urlscan.io logo urlscan.io
SecurityTrails logo

bloombergxyz.click Open in urlscan Pro
172.67.157.230  Public Scan

Go To Rescan Add Verdict Report
URL: https://bloombergxyz.click/
Submission: On June 15 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 13 domains to perform 36 HTTP transactions. The main IP is 172.67.157.230, located in United States and belongs to CLOUDFLARENET, US. The main domain is bloombergxyz.click.
TLS certificate: Issued by WE1 on June 12th 2024. Valid for: 3 months.
This is the only time bloombergxyz.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 172.67.157.230 13335 (CLOUDFLAR...)
9 34.120.220.213 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
5 142.250.185.66 15169 (GOOGLE)
2 119.8.184.92 136907 (HWCLOUDS-...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a02:4780:b:1... 47583 (AS-HOSTINGER)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 160.153.0.119 209242 (CLOUDFLAR...)
1 188.114.96.3 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.67.68.8 13335 (CLOUDFLAR...)
36 16
1    172.67.157.230 (United States)

ASN13335 (CLOUDFLARENET, US)
bloombergxyz.click
9    34.120.220.213 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.220.120.34.bc.googleusercontent.com
static.cdns.space
2    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
firebase.googleapis.com
5    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
pagead2.googlesyndication.com
2    119.8.184.92 (Singapore, Singapore)

ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK)
PTR: ecs-119-8-184-92.compute.hwclouds-dns.com
gbw.cmpc.fun
2    2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
firebaseinstallations.googleapis.com
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a02:4780:b:1328:0:1451:6fee:10 (Phoenix, United States)

ASN47583 (AS-HOSTINGER, CY)
bukashub.com
3    2606:4700::6810:17 (United States)

ASN13335 (CLOUDFLARENET, US)
larryferlazzo.edublogs.org
1    160.153.0.119 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
PTR: _unknown.ip.secureserver.net
marilynburnsmath.com
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
jodidurgin.com
1    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.feedburner.com
1    172.67.68.8 (United States)

ASN13335 (CLOUDFLARENET, US)
www.teachthought.com
Apex Domain
Subdomains		 Transfer
9 cdns.space
static.cdns.space — Cisco Umbrella Rank: 741754
103 KB
7 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 136
tpc.googlesyndication.com — Cisco Umbrella Rank: 172
216 KB
4 googleapis.com
firebase.googleapis.com — Cisco Umbrella Rank: 3907
firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 630
1 KB
3 edublogs.org
larryferlazzo.edublogs.org
920 KB
3 bukashub.com
bukashub.com
5 MB
2 cmpc.fun
gbw.cmpc.fun — Cisco Umbrella Rank: 258257
13 KB
1 teachthought.com
www.teachthought.com — Cisco Umbrella Rank: 611920
432 KB
1 feedburner.com
www.feedburner.com — Cisco Umbrella Rank: 377235
2 KB
1 jodidurgin.com
jodidurgin.com
141 KB
1 marilynburnsmath.com
marilynburnsmath.com
19 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2347
256 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
88 KB
1 bloombergxyz.click
bloombergxyz.click
2 KB
36 13
Domain Requested by
9 static.cdns.space bloombergxyz.click
static.cdns.space
5 pagead2.googlesyndication.com static.cdns.space
pagead2.googlesyndication.com
3 larryferlazzo.edublogs.org
3 bukashub.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 firebaseinstallations.googleapis.com static.cdns.space
2 gbw.cmpc.fun static.cdns.space
2 firebase.googleapis.com static.cdns.space
1 www.teachthought.com
1 www.feedburner.com
1 jodidurgin.com
1 marilynburnsmath.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com static.cdns.space
1 bloombergxyz.click
36 15

This site contains no links.

Subject Issuer Validity Valid
bloombergxyz.click
WE1		 2024-06-12 -
2024-09-10		 3 months crt.sh
*.cdns.space
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2024-05-17 -
2025-05-17		 a year crt.sh
upload.video.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.cmpc.fun
RapidSSL TLS RSA CA G1		 2023-11-07 -
2024-11-07		 a year crt.sh
*.google-analytics.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
bukashub.com
R3		 2024-05-25 -
2024-08-23		 3 months crt.sh
*.edublogs.org
Sectigo RSA Domain Validation Secure Server CA		 2023-12-07 -
2024-12-07		 a year crt.sh
marilynburnsmath.com
Cloudflare Inc ECC CA-3		 2023-11-11 -
2024-11-10		 a year crt.sh
jodidurgin.com
E1		 2024-05-13 -
2024-08-11		 3 months crt.sh
misc.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
teachthought.com
E1		 2024-05-22 -
2024-08-20		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://bloombergxyz.click/
Frame ID: 36343D4CEF2EE2BD7343A16B44358B29
Requests: 31 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240612/r20110914/zrt_lookup_fy2021.html
Frame ID: 875A7C784B803A4B781AD283326B2B7F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-3125188477567991&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1718426188&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fbloombergxyz.click%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=28~30~31~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=28~30~31~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=28_13~30_5~31_3~27_15~29_11&aiixl=28_4~30_6~31_8~27_3~29_5&aslmct=0.7&asamct=0.7&itsi=-1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNjEiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNjEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjYxIl1dLDBd&dt=1718426188496&bpp=2&bdt=453&idt=251&shv=r20240612&mjsv=m202406120201&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=7801319338968&frm=20&pv=2&ga_vid=1141410260.1718426189&ga_sid=1718426189&ga_hid=1831438507&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95334510%2C95334525%2C95334566%2C95334572%2C95334581%2C95334819%2C31084600%2C95335245%2C95334052%2C95335292%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3448826610055963&tmod=1822987209&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=274
Frame ID: 8419F1F21B1D6C7CDD80D93F5C0711FF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EAE877AE22DF0CC1A4E5DD582CC6B850
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

