTg3NTIwOTU4GAA&sigh=ZbYH1OXdNOM&uach_m=[UACH]&cid=CAQSGwDUE5ymHHlovFz8alfrJzAb1l-zpfY3GtPMqxgB

Requested by

Host: www.psxhax.com
URL: https://www.psxhax.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 27 Feb 2023 01:27:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/ Frame C295 22 KB
9 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 14:01:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 14:01:05 GMT

GET
H2 200 442728621518790542
tpc.googlesyndication.com/simgad/ Frame C295 9 KB
9 KB 44ms
42ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/442728621518790542?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qngy2MFGq3xzX_r5nNkLfr69ccLKg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

097e0f411d0b49be37ec14420efe5b229ac5a05caf424dff528d0b6e0a43d8d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 08:46:24 GMT
x-content-type-options: nosniff
age: 232875
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9244
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 17:21:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 24 Feb 2024 08:46:24 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame C295 3 KB
1 KB 53ms
51ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 20:04:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19385
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 20:04:34 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame C295 20 KB
8 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 14:01:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 14:01:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C295 158 KB
48 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Feb 2023 01:27:39 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame C295 33 KB
13 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea488b4ce9e192ce45a4da3bccae3141a3b7ded30dccc39c09923c3b0dbf6105

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 14:01:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13432
x-xss-protection: 0
server: cafe
etag: 14260516833774306430
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 14:01:05 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E8FF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

85ms
69ms

Document
text/html

2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 01:27:40 GMT
expires: Mon, 27 Feb 2023 01:27:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 01:27:39 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js Show response
pagead2.googlesyndication.com/bg/ Frame 8C77 36 KB
14 KB 46ms
39ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb837e65b616796cc6b6fc120abae74c455917f91710fc15e900128cfa86600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 21:29:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 100660
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14233
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 25 Feb 2024 21:29:59 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A1DB 143 B
166 B 51ms
47ms Document
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 944
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 01:11:55 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C295 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d1e47a92515bb64dc3baed730c0cb900533d193a121502e5c23fcccc2dc0cef

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 3BE6 8 KB
968 B 47ms
45ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8005854987520958&output=html&h=280&slotname=8632507878&adk=3092499905&adf=1881517600&pi=t.ma~as.8632507878&w=1180&fwrn=4&fwrnh=100&lmt=1677461257&rafmt=1&format=1180x280&url=https%3A%2F%2Fwww.psxhax.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677461258471&bpp=4&bdt=1105&idt=291&shv=r20230222&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7039962653905&frm=20&pv=1&ga_vid=695592936.1677461259&ga_sid=1677461259&ga_hid=78615684&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C44759837%2C31071756%2C31072349%2C31072479&oid=2&pvsid=865209615759606&tmod=925318156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WzdUTnwChd&p=https%3A//www.psxhax.com&dtd=296

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 27 Feb 2023 01:27:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 00:40:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Feb 2023 01:27:39 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 3BE6 2 KB
765 B 39ms
38ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 14:01:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41195
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 14:01:04 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/ Frame 3BE6 22 KB
9 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 14:01:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 14:01:05 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 3BE6 3 KB
1 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 20:04:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19385
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 20:04:34 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 3BE6 20 KB
8 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 14:01:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 14:01:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3BE6 158 KB
48 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Feb 2023 01:27:39 GMT

GET
H2 200 ed8ae2896763956dad3710d8730c1299.js Show response
www.gstatic.com/mysidia/ Frame 3BE6 33 KB
14 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ed8ae2896763956dad3710d8730c1299.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9282b885825f1f265eb093acf11379fc90dd4e156588a02790c1515822e79858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:36:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 363043
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14007
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 03:30:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 23 May 2023 20:36:56 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3BE6 0
0 89ms
89ms Fetch
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C846ACgf8Y9ijMd2I9u8P9vWdwAv_yZmLb-29zon9ELeNmNeDORABINm1lwNgleKQgqAHoAH29smLA8gBCakCw_wrOVGysT6oAwHIA8sEqgTPAU_QxnaEOhH1c-YuJDt8sDGVDU7euV33w0yQIOYk2ohF3P1ZG1DeDQwy2xhNH7mNKvKNFZizVpmRktV7pqqAuXrer-_euuxHRoHR6-RALEoUap5G0-VGOMRYtRRDzBgT6LZjvD0h3LJmG8JF1WpE-NA8kJfdOrlqgDpqGLm8PV_hgcXVEpiHBMjYJQzaIm8XBqG4GM9yH3zggeRnJUR-_J6EoqHbag_D8h_WA-6_40PH06zkNSlFS6FkRfF0oHBzh1xEPdpRJ7TPYiLcIAVvyMAEs-u0p6MEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB9Gru50BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ-rM_0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItODAwNTg1NDk4NzUyMDk1OBgA&sigh=fFaiqmU_W-A&uach_m=[UACH]&cid=CAQSGwDUE5ympU4Nzu81NCtovWDmXSK9-9pBU3iQTBgB&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8005854987520958&output=html&h=280&slotname=8632507878&adk=3092499905&adf=1881517600&pi=t.ma~as.8632507878&w=1180&fwrn=4&fwrnh=100&lmt=1677461257&rafmt=1&format=1180x280&url=https%3A%2F%2Fwww.psxhax.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677461258471&bpp=4&bdt=1105&idt=291&shv=r20230222&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7039962653905&frm=20&pv=1&ga_vid=695592936.1677461259&ga_sid=1677461259&ga_hid=78615684&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C44759837%2C31071756%2C31072349%2C31072479&oid=2&pvsid=865209615759606&tmod=925318156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WzdUTnwChd&p=https%3A//www.psxhax.com&dtd=296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 27 Feb 2023 01:27:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ipg
a4.tribalfusion.com/ 43 B
124 B 264ms
263ms Image
image/gif 104.18.12.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a4.tribalfusion.com/ipg?ip6=2a03:1b20:6:f011::9e&kv=%7B%22ord%22%3A%201712926571%2C%20%22clientID%22%3A%20516433%7D
Requested by: Host: www.psxhax.com
URL: https://www.psxhax.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.12.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 01:27:40 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 79fd23aa7d372bc9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 adc_ndr_nepal_300x250.gif
cdnx.tribalfusion.com/media/5268446/ 38 KB
38 KB 38ms
20ms Image
image/gif 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnx.tribalfusion.com/media/5268446/adc_ndr_nepal_300x250.gif
Requested by: Host: www.psxhax.com
URL: https://www.psxhax.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9161f345320ccafa2602a032f8e9d080e70b6a06ccd90635102d21d43d8fbce3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:39 GMT
cf-cache-status: HIT
age: 21759
p3p: CP="NOI DEVo TAIa OUR BUS"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39001
x-function: 301
last-modified: Wed, 03 Jun 2015 15:24:51 GMT
server: cloudflare
etag: 1433345091
vary: Accept-Encoding
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
cache-control: public
accept-ranges: bytes
cf-ray: 79fd23aa9a5e9b9e-FRA
expires: Tue, 31 Dec 2030 00:00:00 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/12243046785247735983/ Frame 3BE6 30 KB
30 KB 39ms
38ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12243046785247735983/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21a90dc9cf31d20a02e0d9b21f59d990f3713d844aa2188cd7dfa04d10945615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 23:54:20 GMT
x-content-type-options: nosniff
age: 91999
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30585
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 19:10:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 25 Feb 2024 23:54:20 GMT

GET
DATA 200
OK truncated
/ Frame 3BE6 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3BE6 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00526e46a0cd4e0849012e53b5a9a2d003af41042d22f7cd4d6e2aaeb38577fd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame 4CF5 213 B
450 B 172ms
172ms Document
text/html 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=agmU0hpT7W5U3WWbvFWAr3REQ4SsrrPHjr0H7nVmvp4GU5YbUDUmPq5mQ6PAMD4HFr0HQAnHTm5mYQ3srcTs3lWGBkSPnoWtv3TFM32r2oUqMxWT37QqMFScQJRr6mPtviWsMS5rTxmWqmYEyx3dnZdQcJA4ABKptTsVWJhXrfa1UF91EqmRbrBUFQ4TtQ2orfqPbjrXqMO4Efh5E7RoTMI1rJZaUtMXWbPZcPDApTHfomUEZaIv&mediaDataID=6347136&mediaName=frame.html
Requested by: Host: www.psxhax.com
URL: https://www.psxhax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ec346a30024f1315c28131030a9e022321c12c3197321ace610fe2de668cb50

Request headers

Referer: https://www.psxhax.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 79fd23abfe3e3a8e-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 27 Feb 2023 01:27:40 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 107

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame 2B9F 381 B
556 B 172ms
171ms Document
text/html 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=ahmU0hPbQEWUYXTd31ob3oRUBp1T3n4Tja5Tv1mE7I1FB9TtbXnAUZdmcMooHfA5TFh3d6N56nEnbMZa0GnVYsQT0cFMmTJ45Fv2WrnDVP74REY0QsrmSdfr1HvpT6Mw4GYUXrUZdUAXw46ZbdQPfC3WYO0tMZanWTO4mZbS3srgTsJdUc78SmFOTtvPTbr35bEpUqUsVaQaPavGRGjZbQUuvPH7iUVvw4r6xWCZbmvnJwwdbqNmZd7lh&mediaDataID=6546596&mediaName=frame.html
Requested by: Host: www.psxhax.com
URL: https://www.psxhax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 915302dbb43ae6feae38d2b80a86170cfb93116998d4b299505dcd32bc161035

Request headers

Referer: https://www.psxhax.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 79fd23abfe3f3a8e-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 27 Feb 2023 01:27:40 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 299

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame 8233 309 B
527 B 169ms
169ms Document
text/html 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=aimU0hWd3TWrbY5rZaqWaYmTTFbPqMZdRcfCQF6mRWMiUcnU5ruxndInYTqx2dbGSVMG46YHoHPNTHJ90bn8YFZb70EInSbFZbWFMSWHJ0nbQnRUJsYqvp5qfa4T7YoTbB1FZbfUdbTnm3Bns7rptMB2EY73WZao5mnLmbfZc0Gn0YsF2XGbnmqv33bU4WUFDUAv5RE34QVUsPHjs0dFtWAbp4sBU0UQcTAiwvrqdnb2DwWZbEo9vUq4&mediaDataID=8039566&mediaName=frame.html
Requested by: Host: www.psxhax.com
URL: https://www.psxhax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1847455b48dc4cfb9fc45b2757bfe78408f3e45f86b6a8bee59b6617dc85c2e

Request headers

Referer: https://www.psxhax.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 79fd23abfe403a8e-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 27 Feb 2023 01:27:40 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 413

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame C207 302 B
518 B 266ms
266ms Document
text/html 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=ajmU0h5U3UTFfEW6U5QE3XScvOPH3N1dBuWPMw2c3U0bYJUAqw5PncQA7C2tZbsXHJKntZao5AJ15cr8VcQ7Wsf6RmvNTdZb3WbBP2U2rVajpTTraPTQIRcjCPFuoPHvbUcM54butnWAOXEey3WnHPG7Za4PrLoWPnUH370bnkYFYfXaeMSFJAWb35WHM0orJmRUZbnYq3t4ajd5q33nqMI1rUfWH7MmmfBV9XrSCIAxEZb0OZay3oM&mediaDataID=6807466&mediaName=frame.html
Requested by: Host: www.psxhax.com
URL: https://www.psxhax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58de43c7c5a0f68e32080ca2ff32fcdcbedcbcb2f16e53cd8c6a78dcb5937291

