bloxids.com Open in urlscan Pro
2606:4700:3031::ac43:c0cd Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bloxids.com/
Effective URL:
https://bloxids.com/
Submission: On January 04 via api (January 4th 2023, 4:20:28 am UTC) from US — Scanned from DE

Summary HTTP 152 Redirects Behaviour Indicators

Summary

This website contacted 45 IPs in 5 countries across 41 domains to perform 152 HTTP transactions. The main IP is 2606:4700:3031::ac43:c0cd, located in United States and belongs to CLOUDFLARENET, US. The main domain is bloxids.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 12th 2022. Valid for: a year.

This is the only time bloxids.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 39	2606:4700:303... 2606:4700:3031::ac43:c0cd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:e4:... 2606:4700:e4::ac40:a106	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:10:... 2606:4700:10::6816:325d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:400d:807::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:214... 2600:9000:214f:da00:2:cb38:840:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:e4:... 2606:4700:e4::ac40:a006	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2600:9000:211... 2600:9000:211e:b400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400d:805::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:807::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:400d:808::2001	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:400d:80c::2004	15169 (GOOGLE) (GOOGLE)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.66.97.109 18.66.97.109	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:9e00:a:e047:752:5701	16509 (AMAZON-02) (AMAZON-02)
1	34.246.104.18 34.246.104.18	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:808::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:807::2003	15169 (GOOGLE) (GOOGLE)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	142.251.208.130 142.251.208.130	15169 (GOOGLE) (GOOGLE)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	69.166.1.12 69.166.1.12	27630 (AS-XFERNET) (AS-XFERNET)
1 1	2600:9000:206... 2600:9000:206e:b000:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1 5	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1	52.59.101.136 52.59.101.136	() ()
1	18.158.141.17 18.158.141.17	() ()
1	51.38.120.206 51.38.120.206	() ()
152	45

39 2606:4700:3031::ac43:c0cd (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

bloxids.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e4::ac40:a106 (United States)

ASN13335 (CLOUDFLARENET, US)

go.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:325d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.datatables.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:da00:2:cb38:840:93a1 (United States)

ASN16509 (AMAZON-02, US)

go.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e4::ac40:a006 (United States)

ASN13335 (CLOUDFLARENET, US)

basher.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:b400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:805::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:807::2001 (Ireland)

ASN15169 (GOOGLE, US)

2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:808::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80c::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-109.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:9e00:a:e047:752:5701 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.104.18 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-104-18.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (France)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:808::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:807::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.208.130 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s42-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.12 (United States)

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206e:b000:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

rtb2-useast.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.194.137 (United States) 1 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

ins.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.101.136 (None, )

ASN- ()

pb-server.ezoic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.141.17 (None, )

ASN- ()

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.38.120.206 (None, )

ASN- ()

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	bloxids.com 1 redirects bloxids.com	580 KB
19	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 285 googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 cm.g.doubleclick.net — Cisco Umbrella Rank: 321	247 KB
18	googlesyndication.com 2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 145 tpc.googlesyndication.com — Cisco Umbrella Rank: 187	87 KB
8	connatix.com 1 redirects capi.connatix.com — Cisco Umbrella Rank: 5271 cd.connatix.com — Cisco Umbrella Rank: 5026 cds.connatix.com — Cisco Umbrella Rank: 5428 ins.connatix.com — Cisco Umbrella Rank: 6932 capi-tier-1-us-east-2.connatix.com Failed	423 KB
7	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 142 www.google.com — Cisco Umbrella Rank: 16	2 KB
6	gstatic.com www.gstatic.com	29 KB
4	google.de adservice.google.de — Cisco Umbrella Rank: 5450	1 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 356	40 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 446 mug.criteo.com — Cisco Umbrella Rank: 1856 bidder.criteo.com Failed	7 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 3285 google-bidout-d.openx.net — Cisco Umbrella Rank: 3239	567 B
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 488	24 KB
3	datatables.net cdn.datatables.net — Cisco Umbrella Rank: 8719	32 KB
3	ezodn.com go.ezodn.com — Cisco Umbrella Rank: 11798 basher.ezodn.com — Cisco Umbrella Rank: 12441	108 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 405	793 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 127 imasdk.googleapis.com Failed	2 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 6999	238 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1879 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1326	10 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1457 id5-sync.com — Cisco Umbrella Rank: 522	17 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1458 pixel.quantserve.com — Cisco Umbrella Rank: 985	10 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3022	41 KB
1	onetag-sys.com onetag-sys.com	359 B
1	emxdgt.com hb.emxdgt.com	7 KB
1	ezoic.com pb-server.ezoic.com	809 B
1	rfihub.com 1 redirects a.rfihub.com — Cisco Umbrella Rank: 4196	1 KB
1	e-volution.ai rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 6315	233 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 914	442 B
1	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 1362	500 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 452	461 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 1282	711 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 221	47 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 3276	2 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 6344	2 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 743 csm.nl.eu.criteo.net Failed	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 3597	8 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1277	634 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2124	344 B
1	ezoic.net go.ezoic.net — Cisco Umbrella Rank: 15640	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 123	75 KB
0	yieldmo.com Failed ads.yieldmo.com Failed
0	adnxs.com Failed ib.adnxs.com Failed
0	pubmatic.com Failed hbopenbid.pubmatic.com Failed
152	41

	Domain	Requested by
39	bloxids.com	1 redirects bloxids.com
11	securepubads.g.doubleclick.net	bloxids.com securepubads.g.doubleclick.net cd.connatix.com
8	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com bloxids.com 2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com
8	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com www.gstatic.com
6	cm.g.doubleclick.net	2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com
6	www.gstatic.com	bloxids.com 2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com
4	cds.connatix.com	cd.connatix.com
4	adservice.google.com	securepubads.g.doubleclick.net
4	adservice.google.de	securepubads.g.doubleclick.net
4	cdnjs.cloudflare.com	bloxids.com
3	www.google.com	1 redirects tpc.googlesyndication.com bloxids.com
3	cdn.jsdelivr.net	bloxids.com securepubads.g.doubleclick.net
3	cdn.datatables.net	bloxids.com
2	capi.connatix.com	cd.connatix.com
2	gum.criteo.com	1 redirects static.criteo.net
2	ups.analytics.yahoo.com	2 redirects
2	googleads.g.doubleclick.net	2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com
2	fonts.googleapis.com	2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com bloxids.com
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	oajs.openx.net	1 redirects
2	2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	basher.ezodn.com	bloxids.com
2	stackpath.bootstrapcdn.com	bloxids.com
1	onetag-sys.com	go.ezodn.com
1	hb.emxdgt.com	go.ezodn.com
1	pb-server.ezoic.com	go.ezodn.com bloxids.com
1	ins.connatix.com	cd.connatix.com
1	cd.connatix.com	1 redirects
1	mug.criteo.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	a.rfihub.com	1 redirects
1	rtb2-useast.e-volution.ai	2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com
1	s.ad.smaato.net	1 redirects
1	sync.go.sonobi.com	2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com
1	pixel.rubiconproject.com	1 redirects
1	um.simpli.fi	1 redirects
1	www.googletagservices.com	bloxids.com
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	pixel.quantserve.com	bloxids.com
1	rules.quantcount.com	secure.quantserve.com
1	region1.google-analytics.com	www.googletagmanager.com
1	secure.quantserve.com	bloxids.com
1	go.ezoic.net	bloxids.com
1	www.googletagmanager.com	bloxids.com
1	go.ezodn.com	bloxids.com
0	ads.yieldmo.com Failed	go.ezodn.com
0	ib.adnxs.com Failed	go.ezodn.com
0	hbopenbid.pubmatic.com Failed	go.ezodn.com
0	bidder.criteo.com Failed	go.ezodn.com
0	csm.nl.eu.criteo.net Failed	gum.criteo.com
0	imasdk.googleapis.com Failed	cd.connatix.com
0	capi-tier-1-us-east-2.connatix.com Failed	cd.connatix.com
152	59

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-07-12` - `2023-07-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.ezoic.net Amazon	`2022-12-17` - `2024-01-15`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
quantserve.com R3	`2022-11-11` - `2023-02-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2022-12-02` - `2023-03-02`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2022-12-30` - `2023-03-30`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
cdn.prod.uidapi.com R3	`2022-11-29` - `2023-02-27`	3 months	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2022-11-23` - `2023-02-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2021-12-08` - `2023-01-09`	a year	crt.sh
*.e-volution.ai Sectigo RSA Domain Validation Secure Server CA	`2022-09-29` - `2023-10-30`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2022-08-22` - `2023-09-23`	a year	crt.sh
*.ezoic.com Amazon	`2022-08-30` - `2023-09-28`	a year	crt.sh
*.emxdgt.com Amazon	`2022-06-02` - `2023-07-01`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://bloxids.com/
Frame ID: 261EE72CB8C77311C1EFF9A779402575
Requests: 102 HTTP requests in this frame

Frame: https://2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4DB936FAA188D6BEB82C77C3E4D50C72
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5611D3F3701ECAA47EE745E681199B64
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A80BBC6D65375C0229A3EA25CFF22DA8
Requests: 2 HTTP requests in this frame

Frame: https://2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 133E1537A0CD6514D59D0FBA4B7DC3CF
Requests: 5 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/1eaa1e49c6d827e7897bafa951c60a71.js?tag=client_fast_engine_2019
Frame ID: 9C5F25ADD3BDD137778FEB91A1ECA581
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CA9686E62BECF77B5B6C4D188BB25558
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E26BB522BE38BA0674280561346B38EC
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Frame ID: 3F157F412D2BE27DFD4B12B7EA6362AA
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 6AFB7E402C12A606315A82962E4E0698
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=bloxids.com
Frame ID: 85FA2DE0EC9927CE7E923143E50FE386
Requests: 3 HTTP requests in this frame

Frame: https://cds.connatix.com/p/209100/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Frame ID: C5205EAF3581CB55ED26BFD57ACC6185
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://bloxids.com/ HTTP 302
https://bloxids.com/ Page URL

Detected technologies

October CMS (CMS) Expand

Overall confidence: 100%
Detected patterns

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

DataTables (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

dataTables.*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/npm/sweetalert2@([\d.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

152
Requests

88 %
HTTPS

55 %
IPv6

41
Domains

59
Subdomains

45
IPs

5
Countries

1818 kB
Transfer

4859 kB
Size

37
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bloxids.com/ HTTP 302
https://bloxids.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 88

https://oajs.openx.net/esp?url=https%3A%2F%2Fbloxids.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fbloxids.com%2F&rid=esp&cc=1

Request Chain 108

https://um.simpli.fi/gp_match?google_gid=CAESEO8_s_o3fJOsqmvtI13Qg0Y&google_cver=1&google_push=AavPq0P53O-ldawv3TmTRmteaKNF92J1j57Sflbp7xHn1XfVOqavtPKLmOZsUfwPOSQTffqaIxY0QnTPRX58O2sw5lChPOyAaqDc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5EF34C6D06004E42B5892AA8B60A4330&google_push=AavPq0P53O-ldawv3TmTRmteaKNF92J1j57Sflbp7xHn1XfVOqavtPKLmOZsUfwPOSQTffqaIxY0QnTPRX58O2sw5lChPOyAaqDc

Request Chain 109

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJHQJeygTOA2CiMqcHJYbBQ&google_cver=1&google_push=AavPq0OgOBqrLDQTnyZuqSXGCbI9HddtnieLGBPKxTNuHiYf_srfLkONiiQJMlnj120kDHkwYMLXdY0j0DHGGawvc75szFnSqBU1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENINUlMTEwtMUUtNFZCUQ==&google_push=AavPq0OgOBqrLDQTnyZuqSXGCbI9HddtnieLGBPKxTNuHiYf_srfLkONiiQJMlnj120kDHkwYMLXdY0j0DHGGawvc75szFnSqBU1

Request Chain 111

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFNLUtO5AMDumtPU8TGyuCI&google_cver=1&google_push=AavPq0M9xQbNJLA8MZu0Fpgry3GZ82XOlgMjuRxVOtsYgHifg6Z9bh27ESQCBw_Vgd92zhLiVWY0JtXhKOHQKGgnz-YUkMYid4Oq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0M9xQbNJLA8MZu0Fpgry3GZ82XOlgMjuRxVOtsYgHifg6Z9bh27ESQCBw_Vgd92zhLiVWY0JtXhKOHQKGgnz-YUkMYid4Oq

Request Chain 113

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECFpqd7rn2dhlpCoo42f8jg&google_cver=1&google_push=AavPq0NatKQDIVJNAJlCAw3p2D55qg7rO58Ob1KI9c9--7lQWDGLl04cofPq_hj6_WztOl-0ATdXeBmYhIUZ6PgzO4ihvFFWfYl4hg HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECFpqd7rn2dhlpCoo42f8jg&google_cver=1&google_push=AavPq0NatKQDIVJNAJlCAw3p2D55qg7rO58Ob1KI9c9--7lQWDGLl04cofPq_hj6_WztOl-0ATdXeBmYhIUZ6PgzO4ihvFFWfYl4hg&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1EN0s1bzZORTJ1SHY4ekdzY1E3N0lSSU1Ua1lqbW5OT35B&google_push=AavPq0NatKQDIVJNAJlCAw3p2D55qg7rO58Ob1KI9c9--7lQWDGLl04cofPq_hj6_WztOl-0ATdXeBmYhIUZ6PgzO4ihvFFWfYl4hg

Request Chain 114

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEDGAjiJ8I7UKKJgNyz-0drU&google_cver=1&google_push=AavPq0PhoEBKGCoSIYpoUB4bmPtbsiX3d9eSc1Gcta3UL6sM1Owkf47LN-BEOKu4k7zMkUmE3ZkBJ2swFmaApYgvbICuAPgDVYYD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AavPq0PhoEBKGCoSIYpoUB4bmPtbsiX3d9eSc1Gcta3UL6sM1Owkf47LN-BEOKu4k7zMkUmE3ZkBJ2swFmaApYgvbICuAPgDVYYD&google_hm=MzA4Mzc0MTU5MTI3NTA2MzAxMw==

Request Chain 117

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 122

https://gum.criteo.com/sid/json?origin=publishertagids&domain=bloxids.com&sn=ChromeSyncframe&so=0&topUrl=bloxids.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=5x6EvHxRc2hZbnhrdGRWaEJ5WWJocTM2WkNoSWgxMVBZWWdyT2FjT01SbWxSKzF5RXEyNnRoRVFxYnZlYlR1K01ObkMrMnhKN0xRV1FQaXBPaWV1OHc1SGgxcFhESzRabkxtamZVRUtrNnZkQ3N0dGNodjBISmdzOGhIMHFaeVFLM1NmNXhSV1Z0dE9mR054WkxBc3BpcHhrb0ZJbVc4bHhEMDg4cUpSRnNkdFZ0V2NnallWKyswNEdqTVhaTTVaMnFYSFlncnVFdGFMTjUybkdma0ozL1NENk95YmdZeUprcDlJa0dkdW4vSi9yY2VzakMyMDY1a1plMUloVXY3bW5VNGtXRG9iTWlGM2xYMDh5Wm1lVmNXRjdUQT09fA&cppv=2

Request Chain 124

https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882 HTTP 302
https://cds.connatix.com/p/209100/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882

Request Chain 150

https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=&cb=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D HTTP 302
https://pb-server.ezoic.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=ddf5a88e-47b2-417f-96af-97015576c8b4&gdpr=&gdpr_consent=&us_privacy=

152 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
bloxids.com/
Redirect Chain

http://bloxids.com/
https://bloxids.com/

78 KB
20 KB

715ms
697ms

Document
text/html

2606:4700:3031::ac43:c0cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:c0cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ae96e5e00ebc37355644fe6d3ff5e1f48057ff25579d8b586f3ca6b5ce31b98

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 78412e6639c89b83-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 04 Jan 2023 04:20:22 GMT
display: pub_site_sol
expires: Tue, 03 Jan 2023 04:20:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pagespeed: off
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SG%2Fb73usGwiaAyy9dEdMoSF1jVlH7qaizIkSNo%2B7mTFbw1So1TIuwwyYpDGrYSBsRfsaIV933FwnuI63aoE7KEBGo9eV0T1i94tRpMjuPOJfW3i3NF1gq%2BJIOgOpg6P4jrGCKkg7OhDoJg%3D%3D"}],"group":"cf-nel","max_age":604800}
response: 200
server: cloudflare
vary: Accept-Encoding,User-Agent
x-ezoic-cdn: Miss
x-middleton-display: pub_site_sol
x-middleton-response: 200
x-origin-cache-control: no-cache, private
x-sol: pub_site

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 78412e644ed99ba6-FRA
Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Wed, 04 Jan 2023 04:20:22 GMT
Display: staticcontent_sol
Location: https://bloxids.com
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pagespeed: off
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tbPZHJ4nw8KV3%2FGOdwQN9EXlp0%2FJS7Xhv6JVPzCOPkkbNx5Qoh8bg4Ulwb1fNs5cpmh2YSnFsFAqfqR4u%2BPUPL%2FbQIUHIMipj16opAZcjPhK9UuxYr2JykB2P%2Fp6y4g0JvsJSoZ876YrNg%3D%3D"}],"group":"cf-nel","max_age":604800}
Response: 302
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding,User-Agent,Origin
X-Ezoic-Cdn: Miss
X-Middleton-Display: staticcontent_sol
X-Middleton-Response: 302
X-Origin-Cache-Control: no-cache, private
X-Sol: pub_site
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 168ms
78ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f16161425a7c0cddee3c31bbab529de04b2062e4352b3e15d06953bdf2085dac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27592
x-xss-protection: 0
server: sffe
etag: "1441 / 519 of 1000 / last-modified: 1672787160"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 04 Jan 2023 04:20:22 GMT

GET
H2 200 dall.js Show response
go.ezodn.com/hb/ 343 KB
106 KB 90ms
53ms Script
application/javascript 2606:4700:e4::ac40:a106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,criteo,emx_digital,medianet,onetag,pubmatic,yieldmo&cb=195-0-50
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c653f48e2aa2eb7962cf5a42e5df1f685703c797d3ef9a818420f23651ec7a2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:22 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 04 Jan 2023 04:20:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H7TXiGzYz00hSfXdXXVMF4xgzVeKK88E3%2FJ7%2Fx47MaHx5CBGuA7uiZGAA1LR9eAT7kmfKbonzACX1N6Agwb1Bn2amtZ6opZt5AV9%2F3GKoFozRPH1dwwUxYshkuKTPAKRJfinlMbf38CiHUU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 78412e6add30905e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 fads.js Show response
bloxids.com/porpoiseant/ 8 KB
3 KB 18ms
15ms Script
application/javascript 2606:4700:3031::ac43:c0cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/porpoiseant/fads.js?gcb=195-0&cb=6
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:c0cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f08bda7e60fadca736bd7ed81684d6dd9bd11951aada10c84e66cbeac3c52197

