genshindle.com Open in urlscan Pro
2600:9000:2724:8800:6:1143:84c0:93a1  Public Scan

Submitted URL: http://genshindle.com/
Effective URL: https://genshindle.com/
Submission: On April 06 via api from US — Scanned from DE

Summary

This website contacted 15 IPs in 2 countries across 12 domains to perform 44 HTTP transactions. The main IP is 2600:9000:2724:8800:6:1143:84c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is genshindle.com. The Cisco Umbrella rank of the primary domain is 932550.
TLS certificate: Issued by Amazon RSA 2048 M03 on January 2nd 2024. Valid for: a year.
This is the only time genshindle.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
13 genshindle.com
genshindle.com — Cisco Umbrella Rank: 932550
535 KB
11 ezodn.com
go.ezodn.com — Cisco Umbrella Rank: 11198
32 KB
5 gstatic.com
fonts.gstatic.com
236 KB
3 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 664
119 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 38
7 KB
2 ezoic.net
g.ezoic.net — Cisco Umbrella Rank: 16332
5 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
187 KB
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 54
7 KB
1 amazonaws.com
r0dzj0rsx7.execute-api.eu-central-1.amazonaws.com
1 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2709
253 B
1 ezojs.com
www.ezojs.com — Cisco Umbrella Rank: 16805
42 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
98 KB
44 12
Domain Requested by
13 genshindle.com genshindle.com
11 go.ezodn.com genshindle.com
5 fonts.gstatic.com fonts.googleapis.com
genshindle.com
3 fundingchoicesmessages.google.com pagead2.googlesyndication.com
3 fonts.googleapis.com genshindle.com
2 g.ezoic.net www.ezojs.com
go.ezodn.com
2 pagead2.googlesyndication.com genshindle.com
pagead2.googlesyndication.com
1 lh3.googleusercontent.com genshindle.com
1 r0dzj0rsx7.execute-api.eu-central-1.amazonaws.com genshindle.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.ezojs.com genshindle.com
1 www.googletagmanager.com genshindle.com
44 12

This site contains links to these domains. Also see Links.

Domain
ko-fi.com
x.com
twitter.com
www.hoyolab.com
Subject Issuer Validity Valid
*.genshindle.com
Amazon RSA 2048 M03
2024-01-02 -
2025-01-31
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
www.ezojs.com
GTS CA 1P5
2024-03-05 -
2024-06-03
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
ezoic.net
R3
2024-03-16 -
2024-06-14
3 months crt.sh
*.execute-api.eu-central-1.amazonaws.com
Amazon RSA 2048 M01
2023-06-02 -
2024-06-30
a year crt.sh
ezodn.com
E1
2024-02-23 -
2024-05-23
3 months crt.sh
*.google.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh

This page contains 1 frames:

Primary Page: https://genshindle.com/
Frame ID: DC52E2BB093619301F19CC2F5618D406
Requests: 54 HTTP requests in this frame

Screenshot

Page Title

Genshindle - Guessing Game with Genshin Impact characters

Page URL History Show full URLs

  1. http://genshindle.com/ HTTP 307
    https://genshindle.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

44
Requests

100 %
HTTPS

57 %
IPv6

12
Domains

12
Subdomains

15
IPs

2
Countries

1271 kB
Transfer

3423 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://genshindle.com/ HTTP 307
    https://genshindle.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
genshindle.com/
Redirect Chain
  • http://genshindle.com/
  • https://genshindle.com/
1 KB
1 KB
Document
General
Full URL
https://genshindle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:8800:6:1143:84c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
626cce4643bc7defe397d0549effbf26cf1146874d2c332b154c52fdda47bda0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, s-maxage=2
content-encoding
gzip
content-type
text/html
date
Sat, 06 Apr 2024 12:09:45 GMT
etag
W/"7faaf9758c591f7757ffd44e8b00df6b"
last-modified
Fri, 05 Apr 2024 11:35:18 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 90cfd2dca03ef57cde2166b6abbd53ca.cloudfront.net (CloudFront)
x-amz-cf-id
snIezXn4IYfJPNYrhGefM0J2kfmNwUqosClkmAhPOifffBFeCMA9jw==
x-amz-cf-pop
FRA56-P12
x-cache
Miss from cloudfront
x-frame-options
SAMEORIGIN

Redirect headers

Location
https://genshindle.com/
Non-Authoritative-Reason
HttpsUpgrades
js
www.googletagmanager.com/gtag/
295 KB
98 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CLZMQVD9BX
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
00cf5c3b5c691b6edd2d50552a4a05967aa8f9d1b70a85a3262a4a66d221f0ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://genshindle.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 12:09:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100362
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 06 Apr 2024 12:09:45 GMT
sa.min.js
www.ezojs.com/ezoic/
122 KB
42 KB
Script
General
Full URL
https://www.ezojs.com/ezoic/sa.min.js
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.96.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3999a353efffb68ca6541ccc49b1369de789572c202d3a6ff7ca6a6655e06a95