News

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

36
Requests

97 %
HTTPS

53 %
IPv6

13
Domains

15
Subdomains

16
IPs

4
Countries

7043 kB
Transfer

12721 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bloombergxyz.click/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bloombergxyz.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.157.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
988738703cfa72783f492b418d9b273a2dcf51009a9832791c1c86d28b486e0a

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
893fdbf7c8db3a8b-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 15 Jun 2024 04:36:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WtEJFTg5wMQD3yVrQXQqr22lHkh6%2FrfXWndsqUOfd7Bn%2Fc4%2F33O2pMugfhVBXR0ZXPWPwX6Tx3ODHGGbw5GVqkJvwJYIJggOITergYkVcZBgGfcOUySPo9wUC2vXHPtDUDtbqIw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
bundle.axios.b49b59d3.js
static.cdns.space/news/js/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cdns.space/news/js/bundle.axios.b49b59d3.js
Requested by
Host: bloombergxyz.click
URL: https://bloombergxyz.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.220.213 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
213.220.120.34.bc.googleusercontent.com
Software
OBS /
Resource Hash
81cfd5a6139bef8ca4a6119ce20e9f674fc1c92fcc6a09dc4cdb7a9b4c10cb71

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bloombergxyz.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 03:24:13 GMT
content-encoding
br
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSC14iX0VkXK8/9XadkGE8vF5eh8HlF7
via
1.1 google
server
OBS
last-modified
Wed, 12 Jun 2024 03:18:44 GMT
age
263535
etag
"2dce5340d1ce5bacfc134b5b734c7035"
content-type
application/javascript
cache-control
public,max-age=2592000
x-obs-request-id
000001900A7980BF941FFEF693E270C0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12044
bundle._firebase.96fdd5c4.js
static.cdns.space/news/js/ 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cdns.space/news/js/bundle._firebase.96fdd5c4.js
Requested by
Host: bloombergxyz.click
URL: https://bloombergxyz.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.220.213 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
213.220.120.34.bc.googleusercontent.com
Software
OBS /
Resource Hash
879a8ff307ce35a2d4087794dbf886d7d3e6d8a9b78d36eac890b506822fb674

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bloombergxyz.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 03:24:13 GMT
content-encoding
br
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSi3XmI0gMsz8EsiBu/T1mLZrGjLngcD
via
1.1 google
server
OBS
last-modified
Wed, 12 Jun 2024 03:18:44 GMT
age
263535
etag
"363563600e2b9ef6c072391f98e8e640"
content-type
application/javascript
cache-control
public,max-age=2592000
x-obs-request-id
000001900A7980CA980D901ABD5E155B
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12072
main.95b757a0.js
static.cdns.space/news/ 		233 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cdns.space/news/main.95b757a0.js
Requested by
Host: bloombergxyz.click
URL: https://bloombergxyz.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.220.213 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
213.220.120.34.bc.googleusercontent.com
Software
OBS /
Resource Hash
1867103221d661e54c1578fde84ef2ae26b30032de844760fd4e5c347bd06f8f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bloombergxyz.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 08:16:37 GMT
content-encoding
br
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSkXfMY6Nl1VGfBghpVIp3vmaa5kigwk
via
1.1 google
server
OBS
last-modified
Fri, 14 Jun 2024 08:10:17 GMT
age
73191
etag
"e8ec2cb83f5274df9a34934e4d123293"
content-type
application/javascript
cache-control
public,max-age=2592000
x-obs-request-id
0000019015D1ECC59412F368A3E0171D
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68668
home.84f138d9.css
static.cdns.space/news/css/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.cdns.space/news/css/home.84f138d9.css
Requested by
Host: bloombergxyz.click
URL: https://bloombergxyz.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.220.213 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
213.220.120.34.bc.googleusercontent.com
Software
OBS /
Resource Hash
2d888d1a1a95aed1aedfff14ed06d498fc36f46d3141e9e396990e222fcd08d4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bloombergxyz.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 06:53:20 GMT
content-encoding
br
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSKZsuSWd9xK8coXBtAETsOE01w0mK5L
via
1.1 google
server
OBS
last-modified
Thu, 13 Jun 2024 06:47:46 GMT
age
164588
etag
"2c44e6f5cdbeebab36be19ef818b0eea"
content-type
text/css
cache-control
public,max-age=2592000
x-obs-request-id
00000190105F50CD9814F0F67E485EFD
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1224
home.1d669a85.js
static.cdns.space/news/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cdns.space/news/js/home.1d669a85.js
Requested by
Host: bloombergxyz.click
URL: https://bloombergxyz.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.220.213 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
213.220.120.34.bc.googleusercontent.com
Software
OBS /
Resource Hash
06dc95ebccdc6c2f7fb67ac1317a8906ba3dc612870befcdc0453a7e22aa9e30

