urlscan.io logo urlscan.io
SecurityTrails logo

bloodhelpers.com Open in urlscan Pro
2400:8901::f03c:91ff:fe3e:c414  Public Scan

Go To Rescan Add Verdict Report
URL: http://bloodhelpers.com/
Submission: On July 25 via api from KR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 3 countries across 11 domains to perform 83 HTTP transactions. The main IP is 2400:8901::f03c:91ff:fe3e:c414, located in Singapore, Singapore and belongs to LINODE-AP Linode, LLC, US. The main domain is bloodhelpers.com.
This is the only time bloodhelpers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

36    2400:8901::f03c:91ff:fe3e:c414 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)
bloodhelpers.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
10    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.com
1    2600:9000:20c8:ec00:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)
w.sharethis.com
1    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
10    2600:9000:20c8:5600:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)
ws.sharethis.com
1    2600:9000:2057:6200:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
c.sharethis.mgr.consensu.org
1    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    52.58.221.124 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-221-124.eu-central-1.compute.amazonaws.com
l.sharethis.com
1    52.70.94.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-94-235.compute-1.amazonaws.com
count-server.sharethis.com
7    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
7    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
2    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Domain Requested by
36 bloodhelpers.com bloodhelpers.com
10 ws.sharethis.com w.sharethis.com
ws.sharethis.com
bloodhelpers.com
8 pagead2.googlesyndication.com bloodhelpers.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
7 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
2 www.google.com 1 redirects tpc.googlesyndication.com
2 l.sharethis.com w.sharethis.com
bloodhelpers.com
2 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
1 count-server.sharethis.com ws.sharethis.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 c.sharethis.mgr.consensu.org w.sharethis.com
1 www.facebook.com bloodhelpers.com
1 w.sharethis.com bloodhelpers.com
1 ajax.googleapis.com bloodhelpers.com
83 16

This site contains no links.

Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1O1		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-05-26 -
2021-08-24		 3 months crt.sh
sharethis.com
Amazon		 2021-07-19 -
2022-08-17		 a year crt.sh
sharethis.mgr.consensu.org
Amazon		 2021-04-07 -
2022-05-06		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh

This page contains 11 frames:

Primary Page: http://bloodhelpers.com/
Frame ID: FBA4F78EE8F3F8E9097C6891A53A8EE3
Requests: 60 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fbloodhelpers.com&layout=standard&show_faces=true&width=450&action=recommend&font=lucida+grande&colorscheme=light&height=80
Frame ID: 57248C0ADBE03E260D765AEF799857E9
Requests: 1 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: 2D5BA237DE1EB234D72E61DEC55844D9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4081699989175167&output=html&h=600&slotname=1676498701&adk=214556337&adf=3687068580&pi=t.ma~as.1676498701&w=120&lmt=1627253702&url=http%3A%2F%2Fbloodhelpers.com%2F&flash=0&wgl=1&dt=1627253702856&bpp=12&bdt=412&idt=89&shv=r20210720&mjsv=m202107220101&ptt=5&saldr=sa&abxe=1&correlator=6421296585267&frm=20&pv=2&ga_vid=180087971.1627253703&ga_sid=1627253703&ga_hid=1071909973&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1164&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44745303%2C31061979%2C20211866&oid=3&pvsid=3686547446497883&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=EnfY6NOQwr&p=http%3A//bloodhelpers.com&dtd=103
Frame ID: C1A9435DB2281D3FD4524BA91C8154C7
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: D6C5ACAF8AA6AECAFCA16A49E24A696D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js
Frame ID: D2009F00082C95B19D37F0B66AF3A073
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210720/r20190131/zrt_lookup.html
Frame ID: AA6A44259F7A016DE1C54659E6146B54
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4081699989175167&output=html&adk=1812271804&adf=3025194257&lmt=1627253703&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fbloodhelpers.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1627253703903&bpp=2&bdt=1460&idt=2&shv=r20210720&mjsv=m202107220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De708ddfdd029113e-229c5ddb8bc80037%3AT%3D1627253703%3ART%3D1627253703%3AS%3DALNI_MZNOd1E6fXc3KIr3MJBvO9Fc4p1Jg&prev_slotnames=1676498701&nras=1&correlator=6421296585267&frm=20&pv=1&ga_vid=180087971.1627253703&ga_sid=1627253703&ga_hid=1071909973&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44745303%2C31061979%2C20211866&oid=3&psts=AGkb-H_V2M0hXbrtRB9iR2oHxXJmGS3WGssRIVn1I4gj9JueSp1umVDt3Hq-F1VLioVpVYXIKIWVoA8oJY7qQw&pvsid=3686547446497883&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=17
Frame ID: 8407880F62E9B07EEC08A1FD695C70F4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 0A564074D48AF04C0EE53997AFD2847A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 34C4EDF1CB7CCC6BCAFD4A8FC3BE9647
Requests: 1 HTTP requests in this frame

Frame: https://ws.sharethis.com/secure5x/index.html
Frame ID: 430F75871B8459D4CDF24EBB35B6DF68
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

83
Requests

54 %
HTTPS

81 %
IPv6

11
Domains

16
Subdomains

17
IPs

3
Countries

620 kB
Transfer

1615 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fbloodhelpers.com&layout=standard&show_faces=true&width=450&action=recommend&font=lucida+grande&colorscheme=light&height=80 HTTP 307
  • https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fbloodhelpers.com&layout=standard&show_faces=true&width=450&action=recommend&font=lucida+grande&colorscheme=light&height=80
Request Chain 65
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

83 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
bloodhelpers.com/ 		82 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://bloodhelpers.com/
Protocol
HTTP/1.1
Server
2400:8901::f03c:91ff:fe3e:c414 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
26fcc73029e99848bbddfb58a3da0bac842035a60b7a6cb759bbcdd17734955c

Request headers

Host
bloodhelpers.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 22:55:02 GMT
Server
Apache/2.4.18 (Ubuntu)
Set-Cookie
PHPSESSID=deo40tln0le1mkqlhobkug8ot2; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
13779
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
bloodhelper.css
bloodhelpers.com/css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://bloodhelpers.com/css/bloodhelper.css
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
HTTP/1.1
Server
2400:8901::f03c:91ff:fe3e:c414 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
465d576714c8de5cf1f7f962251bcf51d64fb73155a41ebf3ac2525938501a2d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bloodhelpers.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://bloodhelpers.com/
Cookie
PHPSESSID=deo40tln0le1mkqlhobkug8ot2
Connection
keep-alive
Cache-Control
no-cache
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 22:55:02 GMT
Content-Encoding
gzip
Last-Modified
Mon, 31 Jul 2017 09:22:21 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"3d0a-55599916e6221-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
3216
chosen.css
bloodhelpers.com/css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://bloodhelpers.com/css/chosen.css
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
HTTP/1.1
Server
2400:8901::f03c:91ff:fe3e:c414 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
fd0d2d25b0bae9f94ab8afb18b9b5341bec98a9f20926e91bbb528acdccf5dc0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bloodhelpers.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://bloodhelpers.com/
Cookie
PHPSESSID=deo40tln0le1mkqlhobkug8ot2
Connection
keep-alive
Cache-Control
no-cache
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 22:55:02 GMT
Content-Encoding
gzip
Last-Modified
Mon, 31 Jul 2017 09:22:21 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"3dfc-55599916e6221-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2669
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6.4/ 		90 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.6.4/jquery.min.js
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
232066e3f6f1351afdaee1acb70c409766641fd5669e0b55ce7c77fac0a857ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 06:11:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
492184
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32222
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 06:11:58 GMT
chosen.jquery.js
bloodhelpers.com/js/ 		38 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://bloodhelpers.com/js/chosen.jquery.js
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
HTTP/1.1
Server
2400:8901::f03c:91ff:fe3e:c414 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
e498735abec99119623c06b3b289a236709fe4bae0e75f8a2bcdc236c4fa7416

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bloodhelpers.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://bloodhelpers.com/
Cookie
PHPSESSID=deo40tln0le1mkqlhobkug8ot2
Connection
keep-alive
Cache-Control
no-cache
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 22:55:02 GMT
Content-Encoding
gzip
Last-Modified
Mon, 31 Jul 2017 09:22:28 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"998e-5559991d128b1-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
7769
logo.jpg
bloodhelpers.com/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bloodhelpers.com/images/logo.jpg
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
HTTP/1.1
Server
2400:8901::f03c:91ff:fe3e:c414 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
90ae6a92534dd5280d5dd7ee4e2ae906e67b238cd99eb101d1cd9b8ce448ef97

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bloodhelpers.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://bloodhelpers.com/
Cookie
PHPSESSID=deo40tln0le1mkqlhobkug8ot2
Connection
keep-alive
Cache-Control
no-cache
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 22:55:02 GMT
Last-Modified
Sun, 30 Jul 2017 08:35:02 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"1641-55584ca566570"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
5697
tab_top.jpg
bloodhelpers.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bloodhelpers.com/images/tab_top.jpg
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
HTTP/1.1
Server
2400:8901::f03c:91ff:fe3e:c414 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
4f0b8a92c4b966af8298f43c059ec089461ee7a36fe53ee407ab39485194e358

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bloodhelpers.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://bloodhelpers.com/
Cookie
PHPSESSID=deo40tln0le1mkqlhobkug8ot2
Connection
keep-alive
Cache-Control
no-cache
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 22:55:02 GMT
Last-Modified
Sun, 30 Jul 2017 08:35:02 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"69f-55584ca566570"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1695
inform.gif
bloodhelpers.com/i/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bloodhelpers.com/i/inform.gif
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
HTTP/1.1
Server
2400:8901::f03c:91ff:fe3e:c414 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
c4b8a8c6703278963efa13c2536ca546ed08f55a0dbab145d5500f850691d8a3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bloodhelpers.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://bloodhelpers.com/
Cookie
PHPSESSID=deo40tln0le1mkqlhobkug8ot2
Connection
keep-alive
Cache-Control
no-cache
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 22:55:02 GMT
Last-Modified
Sun, 30 Jul 2017 08:34:58 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"6ea-55584ca1ea691"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1770
tab_bottom.jpg
bloodhelpers.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bloodhelpers.com/images/tab_bottom.jpg
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
HTTP/1.1
Server
2400:8901::f03c:91ff:fe3e:c414 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
aa7d7130a1412cd7df7976029c244e17ae541393962321ef3798d4fd31a8c1fa

