URL: http://bloodhelpers.com/
Submission: On June 16 via manual from US — Scanned from DE

Summary

This website contacted 18 IPs in 3 countries across 11 domains to perform 83 HTTP transactions. The main IP is 2400:8901::f03c:92ff:fe8a:f267, located in Singapore, Singapore and belongs to LINODE-AP Linode, LLC, US. The main domain is bloodhelpers.com.
This is the only time bloodhelpers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
36 bloodhelpers.com
bloodhelpers.com
129 KB
15 sharethis.com
w.sharethis.com — Cisco Umbrella Rank: 18828
ws.sharethis.com — Cisco Umbrella Rank: 8975
l.sharethis.com — Cisco Umbrella Rank: 4971
count-server.sharethis.com — Cisco Umbrella Rank: 12395
93 KB
15 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
tpc.googlesyndication.com — Cisco Umbrella Rank: 150
268 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
25 KB
4 google.com
adservice.google.com — Cisco Umbrella Rank: 92
www.google.com — Cisco Umbrella Rank: 9
1 KB
2 gstatic.com
www.gstatic.com
fonts.gstatic.com
42 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 7295
914 B
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 329
fonts.googleapis.com — Cisco Umbrella Rank: 67
34 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
43 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 861
647 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 91
3 KB
83 11
Domain Requested by
36 bloodhelpers.com bloodhelpers.com
10 ws.sharethis.com w.sharethis.com
ws.sharethis.com
bloodhelpers.com
8 pagead2.googlesyndication.com bloodhelpers.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
7 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
2 www.google.com 1 redirects tpc.googlesyndication.com
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 l.sharethis.com w.sharethis.com
bloodhelpers.com
2 w.sharethis.com 1 redirects bloodhelpers.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.gstatic.com googleads.g.doubleclick.net
1 www.googletagservices.com googleads.g.doubleclick.net
1 fonts.googleapis.com googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 count-server.sharethis.com ws.sharethis.com
1 www.facebook.com bloodhelpers.com
1 ajax.googleapis.com bloodhelpers.com
83 18

This site contains no links.

Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-05-25 -
2022-08-17
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-03-26 -
2022-06-24
3 months crt.sh
sharethis.com
Amazon
2021-07-19 -
2022-08-17
a year crt.sh
*.googleadservices.com
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
*.google.de
GTS CA 1C3
2022-05-25 -
2022-08-17
3 months crt.sh
*.google.com
GTS CA 1C3
2022-05-25 -
2022-08-17
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-05-25 -
2022-08-17
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh

This page contains 9 frames:

Primary Page: http://bloodhelpers.com/
Frame ID: E501A459A872DDD2F6F1739EEDA237BF
Requests: 59 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fbloodhelpers.com&layout=standard&show_faces=true&width=450&action=recommend&font=lucida+grande&colorscheme=light&height=80
Frame ID: 08F64083400C078E46743D844B0AF62A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4081699989175167&output=html&h=600&slotname=1676498701&adk=214556337&adf=3687068580&pi=t.ma~as.1676498701&w=120&lmt=1655411714&url=http%3A%2F%2Fbloodhelpers.com%2F&wgl=1&dt=1655411714040&bpp=11&bdt=560&idt=262&shv=r20220614&mjsv=m202206130101&ptt=5&saldr=sa&abxe=1&correlator=6871375200257&frm=20&pv=2&ga_vid=467579500.1655411714&ga_sid=1655411714&ga_hid=1295908720&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1164&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31067629%2C42531606%2C42531607%2C21065725&oid=2&pvsid=3164538892089136&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=AQKtbk0vTV&p=http%3A//bloodhelpers.com&dtd=280
Frame ID: 4E63A1239219C3E624D2601D3CE23896
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B3C0FEDAE4F6B1EFDFF6F36732D1146A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220614/r20190131/zrt_lookup.html
Frame ID: 71099E6FEC6ADDFF3B1461275505727D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4081699989175167&output=html&adk=1812271804&adf=3025194257&lmt=1655411715&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fbloodhelpers.com%2F&ea=0&pra=7&wgl=1&dt=1655411715723&bpp=8&bdt=2242&idt=8&shv=r20220614&mjsv=m202206130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ae09e4b7bab35d6-22fdd3cfb4cd0088%3AT%3D1655411714%3ART%3D1655411714%3AS%3DALNI_MYQbav8UOaBXrQJ0ClqKXbdu3ATsw&prev_slotnames=1676498701&nras=1&correlator=6871375200257&frm=20&pv=1&ga_vid=467579500.1655411714&ga_sid=1655411714&ga_hid=1295908720&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31067629%2C42531606%2C42531607%2C21065725&oid=2&psts=AGkb-H-ccvzbTl9peTpAErMtQN7m6C6ep_7liYm4RUascx4dHmKwXqZuSZUJ8zuDQ3xB1KUAjn-xxdSnSIIsGmU&pvsid=3164538892089136&tmod=2088195650&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=54
Frame ID: F92B0CA3E8FF594BB0B2996B95A7DED4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6A4ACC75689A1ACB6AF64692669E7547
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 015FF1B186222FE825EED7719866BEBA
Requests: 2 HTTP requests in this frame