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 22 Dec 2022 08:00:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1109982
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GsufkF34D75xI42pEa14U%2F21j%2BmKQEsGHO4v33X7e6SbBgM29Ym%2BWjKwTtpWpH5SaCG88GJ73kaHurhIxGhHP%2FDUUtPQ4Y%2Bmns8K%2FcO33WCZ6pROE9QXJ78J3hMJEctoJ8gKcBM%2FZFcjpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 78412e6a9dde9b83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/ 157 KB
25 KB 41ms
20ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bloxids.com/
Origin: https://bloxids.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 845
age: 3251
cdn-cachedat: 11/24/2022 02:27:52
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:10 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"3afe15e976734d9daac26310110c4594"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7a5411dcaf03c6e8b8d86e6ac9ef5b17
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 78412e6abcda2c21-FRA
cdn-requestpullsuccess: True

GET
H2 200 bd26b15ecd703b4f452c356e5e44b398-1617720227
bloxids.com/combine/ 9 KB
3 KB 38ms
35ms Stylesheet
text/css 2606:4700:3031::ac43:c0cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/combine/bd26b15ecd703b4f452c356e5e44b398-1617720227
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:c0cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3d035a43e378691c0090515954ae1affa1051c9b08361e64b9f21d5a8a0f084

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-sol: pub_site
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-ezoic-cdn: Hit ds;mm;7e7a6c349f2f8acf02ef9e2d076ab51b;2-237061-2;cf03d6bb-244a-4993-4e12-d9f0264b5888
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Fri, 23 Dec 2022 17:53:57 GMT
server: cloudflare
etag: W/"bd26b15ecd703b4f452c356e5e44b398-gzip"
x-origin-cache-control: max-age=604800, public
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7XLOF7Mn2RrMgis%2FQc5aNT4IoeY12CFuxsj7C31zpOMGLoo23jMI0q4foBgZAMoIYm3pbtdT8ueY1VJRiJZG29TmDo8hD5kUNd4x9pFCjDXB2cPVtevzOUQTkPuxdsxS%2FAmbKUcE%2BQUMug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: max-age=604800, public
cf-ray: 78412e6a9ddd9b83-FRA

GET
H2 200 select2.min.css
cdnjs.cloudflare.com/ajax/libs/select2/4.0.13/css/ 15 KB
2 KB 31ms
11ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.13/css/select2.min.css

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15d6ad4dfdb43d0affad683e70029f97a8f8fc8637a28845009ee0542dccdf81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1928931
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1640
last-modified: Tue, 26 May 2020 03:00:41 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5ecc8659-3a76"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pr2epRkn0UsJNe3MOnLGNNWFwa4FhhJBkVk%2Fg7NQQyZ0fW5%2FcuqkBZ5YFAzzkINIgTd%2F1YjebFeNhJK0SeA1w1i5BrNNNwOuwktUd7H%2FB%2FXHFqHpIVlsluDrzTbq4VtOXRqCqAVWY2HkFaeXyP5SeCla"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 78412e6abcabbb73-FRA
expires: Mon, 25 Dec 2023 04:20:22 GMT

GET
H2 200 dataTables.bootstrap4.min.css
cdn.datatables.net/1.10.21/css/ 5 KB
1 KB 48ms
12ms Stylesheet
text/css 2606:4700:10::6816:325d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/1.10.21/css/dataTables.bootstrap4.min.css

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba0a6ace4f4d84add2dac5693204ab2229f5033b09325a9420c3825f2ccf68bf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:22 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 6166
content-length: 1043
last-modified: Fri, 11 Nov 2022 14:46:27 GMT
server: cloudflare
etag: "15a0f33-1513-5ed32f45b34b0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78412e6ad8392c3d-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Thu, 04 Jan 2024 02:37:36 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 87 KB
28 KB 33ms
13ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5533376
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27958
last-modified: Mon, 04 May 2020 23:01:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb09ed3-15d84"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qQj3RROolv6CbemYYmkTz65nmu2c0O%2ByUBGCLab3hpFzW%2BcJ4I%2FvJuxo8uiPtD0m3ws15gB0DT%2BIOfmMaBcRaYz%2FIrXs8b4GcGVA%2FfsLLs3I5UMgUL7bAq6wSNtANL7Bphoior34%2Bd7kJQlyEFv34Hh%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 78412e6abcaebb73-FRA
expires: Mon, 25 Dec 2023 04:20:22 GMT

GET
H2 200 jquery.jscroll.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jscroll/2.4.1/ 3 KB
1 KB 39ms
20ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jscroll/2.4.1/jquery.jscroll.min.js

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3f305e71d40a14f1aede17763781a06175f661e8931b3a4ac9d719daddc01e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 9613500
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1194
last-modified: Mon, 04 May 2020 16:11:50 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec6-d04"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z1U10SYPafSoOLNYKfHAVsqADDJpW2ANP3cj3ek4nDvNi3SSWTUermzL0bNDY8WLmccnv4GA6DARETJ7dv6bROgHBM%2BQKAdR2%2BdYTq%2FF2vBOJvbVnEGa6ktnHMJ1aN%2FJlvgGTOXxDHOPpERKkD7OpAia"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 78412e6abcb0bb73-FRA
expires: Mon, 25 Dec 2023 04:20:22 GMT

GET
H2 200 turbolinks.js Show response
cdnjs.cloudflare.com/ajax/libs/turbolinks/5.2.0/ 38 KB
8 KB 34ms
15ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/turbolinks/5.2.0/turbolinks.js

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88ce18ce2ff32e3fc8b213d6302d4896e4714ed46332a8cf19df7b4d9f726295

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 14622659
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7919
last-modified: Mon, 04 May 2020 16:17:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04003-9677"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6kZpmOHqk3zBoMSxeseLpVI5xLM2G35ql4B%2F%2F0ROF%2F8526gNgFlAGqKT4tZa9kyJj558tU4q2ljn0M5WrJ7BYNV%2FO679KOdH8PumgUcmEAEcr%2BZh%2FiPMfmAsnoP1trep8DliZ53w%2FY0vLvu%2FwOtJK8l5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 78412e6abcb2bb73-FRA
expires: Mon, 25 Dec 2023 04:20:22 GMT

GET
H2 200 sweetalert2@10 Show response
cdn.jsdelivr.net/npm/ 71 KB
19 KB 49ms
6ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sweetalert2@10

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2d5fa531e30ac3debad673003128f1ca9ad3c964ef17b547377e7ed09bd4504f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Jan 2023 04:20:22 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 20934
x-jsd-version: 10.16.11
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 19321
x-served-by: cache-fra-eddf8230059-FRA, cache-hhn-etou8220041-HHN
x-jsd-version-type: version
etag: W/"11dc8-k2jefS6LDTNa26qxcRQ+MH7V+1Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
75 KB 123ms
54ms Script
application/javascript 2a00:1450:400d:807::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DB9D1TK41K

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

acc0ca7d0cdb210bce71c2192a5f3086adcd0be65ec9999dd754d700f1e89f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76338
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 04 Jan 2023 04:20:22 GMT

GET
H2 200 cookieconsent.min.js Show response
bloxids.com/ezoic/ 4 KB
2 KB 15ms
14ms Script
application/javascript 2606:4700:3031::ac43:c0cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/ezoic/cookieconsent.min.js
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:c0cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10d4b728888654e0b85c706a9310b551087d3321fb8ebfff147d07b13fa73bf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2528813
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 01 Dec 2022 00:14:50 GMT
server: cloudflare
etag: W/"11a4-5eeb91c04f280-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j7zOzE%2FYlxQIOlBJUFD%2FIyL8tjS%2BOdU6iaaAIlmhmQwEMJdZirAxbVK1X%2FZRk1QNK8afhBWbyy0YF653s4JGY2iBHHmS3mzQTbFAOjJjKrPTs%2FxvMh2kle8AME%2FqLu8asGlJSYWqeZEQsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 78412e6a9ddf9b83-FRA
expires: Tue, 05 Dec 2023 21:53:29 GMT

GET
H3 200 logo.png
bloxids.com/themes/xwm-roblox-theme/assets/images/ 5 KB
6 KB 18ms
14ms Image
image/png 2606:4700:3031::ac43:c0cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxids.com/themes/xwm-roblox-theme/assets/images/logo.png
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c0cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a783b4efb294759eb2f791f446456c5621c9744e2bb17118c25edab07100cd5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 19813
x-ezoic-cdn: Hit ds;mm;fa6dc7ea5540f11ea4ffd319c95355d3;2-237061-2;0503481f-f971-48ed-5d0b-376ad6337089
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Fri, 23 Dec 2022 17:53:57 GMT
server: cloudflare
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1RQ%2BDFKyPLkz3gjbl9yTEIyL%2FZMfcesVSXQV%2BEJGzSfJ1Ltw4B0UOriVF9PFa1QjUfnSBkOAo9wfUTAS6NBntdMgqvH5iD6RbIz0SDEi4CerhZ33rMbqPmM2ux8XQBppc91FwhbcFfbvCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
cf-ray: 78412e6b0f389a15-FRA

GET
H3 200 thumb_18_100_100_0_0_crop.jpg
bloxids.com/storage/app/uploads/public/5fa/404/0d2/ 5 KB
5 KB 21ms
16ms Image
image/jpeg 2606:4700:3031::ac43:c0cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxids.com/storage/app/uploads/public/5fa/404/0d2/thumb_18_100_100_0_0_crop.jpg
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c0cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a155e486fc49e1364f42d9fc1379eb9fd5f0d0bfbbd982ec90a9757c9a024a01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 63539
x-ezoic-cdn: Hit ds;mm;216e9e9d83637e516b29e1d2fa65c566;2-237061-2;5311a914-abd6-4b72-46ba-ed9dbeb944b2
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Fri, 23 Dec 2022 17:53:57 GMT
server: cloudflare
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BAVjF1h%2FFq0hdHi%2BrIBHc%2BTsBu8Y%2FJ5%2Bo%2Fo8qco78dsxHy7u1RpHVnf7Ss8P2QRUTgP2Jgzrc0GM3wqmt%2BEddFKUJQnZqowvfx5zpFYL5z35Ck6AxW4Rs8kefhiNRDSHbd%2BRyDjaXIavfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
cf-ray: 78412e6b0f399a15-FRA

GET
H3 200 thumb_20_100_100_0_0_crop.jpg
bloxids.com/storage/app/uploads/public/5fa/412/24a/ 4 KB
5 KB 47ms
42ms Image
image/jpeg 2606:4700:3031::ac43:c0cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxids.com/storage/app/uploads/public/5fa/412/24a/thumb_20_100_100_0_0_crop.jpg
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c0cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3de1545fca5d2f695000a14c2ff6329b0e1912e80edd675b6c1e518c291fcdbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 63539
x-ezoic-cdn: Hit ds;mm;89eaa8a9fbba2c0400c09536f02929ca;2-237061-2;e36d20a9-1121-4666-6595-73295e672e3b
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Fri, 23 Dec 2022 17:53:57 GMT
server: cloudflare
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9tZLON%2Fo3RpHyzXwRsCH69t9CW97r1A%2F3Flk%2BVsWmgy4yZRvk8Jg885jnbhS%2FDM89Jj0%2BGUdJaN8ZaqAdaf5J105ma7J1qhXt1OWhqPSZQygCXTk9TX%2BqfAn5A%2FIjflBoqmaf2yemuvYKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
cf-ray: 78412e6b0f3a9a15-FRA

GET
H3 200 thumb_13_100_100_0_0_crop.jpg
bloxids.com/storage/app/uploads/public/5fa/2c4/aa5/ 3 KB
4 KB 47ms
43ms Image
image/jpeg 2606:4700:3031::ac43:c0cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxids.com/storage/app/uploads/public/5fa/2c4/aa5/thumb_13_100_100_0_0_crop.jpg
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c0cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d79a1245585e8300e8b841db80419164789ded084d856509e454c9d8ab0b114

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 63539
x-ezoic-cdn: Hit ds;mm;e54780d7fd02a86591cb7be916d7582a;2-237061-2;1d868958-550d-4172-5046-84714a338ec1
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Fri, 23 Dec 2022 17:53:57 GMT
server: cloudflare
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ho5TpMW%2FmxgW6buJDKKHVcgwS8SFgehEQ6xaq%2BFrZ43CHVrE9hqB%2FvP2w5DfBJ4IhN3i2kVP19ObDxf3NGsknj%2FaN%2BmX%2FyeULW6uMTKbIR1W3J9%2BpYpf%2BJ8z7iV1jyucCrnLSIG%2F8VR%2Fxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
cf-ray: 78412e6b0f3b9a15-FRA

GET
H3 200 thumb_12_100_100_0_0_crop.jpg
bloxids.com/storage/app/uploads/public/5fa/2c4/6f9/ 4 KB
4 KB 48ms
44ms Image
image/jpeg 2606:4700:3031::ac43:c0cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxids.com/storage/app/uploads/public/5fa/2c4/6f9/thumb_12_100_100_0_0_crop.jpg
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c0cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e72026f70074c6ee248871ef1167db4ab6d3871326eb4cb8f8056d7baaa990ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 63539
x-ezoic-cdn: Hit ds;mm;66331bf465d0ae799a0b7a1fbdd07e51;2-237061-2;306c5142-ae31-40a4-4f00-ea2dc990581d
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Fri, 23 Dec 2022 17:53:57 GMT
server: cloudflare
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FUp598wWg4Ib3%2BPPgPrI1GVT6z36QFCghpvRNnFx4Qzr4OBunk1z%2BFHd7rHNNYA1%2FI3wp1aGUgNtZb6ZhDLUNi1VeXhcOS8mPddv8JhIxRfca%2FJHYG5ESUt4%2FquJMSO0G4EBkwQKHmSXpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
cf-ray: 78412e6b0f3c9a15-FRA

GET
H3 200 thumb_11_100_100_0_0_crop.jpg
bloxids.com/storage/app/uploads/public/5fa/2c4/0b2/ 4 KB
5 KB 49ms
44ms Image
image/jpeg 2606:4700:3031::ac43:c0cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxids.com/storage/app/uploads/public/5fa/2c4/0b2/thumb_11_100_100_0_0_crop.jpg
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c0cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14a9641fee9b9258fb4941ef4d4bc50ac885c38577c91e27fda4685a50c369e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 63539
x-ezoic-cdn: Hit ds;mm;0f1697a4fb02802204506aa0723b777f;2-237061-2;23762bc2-b2b0-4dcc-6b66-850dc987071a
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Fri, 23 Dec 2022 17:53:57 GMT
server: cloudflare
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=geL9gPeEBafaIp2mwvAfuRl%2B6HQW6p6O%2FSXOc5xzt0iAP1pfbngenSGTVSbbUWQ5i3Da3kt2jlZeHtyNmK7WW1oHLykQ2xup1DCMe7WJrize%2FF1phh924DIkgV3FbWtQvlsJPckzfaTU4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
cf-ray: 78412e6b0f3e9a15-FRA

GET
H3 200 thumb_17_100_100_0_0_crop.jpg
bloxids.com/storage/app/uploads/public/5fa/403/b71/ 4 KB
5 KB 27ms
23ms Image
image/jpeg 2606:4700:3031::ac43:c0cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxids.com/storage/app/uploads/public/5fa/403/b71/thumb_17_100_100_0_0_crop.jpg
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c0cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: beea6273f5a17d82ae944a82b3fc05e4fdfd5728ced15e34c49e22d307cd1e2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 63539
x-ezoic-cdn: Hit ds;mm;0b458460bbd003482c6c8c1ecc3ab152;2-237061-2;d23b6db9-eca9-431a-4814-04564f854438
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Fri, 23 Dec 2022 17:53:57 GMT
server: cloudflare
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hdxY%2BB6rtFvb0verksp2i3IVaqIUNKiNSJPRlu1Mw7fUadLnYNoBYOCbt%2Bmly8NWKbiEUaKr%2FAl1%2BL%2Fpb%2FoEmk%2BAUTVsvgpo1bDLTO9sq8zC05%2BF764y7oDOQBn9FJ6CxV1FDAI6%2BmVWzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
cf-ray: 78412e6b0f3f9a15-FRA

GET
H3 200 thumb_15_100_100_0_0_crop.jpg
bloxids.com/storage/app/uploads/public/5fa/402/a7a/ 4 KB
4 KB 32ms
28ms Image
image/jpeg 2606:4700:3031::ac43:c0cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxids.com/storage/app/uploads/public/5fa/402/a7a/thumb_15_100_100_0_0_crop.jpg
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c0cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f7ff4b557277a9f18395621cf6cf14e0795f60131f3600940e00f41e4b965ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 63539
x-ezoic-cdn: Hit ds;mm;e10b80e84a94ed971b6fa0cd85f32589;2-237061-2;18abc8a2-ac1a-44e5-4756-b6e812827c2d
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Fri, 23 Dec 2022 17:53:57 GMT
server: cloudflare
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dQ%2ByETcftf0cmMoTrCmnnSjmPud%2Fg2JLKmBqEydUhqp%2FG%2FfUJpPSzLp%2BK59LQwU8Ut0zV15NIfxoMIH%2FJki1ZVmloP3zKPI6aS%2BUJ%2FepFsGjiTeazFkspXQuGRSu%2FuvOIsGRxRytWuPYZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
cf-ray: 78412e6b0f419a15-FRA

GET
H3 200 thumb_19_100_100_0_0_crop.jpg
bloxids.com/storage/app/uploads/public/5fa/40d/2f8/ 5 KB
6 KB 48ms
44ms Image
image/jpeg 2606:4700:3031::ac43:c0cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxids.com/storage/app/uploads/public/5fa/40d/2f8/thumb_19_100_100_0_0_crop.jpg
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c0cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50530b450b08289dc7e20276dfb0eae46cbcb7248a97ead870ebaeef94a368e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 63539
x-ezoic-cdn: Hit ds;mm;22e6cd1efb218a928905e1b939ffbe1b;2-237061-2;116aff9f-b026-4dfc-4de3-d2760a9bcf08
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Fri, 23 Dec 2022 17:53:57 GMT
server: cloudflare
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GserjCLbh4BGzCEUnILNcWkfcMOD6%2FVqk7no3LfGuQsOxECYQxDIuJyh99ROZ%2F5C9MVdp8h3WhqDJRbIh%2FxQT5EyrmB3nbcw5Pr2MT0RfEDh82L0o0Ql4VCC%2F%2B3rL0%2F2D0EJC1zdqTC3uQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
cf-ray: 78412e6b0f429a15-FRA