Request headers

Referer: https://www.psxhax.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 79fd23abfe413a8e-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 27 Feb 2023 01:27:40 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 107

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame BAD1 264 B
491 B 270ms
270ms Document
text/html 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=akmVCGWUY0TtQXmF3mQFFt1EMm4aYl5qYRnabBYbJfWtfRnmnBmG3qpdrB3aZbe5duq5PfGnUjGXVnR1c300VjpnqFR5bY2TUZbZcVm7YQTb1Sc3nPtfy1tFuVAfO4GnW0bZbZdTmyq5PMePmfJ2HZbs0HnZdmH2v36MV5VMcTGJaVVZbfPAnyWW33UbM05bEuWEjqTTn7PTZbZbRcbCPbavSW3dWGvP5UirnWIo0qep4dbZdQtQH2mI8WpbmpSEL0crUi2yMLq&mediaDataID=5578346&mediaName=frame.html
Requested by: Host: www.psxhax.com
URL: https://www.psxhax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fccd2f4c84bd553f6f79ff7f8a8e6347161b0fa37db6c9fb7389e80b2c71a8c6

Request headers

Referer: https://www.psxhax.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 79fd23abfe433a8e-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 27 Feb 2023 01:27:40 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 105

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame 1BC9 447 B
588 B 272ms
272ms Document
text/html 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=almU0hWrbY5bEoWaYmWqrcSTrGRsFZbQFAvStvbWGv52rqnnWiOYqTM3HvHQGrF26BZbotIyTtYfXrnc1UBl0q6ORFrBWbYSTdrWnFQsQFrq1Evt4Ejg4E3RmaMD1rZb6WtbXm6nZbmsUwotfG2qYf2taN56FKnFjJYVbP1c3V0VvxpTb42rFQWFfZaVA3YREM0ScroQHZbN0HBxWmYy3VBU0UZbDVmm546ZbetFEFMRisyWBxOMy5rA&mediaDataID=6719746&mediaName=frame.html
Requested by: Host: www.psxhax.com
URL: https://www.psxhax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b91af53030bb52a2ed20df5530fd1e98e1c7ec2ab934b1830c3861ba0f09235

Request headers

Referer: https://www.psxhax.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 79fd23abfe453a8e-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 27 Feb 2023 01:27:40 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 573

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame BC0C 275 B
499 B 269ms
267ms Document
text/html 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=aAmU0hTFfHUAv5RTMXQc3qSt7u0tZboW63p3GY2XFQDVAum56UeQ6BE3tQt0WBJptTu5mQY5VbeTsQbUcbkRAQmUHvQWFfP5r6uVEjqWEJbSTMZcSGFZbQrEvRt7dUVMV2ruxmHipYE2p2WbAPs7E5m3HoHamTdYcYrba1UB90qqtPbUZbTrB4WdY2obBsRUjr1EMp5aZbl5TYQnEBHXUUfWHMXoArans7wU8PGyBiextmFOSRM64&mediaDataID=6530936&mediaName=frame.html
Requested by: Host: www.psxhax.com
URL: https://www.psxhax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b3ca0200ff5cfab525b7e2edc4e6e8143d7ed46d748b89f8f1979a234fac996

Request headers

Referer: https://www.psxhax.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 79fd23ac0e483a8e-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 27 Feb 2023 01:27:40 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 304

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame 5D95 324 B
534 B 271ms
269ms Document
text/html 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=aBmU0hTtQ4orJpPUZbpXTJr3Tjf4qn1nEFIXFZb6UW7XomMLmsvwpHUH2aQf3Wmt3PnZanbrEXc7XYs34XG7MnEj23rvPTr7ZcUP3TQqb2PsZbtStFv1WZboVmYp2GB40UUKVAqw4mUaQPJK2dZbm1dUImdIo5AMU5GbdUsFdUcb8RAFuWdY3TUM42UZarVEvqTTQaSTvKScJJQFAwSW39Vsb52F6xode0XEepxC2AmDTFumJyunllID&mediaDataID=5436426&mediaName=frame.html
Requested by: Host: www.psxhax.com
URL: https://www.psxhax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 265a752b1fd3f3cb1e3bfaf799c1fed7a5fa5cb7c6f86e2aa3ba78d0349881c0

Request headers

Referer: https://www.psxhax.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 79fd23ac0e4b3a8e-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 27 Feb 2023 01:27:40 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 238

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame 26D3 279 B
506 B 271ms
270ms Document
text/html 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=aCmU0h5bEnUqrnWqQ6SEUZaQVYLQFInSHYiVcMV4UyxoW6rYEmp3dYBPcfE4PJZcmtPsTHBhXF7iYFBhXainRr3ZdUrM5THrWobjxQbrpXTFs3Tfh2Tr1oaBIYFU8WHbQomnBncvspt3J3qZbk2Has4AjGnUYIXs7WXsJ2XG7nnEvT5UY2WbnZaWP3WRqn2ScUsStjw1H7pWP3m3cM0YrZbDVmiw2PQZbPPMKxoqmxR6JWd2JOa82i8&mediaDataID=9148826&mediaName=frame.html
Requested by: Host: www.psxhax.com
URL: https://www.psxhax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c35289b5df250554848a64bfe520d6325a225953a7aa1b8903eb6d268b5efa5

Request headers

Referer: https://www.psxhax.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 79fd23ac0e4d3a8e-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 27 Feb 2023 01:27:40 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 167

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 79ms
79ms Script
application/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.psxhax.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 47ms
46ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.psxhax.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DFC8 258 KB
26 KB 466ms
450ms Document
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8005854987520958&output=html&h=280&slotname=1965698180&adk=1386472052&adf=2045625126&pi=t.ma~as.1965698180&w=336&fwrn=4&fwrnh=100&lmt=1677461257&rafmt=1&format=336x280&url=https%3A%2F%2Fwww.psxhax.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677461259953&bpp=9&bdt=2586&idt=9&shv=r20230222&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c93f3f59585745a-2256986e2fdd00fa%3AT%3D1677461258%3ART%3D1677461258%3AS%3DALNI_MY9M-htH5o3T4BW8kivrXRvGoHHKQ&gpic=UID%3D00000bbc5d4adccc%3AT%3D1677461258%3ART%3D1677461258%3AS%3DALNI_Mb02iAyD5pzt4_1nEEcn6vRttJmug&prev_fmts=0x0%2C1180x280%2C336x280%2C336x280%2C180x500%2C180x500%2C1005x124&nras=4&correlator=7039962653905&frm=20&pv=1&ga_vid=695592936.1677461259&ga_sid=1677461259&ga_hid=78615684&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1054&ady=2026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C44759837%2C31071756%2C31072349%2C31072479&oid=2&psts=AD37Y7sdOsC8kBnqcaSxc-CXIKAej0ssAmgrjPIlmroL9oO4W9W3ZULkRanU9x6T0Nw5o4R6igewxwsUARy5Xm78Og%2CAD37Y7ui5bezjN-t3LCYP06N0uLAg42MKzgaIGeZI_X5cO4ZHHB_d2v9oy1edMYlBBcvMqD-UuR5rV-5_Zd3F01Hykj2f0ighgS7NQLVlaKd%2CAD37Y7vlBakIy3fv7fJdK7l6tExWqITQ4lZ1FmOQSVK13t60Rw5JeYfrSv61RLg_Hsu65MBkXE3zplORug1RjD3k8VDrmaqFyDYM5y42arbm%2CAD37Y7tgFZ9ZBuaatA4KSEWn2zPqby4nFMsqOYkvwjdNtYh_fHqg2Tuw3kQ3IVhE_raszRjkZw4BsfrmfcN7Lx_-orpLVlUwIBZmio1cqEPHYfQ&pvsid=865209615759606&tmod=925318156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=tQPhjeWEAe&p=https%3A//www.psxhax.com&dtd=14

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a80a0a58507b0b82c039136cd934409a56e161b0bc3911986f44decae259010

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.psxhax.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-expose-headers: x-google-amp-ad-validated-version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 26688
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 01:27:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 avatar_l.png
www.psxhax.com/styles/default/xenforo/avatars/ 5 KB
5 KB 20ms
20ms Image
image/png 2606:4700:3037::ac43:a839
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.psxhax.com/styles/default/xenforo/avatars/avatar_l.png
Requested by: Host: www.psxhax.com
URL: https://www.psxhax.com/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=13&l=1&d=1677016264&k=2e657b89a55a75504825801bc2fa6a6b5233b106
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:a839 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40869d226f2679241564c3a8a9b140978cae222209ec4b0019dc4bf7a5c3350a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=13&l=1&d=1677016264&k=2e657b89a55a75504825801bc2fa6a6b5233b106
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:39 GMT
cf-cache-status: HIT
last-modified: Tue, 16 Aug 2016 17:59:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2239917
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EIpxIbsAhgbh%2FLqNJ4MQnSUNYfdBD%2Fbm0YuS1Xay4K2LChya2FPtjCZNyWyb%2FNf7YO9GWdpVsoEZpDhsM9IIvyN57IFysdGS34jo%2Fn2gO3c2tcpow0uYbFzuYNp8RvkwVuCUnjpm1PnHw2Hg4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 79fd23aada8637cc-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4821
expires: Fri, 03 Mar 2023 03:15:42 GMT

GET
H3 200 566599.jpg
www.psxhax.com/data/avatars/s/566/ 5 KB
5 KB 29ms
28ms Image
image/jpeg 2606:4700:3037::ac43:a839
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.psxhax.com/data/avatars/s/566/566599.jpg?1602372505
Requested by: Host: www.psxhax.com
URL: https://www.psxhax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:a839 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abd5e658fda33bac367674d1ba9e127ca15c7f08cec092aeb2ee5cf399e7849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:39 GMT
cf-cache-status: HIT
last-modified: Sat, 03 Oct 2020 09:11:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1966275
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N4KJRw9nIItyLI8UG3mxZ3rBkdJR1ySQ7klin7hKO6cWQo6P8s9RblBVCiUsfpSTItli96FtshKHC%2FFerebizS9sRW2kXpBSr28LoP0wBu2Jdvsy5nUXot26eUvG3L1aRkmiejNsob5814Z7Dg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 79fd23aaea8d37cc-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4984
expires: Mon, 06 Mar 2023 07:16:24 GMT

GET
H3 200 623336.jpg
www.psxhax.com/data/avatars/s/623/ 1 KB
2 KB 29ms
28ms Image
image/jpeg 2606:4700:3037::ac43:a839
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.psxhax.com/data/avatars/s/623/623336.jpg?1613296868
Requested by: Host: www.psxhax.com
URL: https://www.psxhax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:a839 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc783128bc3c4e9617018c8bdbbe476d07da0725350e4ff1a247ec614c830844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:39 GMT
cf-cache-status: HIT
last-modified: Sun, 14 Feb 2021 11:01:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 28999
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5bcO428CUH7mVvRQloExSp5oRKb8FaGq3uejRSG5rkvaZ%2FXockAk04RrlFWFpnCnmDakxqhwCNMBPBA7px4YMFPQjt8RAdTcYN%2Blo4fIzKBEMcmpyUkU9kWyrQONnMjnao3DSuNrtzGGW0yoeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 79fd23aaea8f37cc-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1477
expires: Tue, 28 Mar 2023 17:24:20 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A1DB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