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bloombergxyz.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 06:33:13 GMT
content-encoding
br
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSMQTG8AhBoqgR7GWVJwWJ/4JI9t8nCN
via
1.1 google
server
OBS
last-modified
Thu, 13 Jun 2024 06:27:56 GMT
age
165795
etag
"00c8787cbc6b315407004f769cb9629d"
content-type
application/javascript
cache-control
public,max-age=2592000
x-obs-request-id
00000190104CE56F98085DC64F5947CE
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2468
chunk-55ef3d61.79a31e29.css
static.cdns.space/news/css/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://static.cdns.space/news/css/chunk-55ef3d61.79a31e29.css
Requested by
Host: bloombergxyz.click
URL: https://bloombergxyz.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.220.213 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
213.220.120.34.bc.googleusercontent.com
Software
OBS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bloombergxyz.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 06:53:20 GMT
content-encoding
br
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSidW+l5qsnd77y304LCJPVgp8xCLRyu
via
1.1 google
server
OBS
last-modified
Thu, 13 Jun 2024 06:47:46 GMT
age
164588
etag
"7afc9172a7d1c0d2bb9f695d5060fdca"
content-type
text/css
cache-control
public,max-age=2592000
x-obs-request-id
00000190105F50C09412F3A195B43714
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
986
bundle.core-js.960643ae.js
static.cdns.space/news/js/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://static.cdns.space/news/js/bundle.core-js.960643ae.js
Requested by
Host: bloombergxyz.click
URL: https://bloombergxyz.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.220.213 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
213.220.120.34.bc.googleusercontent.com
Software
OBS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bloombergxyz.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 03:24:14 GMT
content-encoding
br
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSAPjRFDVyRGS3rRDQdHucAQnHYeNyjc
via
1.1 google
server
OBS
last-modified
Wed, 12 Jun 2024 03:18:44 GMT
age
263534
etag
"829750d9fb3f84b43a102ec93ef40e93"
content-type
application/javascript
cache-control
public,max-age=2592000
x-obs-request-id
000001900A798409941A7DF8DBC90A22
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4383
chunk-55ef3d61.ad15843b.js
static.cdns.space/news/js/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://static.cdns.space/news/js/chunk-55ef3d61.ad15843b.js
Requested by
Host: bloombergxyz.click
URL: https://bloombergxyz.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.220.213 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
213.220.120.34.bc.googleusercontent.com
Software
OBS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bloombergxyz.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 06:33:14 GMT
content-encoding
br
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSxTnt4MOJnnBxbRPABd0IiYnoGoGSmA
via
1.1 google
server
OBS
last-modified
Thu, 13 Jun 2024 06:27:55 GMT
age
165794
etag
"4ea5949ed002270181fe8c240040970f"
content-type
application/javascript
cache-control
public,max-age=2592000
x-obs-request-id
00000190104CE97A9412F2BEE9B6060C
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2174
bundle.core-js.960643ae.js
static.cdns.space/news/js/ 		14 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cdns.space/news/js/bundle.core-js.960643ae.js
Requested by
Host: static.cdns.space
URL: https://static.cdns.space/news/main.95b757a0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.220.213 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
213.220.120.34.bc.googleusercontent.com
Software
OBS /
Resource Hash
2b52caddecc00d834db84af3ea143970d26ed06ba594d5cf340b9c8f77d4c3ce