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://genshindle.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 12:09:45 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 05 Apr 2024 20:20:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
56967
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vDmLE%2Fs6sS5lzMs9ik5%2BRkHwztwugr7TSIytXbmsJQE7knlwm3ZWIfv%2FrTUlV%2F834xQEgF8CBOZzwGLjA%2BAsO3FTQaChtfa9Q0EeMe%2BNP5R%2BGf5xWUrqBh%2B2SVaFO8tp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=86400
x-robots-tag
noindex
cf-ray
8701abbb1fe63764-FRA
alt-svc
h3=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
143 KB
50 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2543854667643786
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
9cda4cc3ff65f492682bccdd8dbb14bb23226b24f10a692c668448943cc68986
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://genshindle.com/
Origin
https://genshindle.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 12:09:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50847
x-xss-protection
0
server
cafe
etag
3519328731334395038
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sat, 06 Apr 2024 12:09:45 GMT
index-H1SP0HQO.js
genshindle.com/assets/
659 KB
200 KB
Script
General
Full URL
https://genshindle.com/assets/index-H1SP0HQO.js
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:8800:6:1143:84c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cbbb86ef0411758a413f2b94b686134b036a41b4b507406df75f5c953bd6b8cb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://genshindle.com/
Origin
https://genshindle.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 12:09:45 GMT
content-encoding
gzip
via
1.1 90cfd2dca03ef57cde2166b6abbd53ca.cloudfront.net (CloudFront)
last-modified
Fri, 05 Apr 2024 11:35:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
etag
W/"e7d7ec7e148829195ee5313ca4e4bdb2"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
x-cache
Miss from cloudfront
cache-control
public, max-age=0, s-maxage=2
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
HerZh1yjLL5_qmmAzM_vM-SiXvLSlipMFeU0pgJMYHhCe2WDP2xQOg==
index-BHaJS-Ws.css
genshindle.com/assets/
495 KB
53 KB
Stylesheet
General
Full URL
https://genshindle.com/assets/index-BHaJS-Ws.css
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:8800:6:1143:84c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f72bad938b89e5ff5d87fb5295221d037db4871d6600d23f67f77dfe4f142e93
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://genshindle.com/
Origin
https://genshindle.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 12:09:45 GMT
content-encoding
gzip
via
1.1 90cfd2dca03ef57cde2166b6abbd53ca.cloudfront.net (CloudFront)
last-modified
Fri, 05 Apr 2024 11:35:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
etag
W/"64fc8b5da3a1a53ef5df051bc9097a57"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
x-cache
Miss from cloudfront
cache-control
public, max-age=0, s-maxage=2
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
c7sNiVR5sDLcTuo3uQjxNty84u8zOgsWejCjOAgDABpHyQxEDVTfnA==
css
fonts.googleapis.com/
2 KB
970 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Alkatra&display=swap
Requested by
Host: genshindle.com
URL: https://genshindle.com/assets/index-BHaJS-Ws.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2420d7fbc5c88ad4cc4dae9a82e51c2a30bb5c49b5cbf563485b58b3982d6777
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://genshindle.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 06 Apr 2024 12:09:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 06 Apr 2024 12:09:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 06 Apr 2024 12:09:45 GMT
css
fonts.googleapis.com/
2 KB
716 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto+Slab&display=swap
Requested by
Host: genshindle.com
URL: https://genshindle.com/assets/index-BHaJS-Ws.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ba84a6de518728d15b12d153458a6a87f531a663d2a024f57f6cdf826e9c0983
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://genshindle.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 06 Apr 2024 12:09:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 06 Apr 2024 12:00:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 06 Apr 2024 12:09:45 GMT
collect
region1.google-analytics.com/g/
0
253 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-CLZMQVD9BX&gtm=45je4430v9104734233za200&_p=1712405385401&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1063994941.1712405386&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712405385&sct=1&seg=0&dl=https%3A%2F%2Fgenshindle.com%2F&dt=Genshindle&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=271
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CLZMQVD9BX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://genshindle.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 12:09:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://genshindle.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404020101/
406 KB
138 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2543854667643786&plah=genshindle.com&aplac=true
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2543854667643786
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
19196a23ecd3b693980d7a7908e410ddecf81094726abce70ea45a0f71f0b679
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://genshindle.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 12:09:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141036
x-xss-protection
0
server
cafe
etag
16873314803461000296
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 06 Apr 2024 12:09:45 GMT
bg.webp
genshindle.com/data/gallery/backgrounds/
201 KB
201 KB
Image
General
Full URL
https://genshindle.com/data/gallery/backgrounds/bg.webp
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.173.205.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1825d6891ec6f9d1c3ab9566e9c37deb3be65f3ae0a1d928bf9fd30da3038305
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://genshindle.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 12:09:45 GMT
via