160ms
160ms

Document
text/html

2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 01:27:40 GMT
expires: Mon, 27 Feb 2023 01:27:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 01:27:40 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js Show response
pagead2.googlesyndication.com/bg/ Frame C82D 36 KB
14 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb837e65b616796cc6b6fc120abae74c455917f91710fc15e900128cfa86600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 21:29:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 100661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14233
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 25 Feb 2024 21:29:59 GMT

GET
H3 200 7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js Show response
pagead2.googlesyndication.com/bg/ Frame 1216 36 KB
14 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js

Requested by

Host: www.psxhax.com
URL: https://www.psxhax.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb837e65b616796cc6b6fc120abae74c455917f91710fc15e900128cfa86600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 21:29:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 100661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14233
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 25 Feb 2024 21:29:59 GMT

GET
H2 204 aHR0cHM6Ly93d3cucHN4aGF4LmNvbS8%253D
k.intellitxt.com/log/ptr/5af8a97ae2a1317b19d624b28e4e8bb3faff08cf/89912/81dfad22-fc1e-4b23-bba5-e5148fb13a93/ 0
168 B 111ms
111ms Image
text/plain 184.73.143.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://k.intellitxt.com/log/ptr/5af8a97ae2a1317b19d624b28e4e8bb3faff08cf/89912/81dfad22-fc1e-4b23-bba5-e5148fb13a93/aHR0cHM6Ly93d3cucHN4aGF4LmNvbS8%253D
Requested by: Host: www.psxhax.com
URL: https://www.psxhax.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.73.143.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-73-143-27.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 27 Feb 2023 01:27:40 GMT
cache-control: no-cache, no-store, must-revalidate
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
expires: 0

GET
H3 200 7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js Show response
pagead2.googlesyndication.com/bg/ Frame 1EDC 36 KB
14 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js

Requested by

Host: www.psxhax.com
URL: https://www.psxhax.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb837e65b616796cc6b6fc120abae74c455917f91710fc15e900128cfa86600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 21:29:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 100661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14233
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 25 Feb 2024 21:29:59 GMT

GET
DATA 200
OK truncated
/ Frame 3BE6 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 40e4ff04ebeb3d44c46c9450712b925033e65401a1703c717e8369be1662ad55

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 3BE6 28 KB
28 KB 125ms
40ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:36:43 GMT
x-content-type-options: nosniff
age: 280257
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 19:36:43 GMT

GET
H2

200

dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame 8233
Redirect Chain

https://a.tribalfusion.com/i.match?p=b24&u=18072662250093743627&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662250093743627

0
122 B

71ms
16ms

Image
text/plain

188.65.124.66
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662250093743627

Requested by

Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aimU0hWd3TWrbY5rZaqWaYmTTFbPqMZdRcfCQF6mRWMiUcnU5ruxndInYTqx2dbGSVMG46YHoHPNTHJ90bn8YFZb70EInSbFZbWFMSWHJ0nbQnRUJsYqvp5qfa4T7YoTbB1FZbfUdbTnm3Bns7rptMB2EY73WZao5mnLmbfZc0Gn0YsF2XGbnmqv33bU4WUFDUAv5RE34QVUsPHjs0dFtWAbp4sBU0UQcTAiwvrqdnb2DwWZbEo9vUq4&mediaDataID=8039566&mediaName=frame.html

Protocol

Server

188.65.124.66 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

ingress-03-pub-prod-ix7.vip.dailymotion.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-dm-lb-name: ingress-nginx-nginx-in-cluster-hlb45
date: Mon, 27 Feb 2023 01:27:40 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0

Redirect headers

pragma: no-cache
date: Mon, 27 Feb 2023 01:27:40 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 248
content-type: text/html
location: https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662250093743627
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 79fd23addc559b9e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

i.match
a.tribalfusion.com/ Frame 4CF5
Redirect Chain

https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662250093743627&_origin=1&redir=true
https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662250093743627&_origin=1&redir=true&verify=true
https://a.tribalfusion.com/i.match?p=b17&u=y-1MXMWH1E2uhwhN52bRx.VSpK9Hmi91k-~A

43 B
479 B

271ms
271ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b17&u=y-1MXMWH1E2uhwhN52bRx.VSpK9Hmi91k-~A
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=agmU0hpT7W5U3WWbvFWAr3REQ4SsrrPHjr0H7nVmvp4GU5YbUDUmPq5mQ6PAMD4HFr0HQAnHTm5mYQ3srcTs3lWGBkSPnoWtv3TFM32r2oUqMxWT37QqMFScQJRr6mPtviWsMS5rTxmWqmYEyx3dnZdQcJA4ABKptTsVWJhXrfa1UF91EqmRbrBUFQ4TtQ2orfqPbjrXqMO4Efh5E7RoTMI1rJZaUtMXWbPZcPDApTHfomUEZaIv&mediaDataID=6347136&mediaName=frame.html
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 01:27:40 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 79fd23ae2c9f9b9e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://a.tribalfusion.com/i.match?p=b17&u=y-1MXMWH1E2uhwhN52bRx.VSpK9Hmi91k-~A
date: Mon, 27 Feb 2023 01:27:40 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 2B9F 43 B
304 B 56ms
19ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=ahmU0hPbQEWUYXTd31ob3oRUBp1T3n4Tja5Tv1mE7I1FB9TtbXnAUZdmcMooHfA5TFh3d6N56nEnbMZa0GnVYsQT0cFMmTJ45Fv2WrnDVP74REY0QsrmSdfr1HvpT6Mw4GYUXrUZdUAXw46ZbdQPfC3WYO0tMZanWTO4mZbS3srgTsJdUc78SmFOTtvPTbr35bEpUqUsVaQaPavGRGjZbQUuvPH7iUVvw4r6xWCZbmvnJwwdbqNmZd7lh&mediaDataID=6546596&mediaName=frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 01:27:40 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame C207
Redirect Chain

https://a.tribalfusion.com/i.match?p=b22&u=18072662250093743627&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24
https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662250093743627

0
338 B

116ms
30ms

Image
text/plain

34.255.170.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662250093743627
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=ajmU0h5U3UTFfEW6U5QE3XScvOPH3N1dBuWPMw2c3U0bYJUAqw5PncQA7C2tZbsXHJKntZao5AJ15cr8VcQ7Wsf6RmvNTdZb3WbBP2U2rVajpTTraPTQIRcjCPFuoPHvbUcM54butnWAOXEey3WnHPG7Za4PrLoWPnUH370bnkYFYfXaeMSFJAWb35WHM0orJmRUZbnYq3t4ajd5q33nqMI1rUfWH7MmmfBV9XrSCIAxEZb0OZay3oM&mediaDataID=6807466&mediaName=frame.html
Protocol: H2
Server: 34.255.170.214 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-170-214.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-served-by: beacon-n008-dub-prod.krxd.net
date: Mon, 27 Feb 2023 01:27:40 GMT
cache-control: private, no-cache, no-store
x-request-time: D=95 t=1677461260
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Mon, 27 Feb 2023 01:27:40 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 71
content-type: text/html
location: https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662250093743627
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 79fd23ae0c769b9e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

i.match
a.tribalfusion.com/ Frame BAD1
Redirect Chain

https://dpm.demdex.net/ibs:dpid=22054&dpuuid=18072662250093743627&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22054&dpuuid=18072662250093743627&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D
https://a.tribalfusion.com/i.match?p=b13&u=75170783316888296191649425908179333557

43 B
485 B

271ms
271ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b13&u=75170783316888296191649425908179333557
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=akmVCGWUY0TtQXmF3mQFFt1EMm4aYl5qYRnabBYbJfWtfRnmnBmG3qpdrB3aZbe5duq5PfGnUjGXVnR1c300VjpnqFR5bY2TUZbZcVm7YQTb1Sc3nPtfy1tFuVAfO4GnW0bZbZdTmyq5PMePmfJ2HZbs0HnZdmH2v36MV5VMcTGJaVVZbfPAnyWW33UbM05bEuWEjqTTn7PTZbZbRcbCPbavSW3dWGvP5UirnWIo0qep4dbZdQtQH2mI8WpbmpSEL0crUi2yMLq&mediaDataID=5578346&mediaName=frame.html
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 01:27:40 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 79fd23af2d4f9b9e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-irl1-2-v046-0c9e579d2.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: a43xJRzsRuQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://a.tribalfusion.com/i.match?p=b13&u=75170783316888296191649425908179333557
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

i.match
a.tribalfusion.com/ Frame BC0C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662250093743627&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D&cm_dsp_id=131&external_user_id=18072662250093743627&C=1
https://a.tribalfusion.com/i.match?p=b20&u=Y-wHDMx9LkVdzN5yCBaUuAAA

43 B
466 B

267ms
266ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b20&u=Y-wHDMx9LkVdzN5yCBaUuAAA
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aAmU0hTFfHUAv5RTMXQc3qSt7u0tZboW63p3GY2XFQDVAum56UeQ6BE3tQt0WBJptTu5mQY5VbeTsQbUcbkRAQmUHvQWFfP5r6uVEjqWEJbSTMZcSGFZbQrEvRt7dUVMV2ruxmHipYE2p2WbAPs7E5m3HoHamTdYcYrba1UB90qqtPbUZbTrB4WdY2obBsRUjr1EMp5aZbl5TYQnEBHXUUfWHMXoArans7wU8PGyBiextmFOSRM64&mediaDataID=6530936&mediaName=frame.html
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 01:27:40 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 79fd23ae9cea9b9e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 27 Feb 2023 01:27:40 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://a.tribalfusion.com/i.match?p=b20&u=Y-wHDMx9LkVdzN5yCBaUuAAA
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H2

200

i.match
a.tribalfusion.com/ Frame 1BC9
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D180726622500...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D180726622500...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662250093743627&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_U...
https://a.tribalfusion.com/i.match?p=b11&u=AB9C5370-6F7C-43EF-928D-F631477BF252

43 B
474 B

853ms
852ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b11&u=AB9C5370-6F7C-43EF-928D-F631477BF252
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=almU0hWrbY5bEoWaYmWqrcSTrGRsFZbQFAvStvbWGv52rqnnWiOYqTM3HvHQGrF26BZbotIyTtYfXrnc1UBl0q6ORFrBWbYSTdrWnFQsQFrq1Evt4Ejg4E3RmaMD1rZb6WtbXm6nZbmsUwotfG2qYf2taN56FKnFjJYVbP1c3V0VvxpTb42rFQWFfZaVA3YREM0ScroQHZbN0HBxWmYy3VBU0UZbDVmm546ZbetFEFMRisyWBxOMy5rA&mediaDataID=6719746&mediaName=frame.html
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 01:27:41 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 79fd23af3d569b9e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://a.tribalfusion.com/i.match?p=b11&u=AB9C5370-6F7C-43EF-928D-F631477BF252
date: Mon, 27 Feb 2023 01:27:40 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 5D95
Redirect Chain

https://a.tribalfusion.com/i.match?p=b10&u=18072662250093743627&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662250093743627&expires=180