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bloombergxyz.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 03:24:14 GMT
content-encoding
br
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSAPjRFDVyRGS3rRDQdHucAQnHYeNyjc
via
1.1 google
server
OBS
last-modified
Wed, 12 Jun 2024 03:18:44 GMT
age
263534
etag
"829750d9fb3f84b43a102ec93ef40e93"
content-type
application/javascript
cache-control
public,max-age=2592000
x-obs-request-id
000001900A798409941A7DF8DBC90A22
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4383
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:178708903326:web:91deef4e9bd2b80d6cd28f/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:178708903326:web:91deef4e9bd2b80d6cd28f/webConfig
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-api-key
Access-Control-Request-Method
GET
Origin
https://bloombergxyz.click
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://bloombergxyz.click
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sat, 15 Jun 2024 04:36:28 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:178708903326:web:91deef4e9bd2b80d6cd28f/ 		265 B
383 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:178708903326:web:91deef4e9bd2b80d6cd28f/webConfig
Requested by
Host: static.cdns.space
URL: https://static.cdns.space/news/js/bundle._firebase.96fdd5c4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c77b1b73c48fd7c0587cc12dc0c4b7ab68e77c0ae4718b0b50ecf7b3c099590a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
accept
application/json
Referer
https://bloombergxyz.click/
x-goog-api-key
AIzaSyCOPcbn2sfxXiBYJQ2drJ6dkCG8FW3K4eg
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 04:36:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://bloombergxyz.click
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
193
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		158 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3125188477567991
Requested by
Host: static.cdns.space
URL: https://static.cdns.space/news/js/home.1d669a85.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
4e11d5617226233a53031b269b9c0c6ed167d6400e8e6e4dc21b994f491666ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bloombergxyz.click/
Origin
https://bloombergxyz.click
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 04:36:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53142
x-xss-protection
0
server
cafe
etag
9458041912256367530
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sat, 15 Jun 2024 04:36:28 GMT
summary
gbw.cmpc.fun/v1/tc/a/ 		13 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gbw.cmpc.fun/v1/tc/a/summary
Requested by
Host: static.cdns.space
URL: https://static.cdns.space/news/js/bundle.axios.b49b59d3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.8.184.92 Singapore, Singapore, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-119-8-184-92.compute.hwclouds-dns.com
Software
elb /
Resource Hash
97ac0ad0ba288e3703d369fb2e0109038f6539946e1248e2c853c65659061fe9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://bloombergxyz.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

Date
Sat, 15 Jun 2024 04:36:29 GMT
Server
elb
Transfer-Encoding
chunked
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
summary
gbw.cmpc.fun/v1/tc/a/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gbw.cmpc.fun/v1/tc/a/summary
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.8.184.92 Singapore, Singapore, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-119-8-184-92.compute.hwclouds-dns.com
Software
elb /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://bloombergxyz.click
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
0
Date
Sat, 15 Jun 2024 04:36:29 GMT
Server
elb
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
installations
firebaseinstallations.googleapis.com/v1/projects/enetwork-71ebd/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/enetwork-71ebd/installations
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-firebase-client,x-goog-api-key
Access-Control-Request-Method
POST
Origin
https://bloombergxyz.click
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-firebase-client,x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://bloombergxyz.click
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sat, 15 Jun 2024 04:36:28 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
installations
firebaseinstallations.googleapis.com/v1/projects/enetwork-71ebd/ 		626 B
680 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/enetwork-71ebd/installations
Requested by
Host: static.cdns.space
URL: https://static.cdns.space/news/js/bundle._firebase.96fdd5c4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
386bc5da8720427a8c049d8a9639d8c0c47f38139502f0b382746924ce1c973b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
x-firebase-client
eyJ2ZXJzaW9uIjoyLCJoZWFydGJlYXRzIjpbeyJhZ2VudCI6ImZpcmUtY29yZS8wLjkuMTMgZmlyZS1jb3JlLWVzbTIwMTcvMC45LjEzIGZpcmUtanMvIGZpcmUtanMtYWxsLWFwcC85LjIzLjAgZmlyZS1paWQvMC42LjQgZmlyZS1paWQtZXNtMjAxNy8wLjYuNCBmaXJlLWFuYWx5dGljcy8wLjEwLjAgZmlyZS1hbmFseXRpY3MtZXNtMjAxNy8wLjEwLjAiLCJkYXRlcyI6WyIyMDI0LTA2LTE1Il19XX0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://bloombergxyz.click/
x-goog-api-key
AIzaSyCOPcbn2sfxXiBYJQ2drJ6dkCG8FW3K4eg
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 04:36:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://bloombergxyz.click
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
490
x-xss-protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406120201/ 		428 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406120201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3125188477567991&plah=bloombergxyz.click&aplac=true&bust=31084600
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3125188477567991
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
82b2cdfb606c01ed5a5cbf983bbd019f364db3d0cd03ad450f30ad3d3a858b2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bloombergxyz.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 04:36:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148217
x-xss-protection
0
server
cafe
etag
17599453809564420808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 15 Jun 2024 04:36:28 GMT
js
www.googletagmanager.com/gtag/ 		247 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-FQL1Y4C7MY
Requested by
Host: static.cdns.space
URL: https://static.cdns.space/news/js/bundle._firebase.96fdd5c4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0c6b39094e1f9155d118649c4ea9690405dbeedd51315b0e428c59f9fcc3cafe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bloombergxyz.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 04:36:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89847
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 15 Jun 2024 04:36:28 GMT
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240612/r20110914/ Frame 875A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20240612/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406120201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3125188477567991&plah=bloombergxyz.click&aplac=true&bust=31084600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://bloombergxyz.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
31058
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4165
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 14 Jun 2024 19:58:51 GMT
etag
16861080603521627538
expires
Fri, 28 Jun 2024 19:58:51 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 8419 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-3125188477567991&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1718426188&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fbloombergxyz.click%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=28~30~31~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=28~30~31~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=28_13~30_5~31_3~27_15~29_11&aiixl=28_4~30_6~31_8~27_3~29_5&aslmct=0.7&asamct=0.7&itsi=-1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNjEiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNjEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjYxIl1dLDBd&dt=1718426188496&bpp=2&bdt=453&idt=251&shv=r20240612&mjsv=m202406120201&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=7801319338968&frm=20&pv=2&ga_vid=1141410260.1718426189&ga_sid=1718426189&ga_hid=1831438507&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95334510%2C95334525%2C95334566%2C95334572%2C95334581%2C95334819%2C31084600%2C95335245%2C95334052%2C95335292%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3448826610055963&tmod=1822987209&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=274
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406120201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3125188477567991&plah=bloombergxyz.click&aplac=true&bust=31084600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://bloombergxyz.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 15 Jun 2024 04:36:29 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-FQL1Y4C7MY&gtm=45je46c0v9186738747za200&_p=1718426188516&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&_fid=ezkJ7tuiGb-CyqXOb3IK3R&cid=1141410260.1718426189&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718426188&sct=1&seg=0&dl=https%3A%2F%2Fbloombergxyz.click%2F&dt=News&en=page_view&_fv=1&_ss=1&_ee=1&ep.origin=firebase&tfd=1530
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-FQL1Y4C7MY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bloombergxyz.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 15 Jun 2024 04:36:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bloombergxyz.click
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240612&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406120201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3125188477567991&plah=bloombergxyz.click&aplac=true&bust=31084600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
944404c9b097b3aa5fe6fa9f266c00a4847930d819e0890615f683789ea79925
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bloombergxyz.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 04:36:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12642
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406120201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3125188477567991&plah=bloombergxyz.click&aplac=true&bust=31084600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bloombergxyz.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 04:36:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 15 Jun 2024 04:36:29 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EAE8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://bloombergxyz.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
46553
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 14 Jun 2024 15:40:36 GMT
expires
Sat, 14 Jun 2025 15:40:36 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0
truncated
/ 		83 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ecca21d29891d8a2205f4c6921218c7ab109f8885968a40f3d6c2e18172e1058