1.1 8d70d51432f10e2eca684af448a5f99e.cloudfront.net (CloudFront)
last-modified
Fri, 05 Apr 2024 11:35:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
etag
"2df2c2df51bbb79c9e9f2591e600f5ba"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
image/webp
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
205616
x-amz-cf-id
JOGD_BnYzNwB1lacS36SI92AbeAm49w8BiK82rl-y-fw_bvIGrDqVg==
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac2e35ba691b4e2600238b67073f4593a942a6eb613ad3b9680e8b8d50eac8d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
r05EGLZA5qhCYsyJbuChFuK48Medzngmu4cIptE.woff2
fonts.gstatic.com/s/alkatra/v3/
16 KB
17 KB
Font
General
Full URL
https://fonts.gstatic.com/s/alkatra/v3/r05EGLZA5qhCYsyJbuChFuK48Medzngmu4cIptE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Alkatra&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff2e11c738d7fc91dfebfe8b91ef5043258833c3fdeb50bedbaf6e7f4fdb4ee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://genshindle.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 14:29:43 GMT
x-content-type-options
nosniff
age
423602
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16452
x-xss-protection
0
last-modified
Mon, 20 Mar 2023 21:47:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 01 Apr 2025 14:29:43 GMT
BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2
fonts.gstatic.com/s/robotoslab/v34/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotoslab/v34/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
438099da1cf057f5b48133f7a74b2d506751fb1b2e888d22ca397fa1983a8f9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://genshindle.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 02:39:27 GMT
x-content-type-options
nosniff
age
379818
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13992
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 01:50:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Apr 2025 02:39:27 GMT
sa.go
g.ezoic.net/
13 KB
5 KB
XHR
General
Full URL
https://g.ezoic.net/sa.go
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/ezoic/sa.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
7df664c0be46bf746372f63b8c8b0d1d97bf45599141f7afef49a8610d59661c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://genshindle.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 06 Apr 2024 12:09:45 GMT
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
access-control-max-age
1728000
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
text/javascript
access-control-allow-origin
https://genshindle.com
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
access-control-allow-credentials
true
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-robots-tag
noindex
access-control-allow-headers
Content-Type
expires
Fri, 05 Apr 2024 12:09:45 GMT
workbox-window.prod.es5-DFjpnwFp.js
genshindle.com/assets/
5 KB
2 KB
Script
General
Full URL
https://genshindle.com/assets/workbox-window.prod.es5-DFjpnwFp.js
Requested by
Host: genshindle.com
URL: https://genshindle.com/assets/index-H1SP0HQO.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.173.205.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
45d59e909a1b5a29f653a67248b0f4d84d2b4c1d9fea4f5974d47e33b306f49e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://genshindle.com/assets/index-H1SP0HQO.js
Origin
https://genshindle.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 12:09:45 GMT
content-encoding
gzip
via
1.1 8d70d51432f10e2eca684af448a5f99e.cloudfront.net (CloudFront)
last-modified
Fri, 05 Apr 2024 11:35:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
etag
W/"ed0c862094c41f455cdef837aa7dafd2"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
x-cache
Miss from cloudfront
cache-control
public, max-age=0, s-maxage=2
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
1ZkBfESQQT9--QDVzvy305csr_JNbCRVKz1jQXM0Kt_9XxPvPOJWSg==
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f8456e042960c0d377508b3a3ddd2ac486adea0b491eec7c0a3c15f16c57dfc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
paimon-fungus-COwPukIQ.webp
genshindle.com/assets/
10 KB
10 KB
Image
General
Full URL
https://genshindle.com/assets/paimon-fungus-COwPukIQ.webp
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.173.205.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5fa59ecc0a9027aefbcc41c0a675d05d369306f31b620fd36df6db9b3f27b9e0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://genshindle.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 12:09:45 GMT
via
1.1 8d70d51432f10e2eca684af448a5f99e.cloudfront.net (CloudFront)
last-modified
Fri, 05 Apr 2024 11:35:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
etag
"fa3dca76246bc0eb9613b4f52811d094"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
image/webp
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
9734
x-amz-cf-id
bxPIn4witnKlcke_N2cyrnpal-acRdEt4kmdCI5OdHUSWMVMbL-T3g==
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e947cd67b42d2be932802c9fdab2c1d9d44111665a36bba17e913919a71d3bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
sr_game_won-Bq4SUK0F.webp
genshindle.com/assets/
14 KB
15 KB
Image
General
Full URL
https://genshindle.com/assets/sr_game_won-Bq4SUK0F.webp
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.173.205.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eee38ab8d2274dc4a82909217e75c4134c6c0a46253fd93cc90cb4342e5e0b2e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://genshindle.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 12:09:45 GMT
via
1.1 8d70d51432f10e2eca684af448a5f99e.cloudfront.net (CloudFront)
last-modified
Fri, 05 Apr 2024 11:35:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
etag
"a2baafb3b583ffd073401c74605e5581"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
image/webp
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
14758
x-amz-cf-id
pJIoToT-pw3FinZ1V3AnBv8_-pMCV1KDGWfJkLZckhM_WIWJEuWbjw==
truncated
/
698 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ab1ae5872d2a54c603ba7d21e58f75a0a0e0e978382ad1445f22ce3d0b5213cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
062dc92329688aaec2a25116cc8ec8ea7d897c4db23f818a3a45def54bee7971

