URL: https://www.moxfield.com/bookmarks/DAg4X
Submission Tags: falconsandbox
Submission: On December 24 via api from US — Scanned from FI

Summary

This website contacted 35 IPs in 6 countries across 23 domains to perform 81 HTTP transactions. The main IP is 2606:4700:10::ac43:b57, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.moxfield.com. The Cisco Umbrella rank of the primary domain is 136910.
TLS certificate: Issued by WE1 on November 27th 2024. Valid for: 3 months.
This is the only time www.moxfield.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
6 104.18.2.78 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
12 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 13.33.187.21 16509 (AMAZON-02)
1 2600:9000:276... 16509 (AMAZON-02)
3 2600:9000:249... 16509 (AMAZON-02)
3 142.250.185.130 15169 (GOOGLE)
6 108.138.3.93 16509 (AMAZON-02)
2 35.244.144.25 396982 (GOOGLE-CL...)
1 188.114.96.3 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 172.217.16.198 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 104.21.64.1 13335 (CLOUDFLAR...)
1 13.32.99.35 16509 (AMAZON-02)
1 142.250.185.99 15169 (GOOGLE)
1 2 18.244.18.38 16509 (AMAZON-02)
2 130.211.23.194 396982 (GOOGLE-CL...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a02:26f0:350... 20940 (AKAMAI-AS...)
2 18.245.31.123 16509 (AMAZON-02)
3 18.244.21.227 16509 (AMAZON-02)
2 23.209.22.22 16625 (AKAMAI-AS)
2 65.9.66.104 16509 (AMAZON-02)
2 2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a02:26f0:350... 20940 (AKAMAI-AS...)
3 172.240.45.75 7979 (SERVERS-COM)
4 23.48.23.146 20940 (AKAMAI-AS...)
1 172.240.45.81 7979 (SERVERS-COM)
1 1 23.56.202.187 16625 (AKAMAI-AS)
1 2.19.217.60 16625 (AKAMAI-AS)
81 35
Apex Domain
Subdomains
Transfer
12 moxfield.net
assets.moxfield.net — Cisco Umbrella Rank: 156267
1 MB
11 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 347
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 687
aax.amazon-adsystem.com — Cisco Umbrella Rank: 468
93 KB
10 aniview.com
tg1.aniview.com — Cisco Umbrella Rank: 15172
player.aniview.com — Cisco Umbrella Rank: 2154
track1.aniview.com — Cisco Umbrella Rank: 5887
go1.aniview.com — Cisco Umbrella Rank: 7319
365 KB
8 nitropay.com
s.nitropay.com — Cisco Umbrella Rank: 21536
tracker.nitropay.com — Cisco Umbrella Rank: 20571
a.nitropay.com — Cisco Umbrella Rank: 45155
245 KB
8 moxfield.com
www.moxfield.com — Cisco Umbrella Rank: 136910
api2.moxfield.com — Cisco Umbrella Rank: 164169
29 KB
4 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
ad.doubleclick.net — Cisco Umbrella Rank: 145
209 KB
4 geoedge.be
wrappers.geoedge.be — Cisco Umbrella Rank: 17965
rumcdn.geoedge.be — Cisco Umbrella Rank: 2080
117 KB
3 btloader.com
btloader.com — Cisco Umbrella Rank: 947
api.btloader.com — Cisco Umbrella Rank: 1068
31 KB
2 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1060
eus.rubiconproject.com — Cisco Umbrella Rank: 616
137 B
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1004
29 KB
2 ad.gt
a.ad.gt — Cisco Umbrella Rank: 1619
257 B
2 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1791
612 B
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1010
13 KB
2 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1120
17 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 186
6 KB
2 nitrocnct.com
consent.nitrocnct.com — Cisco Umbrella Rank: 26127
127 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 975
2 KB
2 privacymanager.io
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 2086
geo.privacymanager.io — Cisco Umbrella Rank: 2054
35 KB
1 gstatic.com
fonts.gstatic.com
47 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
1 dns-finder.com
bt.dns-finder.com — Cisco Umbrella Rank: 277135
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
102 KB
81 23
Domain Requested by
12 assets.moxfield.net www.moxfield.com
rumcdn.geoedge.be
assets.moxfield.net
6 c.amazon-adsystem.com s.nitropay.com
c.amazon-adsystem.com
player.aniview.com
6 s.nitropay.com www.moxfield.com
s.nitropay.com
5 player.aniview.com rumcdn.geoedge.be
player.aniview.com
4 api2.moxfield.com assets.moxfield.net
4 www.moxfield.com www.moxfield.com
3 track1.aniview.com www.moxfield.com
3 aax.amazon-adsystem.com c.amazon-adsystem.com
3 securepubads.g.doubleclick.net s.nitropay.com
rumcdn.geoedge.be
www.moxfield.com
3 rumcdn.geoedge.be s.nitropay.com
rumcdn.geoedge.be
2 cdn.id5-sync.com rumcdn.geoedge.be
www.moxfield.com
2 a.ad.gt www.moxfield.com
2 cdn.hadronid.net 2 redirects
2 tags.crwdcntrl.net rumcdn.geoedge.be
www.moxfield.com
2 secure.cdn.fastclick.net rumcdn.geoedge.be
www.moxfield.com
2 config.aps.amazon-adsystem.com rumcdn.geoedge.be
c.amazon-adsystem.com
2 api.btloader.com btloader.com
2 sb.scorecardresearch.com 1 redirects www.moxfield.com
2 consent.nitrocnct.com s.nitropay.com
2 ad-delivery.net www.moxfield.com
1 eus.rubiconproject.com player.aniview.com
1 secure-assets.rubiconproject.com 1 redirects
1 go1.aniview.com player.aniview.com
1 a.nitropay.com s.nitropay.com
1 tg1.aniview.com rumcdn.geoedge.be
1 fonts.gstatic.com fonts.googleapis.com
1 geo.privacymanager.io ats-wrapper.privacymanager.io
1 www.google-analytics.com www.googletagmanager.com
1 ad.doubleclick.net www.moxfield.com
1 bt.dns-finder.com btloader.com
1 tracker.nitropay.com s.nitropay.com
1 wrappers.geoedge.be s.nitropay.com
1 ats-wrapper.privacymanager.io s.nitropay.com
1 btloader.com s.nitropay.com
1 fonts.googleapis.com www.moxfield.com
1 www.googletagmanager.com www.moxfield.com
81 36
Subject Issuer Validity Valid
moxfield.com
WE1
2024-11-27 -
2025-02-25
3 months crt.sh
*.google-analytics.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
nitropay.com
WE1
2024-11-07 -
2025-02-05
3 months crt.sh
upload.video.google.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
moxfield.net
WE1
2024-12-06 -
2025-03-06
3 months crt.sh
btloader.com
WE1
2024-12-06 -
2025-03-06
3 months crt.sh
*.privacymanager.io
Amazon RSA 2048 M03
2024-06-26 -
2025-07-24
a year crt.sh
gw.geoedge.be
Amazon RSA 2048 M03
2024-07-12 -
2025-08-09
a year crt.sh
*.g.doubleclick.net
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M03
2024-11-19 -
2025-12-18
a year crt.sh
*.nitropay.com
WR3
2024-11-29 -
2025-02-27
3 months crt.sh
dns-finder.com
WE1
2024-11-13 -
2025-02-11
3 months crt.sh
ad-delivery.net
WE1
2024-11-10 -
2025-02-08
3 months crt.sh
*.doubleclick.net
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
nitrocnct.com
WE1
2024-12-12 -
2025-03-12
3 months crt.sh
*.gstatic.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
api.btloader.com
WR3
2024-11-29 -
2025-02-27
3 months crt.sh
*.aniview.com
DigiCert TLS RSA SHA256 2020 CA1
2024-07-14 -
2025-07-15
a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02
2024-12-22 -
2026-01-21
a year crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M02
2024-12-06 -
2026-01-04
a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1
2024-08-07 -
2025-08-07
a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02
2024-09-07 -
2025-10-07
a year crt.sh
id5-sync.com
WE1
2024-11-28 -
2025-02-26
3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2024-07-30 -
2025-04-03
8 months crt.sh

This page contains 6 frames:

Primary Page: https://www.moxfield.com/bookmarks/DAg4X
Frame ID: 8BC491B1D0173DFE644E8168A623C47F
Requests: 70 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Frame ID: CD16B4A010417009019D3A95006B1076
Requests: 1 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Frame ID: 0111F5F5C8CEF660406936853011DA23
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=668563324e846922350280ba
Frame ID: 848F2289A4B951FA7AFBBE3102C094A7
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Frame ID: 7FC29E986064D44067F8095AE5005164
Requests: 1 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 39852DA8B27E9488BFC202B79D5CA6C2
Requests: 10 HTTP requests in this frame

Screenshot

Page Title

CUEVANA.3 VER Mufasa: El rey león (2024) Película completa en Español Latino // Moxfield — MTG Deck Builder

Detected technologies

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

81
Requests

96 %
HTTPS

42 %
IPv6

23
Domains

36
Subdomains

35
IPs

6
Countries

2873 kB
Transfer

9572 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30
  • https://sb.scorecardresearch.com/cs/20631572/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 51
  • https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.moxfield.com%2Fbookmarks%2FDAg4X&ref=&_it=amazon&partner_id=720 HTTP 301
  • https://a.ad.gt/api/v1/u/matches/720?_it=nitro
Request Chain 73
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Request Chain 86
  • https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.moxfield.com%2Fbookmarks%2FDAg4X&ref=https%3A%2F%2Fwww.moxfield.com%2Fbookmarks%2FDAg4X&_it=amazon&partner_id=720 HTTP 301
  • https://a.ad.gt/api/v1/u/matches/720?_it=nitro

81 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request DAg4X
www.moxfield.com/bookmarks/
4 KB
2 KB
Document
General
Full URL
https://www.moxfield.com/bookmarks/DAg4X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48e858ec8e25d2f1a2b537eb285ee626caff9bcfd3ded8e1f214fa7c6e52aba8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
public, maxage=900
cf-cache-status
DYNAMIC
cf-ray
8f717015489e8dab-HEL
content-encoding
br
content-type
text/html
date
Tue, 24 Dec 2024 14:56:24 GMT
request-context
appId=cid-v1:de7d4d73-85ba-4f63-978f-015ef62a30fc
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/
297 KB
102 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BW2XPQDNK2
Requested by
Host: www.moxfield.com
URL: https://www.moxfield.com/bookmarks/DAg4X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3827012b39375018c31f797538e8b78fae4f45d5bf7a5ec72fe14ac7268750fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 24 Dec 2024 14:56:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 14:56:24 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
104146
x-xss-protection
0
server
Google Tag Manager
ads-546.js
s.nitropay.com/
588 KB
187 KB
Script
General
Full URL
https://s.nitropay.com/ads-546.js
Requested by
Host: www.moxfield.com
URL: https://www.moxfield.com/bookmarks/DAg4X
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69a48c2f49d3529d508dae8e6167686b809c35f974637000a8b8f9d549ebede0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-meta-goog-reserved-file-mtime
1734374109
x-goog-hash
crc32c=HapTEw==, md5=5oIHwu9W9buUdhci01WLIQ==
cf-cache-status
HIT
etag
W/"e68207c2ef56f5bb94761722d3558b21:1734986388000:FI"
age
65778
content-encoding
gzip
x-goog-stored-content-encoding
identity
expires
Tue, 23 Dec 2025 20:39:52 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
596048
server-timing
cfExtPri
date
Tue, 24 Dec 2024 14:56:24 GMT
content-type
text/javascript
last-modified
Mon, 23 Dec 2024 20:39:48 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-guploader-uploadid
AFiumC62F1_TiP0OrvhWHcosGib5vcZaOuX0nDygUDA6n_06gSl1PeTMfyHQXUPXIkuldyMJ
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
private, max-age=600
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8f717016db9882d0-ARN
access-control-allow-origin
*
x-goog-generation
1734375415047003
server
cloudflare
css2
fonts.googleapis.com/
12 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@300;400;600;700;800&display=optional
Requested by
Host: www.moxfield.com
URL: https://www.moxfield.com/bookmarks/DAg4X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c075d32f3122a954d2973454b1a4cc09a9c92bdc8dad7f96c501a8dc92461787
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 24 Dec 2024 14:56:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 14:56:24 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 24 Dec 2024 14:56:04 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
phyrexian.css
www.moxfield.com/fonts/
368 B
396 B
Stylesheet
General
Full URL
https://www.moxfield.com/fonts/phyrexian.css
Requested by
Host: www.moxfield.com
URL: https://www.moxfield.com/bookmarks/DAg4X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de3e6cdf372ffbab9f4bbd1178162017291daf36f9f7cafda0412969595a289c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/bookmarks/DAg4X