0
239 B

64ms
7ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662250093743627&expires=180
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aBmU0hTtQ4orJpPUZbpXTJr3Tjf4qn1nEFIXFZb6UW7XomMLmsvwpHUH2aQf3Wmt3PnZanbrEXc7XYs34XG7MnEj23rvPTr7ZcUP3TQqb2PsZbtStFv1WZboVmYp2GB40UUKVAqw4mUaQPJK2dZbm1dUImdIo5AMU5GbdUsFdUcb8RAFuWdY3TUM42UZarVEvqTTQaSTvKScJJQFAwSW39Vsb52F6xode0XEepxC2AmDTFumJyunllID&mediaDataID=5436426&mediaName=frame.html
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Mon, 27 Feb 2023 01:27:40 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 1917
content-type: text/html
location: https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662250093743627&expires=180
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 79fd23ae0c869b9e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

i.match
a.tribalfusion.com/ Frame 26D3
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662250093743627&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662250093743627&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID&__user_check__=1&sync_id=ed1edcdd-b63d-11e...
https://a.tribalfusion.com/i.match?p=b19&u=ed1edc83-b63d-11ed-b22e-180e33a50206

43 B
472 B

275ms
273ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b19&u=ed1edc83-b63d-11ed-b22e-180e33a50206
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aCmU0h5bEnUqrnWqQ6SEUZaQVYLQFInSHYiVcMV4UyxoW6rYEmp3dYBPcfE4PJZcmtPsTHBhXF7iYFBhXainRr3ZdUrM5THrWobjxQbrpXTFs3Tfh2Tr1oaBIYFU8WHbQomnBncvspt3J3qZbk2Has4AjGnUYIXs7WXsJ2XG7nnEvT5UY2WbnZaWP3WRqn2ScUsStjw1H7pWP3m3cM0YrZbDVmiw2PQZbPPMKxoqmxR6JWd2JOa82i8&mediaDataID=9148826&mediaName=frame.html
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 01:27:40 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 79fd23af0d329b9e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Mon, 27 Feb 2023 01:27:40 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Location: https://a.tribalfusion.com/i.match?p=b19&u=ed1edc83-b63d-11ed-b22e-180e33a50206
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 22
Connection: keep-alive
Content-Length: 43

GET
H3 200 30ff74cd17fac218005202762a48c647.js Show response
www.gstatic.com/mysidia/ Frame 44C4 10 KB
4 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/30ff74cd17fac218005202762a48c647.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8005854987520958&output=html&h=280&slotname=3467030852&adk=4073035317&adf=2491610110&pi=t.ma~as.3467030852&w=336&fwrn=4&fwrnh=100&lmt=1677461257&rafmt=1&format=336x280&url=https%3A%2F%2Fwww.psxhax.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677461258476&bpp=7&bdt=1109&idt=302&shv=r20230222&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1180x280&nras=1&correlator=7039962653905&frm=20&pv=1&ga_vid=695592936.1677461259&ga_sid=1677461259&ga_hid=78615684&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=459&ady=839&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C44759837%2C31071756%2C31072349%2C31072479&oid=2&pvsid=865209615759606&tmod=925318156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=cE77dPpdAE&p=https%3A//www.psxhax.com&dtd=306

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf604d68a81b4f3042807e4f9561e19db4130802cad8c53b39549c383a86ff77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:37:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 240638
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4407
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 04:57:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 May 2023 06:37:02 GMT

GET
H3 200 d54fb258837bdf5831cf74a7a03ab0b6.js Show response
www.gstatic.com/mysidia/ Frame 44C4 135 KB
50 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d54fb258837bdf5831cf74a7a03ab0b6.js?tag=video_mra/web_raspberry_ms

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f511a870bd81bde72b92960ca2984bcb810ef657f7f2a842f8c5787b28f13113

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:43:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 240232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51224
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 04:57:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 May 2023 06:43:48 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 44C4 13 KB
970 B 46ms
45ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C700

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

50ff8f6189413a33afbb07569cf756f8bda593c9259ef09bc05f0935f353ede2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 27 Feb 2023 01:27:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 00:49:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Feb 2023 01:27:40 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 44C4 2 KB
770 B 49ms
48ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 14:01:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 14:01:04 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/ Frame 44C4 22 KB
9 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 14:01:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41195
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 14:01:05 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 44C4 3 KB
1 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 20:04:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19386
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 20:04:34 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 44C4 20 KB
8 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 14:01:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41195
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 14:01:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 44C4 158 KB
48 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Feb 2023 01:27:40 GMT

GET
H3 200 3d1f1376e308865cf68987b0ba581d94.js Show response
www.gstatic.com/mysidia/ Frame 44C4 34 KB
14 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3d1f1376e308865cf68987b0ba581d94.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38935741f6939baa18b56370cf3e8a1b20e1e52439ded7d8dd4c5e39a5ca2672

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 05:29:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 244697
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14319
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 04:57:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 May 2023 05:29:23 GMT

GET
H3 200 7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js Show response
pagead2.googlesyndication.com/bg/ Frame 9A74 36 KB
14 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb837e65b616796cc6b6fc120abae74c455917f91710fc15e900128cfa86600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 21:29:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 100661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14233
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 25 Feb 2024 21:29:59 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012302031721000/ Frame DFC8 222 KB
61 KB 172ms
39ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8005854987520958&output=html&h=280&slotname=1965698180&adk=1386472052&adf=2045625126&pi=t.ma~as.1965698180&w=336&fwrn=4&fwrnh=100&lmt=1677461257&rafmt=1&format=336x280&url=https%3A%2F%2Fwww.psxhax.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677461259953&bpp=9&bdt=2586&idt=9&shv=r20230222&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c93f3f59585745a-2256986e2fdd00fa%3AT%3D1677461258%3ART%3D1677461258%3AS%3DALNI_MY9M-htH5o3T4BW8kivrXRvGoHHKQ&gpic=UID%3D00000bbc5d4adccc%3AT%3D1677461258%3ART%3D1677461258%3AS%3DALNI_Mb02iAyD5pzt4_1nEEcn6vRttJmug&prev_fmts=0x0%2C1180x280%2C336x280%2C336x280%2C180x500%2C180x500%2C1005x124&nras=4&correlator=7039962653905&frm=20&pv=1&ga_vid=695592936.1677461259&ga_sid=1677461259&ga_hid=78615684&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1054&ady=2026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C44759837%2C31071756%2C31072349%2C31072479&oid=2&psts=AD37Y7sdOsC8kBnqcaSxc-CXIKAej0ssAmgrjPIlmroL9oO4W9W3ZULkRanU9x6T0Nw5o4R6igewxwsUARy5Xm78Og%2CAD37Y7ui5bezjN-t3LCYP06N0uLAg42MKzgaIGeZI_X5cO4ZHHB_d2v9oy1edMYlBBcvMqD-UuR5rV-5_Zd3F01Hykj2f0ighgS7NQLVlaKd%2CAD37Y7vlBakIy3fv7fJdK7l6tExWqITQ4lZ1FmOQSVK13t60Rw5JeYfrSv61RLg_Hsu65MBkXE3zplORug1RjD3k8VDrmaqFyDYM5y42arbm%2CAD37Y7tgFZ9ZBuaatA4KSEWn2zPqby4nFMsqOYkvwjdNtYh_fHqg2Tuw3kQ3IVhE_raszRjkZw4BsfrmfcN7Lx_-orpLVlUwIBZmio1cqEPHYfQ&pvsid=865209615759606&tmod=925318156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=tQPhjeWEAe&p=https%3A//www.psxhax.com&dtd=14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7de886a084ff33bba971a067938a541d20340782ca5a77f0e8879f6571f42fb4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 24 Feb 2023 17:13:27 GMT
age: 202453
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61811
x-xss-protection: 0
server: sffe
etag: "c31ac511828178f4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 24 Feb 2024 17:13:27 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012302031721000/v0/ Frame DFC8 15 KB
5 KB 247ms
115ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/v0/amp-ad-exit-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6f8d3f9f2e56fd5910129867513cc25550919e2cc50f8ecafd9d100fb2e44cc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 24 Feb 2023 17:13:27 GMT
age: 202453
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5233
x-xss-protection: 0
server: sffe
etag: "031ab09f7d5e6c1f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 24 Feb 2024 17:13:27 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012302031721000/v0/ Frame DFC8 94 KB
28 KB 240ms
119ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/v0/amp-analytics-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4275796e9f1cfa6219c319180a5adcbf3da9c0f753c719fe4c48d43addff507

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 24 Feb 2023 17:13:27 GMT
age: 202453
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28880
x-xss-protection: 0
server: sffe
etag: "1d865d9ba0a59851"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 24 Feb 2024 17:13:27 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012302031721000/v0/ Frame DFC8 72 KB
16 KB 264ms
143ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/v0/amp-animation-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f3a3e39820c10b9cd68fe9060c18ab70365d00c043d7f912025a915c931eb59

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 24 Feb 2023 17:13:28 GMT
age: 202452
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16660
x-xss-protection: 0
server: sffe
etag: "cb1055a7b53990b0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 24 Feb 2024 17:13:28 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012302031721000/v0/ Frame DFC8 5 KB
2 KB 254ms
134ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/v0/amp-fit-text-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33cf544ad9b2702ef8cc549ae1fbec26a2afb0ad835c0e3e863b367e18f338dc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 24 Feb 2023 17:13:28 GMT
age: 202452
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1916
x-xss-protection: 0
server: sffe
etag: "2b4961eb83980a40"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 24 Feb 2024 17:13:28 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012302031721000/v0/ Frame DFC8 40 KB
13 KB 255ms
135ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/v0/amp-form-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bba1bb5847e0990d0d2983df61e98417272fc1aa014b09c4f8dda08e7b103ac

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 24 Feb 2023 17:13:29 GMT
age: 202451
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12955
x-xss-protection: 0
server: sffe
etag: "06b4b5a97f01e05a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 24 Feb 2024 17:13:29 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DFC8 2 KB
2 KB 40ms
38ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 18:56:34 GMT
x-content-type-options: nosniff
server: cafe
age: 23466
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 27 Feb 2023 18:56:34 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DFC8 295 B
319 B 41ms
39ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 22:54:35 GMT
x-content-type-options: nosniff
server: cafe
age: 9185
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 27 Feb 2023 22:54:35 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame DFC8 0
0 48ms
46ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRoU_yPbd7effzcYM_M7brl16nqyc2SxaKypAVr-wDHyYPv13U6eVF_I2SOO_9mj8v6ulPufAk8P7U4Tsi8MYgliTe2Iw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8005854987520958&output=html&h=280&slotname=1965698180&adk=1386472052&adf=2045625126&pi=t.ma~as.1965698180&w=336&fwrn=4&fwrnh=100&lmt=1677461257&rafmt=1&format=336x280&url=https%3A%2F%2Fwww.psxhax.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677461259953&bpp=9&bdt=2586&idt=9&shv=r20230222&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c93f3f59585745a-2256986e2fdd00fa%3AT%3D1677461258%3ART%3D1677461258%3AS%3DALNI_MY9M-htH5o3T4BW8kivrXRvGoHHKQ&gpic=UID%3D00000bbc5d4adccc%3AT%3D1677461258%3ART%3D1677461258%3AS%3DALNI_Mb02iAyD5pzt4_1nEEcn6vRttJmug&prev_fmts=0x0%2C1180x280%2C336x280%2C336x280%2C180x500%2C180x500%2C1005x124&nras=4&correlator=7039962653905&frm=20&pv=1&ga_vid=695592936.1677461259&ga_sid=1677461259&ga_hid=78615684&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1054&ady=2026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C44759837%2C31071756%2C31072349%2C31072479&oid=2&psts=AD37Y7sdOsC8kBnqcaSxc-CXIKAej0ssAmgrjPIlmroL9oO4W9W3ZULkRanU9x6T0Nw5o4R6igewxwsUARy5Xm78Og%2CAD37Y7ui5bezjN-t3LCYP06N0uLAg42MKzgaIGeZI_X5cO4ZHHB_d2v9oy1edMYlBBcvMqD-UuR5rV-5_Zd3F01Hykj2f0ighgS7NQLVlaKd%2CAD37Y7vlBakIy3fv7fJdK7l6tExWqITQ4lZ1FmOQSVK13t60Rw5JeYfrSv61RLg_Hsu65MBkXE3zplORug1RjD3k8VDrmaqFyDYM5y42arbm%2CAD37Y7tgFZ9ZBuaatA4KSEWn2zPqby4nFMsqOYkvwjdNtYh_fHqg2Tuw3kQ3IVhE_raszRjkZw4BsfrmfcN7Lx_-orpLVlUwIBZmio1cqEPHYfQ&pvsid=865209615759606&tmod=925318156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=tQPhjeWEAe&p=https%3A//www.psxhax.com&dtd=14
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DFC8 0
18 B 92ms
90ms Image
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CreVBDAf8Y-mHDeGD9u8P9N2acPuik-hum8XJ444Rh7a-z4gKEAEg2bWXA2CV4pCCoAegAcT3x-oDyAEJqQLD_Cs5UbKxPqgDAcgDCKoEyAFP0CGZKrrgcH-UFiO3fZFs1K8hUhJpOxmH5XIOlIAaxOdNh1zAZeKH5LyEcdfysoEIM2oTSq7R9F7apGhnN5ADT8MR_qEE-Mj6enLRcfv5svfhFy3MUo4z7-MGA6vQNZ7JbyQSq8sJuOawzO4sjX_iy1IgU055EwXHkbaikAg_6wgPm1w7lCiACWxTJWfuJce6Y_DFVyF7wEUg9sANBK7PlPBAeU0yhAN1FPNzGnNemlZfG--o3bzTFI75jDjdtPeJsFpPLaUUbcAEqcPWqqwEkgUECAQYAZIFBAgFGASgBi6AB6SIuBWoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDtsRHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi04MDA1ODU0OTg3NTIwOTU4GAA&sigh=tLwxDMNN71w&uach_m=[UACH]&cid=CAQSPADUE5ymeXC112e6-M0oA-qcRO_r1ojnzAxsfhqB969CL4Q0UQOK_60n87NiZJIaOOl9mFb8QWT1KbKtHxgB&template_id=419