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
20ea2cc3ef71f2754c5b230989a45a29b8b1c1bf84ae45c5cf0325044cb0f796

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/
674 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e7fedb41bab6d30b22487a477b0377f5188a0de7155577cc5d7d87575a8a404

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/
584 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9003ce5c65d35feb26f55783944127f6894e3b1407888636c1b2435045370196

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
acheron.webp
genshindle.com/data/gallery/starrail/characters/mobile/
3 KB
4 KB
Image
General
Full URL
https://genshindle.com/data/gallery/starrail/characters/mobile/acheron.webp
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.173.205.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c2f4a80f726b30d83fab9bcd8f14559e47ed6c9efd79c595081b08256f88aea8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://genshindle.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 12:09:45 GMT
via
1.1 8d70d51432f10e2eca684af448a5f99e.cloudfront.net (CloudFront)
last-modified
Fri, 05 Apr 2024 11:35:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
etag
"7d5a19ecef2c5013571fe2b483e5038d"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
image/webp
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
3436
x-amz-cf-id
JBNlZkP3l471_NurPmPPPuXvvUwujlZi0k4GWb2mT3vQ0ylJk4IZUA==
gallagher.webp
genshindle.com/data/gallery/starrail/characters/mobile/
3 KB
4 KB
Image
General
Full URL
https://genshindle.com/data/gallery/starrail/characters/mobile/gallagher.webp
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.173.205.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8cfb62f496e6bba9d01b31bea74c794d444378a9e96ede1562e10fc7f00f4e2e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://genshindle.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 12:09:45 GMT
via
1.1 8d70d51432f10e2eca684af448a5f99e.cloudfront.net (CloudFront)
last-modified
Fri, 05 Apr 2024 11:35:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
etag
"2d271cdd116e38ad9e99f9c38c108516"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
image/webp
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
3458
x-amz-cf-id
OYoWDobrgFiqzNENhuC2EImn_09Ex2S3t7XW4D2XVsLuU0ZCPLiP2Q==
userData
r0dzj0rsx7.execute-api.eu-central-1.amazonaws.com/aws/genshindle/api/
929 B
1 KB
XHR
General
Full URL
https://r0dzj0rsx7.execute-api.eu-central-1.amazonaws.com/aws/genshindle/api/userData
Requested by
Host: genshindle.com
URL: https://genshindle.com/assets/index-H1SP0HQO.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.28.89.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-89-110.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3ea0040c3f0acc32888747c71ed67f55bde838b14f1b010db8af8b16d1ee0a8e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/json, text/plain, */*
Referer
https://genshindle.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 12:09:45 GMT
x-amzn-requestid
c463a94a-c4f0-492e-85b8-c920aa12dc93
x-amzn-trace-id
Root=1-66113b89-7c81f75a2e271db86875692e;Parent=0d5e8b7fb8f2de53;Sampled=0;lineage=4cbca42f:0
access-control-max-age
84000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://genshindle.com
x-amz-apigw-id
VzY9jFs2liAEQ0g=
content-length
929
access-control-allow-headers
content-type, authorization
loading-B4JB49md.webp
genshindle.com/assets/
13 KB
14 KB
Image
General
Full URL
https://genshindle.com/assets/loading-B4JB49md.webp
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.173.205.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3cd3621f9642e87004aceab46da9170d40473eed960d3d8bd807a40ed4db5b16
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://genshindle.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 12:09:45 GMT
via
1.1 8d70d51432f10e2eca684af448a5f99e.cloudfront.net (CloudFront)
last-modified
Fri, 05 Apr 2024 11:35:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
etag
"f887b2e267c1db213c0d10fa0afc7f7d"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
image/webp
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
13524
x-amz-cf-id
Iqw0trthQNoWn5knc0h41UoISCy59OkirlAB75XrBDsdifrLiyQvHQ==
questionmark-CPUvceyw.webp
genshindle.com/assets/
12 KB
12 KB
Image
General
Full URL
https://genshindle.com/assets/questionmark-CPUvceyw.webp
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.173.205.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
253daa866159262b420d98d43dbfc8560a67744462ec3023aa2c5609841f7b77
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://genshindle.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 12:09:45 GMT
via
1.1 8d70d51432f10e2eca684af448a5f99e.cloudfront.net (CloudFront)
last-modified
Fri, 05 Apr 2024 11:35:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
etag
"dcce966ff5574f27912df0457c4aeef8"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
image/webp
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
12326
x-amz-cf-id
bTTolfdNMhXYckufSziHYg0jYxspZxbAK0SOPM_ERCfZM3nlkruaWw==
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f33ac61303d7408dbf2b3ea0b7d88196229f3b2d79f1cb4eadb0bd94363fc713

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
xianyun.webp
genshindle.com/data/gallery/characters/mobile/
3 KB
4 KB
Image
General
Full URL
https://genshindle.com/data/gallery/characters/mobile/xianyun.webp
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.173.205.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ce59b4e112f553a27a8ef125b2e81b1845ab965f8062ee0d80cb01786c28414d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://genshindle.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 12:09:46 GMT
via
1.1 8d70d51432f10e2eca684af448a5f99e.cloudfront.net (CloudFront)
last-modified
Fri, 05 Apr 2024 11:35:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
etag
"97fa47f36f2beacc4ee81dbedb605322"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
image/webp
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
3534
x-amz-cf-id
a25ZT1NNE_sfyTjPATK-y8ncCMmlYgXe8XUbSfkuNkAOgiwyVJp8Lg==
boise.js
go.ezodn.com/detroitchicago/
824 B
915 B
Script
General
Full URL
https://go.ezodn.com/detroitchicago/boise.js?gcb=195-0&cb=5
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.106.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4fafcd389d58bbd82e49d9a68e81e9dc8384330ff14ec3283a4d0d11812047b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://genshindle.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 12:09:45 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Mar 2024 21:23:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1262803
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LRNlsaEUoZfUAzrcBzbOX3gYVWTpEkMBotHijVgd39LSNHp%2Fa%2FsDydZs%2FNCwGe7HHeMAjNY7gSIkAeJDGtn1ZSNGhIfT5lHT7vd4pEn7MkOV9uj6QORLlN847Pa%2BDVk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
8701abbcff8a1d96-FRA
alt-svc
h3=":443"; ma=86400
abilene.js
go.ezodn.com/parsonsmaize/
6 KB
3 KB
Script
General
Full URL
https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=33
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.106.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6d246aaf0761aff9e05abbea8295ed87973874c445b5f0dd16c7415ad6457c2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://genshindle.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 12:09:45 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Mar 2024 22:26:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1258987
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MGOJjNu9T7MVeMNa1qYqEK1hF%2FnqIVgBYQnXSb%2FvKzhrro3NO86YjI45NMGxBVlDPFupcc6SXW6i%2FmfJehXYPXov%2BCoi6IYJ%2FuG3q09iFZBTD%2BCZNMqSxye7IlXELCE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
8701abbcff881d96-FRA
alt-svc
h3=":443"; ma=86400
et.js
go.ezodn.com/porpoiseant/
1 KB
1 KB
Script
General
Full URL
https://go.ezodn.com/porpoiseant/et.js?gcb=195-0&cb=2
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.106.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c34f09169d2a10e8f5863960e81575ab70f88b52f4bd3386ce5e41e73a94487