Frame: https://ws.sharethis.com/secure5x/index.html
Frame ID: B16E4AA6AD4112E1005915EEAFC159A2
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Indian database of blood donors - Donate Blood ! Save a life !

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • w\.sharethis\.com/

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

83
Requests

54 %
HTTPS

82 %
IPv6

11
Domains

18
Subdomains

18
IPs

3
Countries

638 kB
Transfer

1690 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • http://w.sharethis.com/button/buttons.js HTTP 301
  • https://w.sharethis.com/button/buttons.js
Request Chain 33
  • http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fbloodhelpers.com&layout=standard&show_faces=true&width=450&action=recommend&font=lucida+grande&colorscheme=light&height=80 HTTP 307
  • https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fbloodhelpers.com&layout=standard&show_faces=true&width=450&action=recommend&font=lucida+grande&colorscheme=light&height=80
Request Chain 64
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

83 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
bloodhelpers.com/
82 KB
14 KB
Document
General
Full URL
http://bloodhelpers.com/
Protocol
HTTP/1.1
Server
2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
9127f2cdabb4d9e77c19f2fc42789bc1606b2e56e4e97bfd106f10c5f69dc314

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
13731
Content-Type
text/html; charset=UTF-8
Date
Thu, 16 Jun 2022 20:35:13 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding
bloodhelper.css
bloodhelpers.com/css/
15 KB
3 KB
Stylesheet
General
Full URL
http://bloodhelpers.com/css/bloodhelper.css
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
HTTP/1.1
Server
2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
465d576714c8de5cf1f7f962251bcf51d64fb73155a41ebf3ac2525938501a2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 20:35:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 31 Jul 2017 09:22:21 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"3d0a-55599916e6221-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
3216
chosen.css
bloodhelpers.com/css/
15 KB
3 KB
Stylesheet
General
Full URL
http://bloodhelpers.com/css/chosen.css
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
HTTP/1.1
Server
2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
fd0d2d25b0bae9f94ab8afb18b9b5341bec98a9f20926e91bbb528acdccf5dc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 20:35:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 31 Jul 2017 09:22:21 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"3dfc-55599916e6221-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2669
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6.4/
90 KB
32 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.6.4/jquery.min.js
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
232066e3f6f1351afdaee1acb70c409766641fd5669e0b55ce7c77fac0a857ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 13:38:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24984
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32222
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Jun 2023 13:38:49 GMT
chosen.jquery.js
bloodhelpers.com/js/
38 KB
8 KB
Script
General
Full URL
http://bloodhelpers.com/js/chosen.jquery.js
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
HTTP/1.1
Server
2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
e498735abec99119623c06b3b289a236709fe4bae0e75f8a2bcdc236c4fa7416

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 20:35:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 31 Jul 2017 09:22:28 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"998e-5559991d128b1-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
7769
logo.jpg
bloodhelpers.com/images/
6 KB
6 KB
Image
General
Full URL
http://bloodhelpers.com/images/logo.jpg
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
HTTP/1.1
Server
2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
90ae6a92534dd5280d5dd7ee4e2ae906e67b238cd99eb101d1cd9b8ce448ef97

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 20:35:13 GMT
Last-Modified
Sun, 30 Jul 2017 08:35:02 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"1641-55584ca566570"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
5697
tab_top.jpg
bloodhelpers.com/images/
2 KB
2 KB
Image
General
Full URL
http://bloodhelpers.com/images/tab_top.jpg
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
HTTP/1.1
Server
2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
4f0b8a92c4b966af8298f43c059ec089461ee7a36fe53ee407ab39485194e358