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"1db53086fe9d370"
age
1098
x-content-type-options
nosniff
date
Tue, 24 Dec 2024 14:56:24 GMT
content-type
text/css
last-modified
Fri, 20 Dec 2024 17:56:04 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, maxage=604800
request-context
appId=cid-v1:de7d4d73-85ba-4f63-978f-015ef62a30fc
cf-ray
8f7170168a418dab-HEL
x-xss-protection
1; mode=block
server
cloudflare
mana.min.css
www.moxfield.com/fonts/
57 KB
13 KB
Stylesheet
General
Full URL
https://www.moxfield.com/fonts/mana.min.css
Requested by
Host: www.moxfield.com
URL: https://www.moxfield.com/bookmarks/DAg4X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67d29344557b012e78a271b3d5cfc984504493f579d163043bf9c52d0b52b227
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/bookmarks/DAg4X

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"1db53086fe93056"
age
1726
x-content-type-options
nosniff
date
Tue, 24 Dec 2024 14:56:24 GMT
content-type
text/css
last-modified
Fri, 20 Dec 2024 17:56:04 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, maxage=604800
request-context
appId=cid-v1:de7d4d73-85ba-4f63-978f-015ef62a30fc
cf-ray
8f7170168a458dab-HEL
x-xss-protection
1; mode=block
server
cloudflare
moxfield.160b9715ef46a0deb457.css
assets.moxfield.net/assets/assets/
573 KB
120 KB
Stylesheet
General
Full URL
https://assets.moxfield.net/assets/assets/moxfield.160b9715ef46a0deb457.css
Requested by
Host: www.moxfield.com
URL: https://www.moxfield.com/bookmarks/DAg4X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8552e7621c736a1c587a3901ac41a9429b65e2be5afc2ad3a4ed866417b6b7e2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

content-md5
3WYm7fd+USTI6GLGqywEtQ==
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
376
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hlbOz8vDS7XTlljjgiNvHYZxELT0x26aSXnL45%2BmB8feHTiOo4fO8YhxKLl%2BguLfKlXICTsjZoFw51atjoO9FziyKADcbmeht052FmytjlrfMhKyknbPsaaz%2B0%2FA3CvsCI1XfTWM1MpU2D0%2FUhLtoORM"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=28266&min_rtt=28229&rtt_var=6019&sent=59&recv=12&lost=0&retrans=0&sent_bytes=60663&recv_bytes=2414&delivery_rate=142419&cwnd=252&unsent_bytes=0&cid=ad70d3af0e98e211&ts=63&x=0"
date
Tue, 24 Dec 2024 14:56:24 GMT
content-type
text/css
last-modified
Fri, 20 Dec 2024 17:57:33 GMT
vary
Origin, Accept-Encoding
cache-control
max-age=691200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ms-request-id
e2f0634e-b01e-00cc-530d-537125000000
cf-ray
8f7170170bcb543a-TLL
x-ms-blob-type
BlockBlob
server
cloudflare
title.svg
assets.moxfield.net/assets/images/
4 KB
2 KB
Image
General
Full URL
https://assets.moxfield.net/assets/images/title.svg
Requested by
Host: www.moxfield.com
URL: https://www.moxfield.com/bookmarks/DAg4X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8027188b7e33b80a996112698bc4b25a7f0356f35932fbd0692b485c3de56ab3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

content-md5
qg1Ng3tnV4OMbDYff3zBUg==
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
2407
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rd8oai65QTDtGMKZjHMrnZwULq%2B9LXLVpnibZ1NZH2P2M23iAUr%2F5AIEnFZzuhvzQ0VsXlsWkNWjp1ucmGX%2BFieKxs%2FSw0ICWckO9UYdpbBDEV8dlob84l7gRicD0MmGft%2FTE%2BK56HlYqAZA%2BTo7G8yX"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=28266&min_rtt=28229&rtt_var=6019&sent=7&recv=12&lost=0&retrans=0&sent_bytes=3927&recv_bytes=2414&delivery_rate=142419&cwnd=252&unsent_bytes=0&cid=ad70d3af0e98e211&ts=56&x=0"
date
Tue, 24 Dec 2024 14:56:24 GMT
content-type
image/svg+xml
last-modified
Fri, 20 Dec 2024 17:57:33 GMT
vary
Origin, Accept-Encoding
cache-control
max-age=691200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ms-request-id
b007f2c4-001e-0002-1e0d-53a0ab000000
cf-ray
8f7170170bcd543a-TLL
x-ms-blob-type
BlockBlob
server
cloudflare
4192.eb9b45e9f6178b1b00cf.js
assets.moxfield.net/assets/assets/
2 MB
524 KB
Script
General
Full URL
https://assets.moxfield.net/assets/assets/4192.eb9b45e9f6178b1b00cf.js
Requested by
Host: www.moxfield.com
URL: https://www.moxfield.com/bookmarks/DAg4X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a804d0d36b36de669051d3f4fee586c1c55cb95286f7476eb7ddb8b062373d1e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

content-md5
zWSHrJP37qWPATmV/PC7xw==
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
376
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u%2BDR94om%2F6uWT3OEDH%2BZs7lB99H7V2HYT7ebAUjCHMd%2BKxvHYxnG6l8LcCJMFuhD9NKOcrZGFdb1ULDcS5uNGzWysT0gQbwa1RhMB6SM%2FCfC09OxrAbwCl%2BK2Ts9hwTAStctqdZqgqGI49dBWnXA16M9"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=28266&min_rtt=28229&rtt_var=6019&sent=12&recv=12&lost=0&retrans=0&sent_bytes=6527&recv_bytes=2414&delivery_rate=142419&cwnd=252&unsent_bytes=0&cid=ad70d3af0e98e211&ts=60&x=0"
date
Tue, 24 Dec 2024 14:56:24 GMT
content-type
application/x-javascript
last-modified
Fri, 20 Dec 2024 17:57:33 GMT
vary
Origin, Accept-Encoding
cache-control
max-age=691200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ms-request-id
d4c3d849-301e-0009-1c09-535bc0000000
cf-ray
8f7170170bce543a-TLL
x-ms-blob-type
BlockBlob
server
cloudflare
tag
btloader.com/
107 KB
31 KB
Script
General
Full URL
https://btloader.com/tag?o=6278260873756672&upapi=true
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-546.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5579410abe667ffed52d08c89fc18cc7a6640f7ad70d1f4ef11e4e12e94c9db0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

x-robots-tag
noindex, nofollow
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
content-encoding
gzip
cf-cache-status
HIT
etag
"0002ae23fe1074f13e1dcf3d2a37e032"
age
3240
via
1.1 google
cf-ray
8f717018eb578dc3-HEL
accept-ranges
bytes
content-length
30931
date
Tue, 24 Dec 2024 14:56:24 GMT
content-type
application/javascript
last-modified
Tue, 24 Dec 2024 14:02:10 GMT
vary
Origin, Accept-Encoding
server
cloudflare
ats.js
ats-wrapper.privacymanager.io/ats-modules/438cb908-ed61-41e9-b716-05d5f4122a64/
103 KB
34 KB
Script
General
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/438cb908-ed61-41e9-b716-05d5f4122a64/ats.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-546.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-21.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc90bb97d9d26b719f0f2ff889d838e1b71b50f1e5128148dcee66eb8840c3ac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

vary
accept-encoding
cache-control
must-revalidate,public,max-age=3600
content-encoding
gzip
x-amz-version-id
BSFd96dsreJGkNml52NxzV2l_kQvrie_
etag
W/"ab5d13b6d6f0881cdad621854c9207f7"
age
2534
via
1.1 3677df2c828d68a6a84555cd8a40cf50.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
LBnT-hQHVWvzxJ-xXIiG6ETggw_3DrnMmr6IP6A_3qUGO3jQWRCiuw==
date
Tue, 24 Dec 2024 14:14:11 GMT
content-type
application/javascript
last-modified
Mon, 16 Dec 2024 14:27:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
wrapper.html
wrappers.geoedge.be/
3 KB
4 KB
Fetch
General
Full URL
https://wrappers.geoedge.be/wrapper.html
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-546.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:8200:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
68de9947c014ba26a1d48132dc5a94697f4c575972d2944da8e496f5780fd7b2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.moxfield.com/

Response headers

x-amz-version-id
SIv.6LiuODikErkt8hGkZr.zJWI3NFp8
etag
"6a6d57dbabaa297544a761a67d32156f"
age
29746
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
prMHkUoAnbo2ZvTYd8h7G8xh8MPpJlbcWNP-Z25YqK4Q-yDjkiSLuw==
date
Tue, 24 Dec 2024 06:40:39 GMT
content-type
text/html
last-modified
Tue, 19 Dec 2023 13:15:23 GMT
via
1.1 81a2ccccd3da8ffc5c6580a9c9d4bace.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
3527
x-amz-cf-pop
FRA60-P8
server
AmazonS3
x-amz-server-side-encryption
AES256
grumi.js
rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/ Frame CD16
272 KB
107 KB
Script
General
Full URL
https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-546.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:4c00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dab5c4526911c4ee6e7ecf0d771bd7ec1f5de3c3fd64bf6d29c365bb8042d321

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
x-amz-version-id
yWoG6kjiOBp7wWEwjyUJKWKu_.G3a7jH
etag
W/"9304ae790bb9499f630097404bcef2ba"
age
2035
x-cache
Hit from cloudfront
x-amz-cf-id
g7phoq_dB-F9MqCr7BQ1IIYFpXH1qG_XXfw5ssmnf3w7WJkYPC6YkQ==
date
Tue, 24 Dec 2024 14:22:29 GMT
content-type
text/javascript
vary
accept-encoding
last-modified
Tue, 24 Dec 2024 14:05:31 GMT
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin
*
via
1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
server
AmazonS3
x-amz-server-side-encryption
AES256
grumi-ip.js
rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/
16 KB
7 KB
Script
General
Full URL
https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi-ip.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-546.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:4c00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7facb2eb1211e90abed8358fd8e07c661cd0252c717eb9f404572483f377738b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

vary
accept-encoding
cache-control
public, max-age=14400, stale-while-revalidate=14400, immutable
content-encoding
br
x-amz-version-id
Yg6WWIK07cDSz6K0LzM.XCDVw6q5V5hP
etag
W/"cc37be8f24d3b690280ddf0c4f1ed6fd"
age
2036
via
1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
PR_6IGCfBy8Q45EWQMTG_-owoy7F8wPPDu19VNTCqpukOeqEvYlhSg==
date
Tue, 24 Dec 2024 14:22:29 GMT
content-type
application/javascript
last-modified
Sun, 15 Dec 2024 11:30:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
x-amz-server-side-encryption
AES256
gpt.js
securepubads.g.doubleclick.net/tag/js/
104 KB
33 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-546.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e1313c3a4fe981f943646e1d710f6b12fbff77bf25c70aaa723e73896c9be06d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

content-encoding
br
etag
630 / 20081 / m202412090101 / config-hash: 16775640167977932469
x-content-type-options
nosniff
expires
Tue, 24 Dec 2024 14:56:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 24 Dec 2024 14:56:24 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33747
x-xss-protection
0
server
cafe
gpp-84c89f1.min.js
s.nitropay.com/
269 KB
50 KB
Script
General
Full URL
https://s.nitropay.com/gpp-84c89f1.min.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-546.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9bd2216bea9af3c34417192765b07b6f2b63f53f2d2eeaadbf2e70dc9889977
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=OEv6IQ==, md5=mH4JPYNYQPLozKDO5CUC4Q==
cf-cache-status
HIT
etag
W/"987e093d835840f2e8cca0cee42502e1"
age
33060
content-encoding
gzip
x-goog-stored-content-encoding
identity
expires
Mon, 30 Dec 2024 18:58:01 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
275554
server-timing
cfExtPri
date
Tue, 24 Dec 2024 14:56:24 GMT
content-type
text/javascript
last-modified
Fri, 22 Nov 2024 18:54:30 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-guploader-uploadid
AFiumC5wR5BWnXXPMXKLyjBBu1GM4E0EbuGHvJanVeiavWDdhaIV2RYn7sIC1eeAZrAoSj2v
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
public, max-age=604800
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8f7170192d8b82d0-ARN
access-control-allow-origin
*
x-goog-generation
1732301670814045
server
cloudflare
apstag.js
c.amazon-adsystem.com/aax2/
347 KB
85 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-546.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-93.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
79da988ee52c362adf55e65369eccdc35fe49ba29e02bbabcb4f3dadc70f0e4c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"e779c2c2d2871f48f4b42842fa74ba90"
age
2790
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront), 1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
Dl_XM0gbtt2-U3FR1OewoHx-AAR-SMoEKdiqjbd3RgKgzDyckO2tmg==
date
Tue, 24 Dec 2024 14:09:55 GMT
content-type
application/javascript
last-modified
Wed, 18 Dec 2024 21:58:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
x-amz-server-side-encryption
AES256
546
tracker.nitropay.com/a/
0
0
Fetch
General
Full URL
https://tracker.nitropay.com/a/546?d=eyJocmVmIjoiaHR0cHM6Ly93d3cubW94ZmllbGQuY29tL2Jvb2ttYXJrcy9EQWc0WCIsInYiOjUyLCJhIjpmYWxzZSwicyI6dHJ1ZSwiYyI6IkZJIiwiciI6IjE4In0%3D
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-546.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.144.244.35.bc.googleusercontent.com
Software
nginx/1.27.0 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 14:56:24 GMT
server
nginx/1.27.0
1.gif
s.nitropay.com/
42 B
650 B
Image
General
Full URL
https://s.nitropay.com/1.gif?x=1&adslot=
Requested by
Host: www.moxfield.com
URL: https://www.moxfield.com/bookmarks/DAg4X
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