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bloodhelpers.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://bloodhelpers.com/
Cookie
PHPSESSID=deo40tln0le1mkqlhobkug8ot2
Connection
keep-alive
Cache-Control
no-cache
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 22:55:03 GMT
Last-Modified
Sun, 30 Jul 2017 08:35:02 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"5f6-55584ca566570"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
1526
logintop.jpg
bloodhelpers.com/images/ 		932 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bloodhelpers.com/images/logintop.jpg
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
HTTP/1.1
Server
2400:8901::f03c:91ff:fe3e:c414 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
72733f17413f79408f89e9d85b9e44fcd10c9a8351d26c204b497d2769b67fc1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bloodhelpers.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://bloodhelpers.com/
Cookie
PHPSESSID=deo40tln0le1mkqlhobkug8ot2
Connection
keep-alive
Cache-Control
no-cache
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 22:55:03 GMT
Last-Modified
Sun, 30 Jul 2017 08:35:02 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"3a4-55584ca566570"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
932
loginbottom.jpg
bloodhelpers.com/images/ 		962 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bloodhelpers.com/images/loginbottom.jpg
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
HTTP/1.1
Server
2400:8901::f03c:91ff:fe3e:c414 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
c1abbde5f157de3a571a6e12ceea7466953640d23fbe0e5b7339d04c4b0e73ab

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bloodhelpers.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://bloodhelpers.com/
Cookie
PHPSESSID=deo40tln0le1mkqlhobkug8ot2
Connection
keep-alive
Cache-Control
no-cache
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 22:55:03 GMT
Last-Modified
Sun, 30 Jul 2017 08:35:02 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"3c2-55584ca566570"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
962
show_ads.js
pagead2.googlesyndication.com/pagead/ 		97 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d03b98e10261f4807504ce30bb32c443ca89a9b9d8b59c7a99130c3d1d1eca57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Sun, 25 Jul 2021 22:55:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
1125903639542399627
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
35425
X-XSS-Protection
0
Expires
Sun, 25 Jul 2021 22:55:02 GMT
tabsearhtop.jpg
bloodhelpers.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bloodhelpers.com/images/tabsearhtop.jpg
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
HTTP/1.1
Server
2400:8901::f03c:91ff:fe3e:c414 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
e7f3e6e7de4d0e4b7b1ac851f43188836a609a0e77b4c6f5ade29b8c9b80e946

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bloodhelpers.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://bloodhelpers.com/
Cookie
PHPSESSID=deo40tln0le1mkqlhobkug8ot2
Connection
keep-alive
Cache-Control
no-cache
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 22:55:03 GMT
Last-Modified
Sun, 30 Jul 2017 08:35:02 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"66f-55584ca566570"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
1647
tabsearhbottom.jpg
bloodhelpers.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bloodhelpers.com/images/tabsearhbottom.jpg
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
HTTP/1.1
Server
2400:8901::f03c:91ff:fe3e:c414 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
7c1dc78e5284f0f937fc9159ca5418fd27aac3e93eb813bf6477cca5c34bf998

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bloodhelpers.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://bloodhelpers.com/
Cookie
PHPSESSID=deo40tln0le1mkqlhobkug8ot2
Connection
keep-alive
Cache-Control
no-cache
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 22:55:03 GMT
Last-Modified
Sun, 30 Jul 2017 08:35:02 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"5b0-55584ca566570"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
1456
tabrequesttop.jpg
bloodhelpers.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bloodhelpers.com/images/tabrequesttop.jpg
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
HTTP/1.1
Server
2400:8901::f03c:91ff:fe3e:c414 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
248efbcc76b3d0a7264cb4cbc225aa44606b05c639dc6bd1ddf40157f72d43c7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bloodhelpers.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://bloodhelpers.com/
Cookie
PHPSESSID=deo40tln0le1mkqlhobkug8ot2
Connection
keep-alive
Cache-Control
no-cache
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 22:55:03 GMT
Last-Modified
Sun, 30 Jul 2017 08:35:02 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"6e4-55584ca566570"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
1764
tabrequestbottom.jpg
bloodhelpers.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bloodhelpers.com/images/tabrequestbottom.jpg
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
HTTP/1.1
Server
2400:8901::f03c:91ff:fe3e:c414 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
e8d4ff5367de8df94634d960c32dd62bceb138308cffddbc2656492fcfd7a934

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bloodhelpers.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://bloodhelpers.com/
Cookie
PHPSESSID=deo40tln0le1mkqlhobkug8ot2
Connection
keep-alive
Cache-Control
no-cache
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 22:55:03 GMT
Last-Modified
Sun, 30 Jul 2017 08:35:02 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"6a3-55584ca566570"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
1699
male.jpg
bloodhelpers.com/i/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bloodhelpers.com/i/male.jpg
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
HTTP/1.1
Server
2400:8901::f03c:91ff:fe3e:c414 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
fdf2ce1dd291ed85237de3ca32c8595089ea91b09439ed40afc63a240549e4fa

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bloodhelpers.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://bloodhelpers.com/
Cookie
PHPSESSID=deo40tln0le1mkqlhobkug8ot2
Connection
keep-alive
Cache-Control
no-cache
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 22:55:03 GMT
Last-Modified
Sun, 30 Jul 2017 08:34:58 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"6368-55584ca1ea691"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
25448
38353_Anba-thumb.jpg
bloodhelpers.com/i_users/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bloodhelpers.com/i_users/38353_Anba-thumb.jpg
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
HTTP/1.1
Server
2400:8901::f03c:91ff:fe3e:c414 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
aca111e20c2cd9bfef7349df513d3abec397eedf13136f2ee89e25913bfe3274

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bloodhelpers.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://bloodhelpers.com/
Cookie
PHPSESSID=deo40tln0le1mkqlhobkug8ot2
Connection
keep-alive
Cache-Control
no-cache
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 22:55:03 GMT
Last-Modified
Sun, 25 Jul 2021 04:24:49 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"5aec-5c7eb046e9167"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
23276
buttons.js
w.sharethis.com/button/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://w.sharethis.com/button/buttons.js
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
HTTP/1.1
Server
2600:9000:20c8:ec00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
101952754cb8c2ae6e1b8b8cba16dc2a9b47e6e808bd563a8b87d0561daf7d85

Request headers

Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 23 Jul 2021 10:52:13 GMT
Content-Encoding
gzip
Age
216169
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
16639
Server
nginx/1.16.1
ETag
W/"60256fd0-eabe"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 3a5cd718bb9eb50d9c931e1f7586b5a8.cloudfront.net (CloudFront)
Cache-Control
max-age=259200
X-Amz-Cf-Pop
MAD50-C1
X-Robots-Tag
noindex, nofollow
X-Amz-Cf-Id
el9tGZ7vmrMr30EMXZ7w07BmmMUikdKB-UjF23zUTZr-bu9WBx4kzw==
Expires
Mon, 26 Jul 2021 10:52:13 GMT
sliderHeader.jpg
bloodhelpers.com/images/ 		431 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bloodhelpers.com/images/sliderHeader.jpg
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol
HTTP/1.1
Server
2400:8901::f03c:91ff:fe3e:c414 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
5e0eb783dd1df7d0d104169c210fe8775412af11f797b5c9fd368c6d0b5b1c93

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bloodhelpers.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://bloodhelpers.com/css/bloodhelper.css
Cookie
PHPSESSID=deo40tln0le1mkqlhobkug8ot2
Connection
keep-alive
Cache-Control
no-cache
Referer
http://bloodhelpers.com/css/bloodhelper.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 22:55:03 GMT
Last-Modified
Sun, 30 Jul 2017 08:35:02 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"1af-55584ca566570"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
431
tab_bg.jpg
bloodhelpers.com/images/ 		422 B
707 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bloodhelpers.com/images/tab_bg.jpg
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol
HTTP/1.1
Server
2400:8901::f03c:91ff:fe3e:c414 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
fc345ad17d1564c82cf169a6e0a9be99d6a67f66568396c49575678d0179f4d7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bloodhelpers.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://bloodhelpers.com/css/bloodhelper.css
Cookie
PHPSESSID=deo40tln0le1mkqlhobkug8ot2
Connection
keep-alive
Cache-Control
no-cache
Referer
http://bloodhelpers.com/css/bloodhelper.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 22:55:02 GMT
Last-Modified
Sun, 30 Jul 2017 08:35:02 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"1a6-55584ca566570"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
422
loginbg.jpg
bloodhelpers.com/images/ 		356 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bloodhelpers.com/images/loginbg.jpg
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol
HTTP/1.1
Server
2400:8901::f03c:91ff:fe3e:c414 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
776654f7b3bf08c9ad34b8a4346af6dd89590ebee0c4f7c6dd8d7f34ea1f1698

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bloodhelpers.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://bloodhelpers.com/css/bloodhelper.css
Cookie
PHPSESSID=deo40tln0le1mkqlhobkug8ot2
Connection
keep-alive
Cache-Control
no-cache
Referer
http://bloodhelpers.com/css/bloodhelper.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 22:55:03 GMT
Last-Modified
Sun, 30 Jul 2017 08:35:02 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"164-55584ca566570"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
356
navBg.jpg
bloodhelpers.com/images/ 		429 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bloodhelpers.com/images/navBg.jpg
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol
HTTP/1.1
Server
2400:8901::f03c:91ff:fe3e:c414 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
5457dbdf5b8ea7afe9c7d54038caee3eb372bf261b751577a20de58a98e024ae