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
Onome-Ovwori-Not-Alone.jpeg
bukashub.com/wp-content/uploads/2024/06/ 		212 KB
212 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bukashub.com/wp-content/uploads/2024/06/Onome-Ovwori-Not-Alone.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:1328:0:1451:6fee:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
f324c8f7fccaf82579b625702b3d5fbe8292b570239ea813e3810edff7085410
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bloombergxyz.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 04:36:30 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 11 Jun 2024 12:02:20 GMT
server
LiteSpeed
etag
"350f9-66683ccc-3dc8b441bb1c6ef4;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
217337
expires
Sat, 22 Jun 2024 04:36:30 GMT
cellphones_1718062358.png
larryferlazzo.edublogs.org/files/2024/06/ 		233 KB
233 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://larryferlazzo.edublogs.org/files/2024/06/cellphones_1718062358.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
609b339b20a47a9047fa57aa674a47f741af3a2ea8c138ac3f1c50a2efefbee8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bloombergxyz.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 04:36:31 GMT
x-amz-version-id
6z2lwhXDbu_tsD6TbC9_wUmUweEQTw_R
cf-cache-status
MISS
x-amz-request-id
KYYA3EFR1J239HA3
x-amz-server-side-encryption
AES256
x-moha-origin
https://s3.amazonaws.com/user.files.edublogs.org/dist/2/38582/files/2024/06/cellphones_1718062358.png
content-length
238424
x-amz-id-2
OI8eNB+VkU2O5Z4R/vTfNfNjLzvmbUS6TBO0woXDfAGRW8B8S278ASJ+BxEA9qh8dCnQxFn2tFs=
x-amz-meta-compressed
70.22
last-modified
Mon, 10 Jun 2024 23:32:47 GMT
server
cloudflare
etag
"9630c2b335f6f1faf620565fe0109e4a"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
893fdc0ad8c14dc1-FRA
expires
Sun, 15 Jun 2025 04:36:31 GMT
Writing2-300x257.jpg
marilynburnsmath.com/wp-content/uploads/2024/06/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marilynburnsmath.com/wp-content/uploads/2024/06/Writing2-300x257.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.119 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
_unknown.ip.secureserver.net
Software
cloudflare /
Resource Hash
73a72b90886313e865995b1aaae23d35fdf0e657c8e532c9a0ab648771875ff5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bloombergxyz.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 04:36:30 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
varnish_ssl
cf-cache-status
MISS
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
content-length
18501
x-xss-protection
1; mode=block
last-modified
Wed, 12 Jun 2024 18:26:23 GMT
x-php-version
8.0
server
cloudflare
etag
"4845-61ab5850220fa"
vary
Accept-Encoding
content-type
image/jpeg
x-cache-hit
HIT
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
893fdc0abded4534-TXL
expires
Tue, 16 Jul 2024 04:36:30 GMT
pumpkin-book-report-project-pages-for-kids-1024x538.jpg
jodidurgin.com/wp-content/uploads/2024/05/ 		140 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jodidurgin.com/wp-content/uploads/2024/05/pumpkin-book-report-project-pages-for-kids-1024x538.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
b6761deb9662089e0a8fad95040aa5347e6fb0e6764d03e8eb9ca40afe501556