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://genshindle.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 12:09:45 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Mar 2024 18:07:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1274509
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nJj61IwbShSCasA8c4MRZajzfLSBRNRT94Ox5Jug3szXazGyBHDMTGboM8yDZUXyEz6PWiJSmm67C3mKkN8CTF1fzgK%2F4t5O%2BzRIepuWwVAvC1q98VAyvAyKpSMspXI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
8701abbcff8c1d96-FRA
alt-svc
h3=":443"; ma=86400
jellyfish.js
go.ezodn.com/porpoiseant/
37 KB
10 KB
Script
General
Full URL
https://go.ezodn.com/porpoiseant/jellyfish.js?a=a&cb=14&dcb=195-0&shcb=34
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.106.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
baf080d01809c9c523d05fcbd4a50aba9f59a23bfbe787d7526d463084c43331

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://genshindle.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 12:09:45 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Mar 2024 22:26:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1258987
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HvrBYttwN8xVXDQB3kPYrbOAIlQH6Xs43BPpTy1v8%2Brg%2FlGDHChxay7umsf2bsUkpFkhaMZ6h4GpVRzJSK8dckibF6jjcMjklXTetg0gnWy6KLy8qUhKZ90wC2UujDc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
8701abbcff8e1d96-FRA
alt-svc
h3=":443"; ma=86400
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a83371602c19c97674ec9f6ac7cbf60abc825f8288b3a3d73a9c992596f08194

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
ca-pub-2543854667643786
fundingchoicesmessages.google.com/i/
180 KB
60 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-2543854667643786?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2543854667643786&plah=genshindle.com&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
55bb592c6c4577770e572715c4f1a8b7beacaf00258bfc64058bbc7af58056d1
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-wi9woN55UVWIZb8rYJSKKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://genshindle.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 12:09:45 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-wi9woN55UVWIZb8rYJSKKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmJw05BiOHnrNtNFID7vdIfpOhDXMjxjagViA43nTBZA_O7LSyaBry-ZJIBYC4j51k1nVQFiw_XTWSOBOOb5dNYUIHZKn8EaAsQ-9TNY44C49eY51ulAfHLBedaLQJz07zxrCRAL8XB0fj-ygU1gw6xTa5kBDaI68g"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
mulvane.js
go.ezodn.com/parsonsmaize/
1 KB
1 KB
Script
General
Full URL
https://go.ezodn.com/parsonsmaize/mulvane.js?gcb=195-0&cb=6
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.106.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
671c9364f35b1a7ef0f50cb98b0cc36cbd6acb045e51c304daa97f6732c4ad33

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://genshindle.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 12:09:45 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Mar 2024 20:20:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1266579
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TQGiNPmlCvRKQ5Sd3k8QeqxzqOVXSiigAMpYy9CAaWXkJvNY%2BJAoTUJbChn4hss4KwnAzrlKal0ODVwngHoo7hYuIdYW16swCCMoGB1lKkR7zV5wZf%2FJcWjA5WecJeU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
8701abbd5fe11d96-FRA
alt-svc
h3=":443"; ma=86400
wichita.js
go.ezodn.com/detroitchicago/
3 KB
2 KB
Script
General
Full URL
https://go.ezodn.com/detroitchicago/wichita.js?gcb=195-0&cb=12
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.106.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d7a77f24fc31abf310ccb240b2e0a49f2582823f990eef11a3abc37f286ea12

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://genshindle.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 12:09:45 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Mar 2024 22:26:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1258987
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wA4wEfdXg6PmObN1wzDFLFrryxqR1EmSh3V3g%2FMvuQjEqHYhnb0O3TSVWohFRvvnatP7ixUNJEJosZaxQQLVIjSBb0eWTaWUtzCbXPQ0PW5ywG0n%2BgBvDXDY6B3X5Co%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
8701abbd5fe21d96-FRA
alt-svc
h3=":443"; ma=86400
raleigh.js
go.ezodn.com/detroitchicago/
2 KB
1 KB
Script
General
Full URL
https://go.ezodn.com/detroitchicago/raleigh.js?gcb=195-0&cb=7
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.106.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2149609073953a523eefe7112eeeeadba8cfb4de700991373a4b86d530237730

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://genshindle.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 12:09:45 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Mar 2024 18:07:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1274509
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GewfwCRbdzRzwrHxKnWpd%2F4pxVaWv0v6Qa%2BDYLLdT3ZsjFCmgqzZmUx2TBbdl8CeWALlNFdB6O2zKst63YDLq5Z1KYYSWZDeJ%2FTUtIYeaAXxbTIAwzTRAAbp3uLMMHc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
8701abbd5fe41d96-FRA
alt-svc
h3=":443"; ma=86400
vista.js
go.ezodn.com/detroitchicago/
1 KB
964 B
Script
General
Full URL
https://go.ezodn.com/detroitchicago/vista.js?gcb=195-0&cb=6
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.106.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2e2a10f2cb324627b3e07cc7789ad5c4626e4068a4089a8071f60e67168e3cd

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://genshindle.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 12:09:45 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Mar 2024 22:26:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1258987
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ETV%2FabAZU7p53Zc69nKbGM0pY2GegYNqOFnamaIkhLMtYHFaUsZc9belRuGDyUnc%2F1NTXn8256F85RfRVOLF41PgRbxi42bdfqkC8Ftzox2eN9jaqu2%2Fq6%2BODVIdREo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
8701abbd5fe71d96-FRA
alt-svc
h3=":443"; ma=86400
olathe.js
go.ezodn.com/parsonsmaize/
2 KB
1 KB
Script
General
Full URL
https://go.ezodn.com/parsonsmaize/olathe.js?gcb=195-0&cb=24
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.106.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99773781f27958d328d2b177d2f1bb8bf4bdf6f8df05f0a30a10e55bdbc4d999