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bloodhelpers.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://bloodhelpers.com/css/bloodhelper.css
Cookie
PHPSESSID=deo40tln0le1mkqlhobkug8ot2
Connection
keep-alive
Cache-Control
no-cache
Referer
http://bloodhelpers.com/css/bloodhelper.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 22:55:03 GMT
Last-Modified
Sun, 30 Jul 2017 08:35:02 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"1ad-55584ca566570"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
429
navleft.jpg
bloodhelpers.com/images/ 		1009 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bloodhelpers.com/images/navleft.jpg
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol
HTTP/1.1
Server
2400:8901::f03c:91ff:fe3e:c414 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
608e0382cd5327f9ee7c19cefe7d6fd4447233ae38e1ddcf0074765a09e4293e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bloodhelpers.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://bloodhelpers.com/css/bloodhelper.css
Cookie
PHPSESSID=deo40tln0le1mkqlhobkug8ot2
Connection
keep-alive
Cache-Control
no-cache
Referer
http://bloodhelpers.com/css/bloodhelper.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 22:55:03 GMT
Last-Modified
Sun, 30 Jul 2017 08:35:02 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"3f1-55584ca566570"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
1009
navright.jpg
bloodhelpers.com/images/ 		1019 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bloodhelpers.com/images/navright.jpg
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol
HTTP/1.1
Server
2400:8901::f03c:91ff:fe3e:c414 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
266d11c6058f9a59e25b5a5232f571dc69eb3578beb0faec8fa3d2088836388c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bloodhelpers.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://bloodhelpers.com/css/bloodhelper.css
Cookie
PHPSESSID=deo40tln0le1mkqlhobkug8ot2
Connection
keep-alive
Cache-Control
no-cache
Referer
http://bloodhelpers.com/css/bloodhelper.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 22:55:03 GMT
Last-Modified
Sun, 30 Jul 2017 08:35:02 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"3fb-55584ca566570"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1019
bloddRegister.gif
bloodhelpers.com/i/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bloodhelpers.com/i/bloddRegister.gif
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol
HTTP/1.1
Server
2400:8901::f03c:91ff:fe3e:c414 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
4f197c444784333a55ff4b224157f0d800e70c9daa39d86bcedc8c7ef162915d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bloodhelpers.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://bloodhelpers.com/css/bloodhelper.css
Cookie
PHPSESSID=deo40tln0le1mkqlhobkug8ot2
Connection
keep-alive
Cache-Control
no-cache
Referer
http://bloodhelpers.com/css/bloodhelper.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 22:55:03 GMT
Last-Modified
Sun, 30 Jul 2017 08:34:58 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"622-55584ca1e998b"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1570
RegisterIcon.gif
bloodhelpers.com/i/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bloodhelpers.com/i/RegisterIcon.gif
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol
HTTP/1.1
Server
2400:8901::f03c:91ff:fe3e:c414 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
10b02de004b97512fd30c6f064abbdee71b11f73eb02929c24e5b0133e692b97

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bloodhelpers.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://bloodhelpers.com/css/bloodhelper.css
Cookie
PHPSESSID=deo40tln0le1mkqlhobkug8ot2
Connection
keep-alive
Cache-Control
no-cache
Referer
http://bloodhelpers.com/css/bloodhelper.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 22:55:03 GMT
Last-Modified
Sun, 30 Jul 2017 08:34:58 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"76d-55584ca1e8c86"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1901
searchIcon.gif
bloodhelpers.com/i/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bloodhelpers.com/i/searchIcon.gif
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol
HTTP/1.1
Server
2400:8901::f03c:91ff:fe3e:c414 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
5608227c7f669c0d9a2becf40df6b1e818c4bf5031cff42356ea83b953079541

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bloodhelpers.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://bloodhelpers.com/css/bloodhelper.css
Cookie
PHPSESSID=deo40tln0le1mkqlhobkug8ot2
Connection
keep-alive
Cache-Control
no-cache
Referer
http://bloodhelpers.com/css/bloodhelper.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 22:55:03 GMT
Last-Modified
Sun, 30 Jul 2017 08:34:58 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"691-55584ca1eb396"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1681
postIcon.jpg
bloodhelpers.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bloodhelpers.com/images/postIcon.jpg
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol
HTTP/1.1
Server
2400:8901::f03c:91ff:fe3e:c414 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
0697c07c0ab6e661ea446ec8242304225e7cec860c1913ac9d0c2f25611b96e9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bloodhelpers.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://bloodhelpers.com/css/bloodhelper.css
Cookie
PHPSESSID=deo40tln0le1mkqlhobkug8ot2
Connection
keep-alive
Cache-Control
no-cache
Referer
http://bloodhelpers.com/css/bloodhelper.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 22:55:03 GMT
Last-Modified
Sun, 30 Jul 2017 08:35:02 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"7da-55584ca566570"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2010
tickerbg.gif
bloodhelpers.com/i/ 		125 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bloodhelpers.com/i/tickerbg.gif
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol
HTTP/1.1
Server
2400:8901::f03c:91ff:fe3e:c414 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
eba396bb2d056206fff4af829b6e6edfd05ab820e06fed281e762c9bfe6f2911

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bloodhelpers.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://bloodhelpers.com/css/bloodhelper.css
Cookie
PHPSESSID=deo40tln0le1mkqlhobkug8ot2
Connection
keep-alive
Cache-Control
no-cache
Referer
http://bloodhelpers.com/css/bloodhelper.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 22:55:03 GMT
Last-Modified
Sun, 30 Jul 2017 08:34:58 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"7d-55584ca1eb396"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
125
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107220101/ 		250 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107220101/show_ads_impl_with_ama_fy2019.js?client=pub-4081699989175167&plah=bloodhelpers.com&amaexp=1&bust=31061979
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cd53a305a61a6a7bfa3b7704e9eed801ffe058954baed4784f554fd3991155fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 22:55:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95172
x-xss-protection
0
server
cafe
etag
13136452362334458347
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 25 Jul 2021 22:55:02 GMT
tabsearchbg.jpg
bloodhelpers.com/images/ 		411 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bloodhelpers.com/images/tabsearchbg.jpg
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol
HTTP/1.1
Server
2400:8901::f03c:91ff:fe3e:c414 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
0eefc2d7f64647f430757895d13bd823e9106b542cacf8ed5adc05c772ea2cde

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bloodhelpers.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://bloodhelpers.com/css/bloodhelper.css
Cookie
PHPSESSID=deo40tln0le1mkqlhobkug8ot2
Connection
keep-alive
Cache-Control
no-cache
Referer
http://bloodhelpers.com/css/bloodhelper.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 22:55:03 GMT
Last-Modified
Sun, 30 Jul 2017 08:35:02 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"19b-55584ca566570"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
411
chosen-sprite.png
bloodhelpers.com/i/ 		646 B
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bloodhelpers.com/i/chosen-sprite.png
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/chosen.css
Protocol
HTTP/1.1
Server
2400:8901::f03c:91ff:fe3e:c414 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
e670fdcaf8cd467a9a1a67e9a5c1f73288089f59dc08031b118dc26fbd233c80

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bloodhelpers.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://bloodhelpers.com/css/chosen.css
Cookie
PHPSESSID=deo40tln0le1mkqlhobkug8ot2
Connection
keep-alive
Cache-Control
no-cache
Referer
http://bloodhelpers.com/css/chosen.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 22:55:03 GMT
Last-Modified
Sun, 30 Jul 2017 08:34:58 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"286-55584ca1ea691"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
646
like.php
www.facebook.com/plugins/ Frame 5724
Redirect Chain
  • http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fbloodhelpers.com&layout=standard&show_faces=true&width=450&action=recommend&font=lucida+grande&colorscheme=light&height=80
  • https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fbloodhelpers.com&layout=standard&show_faces=true&width=450&action=recommend&font=lucida+grande&colorscheme=light&height=80
0
885 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fbloodhelpers.com&layout=standard&show_faces=true&width=450&action=recommend&font=lucida+grande&colorscheme=light&height=80
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/like.php?href=http%3A%2F%2Fbloodhelpers.com&layout=standard&show_faces=true&width=450&action=recommend&font=lucida+grande&colorscheme=light&height=80
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://bloodhelpers.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://bloodhelpers.com/

Response headers

content-type
text/html;charset=utf-8
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-content-type-options
nosniff
x-xss-protection
0
x-fb-debug
H1MMGNhevWLCOB+/ceaXjfct/vKWp2GmHZZ3CoXdgOmE+BxiypW8C+QGANXyltfrbqS7LeNQ4QC8m0lCx6d5yA==
content-length
0
date
Sun, 25 Jul 2021 22:55:02 GMT
priority
u=3,i
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

Location
https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fbloodhelpers.com&layout=standard&show_faces=true&width=450&action=recommend&font=lucida+grande&colorscheme=light&height=80
Non-Authoritative-Reason
HSTS
tabrequestBg.jpg
bloodhelpers.com/images/ 		405 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bloodhelpers.com/images/tabrequestBg.jpg
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol
HTTP/1.1
Server
2400:8901::f03c:91ff:fe3e:c414 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
ffc5b915284c210bfb56d123358c80408200d967819e1a52979fb7572a98ba65

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bloodhelpers.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://bloodhelpers.com/css/bloodhelper.css
Cookie
PHPSESSID=deo40tln0le1mkqlhobkug8ot2
Connection
keep-alive
Cache-Control
no-cache
Referer
http://bloodhelpers.com/css/bloodhelper.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 22:55:03 GMT
Last-Modified
Sun, 30 Jul 2017 08:35:02 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"195-55584ca566570"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
405
recentusers_top.gif
bloodhelpers.com/i/ 		647 B
931 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bloodhelpers.com/i/recentusers_top.gif
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
HTTP/1.1
Server
2400:8901::f03c:91ff:fe3e:c414 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
6da64d35e0719af8338c2ca65f4597386a5d95632da247f6eabea44087e94f73

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bloodhelpers.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://bloodhelpers.com/
Cookie
PHPSESSID=deo40tln0le1mkqlhobkug8ot2
Connection
keep-alive
Cache-Control
no-cache
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 22:55:03 GMT
Last-Modified
Sun, 30 Jul 2017 08:34:58 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"287-55584ca1eb396"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
647
recentusers_bg.gif
bloodhelpers.com/i/ 		90 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bloodhelpers.com/i/recentusers_bg.gif
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
HTTP/1.1
Server
2400:8901::f03c:91ff:fe3e:c414 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
31db83f7dee8772cf449eb52412da6d98ede3db1f1266cf772e53fa3d10579bf

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bloodhelpers.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://bloodhelpers.com/
Cookie
PHPSESSID=deo40tln0le1mkqlhobkug8ot2
Connection
keep-alive
Cache-Control
no-cache
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 22:55:03 GMT
Last-Modified
Sun, 30 Jul 2017 08:34:58 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"5a-55584ca1eb396"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
90
recentusers_bot.gif
bloodhelpers.com/i/ 		661 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bloodhelpers.com/i/recentusers_bot.gif
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
HTTP/1.1
Server
2400:8901::f03c:91ff:fe3e:c414 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
de9beb5ad10173669f0b41c34c327f869c48dd0e4300d398e72603eb4a119a48

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bloodhelpers.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://bloodhelpers.com/
Cookie
PHPSESSID=deo40tln0le1mkqlhobkug8ot2
Connection
keep-alive
Cache-Control
no-cache
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 22:55:03 GMT
Last-Modified
Sun, 30 Jul 2017 08:34:58 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"295-55584ca1eb396"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
661
family.gif
bloodhelpers.com/i/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bloodhelpers.com/i/family.gif
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol
HTTP/1.1
Server
2400:8901::f03c:91ff:fe3e:c414 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
694d659009eac3d41baa98f316082395d708e93affbfddbba5fed6289b2560c6