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 20:35:13 GMT
Last-Modified
Sun, 30 Jul 2017 08:35:02 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"69f-55584ca566570"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1695
inform.gif
bloodhelpers.com/i/
2 KB
2 KB
Image
General
Full URL
http://bloodhelpers.com/i/inform.gif
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
HTTP/1.1
Server
2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
c4b8a8c6703278963efa13c2536ca546ed08f55a0dbab145d5500f850691d8a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 20:35:13 GMT
Last-Modified
Sun, 30 Jul 2017 08:34:58 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"6ea-55584ca1ea691"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1770
tab_bottom.jpg
bloodhelpers.com/images/
1 KB
2 KB
Image
General
Full URL
http://bloodhelpers.com/images/tab_bottom.jpg
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
HTTP/1.1
Server
2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
aa7d7130a1412cd7df7976029c244e17ae541393962321ef3798d4fd31a8c1fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 20:35:13 GMT
Last-Modified
Sun, 30 Jul 2017 08:35:02 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"5f6-55584ca566570"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1526
logintop.jpg
bloodhelpers.com/images/
932 B
1 KB
Image
General
Full URL
http://bloodhelpers.com/images/logintop.jpg
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
HTTP/1.1
Server
2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
72733f17413f79408f89e9d85b9e44fcd10c9a8351d26c204b497d2769b67fc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 20:35:14 GMT
Last-Modified
Sun, 30 Jul 2017 08:35:02 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"3a4-55584ca566570"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
932
loginbottom.jpg
bloodhelpers.com/images/
962 B
1 KB
Image
General
Full URL
http://bloodhelpers.com/images/loginbottom.jpg
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
HTTP/1.1
Server
2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
c1abbde5f157de3a571a6e12ceea7466953640d23fbe0e5b7339d04c4b0e73ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 20:35:14 GMT
Last-Modified
Sun, 30 Jul 2017 08:35:02 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"3c2-55584ca566570"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
962
show_ads.js
pagead2.googlesyndication.com/pagead/
116 KB
39 KB
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d7edabff24413c30b4dde336cebbe87b2cd664e81b1536a2a6ed2149ec6901e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Thu, 16 Jun 2022 20:35:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
10253153403503044981
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
39750
X-XSS-Protection
0
Expires
Thu, 16 Jun 2022 20:35:13 GMT
tabsearhtop.jpg
bloodhelpers.com/images/
2 KB
2 KB
Image
General
Full URL
http://bloodhelpers.com/images/tabsearhtop.jpg
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
HTTP/1.1
Server
2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
e7f3e6e7de4d0e4b7b1ac851f43188836a609a0e77b4c6f5ade29b8c9b80e946

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 20:35:14 GMT
Last-Modified
Sun, 30 Jul 2017 08:35:02 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"66f-55584ca566570"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
1647
tabsearhbottom.jpg
bloodhelpers.com/images/
1 KB
2 KB
Image
General
Full URL
http://bloodhelpers.com/images/tabsearhbottom.jpg
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
HTTP/1.1
Server
2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
7c1dc78e5284f0f937fc9159ca5418fd27aac3e93eb813bf6477cca5c34bf998

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 20:35:14 GMT
Last-Modified
Sun, 30 Jul 2017 08:35:02 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"5b0-55584ca566570"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1456
tabrequesttop.jpg
bloodhelpers.com/images/
2 KB
2 KB
Image
General
Full URL
http://bloodhelpers.com/images/tabrequesttop.jpg
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
HTTP/1.1
Server
2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
248efbcc76b3d0a7264cb4cbc225aa44606b05c639dc6bd1ddf40157f72d43c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 20:35:14 GMT
Last-Modified
Sun, 30 Jul 2017 08:35:02 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"6e4-55584ca566570"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
1764
tabrequestbottom.jpg
bloodhelpers.com/images/
2 KB
2 KB
Image
General
Full URL
http://bloodhelpers.com/images/tabrequestbottom.jpg
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
HTTP/1.1
Server
2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
e8d4ff5367de8df94634d960c32dd62bceb138308cffddbc2656492fcfd7a934

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 20:35:14 GMT
Last-Modified
Sun, 30 Jul 2017 08:35:02 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"6a3-55584ca566570"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
1699
female.jpg
bloodhelpers.com/i/
26 KB
26 KB
Image
General
Full URL
http://bloodhelpers.com/i/female.jpg
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
HTTP/1.1
Server
2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
353a5cce0bff7f591984f8b938c48d46d505ec73640a1cd5a5fd8ddb41fbcbca