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://genshindle.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 12:09:45 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Mar 2024 18:07:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1274509
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ycKk%2Bw1QfCESSxOoA2fVtUDrPmJNJdiB6sNIJY%2FuTROMiYdk0dRargofkmmcdeT5ASWbvrwbE4eM2fKz%2B5aKQjHWEl92PaZsXrMnVLGh1dJbRJ3VqRyM46eoegkN0xs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
8701abbd981e1d96-FRA
alt-svc
h3=":443"; ma=86400
chanute.js
go.ezodn.com/parsonsmaize/
21 KB
6 KB
Script
General
Full URL
https://go.ezodn.com/parsonsmaize/chanute.js?a=a&cb=9&dcb=195-0&shcb=34
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.106.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43bfd4efdc0e50c7ddf838d314861e51615398c1240fe5059d6f742b07763190

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://genshindle.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 12:09:45 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 20 Mar 2024 20:41:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1438097
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ygMpTR7XHj45Jd%2BbKqfs4%2FBa5W5CItv4l0hFJxKBOGTOqrUa50Av483CrICHhFQzuSEoaJfuWuNf5pJlGB9heIxiaLHnGU40yn8YNwBayF5rhPu9cRFQjrwQ0YC4cdY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
8701abbd981f1d96-FRA
alt-svc
h3=":443"; ma=86400
vitals.js
go.ezodn.com/tardisrocinante/
11 KB
4 KB
Script
General
Full URL
https://go.ezodn.com/tardisrocinante/vitals.js?gcb=195-0&cb=4
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.106.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b763d5b912167fe106b398398dcd84dec3c0734c7cf869e66127e1bbc353e26

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://genshindle.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 12:09:45 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 28 Mar 2024 22:26:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
740574
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JI0BjPdYYyvOgRl3TOrBSNrvw9OTnZpDkrdnAL15wMF3J3dvsYITdzRMrT%2BnUO9JVcqScFjIAa3DIoJeYbmod%2BgPN1TTIuNnVbImtUH9zFeOV0LoPTMyNMPHbWd4aao%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
8701abbd98201d96-FRA
alt-svc
h3=":443"; ma=86400
imp.gif
g.ezoic.net/detroitchicago/
43 B
184 B
Ping
General
Full URL
https://g.ezoic.net/detroitchicago/imp.gif
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://genshindle.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 06 Apr 2024 12:09:49 GMT
access-control-max-age
1728000, 1728000
access-control-allow-methods
GET, POST, PUT, OPTIONS, HEAD, PUT, POST, GET, OPTIONS
content-type
image/gif
access-control-allow-origin
https://genshindle.com, https://genshindle.com
x-middleton-display
imp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
access-control-allow-credentials
true
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-headers
Content-Type, Content-Type
content-length
43
expires
Fri, 05 Apr 2024 12:09:49 GMT
AGSKWxU6sNcahjVfnG3s1ZUNbAEShXalDqzqxNnEUJfFADHh_Br_6zPS0aA98iuccd7n8wP-_TIGOnh3WBpPwCjBU-Yl3N-nxQat1N0rbntKncvTgk7qT1-yUoHg6TX6N_QqN7dMTETYLA==
fundingchoicesmessages.google.com/f/
373 KB
59 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxU6sNcahjVfnG3s1ZUNbAEShXalDqzqxNnEUJfFADHh_Br_6zPS0aA98iuccd7n8wP-_TIGOnh3WBpPwCjBU-Yl3N-nxQat1N0rbntKncvTgk7qT1-yUoHg6TX6N_QqN7dMTETYLA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEyNDA1Mzg1LDk4MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9nZW5zaGluZGxlLmNvbS8iLG51bGwsW1s4LCJzR2J1OUFHU2dZZyJdLFs5LCJkZSJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.sGbu9AGSgYg.es5.O/am=wA/d=1/rs=AJlcJMx3CszrVT1CCPlZ3-GH2PVgLPtyGQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
543337111a4af30d3c2d74dfc398043499fda6a0f6f8e70f0879b202f52ce047
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-CgxcsqZZa7--OXx1uW7GBg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://genshindle.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 12:09:46 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-CgxcsqZZa7--OXx1uW7GBg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmLw15BiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UB8csF51otAnPTvPGsJEAtxc3R9P7KBTeDA6q0aAGIyNW8"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/
106 KB
6 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.sGbu9AGSgYg.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwR98Fkp8KVCsItNnvK8s-QmtJUvA/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0e2ef015de96af25db009694591ade7c1a7fc6d3401450069f85c9d13e1f403d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://genshindle.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 06 Apr 2024 12:09:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 06 Apr 2024 12:09:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 06 Apr 2024 12:09:46 GMT
rDlRUAkERZYpg-RNp9Uod-_Oq2HWQQftLGOKoHc_bFYQWnme1-8HH1MM4vUStoJ9rH3Ru4lArTOqalbKPC6vj6es7w_gUcEKPflo1woJMM35pc0kNMM=h60
lh3.googleusercontent.com/
7 KB
7 KB
Image
General
Full URL
https://lh3.googleusercontent.com/rDlRUAkERZYpg-RNp9Uod-_Oq2HWQQftLGOKoHc_bFYQWnme1-8HH1MM4vUStoJ9rH3Ru4lArTOqalbKPC6vj6es7w_gUcEKPflo1woJMM35pc0kNMM=h60
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
3131074d40f6333d690aef9f113e218c07229e403fc53365eccbd23f202f081d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://genshindle.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 12:05:48 GMT
x-content-type-options
nosniff
age
238
cross-origin-resource-policy
cross-origin
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7225
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 07 Apr 2024 12:05:48 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://genshindle.com/
Origin
https://genshindle.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 22:45:56 GMT
x-content-type-options
nosniff
age
48230
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Apr 2025 22:45:56 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/
125 KB
126 KB
Font
General
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://genshindle.com/
Origin
https://genshindle.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 02:46:41 GMT
x-content-type-options
nosniff
age
33785
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Apr 2025 02:46:41 GMT
AGSKWxVkE8GhbCfmiEw9IxBBI5Lm5HNEUwQ_-DDT3pfsTXZqx7H7NUCj3VVzKxHPz5s5k8AvNeWlAJjwp7B7QmV7hT79GtpYWWkiLiUpZcC_sQBq4RaTdIAC0-WfRIjTTUoZs_DbUOpgYw==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVkE8GhbCfmiEw9IxBBI5Lm5HNEUwQ_-DDT3pfsTXZqx7H7NUCj3VVzKxHPz5s5k8AvNeWlAJjwp7B7QmV7hT79GtpYWWkiLiUpZcC_sQBq4RaTdIAC0-WfRIjTTUoZs_DbUOpgYw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.sGbu9AGSgYg.es5.O/am=wA/d=1/rs=AJlcJMx3CszrVT1CCPlZ3-GH2PVgLPtyGQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6vthsGq1zsmgvJnmhKs7tA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://genshindle.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 06 Apr 2024 12:09:46 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6vthsGq1zsmgvJnmhKs7tA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw05BiqGV4xtQKxE7pM1gDgFiIm6Pr-5ENbAI_LvRlAwC8BQxe"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://genshindle.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/
32 KB
32 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://genshindle.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 17:34:04 GMT
x-content-type-options
nosniff
age
412542
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 01 Apr 2025 17:34:04 GMT
favicon.ico
genshindle.com/
15 KB
15 KB
Other
General
Full URL
https://genshindle.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.173.205.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c3f018b3ab88451bde883dd6d1f1408a73f847cd7d7828a23d4e425be5c93b4c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://genshindle.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 12:09:46 GMT
via
1.1 8d70d51432f10e2eca684af448a5f99e.cloudfront.net (CloudFront)
last-modified
Fri, 05 Apr 2024 11:35:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
etag
"656cf6b5702e1ab97ee74c7308744e27"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
image/vnd.microsoft.icon
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
15086
x-amz-cf-id
nis_ZjOSobtUdEdA-0fxbV5bZQdBLmu88fQheNvwJcvluO3IvWrHUw==