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bloombergxyz.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 04:36:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
65931
x-powered-by
centminmod
alt-svc
h3=":443"; ma=86400
content-length
143258
last-modified
Tue, 21 May 2024 16:13:51 GMT
server
cloudflare
etag
"664cc83f-22f9a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LUTEADlrkn2AEC8To1NVSXMGMRpxw678Iwtg0B%2BrBH2dMi6zKxlI48AI2w%2Bktq%2FMWHKKTWr%2FYFX5971EbxCnAUheGElVzWyOD6bnBel4e8OZ8yZTwBNhv4hnccLhQFPV%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
x-hosted-by
BigScoots
cache-control
public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges
bytes
cf-ray
893fdc0a9dfe5d4c-FRA
Daniel-Ojo-Ese.png
bukashub.com/wp-content/uploads/2024/06/ 		5 MB
5 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bukashub.com/wp-content/uploads/2024/06/Daniel-Ojo-Ese.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:1328:0:1451:6fee:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
fe52f7446285c4df05271588a837aa8e58d630d68b78db07cdb2f8d77049490f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bloombergxyz.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 04:36:30 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 11 Jun 2024 11:23:37 GMT
server
LiteSpeed
etag
"4c6e0a-666833b9-a49b97f671f37fd9;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
5008906
expires
Sat, 22 Jun 2024 04:36:30 GMT
feed-icon32x32.png
www.feedburner.com/fb/images/pub/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.feedburner.com/fb/images/pub/feed-icon32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55070d3be787cd8ccee8ea0fd75f0e11e944e6f70231f0dcb4c5ae348fcba6be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bloombergxyz.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 04:36:30 GMT
x-content-type-options
nosniff
age
0
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/pichu-static
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1441
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 22:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="pichu-static"
report-to
{"group":"pichu-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/pichu-static"}]}
content-type
image/png
cache-control
public, max-age=0
accept-ranges
bytes
expires
Sat, 15 Jun 2024 04:36:30 GMT
mecca_1565530314.jpg
larryferlazzo.edublogs.org/files/2019/08/ 		418 KB
419 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://larryferlazzo.edublogs.org/files/2019/08/mecca_1565530314.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3675ececaa3df8f935553cdc2cd1aca736e3a35e0952952964c5ec11e82c840f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bloombergxyz.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 04:36:30 GMT
x-amz-version-id
OIWYGKtn5rFrix_5WSCORN6RM8u8ZM5A
cf-cache-status
HIT
x-amz-request-id
ZDT8D656KZDRAH0V
age
1573
cf-polished
degrade=85, origSize=442856, status=webp_bigger
x-moha-origin
https://s3.amazonaws.com/user.files.edublogs.org/dist/2/38582/files/2019/08/mecca_1565530314.jpg
content-length
427571
x-amz-id-2
uu7udqNcsi7lnD6cHBY/ufjc6XMhhj9QiwW2KbvvAueLUOPWTdIKqfh1kGeyEjqtBV8hhQhSaTc=
x-amz-meta-compressed
37.04
cf-bgj
imgq:85,h2pri
last-modified
Sun, 11 Aug 2019 13:31:57 GMT
server
cloudflare
etag
"2833048578d102bbf7e2947e20a63dc5"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
893fdc0ad8bf4dc1-FRA
expires
Sun, 15 Jun 2025 04:36:30 GMT
constructionism-construcivism-different.png
www.teachthought.com/wp-content/uploads/2024/06/ 		431 KB
432 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.teachthought.com/wp-content/uploads/2024/06/constructionism-construcivism-different.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e56983a8986cf82900a88e4ac1d1ead051d64c6b71fa0269ba171fc13f67adb7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bloombergxyz.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 04:36:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=664822