GET
H3 200 thumb_9_100_100_0_0_crop.png
bloxids.com/storage/app/uploads/public/5fa/1a2/7a5/ 19 KB
20 KB 49ms
44ms Image
image/png 2606:4700:3031::ac43:c0cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxids.com/storage/app/uploads/public/5fa/1a2/7a5/thumb_9_100_100_0_0_crop.png
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c0cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa0928ca4a87f22ed6446033c2f6dd12061e3755993904cc77681e6994cd0e76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 63539
x-ezoic-cdn: Hit ds;mm;d0542b9f568988d9e3d8c98eff64bcc9;2-237061-2;433fcfe9-bd07-4f11-5c99-dd5961777b89
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Fri, 23 Dec 2022 17:53:57 GMT
server: cloudflare
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n0mKwphDC6TlGf%2Bmtln04IHsxzj71Iq5A1XAqEV3YTEqKjElW0j7JfS%2Bgti9yD%2BzN5C81czLKrsAtBWY9R2vxv%2BTbKWal0B%2FeB8xlSzNBYxsgWCBaBjoXWiUbZ9NV8IaOMLhBk%2FC7W5J2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
cf-ray: 78412e6b0f439a15-FRA

GET
H3 200 thumb_16_100_100_0_0_crop.jpg
bloxids.com/storage/app/uploads/public/5fa/403/4e8/ 4 KB
5 KB 50ms
46ms Image
image/jpeg 2606:4700:3031::ac43:c0cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxids.com/storage/app/uploads/public/5fa/403/4e8/thumb_16_100_100_0_0_crop.jpg
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c0cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bd70611e3a5c2344c278a1e6d72261f2c959093ace9bb7b00f6aec2312d3666

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 63539
x-ezoic-cdn: Hit ds;mm;1f51b2ce141f373b875dc0f20a775d20;2-237061-2;7435d3b1-8f2b-4418-555c-9fd640440a9f
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Fri, 23 Dec 2022 17:53:57 GMT
server: cloudflare
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eAkv5uC4taTsHRC0mgIf58mi%2BelmSFEv9GVrqppDY9s89sXbO3yiQpfqW7INfB7oZrc5wn%2FMlC8XqjCn%2FSqj0NRlpcftJd3vr5EptePxqeGjS9I6W%2FJyNxIHX47V%2FDk0AWShc72%2BAZUwAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
cf-ray: 78412e6b0f459a15-FRA

GET
H3 200 thumb_10_100_100_0_0_crop.png
bloxids.com/storage/app/uploads/public/5fa/1a2/ad5/ 20 KB
20 KB 50ms
46ms Image
image/png 2606:4700:3031::ac43:c0cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxids.com/storage/app/uploads/public/5fa/1a2/ad5/thumb_10_100_100_0_0_crop.png
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c0cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cd704ff9aac0ff550d194364699a21641b2e8b9072171b6084465b01dd72a07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 63539
x-ezoic-cdn: Hit ds;mm;b362759b9cbc7617cc5f707965243545;2-237061-2;875b37f1-e63f-47d4-6351-af7eebdd6c6d
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Fri, 23 Dec 2022 17:53:57 GMT
server: cloudflare
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AgrzWROeXUmurd40a8M6PEi7JYqUDQhcF26CqG2kkmcmwZ%2BeFSos7UFU3VBACL3fZ3WFkaXNfE965A8RGinzaa8r7oHVrAg8MyVLrJRbCxVp4P%2BXXl98XFYbArZNnOGCpzt7Ldg22Bn2NA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
cf-ray: 78412e6b0f469a15-FRA

GET
H3 200 thumb_14_100_100_0_0_crop.jpg
bloxids.com/storage/app/uploads/public/5fa/2c4/de3/ 4 KB
4 KB 52ms
48ms Image
image/jpeg 2606:4700:3031::ac43:c0cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxids.com/storage/app/uploads/public/5fa/2c4/de3/thumb_14_100_100_0_0_crop.jpg
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c0cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2dbfc2cf83964693166e8c68cc7da95d40a2fd79156b353b9823280b3abbadd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 63539
x-ezoic-cdn: Hit ds;mm;b0494b6f17f089a76423c7b5dbe3382b;2-237061-2;2b68a74a-8514-445b-5d5d-c764b1481e97
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Fri, 23 Dec 2022 17:53:57 GMT
server: cloudflare
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qVO%2BJpYJY9wLK3hcMz09C8WwpvuRZ%2FAVTdtQs%2FH6TScViR%2BRDYlaOCC8LlylEpymxDYWBvkvZTCLvfpHOGb9DTVPsMjduIwaClF9N7Dv%2BItJbecEbi89ev6C2e366bf%2Bth7Mc345UUF1YA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
cf-ray: 78412e6b0f479a15-FRA

GET
H3 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.5.0/js/ 59 KB
16 KB 30ms
21ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/js/bootstrap.min.js

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bloxids.com/
Origin: https://bloxids.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 601, 718, 718
age: 165680
cdn-cachedat: 2021-08-03 11:18:10
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:10 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: eb8f8d45f7cb9e018456d6bc59d51c17
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 78412e6b0a7dbb5c-FRA
cdn-requestpullsuccess: True

GET
H2 200 jquery.dataTables.min.js Show response
cdn.datatables.net/1.10.21/js/ 83 KB
29 KB 18ms
10ms Script
application/javascript 2606:4700:10::6816:325d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/1.10.21/js/jquery.dataTables.min.js

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffbce8dbb2e5fe154a842b04fb2f26d924b96e114f11016179308bf3b1eeba60

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:22 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 6399
content-length: 29029
last-modified: Fri, 11 Nov 2022 14:46:27 GMT
server: cloudflare
etag: "15a005e-14aa7-5ed32f45b7718-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78412e6b08642c3d-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Thu, 04 Jan 2024 02:33:43 GMT

GET
H2 200 dataTables.bootstrap4.min.js Show response
cdn.datatables.net/1.10.21/js/ 3 KB
2 KB 20ms
12ms Script
application/javascript 2606:4700:10::6816:325d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/1.10.21/js/dataTables.bootstrap4.min.js

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5b6ebd94e15926993c5ac5c1e5169f6b80184baf04133f6ae5f3f8e58af19bd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:22 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 6196
content-length: 1603
last-modified: Fri, 11 Nov 2022 14:46:27 GMT
server: cloudflare
etag: "15a0875-cce-5ed32f45b6778-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78412e6b08652c3d-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Thu, 04 Jan 2024 02:37:06 GMT

GET
H3 200 clipboard.min.js Show response
cdn.jsdelivr.net/npm/clipboard@2.0.6/dist/ 10 KB
4 KB 23ms
9ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/clipboard@2.0.6/dist/clipboard.min.js

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8a7739925f4c03586479852df840b7061948832a7fda30c8c812d2ea4dd4c4f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Jan 2023 04:20:22 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 4852209
x-jsd-version: 2.0.6
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3354
x-served-by: cache-fra-eddf8230093-FRA, cache-hhn-etou8220032-HHN
x-jsd-version-type: version
etag: W/"28d5-Y3HsCo4kI5XH1NAI0rmORyydzFI"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 framework.combined-min.js Show response
bloxids.com/modules/system/assets/js/ 22 KB
7 KB 27ms
23ms Script
application/javascript 2606:4700:3031::ac43:c0cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/modules/system/assets/js/framework.combined-min.js
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c0cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cb6f39ae0c622292f3b23722249653e11dba33e1b8e1ab3889ef18c8798ee27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 16076
x-ezoic-cdn: Hit ds;mm;33506b185f0604dff27b257d5aa970d9;2-237061-2;8fb22807-03ae-4bc6-51a7-6bbed19befd0
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Fri, 23 Dec 2022 17:53:57 GMT
server: cloudflare
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=38bR8KQS1%2F8imB%2Bl8hGw8P5ioafQ7hIO6yfcdO%2FtVlSTTKs%2FdEpg8mbdAx2N5rA26nK8zUtyBxvXhVdkHtLsNhL3TkxoSWQo1g9JxLzyE0vtjXb7ymoCUaMZSs%2FJc8Fs0e4g82NfJdFxnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=43200
cf-ray: 78412e6b0f369a15-FRA

GET
H3 200 framework.extras-min.css
bloxids.com/modules/system/assets/css/ 6 KB
2 KB 28ms
23ms Stylesheet
text/css 2606:4700:3031::ac43:c0cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/modules/system/assets/css/framework.extras-min.css
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c0cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2218e1a345e2d9b9b4a3ab19f8a1dbd25866e51de1e65b472d226dbc2552491

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 40464
x-ezoic-cdn: Hit ds;mm;25b55880c5da8d3f295656cc00a47e1a;2-237061-2;0bf842b9-f571-4249-533f-73544b79d4d7
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Fri, 23 Dec 2022 17:53:57 GMT
server: cloudflare
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F50Nx7fSf5jqaTSNRodfaFpUhqQq%2FT2bKKPLP6YvYxXkzdKf%2FNt9xp0fNIzytPBLSuIEVS1q91sYbuTFVX4lwITg2XpilFcS%2Ba8gEpwDrJUCznedae%2BjBpOafNnyaso%2FihuFgmm9LVRd6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=43200
cf-ray: 78412e6b0f379a15-FRA

GET
H3 200 augusta.js Show response
bloxids.com/detroitchicago/ 2 KB
1 KB 53ms
49ms Script
application/javascript 2606:4700:3031::ac43:c0cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/detroitchicago/augusta.js?cb=24
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c0cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcc0b6437eeec474b65774198371749c6e3f11c12b0bc14f3a971714d0d0e52b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Aug 2022 00:55:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 11330688
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ndqc%2BEbS%2BkzNGxHoX6bW38YpfyBsAXA46EAYnbj5%2BDYw%2BjvkTc1reZ%2FtNA4lDwt5nWMRWz74OFu21RvwI7mVOOnroHC4IhPlpaEX27oaJ00EJ4gAXB393%2FrN7GxnsuZbwaelDV40v91sw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 78412e6b0f4a9a15-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 banger.js Show response
bloxids.com/porpoiseant/ 53 KB
15 KB 32ms
28ms Script
application/javascript 2606:4700:3031::ac43:c0cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/porpoiseant/banger.js?cb=195-0&bv=171&v=71&PageSpeed=off
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c0cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45e0a1af4d8055f5357b8f3dc0ab7a31733a1bfaccab6032a189672dc941f677

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 Jan 2023 18:58:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 120098
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BMZRdgBOPHuafVinp4m2naD32Sa%2FGPc9v0nidbhtflH5nXri9oO0BsJ14hTj47ZfE4doOpqtDI0zn%2Ffwf%2F21bltJizOQEFlys9z7j3fSfaXrrgg9OE6ZcsKVZbvfFt7s%2BpdHFx7iIZ0tAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 78412e6b0f4b9a15-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 cmbv2.js Show response
bloxids.com/detroitchicago/ 54 KB
16 KB 37ms
33ms Script
application/javascript 2606:4700:3031::ac43:c0cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-22y13-4y17-5y1c-y22-3y23-4y24-6y30-4y59-2y5d-22y64-1&cmbcb=118&sj=x04x02x06x07x0bx0dx13x17x1cx22x23x24x30x59x5dx64&abt=CharityRetry
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c0cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f570b027df1bcb0193cdb7e264c47b02b2479d43ae8b48f1f743ed5d96798126

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 Jan 2023 21:06:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 112409
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iKrd571EFQXBFHBE%2FwDQYdQ9%2BgVp8lOEbdmHXrvxu16E3IdljJ2K%2FawJfbe%2B2Z0v%2B9qhFQLdyu24Ukn%2BJRYiy8KOnK0%2F6nLGH762VJTfMs2Tu1mQrtB5qGZwWHvhbTv6J4PbDsOlgtNesQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 78412e6b0f4c9a15-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 bg.jpg
bloxids.com/themes/xwm-roblox-theme/assets/images/ 388 KB
389 KB 30ms
29ms Image
image/jpeg 2606:4700:3031::ac43:c0cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxids.com/themes/xwm-roblox-theme/assets/images/bg.jpg
Requested by: Host: bloxids.com
URL: https://bloxids.com/combine/bd26b15ecd703b4f452c356e5e44b398-1617720227
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c0cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e66867a79759314ae7d2a20b2352df9ac8f7ff215d056a54f3cec75debcf3be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/combine/bd26b15ecd703b4f452c356e5e44b398-1617720227
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 63539
x-ezoic-cdn: Hit ds;ds;8453272b9b9daf47298e1bd0c8b6f560;2-237061-2;c302488b-12b7-4509-656c-ba4a25e14b34
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Fri, 23 Dec 2022 17:53:57 GMT
server: cloudflare
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rRIWHd8iGjk3Qyl3%2FOjm3%2FiOk5G4hRHqDGnhzPma%2ByOE%2BjT%2BzVPIYZbjX33WaVm65%2FY0ZGbfec4fje5oymYxrx5dn64b7PJt6zpxhs4bUplPO9Rw62%2BxSm2%2BO%2Fw2zkoal3rZM2%2FOp9FeeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
cf-ray: 78412e6b1f539a15-FRA

GET
H2 200 ezoic.png
go.ezoic.net/utilcave_com/img/ 1 KB
2 KB 81ms
6ms Image
image/png 2600:9000:214f:da00:2:cb38:840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.ezoic.net/utilcave_com/img/ezoic.png
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:da00:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 20:21:16 GMT
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
x-sol: middleton
display: staticcontent_sol
x-amz-cf-pop: FRA53-C1
age: 374347
x-cache: Hit from cloudfront
x-middleton-display: staticcontent_sol
content-length: 1181
last-modified: Fri, 23 Dec 2022 17:53:57 GMT
server: Apache/2.4.39 (Ubuntu)
etag: "49d-5d9576f862e00-gzip-gzip"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800
x-amz-cf-id: mK_mHgw04g7ki7Okfs2cQPyL19xP3lfDCYZ6SE07wWdxFXFs3t1mbA==
expires: Fri, 06 Jan 2023 20:21:16 GMT

GET
H3 200 houston.js Show response
bloxids.com/detroitchicago/ 7 KB
3 KB 15ms
14ms Script
application/javascript 2606:4700:3031::ac43:c0cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/detroitchicago/houston.js?gcb=0&cb=35
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c0cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ec128a75d473f7a69fc2d23fa0ae022a1a6ab395a0f7646f3471b7893d9f9d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 31 Dec 2022 01:00:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 357580
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YdDHLSl7RYaGGxS06N7glQcM5xFdN02nNcwnOs%2Bn1gwgJFYWLnrL060Y8X3Ojb%2F%2FOHEjOxE8biit%2BPV9TkzaAZ3eoRpL97ru5y5dYv8FJyp2s67SIypH1cLyR5l9Qo0Hs8KvMQ2ay5yGzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 78412e6b7f9d9a15-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 tuscon.js Show response
bloxids.com/detroitchicago/ 4 KB
2 KB 22ms
21ms Script
application/javascript 2606:4700:3031::ac43:c0cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/detroitchicago/tuscon.js?gcb=0&cb=3
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c0cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c01a6fc50170f2575ad7a091c81a799c2c20fec32a5ad6524d7c40f740ab5cf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 31 Dec 2022 01:00:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 357594
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Km0q53rq0VHIty%2BmUfjNPK5Q6mNAmPsIO%2BcbUqqhk%2Bnj4TiQ05D5EhVDYtkGAPpNqv0V%2Ft2DRCJRBNsrXEQZGs9cz8RVneuYYXS1zQlrhpLLUrbAz8CP2iaPrXzq9RlFQJY7mpq%2FyOFCPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 78412e6b7f9e9a15-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 / Show response
basher.ezodn.com/ 3 KB
2 KB 26ms
16ms XHR
application/json 2606:4700:e4::ac40:a006
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://basher.ezodn.com/?did=237061&bf=180&dc=1254144
Requested by: Host: bloxids.com
URL: https://bloxids.com/porpoiseant/banger.js?cb=195-0&bv=171&v=71&PageSpeed=off
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:a006 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29f55a4597b961a3ec8cbd829cf98b69da04006873173e884f4fc069ddd687b4

Request headers

Referer: https://bloxids.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
X-PINGBACK: pingpong
Content-Type: application/json

Response headers

date: Wed, 04 Jan 2023 04:20:23 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 86400
vary: Origin, Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://bloxids.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8RvaetK3SZVg9zcDoAg%2BMJ0Bkp6OjvDAked6Sry5FdVErkJZzFdDfCqjY90t7IvMwz7JbKRQntTNjLk49usLmUnvPdy4VmQVhVuI5ZsqOx%2BmDoct426Q%2B2BKb6osEP5p0%2FkzPH9sSsLV0yuEuy9F"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: public, max-age=84400
cf-ray: 78412e6bf8852c4f-FRA
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H2 200 /
basher.ezodn.com/ Frame 0
0 47ms
15ms Preflight
application/json 2606:4700:e4::ac40:a006
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://basher.ezodn.com/?did=237061&bf=180&dc=1254144
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a006 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-pingback
Access-Control-Request-Method: GET
Origin: https://bloxids.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-pingback
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://bloxids.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray: 78412e6bca5590a3-FRA
content-length: 0
content-type: application/json
date: Wed, 04 Jan 2023 04:20:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h44Mz9Gi9BuMQ7%2BWbmyjYcZZOVyl1YcNnKO6T5Nc8vApIf%2FMDLDWVtchGBxJMxDky5DUJR9ySlXfadIKmPg8T%2BgbzXkyw9QVwdY8yiyTG18h8VmGy%2Fo1UiKkR4sKGTsdsCyTpvB13Vpv%2FhCFHqg3"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding

GET
H3 200 imp.gif Show response
bloxids.com/detroitchicago/ 43 B
572 B 36ms
31ms XHR
image/gif 2606:4700:3031::ac43:c0cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A2%2C%22ad_count_adjustment%22%3A1%2C%22ad_lazyload_version%22%3A3%2C%22ad_load_version%22%3A1%2C%22ad_location_ids%22%3A%226%2C21%2C4%2C1%2C5%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A4%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A3%2C%22city%22%3A%22Frankfurt%20am%20Main%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A3%2C%22domain_id%22%3A237061%2C%22domain_test_group%22%3A20230802%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A1%2C%22ezcache_skip_code%22%3A11%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A3%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221001%2C1006%2C1100%2C1102%2C1104%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%224f09a87b-5372-4838-70ee-06cfca43f4ce%22%2C%22position_selection_id%22%3A0%2C%22postal_code%22%3A%2260326%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A31738%2C%22response_time_orig%22%3A504%2C%22serverid%22%3A%223.69.230.18%3A30377%22%2C%22state%22%3A%22HE%22%2C%22sub_page_ad_positions%22%3A%221006%2C1100%2C1102%2C1104%2C1220%22%2C%22t_epoch%22%3A1672806022%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fbloxids.com%2F%22%2C%22user_id%22%3A0%2C%22word_count%22%3A305%2C%22worst_bad_word_level%22%3A0%7D
Requested by: Host: bloxids.com
URL: https://bloxids.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-22y13-4y17-5y1c-y22-3y23-4y24-6y30-4y59-2y5d-22y64-1&cmbcb=118&sj=x04x02x06x07x0bx0dx13x17x1cx22x23x24x30x59x5dx64&abt=CharityRetry
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c0cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:23 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bGkv%2FPqNDgK7Cok539Y3mabthvhhV%2BQJzPCL9gj67SHU0dEeOxRhb7grDWh2Bj%2BeuvP2dWvGcUrQU8DiSV3JRvIOrX7%2Bg%2B%2Bfc3YaC9F%2FzK3kzulj%2BXnERMEUGG3IwY2KoW6XClP40M6QWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-middleton-display: imp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 78412e6bafc29a15-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Tue, 03 Jan 2023 04:20:22 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 25 KB
10 KB 103ms
7ms Script
application/javascript 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: bloxids.com
URL: https://bloxids.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-22y13-4y17-5y1c-y22-3y23-4y24-6y30-4y59-2y5d-22y64-1&cmbcb=118&sj=x04x02x06x07x0bx0dx13x17x1cx22x23x24x30x59x5dx64&abt=CharityRetry
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d854082be0173c977aad8f65cdb9b88fd005f3dd3f34f894ab9fdba5a283780f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:23 GMT
content-encoding: gzip
etag: "StHfV9prSwQMxjKWocWEFw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Wed, 11 Jan 2023 04:20:23 GMT