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 function| gtag object| dataLayer object| regeneratorRuntime object| ezstandalone object| google_tag_manager object| google_tag_data object| googletag function| onYouTubeIframeAPIReady object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| exports object| global object| $cookies boolean| __VUE__ string| ezStandaloneDefine string| ezStandaloneCookies boolean| _ez_sa object| __ez object| _ezim_d object| _ezaq number| did string| ezoTemplate boolean| didTimeoutVign function| expzscr function| create_ezolpl function| attach_ezolpl string| __ezScriptHost string| ezdomain function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run function| getEzErrorURL function| reportEzError undefined| hREED function| __ezDotData object| ct object| ezdent object| ezDenty object| ezua object| ezuxgoals function| ez_attachEvent function| ez_attachEventWithCapture function| ez_detachEvent function| ez_getQueryString object| _ezfd number| ez_tos_track_count number| ez_last_activity_count object| metricNameMap function| ezlogVital object| webVitals function| initEzux object| riveted object| ezux object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| MmU5N2ZiNTg0YjJlMjNlYWxvYWRlcl9qcw== string| MmU5N2ZiNTg0YjJlMjNlYWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady object| perf_vals

12 Cookies

Domain/Path Name / Value
.genshindle.com/ Name: _ga
Value: GA1.1.1063994941.1712405386
.genshindle.com/ Name: _ga_CLZMQVD9BX
Value: GS1.1.1712405385.1.0.1712405385.0.0.0
.genshindle.com/ Name: ezoadgid_527904
Value: -1
.genshindle.com/ Name: ezoref_527904
Value:
.genshindle.com/ Name: ezosuibasgeneris-1
Value: 996443d1-71ee-4646-6a15-3816fd2f1fb0
.genshindle.com/ Name: ezoab_527904
Value: mod33-c
.genshindle.com/ Name: lp_527904
Value: https://genshindle.com/
.genshindle.com/ Name: ezovuuidtime_527904
Value: 1712405385
.genshindle.com/ Name: ezovuuid_527904
Value: cea49366-85a3-49cf-6b21-5ca30272492d
.genshindle.com/ Name: active_template::527904
Value: pub_site.1712405385
.genshindle.com/ Name: ezopvc_527904
Value: 1
genshindle.com/ Name: ezux_lpl_527904
Value: 1712405386787|37fbd5cb-8175-4047-7af8-505202146719|true