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bloodhelpers.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://bloodhelpers.com/css/bloodhelper.css
Cookie
PHPSESSID=deo40tln0le1mkqlhobkug8ot2
Connection
keep-alive
Cache-Control
no-cache
Referer
http://bloodhelpers.com/css/bloodhelper.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 22:55:03 GMT
Last-Modified
Sun, 30 Jul 2017 08:34:58 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"1f52-55584ca1ea691"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
8018
spacer.gif
bloodhelpers.com/i/ 		43 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bloodhelpers.com/i/spacer.gif
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol
HTTP/1.1
Server
2400:8901::f03c:91ff:fe3e:c414 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bloodhelpers.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://bloodhelpers.com/css/bloodhelper.css
Cookie
PHPSESSID=deo40tln0le1mkqlhobkug8ot2
Connection
keep-alive
Cache-Control
no-cache
Referer
http://bloodhelpers.com/css/bloodhelper.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 22:55:03 GMT
Last-Modified
Sun, 30 Jul 2017 08:34:58 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"2b-55584ca1eb396"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
43
feedback_trans_tab.png
bloodhelpers.com/i/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bloodhelpers.com/i/feedback_trans_tab.png
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol
HTTP/1.1
Server
2400:8901::f03c:91ff:fe3e:c414 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
9a9908a313001cfb6df4c6dc006c43f13dfcca49840f203ca7fc81d71e9366f6

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bloodhelpers.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://bloodhelpers.com/css/bloodhelper.css
Cookie
PHPSESSID=deo40tln0le1mkqlhobkug8ot2
Connection
keep-alive
Cache-Control
no-cache
Referer
http://bloodhelpers.com/css/bloodhelper.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 22:55:03 GMT
Last-Modified
Sun, 30 Jul 2017 08:34:58 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"695-55584ca1ea691"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
1685
async-buttons.js
ws.sharethis.com/button/ 		89 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/button/async-buttons.js
Requested by
Host: w.sharethis.com
URL: http://w.sharethis.com/button/buttons.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c8:5600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
f3bc548fe0ec38e954e193e2048fcd89948a61e9b321e69476b807cfb530215b

Request headers

Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 15:10:49 GMT
content-encoding
gzip
server
nginx/1.16.1
age
27854
etag
W/"60257011-16245"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a79264f1781916a9abe8d5b96e40a058.cloudfront.net (CloudFront)
cache-control
max-age=259200
x-amz-cf-pop
MAD50-C1
x-robots-tag
noindex, nofollow
content-length
18815
x-amz-cf-id
Yg1cbS653y2PMGkBIC3P2NUr_fpoBYqvtkNc1cS1aahenbYuVOKaHA==
expires
Wed, 28 Jul 2021 15:10:49 GMT
portal-v2.html
c.sharethis.mgr.consensu.org/ Frame 2D5B 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by
Host: w.sharethis.com
URL: http://w.sharethis.com/button/buttons.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:6200:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8bc62c9ef81390af989b3829ace60aae916e299dab9df7ec5e49db2d07a956b6

Request headers

:method
GET
:authority
c.sharethis.mgr.consensu.org
:scheme
https
:path
/portal-v2.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://bloodhelpers.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://bloodhelpers.com/

Response headers

content-type
text/html; charset=utf-8
content-encoding
gzip
date
Sun, 25 Jul 2021 22:25:19 GMT
cache-control
max-age=3600, public
etag
W/"865-g9QqzjbIJI1xmvSY3DM2A/8Cpl8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
-fpAgNSAdgbanel0_ud6Ruz7VYCsU7zCYoLy5DCmhvkbV4p2x7FFLQ==
age
1783
cookie.js
partner.googleadservices.com/gampad/ 		206 B
661 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=bloodhelpers.com&callback=_gfp_s_&client=ca-pub-4081699989175167
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107220101/show_ads_impl_with_ama_fy2019.js?client=pub-4081699989175167&plah=bloodhelpers.com&amaexp=1&bust=31061979
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
7768ef3b22f5e72323a4369b128de32a542a893a2907955e7bbace7bbf6fa768
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 22:55:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
195
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=bloodhelpers.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107220101/show_ads_impl_with_ama_fy2019.js?client=pub-4081699989175167&plah=bloodhelpers.com&amaexp=1&bust=31061979
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 25 Jul 2021 22:55:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=bloodhelpers.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107220101/show_ads_impl_with_ama_fy2019.js?client=pub-4081699989175167&plah=bloodhelpers.com&amaexp=1&bust=31061979
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 25 Jul 2021 22:55:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C1A9 		57 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4081699989175167&output=html&h=600&slotname=1676498701&adk=214556337&adf=3687068580&pi=t.ma~as.1676498701&w=120&lmt=1627253702&url=http%3A%2F%2Fbloodhelpers.com%2F&flash=0&wgl=1&dt=1627253702856&bpp=12&bdt=412&idt=89&shv=r20210720&mjsv=m202107220101&ptt=5&saldr=sa&abxe=1&correlator=6421296585267&frm=20&pv=2&ga_vid=180087971.1627253703&ga_sid=1627253703&ga_hid=1071909973&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1164&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44745303%2C31061979%2C20211866&oid=3&pvsid=3686547446497883&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=EnfY6NOQwr&p=http%3A//bloodhelpers.com&dtd=103
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107220101/show_ads_impl_with_ama_fy2019.js?client=pub-4081699989175167&plah=bloodhelpers.com&amaexp=1&bust=31061979
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7aeaab1bb53516b64c5a5c1a32447651442d918f6f3a0a2bac333414d085b9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4081699989175167&output=html&h=600&slotname=1676498701&adk=214556337&adf=3687068580&pi=t.ma~as.1676498701&w=120&lmt=1627253702&url=http%3A%2F%2Fbloodhelpers.com%2F&flash=0&wgl=1&dt=1627253702856&bpp=12&bdt=412&idt=89&shv=r20210720&mjsv=m202107220101&ptt=5&saldr=sa&abxe=1&correlator=6421296585267&frm=20&pv=2&ga_vid=180087971.1627253703&ga_sid=1627253703&ga_hid=1071909973&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1164&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44745303%2C31061979%2C20211866&oid=3&pvsid=3686547446497883&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=EnfY6NOQwr&p=http%3A//bloodhelpers.com&dtd=103
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://bloodhelpers.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://bloodhelpers.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 25 Jul 2021 22:55:03 GMT
server
cafe
content-length
22503
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 25-Jul-2021 23:10:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 25 Jul 2021 22:55:03 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107220101/show_ads_impl_with_ama_fy2019.js?client=pub-4081699989175167&plah=bloodhelpers.com&amaexp=1&bust=31061979
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5073fab4fddb9f037315ac9c663dce6681b03976250cab681638dfe17475466f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 22:55:02 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627039897272555"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27998
x-xss-protection
0
expires
Sun, 25 Jul 2021 22:55:02 GMT
pview
l.sharethis.com/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1627253702922.11354&hostname=bloodhelpers.com&location=%2F&product=widget&fcmp=false&fcmpv2=false&publisher=a8fb2f1f-31ba-494a-81d2-9e72b524e482&bsamesite=true&consent_cookie_duration=49&consent_duration=49&gdpr_domain=.consensu.org&gdpr_method=cookie&url=http%3A%2F%2Fbloodhelpers.com%2F&title=Indian%20database%20of%20blood%20donors%20-%20Donate%20Blood%20!%20Save%20a%20life%20!&sop=false&description=Indian%20database%20of%20blood%20donors%20%3A%20Help%20in%20saving%20lives%20of%20those%20who%20are%20in%20immediate%20need%20of%20blood.%20Register%20as%20blood%20donor%20and%20save%20life
Requested by
Host: w.sharethis.com
URL: http://w.sharethis.com/button/buttons.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.221.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-221-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 22:55:03 GMT
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
http://bloodhelpers.com
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
buttons-secure.css
ws.sharethis.com/button/css/ 		23 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/button/css/buttons-secure.css
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c8:5600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05

Request headers

Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 06:36:03 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 17:57:38 GMT
server
nginx/1.16.1
age
58740
etag
W/"60257012-5a76"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 a79264f1781916a9abe8d5b96e40a058.cloudfront.net (CloudFront)
x-amz-cf-pop
MAD50-C1
x-robots-tag
noindex, nofollow
content-length
3851
x-amz-cf-id
ZsQ4BKdjQYqJRTRxjFLVWm674mxFIyUzUg8-K2Pq8vCejVUSwajlhg==
get_counts
count-server.sharethis.com/v2.0/ 		454 B
700 B 		Script
General
Check archive.org
Download Go to
Full URL
https://count-server.sharethis.com/v2.0/get_counts?url=http%3A%2F%2Fbloodhelpers.com%2F&cb=stButtons.processCB&wd=true
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.94.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-94-235.compute-1.amazonaws.com
Software
/ Express
Resource Hash
ead7ef16f08dde9131f8e473c687c2285161bdff846a47dc09f78dd5a56b9581

Request headers

Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 22:55:03 GMT
Cache-Control
public, max-age=900
ETag
8558c0bce164294e2743916db661bb73
Connection
keep-alive
X-Powered-By
Express
Content-Length
454
Content-Type
text/javascript; charset=utf-8
twitter_counter.png
ws.sharethis.com/images/2017/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ws.sharethis.com/images/2017/twitter_counter.png
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c8:5600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
aeae37bae2130513ef8b5ea4fde8fd776b32ff8969b848b59399a63d9455e29a

Request headers

Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Feb 2021 19:07:06 GMT
via
1.1 a79264f1781916a9abe8d5b96e40a058.cloudfront.net (CloudFront)
server
nginx/1.16.1
age
14183277
etag
"60256fcb-9ae"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
MAD50-C1
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
2478
x-amz-cf-id
9ZfTf03X88w7j5w3TsS38wCa5cBmZC3IzShF-jNOil7ROAopAm651Q==
expires
Fri, 11 Feb 2022 19:07:06 GMT
facebook_counter.png
ws.sharethis.com/images/2017/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ws.sharethis.com/images/2017/facebook_counter.png
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c8:5600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
3488c49147b809d1e457c14a37bf3a79b0455fd159c121325e8f737eea45eb75