GET
H3 200 cmbdv2.js Show response
bloxids.com/detroitchicago/ 41 KB
11 KB 17ms
15ms Script
application/javascript 2606:4700:3031::ac43:c0cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/detroitchicago/cmbdv2.js?gcb=195-0&cb=03-8y0c-6y18-5y5e-22&cmbcb=118&sj=x03x0cx18x5e&abt=CharityRetry
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c0cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 197a73798f4e624b4030e6774f4e8bb5f566a5b03944237a9d043ddeb6ec1af0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Jan 2023 11:43:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 59833
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YzvlH0iFqYzX4Fa5DtFWVzNkVXV%2FSRfZicdDUKdwMubuv9f6JucEMDICkhI3Ai6X5Qa%2B9AS%2FLglCcYeDEIURAlLTd0Pq4ttUP2UvhkVcEt51LqOkQ%2FJWFBTk1PE0OVnx%2Bc7n459MZCMOeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 78412e6bafc39a15-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 nmash.js
bloxids.com/porpoiseant/ 23 KB
7 KB 36ms
34ms Other
application/javascript 2606:4700:3031::ac43:c0cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/porpoiseant/nmash.js?v=171
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c0cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e1c054e7aeaad3071d3ea391ef7f60a330ef31a1d941480878ca36828900fec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:23 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 04 Jan 2023 03:28:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BbfN9sFibuqVeX%2Fhi4JKwhgER0gSEGFFaRssxEofMGnJR%2Bka9ILvVApzJ43r5jB1YVzEgpPmwMznm3OGqNefnlK5uFIpHK1TNR7boOjidRMxRYaMNLXIxhi5lKnT1xfj8IAXxvv%2BTn5LhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=14400
x-robots-tag: noindex
cf-ray: 78412e6bafc49a15-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pubads_impl_2022120701.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
129 KB 62ms
20ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2f8c7997f52d388163a69b8832524663fd4b607f83cdb13ed9c6e928ad71fac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 11:33:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 578817
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132289
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 09:34:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 28 Dec 2023 11:33:26 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 125 B
106 B 83ms
42ms XHR
application/json 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=bloxids.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f78af99fa3880f69df1d7931f99e1b236229c1630dd241fa72f9b1e418f9ff9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81
x-xss-protection: 0
expires: Wed, 04 Jan 2023 04:20:23 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
344 B 35ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-DB9D1TK41K&gtm=2oebu0&_p=1396471619&cid=1508865728.1672806023&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1672806023&sct=1&seg=0&dl=https%3A%2F%2Fbloxids.com%2F&dt=Roblox%20Music%20Codes%20-%20BloxIDs.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DB9D1TK41K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 04:20:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bloxids.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-31iz6hfFutd16.js Show response
rules.quantcount.com/ 160 B
634 B 35ms
6ms Script
application/javascript 2600:9000:211e:b400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:b400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4718dd9f68e969d1cb5e1b6172206b7150ad1d8cd5c5c1fe5812dd0e1646d426

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 03:35:48 GMT
via: 1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 2675
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Fri, 14 Oct 2022 00:41:49 GMT
server: AmazonS3
etag: "af15ecfe46737cb2a37226fd060f23a6"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: z-yYmG3bpb_gevErPEfzhx-dRyCpIOwOvEXDnZOlOlIszgxUz98wfA==

GET
H2 200 pixel;r=1908203994;labels=Domain.bloxids_com%2CDomainId.237061;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fbloxids.com%2F;uht=2;fpan=1;fpa=P0-1787463384-1672806023092;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-...
pixel.quantserve.com/ 35 B
372 B 54ms
8ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1908203994;labels=Domain.bloxids_com%2CDomainId.237061;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fbloxids.com%2F;uht=2;fpan=1;fpa=P0-1787463384-1672806023092;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20221215111636;cm=;gdpr=0;ref=;d=bloxids.com;dst=0;et=1672806023130;tzo=0;ogl=;ses=3c6a346a-40bd-44d6-a721-8d99f63988ee

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 04:20:23 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 106ms
43ms Script
application/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bloxids.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 105ms
42ms Script
application/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bloxids.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
669 B 400ms
400ms XHR
text/plain 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1750627456385336&correlator=1946998276943008&eid=31071144%2C44780792%2C31061690&output=ldjh&gdfp_req=1&vrg=2022120701&ptt=17&impl=fifs&iu_parts=1254144%3A21793048808%2Cbloxids_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ifi=1&adks=2972980631&didk=2259044073&sfv=1-0-40&prev_scp=a%3D%257C0%257C%26iid1%3D1876608655911883%26eid%3D1876608655911883%26t%3D134%26d%3D237061%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod110%26ic%3D1%26at%3Dmbf%26adr%3D398%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dbloxids_com-medrectangle-2-1876608655911883%26eb_br%3D9ae587f95e95c876b7b76fd4c72a3838%26eba%3D1%26ebss%3D10061%2C10015%2C10063%2C11307%26bv%3D23%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D180%26br2%3D90%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D77%2C14%2C0%2C67%2C0%2C168%2C132%2C0%2C33%2C180%2C187%2C0%2C901%2C182%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C3676%2C2030%2C2030%2C774&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1672806023200&lmt=1672806023&dlt=1672806022811&idt=357&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbloxids.com%2F&frm=20&vis=1&psz=970x-1&msz=970x-1&fws=512&ohw=0&ga_vid=1508865728.1672806023&ga_sid=1672806023&ga_hid=1396471619&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8ea692c129c8ea5b5e66d9fd55a80fe997b950d15e33fd7c3934aab5ba53c28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 639
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bloxids.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4DB9 6 KB
3 KB 183ms
53ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxids.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 04:20:23 GMT
expires: Thu, 04 Jan 2024 04:20:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dark-bottom.css
bloxids.com/ezoic/styles/ 3 KB
1 KB 13ms
12ms Stylesheet
text/css 2606:4700:3031::ac43:c0cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/ezoic/styles/dark-bottom.css
Requested by: Host: bloxids.com
URL: https://bloxids.com/ezoic/cookieconsent.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c0cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94edf973e9deb80b5eccf17f8f3108eafe15209fe25fe417e8f8962a4d8f48b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Dec 2022 16:32:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1265926
etag: W/"bd7-5eff484e1c300-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3NG0uTEE7AiQEry%2BMLRp5Tk1lIYmbCsmCVByaSHxFOqR3WnupsECSPWsx1KikAB8XDGezhM3AjQbfHEE5%2BN%2FilJFjDt4aetlpHYgQ2e9LMvr7E4iUWCaFOdH7jwUoKJxKvNGGIJd2cl2dA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 78412e6e5a139a15-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 204 greenoaks.gif Show response
bloxids.com/detroitchicago/ 0
512 B 26ms
26ms XHR
text/plain 2606:4700:3031::ac43:c0cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI0ZjA5YTg3Yi01MzcyLTQ4MzgtNzBlZS0wNmNmY2E0M2Y0Y2UiLCJkb21haW5faWQiOiIyMzcwNjEiLCJ0X2Vwb2NoIjoxNjcyODA2MDIyLCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNGYwOWE4N2ItNTM3Mi00ODM4LTcwZWUtMDZjZmNhNDNmNGNlIiwiZG9tYWluX2lkIjoiMjM3MDYxIiwidF9lcG9jaCI6MTY3MjgwNjAyMiwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjMtMDEtMDQifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiI0In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjMifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjRmMDlhODdiLTUzNzItNDgzOC03MGVlLTA2Y2ZjYTQzZjRjZSIsImRvbWFpbl9pZCI6IjIzNzA2MSIsInRfZXBvY2giOjE2NzI4MDYwMjIsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjRmMDlhODdiLTUzNzItNDgzOC03MGVlLTA2Y2ZjYTQzZjRjZSIsImRvbWFpbl9pZCI6IjIzNzA2MSIsInRfZXBvY2giOjE2NzI4MDYwMjIsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNGYwOWE4N2ItNTM3Mi00ODM4LTcwZWUtMDZjZmNhNDNmNGNlIiwiZG9tYWluX2lkIjoiMjM3MDYxIiwidF9lcG9jaCI6MTY3MjgwNjAyMiwiZGF0YSI6W3sibmFtZSI6Im5hdmlnYXRpb25fdHlwZSIsInZhbCI6IjAifSx7Im5hbWUiOiJyZWRpcmVjdF9jb3VudCIsInZhbCI6IjAifV19XQ==
Requested by: Host: bloxids.com
URL: https://bloxids.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-22y13-4y17-5y1c-y22-3y23-4y24-6y30-4y59-2y5d-22y64-1&cmbcb=118&sj=x04x02x06x07x0bx0dx13x17x1cx22x23x24x30x59x5dx64&abt=CharityRetry
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c0cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:23 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bbap5kEIiH1w9EfKLTxcjSpGYcuyfAte0lz34Hx7W8v5zKrC6V0XJNr4rk%2BO%2BMCWfQE4QBGxTfkLj7jPsIjojb19EZikeJS7%2BcCCSupbS9wuwxJ080XAx1KGgFhdDOS34uSBXH5518a7OA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 78412e6e5a159a15-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 03 Jan 2023 04:20:27 GMT

POST
H3 204 greenoaks.gif
bloxids.com/detroitchicago/ 0
530 B 24ms
23ms Ping
text/plain 2606:4700:3031::ac43:c0cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI0ZjA5YTg3Yi01MzcyLTQ4MzgtNzBlZS0wNmNmY2E0M2Y0Y2UiLCJkb21haW5faWQiOiIyMzcwNjEiLCJ0X2Vwb2NoIjoxNjcyODA2MDIyLCJkYXRhIjpbeyJuYW1lIjoicGVyZl9pc190cmFja2VkIiwidmFsIjoiMSJ9LHsibmFtZSI6InBlcmZfbmF2X3RvX2Nvbm5lY3QiLCJ2YWwiOiIzMjcifSx7Im5hbWUiOiJwZXJmX2Nvbm5lY3RfdG9fcmVzcF9zdGFydCIsInZhbCI6IjEwMjIifSx7Im5hbWUiOiJwZXJmX3Jlc3BfdGltZSIsInZhbCI6IjQifSx7Im5hbWUiOiJwZXJmX2ludGVyYWN0aXZlIiwidmFsIjoiMTUwIn0seyJuYW1lIjoicGVyZl9jb250ZW50bG9hZGVkIiwidmFsIjoiMTUyIn0seyJuYW1lIjoicGVyZl9jb21wbGV0ZSIsInZhbCI6IjYwMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjRmMDlhODdiLTUzNzItNDgzOC03MGVlLTA2Y2ZjYTQzZjRjZSIsImRvbWFpbl9pZCI6IjIzNzA2MSIsInRfZXBvY2giOjE2NzI4MDYwMjIsImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9wYWludCIsInZhbCI6IjExMzIifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI0ZjA5YTg3Yi01MzcyLTQ4MzgtNzBlZS0wNmNmY2E0M2Y0Y2UiLCJkb21haW5faWQiOiIyMzcwNjEiLCJ0X2Vwb2NoIjoxNjcyODA2MDIyLCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfY29udGVudGZ1bF9wYWludCIsInZhbCI6IjExMzIifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI0ZjA5YTg3Yi01MzcyLTQ4MzgtNzBlZS0wNmNmY2E0M2Y0Y2UiLCJkb21haW5faWQiOiIyMzcwNjEiLCJ0X2Vwb2NoIjoxNjcyODA2MDIyLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9lZmZlY3RpdmVfdHlwZSIsInZhbCI6IjRnIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNGYwOWE4N2ItNTM3Mi00ODM4LTcwZWUtMDZjZmNhNDNmNGNlIiwiZG9tYWluX2lkIjoiMjM3MDYxIiwidF9lcG9jaCI6MTY3MjgwNjAyMiwiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fZG93bmxpbmsiLCJ2YWwiOiIxMCJ9XX1d
Requested by: Host: bloxids.com
URL: https://bloxids.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-22y13-4y17-5y1c-y22-3y23-4y24-6y30-4y59-2y5d-22y64-1&cmbcb=118&sj=x04x02x06x07x0bx0dx13x17x1cx22x23x24x30x59x5dx64&abt=CharityRetry
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c0cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XrpZKY%2FOwQXD9rQaS%2BGjvH4nTU1b87s4cBlWpDFGhg2OcA1Ss9uvHk3r%2FIV2M8f3KmdsFeeIf5Q91o3LqaOkGeCy5oa%2F2ie6NL5URzNhGho42wH1ARUVJTN07JzuKj2L5%2Fb17jYBanlO2g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://bloxids.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 78412e6e5a189a15-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 03 Jan 2023 04:20:27 GMT

GET
H3 204 greenoaks.gif Show response
bloxids.com/detroitchicago/ 0
511 B 24ms
24ms XHR
text/plain 2606:4700:3031::ac43:c0cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI0ZjA5YTg3Yi01MzcyLTQ4MzgtNzBlZS0wNmNmY2E0M2Y0Y2UiLCJkb21haW5faWQiOiIyMzcwNjEiLCJ0X2Vwb2NoIjoxNjcyODA2MDIyLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9ydHQiLCJ2YWwiOiIwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNGYwOWE4N2ItNTM3Mi00ODM4LTcwZWUtMDZjZmNhNDNmNGNlIiwiZG9tYWluX2lkIjoiMjM3MDYxIiwidF9lcG9jaCI6MTY3MjgwNjAyMiwiZGF0YSI6W3sibmFtZSI6ImlzX2FkX2Jsb2NrZWQiLCJ2YWwiOiJmYWxzZSJ9XX1d
Requested by: Host: bloxids.com
URL: https://bloxids.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-22y13-4y17-5y1c-y22-3y23-4y24-6y30-4y59-2y5d-22y64-1&cmbcb=118&sj=x04x02x06x07x0bx0dx13x17x1cx22x23x24x30x59x5dx64&abt=CharityRetry
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c0cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:23 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wl2O6nsqQ1pFAAjv4JEdqIiK7oXEGdXJuTei7yBIavJyQTxcoD7i52%2FZsMekPhFB%2FJOqEIKXC1BMSuYzrl0ckf8UVgtSM5eMJZa%2Fq16cJ6uOrUDip8jm095fs1JZlLprOUlyuNqNrn20Qw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 78412e6e5a199a15-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 03 Jan 2023 04:20:23 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 116ms
55ms XHR
application/json 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1367dfa417ef97a7104ceffe8bb12b515be863f13bb6de37f2ecd8b007ca705a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11024
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 85ms
43ms Script
application/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bloxids.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 83ms
42ms Script
application/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bloxids.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
611 B 417ms
417ms XHR
text/plain 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1750627456385336&correlator=154289485560935&eid=31071144%2C44780792%2C31061690&output=ldjh&gdfp_req=1&vrg=2022120701&ptt=17&impl=fifs&iu_parts=1254144%3A21793048808%2Cbloxids_com-box-2%2Cbloxids_com-medrectangle-3&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=728x90%2C970x90&ifi=2&adks=2284878681%2C4225020721&didk=205975327~2259057186&sfv=1-0-40&prev_scp=a%3D%257C0%257C%26iid1%3D2915035477869239%26eid%3D2915035477869239%26t%3D134%26d%3D237061%26t1%3D134%26pvc%3D0%26ap%3D1001%26sap%3D1220%26as%3Drevenue%26plat%3D1%26bra%3Dmod110%26ic%3D1%26at%3Dmbf%26adr%3D398%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dbloxids_com-box-2-2915035477869239%26eb_br%3D58ef7bddb438af5e257c4377f32c243a%26eba%3D1%26ebss%3D10061%2C10015%2C10063%2C11307%26bv%3D23%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26acptad%3D1%26br1%3D120%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C0%2C4%2C0%2C193%2C196%2C20%2C71%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C3676%2C2030%2C2030%2C774%7Ca%3D%257C0%257C%26iid1%3D2735503895858561%26eid%3D2735503895858561%26t%3D134%26d%3D237061%26t1%3D134%26pvc%3D0%26ap%3D1104%26sap%3D1104%26as%3Drevenue%26plat%3D1%26bra%3Dmod110%26ic%3D1%26at%3Dmbf%26adr%3D398%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D21%26al%3D1021%26compid%3D0%26tap%3Dbloxids_com-medrectangle-3-2735503895858561%26eb_br%3D3530fcb6bcc13dc3c1712eaef7d92700%26eba%3D1%26ebss%3D10061%2C10015%2C10063%2C11307%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D160%26br2%3D80%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C193%2C0%2C4%2C0%2C193%2C132%2C20%2C71%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C3676%2C2030%2C2030%2C774&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1672806023475&lmt=1672806023&dlt=1672806022811&idt=357&adxs=436%2C315&adys=80%2C1135&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbloxids.com%2F&frm=20&vis=1&psz=1600x90%7C1110x90&msz=728x90%7C970x90&fws=0%2C0&ohw=0%2C0&ga_vid=1508865728.1672806023&ga_sid=1672806023&ga_hid=1396471619&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fbe516ae4a05f3a8cfb5f900e04ae43086c6168dfdff65ca586fdb80f524314a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 581
x-xss-protection: 0
google-lineitem-id: -2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bloxids.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 135ms
74ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 04 Jan 2023 04:20:23 GMT