content-disposition
inline; filename="constructionism-construcivism-different.webp"
alt-svc
h3=":443"; ma=86400
content-length
441404
cf-bgj
imgq:100,h2pri
last-modified
Tue, 11 Jun 2024 01:21:53 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=87KleF843wsoNAtdz3LfwJB7JYZV0GjFkdbjZ%2B1WyCIvJ02SczZPXCqwkK0DmJCmvHyWhedfj36m3eq5qHgFJKYQsfnyFu0JQo6cZkZwO1chcAypzEwV5brZu2cgkhMqFANZtJN0"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
893fdc0a88e95c44-FRA
expires
Thu, 10 Oct 2024 05:44:06 GMT
anne_frank_1558788881.jpg
larryferlazzo.edublogs.org/files/2019/05/ 		267 KB
268 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://larryferlazzo.edublogs.org/files/2019/05/anne_frank_1558788881.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9211418d0d33150b6bb062eca5e1174bc5554e03d58c7e0dd82c7c02d565d0b1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bloombergxyz.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 04:36:30 GMT
x-amz-version-id
TUVUlyRnoNVedeKfUPL9i0hAUe9gTMae
cf-cache-status
HIT
x-amz-request-id
16VF2DZ86RMW9TX1
age
35224
cf-polished
degrade=85, origSize=289694, status=webp_bigger
x-moha-origin
https://s3.amazonaws.com/user.files.edublogs.org/dist/2/38582/files/2019/05/anne_frank_1558788881.jpg
content-length
273493
x-amz-id-2
ACp5NQFL+XkGd7ih14s7Nh6pLXQTGEFulRNsOp/Etqec0WIdF4QzYvrMxc34VIWskIBL2Lg0W7U=
x-amz-meta-compressed
38.94
cf-bgj
imgq:85,h2pri
last-modified
Sat, 25 May 2019 12:54:44 GMT
server
cloudflare
etag
"592de82a1f93b78d4f63c0658f716030"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
893fdc0ad8c04dc1-FRA
expires
Sun, 15 Jun 2025 04:36:30 GMT
Daniel-Ojo-Ese.png
bukashub.com/wp-content/uploads/2024/06/ 		5 MB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bukashub.com/wp-content/uploads/2024/06/Daniel-Ojo-Ese.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:1328:0:1451:6fee:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
fe52f7446285c4df05271588a837aa8e58d630d68b78db07cdb2f8d77049490f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bloombergxyz.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 04:36:30 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 11 Jun 2024 11:23:37 GMT
server
LiteSpeed
etag
"4c6e0a-666833b9-a49b97f671f37fd9;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
5008906
expires
Sat, 22 Jun 2024 04:36:30 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240612&jk=3448826610055963&bg=!8_Cl8L_NAAb64txl2uI7ADQBe5WfOKSSbnKVU5dQrbbTVO9IWFxCG2WpkkMEcTpfzAkAGr6nH3gjfMrBEMe0L7seoo5SAgAAAEdSAAAAAmgBB34ANSFcT99k34-3HYqtcbawb5MBECkorr94hjmyuyOUBvYLnBaMy6RdKIrEKbNe8a-e3lkN78w5CgBCOD-cqt414xU_bkOMQv5eBUC1ZxIi657s1bGfPvQ8FZpez4dkFnkPOo1ngDFo-r_UPi6Drhze3U3yWy6I1w793mKlmQKZrdF3Ppa6dUNGXuAVTI0vkjHht3LJaHDtYtKbM5TEXyrWAFOGZYke_E0i0DEOOrGF0J_jTjPwwexjjflA4is8UrnEacFgy-3f0nQyudQhFXFRHoUiLrPRw4HOY-YFb9vCoCdsFg5nZnVGtuKqWiw3evlYW32aesVsnsdiIsUXUqOm0mxy8wBWXxMdVkgZoJduMk_A3tqf7doi6dZaHDO1dUsxvX4f6Sk77R_A2hej2PAVFysgRWvLvFhnxxeOzGAelL-F6yVTw3XR-xhv_5IwJYXxqx7Pv2hzaR3KPW-ffP_NssaaiSjvvy09b8weigWfn2vfCbHnpgvRVr-Q_7_9pJoCUTqEvCUp_fOb4sSvi9fgWYOqh2yxGThujI2oUc2qvo5TYWB7rzhjHaDgxtscYaVuZvKn43TIvEYAf3JVFQtvzPaHuJBLVsmaj6zIg2x-8tltjZW-janAadQ4i3WxHiYdBi3tcAgInxFTKPY-a2eYWz4Ad0CGa9H5YPxTHY4oa6BpSyn1uyUEmnVKE2AAnShvL46Mo5vetEFt3bo8S9wdBv5f1BYVUjmxJKL2XNIPWrYju9KivzBlqEVMolkpcpm9CiTeKd8_PFqabLnqovnG5X-Qy5b7gyi3sQmPUNAjosM2ZGAOMUb0g1DaptQP70k3jQsMG0crlwQU4YYFjrvbOExBvFQ8TRq9WKdCKMd_cXwVI-R5-gUQHAE9K6wJQ8e0ZBWkhtzGctT5_zwUYkzd_VSd0s1OaYuffdq1rW8hfZNdE8MiRI8ovSOcjmS4yIxMAJwDgyFk1qb7_9i1LN5PenTFw6QLuU2dzZWtXI23HYr7kKcEoTdSsYjMVPk13dBobSRe7-zyOPrYhYEVzo2KgTJ3z7D6ugw