Request headers

Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Feb 2021 19:07:06 GMT
via
1.1 a79264f1781916a9abe8d5b96e40a058.cloudfront.net (CloudFront)
server
nginx/1.16.1
age
14183277
etag
"60256fcb-977"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
MAD50-C1
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
2423
x-amz-cf-id
G1-pmrfQbxDYogvCRFvdDK-tSY48mOnhJE_M4K-MzEeLkeEqNPKceg==
expires
Fri, 11 Feb 2022 19:07:06 GMT
pview
l.sharethis.com/ 		0
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1627253702922.11354&hostname=bloodhelpers.com&location=%2F&product=widget&fcmp=false&fcmpv2=false&publisher=a8fb2f1f-31ba-494a-81d2-9e72b524e482&bsamesite=true&consent_cookie_duration=49&consent_duration=49&gdpr_domain=.consensu.org&gdpr_method=cookie&url=http%3A%2F%2Fbloodhelpers.com%2F&title=Indian%20database%20of%20blood%20donors%20-%20Donate%20Blood%20!%20Save%20a%20life%20!&sop=false&description=Indian%20database%20of%20blood%20donors%20%3A%20Help%20in%20saving%20lives%20of%20those%20who%20are%20in%20immediate%20need%20of%20blood.%20Register%20as%20blood%20donor%20and%20save%20life&gdpr_domain=.consensu.org&gdpr_method=cookie&description=Indian%20database%20of%20blood%20donors%20%3A%20Help%20in%20saving%20lives%20of%20those%20who%20are%20in%20immediate%20need%20of%20blood.%20Register%20as%20blood%20donor%20and%20save%20life&img_pview=true
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.221.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-221-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 22:55:03 GMT
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
reddit_16.png
ws.sharethis.com/images/2017/ 		895 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ws.sharethis.com/images/2017/reddit_16.png
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/css/buttons-secure.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c8:5600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
1600444c9b4125557ffab061b614813ee35aea6a10101fdd47c236d7d8a4c435

Request headers

Referer
https://ws.sharethis.com/button/css/buttons-secure.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 19:30:44 GMT
via
1.1 a79264f1781916a9abe8d5b96e40a058.cloudfront.net (CloudFront)
server
nginx/1.16.1
age
8825059
etag
"60256fcb-37f"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
MAD50-C1
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
895
x-amz-cf-id
RgQvHbKqPCfLfPU7UCx-9i9B8sg2kQ_tFZwNnyo1uJBtBea9gCoX3A==
expires
Thu, 14 Apr 2022 19:30:44 GMT
digg_16.png
ws.sharethis.com/images/2017/ 		706 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ws.sharethis.com/images/2017/digg_16.png
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/css/buttons-secure.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c8:5600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
62f041ce8a15ab6b5dda668380d3191d5b95b914a14cc65140a7fd717e6381a2

Request headers

Referer
https://ws.sharethis.com/button/css/buttons-secure.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 19:30:44 GMT
via
1.1 a79264f1781916a9abe8d5b96e40a058.cloudfront.net (CloudFront)
server
nginx/1.16.1
age
8825059
etag
"60256fcb-2c2"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
MAD50-C1
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
706
x-amz-cf-id
mFi7bWgSuTKVQwIMK32lpONdlBZYp2wQhASzLFuOpjES_mG5J_aHDw==
expires
Thu, 14 Apr 2022 19:30:44 GMT
bubble_arrow_below.png
ws.sharethis.com/secure/images/ 		969 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ws.sharethis.com/secure/images/bubble_arrow_below.png
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/css/buttons-secure.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c8:5600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
10ad65fee3c7f0fc6a2122915ac606daf88347db9f6173aa67e3457598665677

Request headers

Referer
https://ws.sharethis.com/button/css/buttons-secure.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Feb 2021 19:07:06 GMT
via
1.1 a79264f1781916a9abe8d5b96e40a058.cloudfront.net (CloudFront)
server
nginx/1.16.1
age
14183277
etag
"60257011-3c9"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
MAD50-C1
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
969
x-amz-cf-id
cGCtf7ak1tIgOivA9iwODkm_MUf6gCCkvLeBAN3_H3El_AFnlPaAuQ==
expires
Fri, 11 Feb 2022 19:07:06 GMT
16939678050346195022
tpc.googlesyndication.com/simgad/ Frame C1A9 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16939678050346195022?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlGd-0PEXRYm2S4bbYTFDJbv11C4g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4081699989175167&output=html&h=600&slotname=1676498701&adk=214556337&adf=3687068580&pi=t.ma~as.1676498701&w=120&lmt=1627253702&url=http%3A%2F%2Fbloodhelpers.com%2F&flash=0&wgl=1&dt=1627253702856&bpp=12&bdt=412&idt=89&shv=r20210720&mjsv=m202107220101&ptt=5&saldr=sa&abxe=1&correlator=6421296585267&frm=20&pv=2&ga_vid=180087971.1627253703&ga_sid=1627253703&ga_hid=1071909973&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1164&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44745303%2C31061979%2C20211866&oid=3&pvsid=3686547446497883&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=EnfY6NOQwr&p=http%3A//bloodhelpers.com&dtd=103
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bed84be79258e806a6c268b5be925abeb1a80d9733c277f3416c63d9cd9ebc0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 14:28:56 GMT
x-content-type-options
nosniff
last-modified
Tue, 20 Jul 2021 11:48:51 GMT
server
sffe
age
462367
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24906
x-xss-protection
0
expires
Wed, 20 Jul 2022 14:28:56 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/ Frame C1A9 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4081699989175167&output=html&h=600&slotname=1676498701&adk=214556337&adf=3687068580&pi=t.ma~as.1676498701&w=120&lmt=1627253702&url=http%3A%2F%2Fbloodhelpers.com%2F&flash=0&wgl=1&dt=1627253702856&bpp=12&bdt=412&idt=89&shv=r20210720&mjsv=m202107220101&ptt=5&saldr=sa&abxe=1&correlator=6421296585267&frm=20&pv=2&ga_vid=180087971.1627253703&ga_sid=1627253703&ga_hid=1071909973&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1164&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44745303%2C31061979%2C20211866&oid=3&pvsid=3686547446497883&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=EnfY6NOQwr&p=http%3A//bloodhelpers.com&dtd=103
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 22:44:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
637
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7622
x-xss-protection
0
server
cafe
etag
16178317465966918049
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Aug 2021 22:44:26 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame C1A9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4081699989175167&output=html&h=600&slotname=1676498701&adk=214556337&adf=3687068580&pi=t.ma~as.1676498701&w=120&lmt=1627253702&url=http%3A%2F%2Fbloodhelpers.com%2F&flash=0&wgl=1&dt=1627253702856&bpp=12&bdt=412&idt=89&shv=r20210720&mjsv=m202107220101&ptt=5&saldr=sa&abxe=1&correlator=6421296585267&frm=20&pv=2&ga_vid=180087971.1627253703&ga_sid=1627253703&ga_hid=1071909973&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1164&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44745303%2C31061979%2C20211866&oid=3&pvsid=3686547446497883&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=EnfY6NOQwr&p=http%3A//bloodhelpers.com&dtd=103
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 22:52:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
150
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Aug 2021 22:52:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C1A9 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4081699989175167&output=html&h=600&slotname=1676498701&adk=214556337&adf=3687068580&pi=t.ma~as.1676498701&w=120&lmt=1627253702&url=http%3A%2F%2Fbloodhelpers.com%2F&flash=0&wgl=1&dt=1627253702856&bpp=12&bdt=412&idt=89&shv=r20210720&mjsv=m202107220101&ptt=5&saldr=sa&abxe=1&correlator=6421296585267&frm=20&pv=2&ga_vid=180087971.1627253703&ga_sid=1627253703&ga_hid=1071909973&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1164&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44745303%2C31061979%2C20211866&oid=3&pvsid=3686547446497883&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=EnfY6NOQwr&p=http%3A//bloodhelpers.com&dtd=103
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4409f886851d18b5071cc08d25845e0d959d51fd1e9eec92118d0f12a44e5eeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 22:55:03 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627039891503395"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38153
x-xss-protection
0
expires
Sun, 25 Jul 2021 22:55:03 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame C1A9 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4081699989175167&output=html&h=600&slotname=1676498701&adk=214556337&adf=3687068580&pi=t.ma~as.1676498701&w=120&lmt=1627253702&url=http%3A%2F%2Fbloodhelpers.com%2F&flash=0&wgl=1&dt=1627253702856&bpp=12&bdt=412&idt=89&shv=r20210720&mjsv=m202107220101&ptt=5&saldr=sa&abxe=1&correlator=6421296585267&frm=20&pv=2&ga_vid=180087971.1627253703&ga_sid=1627253703&ga_hid=1071909973&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1164&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44745303%2C31061979%2C20211866&oid=3&pvsid=3686547446497883&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=EnfY6NOQwr&p=http%3A//bloodhelpers.com&dtd=103
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 22:53:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6195
x-xss-protection
0
server
cafe
etag
10716856519410487149
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Aug 2021 22:53:56 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame C1A9 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4081699989175167&output=html&h=600&slotname=1676498701&adk=214556337&adf=3687068580&pi=t.ma~as.1676498701&w=120&lmt=1627253702&url=http%3A%2F%2Fbloodhelpers.com%2F&flash=0&wgl=1&dt=1627253702856&bpp=12&bdt=412&idt=89&shv=r20210720&mjsv=m202107220101&ptt=5&saldr=sa&abxe=1&correlator=6421296585267&frm=20&pv=2&ga_vid=180087971.1627253703&ga_sid=1627253703&ga_hid=1071909973&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1164&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44745303%2C31061979%2C20211866&oid=3&pvsid=3686547446497883&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=EnfY6NOQwr&p=http%3A//bloodhelpers.com&dtd=103
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
095673de1d39cecc95882eab9c8d418a6349794fb21bf8d2048bc65f7b7e7271
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 12:36:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37125
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10758
x-xss-protection
0
server
cafe
etag
16827398886876637458
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Aug 2021 12:36:18 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame C1A9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cab5wxuv9YJK4O5eT7_UPi5qUsAWu_bf1Y_qv0dOgDtvZHhABIP6o2g1glQKgAYfb4aQByAECqQKz5PGuBvaEPqgDAcgDyQSqBLgBT9AZ5GCy2zgk152VC5nf3-Fv849hA_IjwbrTEB8_r-txxcgBCDu-uQRLgcio2teZ-q5yB25XViyMXT6mDYsOZwxtzdd_jtGYlfuLQFlbOiqQnU0mnNrtAmFqBKjNDsQxVVoRg6MnbYbeE_OSOfSOOnU7tUPFp-OSCT6zSuKWf2a8ssb9BGIxIZs_Y8SWxZV9NuvPMuvC1q2xyQkxBI7QYTXHW9e6VZJXaeYcMuOp1IkUY9QZR_pbtMAEguC_vc4DoAYCgAfhpJ7bAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDvkQPSCAkIgOGAEBABGB-ACgHICwHYEwPQFQGAFwGyFxoKGAgAEhRwdWItNDA4MTY5OTk4OTE3NTE2Nw&sigh=o_JYReNib4k
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4081699989175167&output=html&h=600&slotname=1676498701&adk=214556337&adf=3687068580&pi=t.ma~as.1676498701&w=120&lmt=1627253702&url=http%3A%2F%2Fbloodhelpers.com%2F&flash=0&wgl=1&dt=1627253702856&bpp=12&bdt=412&idt=89&shv=r20210720&mjsv=m202107220101&ptt=5&saldr=sa&abxe=1&correlator=6421296585267&frm=20&pv=2&ga_vid=180087971.1627253703&ga_sid=1627253703&ga_hid=1071909973&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1164&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44745303%2C31061979%2C20211866&oid=3&pvsid=3686547446497883&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=EnfY6NOQwr&p=http%3A//bloodhelpers.com&dtd=103
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4081699989175167&output=html&h=600&slotname=1676498701&adk=214556337&adf=3687068580&pi=t.ma~as.1676498701&w=120&lmt=1627253702&url=http%3A%2F%2Fbloodhelpers.com%2F&flash=0&wgl=1&dt=1627253702856&bpp=12&bdt=412&idt=89&shv=r20210720&mjsv=m202107220101&ptt=5&saldr=sa&abxe=1&correlator=6421296585267&frm=20&pv=2&ga_vid=180087971.1627253703&ga_sid=1627253703&ga_hid=1071909973&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1164&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44745303%2C31061979%2C20211866&oid=3&pvsid=3686547446497883&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=EnfY6NOQwr&p=http%3A//bloodhelpers.com&dtd=103
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 25 Jul 2021 22:55:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 25 Jul 2021 22:55:03 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame D6C5 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4081699989175167&output=html&h=600&slotname=1676498701&adk=214556337&adf=3687068580&pi=t.ma~as.1676498701&w=120&lmt=1627253702&url=http%3A%2F%2Fbloodhelpers.com%2F&flash=0&wgl=1&dt=1627253702856&bpp=12&bdt=412&idt=89&shv=r20210720&mjsv=m202107220101&ptt=5&saldr=sa&abxe=1&correlator=6421296585267&frm=20&pv=2&ga_vid=180087971.1627253703&ga_sid=1627253703&ga_hid=1071909973&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1164&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44745303%2C31061979%2C20211866&oid=3&pvsid=3686547446497883&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=EnfY6NOQwr&p=http%3A//bloodhelpers.com&dtd=103
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4081699989175167&output=html&h=600&slotname=1676498701&adk=214556337&adf=3687068580&pi=t.ma~as.1676498701&w=120&lmt=1627253702&url=http%3A%2F%2Fbloodhelpers.com%2F&flash=0&wgl=1&dt=1627253702856&bpp=12&bdt=412&idt=89&shv=r20210720&mjsv=m202107220101&ptt=5&saldr=sa&abxe=1&correlator=6421296585267&frm=20&pv=2&ga_vid=180087971.1627253703&ga_sid=1627253703&ga_hid=1071909973&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1164&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44745303%2C31061979%2C20211866&oid=3&pvsid=3686547446497883&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=EnfY6NOQwr&p=http%3A//bloodhelpers.com&dtd=103
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4081699989175167&output=html&h=600&slotname=1676498701&adk=214556337&adf=3687068580&pi=t.ma~as.1676498701&w=120&lmt=1627253702&url=http%3A%2F%2Fbloodhelpers.com%2F&flash=0&wgl=1&dt=1627253702856&bpp=12&bdt=412&idt=89&shv=r20210720&mjsv=m202107220101&ptt=5&saldr=sa&abxe=1&correlator=6421296585267&frm=20&pv=2&ga_vid=180087971.1627253703&ga_sid=1627253703&ga_hid=1071909973&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1164&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44745303%2C31061979%2C20211866&oid=3&pvsid=3686547446497883&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=EnfY6NOQwr&p=http%3A//bloodhelpers.com&dtd=103