POST
H3 204 greenoaks.gif
bloxids.com/detroitchicago/ 0
536 B 23ms
22ms Ping
text/plain 2606:4700:3031::ac43:c0cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI0ZjA5YTg3Yi01MzcyLTQ4MzgtNzBlZS0wNmNmY2E0M2Y0Y2UiLCJkb21haW5faWQiOiIyMzcwNjEiLCJ0X2Vwb2NoIjoxNjcyODA2MDIyLCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfcmVxdWVzdCIsInZhbCI6Ijc4MCJ9XX1d
Requested by: Host: bloxids.com
URL: https://bloxids.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-22y13-4y17-5y1c-y22-3y23-4y24-6y30-4y59-2y5d-22y64-1&cmbcb=118&sj=x04x02x06x07x0bx0dx13x17x1cx22x23x24x30x59x5dx64&abt=CharityRetry
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c0cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZFTEyV3Z0DzAEd79Jx3ZjdeATF4Nz89uVZnVc52brzb2eRfiH%2Bl%2FC5TfXQsGS4%2F7vvEpVBadTSySD%2BB0THoiPkC4gs4uS%2BFEMnTuPi86NYm%2Fn%2FObCLtBH1y0p%2FUPhhS5yKPscmrQWdoVcg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://bloxids.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 78412e6f9b5b9a15-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 03 Jan 2023 04:20:23 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5611 13 KB
5 KB 64ms
20ms Document
text/html 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxids.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 543076
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Dec 2022 21:29:07 GMT
expires: Thu, 28 Dec 2023 21:29:07 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A80B 783 B
1 KB 107ms
43ms Document
text/html 2a00:1450:400d:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2d588bb58f18ce1235341af88e6eafbf4901a0680df01cf80851417059139a7a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-otMuU2Qd29kO1CTtwUusiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bloxids.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-otMuU2Qd29kO1CTtwUusiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 04:20:23 GMT
expires: Wed, 04 Jan 2023 04:20:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame 5611 36 KB
16 KB 61ms
20ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:49:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27059
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Jan 2024 20:49:24 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A80B 0
0 52ms
51ms Image
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120701&jk=1750627456385336&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5611 0
10 B 20ms
19ms Image
text/plain 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?C0G5Eg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:23 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 42ms
42ms Script
application/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bloxids.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 42ms
42ms Script
application/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bloxids.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 152 KB
45 KB 615ms
615ms XHR
text/plain 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1750627456385336&correlator=4032197606899703&eid=31071144%2C44780792%2C31061690&output=ldjh&gdfp_req=1&vrg=2022120701&ptt=17&impl=fifs&iu_parts=1254144%3A21793048808%2Cbloxids_com-pixel1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=4&adks=1022356245&didk=1988684474&sfv=1-0-40&ists=1&fas=8&prev_scp=br1%3D90%26tap%3Dbloxids_com-pixel1-1524837161900201%26bra%3Dmod110%26al%3D1006%26ic%3D1%26ezoic%3D1%26d%3D237061%26eb_br%3Db355e9227b551c119a30a68852723b62%26ga%3D2497208%26iid1%3D1524837161900201%26bvr%3D8%26ap%3D9999&eri=1&sc=1&cookie=ID%3D17dd01769c6a386f%3AT%3D1672806023%3AS%3DALNI_MZR1sJMKHVa9tOKniImExepZcDTEQ&gpic=UID%3D00000b9d0fc641be%3AT%3D1672806023%3ART%3D1672806023%3AS%3DALNI_MZYWevzuZgiC80YmkzgJcOIUiDCsA&abxe=1&dt=1672806023965&lmt=1672806023&dlt=1672806022811&idt=357&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbloxids.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ACgb8tuRJQV3aL0wM5iAvTk_u1w1%2CACgb8tuRJQV3aL0wM5iAvTk_u1w1%2CACgb8tuRJQV3aL0wM5iAvTk_u1w1&ga_vid=1508865728.1672806023&ga_sid=1672806023&ga_hid=1396471619&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4dd18db639f215458634ec237306e89e01409e791edd7be12c4197e83001a481

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46358
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bloxids.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_page_level_ads_2022120701.js Show response
securepubads.g.doubleclick.net/gpt/ 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022120701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d20eb026b8bb497a6588b444a4c71fda05c0f4c39d5d679d8e0b3527d87af31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 11:41:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 578325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14015
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 09:34:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 28 Dec 2023 11:41:38 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 56ms
56ms Image
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120701&jk=1750627456385336&bg=!4uGl4aXNAAYgquz3AKo7ACkAdvg8WqlGrejGmiHTm_1LgrYSnhAuLOxVlxDOYrU8Thf-pNU1F28NmgIAAABYUgAAAAJoAQcKAILBtMFBRrnLSxlaB5rj2NjBic8KB1kGmCcx79Ge8rqUEzsxom2PGmEwDgrgOI_KPe2bHcx20OZSD1q6V7lsqyPWmvGnCf6jXYS-pTvkiDInQo_PTK-lPDbq0PbDMzyr64FemS0WTJwugDWBpzbEdL2ukbUX5vOMIJx7xOmN80dSv0mgmQLTOQitKe3r8esNDq-WgCcMOSBcs8G1W8re816zUCHgCnyN1VxTXyOTYY0DSrWN5Nhuax5C0EU0NxXNHNwnhK2HmYgx5f7HX_l7iZYBI7wEunvkye3Nc8lK532S4J0FLpp4jAEBwJwvgXWcfhT52uu6d6Y4JpdJZi4Rl2VPt6Zi_IaL3-JPxUCLD7lXILAfqg17mfwkv4CAxy6LutNl2xJlG4vjxKD-FECf29RuMJksWJ09y5KZQKku3Jf1f1-RDNfGQDIcB2-n8eNWR44Z5Vp2_UIYvWrwEiq5cgCYFH24xh8D5hEETf6jrVpwE5S07JIGaym3P8rUTw2qq7956jpyxYKENT7CbdBQU4CHNbAh9EC9SJ5Ctb26Y9ZGqCkn_fwxEvFasGP2GscewynYIB1FbDB_mcdDxMW6aNlujrUBTdQKXTqWGR_U2yAL9GK5ip4b415PK99osyCAij8xchjw_79BNsOZwg9BtfXtGb8CNFZcLQNs8bmyuY36rbV1sRNIxD-Xtc9ztH4ugBqMslYQqfq98iEpuGnhe-MmCwnh9M8kY3T33vaS-rR5gLrlNS1re7ACXys7-GIq0mDOBhQFdDjok0olPMxKtWGhU8aHywqzFAE-ecUqdc_gl5-V00zIm1MKHujE2pBb7di0tNxSC5dWUyOjK4Xzjf2TnvUnOZfLcmQ_Cx8yCk-TVA5MtX2QiEfEaXxdn5qF-8khs8Xh3WQ3bnvFri3AsNA3ugmuSHt_rVtvZ23WKiVFpy9a_JbnCFpcqfLp567pa8awpoqyhiUUCrDHxkRoXzRMAqzV7E-6StCgxWz-JN-xWEPwGIM4acpKFIujEsetB8AJKZAacCjGSPzPuGcwER60cZ-dMAFr5bcYIByT5biwD7KbNHsrU9zU7gGIY_FZ_f6x8t2g-ExFVC2QXCUmiRQU_rGkGvDVZCo4Lqz2dNi8iPhDrPyX8dcT
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 56ms
6ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:24:28 GMT
content-encoding: gzip
age: 1976156
x-guploader-uploadid: ADPycdu3Gw5FY_q4NTn97VXYnntJVtAX26caEl7o3n1xhH_sP1GWn03HtLzXWtmuhtpWhoyqDf_pa2Sc5NeIIOZROxkPyfq5tOA6
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Tue, 12 Dec 2023 07:24:28 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 418ms
20ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-9c1f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 05 Jan 2023 04:20:25 GMT

GET
H3 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
818 B 7ms
6ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Jan 2023 04:20:24 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 42719
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 437
x-served-by: cache-fra-eddf8230064-FRA, cache-hhn-etou8220032-HHN
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 58 KB
17 KB 44ms
13ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 24 Nov 2022 12:48:29 GMT
server: cloudflare
x-amz-request-id: A05D5PKDJ6VBGN14
age: 1045
etag: W/"91dadf6b1eddd8d91a5cc2e3be5ea8cf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 78412e75f8872c43-FRA
x-amz-id-2: Qpk9CQ8oxcIcfXwy08r61lUJ78YtPNi+UCkJ19329xIl6/NMEz8vD2KJPFQGqS72r25VD4/8gr8=

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
2 KB 57ms
6ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:00 GMT
via: 1.1 google
age: 24
x-guploader-uploadid: ADPycdsTvltH9F_i38s5U_vcHV2cvOe5sqJ4lLobn42nY52ZL5ql8DICt7pPyKBJlX47UFCqqNZYhUgevmbPzkdItfZjCTnfXJDo
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1258
last-modified: Fri, 29 Jul 2022 16:55:09 GMT
server: UploadServer
etag: "f5bc066f146e3dbb049aa6c86c7012e6"
x-goog-generation: 1659113709880056
x-goog-hash: crc32c=6QojvA==, md5=9bwGbxRuPbsEmqbIbHAS5g==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1258
accept-ranges: bytes
expires: Wed, 04 Jan 2023 05:20:00 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 32 KB
10 KB 36ms
6ms Script
text/javascript 18.66.97.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-109.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 66a8dfcc4572e000bf5b4351bae2a763b3357a65ed373ff27a7e7b38ec9486ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 06:30:01 GMT
content-encoding: gzip
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
last-modified: Mon, 21 Nov 2022 18:55:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 78624
x-amz-server-side-encryption: AES256
etag: W/"2c5f4a319c3d99310927955777b5abe3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: BiMpqbBtI01tMIXPg56lJ2YV3x0Xi05ya5yGPrjpIpsqx0PoVwguoA==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 116ms
6ms Script
text/javascript 2600:9000:2057:9e00:a:e047:752:5701
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9e00:a:e047:752:5701 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 04 Jan 2023 00:57:35 GMT
Via: 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
Last-Modified: Thu, 22 Dec 2022 00:57:19 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA6-C1
Age: 12169
ETag: "aded621b17723f487b3c9d0e43cf2f94"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1859
X-Amz-Cf-Id: qwTQhgeiEPLqAb9Rxa5jFKjn3kNeSSr0y6TCE4amOjQBUfjuTuLAYw==

GET
H3 200 container.html Show response
2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 133E 6 KB
3 KB 61ms
20ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxids.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 04:20:23 GMT
expires: Thu, 04 Jan 2024 04:20:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 greenoaks.gif
bloxids.com/detroitchicago/ 0
534 B 16ms
16ms Ping
text/plain 2606:4700:3031::ac43:c0cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI0ZjA5YTg3Yi01MzcyLTQ4MzgtNzBlZS0wNmNmY2E0M2Y0Y2UiLCJkb21haW5faWQiOiIyMzcwNjEiLCJ0X2Vwb2NoIjoxNjcyODA2MDIyLCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfbG9hZCIsInZhbCI6IjE3ODYifV19XQ==
Requested by: Host: bloxids.com
URL: https://bloxids.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-22y13-4y17-5y1c-y22-3y23-4y24-6y30-4y59-2y5d-22y64-1&cmbcb=118&sj=x04x02x06x07x0bx0dx13x17x1cx22x23x24x30x59x5dx64&abt=CharityRetry
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c0cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KELW%2B0GiIwHllGb1YDQ62u0U%2F%2Bcr249qtO%2BMlh1bxGAUHil%2FSCh3PXv23zVaEx5cRvv88moZyh8bf%2B%2FDgOhhlXrwnl6GRrNES5lrYOwaTovijy42POSdsaOaaEoJDqeHAsmF1hK6E%2FKirA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://bloxids.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 78412e75dfe19a15-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 03 Jan 2023 04:20:24 GMT

GET
H3 204 army.gif Show response
bloxids.com/porpoiseant/ 0
520 B 26ms
26ms XHR
text/plain 2606:4700:3031::ac43:c0cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTUyNDgzNzE2MTkwMDIwMSIsImRvbWFpbl9pZCI6IjIzNzA2MSIsInVuaXQiOiJibG94aWRzX2NvbS1waXhlbDEiLCJ0X2Vwb2NoIjoxNjcyODA2MDIyLCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI0ZjA5YTg3Yi01MzcyLTQ4MzgtNzBlZS0wNmNmY2E0M2Y0Y2UiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE1MjQ4MzcxNjE5MDAyMDEiLCJkb21haW5faWQiOiIyMzcwNjEiLCJ1bml0IjoiYmxveGlkc19jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY3MjgwNjAyMiwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNGYwOWE4N2ItNTM3Mi00ODM4LTcwZWUtMDZjZmNhNDNmNGNlIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6ImIzNTVlOTIyN2I1NTFjMTE5YTMwYTY4ODUyNzIzYjYyIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxNTI0ODM3MTYxOTAwMjAxIiwiZG9tYWluX2lkIjoiMjM3MDYxIiwidW5pdCI6ImJsb3hpZHNfY29tLXBpeGVsMSIsInRfZXBvY2giOjE2NzI4MDYwMjIsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDksImFkX3Bvc2l0aW9uIjo5OTk5LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDA5LCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNGYwOWE4N2ItNTM3Mi00ODM4LTcwZWUtMDZjZmNhNDNmNGNlIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImxvYWRlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE1MjQ4MzcxNjE5MDAyMDEiLCJkb21haW5faWQiOiIyMzcwNjEiLCJ1bml0IjoiYmxveGlkc19jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY3MjgwNjAyMiwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNGYwOWE4N2ItNTM3Mi00ODM4LTcwZWUtMDZjZmNhNDNmNGNlIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzEwMDQzNTUzIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxNTI0ODM3MTYxOTAwMjAxIiwiZG9tYWluX2lkIjoiMjM3MDYxIiwidW5pdCI6ImJsb3hpZHNfY29tLXBpeGVsMSIsInRfZXBvY2giOjE2NzI4MDYwMjIsImFkX3Bvc2l0aW9uIjo5OTk5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjRmMDlhODdiLTUzNzItNDgzOC03MGVlLTA2Y2ZjYTQzZjRjZSIsImNvbXBfaWQiOm51bGwsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjI4Njg3Mjc0In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: bloxids.com
URL: https://bloxids.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-22y13-4y17-5y1c-y22-3y23-4y24-6y30-4y59-2y5d-22y64-1&cmbcb=118&sj=x04x02x06x07x0bx0dx13x17x1cx22x23x24x30x59x5dx64&abt=CharityRetry
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c0cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:24 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ikQQMSvKi0VAR2Ww%2BQ%2FlkCQO2XUmhsxA%2Bz7zTjbmjzOSwuoX0p2NuxT3zx6Zz5bJL%2Fjol0tsxs1sVHHcRc0v3%2BmL%2Fe%2B38i5udOyty5SbguibKNhNVNJA%2FXquBIeZaDJm%2F3YAPCKTFAahNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 78412e75efe59a15-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 03 Jan 2023 04:20:24 GMT

POST
H3 204 army.gif
bloxids.com/porpoiseant/ 0
533 B 18ms
18ms Ping
text/plain 2606:4700:3031::ac43:c0cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTUyNDgzNzE2MTkwMDIwMSIsImRvbWFpbl9pZCI6IjIzNzA2MSIsInVuaXQiOiJibG94aWRzX2NvbS1waXhlbDEiLCJ0X2Vwb2NoIjoxNjcyODA2MDIyLCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI0ZjA5YTg3Yi01MzcyLTQ4MzgtNzBlZS0wNmNmY2E0M2Y0Y2UiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMy0wMS0wNCJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjQifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiMyJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: bloxids.com
URL: https://bloxids.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-22y13-4y17-5y1c-y22-3y23-4y24-6y30-4y59-2y5d-22y64-1&cmbcb=118&sj=x04x02x06x07x0bx0dx13x17x1cx22x23x24x30x59x5dx64&abt=CharityRetry
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c0cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NxhDRFoKdGJVDw%2BN6xT1W5CFbefA3HoDnOlOhCXYTpRd%2Bm7Tls219SDC8eNuAuxPdh9%2B%2FwcZzR82dmQDOFTNJ1Zz%2BTQd0AmA%2F4d1Gy283sssbkMDMq07Lg2YM9mH1nqzrEXWzewRer8BEw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://bloxids.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 78412e75efe69a15-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 03 Jan 2023 04:20:24 GMT

GET
H3 204 army.gif Show response
bloxids.com/porpoiseant/ 0
512 B 29ms
28ms XHR
text/plain 2606:4700:3031::ac43:c0cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTUyNDgzNzE2MTkwMDIwMSIsImRvbWFpbl9pZCI6IjIzNzA2MSIsInVuaXQiOiJibG94aWRzX2NvbS1waXhlbDEiLCJ0X2Vwb2NoIjoxNjcyODA2MDIyLCJhdWN0aW9uX2Vwb2NoIjoxNjcyODA2MDI1LCJhZF9wb3NpdGlvbiI6OTk5OSwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjRmMDlhODdiLTUzNzItNDgzOC03MGVlLTA2Y2ZjYTQzZjRjZSIsImJpZF9mbG9vcl9pbml0aWFsIjo5MCwiYmlkX2Zsb29yX3ByZXYiOm51bGwsImJpZF9mbG9vcl9maWxsZWQiOjkwLCJhdWN0aW9uX2NvdW50IjoxLCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo2NDQsIm11bHRpX2FkX3VuaXQiOm51bGwsIm11bHRpX2FkX2NvdW50IjpudWxsLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ==
Requested by: Host: bloxids.com
URL: https://bloxids.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-22y13-4y17-5y1c-y22-3y23-4y24-6y30-4y59-2y5d-22y64-1&cmbcb=118&sj=x04x02x06x07x0bx0dx13x17x1cx22x23x24x30x59x5dx64&abt=CharityRetry
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c0cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:24 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rVIivoa93ZaGts2w4hdl86Y2mPM3tTx3%2ByZsbsA436Hkrz%2B2DgLyzUB9HhMeO05co2PkLf%2Bz4JN5USUpMDhrpGAB%2BOBMhvVtP212XGdD6SFuCkoVv3NbVKm3W9tQQYCS8XeJRfYp2pJhFA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 78412e75efe99a15-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 03 Jan 2023 04:20:28 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
331 B 105ms
31ms XHR
application/json 34.246.104.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.104.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-104-18.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 527c63001d042f1c3538ad2bdf503bcfa1e9eacc2c37fe4a22c1efb0abf948b4

Request headers

Referer: https://bloxids.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 04:20:24 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://bloxids.com
cache-control: no-cache
x-server: 10.45.9.147
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
320 B 38ms
7ms XHR
text/plain 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://bloxids.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bloxids.com
date: Wed, 04 Jan 2023 04:20:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H3

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fbloxids.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fbloxids.com%2F&rid=esp&cc=1

85 B
103 B

126ms
118ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fbloxids.com%2F&rid=esp&cc=1
Protocol: H3
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: bdcfb8f68bb4058b14445ee1f6f16ac3e9742c01c869b9daf109450b094fa315

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:24 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-k4NI8o5E4hlidq22y0yi9NSUiwE"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bloxids.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Wed, 04 Jan 2023 04:20:24 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://bloxids.com
location: /esp?url=https%3A%2F%2Fbloxids.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 200 encrypt Show response
esp.rtbhouse.com/ 221 B
238 B 34ms
21ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: a35bdec76fe583697c1e73f5d5eab05ae29b3ad332b6a79fbb22d482e33ae81a

Request headers

Referer: https://bloxids.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 04 Jan 2023 04:20:24 GMT
via: 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 121abc6776db490c789829b19d960d50
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 69ms
22ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bloxids.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://bloxids.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Wed, 04 Jan 2023 04:20:24 GMT
server: Google Frontend
vary: Origin
via: 1.1 google
x-cloud-trace-context: 09b7db199b659e6d5ed0ef950ba295bb