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
g.ezoic.net
genshindle.com
go.ezodn.com
lh3.googleusercontent.com
pagead2.googlesyndication.com
r0dzj0rsx7.execute-api.eu-central-1.amazonaws.com
region1.google-analytics.com
www.ezojs.com
www.googletagmanager.com
142.250.185.174
142.250.185.194
172.64.106.6
172.64.96.6
18.173.205.119
2001:4860:4802:34::36
2600:9000:2724:8800:6:1143:84c0:93a1
2a00:1450:4001:800::2003
2a00:1450:4001:810::200a
2a00:1450:4001:81c::200e
2a00:1450:4001:81d::2001
2a00:1450:4001:82b::2008
2a05:d014:776:a63e:931e:6ac2:944b:f27e
52.28.89.110
00cf5c3b5c691b6edd2d50552a4a05967aa8f9d1b70a85a3262a4a66d221f0ed
062dc92329688aaec2a25116cc8ec8ea7d897c4db23f818a3a45def54bee7971
0e2ef015de96af25db009694591ade7c1a7fc6d3401450069f85c9d13e1f403d
1825d6891ec6f9d1c3ab9566e9c37deb3be65f3ae0a1d928bf9fd30da3038305
19196a23ecd3b693980d7a7908e410ddecf81094726abce70ea45a0f71f0b679
1d7a77f24fc31abf310ccb240b2e0a49f2582823f990eef11a3abc37f286ea12
1e947cd67b42d2be932802c9fdab2c1d9d44111665a36bba17e913919a71d3bd
20ea2cc3ef71f2754c5b230989a45a29b8b1c1bf84ae45c5cf0325044cb0f796
2149609073953a523eefe7112eeeeadba8cfb4de700991373a4b86d530237730
2420d7fbc5c88ad4cc4dae9a82e51c2a30bb5c49b5cbf563485b58b3982d6777
253daa866159262b420d98d43dbfc8560a67744462ec3023aa2c5609841f7b77
2c34f09169d2a10e8f5863960e81575ab70f88b52f4bd3386ce5e41e73a94487
3131074d40f6333d690aef9f113e218c07229e403fc53365eccbd23f202f081d
3999a353efffb68ca6541ccc49b1369de789572c202d3a6ff7ca6a6655e06a95
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3cd3621f9642e87004aceab46da9170d40473eed960d3d8bd807a40ed4db5b16
3ea0040c3f0acc32888747c71ed67f55bde838b14f1b010db8af8b16d1ee0a8e
438099da1cf057f5b48133f7a74b2d506751fb1b2e888d22ca397fa1983a8f9a
43bfd4efdc0e50c7ddf838d314861e51615398c1240fe5059d6f742b07763190
45d59e909a1b5a29f653a67248b0f4d84d2b4c1d9fea4f5974d47e33b306f49e
543337111a4af30d3c2d74dfc398043499fda6a0f6f8e70f0879b202f52ce047
55bb592c6c4577770e572715c4f1a8b7beacaf00258bfc64058bbc7af58056d1
5fa59ecc0a9027aefbcc41c0a675d05d369306f31b620fd36df6db9b3f27b9e0
626cce4643bc7defe397d0549effbf26cf1146874d2c332b154c52fdda47bda0
671c9364f35b1a7ef0f50cb98b0cc36cbd6acb045e51c304daa97f6732c4ad33
7df664c0be46bf746372f63b8c8b0d1d97bf45599141f7afef49a8610d59661c
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8cfb62f496e6bba9d01b31bea74c794d444378a9e96ede1562e10fc7f00f4e2e
8e7fedb41bab6d30b22487a477b0377f5188a0de7155577cc5d7d87575a8a404
9003ce5c65d35feb26f55783944127f6894e3b1407888636c1b2435045370196
99773781f27958d328d2b177d2f1bb8bf4bdf6f8df05f0a30a10e55bdbc4d999
9b763d5b912167fe106b398398dcd84dec3c0734c7cf869e66127e1bbc353e26
9cda4cc3ff65f492682bccdd8dbb14bb23226b24f10a692c668448943cc68986
a4fafcd389d58bbd82e49d9a68e81e9dc8384330ff14ec3283a4d0d11812047b
a83371602c19c97674ec9f6ac7cbf60abc825f8288b3a3d73a9c992596f08194
ab1ae5872d2a54c603ba7d21e58f75a0a0e0e978382ad1445f22ce3d0b5213cc
ac2e35ba691b4e2600238b67073f4593a942a6eb613ad3b9680e8b8d50eac8d6
ba84a6de518728d15b12d153458a6a87f531a663d2a024f57f6cdf826e9c0983
baf080d01809c9c523d05fcbd4a50aba9f59a23bfbe787d7526d463084c43331
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c2f4a80f726b30d83fab9bcd8f14559e47ed6c9efd79c595081b08256f88aea8
c3f018b3ab88451bde883dd6d1f1408a73f847cd7d7828a23d4e425be5c93b4c
cbbb86ef0411758a413f2b94b686134b036a41b4b507406df75f5c953bd6b8cb
ce59b4e112f553a27a8ef125b2e81b1845ab965f8062ee0d80cb01786c28414d
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e2e2a10f2cb324627b3e07cc7789ad5c4626e4068a4089a8071f60e67168e3cd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eee38ab8d2274dc4a82909217e75c4134c6c0a46253fd93cc90cb4342e5e0b2e
f33ac61303d7408dbf2b3ea0b7d88196229f3b2d79f1cb4eadb0bd94363fc713
f6d246aaf0761aff9e05abbea8295ed87973874c445b5f0dd16c7415ad6457c2
f72bad938b89e5ff5d87fb5295221d037db4871d6600d23f67f77dfe4f142e93
f8456e042960c0d377508b3a3ddd2ac486adea0b491eec7c0a3c15f16c57dfc2
ff2e11c738d7fc91dfebfe8b91ef5043258833c3fdeb50bedbaf6e7f4fdb4ee0