x-goog-metageneration
3
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=ljrbyA==, md5=2JdGiI2i2VELZKnwMers1Q==
cf-cache-status
HIT
etag
"d89746888da2d9510b64a9f031eaecd5"
age
71901
x-goog-stored-content-encoding
identity
expires
Mon, 30 Dec 2024 18:58:00 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
42
server-timing
cfExtPri
date
Tue, 24 Dec 2024 14:56:24 GMT
x-goog-custom-time
1970-01-01T00:00:00Z
content-type
image/gif
last-modified
Fri, 22 Jan 2021 08:58:45 GMT
vary
Accept-Encoding
priority
u=3,i
x-guploader-uploadid
AFiumC5CoT-uxZRP6Q0u8X0eYeVU64OevirVTwCLQDgeAt9V7AR-CcfFPxb6ta6YoxaZh-kfRH74Kpw
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
public, max-age=604800
x-goog-meta-
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8f7170192d9f82d0-ARN
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1611305925409947
content-length
42
server
cloudflare
moxfield.2bbfc9190119999e1585.js
assets.moxfield.net/assets/assets/
1000 KB
220 KB
Script
General
Full URL
https://assets.moxfield.net/assets/assets/moxfield.2bbfc9190119999e1585.js
Requested by
Host: www.moxfield.com
URL: https://www.moxfield.com/bookmarks/DAg4X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
436c2dcdb5bc1c1a106f85c5119de1c505a167a8292535f73d901f8d7ed8263c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

content-md5
z75aiTl8XKYDbTWQQ8FYbQ==
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
377
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jGwOJgGpkBOGQY6a4sV2i4DuHcgnvTgzXhZ0Ww%2FzdbliJNtzK5itpBjZzeeFPzWGofxlQy%2FrYZu7mhG9l6vBYhVm88ScpdtOp7uf7JSSIJ5aD8OW7d9rQwGwgfXShMKy4eH0SNAkYej%2BiJT%2BSqLgyS3v"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=28668&min_rtt=28158&rtt_var=122&sent=523&recv=272&lost=0&retrans=0&sent_bytes=668084&recv_bytes=2528&delivery_rate=11305540&cwnd=623&unsent_bytes=0&cid=ad70d3af0e98e211&ts=403&x=0"
date
Tue, 24 Dec 2024 14:56:24 GMT
content-type
application/x-javascript
last-modified
Fri, 20 Dec 2024 17:57:34 GMT
vary
Origin, Accept-Encoding
cache-control
max-age=691200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ms-request-id
3693a32f-701e-008e-1309-53c8a5000000
cf-ray
8f7170193dc2543a-TLL
x-ms-blob-type
BlockBlob
server
cloudflare
px.gif
bt.dns-finder.com/
43 B
1 KB
Fetch
General
Full URL
https://bt.dns-finder.com/px.gif
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

x-goog-metageneration
2
access-control-expose-headers
Content-Type,Cache-Control
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
222
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WzJEwHGefhNRtBaTcQw8Xx64ey6CrAZaOp%2B8Cn3mHtDXI3RVYY3rlMUjI3ZIYEeI3S4FPmHMHzmwra%2B9aP8mnu4cLgqTNQfnr6Bt%2BqcBML%2BlQ5li12Ogz3lN7uPMv7w4W6DIsA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Tue, 24 Dec 2024 15:52:42 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
43
server-timing
cfL4;desc="?proto=QUIC&rtt=76902&min_rtt=76813&rtt_var=28868&sent=9&recv=7&lost=0&retrans=0&sent_bytes=4060&recv_bytes=4257&delivery_rate=43428&cwnd=12000&unsent_bytes=0&cid=3ca9f59c060aa5a4&ts=91&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 24 Dec 2024 14:56:24 GMT
content-type
image/gif
last-modified
Fri, 19 Jul 2024 16:36:17 GMT
vary
Accept-Encoding
priority
u=1,i
x-guploader-uploadid
AFiumC4bybP-FuVF-whZiQG5qZwlyVXjdQyOozfZQokGxlrpnKGcuMUvkT2YVnJsDWdcJeGodxOQdWg
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
STANDARD
cf-ray
8f71701a0ae59e78-CDG
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1721406977485562
content-length
43
server
cloudflare
px.gif
ad-delivery.net/
43 B
1 KB
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.moxfield.com
URL: https://www.moxfield.com/bookmarks/DAg4X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
302042
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1oLi%2FoUKiaO6sQMk%2FOniXuVFl9FXIRGVlXEaSB19lgVn4pI3euwd4xiQpXJkoDeZ4h7h9wIbDZcXxTnnm%2FrkqF3KaaE105oLjyY2kjjkCXoM0P2BzEJ97BU5%2BEgLZIAppLUwTvBi4iWtJKOAFw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Sat, 21 Dec 2024 03:16:52 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=27620&min_rtt=27343&rtt_var=5910&sent=7&recv=11&lost=0&retrans=0&sent_bytes=4024&recv_bytes=2333&delivery_rate=145992&cwnd=252&unsent_bytes=0&cid=4c64ac4b52b21896&ts=41&x=0"
x-goog-stored-content-length
43
date
Tue, 24 Dec 2024 14:56:24 GMT
content-type
image/gif
last-modified
Wed, 05 May 2021 19:25:32 GMT
vary
Accept-Encoding
x-guploader-uploadid
AFiumC7u7uyLo_Bnq9TZWgRslXtl2vJkzUncYNS8rM60TP9iZlKc2AtciWpOllHmKIvo-9eW
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8f717019ac338d93-HEL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
favicon.ico
ad.doubleclick.net/
1 KB
130 B
Image
General
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.moxfield.com
URL: https://www.moxfield.com/bookmarks/DAg4X
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

content-encoding
gzip
age
86206
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Tue, 24 Dec 2024 14:59:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 23 Dec 2024 14:59:38 GMT
last-modified
Tue, 08 May 2012 13:08:06 GMT
content-type
image/x-icon
vary
Accept-Encoding
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
104
x-xss-protection
0
server
sffe
px.gif
ad-delivery.net/
43 B
487 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.4656468839119565
Requested by
Host: www.moxfield.com
URL: https://www.moxfield.com/bookmarks/DAg4X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
302042
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HOckFoM%2FdYtZFR3auHN0JSy0fVsOtnS0GysocnoXx5mDy4Ubk3dERUAvYfVonuM%2FTqgPBomM8I0VIVeGVydRFA4V9QbwqWVqbuuoe0uNRfeKUFbpyEavsU%2Fcq5xTuwo2nrHp2AN5ABzpyEocNg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Sat, 21 Dec 2024 03:16:52 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=27620&min_rtt=27343&rtt_var=5910&sent=10&recv=11&lost=0&retrans=0&sent_bytes=5162&recv_bytes=2333&delivery_rate=145992&cwnd=252&unsent_bytes=0&cid=4c64ac4b52b21896&ts=44&x=0"
x-goog-stored-content-length
43
date
Tue, 24 Dec 2024 14:56:24 GMT
content-type
image/gif
last-modified
Wed, 05 May 2021 19:25:32 GMT
vary
Accept-Encoding
x-guploader-uploadid
AFiumC7u7uyLo_Bnq9TZWgRslXtl2vJkzUncYNS8rM60TP9iZlKc2AtciWpOllHmKIvo-9eW
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8f717019bc378d93-HEL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-BW2XPQDNK2&gtm=45je4cc1v887727717za200&_p=1735052184070&gcd=13l3l3l3l1l1&npa=0&dma=0&tcfd=10000&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=645135484.1735052185&ul=fi-fi&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1735052184&sct=1&seg=0&dl=https%3A%2F%2Fwww.moxfield.com%2Fbookmarks%2FDAg4X&dt=Moxfield%20-%20MTG%20Deck%20Builder&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=739
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BW2XPQDNK2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.moxfield.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 14:56:24 GMT
content-type
text/plain
server
Golfe2
additional-consent-providers.csv
consent.nitrocnct.com/
116 KB
37 KB
XHR
General
Full URL
https://consent.nitrocnct.com/additional-consent-providers.csv
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/gpp-84c89f1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.64.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
006b6d64d07be11c46ecbbff71b2a1a7ed3d408a26687241849ff1bc0d177015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

x-goog-metageneration
4
access-control-expose-headers
Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=x8iKUw==, md5=gfloZ1I7fqSi8Fpiuf3xxw==
cf-cache-status
HIT
etag
W/"81f96867523b7ea4a2f05a62b9fdf1c7"
age
9738
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pipkkqz6oufT%2FcQC%2B4bPyoluWz%2BbdfVslrzVciN%2B9%2BwySAX25pk1m1cFbYFWG5bUiarj7Nc9fKLVc2q2zrx%2FH98JMyjixIgb9QkG0%2BCK4nSc8%2BmIMeG1QmnxHEzx54r9ZAaSsQjzHT0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Tue, 31 Dec 2024 11:45:34 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
119221
date
Tue, 24 Dec 2024 14:56:24 GMT
content-type
text/plain
last-modified
Wed, 12 Jul 2023 07:31:30 GMT
vary
Accept-Encoding
x-guploader-uploadid
AFiumC7H9G208NwlN6mv6FClTLPVwfd-raRW0gcBGBXwPTsscjXNyt7DSoPWc-ntdD2mz9CEmppclwk
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
x-goog-storage-class
STANDARD
cf-ray
8f71701a1d2bec4d-DME
access-control-allow-origin
*
x-goog-generation
1689147090287559
server
cloudflare
vendor-list-v3.json
consent.nitrocnct.com/
653 KB
90 KB
XHR
General
Full URL
https://consent.nitrocnct.com/vendor-list-v3.json
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/gpp-84c89f1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.64.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22e57d1d37634b32a5edc3504e0fa5b199fa4b55fcf52b3aebf72a1dbec7442d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

x-goog-metageneration
2
access-control-expose-headers
Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=dsgi+g==, md5=Wk0ZXGBSnZwxumhkofEcFA==
cf-cache-status
HIT
etag
W/"5a4d195c60529d9c31ba6864a1f11c14"
age
32640
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HXjPunGzoyvGwsmQNWAk7HxH5uBF4QfRrFU2zvHTJ%2BEDL15hFD0EJ9K81akiAE%2BiOHNeLDCZhOHtjbvnPWMLgfYW1w1xan9q%2B5wdVITC1aPcYpW6PIfUGHp62omHpRydhWNabxxH%2Fm0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Tue, 31 Dec 2024 05:52:24 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
668206
date
Tue, 24 Dec 2024 14:56:24 GMT
content-type
application/json
last-modified
Thu, 19 Dec 2024 16:15:05 GMT
vary
Accept-Encoding
x-guploader-uploadid
AFiumC7yxMo1F0y-brujyeSm7cqMGc0qRTe4ipapote0gw0kT27wRXo9TXIzVRvJTgqp_gDeB2Sjb-M
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
x-goog-storage-class
STANDARD
cf-ray
8f71701a1d2cec4d-DME
access-control-allow-origin
*
x-goog-generation
1734624905314964
server
cloudflare
/
geo.privacymanager.io/
30 B
630 B
Fetch
General
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/438cb908-ed61-41e9-b716-05d5f4122a64/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-35.fra60.r.cloudfront.net
Software
/
Resource Hash
b419d6f37255da8dba74a37d4593757e065accbd7c21e9f82bb2b5f63c9ec098