GET
H2 200 css2
fonts.googleapis.com/ Frame 133E 4 KB
1 KB 107ms
43ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com
URL: https://2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 04 Jan 2023 04:20:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 04 Jan 2023 02:55:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 04 Jan 2023 04:20:24 GMT

GET
H2 200 1eaa1e49c6d827e7897bafa951c60a71.js Show response
www.gstatic.com/mysidia/ Frame 9C5F 9 KB
5 KB 82ms
20ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1eaa1e49c6d827e7897bafa951c60a71.js?tag=client_fast_engine_2019

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a983ec1308781984ea4503dd1c4e1317b2b48dcb17dd1a6e68df68560951784b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 01:38:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9713
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4197
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 04 Apr 2023 01:38:31 GMT

GET
H2 200 fe770b57936e5b6653f7939c920f5f10.js Show response
www.gstatic.com/mysidia/ Frame 9C5F 18 KB
8 KB 83ms
21ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fe770b57936e5b6653f7939c920f5f10.js?tag=pingback

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f348bb4ae0699b186e6055db2b1142d872a6a3377a1d1156a3f24451925a6793

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 11:25:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60889
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7594
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 03 Apr 2023 11:25:35 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9C5F 8 KB
968 B 93ms
44ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 04 Jan 2023 04:20:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 04 Jan 2023 03:05:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 04 Jan 2023 04:20:24 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 9C5F 2 KB
765 B 21ms
19ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 21:35:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24280
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Jan 2023 21:35:44 GMT

GET
H2 200 2c96be29c806e6a30d72c34b34031cd2.js Show response
www.gstatic.com/mysidia/ Frame 9C5F 5 KB
2 KB 101ms
40ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2c96be29c806e6a30d72c34b34031cd2.js?tag=analytics_pingback_2019

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

909e4f36928b8676e7947d125e90b8c2baee1afc6c0dead2ddc05a665811470a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 23:11:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2003
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 03 Apr 2023 23:11:31 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 9C5F 23 KB
9 KB 22ms
21ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 21:35:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24281
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Jan 2023 21:35:43 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 9C5F 3 KB
1 KB 23ms
21ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 21:35:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24280
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Jan 2023 21:35:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 9C5F 18 KB
7 KB 23ms
22ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 21:35:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24281
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Jan 2023 21:35:43 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9C5F 0
0 89ms
41ms Image
text/html 2a00:1450:400d:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRL38JKBJJ4jV88_2KaYywD8QHd4I3p1Zt-bm_sBJBROcwezYEbEGDmdA4PVZPZiYBIewwwUda8qNmW9RuikJh1GxNVZQ
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9C5F 153 KB
47 KB 138ms
64ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 04 Jan 2023 04:20:24 GMT

GET
H2 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 9C5F 34 KB
14 KB 84ms
25ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 542680
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 28 Mar 2023 21:35:44 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 133E 19 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com
URL: https://2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 01:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9713
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8084
x-xss-protection: 0
server: cafe
etag: 2222875591315018765
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 01:38:31 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 133E 205 B
518 B 79ms
24ms Image
image/png 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com
URL: https://2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 02:11:03 GMT
x-content-type-options: nosniff
age: 7761
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 04 Jan 2024 02:11:03 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 133E 604 B
695 B 94ms
40ms Image
image/png 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com
URL: https://2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 03:39:43 GMT
x-content-type-options: nosniff
age: 2441
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 04 Jan 2024 03:39:43 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CA96 143 B
476 B 81ms
20ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com
URL: https://2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 03:43:44 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E26B 1 KB
643 B 20ms
19ms Document
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com
URL: https://2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 75141
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Jan 2023 07:28:03 GMT
etag: 48472445140208031
expires: Wed, 04 Jan 2023 07:28:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E26B
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEO8_s_o3fJOsqmvtI13Qg0Y&google_cver=1&google_push=AavPq0P53O-ldawv3TmTRmteaKNF92J1j57Sflbp7xHn1XfVOqavtPKLmOZsUfwPOSQTffqaIxY0QnTPRX58O2sw5lChPOyAaqDc
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5EF34C6D06004E42B5892AA8B60A4330&google_push=AavPq0P53O-ldawv3TmTRmteaKNF92J1j57Sflbp7xHn1XfVOqavtPKLmOZsUfwPOSQTffqaIxY0QnTPRX58O2s...

170 B
232 B

44ms
43ms

Image
image/png

142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5EF34C6D06004E42B5892AA8B60A4330&google_push=AavPq0P53O-ldawv3TmTRmteaKNF92J1j57Sflbp7xHn1XfVOqavtPKLmOZsUfwPOSQTffqaIxY0QnTPRX58O2sw5lChPOyAaqDc

Protocol

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 04:20:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 04 Jan 2023 04:20:24 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5EF34C6D06004E42B5892AA8B60A4330&google_push=AavPq0P53O-ldawv3TmTRmteaKNF92J1j57Sflbp7xHn1XfVOqavtPKLmOZsUfwPOSQTffqaIxY0QnTPRX58O2sw5lChPOyAaqDc
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 03 Jan 2023 04:20:24 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E26B
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJHQJeygTOA2CiMqcHJYbBQ&google_cver=1&google_push=AavPq0OgOBqrLDQTnyZuqSXGCbI9HddtnieLGBPKxTNuHiYf_srfLkONiiQJMlnj120kDHkwYML...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENINUlMTEwtMUUtNFZCUQ==&google_push=AavPq0OgOBqrLDQTnyZuqSXGCbI9HddtnieLGBPKxTNuHiYf_srfLkONiiQJMlnj120kDHkwYMLXdY0j0DHGGawvc75szFnSqBU1

170 B
232 B

44ms
44ms

Image
image/png

142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENINUlMTEwtMUUtNFZCUQ==&google_push=AavPq0OgOBqrLDQTnyZuqSXGCbI9HddtnieLGBPKxTNuHiYf_srfLkONiiQJMlnj120kDHkwYMLXdY0j0DHGGawvc75szFnSqBU1

Protocol

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 04:20:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENINUlMTEwtMUUtNFZCUQ==&google_push=AavPq0OgOBqrLDQTnyZuqSXGCbI9HddtnieLGBPKxTNuHiYf_srfLkONiiQJMlnj120kDHkwYMLXdY0j0DHGGawvc75szFnSqBU1
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame E26B 0
500 B 497ms
106ms Image
text/plain 69.166.1.12
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAavPq0PKaAmhVFVIDRfzJgGoSM_tnST5aJ8poUgy-KBWLKlWGwyIvNmtlo5hf6cIEQsP9ZUYpYfUdY5ZbFvy7nj7zD-Fy9EF0NiX%26google_hm%3D%5BUID%5D&google_gid=CAESECjUaYcm85TAfhrWQmIAfks&google_cver=1

Requested by

Host: 2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com
URL: https://2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 04 Jan 2023 04:20:25 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-102
Content-Type: text/plain; charset=utf8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E26B
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFNLUtO5AMDumtPU8TGyuCI&google_cver=1&google_push=AavPq0M9xQbNJLA8MZu0Fpgry3GZ82XOlgMjuRxVOtsYgHifg6Z9bh27ESQCBw_Vgd92zhLiVWY0JtXhKOHQKGgn...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0M9xQbNJLA8MZu0Fpgry3GZ82XOlgMjuRxVOtsYgHifg6Z9bh27ESQCBw_Vgd92zhLiVWY0JtXhKOHQKGgnz-YUkMYid4Oq

170 B
329 B

42ms
42ms

Image
image/png

142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0M9xQbNJLA8MZu0Fpgry3GZ82XOlgMjuRxVOtsYgHifg6Z9bh27ESQCBw_Vgd92zhLiVWY0JtXhKOHQKGgnz-YUkMYid4Oq

Requested by

Host: 2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com
URL: https://2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 04:20:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 04 Jan 2023 04:20:24 GMT
via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: VIE50-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0M9xQbNJLA8MZu0Fpgry3GZ82XOlgMjuRxVOtsYgHifg6Z9bh27ESQCBw_Vgd92zhLiVWY0JtXhKOHQKGgnz-YUkMYid4Oq
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: g7kE0CDqHePx8PZXOu0oqGliH3cC8sgFbABG77O7UQZX-mV-TnT38A==

GET
H/1.1 200
OK sync
rtb2-useast.e-volution.ai/ Frame E26B 42 B
233 B 318ms
88ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEAoOqsCgFLgI3P1YePl1HM0&google_cver=1&google_push=AavPq0MHnCYewXlTtFgnS5rIMzG9niPkEjimCLtoi8oM75GltoWVBIjAXSZdboRiIi3QZbZx5VOFPtITqa0HWAJn7iYI5a2vLGcs7A
Requested by: Host: 2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com
URL: https://2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 04 Jan 2023 04:20:25 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E26B
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECFpqd7rn2dhlpCoo42f8jg&google_cver=1&google_push=AavPq0NatKQDIVJNAJlCAw3p2D55qg7rO58Ob1KI9c9--7lQWDGLl04cofPq_hj6_WztOl-0AT...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECFpqd7rn2dhlpCoo42f8jg&google_cver=1&google_push=AavPq0NatKQDIVJNAJlCAw3p2D55qg7rO58Ob1KI9c9--7lQWDGLl04cofPq_hj6_WztOl-0AT...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1EN0s1bzZORTJ1SHY4ekdzY1E3N0lSSU1Ua1lqbW5OT35B&google_push=AavPq0NatKQDIVJNAJlCAw3p2D55qg7rO58Ob1KI9c9--7lQWDGLl04co...

170 B
232 B

44ms
44ms

Image
image/png

142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1EN0s1bzZORTJ1SHY4ekdzY1E3N0lSSU1Ua1lqbW5OT35B&google_push=AavPq0NatKQDIVJNAJlCAw3p2D55qg7rO58Ob1KI9c9--7lQWDGLl04cofPq_hj6_WztOl-0ATdXeBmYhIUZ6PgzO4ihvFFWfYl4hg

Protocol

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 04:20:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1EN0s1bzZORTJ1SHY4ekdzY1E3N0lSSU1Ua1lqbW5OT35B&google_push=AavPq0NatKQDIVJNAJlCAw3p2D55qg7rO58Ob1KI9c9--7lQWDGLl04cofPq_hj6_WztOl-0ATdXeBmYhIUZ6PgzO4ihvFFWfYl4hg
date: Wed, 04 Jan 2023 04:20:24 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E26B
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEDGAjiJ8I7UKKJgNyz-0drU&google_cver=1&google_push=AavPq0PhoEBKGCoSIYpoUB4bmPtbsiX3d9eSc1Gcta3UL6sM1Owkf47LN-BEOKu4k7zMkUmE3ZkBJ2swFmaApYgvbICuAPg...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AavPq0PhoEBKGCoSIYpoUB4bmPtbsiX3d9eSc1Gcta3UL6sM1Owkf47LN-BEOKu4k7zMkUmE3ZkBJ2swFmaApYgvbICuAPgDVYYD&google_hm=MzA4Mzc0MTU...

170 B
232 B

44ms
44ms

Image
image/png

142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AavPq0PhoEBKGCoSIYpoUB4bmPtbsiX3d9eSc1Gcta3UL6sM1Owkf47LN-BEOKu4k7zMkUmE3ZkBJ2swFmaApYgvbICuAPgDVYYD&google_hm=MzA4Mzc0MTU5MTI3NTA2MzAxMw==

Protocol

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 04:20:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AavPq0PhoEBKGCoSIYpoUB4bmPtbsiX3d9eSc1Gcta3UL6sM1Owkf47LN-BEOKu4k7zMkUmE3ZkBJ2swFmaApYgvbICuAPgDVYYD&google_hm=MzA4Mzc0MTU5MTI3NTA2MzAxMw==
Date: Wed, 04 Jan 2023 04:20:24 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame E26B 0
232 B 114ms
40ms Image
text/html 142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LNdVACFe7-paUYqf8lrXPuykM1DnRx0Pxg3rOMtXSMadOHr6M1gww3vHMhmMlun8sBAPueXSQI

Requested by

Host: 2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com
URL: https://2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:24 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9C5F 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgocCAEqGGxhcmdlLWJhbm5lci1yZGEtdmFuaWxsYQoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDIKDRArIQAAAAAAAC5AMAQKDRADIQAAAAAAQF1AMAQKDRANIQAAAACgmbk_MAQKCRAeKgMweDAwBAoJEBkqAzB4MDAECg0QKyEAAAAAAAAxQDAECg0QECEAAAAAAAAAADAECg0QESEAAAAAQKDTQDAECg0QEiEAAAAAAAAgQDAECg0QEyEAAAAAAAAQQDAECg0QFyEAAAA0MyNrQDAEEhpDT2lPM1lhSXJmd0NGZVBIdXdnZElvOERwUSIadGV4dC92YW5pbGxhX3RleHRfY2xvc2VfdjIoAw==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fe770b57936e5b6653f7939c920f5f10.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 04:20:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CA96
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

96ms
55ms

Document
text/html

2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com
URL: https://2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 04:20:25 GMT
expires: Wed, 04 Jan 2023 04:20:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 04:20:24 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame 3F15 36 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: 2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com
URL: https://2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:49:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27060
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Jan 2024 20:49:24 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 6AFB 0
176 B 65ms
16ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bloxids.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Wed, 04 Jan 2023 04:20:25 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9C5F 0
20 B 52ms
51ms Ping
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgocCAEqGGxhcmdlLWJhbm5lci1yZGEtdmFuaWxsYQoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDIKDRAUIQAAAADAGNZAMAQKDRAVIQAAAAAAACpAMAQKDRAWIQAAAAAAABhAMAQKDRAYIQAAAAAAwG1AMAQSGkNPaU8zWWFJcmZ3Q0ZlUEh1d2dkSW84RHBRIhp0ZXh0L3ZhbmlsbGFfdGV4dF9jbG9zZV92MigD

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fe770b57936e5b6653f7939c920f5f10.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 04:20:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 85FA 15 KB
6 KB 224ms
14ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=bloxids.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://bloxids.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 04:20:24 GMT
server: Kestrel
server-processing-duration-in-ticks: 848504
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 85FA
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=bloxids.com&sn=ChromeSyncframe&so=0&topUrl=bloxids.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=5x6EvHxRc2hZbnhrdGRWaEJ5WWJocTM2WkNoSWgxMVBZWWdyT2FjT01SbWxSKzF5RXEyNnRoRVFxYnZlYlR1K01ObkMrMnhKN0xRV1FQaXBPaWV1OHc1SGgxcFhESzRabkxtamZVRUtrNnZkQ3N0dGNodjBISmdzOGhIMH...

439 B
676 B

191ms
15ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=5x6EvHxRc2hZbnhrdGRWaEJ5WWJocTM2WkNoSWgxMVBZWWdyT2FjT01SbWxSKzF5RXEyNnRoRVFxYnZlYlR1K01ObkMrMnhKN0xRV1FQaXBPaWV1OHc1SGgxcFhESzRabkxtamZVRUtrNnZkQ3N0dGNodjBISmdzOGhIMHFaeVFLM1NmNXhSV1Z0dE9mR054WkxBc3BpcHhrb0ZJbVc4bHhEMDg4cUpSRnNkdFZ0V2NnallWKyswNEdqTVhaTTVaMnFYSFlncnVFdGFMTjUybkdma0ozL1NENk95YmdZeUprcDlJa0dkdW4vSi9yY2VzakMyMDY1a1plMUloVXY3bW5VNGtXRG9iTWlGM2xYMDh5Wm1lVmNXRjdUQT09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

dfe98b2ebaf9f28661703ad0c0738f784ceaa490df5a8062c97bea227f454392

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 04:20:25 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1277847
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 04 Jan 2023 04:20:24 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=5x6EvHxRc2hZbnhrdGRWaEJ5WWJocTM2WkNoSWgxMVBZWWdyT2FjT01SbWxSKzF5RXEyNnRoRVFxYnZlYlR1K01ObkMrMnhKN0xRV1FQaXBPaWV1OHc1SGgxcFhESzRabkxtamZVRUtrNnZkQ3N0dGNodjBISmdzOGhIMHFaeVFLM1NmNXhSV1Z0dE9mR054WkxBc3BpcHhrb0ZJbVc4bHhEMDg4cUpSRnNkdFZ0V2NnallWKyswNEdqTVhaTTVaMnFYSFlncnVFdGFMTjUybkdma0ozL1NENk95YmdZeUprcDlJa0dkdW4vSi9yY2VzakMyMDY1a1plMUloVXY3bW5VNGtXRG9iTWlGM2xYMDh5Wm1lVmNXRjdUQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 518733
content-length: 0
expires: 0

GET
H2 200 si
capi.connatix.com/tr/ 0
116 B 187ms
122ms Image
application/json 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/tr/si?token=dceed97a-951e-4c47-b565-c2794ffae817&cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:26 GMT
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 0
access-control-max-age: 86400
content-type: application/json

GET
H2

200

connatix.player.dc.js Show response
cds.connatix.com/p/209100/ Frame C520
Redirect Chain

https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
https://cds.connatix.com/p/209100/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882

962 KB
220 KB

43ms
8ms

Script
application/javascript

151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/209100/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol: H2
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 812cb9e6c1bd25ba64b535fa1e85a0f8ef04afc52f60fda2b5095605da3887fc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:26 GMT
content-encoding: br
last-modified: Tue, 20 Dec 2022 03:08:37 GMT
age: 1282858
etag: "6f70b61e282a2ed696a5d41148480a89"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 224665

Redirect headers

location: https://cds.connatix.com/p/209100/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
date: Wed, 04 Jan 2023 04:20:26 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
accept-ranges: bytes
content-length: 0
access-control-max-age: 86400

POST
H3 204 army.gif
bloxids.com/porpoiseant/ 0
527 B 16ms
15ms Ping
text/plain 2606:4700:3031::ac43:c0cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTUyNDgzNzE2MTkwMDIwMSIsImRvbWFpbl9pZCI6IjIzNzA2MSIsInVuaXQiOiJibG94aWRzX2NvbS1waXhlbDEiLCJ0X2Vwb2NoIjoxNjcyODA2MDIyLCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI0ZjA5YTg3Yi01MzcyLTQ4MzgtNzBlZS0wNmNmY2E0M2Y0Y2UiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMTYwMCwxMjAwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTUyNDgzNzE2MTkwMDIwMSIsImRvbWFpbl9pZCI6IjIzNzA2MSIsInVuaXQiOiJibG94aWRzX2NvbS1waXhlbDEiLCJ0X2Vwb2NoIjoxNjcyODA2MDIyLCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI0ZjA5YTg3Yi01MzcyLTQ4MzgtNzBlZS0wNmNmY2E0M2Y0Y2UiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE1MjQ4MzcxNjE5MDAyMDEiLCJkb21haW5faWQiOiIyMzcwNjEiLCJ1bml0IjoiYmxveGlkc19jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY3MjgwNjAyMiwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNGYwOWE4N2ItNTM3Mi00ODM4LTcwZWUtMDZjZmNhNDNmNGNlIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiJ1bmRlZmluZWQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: bloxids.com
URL: https://bloxids.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-22y13-4y17-5y1c-y22-3y23-4y24-6y30-4y59-2y5d-22y64-1&cmbcb=118&sj=x04x02x06x07x0bx0dx13x17x1cx22x23x24x30x59x5dx64&abt=CharityRetry
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c0cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WR3RggLLvTlGpJ3nHHokuCVI9qKr8EIjG0AFzI2IBw3ltMWlJwWQ6oZ%2Ff306l5oQ9Yti8C6aPoZVLRta9r97%2F68QL6llQplJOHJ5OHWBBgJF2iLF2OvAwEs4oCfq2Jcecm4TnRrxTyfBvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://bloxids.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 78412e7f3f4a9a15-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 03 Jan 2023 04:20:24 GMT