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 25 Jul 2021 22:16:24 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2319
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame C1A9 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b4978d974b4bf88bb8fde97c0e2d26e39cc3d64c70602e7b8ea75f2eb8c24a2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame D6C5
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4081699989175167&output=html&h=600&slotname=1676498701&adk=214556337&adf=3687068580&pi=t.ma~as.1676498701&w=120&lmt=1627253702&url=http%3A%2F%2Fbloodhelpers.com%2F&flash=0&wgl=1&dt=1627253702856&bpp=12&bdt=412&idt=89&shv=r20210720&mjsv=m202107220101&ptt=5&saldr=sa&abxe=1&correlator=6421296585267&frm=20&pv=2&ga_vid=180087971.1627253703&ga_sid=1627253703&ga_hid=1071909973&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1164&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44745303%2C31061979%2C20211866&oid=3&pvsid=3686547446497883&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=EnfY6NOQwr&p=http%3A//bloodhelpers.com&dtd=103
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmyNWriMR3Smk6FC8mNbuDS9vtj0utfrDCj3lCuNiGPWfVM9ltnMF8xLflpvtM
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 25 Jul 2021 22:55:03 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sun, 25-Jul-2021 23:55:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 25 Jul 2021 22:55:03 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 25 Jul 2021 22:55:03 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js
pagead2.googlesyndication.com/bg/ Frame D200 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4081699989175167&output=html&h=600&slotname=1676498701&adk=214556337&adf=3687068580&pi=t.ma~as.1676498701&w=120&lmt=1627253702&url=http%3A%2F%2Fbloodhelpers.com%2F&flash=0&wgl=1&dt=1627253702856&bpp=12&bdt=412&idt=89&shv=r20210720&mjsv=m202107220101&ptt=5&saldr=sa&abxe=1&correlator=6421296585267&frm=20&pv=2&ga_vid=180087971.1627253703&ga_sid=1627253703&ga_hid=1071909973&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1164&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44745303%2C31061979%2C20211866&oid=3&pvsid=3686547446497883&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=EnfY6NOQwr&p=http%3A//bloodhelpers.com&dtd=103
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
738ddea232874c82239c237498e051aeade604c081fcc45fe80776113f8c4a14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 00:44:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
339055
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13164
x-xss-protection
0
last-modified
Wed, 14 Jul 2021 07:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Jul 2022 00:44:08 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		136 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0d6cc7da011f8f5147a4d211c07ad9d8a80c931625656afa52fac4b83f4122dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 22:55:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49280
x-xss-protection
0
server
cafe
etag
1347722652336228370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 25 Jul 2021 22:55:03 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210720&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107220101/show_ads_impl_with_ama_fy2019.js?client=pub-4081699989175167&plah=bloodhelpers.com&amaexp=1&bust=31061979
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
90101d89a43a87d05aa518105ca610af5f823d4656f1990771a2ab912e7e5a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 25 Jul 2021 22:55:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8363
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210720/r20190131/ Frame AA6A 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210720/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d1310353e02e0a006b79b7d607131cb6d9411543a8957b772f565816fdf3ce4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210720/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://bloodhelpers.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmyNWriMR3Smk6FC8mNbuDS9vtj0utfrDCj3lCuNiGPWfVM9ltnMF8xLflpvtM; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://bloodhelpers.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 25 Jul 2021 01:46:23 GMT
expires
Sun, 08 Aug 2021 01:46:23 GMT
content-type
text/html; charset=UTF-8
etag
4389807852502320046
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4579
x-xss-protection
0
age
76120
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=bloodhelpers.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107220101/show_ads_impl_with_ama_fy2019.js?client=pub-4081699989175167&plah=bloodhelpers.com&amaexp=1&bust=31061979
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 25 Jul 2021 22:55:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=bloodhelpers.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107220101/show_ads_impl_with_ama_fy2019.js?client=pub-4081699989175167&plah=bloodhelpers.com&amaexp=1&bust=31061979
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 25 Jul 2021 22:55:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8407 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4081699989175167&output=html&adk=1812271804&adf=3025194257&lmt=1627253703&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fbloodhelpers.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1627253703903&bpp=2&bdt=1460&idt=2&shv=r20210720&mjsv=m202107220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De708ddfdd029113e-229c5ddb8bc80037%3AT%3D1627253703%3ART%3D1627253703%3AS%3DALNI_MZNOd1E6fXc3KIr3MJBvO9Fc4p1Jg&prev_slotnames=1676498701&nras=1&correlator=6421296585267&frm=20&pv=1&ga_vid=180087971.1627253703&ga_sid=1627253703&ga_hid=1071909973&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44745303%2C31061979%2C20211866&oid=3&psts=AGkb-H_V2M0hXbrtRB9iR2oHxXJmGS3WGssRIVn1I4gj9JueSp1umVDt3Hq-F1VLioVpVYXIKIWVoA8oJY7qQw&pvsid=3686547446497883&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=17
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107220101/show_ads_impl_with_ama_fy2019.js?client=pub-4081699989175167&plah=bloodhelpers.com&amaexp=1&bust=31061979
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4081699989175167&output=html&adk=1812271804&adf=3025194257&lmt=1627253703&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fbloodhelpers.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1627253703903&bpp=2&bdt=1460&idt=2&shv=r20210720&mjsv=m202107220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De708ddfdd029113e-229c5ddb8bc80037%3AT%3D1627253703%3ART%3D1627253703%3AS%3DALNI_MZNOd1E6fXc3KIr3MJBvO9Fc4p1Jg&prev_slotnames=1676498701&nras=1&correlator=6421296585267&frm=20&pv=1&ga_vid=180087971.1627253703&ga_sid=1627253703&ga_hid=1071909973&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44745303%2C31061979%2C20211866&oid=3&psts=AGkb-H_V2M0hXbrtRB9iR2oHxXJmGS3WGssRIVn1I4gj9JueSp1umVDt3Hq-F1VLioVpVYXIKIWVoA8oJY7qQw&pvsid=3686547446497883&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=17
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://bloodhelpers.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmyNWriMR3Smk6FC8mNbuDS9vtj0utfrDCj3lCuNiGPWfVM9ltnMF8xLflpvtM; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://bloodhelpers.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 25 Jul 2021 22:55:03 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107220101/show_ads_impl_with_ama_fy2019.js?client=pub-4081699989175167&plah=bloodhelpers.com&amaexp=1&bust=31061979
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 22:55:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Sun, 25 Jul 2021 22:55:03 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 0A56 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://bloodhelpers.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://bloodhelpers.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Sun, 25 Jul 2021 16:26:11 GMT
expires
Mon, 25 Jul 2022 16:26:11 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
23332
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 34C4 		783 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3d402b7c9f34159474a05117023b3b604784349031a57702714e9278ffe703a8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-V3CnQLeYk9uXkEeyTUOLyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://bloodhelpers.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://bloodhelpers.com/