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8005854987520958&output=html&h=280&slotname=1965698180&adk=1386472052&adf=2045625126&pi=t.ma~as.1965698180&w=336&fwrn=4&fwrnh=100&lmt=1677461257&rafmt=1&format=336x280&url=https%3A%2F%2Fwww.psxhax.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677461259953&bpp=9&bdt=2586&idt=9&shv=r20230222&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c93f3f59585745a-2256986e2fdd00fa%3AT%3D1677461258%3ART%3D1677461258%3AS%3DALNI_MY9M-htH5o3T4BW8kivrXRvGoHHKQ&gpic=UID%3D00000bbc5d4adccc%3AT%3D1677461258%3ART%3D1677461258%3AS%3DALNI_Mb02iAyD5pzt4_1nEEcn6vRttJmug&prev_fmts=0x0%2C1180x280%2C336x280%2C336x280%2C180x500%2C180x500%2C1005x124&nras=4&correlator=7039962653905&frm=20&pv=1&ga_vid=695592936.1677461259&ga_sid=1677461259&ga_hid=78615684&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1054&ady=2026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C44759837%2C31071756%2C31072349%2C31072479&oid=2&psts=AD37Y7sdOsC8kBnqcaSxc-CXIKAej0ssAmgrjPIlmroL9oO4W9W3ZULkRanU9x6T0Nw5o4R6igewxwsUARy5Xm78Og%2CAD37Y7ui5bezjN-t3LCYP06N0uLAg42MKzgaIGeZI_X5cO4ZHHB_d2v9oy1edMYlBBcvMqD-UuR5rV-5_Zd3F01Hykj2f0ighgS7NQLVlaKd%2CAD37Y7vlBakIy3fv7fJdK7l6tExWqITQ4lZ1FmOQSVK13t60Rw5JeYfrSv61RLg_Hsu65MBkXE3zplORug1RjD3k8VDrmaqFyDYM5y42arbm%2CAD37Y7tgFZ9ZBuaatA4KSEWn2zPqby4nFMsqOYkvwjdNtYh_fHqg2Tuw3kQ3IVhE_raszRjkZw4BsfrmfcN7Lx_-orpLVlUwIBZmio1cqEPHYfQ&pvsid=865209615759606&tmod=925318156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=tQPhjeWEAe&p=https%3A//www.psxhax.com&dtd=14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 27 Feb 2023 01:27:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame DFC8 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1739fd1679db5759365314334a60c98c428d690b8a137aaa0964ca212eadc6ec

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 bg.jpg
tpc.googlesyndication.com/sadbundle/14558132505720257097/ Frame DFC8 52 KB
52 KB 40ms
39ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/14558132505720257097/bg.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bdc3186fc90d0cb4def0a01b98cad4669927d52ae2711e86ae62790551290d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 09:47:29 GMT
x-content-type-options: nosniff
age: 229211
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52905
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 11:17:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 24 Feb 2024 09:47:29 GMT

GET
H3 200 linie.png
tpc.googlesyndication.com/sadbundle/14558132505720257097/ Frame DFC8 2 KB
2 KB 52ms
49ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/14558132505720257097/linie.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b5b8f0ad450769ab0ea0283dbc0d9dcbe66482a70ae1a569a67283682b5883f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 09:37:37 GMT
x-content-type-options: nosniff
age: 229803
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1989
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 11:17:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 24 Feb 2024 09:37:37 GMT

GET
H3 200 mehr_wir.png
tpc.googlesyndication.com/sadbundle/14558132505720257097/ Frame DFC8 2 KB
2 KB 52ms
50ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/14558132505720257097/mehr_wir.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71929fb7324254398ac279ed50cc260459fd3f38efd6fc528320b6318e627aef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 13:02:00 GMT
x-content-type-options: nosniff
age: 390340
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1589
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 11:17:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 22 Feb 2024 13:02:00 GMT

GET
H3 200 und_deine.png
tpc.googlesyndication.com/sadbundle/14558132505720257097/ Frame DFC8 764 B
792 B 54ms
52ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/14558132505720257097/und_deine.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64c7c8573dd52ad669d2921c9fb8a6d287bfeb1bece2c2fff0126ba67d6af632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 06:05:13 GMT
x-content-type-options: nosniff
age: 328947
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 764
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 11:17:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 23 Feb 2024 06:05:13 GMT

GET
H3 200 logo300x250.png
tpc.googlesyndication.com/sadbundle/14558132505720257097/ Frame DFC8 2 KB
2 KB 52ms
51ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/14558132505720257097/logo300x250.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f8331e5c238d58840645b759f3c9c406d3a2c4c190f73d133e5a0a4074469cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 08:56:48 GMT
x-content-type-options: nosniff
age: 405052
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1679
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 11:17:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 22 Feb 2024 08:56:48 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/17580274928621490323/ Frame 44C4 999 B
1 KB 45ms
45ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17580274928621490323/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11b776291b10450d97dc09000d8506b997fee8fa64385a956e6e4b9135ab6a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 03:15:16 GMT
x-content-type-options: nosniff
age: 166344
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 999
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 19:10:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 25 Feb 2024 03:15:16 GMT

GET
DATA 200
OK truncated
/ Frame 44C4 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 csi
csi.gstatic.com/ Frame 44C4 0
54 B 421ms
144ms Ping
image/gif 2607:f8b0:4000:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lem54gi8&c=880562418011&slotId=440281209005.5&qqid=CODH05PGtP0CFTae_QcdsmYLWQ&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=rda&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d54fb258837bdf5831cf74a7a03ab0b6.js?tag=video_mra/web_raspberry_ms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4000:807::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 01:27:41 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/4603585725014596012/ Frame 44C4 66 KB
66 KB 39ms
39ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4603585725014596012/14763004658117789537

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3f785fc35ac92b5ebf9bf1e959ae3ec3421e8a39bf68e09696ce65c8355b64c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 00:23:22 GMT
x-content-type-options: nosniff
age: 90258
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67998
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 19:10:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 26 Feb 2024 00:23:22 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 44C4 0
0 92ms
89ms Fetch
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CHAe-Cgf8Y-CaMra89u8Pss2tyAX_yZmLb7W_zon9EKKYkreeHRABINm1lwNgleKQgqAHoAH29smLA8gBCakCw_wrOVGysT6oAwHIA8sEqgTIAU_QMiH-RQQ3ZlwTs9L1lb75ikVnnO0-3G7yxYElyBUMqHLc41izmhGBr5Gf2eQOOndxcpsO7McZUE743i9i7-2gajDQvMRFJW-D-ewsa0vMVrqu8u2Z8D95ou7YT6bjfIPqVS_yOxiHm_GoeU6CTGFwQiG2tiE-jhlstwdxR76rKP8j7PXv2rNsBu6MCnliJAyGmVaKz4fHth6y73SRgYBpageD6un2Y-xaJcrpBR5Zwee60mmQ28JUUO4RQALmyUDKR1d7CPBPwASz67SnowSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH0au7nQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDevivSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgTnBvYEw3QFQGAFwGyFxwKGggAEhRwdWItODAwNTg1NDk4NzUyMDk1OBgA&sigh=iPU_lOZTo2I&uach_m=[UACH]&cid=CAQSGwDUE5ympcobQquxqA7_aCGv6Y_jSidkRt8nvRgB&template_id=3484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8005854987520958&output=html&h=280&slotname=3467030852&adk=4073035317&adf=2491610110&pi=t.ma~as.3467030852&w=336&fwrn=4&fwrnh=100&lmt=1677461257&rafmt=1&format=336x280&url=https%3A%2F%2Fwww.psxhax.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677461258476&bpp=7&bdt=1109&idt=302&shv=r20230222&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1180x280&nras=1&correlator=7039962653905&frm=20&pv=1&ga_vid=695592936.1677461259&ga_sid=1677461259&ga_hid=78615684&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=459&ady=839&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C44759837%2C31071756%2C31072349%2C31072479&oid=2&pvsid=865209615759606&tmod=925318156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=cE77dPpdAE&p=https%3A//www.psxhax.com&dtd=306
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 27 Feb 2023 01:27:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 44C4 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5eb0a4e513761f5f62294c9f60b78cf017147633b7190100461643bfacfc1f27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

206

videoplayback
r4---sn-5hnekn76.gvt1.com/ Frame 44C4
Redirect Chain

https://redirector.gvt1.com/videoplayback?id=51ff753b6f8b6181&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1677468460&sparams=ip,ipbits,expire,id,...
https://r4---sn-5hnekn76.gvt1.com/videoplayback?id=51ff753b6f8b6181&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1677468460&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...