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

x-amz-apigw-id
DRFqnFj_joEECHQ=
age
57890
x-amzn-trace-id
Root=1-6769e976-0d07f14c63a4f6ad6a38e8ed;Parent=475b63bfbc70d8fa;Sampled=0;Lineage=1:06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
x-amzn-requestid
31798a7e-cb06-4155-8cb8-b0b55c63c726
via
1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront), 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
30
x-amz-cf-id
M5pMR6fCya3PiJdXY6-cN5NKFQkLu2vaqPNmTQyfUB1DEMl0IRYDcw==
date
Mon, 23 Dec 2024 22:51:34 GMT
content-type
application/json
x-amz-cf-pop
FRA56-P3, FRA60-P3
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
6280.fb8110202afa959a03b1.css
assets.moxfield.net/assets/assets/
302 B
726 B
Stylesheet
General
Full URL
https://assets.moxfield.net/assets/assets/6280.fb8110202afa959a03b1.css
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a1aa596dceea97db2a0ac76c0112984ff589b9e5aeed725dfd04032d470ab3b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

content-md5
t9AisyjZ4OKHoUxmr82cRg==
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
2407
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zq2H03xG9Asnf4K1rGY12M2Cf9fcQjmXojMgmQREFjjJi7rMDKZGjYGfR20xvlpJEG8oc5Zzy9x26J9N%2BVnYz3R1WmoZxKjHpJNcDEn3hNSW6pvhkpq7jsEreDtoLQW9boH4sUHM%2Faumsi3X9QBScG6Q"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=28669&min_rtt=28158&rtt_var=191&sent=704&recv=364&lost=0&retrans=0&sent_bytes=893703&recv_bytes=2687&delivery_rate=11305540&cwnd=755&unsent_bytes=0&cid=ad70d3af0e98e211&ts=565&x=0"
date
Tue, 24 Dec 2024 14:56:24 GMT
content-type
text/css
last-modified
Fri, 20 Dec 2024 17:57:34 GMT
vary
Origin, Accept-Encoding
cache-control
max-age=691200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ms-request-id
80005209-601e-0004-6c0b-539314000000
cf-ray
8f71701a4ee1543a-TLL
x-ms-blob-type
BlockBlob
server
cloudflare
6280.fdc7d92f21bf1cb72458.js
assets.moxfield.net/assets/assets/
12 KB
4 KB
Script
General
Full URL
https://assets.moxfield.net/assets/assets/6280.fdc7d92f21bf1cb72458.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f175d045d00ebebb1da72d4666902c09c4f00c6d006862698e23717b965bcc4e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

content-md5
N+MxP935rxklTn5JH5NJ5w==
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
2406
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xnMH6KkgNxvUSdux5eDETriMR1GmQPBCGsMabIxZtEOIsvCDpMOIEGm%2Bd2U6lLZAJmfNlxQ%2FPT4GJRj5cWg%2FnwQe4TjWtxgdqR8%2FuZXz4p3NR93k%2BX0gmDa1WfeFerAcsWjtw40ARvN5niYTJ6XrKdrl"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=28669&min_rtt=28158&rtt_var=191&sent=707&recv=364&lost=0&retrans=0&sent_bytes=894495&recv_bytes=2687&delivery_rate=11305540&cwnd=755&unsent_bytes=0&cid=ad70d3af0e98e211&ts=565&x=0"
date
Tue, 24 Dec 2024 14:56:24 GMT
content-type
application/x-javascript
last-modified
Fri, 20 Dec 2024 17:57:34 GMT
vary
Origin, Accept-Encoding
cache-control
max-age=691200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ms-request-id
501d9e70-d01e-005c-2a0b-534b4b000000
cf-ray
8f71701a4ee4543a-TLL
x-ms-blob-type
BlockBlob
server
cloudflare
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;600;700;800&display=optional
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.moxfield.com
Referer
https://fonts.googleapis.com/

Response headers

age
446506
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 19 Dec 2025 10:54:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 10:54:38 GMT
last-modified
Mon, 29 Jul 2024 22:51:01 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48444
x-xss-protection
0
server
sffe
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/20631572/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
16 KB
6 KB
Script
General
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: www.moxfield.com
URL: https://www.moxfield.com/bookmarks/DAg4X
Protocol
H2
Server
18.244.18.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-38.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3f6004a6c9021e04ec32ca88df8f9a5785e53da23511f1bf0d56defc1b9759f8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

vary
accept-encoding
cache-control
max-age=86400
content-encoding
gzip
etag
W/"c22322b3d030360971584a98c60b6e0b"
age
43691
via
1.1 5034084c037ff19008ba7c2c0b849a4c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
GqIPFJDkVNH9tDbZW6FzaNP6n5kDgNcC8DZ29DOz7NHE68KjcYPLww==
date
Tue, 24 Dec 2024 02:48:14 GMT
content-type
text/javascript
last-modified
Mon, 16 Dec 2024 11:25:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
x-amz-server-side-encryption
AES256

Redirect headers

location
/internal-cs/default/beacon.js
accept-ch
UA, Platform, Arch, Model, Mobile
via
1.1 5034084c037ff19008ba7c2c0b849a4c.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
EIKu21Qn-IIvKyXb6GQN3mC-aWLBqIX0mOo9bFHlQ1OwjWc0OeuS9Q==
date
Tue, 24 Dec 2024 14:56:24 GMT
x-amz-cf-pop
FRA56-P11
grumi.js
rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/ Frame 0111
272 KB
0
Script
General
Full URL
https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:4c00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dab5c4526911c4ee6e7ecf0d771bd7ec1f5de3c3fd64bf6d29c365bb8042d321

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
x-amz-version-id
yWoG6kjiOBp7wWEwjyUJKWKu_.G3a7jH
etag
W/"9304ae790bb9499f630097404bcef2ba"
age
2035
x-cache
Hit from cloudfront
x-amz-cf-id
g7phoq_dB-F9MqCr7BQ1IIYFpXH1qG_XXfw5ssmnf3w7WJkYPC6YkQ==
date
Tue, 24 Dec 2024 14:22:29 GMT
content-type
text/javascript
vary
accept-encoding
last-modified
Tue, 24 Dec 2024 14:05:31 GMT
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin
*
via
1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
server
AmazonS3
x-amz-server-side-encryption
AES256
country
api.btloader.com/
37 B
153 B
Fetch
General
Full URL
https://api.btloader.com/country?o=6278260873756672
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
8e0e0f506d8f94c856384cbdee410bbfc39ab15a412bde29a4b398e922c3eea6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
date
Tue, 24 Dec 2024 14:56:24 GMT
content-type
application/json
vary
Origin
pv
api.btloader.com/
0
128 B
XHR
General
Full URL
https://api.btloader.com/pv?tid=zwtM62Ooe-P6qgT1V6o-93f92b4bbb&w=5711302939901952&o=6278260873756672&cv=2.1.67&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.moxfield.com%2Fbookmarks%2FDAg4X&sid=NMkIcbwDf-xJHMHFJn-93f92b4bbb&pm=true&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

via
1.1 google
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 14:56:24 GMT
vary
Origin
6365.27135ccae61e6661add1.css
assets.moxfield.net/assets/assets/
122 B
593 B
Stylesheet
General
Full URL
https://assets.moxfield.net/assets/assets/6365.27135ccae61e6661add1.css
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f636ad0bd27ac4a8a964ffed940e5537ab7dae8f19c42d30ba464b39a69737a1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

content-md5
Jrh3KTyQZ9bYdE6F//gUlw==
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
4710
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IKQCMFkcrcbyxMU10qH3YWn1%2FM8QxmuFwNSw1QogbFru2j2xTG9Yxx7alhBEZKwsZyLUyw%2FAy46mPmuuUwHSeJDp98XR4vS2r89Rz%2BUbyat81QmrUHzo0RprRDABgCCJ0eqG%2FJ4tS7z2Cht6GlH2tjZR"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=29932&min_rtt=28158&rtt_var=2912&sent=728&recv=371&lost=0&retrans=0&sent_bytes=913286&recv_bytes=2958&delivery_rate=11305540&cwnd=755&unsent_bytes=0&cid=ad70d3af0e98e211&ts=628&x=0"
date
Tue, 24 Dec 2024 14:56:24 GMT
content-type
text/css
last-modified
Fri, 20 Dec 2024 17:57:32 GMT
vary
Origin, Accept-Encoding
cache-control
max-age=691200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ms-request-id
1259cebd-501e-0020-4726-5365b4000000
cf-ray
8f71701a8f79543a-TLL
x-ms-blob-type
BlockBlob
server
cloudflare
6365.2b9632fad01f5ebaeaff.js
assets.moxfield.net/assets/assets/
29 KB
9 KB
Script
General
Full URL
https://assets.moxfield.net/assets/assets/6365.2b9632fad01f5ebaeaff.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41f260bf44dae0b0ddaa8884a2a56846bb07dcc9785ceef96227c1ff2923e147

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

content-md5
TfEy96NFxMtnCIR6i+vQRw==
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
4710
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LHhKpc1KUSPHEa2K3YnAUvhQVqdpBomO4Npe5m9%2B2QiRJrA89GCjIKo1pYmeZqsP4GZoAGs%2FL0D7LvrF0MhKyHG8hL%2F84qV7B7XDWIBxhDbBwjoyL9mSMqLmY7ouQ8%2BgXzx66qYKHwsFwg0bf%2FmkOUM0"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=29932&min_rtt=28158&rtt_var=2912&sent=713&recv=370&lost=0&retrans=0&sent_bytes=898903&recv_bytes=2922&delivery_rate=11305540&cwnd=755&unsent_bytes=0&cid=ad70d3af0e98e211&ts=614&x=0"
date
Tue, 24 Dec 2024 14:56:24 GMT
content-type
application/x-javascript
last-modified
Fri, 20 Dec 2024 17:57:32 GMT
vary
Origin, Accept-Encoding
cache-control
max-age=691200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ms-request-id
11fd33df-801e-00e8-2926-538785000000
cf-ray
8f71701a8f7c543a-TLL
x-ms-blob-type
BlockBlob
server
cloudflare
logo-text-color.svg
assets.moxfield.net/assets/images/
10 KB
4 KB
Image
General
Full URL
https://assets.moxfield.net/assets/images/logo-text-color.svg
Requested by
Host: www.moxfield.com
URL: https://www.moxfield.com/bookmarks/DAg4X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91aaef966cd9b8d4992ff63269ab55cd8e09a191fbb0796f0f3e8ba5d87f3eee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

content-md5
JEr/ZNWJABNnQkMzd/UQTQ==
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
1077
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=770svha%2BfyUzQ8D9TKyV9Q2ihRclUSz4EDlDxHfbQHiCwH%2BN6Yi4KE6dbPQHpoJinnptHJ%2F6VFRe8xRem%2FCR4wvjCo8FRMaP%2FBPG5a53Q039txBI%2F1gkMRj4b%2FacTuXdVhAbRrGzFK8WxO08INqB3QGk"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=29932&min_rtt=28158&rtt_var=2912&sent=722&recv=371&lost=0&retrans=0&sent_bytes=908659&recv_bytes=2958&delivery_rate=11305540&cwnd=755&unsent_bytes=0&cid=ad70d3af0e98e211&ts=615&x=0"
date
Tue, 24 Dec 2024 14:56:24 GMT
content-type
image/svg+xml
last-modified
Fri, 20 Dec 2024 17:57:34 GMT
vary
Origin, Accept-Encoding
cache-control
max-age=691200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ms-request-id
30a66d13-d01e-00b8-2913-5345d5000000
cf-ray
8f71701a9f7f543a-TLL
x-ms-blob-type
BlockBlob
server
cloudflare
kickbacks
api2.moxfield.com/v1/affiliates/tcgplayer/
0
244 B
XHR
General
Full URL
https://api2.moxfield.com/v1/affiliates/tcgplayer/kickbacks
Requested by
Host: assets.moxfield.net
URL: https://assets.moxfield.net/assets/assets/4192.eb9b45e9f6178b1b00cf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Authorization
Bearer undefined
Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
x-moxfield-version
2024.12.20.2

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-expose-headers
ETag,X-Deck-Version,X-Public-Deck-ID,X-Deck-Has-Changed,x-moxfield-version
cache-control
public, max-age=14400
cf-cache-status
HIT
age
9760
access-control-allow-credentials
true
x-content-type-options
nosniff
request-context
appId=cid-v1:c8984016-78b2-499d-b263-0a8e085fe0a6
cf-ray
8f71701c18588dab-HEL
access-control-allow-origin
https://www.moxfield.com
date
Tue, 24 Dec 2024 14:56:24 GMT
x-xss-protection
1; mode=block
vary
Origin, Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
kickbacks
api2.moxfield.com/v1/affiliates/tcgplayer/ Frame
0
0
Preflight
General
Full URL
https://api2.moxfield.com/v1/affiliates/tcgplayer/kickbacks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4599 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-moxfield-version
Access-Control-Request-Method
GET
Origin
https://www.moxfield.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,x-moxfield-version
access-control-allow-methods
GET
access-control-allow-origin
https://www.moxfield.com
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
8f71701b0fc18d52-HEL
date
Tue, 24 Dec 2024 14:56:24 GMT
request-context
appId=cid-v1:c8984016-78b2-499d-b263-0a8e085fe0a6
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
spt
tg1.aniview.com/api/adserver/
25 KB
9 KB
Script
General
Full URL
https://tg1.aniview.com/api/adserver/spt?AV_TAGID=66868d7d01e9d63094010a1a&AV_PUBLISHERID=668563324e846922350280ba
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:f96::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
b59414d391354c59f30e17af3e40be8037e0b17a5fe701c10f37a85c4c88c1b4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

Access-Control-Max-Age
1728000
Content-Encoding
gzip
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Critical-CH
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Expires
Tue, 24 Dec 2024 15:01:24 GMT
Date
Tue, 24 Dec 2024 14:56:24 GMT
x-bamboo-c-s
BYPASS
Content-Type
text/javascript; charset=utf-8
Vary
Accept-Encoding, Origin
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
x-bamboo-c-skst
1
Cache-Control
max-age=300
Accept-CH
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-bamboo-c-skfe
1
Connection
keep-alive
Access-Control-Allow-Credentials
false
Access-Control-Allow-Origin
*
Content-Length
8142
da657530-03e5-4306-95bc-d4eb370426c9
config.aps.amazon-adsystem.com/configs/
563 B
830 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/da657530-03e5-4306-95bc-d4eb370426c9
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-123.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
578322b6d4101b16a8e8f582cb682044b8d0956d7ac6c2700ef3928d89a5cf18