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 20:35:14 GMT
Last-Modified
Sun, 30 Jul 2017 08:34:58 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"6691-55584ca1ea691"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
26257
male.jpg
bloodhelpers.com/i/
25 KB
25 KB
Image
General
Full URL
http://bloodhelpers.com/i/male.jpg
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
HTTP/1.1
Server
2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
fdf2ce1dd291ed85237de3ca32c8595089ea91b09439ed40afc63a240549e4fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 20:35:14 GMT
Last-Modified
Sun, 30 Jul 2017 08:34:58 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"6368-55584ca1ea691"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
25448
buttons.js
w.sharethis.com/button/
Redirect Chain
  • http://w.sharethis.com/button/buttons.js
  • https://w.sharethis.com/button/buttons.js
59 KB
17 KB
Script
General
Full URL
https://w.sharethis.com/button/buttons.js
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
H2
Server
2600:9000:225e:b800:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
7ba38c636940db54018406db91e3a02040d14fd6ce7dabf8bdb011067ba8eb41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 21:45:24 GMT
content-encoding
gzip
vary
Accept-Encoding
age
168590
x-cache
Hit from cloudfront
content-length
16739
server
nginx/1.20.1
etag
W/"61e1c3a2-ea95"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
cache-control
max-age=259200
x-amz-cf-pop
FRA60-P4
x-robots-tag
noindex, nofollow
x-amz-cf-id
KzAfqzmVQVyM9hTYcVt06Zwbrt1aVNXc88UPaPAtqX-okwzzNOP94Q==
expires
Fri, 17 Jun 2022 21:45:24 GMT

Redirect headers

Date
Thu, 16 Jun 2022 20:35:13 GMT
Via
1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA60-P4
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://w.sharethis.com/button/buttons.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
iHAiNFqUXbQYvHZWEqrN76-hvVRfQkE9vx68iecwY977nw4tulip-g==
sliderHeader.jpg
bloodhelpers.com/images/
431 B
716 B
Image
General
Full URL
http://bloodhelpers.com/images/sliderHeader.jpg
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol
HTTP/1.1
Server
2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
5e0eb783dd1df7d0d104169c210fe8775412af11f797b5c9fd368c6d0b5b1c93

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/css/bloodhelper.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 20:35:14 GMT
Last-Modified
Sun, 30 Jul 2017 08:35:02 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"1af-55584ca566570"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
431
tab_bg.jpg
bloodhelpers.com/images/
422 B
707 B
Image
General
Full URL
http://bloodhelpers.com/images/tab_bg.jpg
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol
HTTP/1.1
Server
2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
fc345ad17d1564c82cf169a6e0a9be99d6a67f66568396c49575678d0179f4d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/css/bloodhelper.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 20:35:14 GMT
Last-Modified
Sun, 30 Jul 2017 08:35:02 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"1a6-55584ca566570"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
422
loginbg.jpg
bloodhelpers.com/images/
356 B
642 B
Image
General
Full URL
http://bloodhelpers.com/images/loginbg.jpg
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol
HTTP/1.1
Server
2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
776654f7b3bf08c9ad34b8a4346af6dd89590ebee0c4f7c6dd8d7f34ea1f1698