959 KB
959 KB

92ms
16ms

Media
video/mp4

2a00:1450:400e::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-5hnekn76.gvt1.com/videoplayback?id=51ff753b6f8b6181&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1677468460&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=47E38F31775D5BBB580A93E90E4848B82FC8C34C.143B5B9319DE9EAD0897A649863B2385E13E5CDD&key=cms1&cms_redirect=yes&mh=0L&mip=2a03:1b20:6:f011::9e&mm=28&mn=sn-5hnekn76&ms=nvh&mt=1677459970&mv=u&mvi=4&pl=48

Requested by

Protocol

Server

2a00:1450:400e::9 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

aceb19a95fe33eeb375fd1fbd728d33781d47adf97112ef7b07342ea93921336

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

client-protocol: quic
date: Mon, 27 Feb 2023 01:27:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 22 Feb 2023 15:05:52 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-982298/982299
cache-control: private, max-age=6899
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 982299
expires: Mon, 27 Feb 2023 01:27:41 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Feb 2023 01:27:40 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r4---sn-5hnekn76.gvt1.com/videoplayback?id=51ff753b6f8b6181&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1677468460&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=47E38F31775D5BBB580A93E90E4848B82FC8C34C.143B5B9319DE9EAD0897A649863B2385E13E5CDD&key=cms1&cms_redirect=yes&mh=0L&mip=2a03:1b20:6:f011::9e&mm=28&mn=sn-5hnekn76&ms=nvh&mt=1677459970&mv=u&mvi=4&pl=48
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 707
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 44C4 28 KB
28 KB 39ms
38ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:36:43 GMT
x-content-type-options: nosniff
age: 280257
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 19:36:43 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 44C4 0
234 B 282ms
142ms Ping
image/gif 2607:f8b0:4000:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lem54gii&c=880562418011&slotId=440281209005.5&qqid=CODH05PGtP0CFTae_QcdsmYLWQ&umsem=0&ape=1&ple=1&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F30ff74cd17fac218005202762a48c647.js%253Ftag%253Dclient_fast_engine_2019&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d54fb258837bdf5831cf74a7a03ab0b6.js?tag=video_mra/web_raspberry_ms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4000:807::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 01:27:41 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 44C4 0
54 B 281ms
142ms Ping
image/gif 2607:f8b0:4000:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lem54gmb&c=880562418011&slotId=440281209005.5&qqid=CODH05PGtP0CFTae_QcdsmYLWQ&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252Fd54fb258837bdf5831cf74a7a03ab0b6.js%253Ftag%253Dvideo_mra%252Fweb_raspberry_ms&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d54fb258837bdf5831cf74a7a03ab0b6.js?tag=video_mra/web_raspberry_ms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4000:807::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 01:27:41 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 44C4 0
54 B 281ms
143ms Ping
image/gif 2607:f8b0:4000:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lem54gmc&c=880562418011&slotId=440281209005.5&qqid=CODH05PGtP0CFTae_QcdsmYLWQ&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F3d1f1376e308865cf68987b0ba581d94.js%253Ftag%253Dmysidia_one_click_handler_one_afma_2019&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d54fb258837bdf5831cf74a7a03ab0b6.js?tag=video_mra/web_raspberry_ms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4000:807::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 01:27:41 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012302031721000/ 23 KB
8 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/amp4ads-host-v0.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3c9f5daf0a2f6da1cf20dbf7053d2d013871073475886b630966076703a934d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 22 Feb 2023 12:19:13 GMT
age: 392907
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7852
x-xss-protection: 0
server: sffe
etag: "4b3c1ed102aae659"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 22 Feb 2024 12:19:13 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DFC8 2 KB
2 KB 40ms
39ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012302031721000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 18:56:34 GMT
x-content-type-options: nosniff
server: cafe
age: 23466
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 27 Feb 2023 18:56:34 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DFC8 295 B
319 B 39ms
39ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012302031721000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 22:54:35 GMT
x-content-type-options: nosniff
server: cafe
age: 9185
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 27 Feb 2023 22:54:35 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C295 42 B
174 B 77ms
76ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss7dIcP4wGeE1c_6AKfMM9X4Ch9gM_rTZRZz0-FXgyeXoXUoBcKOQVnkXkcAOkLMD3NBXv6aGYBLxiCZa7HoJXGH4qeS7DxfeQhdc_5Z6PoUmj39MrW72IQjQu68JQXwnzesV2tvw&sai=AMfl-YRPKYP7H0t01eFigtR6VoVYdgDvnsmFAPGLMVKHCpZGJuXDEjbpwPm404xTu6axXjptMRRCo64QaR7n&sig=Cg0ArKJSzCT1voAgvBmaEAE&cid=CAQSGwDUE5ymHHlovFz8alfrJzAb1l-zpfY3GtPMqxgB&id=lidar2&mcvt=1008&p=0,0,124,1005&mtos=147,830,1008,1085,1112&tos=147,683,178,77,27&v=20230222&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=85976721&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677461259543&rpt=328&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 01:27:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 44C4 42 B
64 B 77ms
77ms Image
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CyWTlCgf8Y-CaMra89u8Pss2tyAX_yZmLb7W_zon9EKKYkreeHRABINm1lwNgleKQgqAHoAH29smLA8gBCakCw_wrOVGysT6oAwHIA8sEqgTLAU_QMiH-RQQ3ZlwTs9L1lb75ikVnnO0-3G7yxYElyBUMqHLc41izmhGBr5Gf2eQOOndxcpsO7McZUE743i9i7-2gajDQvMRFJW-D-ewsa0vMVrqu8u2Z8D95ou7YT6bjfIPqVS_yOxiHm_GoeU6CTGFwQiG2tiE-jhlstwdxR76rKP8j7PXv2rNsBu6MCnliJAyGmVaKz4fHth6y73SRgYBpakWBy3sCog4U3Sj7obteXWqh8mMm0exM-lSsR55hZGrmX6Gf8r63RaZOwASz67SnowSgBi6AB9Gru50BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHzICqgI6AoBAsQl9u25J7IDin4AKAZgLAcgLAYAMAbgMAbgTnBvYEw3QFQH4FgGAFwE&sigh=a07jAP9XRAU&cid=CAQSGwDUE5ympcobQquxqA7_aCGv6Y_jSidkRt8nvQ&label=adresume

Requested by

Host: www.psxhax.com
URL: https://www.psxhax.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8005854987520958&output=html&h=280&slotname=3467030852&adk=4073035317&adf=2491610110&pi=t.ma~as.3467030852&w=336&fwrn=4&fwrnh=100&lmt=1677461257&rafmt=1&format=336x280&url=https%3A%2F%2Fwww.psxhax.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677461258476&bpp=7&bdt=1109&idt=302&shv=r20230222&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1180x280&nras=1&correlator=7039962653905&frm=20&pv=1&ga_vid=695592936.1677461259&ga_sid=1677461259&ga_hid=78615684&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=459&ady=839&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C44759837%2C31071756%2C31072349%2C31072479&oid=2&pvsid=865209615759606&tmod=925318156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=cE77dPpdAE&p=https%3A//www.psxhax.com&dtd=306
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 01:27:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js Show response
pagead2.googlesyndication.com/bg/ Frame 8F83 36 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb837e65b616796cc6b6fc120abae74c455917f91710fc15e900128cfa86600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 21:29:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 100662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14233
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 25 Feb 2024 21:29:59 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 44C4 42 B
64 B 73ms
73ms Image
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.psxhax.com
URL: https://www.psxhax.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8005854987520958&output=html&h=280&slotname=3467030852&adk=4073035317&adf=2491610110&pi=t.ma~as.3467030852&w=336&fwrn=4&fwrnh=100&lmt=1677461257&rafmt=1&format=336x280&url=https%3A%2F%2Fwww.psxhax.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677461258476&bpp=7&bdt=1109&idt=302&shv=r20230222&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1180x280&nras=1&correlator=7039962653905&frm=20&pv=1&ga_vid=695592936.1677461259&ga_sid=1677461259&ga_hid=78615684&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=459&ady=839&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C44759837%2C31071756%2C31072349%2C31072479&oid=2&pvsid=865209615759606&tmod=925318156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=cE77dPpdAE&p=https%3A//www.psxhax.com&dtd=306
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 01:27:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 53ms
52ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230222&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cec9fdff06b9d7ac3532e98998752887b7388c157995cff570c2b4f265a2aeb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11349
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Feb 2023 01:27:41 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3BE6 42 B
64 B 75ms
75ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstjuiSoekIJXEwIl0N3Mio4EWHbRH7yqyUfzROcjdocWfjKoUtuWoONolCEFcQ2ONY4ZLPxBDScuvpeENrX68b5Jf5KamzLFQNBsXcDPncoVZYkGu1KLaRUJtZbiBrT31C3TpLRqQ&sai=AMfl-YTrvymW8NGHw9_TquL8EtitHMgIdON7EoWSE1Mw4FakVLNOIxcSIIXgIP-V7lzD7O9s7ftLTmvMohQR&sig=Cg0ArKJSzIYYc0B2uBx-EAE&cid=CAQSGwDUE5ympU4Nzu81NCtovWDmXSK9-9pBU3iQTBgB&id=lidar2&mcvt=1000&p=0,0,280,1180&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230222&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3092499905&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677461258768&rpt=1837&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 01:27:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2223 13 KB
5 KB 39ms
39ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.psxhax.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 16595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 26 Feb 2023 20:51:06 GMT
expires: Mon, 26 Feb 2024 20:51:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame ED75 783 B
534 B 48ms
48ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cdcb99a1ed9277cdf63b49fa5c028be424581e7966175ce9a1a6c02b3aaef8cc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eDUDKycIG3_8yfjuUiyQFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.psxhax.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-eDUDKycIG3_8yfjuUiyQFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 01:27:41 GMT
expires: Mon, 27 Feb 2023 01:27:41 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js Show response
pagead2.googlesyndication.com/bg/ Frame 2223 36 KB
14 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb837e65b616796cc6b6fc120abae74c455917f91710fc15e900128cfa86600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 21:29:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 100662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14233
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 25 Feb 2024 21:29:59 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame ED75 0
0 72ms
72ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230222&jk=865209615759606&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2223 0
12 B 38ms
38ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?hQWYzA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:27:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 44C4 42 B
64 B 76ms
76ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu_mw_Jcv1vuJAtV6O1gcsyQk_nQZEBS1hiUgfpP1pvbM0okDeKyhnq5LgMSE5plaHFShhPdGrJMpzt5Cq6T4eO6VWzCpYabZfzMR70sG_vTeJfS08qfzBzeFZYeSrH6KYIm6a7iA&sai=AMfl-YS-JLh2LLk3xLzOGJTYdd0AmSW0tNQhzEnJZ9Pb5slnN-v0J5_pdCRVBlC8VHswVjm0jGWvhAF0Bpzb&sig=Cg0ArKJSzMYzI9aZpvioEAE&cid=CAQSGwDUE5ympcobQquxqA7_aCGv6Y_jSidkRt8nvRgB&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230222&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4073035317&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677461258783&rpt=2343&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 01:27:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 44C4 0
54 B 144ms
143ms Ping
image/gif 2607:f8b0:4000:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=5~lem54gmc&c=880562418011&slotId=440281209005.5&qqid=CODH05PGtP0CFTae_QcdsmYLWQ&dm=20000&event_name=first_play&asset_bytes=91101&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=10&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=3&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.lem54h1e
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d54fb258837bdf5831cf74a7a03ab0b6.js?tag=video_mra/web_raspberry_ms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4000:807::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 01:27:42 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 75ms
74ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230222&jk=865209615759606&bg=!UFOlUwfNAAZYlHKzeJQ7ADkAdvg8Ws102qrYwR3k5nG7D34SXdJJyI2pwUGohXz649_0JgQCxj7m8AITC21aEXtRWH9pHsKPt1cCAAAAblIAAAADaAEHCgAMiZBEnhMegB76vUhGmQKmY7EIXxEa8Q8HfbhOIbIb4_iTSf6uGxf11MjkbSsb-gEMrdoZB2njG5bHfolvRaZo3ORBYHYVs9vKAvR-Ar6Rmgw01f02xv2Tpz75y9qSLa5XFB6ggRDinmq1-5yDkVoY8_aXLm01u3AfUMloYuyaV2kCERwJ5XQk2XREyFEs_Iq4eaEeb9MLhH-XTLlNIjMES4hyGsEUEHYSXhdaiL2G72OO51msaomskwYuuaNjDYXX2M0QtkReBeIu5-Y2UNU1wX7kusuI3KZrvVBMN9u2khD2mpuCuXBlfSIz1mIhGVGCI1efGJmeLub1TwNBI0T0UpifpuFC1plwxEwbalU5jTb2mVJNuerYFnbcJF4twVP5FMl9tAh2q1PznIYU6j2oqUcYrY0Rj1NwY0eNUKuWYk77RCDmPp7kmqIQFKlxGLZrB-kM8tngNBFJAsszrC9osEyNx7k1fgZCnqg__lTwJmzVW2b-i9lqBVP5rhNCG2im1YZ7EGD5wE3vYyQ-ApRRQh7R8zWJhn0nklxC8Ci2uV1XsFNERSFtX5Iylp1H7ieQOpH6PdiMO7N5HIhf_YZdClZ4m_Fw63dFkQPUqzj7wShpLv6nHTC_YlzfGPtRG8x9sZTu_weZfxRh1t6XMfLmKERVykSyim9fBEwWZDsheyz4qQC1lzuWaWrUO0Cciu__Rj3sR0ou6K7mn0HosaiFTxB8Z5maZhM-jrmOSDeRKokA2db2M0FKa9pFKSalm30SmXtW9tTxu-hKPSqKSEAwyyUEgwh8WQEnPQDvzXp65xRcdm240h_cm6ECxcefwPj6jbwYSW0J4jfBPir-4KBiWB0yN0pCJVWek3joSVgwHKODunxmt_d5Ic5_XUKYUZdPCoGcPALkQYLg6Ac86GSgN-DtgU4i
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.psxhax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: vibrant.mgr.consensu.org
URL: https://vibrant.mgr.consensu.org/consent_widget.js