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

cache-control
max-age=3600
age
1556
via
1.1 1eee8db55908814c8f0cde754e3bee5a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
563
x-amz-cf-id
3sBhOrLEYozkWmYKFtpX1eNf5uHxvK8jXEu6s-a_aIO7jAqNUnmu-A==
date
Tue, 24 Dec 2024 14:30:28 GMT
content-type
application/javascript
x-amz-cf-pop
FRA56-P8
server
CloudFront
config
c.amazon-adsystem.com/cdn/prod/
2 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.moxfield.com&pubid=da657530-03e5-4306-95bc-d4eb370426c9
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-93.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d020277623753291ec7dc9117a3bd705aec0c0453f2dc0af9d6514d13385e99a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

cache-control
max-age=21550, s-maxage=21600
age
13528
access-control-allow-credentials
true
via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.moxfield.com
x-cache
Hit from cloudfront
content-length
2491
x-amz-cf-id
_TuPDZZSqRMIwYE86ztsqVv-KYL0UIjmuaChbuCQAbgevNQFvoC7OQ==
date
Tue, 24 Dec 2024 11:10:56 GMT
content-type
application/json;charset=UTF-8
x-amz-cf-pop
FRA56-P6
server
Server
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-93.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag
W/"a4d296427fc806b21335359e398c025c"
age
44344
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
GI3SpjqixUL6qq4Aw-i5RWgUgPjoeUkVOKuawaKRmhTi_PYTizWFyQ==
date
Tue, 24 Dec 2024 02:37:21 GMT
content-type
application/javascript
vary
Origin,accept-encoding
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
cache-control
public, max-age=86400
via
1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/
492 KB
153 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

content-encoding
br
etag
5395541545685299795
age
51899
x-content-type-options
nosniff
expires
Wed, 24 Dec 2025 00:31:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 24 Dec 2024 00:31:25 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
156760
x-xss-protection
0
server
cafe
DAg4X
api2.moxfield.com/v1/bookmarks/ Frame
0
0
Preflight
General
Full URL
https://api2.moxfield.com/v1/bookmarks/DAg4X?decksPageSize=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4599 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-moxfield-version
Access-Control-Request-Method
GET
Origin
https://www.moxfield.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,x-moxfield-version
access-control-allow-methods
GET
access-control-allow-origin
https://www.moxfield.com
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
8f71701b0fc28d52-HEL
date
Tue, 24 Dec 2024 14:56:25 GMT
request-context
appId=cid-v1:c8984016-78b2-499d-b263-0a8e085fe0a6
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
bid
aax.amazon-adsystem.com/e/dtb/
23 B
377 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.moxfield.com%2Fbookmarks%2FDAg4X&pid=yGzkpdgqohrr7&cb=0&ws=1600x1200&v=24.1212.711&t=2200&slots=%5B%7B%22sd%22%3A%22bookmark-floating-ad-desktop%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F308365556%2C22646263980%2Fnitro-banner%2Fnitro-banner-546%2Fbookmark-floating-ad-desktop%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%2C%22adRefresh%22%3A%221%22%7D&schain=1.0%2C1%21nitropay.com%2C502%2C1%2C%2C%2C&gpp_sid=%5B2%5D&pubid=da657530-03e5-4306-95bc-d4eb370426c9&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.21.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-21-227.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 1332d04637e8e8783a277613082f94d8.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.moxfield.com
x-cache
Miss from cloudfront
content-length
43
x-amz-cf-id
uMUdznn51tTBlLUtDmrmOgwMAl1JJS3RfbWtBHoguMsf2EaIv4VLXA==
date
Tue, 24 Dec 2024 14:56:24 GMT
content-type
text/javascript;charset=UTF-8
x-amz-cf-pop
FRA56-P11
server
Server
DAg4X
api2.moxfield.com/v1/bookmarks/
1 KB
879 B
XHR
General
Full URL
https://api2.moxfield.com/v1/bookmarks/DAg4X?decksPageSize=101
Requested by
Host: assets.moxfield.net
URL: https://assets.moxfield.net/assets/assets/4192.eb9b45e9f6178b1b00cf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b8db3882d5fc2f7682824b392aee0939862301faa8e4c8275890e63f0a2414b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Authorization
Bearer undefined
Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
x-moxfield-version
2024.12.20.2

Response headers

access-control-expose-headers
ETag,X-Deck-Version,X-Public-Deck-ID,X-Deck-Has-Changed,x-moxfield-version
content-encoding
br
cf-cache-status
BYPASS
x-content-type-options
nosniff
date
Tue, 24 Dec 2024 14:56:25 GMT
content-type
application/json; charset=utf-8
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-store
access-control-allow-credentials
true
request-context
appId=cid-v1:c8984016-78b2-499d-b263-0a8e085fe0a6
cf-ray
8f71701e0a388dab-HEL
access-control-allow-origin
https://www.moxfield.com
x-xss-protection
1; mode=block
server
cloudflare
openrtb2
a.nitropay.com/v4/
57 B
283 B
Fetch
General
Full URL
https://a.nitropay.com/v4/openrtb2
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-546.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.144.244.35.bc.googleusercontent.com
Software
/
Resource Hash
42f99830e9df9bbbf51b0b0ea35a5144d876b9d218f3d047e34ef3da2e880036

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.moxfield.com/

Response headers

cache-control
max-age:0, private, no-store, no-cache
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.moxfield.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57
date
Tue, 24 Dec 2024 14:56:24 GMT
content-type
application/json
last-modified
Tue, 24 Dec 2024 14:56:24 GMT
vary
Origin
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/
63 KB
22 KB
Other
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/gpt
Requested by
Host: www.moxfield.com
URL: https://www.moxfield.com/bookmarks/DAg4X
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
4443559573512225521
age
51358
x-content-type-options
nosniff
expires
Wed, 25 Dec 2024 00:40:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 24 Dec 2024 00:40:26 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
22952
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202412050101"
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/
54 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.209.22.22 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-22-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"d734-5f2f3919e751f-gzip"
expires
Tue, 24 Dec 2024 15:11:24 GMT
accept-ranges
bytes
content-length
17407
date
Tue, 24 Dec 2024 14:56:24 GMT
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
sync.min.js
tags.crwdcntrl.net/lt/c/16576/
43 KB
13 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-104.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5fdea6bcb7b7dc4aabe9e409df609b922dde30401ccf5c25f0f384f7e8c43b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"6016bf24a16f4d1d8384c5f7f11c49fb"
age
29778
via
1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
3tnoJdeqiN8LFnNtPyZG-i7hn8Psu-YEoYyhtOVs9-ahJwV81Xjz5w==
date
Tue, 24 Dec 2024 06:40:07 GMT
content-type
text/javascript
last-modified
Tue, 20 Aug 2024 18:47:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
720
a.ad.gt/api/v1/u/matches/
Redirect Chain
  • https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.moxfield.com%2Fbookmarks%2FDAg4X&ref=&_it=amazon&partner_id=720
  • https://a.ad.gt/api/v1/u/matches/720?_it=nitro
11 B
171 B
Script
General
Full URL
https://a.ad.gt/api/v1/u/matches/720?_it=nitro
Requested by
Host: www.moxfield.com
URL: https://www.moxfield.com/bookmarks/DAg4X
Protocol
H2
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a73f5986eb985871284e6e216372de3505634a97229de643216728d0fbfd6227

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

cf-ray
8f71701c3ff98ddb-HEL
content-length
11
cf-cache-status
DYNAMIC
date
Tue, 24 Dec 2024 14:56:25 GMT
content-type
application/javascript
cross-origin-resource-policy
cross-origin
server
cloudflare

Redirect headers

cache-control
max-age=3600
location
https://a.ad.gt/api/v1/u/matches/720?_it=nitro
cf-ray
8f71701b8a4c8d89-HEL
expires
Tue, 24 Dec 2024 15:56:24 GMT
content-length
167
date
Tue, 24 Dec 2024 14:56:24 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
id5-api.js
cdn.id5-sync.com/api/1.0/
100 KB
29 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04c7f536471e1a16bb37c13fb4959de30d7e897ba4f6d66335b3c25d26289616
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

x-amz-id-2
uQCgSqHAwZPeMtyEoK24DXeqex+MA9r7WN0CbBVqMU+YGHRX0ZCCoCvrQmNDavvhpTKaBK5Y0nY=
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=3600
content-encoding
br
cf-cache-status
HIT
etag
W/"4d852428cba0ba1a5108520745060d6e"
age
3293
x-amz-request-id
9WEQF2C5VFZ2015W
cf-ray
8f71701b8cf64c87-HEL
date
Tue, 24 Dec 2024 14:56:24 GMT
content-type
text/javascript;charset=utf-8
last-modified
Wed, 04 Dec 2024 13:37:28 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-server-side-encryption
AES256
lang.png
s.nitropay.com/cmp/
2 KB
2 KB
Image
General
Full URL
https://s.nitropay.com/cmp/lang.png
Requested by
Host: www.moxfield.com
URL: https://www.moxfield.com/bookmarks/DAg4X
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eda5ec1c59939f001bdc15f557f3a905110aac0a60afc5a1eb92d8cdc2d2cbb5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=7x+tRA==, md5=ygcqOWX0miwkLEXVNRY6Uw==
cf-cache-status
HIT
etag
"ca072a3965f49a2c242c45d535163a53"
age
2115
x-goog-stored-content-encoding
identity
expires
Tue, 24 Dec 2024 14:37:41 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
1887
server-timing
cfExtPri
date
Tue, 24 Dec 2024 14:56:24 GMT
content-type
image/png
last-modified
Fri, 21 Oct 2022 09:20:58 GMT
vary
Accept-Encoding
priority
u=3,i
x-guploader-uploadid
AFiumC5wnqm8h7MipuaeQK--60HAK2_5aLLgGbYcSYm64PShsRrhbTi3v-tkR8sQ9NybGBg
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
public, max-age=3600
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8f71701b8ffd82d0-ARN
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1666344058779792
content-length
1887
server
cloudflare
cancel.png
s.nitropay.com/cmp/
1 KB
2 KB
Image
General
Full URL
https://s.nitropay.com/cmp/cancel.png
Requested by
Host: www.moxfield.com
URL: https://www.moxfield.com/bookmarks/DAg4X
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89863d0411e5273c7c2befe50bceeab57034e26b5df8751cc13c3bd78c73511d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=QrhBNA==, md5=xwey1QGlO8LGbpjk5cq++w==
cf-cache-status
HIT
etag
"c707b2d501a53bc2c66e98e4e5cabefb"
age
2423
x-goog-stored-content-encoding
identity
expires
Tue, 24 Dec 2024 15:03:38 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
1302
server-timing
cfExtPri
date
Tue, 24 Dec 2024 14:56:24 GMT
content-type
image/png
last-modified
Fri, 21 Oct 2022 09:20:58 GMT
vary
Accept-Encoding
priority
u=3,i
x-guploader-uploadid
AFiumC5fC9M8kfj4GsWj1FBV3rOeza6vTDAVf-RdZlstHava47UZNVB6T26d5qseVANfYuLO
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
public, max-age=3600
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8f71701b880082d0-ARN
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1666344058825998
content-length
1302
server
cloudflare
logo.png
s.nitropay.com/cmp/
3 KB
3 KB
Image
General
Full URL
https://s.nitropay.com/cmp/logo.png
Requested by
Host: www.moxfield.com
URL: https://www.moxfield.com/bookmarks/DAg4X
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d8fea63a817b75ec9bfbc153b60b576dd31392e4d2afbec0d83cc813f8aca4d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=naGVVg==, md5=lAqluB6Zu7dBSsxHSom62Q==
cf-cache-status
HIT
etag
"940aa5b81e99bbb7414acc474a89bad9"
age
2423
x-goog-stored-content-encoding
identity
expires
Tue, 24 Dec 2024 15:03:35 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
2592
server-timing
cfExtPri
date
Tue, 24 Dec 2024 14:56:24 GMT
content-type
image/png
last-modified
Fri, 21 Oct 2022 09:20:58 GMT
vary
Accept-Encoding
priority
u=3,i
x-guploader-uploadid
AFiumC7tIxQDq5W0PoG0J64JUrdHI3PMVsa_gXPfzoOVhRHZr7BR1pX1tHc4XAVVQALwOUIXbWcX6n0
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
public, max-age=3600
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8f71701b880182d0-ARN
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1666344058842900
content-length
2592
server
cloudflare
player.js
player.aniview.com/script/6.1/
47 KB
17 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/player.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d32 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
UploadServer /
Resource Hash
d91f6b6e3cdac94583047dde80661ad8ea41516fcb692bc505bda70df8c1bb0d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