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 undefined| event object| fence object| sharedStorage object| __INITIAL_STATE__ object| webpackJsonp object| dataLayer function| gtag object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_tag_manager object| GoogleGcLKhOms object| google_image_requests

2 Cookies

Domain/Path Name / Value
.bloombergxyz.click/ Name: _ga_FQL1Y4C7MY
Value: GS1.1.1718426188.1.0.1718426188.0.0.0
.bloombergxyz.click/ Name: _ga
Value: GA1.1.1141410260.1718426189

3 Console Messages

Source Level URL
Text
security warning URL: https://bloombergxyz.click/
Message:
Mixed Content: The page at 'https://bloombergxyz.click/' was loaded over HTTPS, but requested an insecure element 'http://www.feedburner.com/fb/images/pub/feed-icon32x32.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://bloombergxyz.click/
Message:
Mixed Content: The page at 'https://bloombergxyz.click/' was loaded over HTTPS, but requested an insecure element 'http://www.feedburner.com/fb/images/pub/feed-icon32x32.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://bloombergxyz.click/
Message:
Mixed Content: The page at 'https://bloombergxyz.click/' was loaded over HTTPS, but requested an insecure element 'http://www.feedburner.com/fb/images/pub/feed-icon32x32.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bloombergxyz.click
bukashub.com
firebase.googleapis.com
firebaseinstallations.googleapis.com
gbw.cmpc.fun
jodidurgin.com
larryferlazzo.edublogs.org
marilynburnsmath.com
pagead2.googlesyndication.com
region1.google-analytics.com
static.cdns.space
tpc.googlesyndication.com
www.feedburner.com
www.googletagmanager.com
www.teachthought.com
pagead2.googlesyndication.com
119.8.184.92
142.250.185.66
160.153.0.119
172.67.157.230
172.67.68.8
188.114.96.3
2001:4860:4802:32::36
2606:4700::6810:17
2a00:1450:4001:811::200a
2a00:1450:4001:81d::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2008
2a00:1450:4001:831::200e
2a02:4780:b:1328:0:1451:6fee:10
34.120.220.213
06dc95ebccdc6c2f7fb67ac1317a8906ba3dc612870befcdc0453a7e22aa9e30
0c6b39094e1f9155d118649c4ea9690405dbeedd51315b0e428c59f9fcc3cafe
1867103221d661e54c1578fde84ef2ae26b30032de844760fd4e5c347bd06f8f
2b52caddecc00d834db84af3ea143970d26ed06ba594d5cf340b9c8f77d4c3ce
2d888d1a1a95aed1aedfff14ed06d498fc36f46d3141e9e396990e222fcd08d4
3675ececaa3df8f935553cdc2cd1aca736e3a35e0952952964c5ec11e82c840f
386bc5da8720427a8c049d8a9639d8c0c47f38139502f0b382746924ce1c973b
4e11d5617226233a53031b269b9c0c6ed167d6400e8e6e4dc21b994f491666ba
55070d3be787cd8ccee8ea0fd75f0e11e944e6f70231f0dcb4c5ae348fcba6be
609b339b20a47a9047fa57aa674a47f741af3a2ea8c138ac3f1c50a2efefbee8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
73a72b90886313e865995b1aaae23d35fdf0e657c8e532c9a0ab648771875ff5
81cfd5a6139bef8ca4a6119ce20e9f674fc1c92fcc6a09dc4cdb7a9b4c10cb71
82b2cdfb606c01ed5a5cbf983bbd019f364db3d0cd03ad450f30ad3d3a858b2b
879a8ff307ce35a2d4087794dbf886d7d3e6d8a9b78d36eac890b506822fb674
9211418d0d33150b6bb062eca5e1174bc5554e03d58c7e0dd82c7c02d565d0b1
944404c9b097b3aa5fe6fa9f266c00a4847930d819e0890615f683789ea79925
97ac0ad0ba288e3703d369fb2e0109038f6539946e1248e2c853c65659061fe9
988738703cfa72783f492b418d9b273a2dcf51009a9832791c1c86d28b486e0a
b6761deb9662089e0a8fad95040aa5347e6fb0e6764d03e8eb9ca40afe501556
c77b1b73c48fd7c0587cc12dc0c4b7ab68e77c0ae4718b0b50ecf7b3c099590a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56983a8986cf82900a88e4ac1d1ead051d64c6b71fa0269ba171fc13f67adb7
ecca21d29891d8a2205f4c6921218c7ab109f8885968a40f3d6c2e18172e1058
f324c8f7fccaf82579b625702b3d5fbe8292b570239ea813e3810edff7085410
fe52f7446285c4df05271588a837aa8e58d630d68b78db07cdb2f8d77049490f