Verdicts & Comments Add Verdict or Comment

132 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.psxhax.com/	1969-12-31 23:59:59	Name: xf_csrf Value: cxGU4Tby9MvMUoyS
.psxhax.com/	1970-01-20 19:33:41	Name: _ga_352644057 Value: GS1.1.1677461258.1.0.1677461258.0.0.0
.psxhax.com/	1970-01-20 19:33:41	Name: _ga_P2FNCYD56C Value: GS1.1.1677461258.1.0.1677461258.0.0.0
.psxhax.com/	1970-01-20 19:33:41	Name: _ga Value: GA1.2.695592936.1677461259
.psxhax.com/	1970-01-20 09:59:07	Name: _gid Value: GA1.2.1583740305.1677461259
.psxhax.com/	1970-01-20 09:57:41	Name: _gat_gtag_UA_97902629_1 Value: 1
.psxhax.com/	1970-01-20 19:19:17	Name: __gads Value: ID=9c93f3f59585745a-2256986e2fdd00fa:T=1677461258:RT=1677461258:S=ALNI_MY9M-htH5o3T4BW8kivrXRvGoHHKQ
.psxhax.com/	1970-01-20 19:19:17	Name: __gpi Value: UID=00000bbc5d4adccc:T=1677461258:RT=1677461258:S=ALNI_Mb02iAyD5pzt4_1nEEcn6vRttJmug
.doubleclick.net/	1970-01-20 19:19:17	Name: IDE Value: AHWqTUkAPFeOaVShPv3xzQZHFjfn40BiyCqN-0fooexxERi_aJNjSQ2ETOTCHEKCwf4
.doubleclick.net/	1970-01-20 09:57:42	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 09:57:44	Name: DSID Value: NO_DATA
.yahoo.com/	1970-01-20 18:43:38	Name: A3 Value: d=AQABBAwH_GMCEAfPLSKH2aNphyNaHd6G41EFEgEBAQFY_WMFZAAAAAAA_eMAAA&S=AQAAAvE02diK-H2EDA8tVM9pBqc
.analytics.yahoo.com/	1970-01-20 18:43:17	Name: IDSYNC Value: 18gs~2a81
.casalemedia.com/	1970-01-20 18:43:17	Name: CMID Value: Y-wHDMx9LkVdzN5yCBaUuAAA
.casalemedia.com/	1970-01-20 12:07:17	Name: CMPS Value: 3396
.casalemedia.com/	1970-01-20 12:07:17	Name: CMPRO Value: 3396
.pubmatic.com/	1970-01-20 09:59:07	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 18:43:17	Name: KADUSERCOOKIE Value: AB9C5370-6F7C-43EF-928D-F631477BF252
.spotxchange.com/	1970-01-20 10:38:00	Name: audience Value: ed1edc83-b63d-11ed-b22e-180e33a50206
.demdex.net/	1970-01-20 14:16:53	Name: demdex Value: 75170783316888296191649425908179333557
.dpm.demdex.net/	1970-01-20 14:16:53	Name: dpm Value: 75170783316888296191649425908179333557
.pubmatic.com/	1970-01-20 10:40:53	Name: KRTBCOOKIE_1051 Value: 22884-18072662250093743627
.pubmatic.com/	1970-01-20 10:40:53	Name: PugT Value: 1677461260
.krxd.net/	1970-01-20 14:16:53	Name: _kuid_ Value: PZ1fx9D4
.tribalfusion.com/	1970-01-20 12:07:17	Name: ANON_ID Value: aAnwvQqO2ceU2OqnvhrHgmRu3CrKcgLeZbZdwTJ4TEZbXlqUQO9S80xcYFsy7EF0ncJkZbdQ3N7JvSnghp9ohYCH35JRKHrwwWLGuotuOS9q2WtH3bZbUNHYg4qns