x-goog-metageneration
2
Access-Control-Expose-Headers
Content-Type
Content-Encoding
gzip
x-goog-hash
crc32c=0QVnag==, md5=oErJSPD3gnfDUWjGtBDEIw==
ETag
"a04ac948f0f78277c35168c6b410c423"
x-goog-stored-content-encoding
gzip
Expires
Tue, 24 Dec 2024 15:11:25 GMT
Alt-Svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
x-goog-stored-content-length
16483
Date
Tue, 24 Dec 2024 14:56:25 GMT
Last-Modified
Tue, 24 Dec 2024 10:03:00 GMT
Content-Type
text/javascript; charset=UTF-8
Vary
Accept-Encoding
X-GUploader-UploadID
AFiumC4qWRSG42nkKmcKhniSXe-k5Eh7T2bTuZOT4ATX4DLnv6HUyB2CZvQ_2Qley4rKK0HxNE532a8
Cache-Control
public, no-transform, max-age=900
x-goog-storage-class
MULTI_REGIONAL
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
x-goog-generation
1735034579883463
Content-Length
16483
Server
UploadServer
track
track1.aniview.com/
0
169 B
Image
General
Full URL
https://track1.aniview.com/track?pid=668563324e846922350280ba&cid=66ccc2bcd354924ef9054f6a&cb=1735052184931&r=www.moxfield.com&stagid=66868d7d01e9d63094010a1a&stplid=66b230d5c2f312d5a20a07f5&d35=&d65=Limit&d74=&cd15=1.0,1!nitropay.com,502,1,,,&e=playerLoaded
Requested by
Host: www.moxfield.com
URL: https://www.moxfield.com/bookmarks/DAg4X
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.75 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443";ma=60;
content-length
0
date
Tue, 24 Dec 2024 14:56:25 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame 848F
512 KB
150 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=668563324e846922350280ba
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.48.23.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-48-23-146.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
ba3ad6d0cb1029bc6cabf590dd0427ae5c2b783eeee263bc9c19b9716e0b26d1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

x-goog-metageneration
2
access-control-expose-headers
Content-Type
content-encoding
gzip
x-goog-hash
crc32c=tIG6Rg==, md5=GIVndLJmVXPdAFXa/TVYPw==
etag
"18856774b2665573dd0055dafd35583f"
x-goog-stored-content-encoding
gzip
expires
Tue, 24 Dec 2024 15:11:25 GMT
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
x-goog-stored-content-length
153149
date
Tue, 24 Dec 2024 14:56:25 GMT
last-modified
Tue, 24 Dec 2024 10:02:59 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
x-guploader-uploadid
AFiumC6YUAmZN32DCVBAbJf5E6caX5G1zFR6QLXlSly_Cla0NTSmBMfR5BPOYtMWKD61nVjGG1likgA
cache-control
public, no-transform, max-age=900
x-goog-storage-class
MULTI_REGIONAL
quic-version
0x00000001
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1735034579583549
content-length
153149
server
UploadServer
favicon.png
www.moxfield.com/
12 KB
12 KB
Other
General
Full URL
https://www.moxfield.com/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e1696a25ea7946f93e5ca4d863bc08af54a16556d70cc817dee786855498b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/bookmarks/DAg4X

Response headers

cf-cache-status
HIT
etag
"1db53086fe9fd70"
age
5899
x-content-type-options
nosniff
date
Tue, 24 Dec 2024 14:56:25 GMT
content-type
image/png
last-modified
Fri, 20 Dec 2024 17:56:04 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, maxage=604800
request-context
appId=cid-v1:de7d4d73-85ba-4f63-978f-015ef62a30fc
cf-ray
8f71701e5aac8dab-HEL
accept-ranges
bytes
content-length
12144
x-xss-protection
1; mode=block
server
cloudflare
truncated
/
325 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2406e05a30a7a5d4afe4e7154f3cfa0b859de69aca0b52c88eae016f0ca1075

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
188 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d20dea610374d5b75fe0cb449547b7baca6cd1bb208470d611c5d4aa813b14c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
563 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cccd640af41311c5d52a0476a1f77871eb641f656debe61b7633b18f1f08914f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
232 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0e9d2c8804c5f50dfc4d7a47d68efcf5a3d0fb5e767e3063afeb00c433269f9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
519 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
169791ea5804a9c7773b124ae0c885a3f2bad84c7c8b95030f88ce62b2847c09

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
224 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e96aa7c60bb144fee6bbdbcc58f8b542df774635705f3b3f1211a706b3516bfa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
298 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50c0ea7ceb2b05fbe02cca179251172ec934ba72135db7373bffe1bae65f1795

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
396 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f60178c8f7a28dd726bff7719a9cc0a31d099e3a7240000bcf33efcc8a97cf0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml;charset=utf-8
/
go1.aniview.com/api/adserver/tag/
17 KB
5 KB
XHR
General
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_TAGID=66868d7d01e9d63094010a1a&AV_PUBLISHERID=668563324e846922350280ba&AV_CDIM15=1.0%2C1!nitropay.com%2C502%2C1%2C%2C%2C&AV_SCHAIN=1.0%2C1!nitropay.com%2C502%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=fi&AV_URL=https%3A%2F%2Fwww.moxfield.com%2Fbookmarks%2FDAg4X&AV_CHANNELID=66ccc2bcd354924ef9054f6a&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=0&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=www.moxfield.com&AV_DADPOS=1&AV_TAG=66868d7d01e9d63094010a1a&AV_TEMPLATE=66b230d5c2f312d5a20a07f5&AV_GPID=%2F308365556%2C22646263980%2Fnitro-banner%2Fnitro-banner-546&d36=6.3.27&responsive=1&sver=5&avtoken=185489&omv=1.0.1&AV_D65=Limit&clsid=f6da25ca-cd2d-4c78-82f8-081a714aa9f5&rando=24&rando1=64&rando2=80&scnt=1&AV_WIDTH=300&AV_HEIGHT=169&AV_GPP=DBABM~CQKI78AQKI78ADyvUAENBUFAAAAAAAAAACiQAAAAAAAA.IAAA&AV_GPP_SID=2&AV_CCPA=1---&AV_DNT=0&cb=1735052185491&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=668563324e846922350280ba
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.81 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
22e3bbb643e7de43a064a67d25dddfdb1cd8b9f67b6aff3dab8bd840ace487f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

access-control-max-age
1728000
content-encoding
gzip
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
critical-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
expires
Fri, 13 Dec 2024 01:09:45 GMT
alt-svc
h3=":443";ma=60;
date
Tue, 24 Dec 2024 14:56:25 GMT
x-bamboo-c-s
BYPASS
content-type
application/json
vary
Accept-Encoding
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
x-bamboo-c-skst
1
cache-control
no-cache
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-bamboo-c-skfe
1
access-control-allow-credentials
true
access-control-allow-origin
https://www.moxfield.com
track
track1.aniview.com/
0
168 B
Image
General
Full URL
https://track1.aniview.com/track?r=www.moxfield.com&sn=&cd15=1.0%2C1!nitropay.com%2C502%2C1%2C%2C%2C&ic=0&tgt=0&app=&wi=300&he=169&test=&d36=6.3.27&apppkg=&fv=1&proto=https&d65=Limit&clsid=f6da25ca-cd2d-4c78-82f8-081a714aa9f5&rando=24&rando1=64&rando2=80&scnt=1&pid=668563324e846922350280ba&cid=66ccc2bcd354924ef9054f6a&stagid=66868d7d01e9d63094010a1a&stplid=66b230d5c2f312d5a20a07f5&e=inventory&vi=47&plt=4&cb=1735052185490
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.75 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443";ma=60;
content-length
0
date
Tue, 24 Dec 2024 14:56:25 GMT
fa-light-300.woff2
assets.moxfield.net/assets/fonts/
454 KB
456 KB
Font
General
Full URL
https://assets.moxfield.net/assets/fonts/fa-light-300.woff2
Requested by
Host: assets.moxfield.net
URL: https://assets.moxfield.net/assets/assets/moxfield.160b9715ef46a0deb457.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3399f85c79b313331ec6a4030239806258808425eaf137b9f7425caedaae444

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.moxfield.com
Referer
https://assets.moxfield.net/assets/assets/moxfield.160b9715ef46a0deb457.css

Response headers

content-md5
zDA3vTVk7SQUjUSd12Xe+g==
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DD211FC7F2CA86
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bgc3TJsbtOb3%2FfpzsphduBANPQ6t09lhajNrZ7ilMrJD01Q8FV8lflEY17nKzuTBs9NE3TIDeFAp%2BUguA%2FuY%2BWSrwLHlvAS5XdceLozahMP3f%2FfuRXf3YKDiQLGxXcZ4zTIAYcJlWdgkmjMFS7LGy%2B00"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=28156&min_rtt=28100&rtt_var=4492&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3904&recv_bytes=2255&delivery_rate=143267&cwnd=254&unsent_bytes=0&cid=a06d8061033c9a7b&ts=153&x=0"
date
Tue, 24 Dec 2024 14:56:25 GMT
content-type
font/woff2
last-modified
Fri, 20 Dec 2024 17:57:33 GMT
vary
Origin, Accept-Encoding
cache-control
max-age=691200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
x-ms-request-id
74111a0b-801e-000c-4f0c-53891b000000
cf-ray
8f7170202d61c7e7-TLL
accept-ranges
bytes
access-control-allow-origin
https://www.moxfield.com
content-length
465352
x-ms-blob-type
BlockBlob
server
cloudflare
empty-profile.png
assets.moxfield.net/assets/images/
6 KB
7 KB
Image
General
Full URL
https://assets.moxfield.net/assets/images/empty-profile.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec2e15f257bac5ada1e94000bd49bf83acfa1e4aa1167ff488963b54f72158fa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

content-md5
2j6V45ZwqGcJt3p3OhkiYA==
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DD211FC83A7F5B
age
6954
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=inBEgGYkOcCI9iCbEMNYULqVZg6VP%2Fop%2BisP%2BnBYXLKuPHxyN2P6iY4tTUMfWhaRRF9JwAtiSyG1n9olzcUdVp3aGa41cTphxtJaUi2qbFcJydvPAxFfX8Eh%2BJrMgjUu2kWgg1FVSbfHeTxwriKMDaOh"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=35311&min_rtt=28158&rtt_var=12431&sent=732&recv=382&lost=0&retrans=0&sent_bytes=913945&recv_bytes=3103&delivery_rate=11305540&cwnd=755&unsent_bytes=0&cid=ad70d3af0e98e211&ts=1449&x=0"
date
Tue, 24 Dec 2024 14:56:25 GMT
content-type
image/png
last-modified
Fri, 20 Dec 2024 17:57:34 GMT
vary
Origin, Accept-Encoding
cache-control
max-age=691200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ms-request-id
6a5c6c31-901e-0010-2016-53db7b000000
cf-ray
8f71701fcd79543a-TLL
accept-ranges
bytes
content-length
6489
x-ms-blob-type
BlockBlob
server
cloudflare
playedh-logo.png
assets.moxfield.net/assets/images/
55 KB
55 KB
Image
General
Full URL
https://assets.moxfield.net/assets/images/playedh-logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c70a7009d49f10d81cfa541af9c57b470664e1cc6514b35e8a5479d21a10c3ad

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

content-md5
mNg7jspNNjBqnduv+cR6MQ==
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DD211FC793D754
age
256
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ToDG2zr4W%2BzadpgOD1U6A56WWLt5YrfKKi5U05fuI8JUqrV0YAkQexul%2BITRvUQOShFVHPA%2BDPffvG3Rlh2MaX0hM4fnhDFKjZeFGjQemVUp%2BPVnB4uiUTH8cVQWYOaF0WOpgeOCwZb%2FeANe9lw42Ht8"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=35311&min_rtt=28158&rtt_var=12431&sent=739&recv=382&lost=0&retrans=0&sent_bytes=921242&recv_bytes=3103&delivery_rate=11305540&cwnd=755&unsent_bytes=0&cid=ad70d3af0e98e211&ts=1450&x=0"
date
Tue, 24 Dec 2024 14:56:25 GMT
content-type
image/png
last-modified
Fri, 20 Dec 2024 17:57:33 GMT
vary
Origin, Accept-Encoding
cache-control
max-age=691200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ms-request-id
e421ea13-c01e-0032-2919-531e64000000
cf-ray
8f71701fcd7b543a-TLL
accept-ranges
bytes
content-length
56150
x-ms-blob-type
BlockBlob
server
cloudflare
usync.html
eus.rubiconproject.com/ Frame 7FC2
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
0
0
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=668563324e846922350280ba
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.4.62 (Debian) /
Resource Hash

Request headers

Referer
https://www.moxfield.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html
date
Tue, 24 Dec 2024 14:56:26 GMT
etag
"10d-629840acea280-gzip"
last-modified
Wed, 18 Dec 2024 04:42:34 GMT
server
Apache/2.4.62 (Debian)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 24 Dec 2024 14:56:26 GMT
location
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
server
AkamaiGHost
avpb9.16.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 848F
382 KB
118 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb9.16.0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=668563324e846922350280ba
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.48.23.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-48-23-146.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
8b2fee0f50397d35558580f390045807ad9071b8fb351b30c5950b883fda1a40