GET
H2 200 hls.ab55e91cf2e7990a858b.js
cds.connatix.com/p/209100/ Frame C520 0
47 KB 6ms
6ms Other
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/209100/hls.ab55e91cf2e7990a858b.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:26 GMT
content-encoding: br
last-modified: Tue, 20 Dec 2022 03:08:38 GMT
age: 1284691
etag: "80a1209c74d835b17e7188a29e1b4e3c"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 48354

GET
H2 200 player.css
cds.connatix.com/p/209100/ 60 KB
9 KB 7ms
7ms Stylesheet
text/css 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/209100/player.css
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4519788b9b8958b383f07b97731cea368650e671137c3466fc6a4d2e7856145e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:26 GMT
content-encoding: br
last-modified: Tue, 20 Dec 2022 03:08:38 GMT
age: 1282857
etag: "fcaf2adfdb23bf2a38b7974460b8b31a"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/css
access-control-allow-origin: *
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 9319

POST
H2 200 pls Show response
capi.connatix.com/core/ Frame C520 5 KB
3 KB 140ms
140ms XHR
application/x-protobuf 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/pls?v=209100&cid=5f049401-746e-4449-8c27-b6b9d8e25882
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 511afe9f690eff582af19712b5051d62ab915683877c6a5be0118da346889821

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Wed, 04 Jan 2023 04:20:26 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/x-protobuf
access-control-allow-origin: https://bloxids.com
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 3450

GET
H2 200 insights.bin Show response
ins.connatix.com/ae0e3a4eface04086f1a91f82de55641/ Frame C520 72 B
318 B 67ms
11ms XHR
application/octet-stream 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/ae0e3a4eface04086f1a91f82de55641/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6082903b50bd94f4a21033cde33cbc453acde0d12a2b0b8b6716d65ef343446a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:26 GMT
content-encoding: gzip
last-modified: Tue, 04 Oct 2022 06:47:38 GMT
age: 2916152
etag: "192710ab76a5f86289f884427e588f41"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 81

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 43ms
42ms Script
application/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bloxids.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 44ms
43ms Script
application/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bloxids.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 951 B
445 B 374ms
374ms XHR
text/plain 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1750627456385336&correlator=4398900681918621&eid=31071144%2C44780792%2C31061690&output=ldjh&gdfp_req=1&vrg=2022120701&ptt=17&impl=fifs&iu_parts=1254144%3A21793048808%2Cbloxids_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ifi=5&adks=2972980631&didk=2259044073&sfv=1-0-40&ris=3&rcs=1&prev_scp=a%3D%257C0%257C%26iid1%3D1876608655911883%26eid%3D1876608655911883%26t%3D134%26d%3D237061%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod110%26ic%3D2%26at%3Dmbf%26adr%3D398%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dbloxids_com-medrectangle-2-1876608655911883%26eb_br%3Db355e9227b551c119a30a68852723b62%26eba%3D1%26ebss%3D10061%2C10015%2C10063%2C11307%26bv%3D23%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D90%26br2%3D90%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D77%2C14%2C0%2C67%2C0%2C168%2C132%2C0%2C33%2C180%2C187%2C0%2C901%2C182%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C3676%2C2030%2C2030%2C774%2C17%2C19%2C2351%2C2610%2C2688%2C3044%26lb%3D180%26reqt%3D1672806026558&eri=1&sc=1&cookie=ID%3D17dd01769c6a386f%3AT%3D1672806023%3AS%3DALNI_MZR1sJMKHVa9tOKniImExepZcDTEQ&gpic=UID%3D00000b9d0fc641be%3AT%3D1672806023%3ART%3D1672806023%3AS%3DALNI_MZYWevzuZgiC80YmkzgJcOIUiDCsA&abxe=1&dt=1672806026566&lmt=1672806026&dlt=1672806022811&idt=357&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbloxids.com%2F&frm=20&vis=1&psz=970x-1&msz=970x-1&fws=512&ohw=0&psts=ACgb8tuRJQV3aL0wM5iAvTk_u1w1%2CACgb8tuRJQV3aL0wM5iAvTk_u1w1&ga_vid=1508865728.1672806023&ga_sid=1672806023&ga_hid=1396471619&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYl4uJ2NcwSABSAghkEhkKCnB1YmNpZC5vcmcYsIuJ2NcwSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGJeLidjXMEgAUgIIZBLCAQoIcnRiaG91c2USrAF1UmlCMHE0YkhKZHJ0VHg1ZlE1VTY4aVRsQUE4SitzSy9QTm9hQ3A4SVkxVzEzZVA0dUcxSUFCbGlNNGxNVW43aTI3YkxWY2NtbTNPaHVUYkRaL0pQa3V3UysyQzdQWkEyalRZYjUzejZqdUsxblJtdlNzOEtiR0hrMkw1MHVTZUpvZ0tCRTBZMEdjR0RLWE8rMnF0eUtVaFJEMk9GbUdqUHRncWxRNnBaU2s9GMKMidjXMEgAEj4KBW9wZW54EixleUpwSWpvaWMyRllTVGswTlhwVE0wdExZbVpvZEhkVGJGVjJVVDA5SW4wPRiijonY1zBIABIZCgp1aWRhcGkuY29tGJeLidjXMEgAUgIIZBIbCgxpZDUtc3luYy5jb20YgYyJ2NcwSABSAghq

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9befd5118fe02a0b293e2b8c417708a18e456fd79a304a42b6ae058b69462536

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 416
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bloxids.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 942 B
439 B 379ms
378ms XHR
text/plain 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1750627456385336&correlator=1267038400630356&eid=31071144%2C44780792%2C31061690&output=ldjh&gdfp_req=1&vrg=2022120701&ptt=17&impl=fifs&iu_parts=1254144%3A21793048808%2Cbloxids_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=6&adks=2284878681&didk=205975327&sfv=1-0-40&ris=3&rcs=1&prev_scp=a%3D%257C0%257C%26iid1%3D2915035477869239%26eid%3D2915035477869239%26t%3D134%26d%3D237061%26t1%3D134%26pvc%3D0%26ap%3D1001%26sap%3D1220%26as%3Drevenue%26plat%3D1%26bra%3Dmod110%26ic%3D2%26at%3Dmbf%26adr%3D398%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dbloxids_com-box-2-2915035477869239%26eb_br%3Dc352ba581bd3ffd8cea608cf2d55f519%26eba%3D1%26ebss%3D10061%2C10015%2C10063%2C11307%26bv%3D23%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26acptad%3D1%26br1%3D60%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C0%2C4%2C0%2C193%2C196%2C20%2C71%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C3676%2C2030%2C2030%2C774%2C19%2C2688%2C3045%2C4276%26lb%3D120%26reqt%3D1672806026553&eri=1&sc=1&cookie=ID%3D17dd01769c6a386f%3AT%3D1672806023%3AS%3DALNI_MZR1sJMKHVa9tOKniImExepZcDTEQ&gpic=UID%3D00000b9d0fc641be%3AT%3D1672806023%3ART%3D1672806023%3AS%3DALNI_MZYWevzuZgiC80YmkzgJcOIUiDCsA&abxe=1&dt=1672806026577&lmt=1672806026&dlt=1672806022811&idt=357&adxs=436&adys=80&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbloxids.com%2F&frm=20&vis=1&psz=1600x90&msz=728x90&fws=0&ohw=0&psts=ACgb8tuRJQV3aL0wM5iAvTk_u1w1%2CACgb8tuRJQV3aL0wM5iAvTk_u1w1&ga_vid=1508865728.1672806023&ga_sid=1672806023&ga_hid=1396471619&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYl4uJ2NcwSABSAghkEhkKCnB1YmNpZC5vcmcYsIuJ2NcwSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGJeLidjXMEgAUgIIZBLCAQoIcnRiaG91c2USrAF1UmlCMHE0YkhKZHJ0VHg1ZlE1VTY4aVRsQUE4SitzSy9QTm9hQ3A4SVkxVzEzZVA0dUcxSUFCbGlNNGxNVW43aTI3YkxWY2NtbTNPaHVUYkRaL0pQa3V3UysyQzdQWkEyalRZYjUzejZqdUsxblJtdlNzOEtiR0hrMkw1MHVTZUpvZ0tCRTBZMEdjR0RLWE8rMnF0eUtVaFJEMk9GbUdqUHRncWxRNnBaU2s9GMKMidjXMEgAEj4KBW9wZW54EixleUpwSWpvaWMyRllTVGswTlhwVE0wdExZbVpvZEhkVGJGVjJVVDA5SW4wPRiijonY1zBIABIZCgp1aWRhcGkuY29tGJeLidjXMEgAUgIIZBIbCgxpZDUtc3luYy5jb20YgYyJ2NcwSABSAghq

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8b953109cfc13903e4be6ab7446dc2a4b15961eeefe88a983b013938db2b0ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 410
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bloxids.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 951 B
447 B 414ms
413ms XHR
text/plain 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1750627456385336&correlator=1376285275150089&eid=31071144%2C44780792%2C31061690&output=ldjh&gdfp_req=1&vrg=2022120701&ptt=17&impl=fifs&iu_parts=1254144%3A21793048808%2Cbloxids_com-medrectangle-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ifi=7&adks=4225020721&didk=2259057186&sfv=1-0-40&ris=3&rcs=1&prev_scp=a%3D%257C0%257C%26iid1%3D2735503895858561%26eid%3D2735503895858561%26t%3D134%26d%3D237061%26t1%3D134%26pvc%3D0%26ap%3D1104%26sap%3D1104%26as%3Drevenue%26plat%3D1%26bra%3Dmod110%26ic%3D2%26at%3Dmbf%26adr%3D398%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D21%26al%3D1021%26compid%3D0%26tap%3Dbloxids_com-medrectangle-3-2735503895858561%26eb_br%3Ddfa60cee6e1053fc0c9e607c8047bd28%26eba%3D1%26ebss%3D10061%2C10015%2C10063%2C11307%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D80%26br2%3D80%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C193%2C0%2C4%2C0%2C193%2C132%2C20%2C71%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C3676%2C2030%2C2030%2C774%2C17%2C19%2C2351%2C2610%2C2688%26lb%3D160%26reqt%3D1672806026546&eri=1&sc=1&cookie=ID%3D17dd01769c6a386f%3AT%3D1672806023%3AS%3DALNI_MZR1sJMKHVa9tOKniImExepZcDTEQ&gpic=UID%3D00000b9d0fc641be%3AT%3D1672806023%3ART%3D1672806023%3AS%3DALNI_MZYWevzuZgiC80YmkzgJcOIUiDCsA&abxe=1&dt=1672806026586&lmt=1672806026&dlt=1672806022811&idt=357&adxs=315&adys=1135&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbloxids.com%2F&frm=20&vis=1&psz=1110x90&msz=970x90&fws=0&ohw=0&psts=ACgb8tuRJQV3aL0wM5iAvTk_u1w1%2CACgb8tuRJQV3aL0wM5iAvTk_u1w1&ga_vid=1508865728.1672806023&ga_sid=1672806023&ga_hid=1396471619&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYl4uJ2NcwSABSAghkEhkKCnB1YmNpZC5vcmcYsIuJ2NcwSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGJeLidjXMEgAUgIIZBLCAQoIcnRiaG91c2USrAF1UmlCMHE0YkhKZHJ0VHg1ZlE1VTY4aVRsQUE4SitzSy9QTm9hQ3A4SVkxVzEzZVA0dUcxSUFCbGlNNGxNVW43aTI3YkxWY2NtbTNPaHVUYkRaL0pQa3V3UysyQzdQWkEyalRZYjUzejZqdUsxblJtdlNzOEtiR0hrMkw1MHVTZUpvZ0tCRTBZMEdjR0RLWE8rMnF0eUtVaFJEMk9GbUdqUHRncWxRNnBaU2s9GMKMidjXMEgAEj4KBW9wZW54EixleUpwSWpvaWMyRllTVGswTlhwVE0wdExZbVpvZEhkVGJGVjJVVDA5SW4wPRiijonY1zBIABIZCgp1aWRhcGkuY29tGJeLidjXMEgAUgIIZBIbCgxpZDUtc3luYy5jb20YgYyJ2NcwSABSAghq

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3d14e82611de465b119eccba0f96084ad7f9895fcb5b0bf695e69865adc6593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 418
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bloxids.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST sr
capi-tier-1-us-east-2.connatix.com/tr/ Frame C520 0
0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
27 KB 73ms
73ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f16161425a7c0cddee3c31bbab529de04b2062e4352b3e15d06953bdf2085dac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 04:20:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27592
x-xss-protection: 0
server: sffe
etag: "1441 / 245 of 1000 / last-modified: 1672787160"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 04 Jan 2023 04:20:26 GMT

GET ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame C520 0
0

POST g
capi-tier-1-us-east-2.connatix.com/rtb/ Frame C520 0
0

GET elements.ui.dfd4abd09357a3abb51a.js
cds.connatix.com/p/209100/ Frame C520 0
0

POST iev
csm.nl.eu.criteo.net/ Frame 85FA 0
0

GET
H2 200 prebid7.17.0-5.js Show response
cds.connatix.com/p/plugins/ 582 KB
142 KB 6ms
6ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/plugins/prebid7.17.0-5.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 030eb475ef7c0c106d7209a34c0bd8bbd170afaeff8869cdf8643502630e74de

Request headers

Referer: https://bloxids.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 04 Jan 2023 04:20:26 GMT
content-encoding: br
last-modified: Mon, 12 Dec 2022 10:35:23 GMT
age: 1964688
etag: "ba7c8774b5c6bb74c89d4fb6bfc11465"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 145615

POST
H2 200 cookie_sync Show response
pb-server.ezoic.com/ 591 B
809 B 57ms
7ms XHR
application/json 52.59.101.136

General

Check archive.org

Show headers Download Go to

Full URL: https://pb-server.ezoic.com/cookie_sync
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,criteo,emx_digital,medianet,onetag,pubmatic,yieldmo&cb=195-0-50
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.101.136 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53a5d53b26dbf96109c90bc24409577e10d115a049ce65513fdd1761a67d06bb

Request headers

Referer: https://bloxids.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 04:20:27 GMT
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bloxids.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 591
expires: 0

POST auction
pb-server.ezoic.com/openrtb2/ 0
0

POST cdb
bidder.criteo.com/ 0
0

POST translator
hbopenbid.pubmatic.com/ 0
0

POST
H2 200 / Show response
hb.emxdgt.com/ 7 KB
7 KB 59ms
31ms XHR
application/json 18.158.141.17

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=3000&ts=1672806027876&src=pbjs
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,criteo,emx_digital,medianet,onetag,pubmatic,yieldmo&cb=195-0-50
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.141.17 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0148ba32d9b7ace832c19dd8669dc98d1347d99e5cf07ccb744cd1b6b6d74bab

Request headers

Referer: https://bloxids.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bloxids.com
date: Wed, 04 Jan 2023 04:20:27 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type
content-length: 7143
content-type: application/json

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
359 B 37ms
9ms XHR
application/json 51.38.120.206

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,criteo,emx_digital,medianet,onetag,pubmatic,yieldmo&cb=195-0-50

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 -, , ASN (),

Reverse DNS

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bloxids.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://bloxids.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST prebid
ib.adnxs.com/ut/v3/ 0
0

GET prebid
ads.yieldmo.com/exchange/ 0
0

GET

setuid
pb-server.ezoic.com/
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=&cb=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D
https://pb-server.ezoic.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=ddf5a88e-47b2-417f-96af-97015576c8b4&gdpr=&gdpr_consent=&us_privacy=

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: capi-tier-1-us-east-2.connatix.com
URL: https://capi-tier-1-us-east-2.connatix.com/tr/sr?v=209100&cid=5f049401-746e-4449-8c27-b6b9d8e25882

Domain: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Domain: capi-tier-1-us-east-2.connatix.com
URL: https://capi-tier-1-us-east-2.connatix.com/rtb/g?v=209100&cid=5f049401-746e-4449-8c27-b6b9d8e25882

Domain: cds.connatix.com
URL: https://cds.connatix.com/p/209100/elements.ui.dfd4abd09357a3abb51a.js

Domain: csm.nl.eu.criteo.net
URL: https://csm.nl.eu.criteo.net/iev?entry=c~Gum.ChromeSyncframe.CookieRead.uid~1&entry=c~Gum.ChromeSyncframe.SidReadSuccess~1&entry=h~Gum.ChromeSyncframe.SidReadSuccessDuration~207

Domain: pb-server.ezoic.com
URL: https://pb-server.ezoic.com/openrtb2/auction

Domain: bidder.criteo.com
URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.17.0&cb=26663166463&lsavail=1&bundle=HOHO5l8zWTI4ak1BNk1OTFcxYWZmalRkUU44NkplVzJhUnclMkJGQmdNWnFjZUJHY1g4c0Z5RjBKUyUyRjBqVmkzYkhsS3pjVllKRXVicWdmd0VMb1BiTHAxYUNJJTJCV2VqckFFdiUyQlklMkZrbVRsWjkyb21WdnpDeTdZJTJCSDZyNmFzSWNjSW9YWFJiZCUyQm9HeTI5UTAyVEN4ZXFJMUUwNzYyZyUzRCUzRA

Domain: hbopenbid.pubmatic.com
URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/ut/v3/prebid