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/css/bloodhelper.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 20:35:14 GMT
Last-Modified
Sun, 30 Jul 2017 08:35:02 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"164-55584ca566570"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
356
navBg.jpg
bloodhelpers.com/images/
429 B
714 B
Image
General
Full URL
http://bloodhelpers.com/images/navBg.jpg
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol
HTTP/1.1
Server
2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
5457dbdf5b8ea7afe9c7d54038caee3eb372bf261b751577a20de58a98e024ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/css/bloodhelper.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 20:35:14 GMT
Last-Modified
Sun, 30 Jul 2017 08:35:02 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"1ad-55584ca566570"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
429
navleft.jpg
bloodhelpers.com/images/
1009 B
1 KB
Image
General
Full URL
http://bloodhelpers.com/images/navleft.jpg
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol
HTTP/1.1
Server
2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
608e0382cd5327f9ee7c19cefe7d6fd4447233ae38e1ddcf0074765a09e4293e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/css/bloodhelper.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 20:35:14 GMT
Last-Modified
Sun, 30 Jul 2017 08:35:02 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"3f1-55584ca566570"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
1009
navright.jpg
bloodhelpers.com/images/
1019 B
1 KB
Image
General
Full URL
http://bloodhelpers.com/images/navright.jpg
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol
HTTP/1.1
Server
2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
266d11c6058f9a59e25b5a5232f571dc69eb3578beb0faec8fa3d2088836388c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/css/bloodhelper.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 20:35:14 GMT
Last-Modified
Sun, 30 Jul 2017 08:35:02 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"3fb-55584ca566570"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1019
bloddRegister.gif
bloodhelpers.com/i/
2 KB
2 KB
Image
General
Full URL
http://bloodhelpers.com/i/bloddRegister.gif
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol
HTTP/1.1
Server
2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
4f197c444784333a55ff4b224157f0d800e70c9daa39d86bcedc8c7ef162915d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/css/bloodhelper.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 20:35:14 GMT
Last-Modified
Sun, 30 Jul 2017 08:34:58 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"622-55584ca1e998b"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1570
RegisterIcon.gif
bloodhelpers.com/i/
2 KB
2 KB
Image
General
Full URL
http://bloodhelpers.com/i/RegisterIcon.gif
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol
HTTP/1.1
Server
2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
10b02de004b97512fd30c6f064abbdee71b11f73eb02929c24e5b0133e692b97

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/css/bloodhelper.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 20:35:14 GMT
Last-Modified
Sun, 30 Jul 2017 08:34:58 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"76d-55584ca1e8c86"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
1901
searchIcon.gif
bloodhelpers.com/i/
2 KB
2 KB
Image
General
Full URL
http://bloodhelpers.com/i/searchIcon.gif
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol
HTTP/1.1
Server
2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
5608227c7f669c0d9a2becf40df6b1e818c4bf5031cff42356ea83b953079541

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/css/bloodhelper.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 20:35:14 GMT
Last-Modified
Sun, 30 Jul 2017 08:34:58 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"691-55584ca1eb396"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1681
postIcon.jpg
bloodhelpers.com/images/
2 KB
2 KB
Image
General
Full URL
http://bloodhelpers.com/images/postIcon.jpg
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol
HTTP/1.1
Server
2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
0697c07c0ab6e661ea446ec8242304225e7cec860c1913ac9d0c2f25611b96e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/css/bloodhelper.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 20:35:14 GMT
Last-Modified
Sun, 30 Jul 2017 08:35:02 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"7da-55584ca566570"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
2010
tickerbg.gif
bloodhelpers.com/i/
125 B
408 B
Image
General
Full URL
http://bloodhelpers.com/i/tickerbg.gif
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol
HTTP/1.1
Server
2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
eba396bb2d056206fff4af829b6e6edfd05ab820e06fed281e762c9bfe6f2911

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/css/bloodhelper.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 20:35:14 GMT
Last-Modified
Sun, 30 Jul 2017 08:34:58 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"7d-55584ca1eb396"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
125
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206130101/
338 KB
120 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206130101/show_ads_impl_with_ama_fy2021.js?client=pub-4081699989175167&plah=bloodhelpers.com
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71433994ecb2f3e40a95e326d1900399c0824cd87811d49bc664bd461d2cec66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 20:35:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121831
x-xss-protection
0
server
cafe
etag
8480015318891461068
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 16 Jun 2022 20:35:14 GMT
tabsearchbg.jpg
bloodhelpers.com/images/
411 B
696 B
Image
General
Full URL
http://bloodhelpers.com/images/tabsearchbg.jpg
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol
HTTP/1.1
Server
2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
0eefc2d7f64647f430757895d13bd823e9106b542cacf8ed5adc05c772ea2cde

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/css/bloodhelper.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 20:35:14 GMT
Last-Modified
Sun, 30 Jul 2017 08:35:02 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"19b-55584ca566570"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
411
chosen-sprite.png
bloodhelpers.com/i/
646 B
930 B
Image
General
Full URL
http://bloodhelpers.com/i/chosen-sprite.png
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/chosen.css
Protocol
HTTP/1.1
Server
2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
e670fdcaf8cd467a9a1a67e9a5c1f73288089f59dc08031b118dc26fbd233c80