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

x-goog-metageneration
2
access-control-expose-headers
Content-Type
content-encoding
gzip
x-goog-hash
crc32c=/Csg0A==, md5=Rs2O9K0/ctcqGbtzBrX5qw==
etag
"46cd8ef4ad3f72d72a19bb7306b5f9ab"
x-goog-stored-content-encoding
gzip
expires
Tue, 24 Dec 2024 15:11:25 GMT
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
x-goog-stored-content-length
121077
date
Tue, 24 Dec 2024 14:56:25 GMT
last-modified
Tue, 24 Dec 2024 10:03:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
x-guploader-uploadid
AFiumC5nXyBRnINg5SsAcfksdOBA_RsDO69zhZxL3YKIpMFF0NyRPh0R4deDwOjpc4KjM303Jmc8yyQ
cache-control
public, no-transform, max-age=900
x-goog-storage-class
MULTI_REGIONAL
quic-version
0x00000001
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1735034579930359
content-length
121077
server
UploadServer
avpb9.16.0a3.js
player.aniview.com/script/6.1/libs/prebid/ Frame 848F
65 KB
20 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb9.16.0a3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=668563324e846922350280ba
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.48.23.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-48-23-146.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
7f301c18f632b1636b0a14f6a70518e9c6f8ead3b9d92339281c850f050a8363

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

x-goog-metageneration
2
access-control-expose-headers
Content-Type
content-encoding
gzip
x-goog-hash
crc32c=dVoQFg==, md5=hqzGgsweDBQVKxx+PE9ulw==
etag
"86acc682cc1e0c14152b1c7e3c4f6e97"
x-goog-stored-content-encoding
gzip
expires
Tue, 24 Dec 2024 15:11:25 GMT
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
x-goog-stored-content-length
20098
date
Tue, 24 Dec 2024 14:56:25 GMT
last-modified
Tue, 24 Dec 2024 10:03:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
x-guploader-uploadid
AFiumC71V-NZRskRH_53Gq23eJvxO3Iau6oy1y3KOg-ZHiTgvp_oftJMMXueSD2q9XedTKiLr_tuSXE
cache-control
public, no-transform, max-age=900
x-goog-storage-class
MULTI_REGIONAL
quic-version
0x00000001
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1735034579912283
content-length
20098
server
UploadServer
avpb9.16.0a0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 848F
150 KB
46 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb9.16.0a0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=668563324e846922350280ba
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.48.23.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-48-23-146.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
c1a2ea610494881e10058cec5521f7196626f60dc71a4fb2818c74fe973aef65

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

x-goog-metageneration
2
access-control-expose-headers
Content-Type
content-encoding
gzip
x-goog-hash
crc32c=knieKw==, md5=TJylZrwu4HZeHQloipf7eQ==
etag
"4c9ca566bc2ee0765e1d09688a97fb79"
x-goog-stored-content-encoding
gzip
expires
Tue, 24 Dec 2024 15:11:25 GMT
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
x-goog-stored-content-length
46717
date
Tue, 24 Dec 2024 14:56:25 GMT
last-modified
Tue, 24 Dec 2024 10:03:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
x-guploader-uploadid
AFiumC49_4KjmuBBsTuOcqy150bLd6-_tkQNqryT95crSqBP0NVvYYe0PBnO1GrMDv75K8crogjSSac
cache-control
public, no-transform, max-age=900
x-goog-storage-class
MULTI_REGIONAL
quic-version
0x00000001
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1735034579943901
content-length
46717
server
UploadServer
apstag.js
c.amazon-adsystem.com/aax2/ Frame 3985
347 KB
0
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=668563324e846922350280ba
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-93.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
79da988ee52c362adf55e65369eccdc35fe49ba29e02bbabcb4f3dadc70f0e4c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"e779c2c2d2871f48f4b42842fa74ba90"
age
2790
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront), 1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
Dl_XM0gbtt2-U3FR1OewoHx-AAR-SMoEKdiqjbd3RgKgzDyckO2tmg==
date
Tue, 24 Dec 2024 14:09:55 GMT
content-type
application/javascript
last-modified
Wed, 18 Dec 2024 21:58:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
x-amz-server-side-encryption
AES256
track
track1.aniview.com/
0
168 B
Image
General
Full URL
https://track1.aniview.com/track?avh=435198ee8588b316f171cefc09fc912c99b63a6c66d33134528dc0fbfb40f3ee985a8e14e68911988454fcfd7907a2f8ed8d68ffa9457ab4ca7042aa1573c4f57cb6f7890ad080e60ec2e9aa802de49468b0de7f20772c7a12f3b43c4f4e49ebf24cbdab1396b3b116b48a936cc08131&r=www.moxfield.com&rs=www.moxfield.com&sid=58362&t=1735052185&sn=&tgt=0&osv=&bv=131.0&brn=Chrome&wi=300&he=169&app=&AV_PUBLISHERID=668563324e846922350280ba&test=0&d64=4a9043a9ca751443b8e3ae9c99161c8f&d63=4a9043a9ca751443b8e3ae9c99161c8f&aafaid=&proto=https&uid=1735052185082-172029195185-000222-002-005895&stagid=66868d7d01e9d63094010a1a&stplid=66b230d5c2f312d5a20a07f5&d35=&d36=6.3.27&cb=51150033845481&d39=&d65=Limit&d66=&d74=&d56=&d86=&d87=&d88=&d89=&d90=&d94=0eb2741&apppkg=&cd10=24&cd11=f6da25ca-cd2d-4c78-82f8-081a714aa9f5&cd12=1.0%2C1!nitropay.com%2C502%2C1%2C%2C%2C&cd15=1.0%2C1!nitropay.com%2C502%2C1%2C%2C%2C&d9=1000&d26=0.3&d68=ACC_Sopt_SFopt&d22=668563324e846922350280ba&d24=66ccc2bcd354924ef9054f6a&d37=realtime&d65=_GlobalConfig&AV_WIDTH=300&AV_HEIGHT=169&nid=668563324e846922350280ba&ncid=66ccc2bcd354924ef9054f6a&e=request&cb=1735052185905&plt=4&asid=6758ad946b1647874a01c6fc%2C671014080d8fb66dcd01a2a4%2C67101408f4d3b7dee7007195%2C67101408d4ff0b4e780c867e%2C67101409d4ff0b4e780c867f%2C67101408a8bcc02e100f850b%2C66f19e479c44900ae20ce87b&ofpr=0.3%2C0.3%2C0.3%2C0.3%2C0.3%2C0.3%2C0.3&fpo=%2C%2C%2C%2C%2C%2C&d95=%2C%2C%2C%2C%2C%2C&rcd=%2C%2C%2C%2C%2C%2C&ri=1%2C1%2C1%2C1%2C1%2C1%2C1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.75 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443";ma=60;
content-length
0
date
Tue, 24 Dec 2024 14:56:25 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 3985
6 KB
0
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-93.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag
W/"a4d296427fc806b21335359e398c025c"
age
44344
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
GI3SpjqixUL6qq4Aw-i5RWgUgPjoeUkVOKuawaKRmhTi_PYTizWFyQ==
date
Tue, 24 Dec 2024 02:37:21 GMT
content-type
application/javascript
vary
Origin,accept-encoding
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
cache-control
public, max-age=86400
via
1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
da657530-03e5-4306-95bc-d4eb370426c9
config.aps.amazon-adsystem.com/configs/ Frame 3985
563 B
0
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/da657530-03e5-4306-95bc-d4eb370426c9
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-123.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
578322b6d4101b16a8e8f582cb682044b8d0956d7ac6c2700ef3928d89a5cf18

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

cache-control
max-age=3600
age
1556
via
1.1 1eee8db55908814c8f0cde754e3bee5a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
563
x-amz-cf-id
3sBhOrLEYozkWmYKFtpX1eNf5uHxvK8jXEu6s-a_aIO7jAqNUnmu-A==
date
Tue, 24 Dec 2024 14:30:28 GMT
content-type
application/javascript
x-amz-cf-pop
FRA56-P8
server
CloudFront
config
c.amazon-adsystem.com/cdn/prod/ Frame 3985
2 KB
0
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.moxfield.com&pubid=da657530-03e5-4306-95bc-d4eb370426c9
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-93.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d020277623753291ec7dc9117a3bd705aec0c0453f2dc0af9d6514d13385e99a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

cache-control
max-age=21550, s-maxage=21600
age
13528
access-control-allow-credentials
true
via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.moxfield.com
x-cache
Hit from cloudfront
content-length
2491
x-amz-cf-id
_TuPDZZSqRMIwYE86ztsqVv-KYL0UIjmuaChbuCQAbgevNQFvoC7OQ==
date
Tue, 24 Dec 2024 11:10:56 GMT
content-type
application/json;charset=UTF-8
x-amz-cf-pop
FRA56-P6
server
Server
bid
aax.amazon-adsystem.com/e/dtb/ Frame 3985
23 B
376 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.moxfield.com%2Fbookmarks%2FDAg4X&pid=CWNDZbValxqep&cb=0&ws=1600x1200&v=24.1212.711&t=8000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A30%2C%22id%22%3A%22outstream_skippable_400x300%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1%21nitropay.com%2C502%2C1%2C%2C%2C&pubid=da657530-03e5-4306-95bc-d4eb370426c9&gdpre=1&gdprc=CQKI78AQKI78ADyvUAENBUFAAAAAAAAAACiQAAAAAAAA.IAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.21.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-21-227.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 1332d04637e8e8783a277613082f94d8.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.moxfield.com
x-cache
Miss from cloudfront
content-length
43
x-amz-cf-id
YAVuKN5qFFoFB1czTIphnGKT9KenN7TwblHHzwiaXQxuDthPKievUQ==
date
Tue, 24 Dec 2024 14:56:25 GMT
content-type
text/javascript;charset=UTF-8
x-amz-cf-pop
FRA56-P11
server
Server
bid
aax.amazon-adsystem.com/e/dtb/ Frame 3985
23 B
377 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.moxfield.com%2Fbookmarks%2FDAg4X&pid=CWNDZbValxqep&cb=1&ws=1600x1200&v=24.1212.711&t=8000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A30%2C%22id%22%3A%22Outstream_Floating%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1%21nitropay.com%2C502%2C1%2C%2C%2C&pubid=da657530-03e5-4306-95bc-d4eb370426c9&gdpre=1&gdprc=CQKI78AQKI78ADyvUAENBUFAAAAAAAAAACiQAAAAAAAA.IAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.21.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-21-227.fra56.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 1332d04637e8e8783a277613082f94d8.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.moxfield.com
x-cache
Miss from cloudfront
content-length
43
x-amz-cf-id
0ITNPRfqpOgETrgXER0pQ3ICXkrd_MuDYDAp_4aOR_SVbRlaoZWjlQ==
date
Tue, 24 Dec 2024 14:56:25 GMT
content-type
text/javascript;charset=UTF-8
x-amz-cf-pop
FRA56-P11
server
Server
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 3985
54 KB
0
Script
General
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.moxfield.com
URL: https://www.moxfield.com/bookmarks/DAg4X
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.209.22.22 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-22-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"d734-5f2f3919e751f-gzip"
expires
Tue, 24 Dec 2024 15:11:24 GMT
accept-ranges
bytes
content-length
17407
date
Tue, 24 Dec 2024 14:56:24 GMT
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ Frame 3985
43 KB
0
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: www.moxfield.com
URL: https://www.moxfield.com/bookmarks/DAg4X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-104.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5fdea6bcb7b7dc4aabe9e409df609b922dde30401ccf5c25f0f384f7e8c43b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"6016bf24a16f4d1d8384c5f7f11c49fb"
age
29778
via
1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
3tnoJdeqiN8LFnNtPyZG-i7hn8Psu-YEoYyhtOVs9-ahJwV81Xjz5w==
date
Tue, 24 Dec 2024 06:40:07 GMT
content-type
text/javascript
last-modified
Tue, 20 Aug 2024 18:47:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
720
a.ad.gt/api/v1/u/matches/ Frame 3985
Redirect Chain
  • https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.moxfield.com%2Fbookmarks%2FDAg4X&ref=https%3A%2F%2Fwww.moxfield.com%2Fbookmarks%2FDAg4X&_it=amazon&partner_id=720
  • https://a.ad.gt/api/v1/u/matches/720?_it=nitro
11 B
86 B
Script
General
Full URL
https://a.ad.gt/api/v1/u/matches/720?_it=nitro
Protocol
H2
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a73f5986eb985871284e6e216372de3505634a97229de643216728d0fbfd6227

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

cf-ray
8f7170225e108ddb-HEL
content-length
11
cf-cache-status
DYNAMIC
date
Tue, 24 Dec 2024 14:56:26 GMT
content-type
application/javascript
cross-origin-resource-policy
cross-origin
server
cloudflare

Redirect headers

cache-control
max-age=3600
location
https://a.ad.gt/api/v1/u/matches/720?_it=nitro
cf-ray
8f71702229b48d89-HEL
expires
Tue, 24 Dec 2024 15:56:25 GMT
content-length
167
date
Tue, 24 Dec 2024 14:56:25 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame 3985
100 KB
0
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.moxfield.com
URL: https://www.moxfield.com/bookmarks/DAg4X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04c7f536471e1a16bb37c13fb4959de30d7e897ba4f6d66335b3c25d26289616