Response headers

expires
Sun, 25 Jul 2021 22:55:03 GMT
date
Sun, 25 Jul 2021 22:55:03 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-V3CnQLeYk9uXkEeyTUOLyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js
pagead2.googlesyndication.com/bg/ Frame 0A56 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
738ddea232874c82239c237498e051aeade604c081fcc45fe80776113f8c4a14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 00:44:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
339055
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13164
x-xss-protection
0
last-modified
Wed, 14 Jul 2021 07:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Jul 2022 00:44:08 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210720&jk=3686547446497883&bg=!w8ClwITNAAbnC78O5ws7ACkAdvg8Wkc-4X6IQXi4KSRihFzikAe3rT25sthCfGwPLZT5rxVrEzsvRQIAAABIUgAAAApoAQcKAQfvJtoCJ96LJ0aWON2-E5DdJd8tSoV9sFlzLuMURUeRMoAZ3uFzXJ0-IhNS11WMy4wHhs0YV-Cn02bQ2v3p512mzT_PE5YslEghBhssM2tRAJelTCuSBqzPuvRqbCgd1O-LpjuBBLUprZRL1bM1c-zzU-OUV6cLjFv61xH3PgGT4dqK50KzbQ75KezfgK10735hS0sSUoSG9AQQtdfr9GElLihrTaWyH7EUyJpiJ7lSmukr315ORq-htHpY9ifHFFmXIkkNi-vnHhpuHWcTR1f6Rm1r2jXAh7y936piyIBbSfYzCORcwgcuqLiqhqXqOlDV2vfm4VRLY9NULAiZbkvXN7lT2ViPkpkCZ5z5JPCwiTHRiCl7ZzluT8l5Q4BMTr09AJC3HIYzWYgseZc7UArPbKcEts5GI2-_ROfkzIdG31LnDqtX77iOXsOXXCtHp3q8_OtiRhlLvKOPohmiWBzRtIXsPfFS0M__GCEurnHy0zFbyYb7YhIZHbd3LuGXSBQnM_1s9cJQf60fUCISFDItJ81OIiRrvbdvG4CULOPY9Y0c0FM_-7jN4kCjltld1XGMN9KrOhz3CYufEpk5dNrBZAYOYBsXZjKlVGmxL1wRkV_FKOphUa5DmyJL2cw7gv_KDy5VMIy3-MVacEuRaqlYvsP5-FimVi90_xBtbNtMAW1fLQ8Zn-dPegkuIMJVcNjlPo3-wKngeoU9XXe_lNk9T00HBM1O7QR_WKacGk2zyii3Dsg--2WqFU7PZBR-R71Bqaz1gVZ17IKE8Kb7IXJ7RPUbnJDSwjEKi3sX0o5otRU2Mgms7OCMCQr1ELC7g6vKLFMwNuPiOo0AA9meXMi0THZfJSrBStE62H-Id-JLUbK2FZL9U47066NnmCupKU6dA7Lyld5Ox5RuOvydiOt0G7JQI1aVB_h0I2_YK3NLygN0Q3EBFktP0L3Z4L5YMMobwIawdXa5HFIq5NXQONxYNocGQ7LxrnSZH7UtVv-8JTWSg8DBPsYmxmrEc1ykGdxWJd4U7JqgT6QXiXXqtsLZ0iLpfQPRMMIBeyIUBA_-uhrBQtcSrV-D1jaCepnteomZ0jzw6H3v_aFZztfcOL14UwB9hk0q7RCPZTcq89BBZbdLh7VRt0tI0pYd1kaiB5iFX01CHInpiHxVjwVmnNf-Cg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Jul 2021 22:55:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame C1A9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=COMXvxuv9YJK4O5eT7_UPi5qUsAWu_bf1Y_qv0dOgDtvZHhABIP6o2g1glQKgAYfb4aQByAECqQKz5PGuBvaEPqgDAaoEuAFP0BnkYLLbOCTXnZULmd_f4W_zj2ED8iPButMQHz-v63HFyAEIO765BEuByKja15n6rnIHbldWLIxdPqYNiw5nDG3N13-O0ZiV-4tAWVs6KpCdTSac2u0CYWoEqM0OxDFVWhGDoydtht4T85I59I46dTu1Q8Wn45IJPrNK4pZ_Zryyxv0EYjEhmz9jxJbFlX02688y68LWrbHJCTEEjtBhNcdb17pVkldp5hwy46nUiRRj1BlH-lu0wASC4L-9zgOgBgKAB-GkntsCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEO-RA9IICQiA4YAQEAEYH4AKAcgLAdgTA9AVAYAXAbIXGgoYCAASFHB1Yi00MDgxNjk5OTg5MTc1MTY3&sigh=h1mgCOMrLb0&vt=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4081699989175167&output=html&h=600&slotname=1676498701&adk=214556337&adf=3687068580&pi=t.ma~as.1676498701&w=120&lmt=1627253702&url=http%3A%2F%2Fbloodhelpers.com%2F&flash=0&wgl=1&dt=1627253702856&bpp=12&bdt=412&idt=89&shv=r20210720&mjsv=m202107220101&ptt=5&saldr=sa&abxe=1&correlator=6421296585267&frm=20&pv=2&ga_vid=180087971.1627253703&ga_sid=1627253703&ga_hid=1071909973&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1164&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44745303%2C31061979%2C20211866&oid=3&pvsid=3686547446497883&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=EnfY6NOQwr&p=http%3A//bloodhelpers.com&dtd=103
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 25 Jul 2021 22:55:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame C1A9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvlJFTtRLhww-bowgwExpJd2auntwpQjIQ_f-KR5n2gawUnJolyNXprqR0IR3ocVwfbWcfC5wKaB9r8aIxrek5CXRcqJehq4yeR0cq2ZuIkkrfkBNv053SUU4e1Zg&sai=AMfl-YQwMeb5eRA-Bc0oiSnEc1u3ZDUQIrY98s-rP9hfmfd2-UDepvsyGkPQWxtwyiGufJ-SUqahBSDwJ_4X&sig=Cg0ArKJSzDsp6eso83CwEAE&id=lidar2&mcvt=1000&p=174,1164,624,1284&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210723&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=214556337&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1627253702962&dlt=649&rpt=60&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Jul 2021 22:55:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
ws.sharethis.com/secure5x/ Frame 430F 		14 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/secure5x/index.html
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c8:5600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
8beb64042187cc51fd691d55ff0221b6e9abf5ac8abe9dd494797d694f8b49b5

Request headers

:method
GET
:authority
ws.sharethis.com
:scheme
https
:path
/secure5x/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://bloodhelpers.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://bloodhelpers.com/

Response headers

content-type
text/html
content-length
4082
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 17:57:38 GMT
server
nginx/1.16.1
x-robots-tag
noindex, nofollow
date
Sun, 25 Jul 2021 01:25:01 GMT
etag
W/"60257012-390f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 a79264f1781916a9abe8d5b96e40a058.cloudfront.net (CloudFront)
x-amz-cf-pop
MAD50-C1
x-amz-cf-id
2Jwb96QQbvW0FqxAEV4YuiHscnB2wUcMEV6kJjx9WjFrbFeuE8seQg==
age
77403
stcommon.1f60705adac788a51a8240cf535237b0.js
ws.sharethis.com/secure5x/js/ Frame 430F 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/secure5x/js/stcommon.1f60705adac788a51a8240cf535237b0.js
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure5x/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c8:5600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
2d200d90966b8380a648972d71130785371751cf24bb7398f2854be23afb4a65

Request headers

Referer
https://ws.sharethis.com/secure5x/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 03:12:52 GMT
content-encoding
gzip
server
nginx/1.16.1
age
4131732
etag
W/"60257012-40f6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a79264f1781916a9abe8d5b96e40a058.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
MAD50-C1
x-robots-tag
noindex, nofollow
content-length
5630
x-amz-cf-id
eavDG51At-OQ9xJblHYf5oAj1E-Nyo41X-FtxbaQUhCQRrbs1UobiQ==
expires
Wed, 08 Jun 2022 03:12:52 GMT
st.5583d3f0facb4d4a55d1a93224fb446d.js
ws.sharethis.com/secure5x/js/ Frame 430F 		132 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/secure5x/js/st.5583d3f0facb4d4a55d1a93224fb446d.js
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure5x/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c8:5600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
c6d530197393988cfa840fdfe6f2cad81353a523398e861c0521b52f03b1b43b

Request headers

Referer
https://ws.sharethis.com/secure5x/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 03:31:01 GMT
content-encoding
gzip
server
nginx/1.16.1
age
4130643
etag
W/"60257012-20eab"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a79264f1781916a9abe8d5b96e40a058.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
MAD50-C1
x-robots-tag
noindex, nofollow
x-amz-cf-id
HC8CQZJbk9p_l6V_mk5bbs5vpWWqjAPNiQA1DoIpDck0C868aSTUcw==
expires
Wed, 08 Jun 2022 03:31:01 GMT