16 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://vibrant.mgr.consensu.org/consent_widget.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	warning	URL: https://tags.expo9.exponential.com/tags/PS3News/Portal/tags.js(Line 828) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://s.tribalfusion.com/displayAd.js?dver=0.9&th=7997709702, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://tags.expo9.exponential.com/tags/PS3News/Portal/tags.js(Line 828) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://s.tribalfusion.com/displayAd.js?dver=0.9&th=7997709702, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://tags.expo9.exponential.com/tags/PS3News/Portal/tags.js(Line 1697) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7997709702&tagKey=1258583474&site=ps3news&adSpace=portal&center=1&size=300x600,300x250&env=display&url=https%3A%2F%2Fwww.psxhax.com%2F&f=0&p=1181617&tKey=aJmneMPsnsQdJw0drsWPYNPF3kR9UuQC&a=1&adContainerId=richmedia_2&rnd=1179636, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://tags.expo9.exponential.com/tags/PS3News/Portal/tags.js(Line 1697) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7997709702&tagKey=1258583474&site=ps3news&adSpace=portal&center=1&size=300x600,300x250&env=display&url=https%3A%2F%2Fwww.psxhax.com%2F&f=0&p=1181617&tKey=aJmneMPsnsQdJw0drsWPYNPF3kR9UuQC&a=1&adContainerId=richmedia_2&rnd=1179636, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7997709702&tagKey=1258583474&site=ps3news&adSpace=portal&center=1&size=300x600,300x250&env=display&url=https%3A%2F%2Fwww.psxhax.com%2F&f=0&p=1181617&tKey=aJmneMPsnsQdJw0drsWPYNPF3kR9UuQC&a=1&adContainerId=richmedia_2&rnd=1179636(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.doubleverify.com/dvbs_src.js?ctx=3758893&cmp=29304295&plc=359257813&sid=5745037&dvregion=0&unit=300x250, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7997709702&tagKey=1258583474&site=ps3news&adSpace=portal&center=1&size=300x600,300x250&env=display&url=https%3A%2F%2Fwww.psxhax.com%2F&f=0&p=1181617&tKey=aJmneMPsnsQdJw0drsWPYNPF3kR9UuQC&a=1&adContainerId=richmedia_2&rnd=1179636(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.doubleverify.com/dvbs_src.js?ctx=3758893&cmp=29304295&plc=359257813&sid=5745037&dvregion=0&unit=300x250, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=3758893&cmp=29304295&plc=359257813&sid=5745037&dvregion=0&unit=300x250(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.doubleverify.com/dvbs_src_internal117.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=3758893&cmp=29304295&plc=359257813&sid=5745037&dvregion=0&unit=300x250(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.doubleverify.com/dvbs_src_internal117.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn.doubleverify.com/dvbs_src_internal117.js(Line 305) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_195173365168&jsTagObjCallback=__tagObject_callback_195173365168&num=6&ctx=3758893&cmp=29304295&plc=359257813&sid=5745037&advid=&adsrv=&unit=300x250&isdvvid=&uid=195173365168&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&brid=3&brver=110&bridua=3&dup=null&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=0&htmlmsging=1&tstype=1&m1=13&noc=4&fcifrms=5&brh=2&fwc=0&fcl=425&flt=18&fec=493&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DADI92I%5D4%40%3ETau&dvp_exetime=16.90&callbackName=__verify_callback_195173365168, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn.doubleverify.com/dvbs_src_internal117.js(Line 305) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_195173365168&jsTagObjCallback=__tagObject_callback_195173365168&num=6&ctx=3758893&cmp=29304295&plc=359257813&sid=5745037&advid=&adsrv=&unit=300x250&isdvvid=&uid=195173365168&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&brid=3&brver=110&bridua=3&dup=null&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=0&htmlmsging=1&tstype=1&m1=13&noc=4&fcifrms=5&brh=2&fwc=0&fcl=425&flt=18&fec=493&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DADI92I%5D4%40%3ETau&dvp_exetime=16.90&callbackName=__verify_callback_195173365168, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn.doubleverify.com/dvbs_src_internal117.js(Line 738) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://tags.expo9.exponential.com/tags/ContentVerification/AdVerificationBackup_DV/tags.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn.doubleverify.com/dvbs_src_internal117.js(Line 738) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://tags.expo9.exponential.com/tags/ContentVerification/AdVerificationBackup_DV/tags.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://tags.expo9.exponential.com/tags/PS3News/Portal/tags.js(Line 1697) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7997709702&tagKey=1258583474&site=contentverification&adSpace=adverificationbackup_dv&center=1&size=300x250&env=display&url=https%3A%2F%2Fwww.psxhax.com%2F&f=0&p=1181617&tKey=aJmneMPsnsQdJw0drsWPYNPF3kR9UuQC&a=3&adContainerId=richmedia_4&rnd=1184520, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://tags.expo9.exponential.com/tags/PS3News/Portal/tags.js(Line 1697) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7997709702&tagKey=1258583474&site=contentverification&adSpace=adverificationbackup_dv&center=1&size=300x250&env=display&url=https%3A%2F%2Fwww.psxhax.com%2F&f=0&p=1181617&tKey=aJmneMPsnsQdJw0drsWPYNPF3kR9UuQC&a=3&adContainerId=richmedia_4&rnd=1184520, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=85976723&client=ca-pub-8005854987520958&fa=3&ifi=5&uci=a!5&btvi=2&xpc=1I3E5whKk6&p=https%3A//www.psxhax.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
a4.tribalfusion.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
beacon.krxd.net
cdn.ampproject.org
cdn.doubleverify.com
cdnx.tribalfusion.com
csi.gstatic.com
dpm.demdex.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image6.pubmatic.com
images.intellitxt.com
k.intellitxt.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
public-prod-dspcookiematching.dmxleo.com
r4---sn-5hnekn76.gvt1.com
redirector.gvt1.com
region1.google-analytics.com
rtb0.doubleverify.com
rtbc-eu3.doubleverify.com
s.tribalfusion.com
simage2.pubmatic.com
sync.search.spotxchange.com
tags.expo9.exponential.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
us-u.openx.net
vibrant.mgr.consensu.org
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.psxhax.com
vibrant.mgr.consensu.org
104.18.12.14
13.224.189.82
184.73.143.27
185.64.190.78
185.64.190.80
185.80.39.216
185.94.180.126
188.65.124.66
2001:4860:4802:34::36
2606:4700:3037::ac43:a839
2606:4700::6812:19ad
2606:4700::6812:cdb
2607:f8b0:4000:807::2003
2a00:1450:4001:800::2001
2a00:1450:4001:800::2003
2a00:1450:4001:806::2008
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2002
2a00:1450:400d:804::2002
2a00:1450:400d:80c::200a
2a00:1450:400e::9
2a02:26f0:64::210:6ad8
3.126.56.137
34.149.12.213
34.255.170.214
34.98.64.218
54.195.228.119
69.173.144.138
00526e46a0cd4e0849012e53b5a9a2d003af41042d22f7cd4d6e2aaeb38577fd
05b719452e7a240b691564a0e0bb3280195cde4ece957993a3fe28f2250fb914
05cfb7a0197d0db39e9115c9388f6808d1aa4411e7c578042a35bc6fe046085b
07b0ad1bc3c3b0639fd0c0cc9abdf0360b7c0479a98dbb03e603028786cab310
090410043ee58852a8b85e0e303ca3c5cc96cbed13b2473abdfab0458189b644
097e0f411d0b49be37ec14420efe5b229ac5a05caf424dff528d0b6e0a43d8d8
0c2ff2b081ffb0a6be13a2c93c2d212f51ca3b615ced598b2554e77743a7324f
0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f
0d60cda7691b0c9bb87c98dc37cf9752e3617019b9a78412f13cb3bd353cbafe
0fdf2f6e6ccde71ef78801016c08a8d810233c1095ec1b48c0645c685ffd9e7e
11b776291b10450d97dc09000d8506b997fee8fa64385a956e6e4b9135ab6a2a
1739fd1679db5759365314334a60c98c428d690b8a137aaa0964ca212eadc6ec
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e5078e029cecec0cb3ed133773f0345ff4a7ec2866f95dff0c537deb25a55f
1b5b8f0ad450769ab0ea0283dbc0d9dcbe66482a70ae1a569a67283682b5883f
200fb7b935a9e421c3489841a3b89f69cc3381c2ef175f09289fc62fec221b8a
21a90dc9cf31d20a02e0d9b21f59d990f3713d844aa2188cd7dfa04d10945615
24e884826b5cd569ce84c3359aa45f74b5f2fc4ea999ec5a351f2f654b024b18
265a752b1fd3f3cb1e3bfaf799c1fed7a5fa5cb7c6f86e2aa3ba78d0349881c0
27e1e0f7700307d18bb40a09bf5e6d7272f26f1791ee0a1ebcfc524cc1fd9767
2dec4db6a28ba53832770dd003af3cc78bf7375b7d67d0f7a1439cf65ad7b852
2df8af9e166d0820e41c363dd3016989135f9c52630782b87f26dafadb3ff66b
2f3a3e39820c10b9cd68fe9060c18ab70365d00c043d7f912025a915c931eb59
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33cf544ad9b2702ef8cc549ae1fbec26a2afb0ad835c0e3e863b367e18f338dc
3507ca14c84cbffccd872e634a84d93f50882c817e66ffdf2643a7ed884a205e
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
38935741f6939baa18b56370cf3e8a1b20e1e52439ded7d8dd4c5e39a5ca2672
3bba1bb5847e0990d0d2983df61e98417272fc1aa014b09c4f8dda08e7b103ac
40869d226f2679241564c3a8a9b140978cae222209ec4b0019dc4bf7a5c3350a
40e4ff04ebeb3d44c46c9450712b925033e65401a1703c717e8369be1662ad55
4419b4060c0303d336099b4a3fdae889bc607150c833a9a0c1c36e15162c0d3c
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
461d807c1206e92d0e6c19fc7dd837098ecd7c9fb5c40ee4705267368445b927
487eed958338e0f116a58a980300edd0aefe126e24bc7a45815919f4b8ca3be9
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b55201112fe21a0737eae946afdde2cc495c5150ccbafb1105c1bebeeb3e2c3
4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50ff8f6189413a33afbb07569cf756f8bda593c9259ef09bc05f0935f353ede2
52e4a8f7d613a3c0b79f02622ae61f93ac544a3075f4f8b4c91047c499beb277
537bf54420bb62c05494d6f7d335b4acb15b9ce0bbc9cd31882ac802a43c69bb
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58de43c7c5a0f68e32080ca2ff32fcdcbedcbcb2f16e53cd8c6a78dcb5937291
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5aeccd2ca34fb7ba2049ac9a11d28598674c3edde575433bc28eb9ee70fe5180
5b3ca0200ff5cfab525b7e2edc4e6e8143d7ed46d748b89f8f1979a234fac996
5d1e47a92515bb64dc3baed730c0cb900533d193a121502e5c23fcccc2dc0cef
5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140
5eb0a4e513761f5f62294c9f60b78cf017147633b7190100461643bfacfc1f27
5fc850737e688d6d4a3f2b0a12c3fbc59a55f2ee935c0104e5e363222c7eb9ee
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62a4de2f1e555aecfb672450842ad5074f9c36da3e87db0c27184a4ee377b1e0
64c7c8573dd52ad669d2921c9fb8a6d287bfeb1bece2c2fff0126ba67d6af632
690577ffb7b424234d23d717f8919dd6b58f86a4b1d2d93b88323863e24ccba2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b91af53030bb52a2ed20df5530fd1e98e1c7ec2ab934b1830c3861ba0f09235
6f1e5c227263c141d5ce2acbc5d2a4a2b5fbf4c07e33a0b311e804bf53a89014
71929fb7324254398ac279ed50cc260459fd3f38efd6fc528320b6318e627aef
7602d5ede590debc68e8aa1b09ecd91f9cfed9cb1dce3d750130bfc6b2193fab
7de886a084ff33bba971a067938a541d20340782ca5a77f0e8879f6571f42fb4
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1
82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a
83a085295631ebdab7f6be50bb3f7d3a190a950956724bb2feaf7aa9f6e0b3b7
83b59a029a0db2bc865481a5268bf671a1d4a8248174764245aeaeb5f102660e
86dbdb58da84e2ea85f4620a126984e174ea1b04ff6e1d7eec6bf86245fe21bb
915302dbb43ae6feae38d2b80a86170cfb93116998d4b299505dcd32bc161035
9161f345320ccafa2602a032f8e9d080e70b6a06ccd90635102d21d43d8fbce3
9282b885825f1f265eb093acf11379fc90dd4e156588a02790c1515822e79858
943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c
96177240c84a6aa5de79191dca2cd556250124c874c8670c032eae6b15d5db33
9a80a0a58507b0b82c039136cd934409a56e161b0bc3911986f44decae259010
9bdc3186fc90d0cb4def0a01b98cad4669927d52ae2711e86ae62790551290d3
9c35289b5df250554848a64bfe520d6325a225953a7aa1b8903eb6d268b5efa5
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9ec346a30024f1315c28131030a9e022321c12c3197321ace610fe2de668cb50
9f8331e5c238d58840645b759f3c9c406d3a2c4c190f73d133e5a0a4074469cc
a0978b69cf9f462ef95abbd673d3f4795edba8b87f4dd4ba4df6e90310a45412
a47a8a24cb3e6da390d4280d4b8037c7059f5a4d461e8924f3d394199842560f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
abd5e658fda33bac367674d1ba9e127ca15c7f08cec092aeb2ee5cf399e7849b
aceb19a95fe33eeb375fd1fbd728d33781d47adf97112ef7b07342ea93921336
acf59fc0c783f301c9c29c076ed1dffb35db7d8748b696074087ca30e2e672e8
b1847455b48dc4cfb9fc45b2757bfe78408f3e45f86b6a8bee59b6617dc85c2e
b3f785fc35ac92b5ebf9bf1e959ae3ec3421e8a39bf68e09696ce65c8355b64c
b6706b5e35359938604c944a8b3f6e032aa5b292b869ce69c016f42215892c85
ba19faac6bd73edb5f9e01ba689cf1e5422c01a1ad1d6632dd75d282307ff3ed
bc783128bc3c4e9617018c8bdbbe476d07da0725350e4ff1a247ec614c830844
bf604d68a81b4f3042807e4f9561e19db4130802cad8c53b39549c383a86ff77
c14c44f9400c6362d84a6d1e30955fb1b648bbcf248ebff1c6730687cfc17fc4
c2497d559960ba9e1c68f41674e8bc980d3b229155e068bc7f42f157f81c4388
c41951d1a73eead732038b53f90bbcefce48eb622446eed59c5431b01afbda8c
c6ebd5451c5ac8155217093ed656a5eef49ab9d1ffe0c979de54bfb5a2f958c9
c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c
c803ce6d437915781a624a97755010f88deffd73bcf1a8e40fe98fc2d0e1ca3d
cdcb99a1ed9277cdf63b49fa5c028be424581e7966175ce9a1a6c02b3aaef8cc
ceaaae50bbaddeef8ce7921a4eee48a70dd2732986ee8b7fc636df24657a8b76
cec9fdff06b9d7ac3532e98998752887b7388c157995cff570c2b4f265a2aeb1
d4275796e9f1cfa6219c319180a5adcbf3da9c0f753c719fe4c48d43addff507
d6d9aff8dd7c2f65f16c77e451555fc8a3cc542e90ae02070d258a2ab275cfc1
d6e01b3d66e1eaea3fe19724980199a21c0942e0c886821d55959337d061e77d
e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6f8d3f9f2e56fd5910129867513cc25550919e2cc50f8ecafd9d100fb2e44cc
e70d2d76e64988bc90450f1ce0f9c1d87894d3e51b91fad964cfde3be126ae31
ea488b4ce9e192ce45a4da3bccae3141a3b7ded30dccc39c09923c3b0dbf6105
ecb837e65b616796cc6b6fc120abae74c455917f91710fc15e900128cfa86600
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3c9f5daf0a2f6da1cf20dbf7053d2d013871073475886b630966076703a934d
f40bc51626ab62cf700d5f776661e29938b0d44a23a0e414a812ff172765e0df
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f511a870bd81bde72b92960ca2984bcb810ef657f7f2a842f8c5787b28f13113
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fccd2f4c84bd553f6f79ff7f8a8e6347161b0fa37db6c9fb7389e80b2c71a8c6

www.psxhax.com Open in urlscan Pro 2606:4700:3037::ac43:a839 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

187 Requests

95 %HTTPS

62 %IPv6

27 Domains

41 Subdomains

31 IPs

8 Countries

4554 kBTransfer

8787 kBSize

25 Cookies

5 Outgoing links

Redirected requests

187 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.psxhax.com Open in urlscan Pro
2606:4700:3037::ac43:a839 Public Scan

Screenshot
Live screenshot

Full Image

187
Requests

95 %
HTTPS

62 %
IPv6

27
Domains

41
Subdomains

31
IPs

8
Countries

4554 kB
Transfer

8787 kB
Size

25
Cookies

187 HTTP transactions
9 data transactions