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.moxfield.com/

Response headers

x-amz-id-2
uQCgSqHAwZPeMtyEoK24DXeqex+MA9r7WN0CbBVqMU+YGHRX0ZCCoCvrQmNDavvhpTKaBK5Y0nY=
cache-control
public, max-age=3600
content-encoding
br
cf-cache-status
HIT
etag
W/"4d852428cba0ba1a5108520745060d6e"
age
3293
x-amz-request-id
9WEQF2C5VFZ2015W
cf-ray
8f71701b8cf64c87-HEL
date
Tue, 24 Dec 2024 14:56:24 GMT
content-type
text/javascript;charset=utf-8
last-modified
Wed, 04 Dec 2024 13:37:28 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-server-side-encryption
AES256

Verdicts & Comments Add Verdict or Comment

192 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 function| gtag object| dataLayer object| nitroAds object| ads object| nads object| napbjs object| _pbjsGlobals object| prebidEvents object| regeneratorRuntime object| __tcfapi_queue function| __tcfapi object| _comscore object| grumi object| googletag function| __uspapi object| nitroAdsCustomConsents string| nitroAdsPublisherCC object| __gpp_queue object| __gpp_events number| __gpp_lastId function| __gpp object| apstag object| webpackChunkmoxfield object| google_tag_manager object| google_tag_data object| __bt object| __bt_intrnl object| __bt_tag_d function| onYouTubeIframeAPIReady object| gaGlobal object| nitroAdsCMP object| __npcmp_queue function| __npcmp string| __npcmp_geo string| __npcmp_region boolean| __npcmp_init function| __cmp boolean| __npcmp_gdpr function| clearImmediate function| setImmediate object| atsenvelopemodule object| ats object| FontAwesomeConfig object| ___FONT_AWESOME___ function| saveAs object| win object| doc boolean| __bt_already_invoked function| nitroAV66868d7d01e9d63094010a1aConfig function| nitroAV66868d7d01e9d63094010a1a object| _aps boolean| apstagLOADED object| apscustom object| ggeac object| google_js_reporting_queue object| lotame_sync_16576 function| ha object| __id5_finalization_registry object| ID5 object| aniplayerPos object| COMSCORE object| google_reactive_ads_global_state function| lotameIsCompatible function| sync16576_aa function| sync16576_c function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ia object| sync16576_ja object| sync16576_s object| sync16576_B object| sync16576_wa function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_ga function| sync16576_ha function| sync16576_t function| sync16576_v function| sync16576_w function| sync16576_x function| sync16576_ka function| sync16576_la function| sync16576_y function| sync16576_ma function| sync16576_z function| sync16576_A function| sync16576_u function| sync16576_C function| sync16576_na function| sync16576_oa function| sync16576_pa function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_qa function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_K function| sync16576_M function| sync16576_L function| sync16576_N function| sync16576_O function| sync16576_J function| sync16576_ra function| sync16576_sa function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_P function| sync16576_Q function| sync16576_xa function| sync16576_R function| sync16576_ya function| sync16576_za function| sync16576_Aa function| sync16576_S function| sync16576_Ba function| sync16576_Ca function| sync16576_Da function| sync16576_Ea function| sync16576_T function| sync16576_Fa function| sync16576_U function| sync16576_V function| sync16576_W function| sync16576_X function| sync16576_Ga function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_1 function| sync16576_2 function| sync16576_Ha function| sync16576_3 function| sync16576_Ja function| sync16576_Ia function| sync16576_4 function| sync16576_La function| sync16576_Ma function| sync16576_Ka function| sync16576_Na function| sync16576_Qa function| sync16576_Pa function| sync16576_Oa function| sync16576_Sa function| sync16576_Ua function| sync16576_Ra function| sync16576_6 function| sync16576_Ta function| sync16576_Xa function| sync16576_Wa function| sync16576_Va function| sync16576_7 function| sync16576_5 function| sync16576_8 function| sync16576_Ya function| sync16576_Za function| sync16576__a function| sync16576_0a function| sync16576_9 function| sync16576_1a function| sync16576_$ function| sync16576_2a function| sync16576_3a function| sync16576_4a object| PublisherCommonId function| avPlayer object| storageAni

9 Cookies

Domain/Path Name / Value
.www.moxfield.com/ Name: TiPMix
Value: 7.801580912471751
.www.moxfield.com/ Name: x-ms-routing-name
Value: self
.nitropay.com/ Name: __cf_bm
Value: OR9vN_ZFh5IvD6bZfEqxn8_Kx73klvotT5P0aeF2Lvo-1735052184-1.0.1.1-p6FCR52QxzzGgUf3W3apze.F.ZjclfQapmza7_B7M.U4ini.UhZFyGEhsxOvcEhLl_QqlX5pMTqbBHdquWZi2Q
.moxfield.com/ Name: _ga
Value: GA1.1.645135484.1735052185
.moxfield.com/ Name: _ga_BW2XPQDNK2
Value: GS1.1.1735052184.1.0.1735052184.0.0.0
.moxfield.com/ Name: ncmp.domain
Value: moxfield.com
www.moxfield.com/ Name: _lr_geo_location_state
Value: 18
www.moxfield.com/ Name: _lr_geo_location
Value: FI
.aniview.com/ Name: aniC
Value: 1735052185082-172029195185-000222-002-005895

2 Console Messages

Source Level URL
Text
rendering warning URL: https://www.moxfield.com/bookmarks/DAg4X(Line 95)
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0B0CB040C270000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://www.moxfield.com/bookmarks/DAg4X(Line 95)
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A040600B0C270000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
a.nitropay.com
aax.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
api.btloader.com
api2.moxfield.com
assets.moxfield.net
ats-wrapper.privacymanager.io
bt.dns-finder.com
btloader.com
c.amazon-adsystem.com
cdn.hadronid.net
cdn.id5-sync.com
config.aps.amazon-adsystem.com
consent.nitrocnct.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
go1.aniview.com
player.aniview.com
rumcdn.geoedge.be
s.nitropay.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
tags.crwdcntrl.net
tg1.aniview.com
track1.aniview.com
tracker.nitropay.com
wrappers.geoedge.be
www.google-analytics.com
www.googletagmanager.com
www.moxfield.com
104.18.2.78
104.21.64.1
108.138.3.93
13.32.99.35
13.33.187.21
130.211.23.194
142.250.185.130
142.250.185.99
172.217.16.198
172.240.45.75
172.240.45.81
18.244.18.38
18.244.21.227
18.245.31.123
188.114.96.3
2.19.217.60
23.209.22.22
23.48.23.146
23.56.202.187
2600:9000:2491:4c00:4:b37b:9440:93a1
2600:9000:2761:8200:2:d490:4d80:93a1
2606:4700:10::6816:3456
2606:4700:10::6816:35ad
2606:4700:10::6816:4599
2606:4700:10::6816:4ad8
2606:4700:10::6816:545
2606:4700:10::ac43:b57
2606:4700:20::ac43:4513
2606:4700:3030::6815:2001
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2008
2a00:1450:4001:829::200a
2a02:26f0:3500:3::b818:4d32
2a02:26f0:3500:f96::2c79
35.244.144.25
65.9.66.104
006b6d64d07be11c46ecbbff71b2a1a7ed3d408a26687241849ff1bc0d177015
04c7f536471e1a16bb37c13fb4959de30d7e897ba4f6d66335b3c25d26289616
04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
169791ea5804a9c7773b124ae0c885a3f2bad84c7c8b95030f88ce62b2847c09
1b8db3882d5fc2f7682824b392aee0939862301faa8e4c8275890e63f0a2414b
22e3bbb643e7de43a064a67d25dddfdb1cd8b9f67b6aff3dab8bd840ace487f2
22e57d1d37634b32a5edc3504e0fa5b199fa4b55fcf52b3aebf72a1dbec7442d
3827012b39375018c31f797538e8b78fae4f45d5bf7a5ec72fe14ac7268750fe
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
3f6004a6c9021e04ec32ca88df8f9a5785e53da23511f1bf0d56defc1b9759f8
41f260bf44dae0b0ddaa8884a2a56846bb07dcc9785ceef96227c1ff2923e147
42e1696a25ea7946f93e5ca4d863bc08af54a16556d70cc817dee786855498b2
42f99830e9df9bbbf51b0b0ea35a5144d876b9d218f3d047e34ef3da2e880036
436c2dcdb5bc1c1a106f85c5119de1c505a167a8292535f73d901f8d7ed8263c
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
48e858ec8e25d2f1a2b537eb285ee626caff9bcfd3ded8e1f214fa7c6e52aba8
50c0ea7ceb2b05fbe02cca179251172ec934ba72135db7373bffe1bae65f1795
5579410abe667ffed52d08c89fc18cc7a6640f7ad70d1f4ef11e4e12e94c9db0
578322b6d4101b16a8e8f582cb682044b8d0956d7ac6c2700ef3928d89a5cf18
67d29344557b012e78a271b3d5cfc984504493f579d163043bf9c52d0b52b227
68de9947c014ba26a1d48132dc5a94697f4c575972d2944da8e496f5780fd7b2
69a48c2f49d3529d508dae8e6167686b809c35f974637000a8b8f9d549ebede0
6a1aa596dceea97db2a0ac76c0112984ff589b9e5aeed725dfd04032d470ab3b
6d8fea63a817b75ec9bfbc153b60b576dd31392e4d2afbec0d83cc813f8aca4d
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
79da988ee52c362adf55e65369eccdc35fe49ba29e02bbabcb4f3dadc70f0e4c
7f301c18f632b1636b0a14f6a70518e9c6f8ead3b9d92339281c850f050a8363
7facb2eb1211e90abed8358fd8e07c661cd0252c717eb9f404572483f377738b
8027188b7e33b80a996112698bc4b25a7f0356f35932fbd0692b485c3de56ab3
8552e7621c736a1c587a3901ac41a9429b65e2be5afc2ad3a4ed866417b6b7e2
89863d0411e5273c7c2befe50bceeab57034e26b5df8751cc13c3bd78c73511d
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8b2fee0f50397d35558580f390045807ad9071b8fb351b30c5950b883fda1a40
8e0e0f506d8f94c856384cbdee410bbfc39ab15a412bde29a4b398e922c3eea6
8f60178c8f7a28dd726bff7719a9cc0a31d099e3a7240000bcf33efcc8a97cf0
91aaef966cd9b8d4992ff63269ab55cd8e09a191fbb0796f0f3e8ba5d87f3eee
a73f5986eb985871284e6e216372de3505634a97229de643216728d0fbfd6227
a804d0d36b36de669051d3f4fee586c1c55cb95286f7476eb7ddb8b062373d1e
b419d6f37255da8dba74a37d4593757e065accbd7c21e9f82bb2b5f63c9ec098
b59414d391354c59f30e17af3e40be8037e0b17a5fe701c10f37a85c4c88c1b4
ba3ad6d0cb1029bc6cabf590dd0427ae5c2b783eeee263bc9c19b9716e0b26d1
c075d32f3122a954d2973454b1a4cc09a9c92bdc8dad7f96c501a8dc92461787
c1a2ea610494881e10058cec5521f7196626f60dc71a4fb2818c74fe973aef65
c2406e05a30a7a5d4afe4e7154f3cfa0b859de69aca0b52c88eae016f0ca1075
c5fdea6bcb7b7dc4aabe9e409df609b922dde30401ccf5c25f0f384f7e8c43b5
c70a7009d49f10d81cfa541af9c57b470664e1cc6514b35e8a5479d21a10c3ad
c9bd2216bea9af3c34417192765b07b6f2b63f53f2d2eeaadbf2e70dc9889977
cccd640af41311c5d52a0476a1f77871eb641f656debe61b7633b18f1f08914f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d020277623753291ec7dc9117a3bd705aec0c0453f2dc0af9d6514d13385e99a
d20dea610374d5b75fe0cb449547b7baca6cd1bb208470d611c5d4aa813b14c0
d3399f85c79b313331ec6a4030239806258808425eaf137b9f7425caedaae444
d91f6b6e3cdac94583047dde80661ad8ea41516fcb692bc505bda70df8c1bb0d
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dab5c4526911c4ee6e7ecf0d771bd7ec1f5de3c3fd64bf6d29c365bb8042d321
dc90bb97d9d26b719f0f2ff889d838e1b71b50f1e5128148dcee66eb8840c3ac
de3e6cdf372ffbab9f4bbd1178162017291daf36f9f7cafda0412969595a289c
e0e9d2c8804c5f50dfc4d7a47d68efcf5a3d0fb5e767e3063afeb00c433269f9
e1313c3a4fe981f943646e1d710f6b12fbff77bf25c70aaa723e73896c9be06d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e96aa7c60bb144fee6bbdbcc58f8b542df774635705f3b3f1211a706b3516bfa
ec2e15f257bac5ada1e94000bd49bf83acfa1e4aa1167ff488963b54f72158fa
eda5ec1c59939f001bdc15f557f3a905110aac0a60afc5a1eb92d8cdc2d2cbb5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
f175d045d00ebebb1da72d4666902c09c4f00c6d006862698e23717b965bcc4e
f636ad0bd27ac4a8a964ffed940e5537ab7dae8f19c42d30ba464b39a69737a1