Verdicts & Comments Add Verdict or Comment

228 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| SelectParser function| AbstractChosen function| Chosen function| donorLoginValidate function| trim object| google_ad_client object| google_ad_slot object| google_ad_width object| google_ad_height object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| google_onload_fired object| google_sa_queue object| google_sl_win function| google_process_slots number| google_unique_id object| google_ad_block object| google_ad_channel object| google_ad_format object| google_ad_host object| google_ad_host_channel object| google_ad_host_tier_id object| google_ad_layout object| google_ad_layout_key object| google_ad_output object| google_ad_region object| google_ad_section object| google_ad_type object| google_ad_unit_key object| google_ad_dom_fingerprint object| google_ad_semantic_area object| google_placement_id object| google_adtest object| google_allow_expandable_ads object| google_alternate_ad_url object| google_alternate_color object| google_apsail object| google_captcha_token object| google_city object| google_color_bg object| google_color_border object| google_color_line object| google_color_link object| google_color_text object| google_color_url object| google_container_id object| google_content_recommendation_ad_positions object| google_content_recommendation_columns_num object| google_content_recommendation_rows_num object| google_content_recommendation_ui_type object| google_content_recommendation_use_square_imgs object| google_contents object| google_country object| google_cpm object| google_ctr_threshold object| google_cust_age object| google_cust_ch object| google_cust_criteria object| google_cust_gender object| google_cust_id object| google_cust_interests object| google_cust_job object| google_cust_l object| google_cust_lh object| google_cust_u_url object| google_disable_video_autoplay object| google_enable_content_recommendations object| google_enable_ose object| google_encoding object| google_font_face object| google_font_size object| google_frame_id object| google_full_width_responsive_allowed object| efwr object| google_full_width_responsive object| gfwroh object| gfwrow object| gfwroml object| gfwromr object| gfwroz object| gfwrnh object| gfwrnwer object| gfwrnher object| google_gl object| google_hints object| google_image_size object| google_kw object| google_kw_type object| google_language object| google_loeid object| google_max_num_ads object| google_max_radlink_len object| google_max_responsive_height object| google_ml_rank object| google_mtl object| google_native_ad_template object| google_native_settings_key object| google_num_radlinks object| google_num_radlinks_per_unit object| google_override_format object| google_page_url object| google_pgb_reactive object| google_pucrd object| google_referrer_url object| google_region object| google_resizing_allowed object| google_resizing_height object| google_resizing_width object| rpe object| google_responsive_formats object| google_responsive_auto_format object| armr object| google_rl_dest_url object| google_rl_filtering object| google_rl_mode object| google_rt object| google_safe object| google_safe_for_responsive_override object| google_video_play_muted object| google_source_type object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_tag_origin object| google_tag_partner object| google_targeting object| google_tfs object| google_video_doc_id object| google_video_product_type object| google_webgl_support object| google_package object| google_debug_params object| dash object| google_restrict_data_processing boolean| google_apltlad object| google_sv_map function| searchDonorValidation object| config string| selector boolean| switchTo5x object| stlib function| _$d function| _$d0 function| _$d_ function| _$d1 function| _$d2 function| _$de function| _$dt object| _all_services boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus string| customProduct string| stWidgetVersion object| stButtons object| stWidget boolean| sop_pview_logged object| ShareThisEvent object| stLight boolean| st_showing function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ boolean| _gfp_a_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| init_hash boolean| showHoverbarReskinned boolean| isEsiLoaded boolean| stShowNewMobileWidget boolean| isMobileButtonLoaded boolean| stRecentServices boolean| iswhatsappCustomButton boolean| isKikCustomButton boolean| stIsLoggedIn object| servicesLoggedIn object| stFastShareObj boolean| useFastShare object| stButtonsLib function| Shareable function| shareLog undefined| __stPubGA object| async_buttons function| foursquareCallback function| __stgetPubGA function| plusoneCallback boolean| openWidget object| adsbygoogle string| baseURL function| google_spfd object| GoogleGcLKhOms object| google_image_requests string| messageSet

4 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUmyNWriMR3Smk6FC8mNbuDS9vtj0utfrDCj3lCuNiGPWfVM9ltnMF8xLflpvtM
.bloodhelpers.com/ Name: __gads
Value: ID=e708ddfdd029113e-229c5ddb8bc80037:T=1627253703:RT=1627253703:S=ALNI_MZNOd1E6fXc3KIr3MJBvO9Fc4p1Jg
bloodhelpers.com/ Name: PHPSESSID
Value: deo40tln0le1mkqlhobkug8ot2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
bloodhelpers.com
c.sharethis.mgr.consensu.org
count-server.sharethis.com
googleads.g.doubleclick.net
l.sharethis.com
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
w.sharethis.com
ws.sharethis.com
www.facebook.com
www.google.com
www.googletagservices.com
216.58.212.162
2400:8901::f03c:91ff:fe3e:c414
2600:9000:2057:6200:c:a9b7:ddc0:93a1
2600:9000:20c8:5600:3:c04e:c780:93a1
2600:9000:20c8:ec00:3:c04e:c780:93a1
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:831::2001
2a03:2880:f12d:181:face:b00c:0:25de
52.58.221.124
52.70.94.235
0697c07c0ab6e661ea446ec8242304225e7cec860c1913ac9d0c2f25611b96e9
095673de1d39cecc95882eab9c8d418a6349794fb21bf8d2048bc65f7b7e7271
0d6cc7da011f8f5147a4d211c07ad9d8a80c931625656afa52fac4b83f4122dd
0eefc2d7f64647f430757895d13bd823e9106b542cacf8ed5adc05c772ea2cde
101952754cb8c2ae6e1b8b8cba16dc2a9b47e6e808bd563a8b87d0561daf7d85
10ad65fee3c7f0fc6a2122915ac606daf88347db9f6173aa67e3457598665677
10b02de004b97512fd30c6f064abbdee71b11f73eb02929c24e5b0133e692b97
1600444c9b4125557ffab061b614813ee35aea6a10101fdd47c236d7d8a4c435
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99
232066e3f6f1351afdaee1acb70c409766641fd5669e0b55ce7c77fac0a857ef
248efbcc76b3d0a7264cb4cbc225aa44606b05c639dc6bd1ddf40157f72d43c7
266d11c6058f9a59e25b5a5232f571dc69eb3578beb0faec8fa3d2088836388c
26fcc73029e99848bbddfb58a3da0bac842035a60b7a6cb759bbcdd17734955c
2d200d90966b8380a648972d71130785371751cf24bb7398f2854be23afb4a65
31db83f7dee8772cf449eb52412da6d98ede3db1f1266cf772e53fa3d10579bf
3488c49147b809d1e457c14a37bf3a79b0455fd159c121325e8f737eea45eb75
3b4978d974b4bf88bb8fde97c0e2d26e39cc3d64c70602e7b8ea75f2eb8c24a2
3d402b7c9f34159474a05117023b3b604784349031a57702714e9278ffe703a8
4409f886851d18b5071cc08d25845e0d959d51fd1e9eec92118d0f12a44e5eeb
465d576714c8de5cf1f7f962251bcf51d64fb73155a41ebf3ac2525938501a2d
4f0b8a92c4b966af8298f43c059ec089461ee7a36fe53ee407ab39485194e358
4f197c444784333a55ff4b224157f0d800e70c9daa39d86bcedc8c7ef162915d
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5073fab4fddb9f037315ac9c663dce6681b03976250cab681638dfe17475466f
5457dbdf5b8ea7afe9c7d54038caee3eb372bf261b751577a20de58a98e024ae
5608227c7f669c0d9a2becf40df6b1e818c4bf5031cff42356ea83b953079541
5d1310353e02e0a006b79b7d607131cb6d9411543a8957b772f565816fdf3ce4
5e0eb783dd1df7d0d104169c210fe8775412af11f797b5c9fd368c6d0b5b1c93
608e0382cd5327f9ee7c19cefe7d6fd4447233ae38e1ddcf0074765a09e4293e
62f041ce8a15ab6b5dda668380d3191d5b95b914a14cc65140a7fd717e6381a2
694d659009eac3d41baa98f316082395d708e93affbfddbba5fed6289b2560c6
6da64d35e0719af8338c2ca65f4597386a5d95632da247f6eabea44087e94f73
72733f17413f79408f89e9d85b9e44fcd10c9a8351d26c204b497d2769b67fc1
738ddea232874c82239c237498e051aeade604c081fcc45fe80776113f8c4a14
7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca
776654f7b3bf08c9ad34b8a4346af6dd89590ebee0c4f7c6dd8d7f34ea1f1698
7768ef3b22f5e72323a4369b128de32a542a893a2907955e7bbace7bbf6fa768
7c1dc78e5284f0f937fc9159ca5418fd27aac3e93eb813bf6477cca5c34bf998
8bc62c9ef81390af989b3829ace60aae916e299dab9df7ec5e49db2d07a956b6
8beb64042187cc51fd691d55ff0221b6e9abf5ac8abe9dd494797d694f8b49b5
90101d89a43a87d05aa518105ca610af5f823d4656f1990771a2ab912e7e5a4a
90ae6a92534dd5280d5dd7ee4e2ae906e67b238cd99eb101d1cd9b8ce448ef97
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05
9a9908a313001cfb6df4c6dc006c43f13dfcca49840f203ca7fc81d71e9366f6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
aa7d7130a1412cd7df7976029c244e17ae541393962321ef3798d4fd31a8c1fa
aca111e20c2cd9bfef7349df513d3abec397eedf13136f2ee89e25913bfe3274
aeae37bae2130513ef8b5ea4fde8fd776b32ff8969b848b59399a63d9455e29a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
bed84be79258e806a6c268b5be925abeb1a80d9733c277f3416c63d9cd9ebc0e
c1abbde5f157de3a571a6e12ceea7466953640d23fbe0e5b7339d04c4b0e73ab
c4b8a8c6703278963efa13c2536ca546ed08f55a0dbab145d5500f850691d8a3
c6d530197393988cfa840fdfe6f2cad81353a523398e861c0521b52f03b1b43b
cd53a305a61a6a7bfa3b7704e9eed801ffe058954baed4784f554fd3991155fd
d03b98e10261f4807504ce30bb32c443ca89a9b9d8b59c7a99130c3d1d1eca57
de9beb5ad10173669f0b41c34c327f869c48dd0e4300d398e72603eb4a119a48
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e498735abec99119623c06b3b289a236709fe4bae0e75f8a2bcdc236c4fa7416
e670fdcaf8cd467a9a1a67e9a5c1f73288089f59dc08031b118dc26fbd233c80
e7aeaab1bb53516b64c5a5c1a32447651442d918f6f3a0a2bac333414d085b9e
e7f3e6e7de4d0e4b7b1ac851f43188836a609a0e77b4c6f5ade29b8c9b80e946
e8d4ff5367de8df94634d960c32dd62bceb138308cffddbc2656492fcfd7a934
ead7ef16f08dde9131f8e473c687c2285161bdff846a47dc09f78dd5a56b9581
eba396bb2d056206fff4af829b6e6edfd05ab820e06fed281e762c9bfe6f2911
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3bc548fe0ec38e954e193e2048fcd89948a61e9b321e69476b807cfb530215b
fc345ad17d1564c82cf169a6e0a9be99d6a67f66568396c49575678d0179f4d7
fd0d2d25b0bae9f94ab8afb18b9b5341bec98a9f20926e91bbb528acdccf5dc0
fdf2ce1dd291ed85237de3ca32c8595089ea91b09439ed40afc63a240549e4fa
ffc5b915284c210bfb56d123358c80408200d967819e1a52979fb7572a98ba65