Domain: ads.yieldmo.com
URL: https://ads.yieldmo.com/exchange/prebid?pbav=7.17.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-bloxids_com-medrectangle-3-0%22%2C%22callback_id%22%3A%2237bab5404429ad1%22%2C%22sizes%22%3A%5B%5B970%2C90%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%2C%22tid%22%3A%22f6b4ce74-8e9c-4532-81a9-aba2e697a8e5%22%2C%22auctionId%22%3A%22c6b49d3f-de24-431e-aced-3c7f72ea9322%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-bloxids_com-medrectangle-1-0%22%2C%22callback_id%22%3A%22380502c0b3291b5%22%2C%22sizes%22%3A%5B%5B250%2C250%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%2C%22tid%22%3A%222ab47473-8685-44f7-94e1-731a53b44e8c%22%2C%22auctionId%22%3A%22c6b49d3f-de24-431e-aced-3c7f72ea9322%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-bloxids_com-box-2-0%22%2C%22callback_id%22%3A%223907471771e190b%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%2C%22tid%22%3A%220802911b-b7f1-4c63-93fd-49afe2ca6b32%22%2C%22auctionId%22%3A%22c6b49d3f-de24-431e-aced-3c7f72ea9322%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-bloxids_com-medrectangle-2-0%22%2C%22callback_id%22%3A%2240c0de898536bec%22%2C%22sizes%22%3A%5B%5B970%2C90%5D%2C%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%2C%22tid%22%3A%22c4442f6e-5296-48d2-84ba-e0f803be44ad%22%2C%22auctionId%22%3A%22c6b49d3f-de24-431e-aced-3c7f72ea9322%22%7D%5D&page_url=https%3A%2F%2Fbloxids.com%2F&bust=1672806027880&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=&w=1600&h=1200&pubcid=5049d81a-bd1c-4663-82de-6f7aa63bb84b&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22ezoic.ai%22%2C%22sid%22%3A%224ff1c1d97486bac3b807c0cbb553dc1b%22%2C%22domain%22%3A%22bloxids.com%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22quantcast.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22P0-1787463384-1672806023092%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%225049d81a-bd1c-4663-82de-6f7aa63bb84b%22%2C%22atype%22%3A1%7D%5D%7D%5D

Domain: pb-server.ezoic.com
URL: https://pb-server.ezoic.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=ddf5a88e-47b2-417f-96af-97015576c8b4&gdpr=&gdpr_consent=&us_privacy=

Verdicts & Comments Add Verdict or Comment

316 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bloxids.com/	1970-01-20 08:40:13	Name: october_session Value: eyJpdiI6IlJUd1wvQ2pQNUtXR2EwbHB1MG9MaGZ3PT0iLCJ2YWx1ZSI6InpHajFLYlErT2tSbTJ6Zm9vb3NPOXJLekNvVEZHc1dvelwvSkp5cFJSTkVwQVYyZ1k0MjkxaW1UNytNQ1hXRnB0bm9JVUlaOGVnY3V2Z0htQld0alIzc21TbmZNaDlUaEZ4MTU2RUQrWEMzekVYYkZnVXFOb056Tk56RVJjeXJQdSIsIm1hYyI6Ijc0MmMwOTgzNWU5ZjVkNjc0MWIwODE4MmQ3Y2EzZjA3ZjVmYTE3ODMzMDA0NDMwY2YyNzc2YWE4YTFmYjhjMTUifQ%3D%3D
.bloxids.com/	1970-01-20 08:40:07	Name: ezoadgid_237061 Value: -2
.bloxids.com/	1970-01-20 08:40:13	Name: ezoref_237061 Value:
.bloxids.com/	1970-01-20 17:25:42	Name: ezosuibasgeneris-1 Value: 4dd51d37-1a35-4f5b-79c5-07ad4221f98e
.bloxids.com/	1970-01-20 08:40:13	Name: ezoab_237061 Value: mod110
.bloxids.com/	1970-01-20 08:42:58	Name: active_template::237061 Value: pub_site.1672806022
.bloxids.com/	1970-01-20 08:40:07	Name: ezopvc_237061 Value: 1
.bloxids.com/	1970-01-20 08:41:32	Name: ezepvv Value: 0
.bloxids.com/	1970-01-20 08:40:07	Name: ezovid_237061 Value: 1633109941
.bloxids.com/	1970-01-20 08:40:07	Name: lp_237061 Value: https://bloxids.com/
.bloxids.com/	1970-01-20 08:42:58	Name: ezovuuidtime_237061 Value: 1672806022
.bloxids.com/	1970-01-20 08:40:07	Name: ezovuuid_237061 Value: 7dd03045-3ca5-4e51-7e2e-d9301876c9a9
bloxids.com/	1970-01-20 18:16:06	Name: ezds Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
bloxids.com/	1970-01-20 18:16:06	Name: ezohw Value: w%3D1600%2Ch%3D1200
.bloxids.com/	1970-01-20 18:16:06	Name: _ga_DB9D1TK41K Value: GS1.1.1672806023.1.0.1672806023.0.0.0
.bloxids.com/	1970-01-20 18:16:06	Name: _ga Value: GA1.1.1508865728.1672806023
.quantserve.com/	1970-01-20 18:10:20	Name: mc Value: 63b4fe87-2c853-265df-44c59
.bloxids.com/	1970-01-20 18:04:34	Name: __qca Value: P0-1787463384-1672806023092
bloxids.com/	1970-01-20 17:25:42	Name: ezux_lpl_237061 Value: 1672806023412\|4f09a87b-5372-4838-70ee-06cfca43f4ce\|false
.bloxids.com/	1970-01-20 18:01:42	Name: __gads Value: ID=17dd01769c6a386f:T=1672806023:S=ALNI_MZR1sJMKHVa9tOKniImExepZcDTEQ
.bloxids.com/	1970-01-20 18:01:42	Name: __gpi Value: UID=00000b9d0fc641be:T=1672806023:RT=1672806023:S=ALNI_MZYWevzuZgiC80YmkzgJcOIUiDCsA
.doubleclick.net/	1970-01-20 18:01:42	Name: IDE Value: AHWqTUlSIRAdrKpk3pqDK82BR9eyv4S-DnqlhyLZKmh9gBFOl-6LSa4G88DtxUMUzos
bloxids.com/	1969-12-31 23:59:59	Name: ezouspvv Value: 90
bloxids.com/	1969-12-31 23:59:59	Name: ezouspva Value: 1
bloxids.com/	1969-12-31 23:59:59	Name: ezouspvh Value: 90
.openx.net/	1970-01-20 17:25:42	Name: i Value: b1a5c8f7-8e73-4b72-8a6d-f86dc12954bd\|1672806024
.simpli.fi/	1970-01-20 17:27:08	Name: suid Value: 5EF34C6D06004E42B5892AA8B60A4330
.yahoo.com/	1970-01-20 17:26:03	Name: A3 Value: d=AQABBIj-tGMCENIB1YfbdBGrtmrsAeDLxJ4FEgEBAQFQtmO-YwAAAAAA_eMAAA&S=AQAAArsHXuFI-CVv7j59nNo1LEk
.rfihub.com/	1970-01-20 18:01:42	Name: rud Value: H4sIAAAAAAAA_-MSNjawMDY3MTS1NDQyNzUwMzYwNBbiM9StyE6uikrMLfAoNkkBAK88dkUlAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjawMDY3MTS1NDQyNzUwMzYwNBbiM9StyE6uikrMLfAoNkkBAK88dkUlAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA12dXF3zMr0svA0D_X29kr3q6zSNUgpCgUA_r-66B4AAAA
.rfihub.com/	1970-01-20 18:01:42	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA12dXF3zMr0svA0D_X29kr3q6zSNUgpCg3iNTQzN7IwMDMwMrE0Mn3FiMI3AwCK_mdRPQAAAA
.analytics.yahoo.com/	1970-01-20 17:25:42	Name: IDSYNC Value: 18yx~2984
.doubleclick.net/	1970-01-20 08:40:09	Name: DSID Value: NO_DATA
.criteo.com/	1970-01-20 18:01:42	Name: uid Value: b17d1532-8c4e-42b8-8858-575e44d7a637
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8S Value: s85102\|Y7T+j
.bloxids.com/	1970-01-20 18:01:42	Name: cto_bundle Value: HOHO5l8zWTI4ak1BNk1OTFcxYWZmalRkUU44NkplVzJhUnclMkJGQmdNWnFjZUJHY1g4c0Z5RjBKUyUyRjBqVmkzYkhsS3pjVllKRXVicWdmd0VMb1BiTHAxYUNJJTJCV2VqckFFdiUyQlklMkZrbVRsWjkyb21WdnpDeTdZJTJCSDZyNmFzSWNjSW9YWFJiZCUyQm9HeTI5UTAyVEN4ZXFJMUUwNzYyZyUzRCUzRA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cds.connatix.com/p/plugins/prebid7.17.0-5.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cds.connatix.com/p/plugins/prebid7.17.0-5.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2657253aa9be96b04da5db89af0f7443.safeframe.googlesyndication.com
a.rfihub.com
ads.yieldmo.com
adservice.google.com
adservice.google.de
basher.ezodn.com
bcp.crwdcntrl.net
bidder.criteo.com
bloxids.com
capi-tier-1-us-east-2.connatix.com
capi.connatix.com
cd.connatix.com
cdn.datatables.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cds.connatix.com
cm.g.doubleclick.net
csm.nl.eu.criteo.net
esp.rtbhouse.com
fonts.googleapis.com
go.ezodn.com
go.ezoic.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
hb.emxdgt.com
hbopenbid.pubmatic.com
ib.adnxs.com
id5-sync.com
imasdk.googleapis.com
ins.connatix.com
invstatic101.creativecdn.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
pagead2.googlesyndication.com
pb-server.ezoic.com
pixel.quantserve.com
pixel.rubiconproject.com
region1.google-analytics.com
rtb2-useast.e-volution.ai
rules.quantcount.com
s.ad.smaato.net
secure.quantserve.com
securepubads.g.doubleclick.net
stackpath.bootstrapcdn.com
static.criteo.net
sync.go.sonobi.com
tags.crwdcntrl.net
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
ads.yieldmo.com
bidder.criteo.com
capi-tier-1-us-east-2.connatix.com
cds.connatix.com
csm.nl.eu.criteo.net
hbopenbid.pubmatic.com
ib.adnxs.com
imasdk.googleapis.com
pb-server.ezoic.com
142.251.208.130
151.101.194.137
151.101.2.137
151.101.66.137
162.19.138.120
174.137.133.49
178.250.2.146
18.156.0.31
18.158.141.17
18.66.97.109
193.0.160.129
2001:4860:4802:34::36
2600:9000:2057:9e00:a:e047:752:5701
2600:9000:206e:b000:1b:5138:8a40:93a1
2600:9000:211e:b400:6:44e3:f8c0:93a1
2600:9000:214f:da00:2:cb38:840:93a1
2606:4700:10::6816:325d
2606:4700:10::ac43:266a
2606:4700:3031::ac43:c0cd
2606:4700::6811:180e
2606:4700::6812:acf
2606:4700:e4::ac40:a006
2606:4700:e4::ac40:a106
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:400d:805::2002
2a00:1450:400d:807::2001
2a00:1450:400d:807::2002
2a00:1450:400d:807::2003
2a00:1450:400d:807::2008
2a00:1450:400d:808::2001
2a00:1450:400d:808::200a
2a00:1450:400d:80a::2002
2a00:1450:400d:80c::2002
2a00:1450:400d:80c::2004
2a00:1450:400d:80e::2002
2a02:2638:1::13
2a02:2638::3
2a04:4e42:400::485
34.102.146.192
34.120.135.53
34.246.104.18
34.96.70.87
35.190.39.111
35.204.158.49
35.244.159.8
51.38.120.206
52.59.101.136
69.166.1.12
69.173.144.165
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
0148ba32d9b7ace832c19dd8669dc98d1347d99e5cf07ccb744cd1b6b6d74bab
030eb475ef7c0c106d7209a34c0bd8bbd170afaeff8869cdf8643502630e74de
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd70611e3a5c2344c278a1e6d72261f2c959093ace9bb7b00f6aec2312d3666
10d4b728888654e0b85c706a9310b551087d3321fb8ebfff147d07b13fa73bf0
1367dfa417ef97a7104ceffe8bb12b515be863f13bb6de37f2ecd8b007ca705a
14a9641fee9b9258fb4941ef4d4bc50ac885c38577c91e27fda4685a50c369e2
15d6ad4dfdb43d0affad683e70029f97a8f8fc8637a28845009ee0542dccdf81
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
197a73798f4e624b4030e6774f4e8bb5f566a5b03944237a9d043ddeb6ec1af0
1f78af99fa3880f69df1d7931f99e1b236229c1630dd241fa72f9b1e418f9ff9
23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8
29f55a4597b961a3ec8cbd829cf98b69da04006873173e884f4fc069ddd687b4
2cd704ff9aac0ff550d194364699a21641b2e8b9072171b6084465b01dd72a07
2d588bb58f18ce1235341af88e6eafbf4901a0680df01cf80851417059139a7a
2d5fa531e30ac3debad673003128f1ca9ad3c964ef17b547377e7ed09bd4504f
2dbfc2cf83964693166e8c68cc7da95d40a2fd79156b353b9823280b3abbadd4
2e1c054e7aeaad3071d3ea391ef7f60a330ef31a1d941480878ca36828900fec
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff
3de1545fca5d2f695000a14c2ff6329b0e1912e80edd675b6c1e518c291fcdbb
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
4519788b9b8958b383f07b97731cea368650e671137c3466fc6a4d2e7856145e
45e0a1af4d8055f5357b8f3dc0ab7a31733a1bfaccab6032a189672dc941f677
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4718dd9f68e969d1cb5e1b6172206b7150ad1d8cd5c5c1fe5812dd0e1646d426
4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dd18db639f215458634ec237306e89e01409e791edd7be12c4197e83001a481
50530b450b08289dc7e20276dfb0eae46cbcb7248a97ead870ebaeef94a368e8
511afe9f690eff582af19712b5051d62ab915683877c6a5be0118da346889821
527c63001d042f1c3538ad2bdf503bcfa1e9eacc2c37fe4a22c1efb0abf948b4
53a5d53b26dbf96109c90bc24409577e10d115a049ce65513fdd1761a67d06bb
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d20eb026b8bb497a6588b444a4c71fda05c0f4c39d5d679d8e0b3527d87af31
6082903b50bd94f4a21033cde33cbc453acde0d12a2b0b8b6716d65ef343446a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66a8dfcc4572e000bf5b4351bae2a763b3357a65ed373ff27a7e7b38ec9486ae
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
6d79a1245585e8300e8b841db80419164789ded084d856509e454c9d8ab0b114
6e66867a79759314ae7d2a20b2352df9ac8f7ff215d056a54f3cec75debcf3be
6ec128a75d473f7a69fc2d23fa0ae022a1a6ab395a0f7646f3471b7893d9f9d9
6f7ff4b557277a9f18395621cf6cf14e0795f60131f3600940e00f41e4b965ab
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
7cb6f39ae0c622292f3b23722249653e11dba33e1b8e1ab3889ef18c8798ee27
812cb9e6c1bd25ba64b535fa1e85a0f8ef04afc52f60fda2b5095605da3887fc
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
88ce18ce2ff32e3fc8b213d6302d4896e4714ed46332a8cf19df7b4d9f726295
8a7739925f4c03586479852df840b7061948832a7fda30c8c812d2ea4dd4c4f2
909e4f36928b8676e7947d125e90b8c2baee1afc6c0dead2ddc05a665811470a
94edf973e9deb80b5eccf17f8f3108eafe15209fe25fe417e8f8962a4d8f48b3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ae96e5e00ebc37355644fe6d3ff5e1f48057ff25579d8b586f3ca6b5ce31b98
9befd5118fe02a0b293e2b8c417708a18e456fd79a304a42b6ae058b69462536
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a155e486fc49e1364f42d9fc1379eb9fd5f0d0bfbbd982ec90a9757c9a024a01
a35bdec76fe583697c1e73f5d5eab05ae29b3ad332b6a79fbb22d482e33ae81a
a3d035a43e378691c0090515954ae1affa1051c9b08361e64b9f21d5a8a0f084
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a783b4efb294759eb2f791f446456c5621c9744e2bb17118c25edab07100cd5d
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2
a983ec1308781984ea4503dd1c4e1317b2b48dcb17dd1a6e68df68560951784b
acc0ca7d0cdb210bce71c2192a5f3086adcd0be65ec9999dd754d700f1e89f98
ba0a6ace4f4d84add2dac5693204ab2229f5033b09325a9420c3825f2ccf68bf
bdcfb8f68bb4058b14445ee1f6f16ac3e9742c01c869b9daf109450b094fa315
beea6273f5a17d82ae944a82b3fc05e4fdfd5728ced15e34c49e22d307cd1e2c
c01a6fc50170f2575ad7a091c81a799c2c20fec32a5ad6524d7c40f740ab5cf0
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c3d14e82611de465b119eccba0f96084ad7f9895fcb5b0bf695e69865adc6593
c653f48e2aa2eb7962cf5a42e5df1f685703c797d3ef9a818420f23651ec7a2c
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d3f305e71d40a14f1aede17763781a06175f661e8931b3a4ac9d719daddc01e9
d5b6ebd94e15926993c5ac5c1e5169f6b80184baf04133f6ae5f3f8e58af19bd
d854082be0173c977aad8f65cdb9b88fd005f3dd3f34f894ab9fdba5a283780f
dcc0b6437eeec474b65774198371749c6e3f11c12b0bc14f3a971714d0d0e52b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dfe98b2ebaf9f28661703ad0c0738f784ceaa490df5a8062c97bea227f454392
e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234
e2218e1a345e2d9b9b4a3ab19f8a1dbd25866e51de1e65b472d226dbc2552491
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e72026f70074c6ee248871ef1167db4ab6d3871326eb4cb8f8056d7baaa990ff
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c
f08bda7e60fadca736bd7ed81684d6dd9bd11951aada10c84e66cbeac3c52197
f16161425a7c0cddee3c31bbab529de04b2062e4352b3e15d06953bdf2085dac
f2f8c7997f52d388163a69b8832524663fd4b607f83cdb13ed9c6e928ad71fac
f348bb4ae0699b186e6055db2b1142d872a6a3377a1d1156a3f24451925a6793
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f570b027df1bcb0193cdb7e264c47b02b2479d43ae8b48f1f743ed5d96798126
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8b953109cfc13903e4be6ab7446dc2a4b15961eeefe88a983b013938db2b0ef
f8ea692c129c8ea5b5e66d9fd55a80fe997b950d15e33fd7c3934aab5ba53c28
fa0928ca4a87f22ed6446033c2f6dd12061e3755993904cc77681e6994cd0e76
fbe516ae4a05f3a8cfb5f900e04ae43086c6168dfdff65ca586fdb80f524314a
ffbce8dbb2e5fe154a842b04fb2f26d924b96e114f11016179308bf3b1eeba60

bloxids.com Open in urlscan Pro 2606:4700:3031::ac43:c0cd Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

152 Requests

88 %HTTPS

55 %IPv6

41 Domains

59 Subdomains

45 IPs

5 Countries

1818 kBTransfer

4859 kBSize

37 Cookies

0 Outgoing links

Page URL History

Redirected requests

152 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bloxids.com Open in urlscan Pro
2606:4700:3031::ac43:c0cd Public Scan

Screenshot
Live screenshot

Full Image

152
Requests

88 %
HTTPS

55 %
IPv6

41
Domains

59
Subdomains

45
IPs

5
Countries

1818 kB
Transfer

4859 kB
Size

37
Cookies

152 HTTP transactions
0 data transactions