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/css/chosen.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 20:35:14 GMT
Last-Modified
Sun, 30 Jul 2017 08:34:58 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"286-55584ca1ea691"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
646
tabrequestBg.jpg
bloodhelpers.com/images/
405 B
690 B
Image
General
Full URL
http://bloodhelpers.com/images/tabrequestBg.jpg
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol
HTTP/1.1
Server
2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
ffc5b915284c210bfb56d123358c80408200d967819e1a52979fb7572a98ba65

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/css/bloodhelper.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 20:35:14 GMT
Last-Modified
Sun, 30 Jul 2017 08:35:02 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"195-55584ca566570"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
405
like.php
www.facebook.com/plugins/ Frame 08F6
Redirect Chain
  • http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fbloodhelpers.com&layout=standard&show_faces=true&width=450&action=recommend&font=lucida+grande&colorscheme=light&height=80
  • https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fbloodhelpers.com&layout=standard&show_faces=true&width=450&action=recommend&font=lucida+grande&colorscheme=light&height=80
0
3 KB
Document
General
Full URL
https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fbloodhelpers.com&layout=standard&show_faces=true&width=450&action=recommend&font=lucida+grande&colorscheme=light&height=80
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bloodhelpers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 16 Jun 2022 20:35:14 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=3,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options
nosniff
x-fb-debug
kDFQT68+4IBow+rsq1CvVkrky/dGu11Ar3vKAK8xB+rg88uPLRT1OxiyCqEyEKzjZcXLCwJdbtLWzuh51qzW1Q==
x-xss-protection
0

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fbloodhelpers.com&layout=standard&show_faces=true&width=450&action=recommend&font=lucida+grande&colorscheme=light&height=80
Non-Authoritative-Reason
HSTS
recentusers_top.gif
bloodhelpers.com/i/
647 B
931 B
Image
General
Full URL
http://bloodhelpers.com/i/recentusers_top.gif
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
HTTP/1.1
Server
2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
6da64d35e0719af8338c2ca65f4597386a5d95632da247f6eabea44087e94f73

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 20:35:14 GMT
Last-Modified
Sun, 30 Jul 2017 08:34:58 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"287-55584ca1eb396"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
647
recentusers_bg.gif
bloodhelpers.com/i/
90 B
372 B
Image
General
Full URL
http://bloodhelpers.com/i/recentusers_bg.gif
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
HTTP/1.1
Server
2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
31db83f7dee8772cf449eb52412da6d98ede3db1f1266cf772e53fa3d10579bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 20:35:14 GMT
Last-Modified
Sun, 30 Jul 2017 08:34:58 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"5a-55584ca1eb396"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
90
recentusers_bot.gif
bloodhelpers.com/i/
661 B
945 B
Image
General
Full URL
http://bloodhelpers.com/i/recentusers_bot.gif
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
HTTP/1.1
Server
2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
de9beb5ad10173669f0b41c34c327f869c48dd0e4300d398e72603eb4a119a48

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 20:35:14 GMT
Last-Modified
Sun, 30 Jul 2017 08:34:58 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"295-55584ca1eb396"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
661
family.gif
bloodhelpers.com/i/
8 KB
8 KB
Image
General
Full URL
http://bloodhelpers.com/i/family.gif
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol
HTTP/1.1
Server
2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
694d659009eac3d41baa98f316082395d708e93affbfddbba5fed6289b2560c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/css/bloodhelper.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 20:35:14 GMT
Last-Modified
Sun, 30 Jul 2017 08:34:58 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"1f52-55584ca1ea691"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
8018
spacer.gif
bloodhelpers.com/i/
43 B
325 B
Image
General
Full URL
http://bloodhelpers.com/i/spacer.gif
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol
HTTP/1.1
Server
2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/css/bloodhelper.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 20:35:14 GMT
Last-Modified
Sun, 30 Jul 2017 08:34:58 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"2b-55584ca1eb396"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
43
feedback_trans_tab.png
bloodhelpers.com/i/
2 KB
2 KB
Image
General
Full URL
http://bloodhelpers.com/i/feedback_trans_tab.png
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol
HTTP/1.1
Server
2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
9a9908a313001cfb6df4c6dc006c43f13dfcca49840f203ca7fc81d71e9366f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/css/bloodhelper.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 20:35:14 GMT
Last-Modified
Sun, 30 Jul 2017 08:34:58 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"695-55584ca1ea691"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
1685
async-buttons.js
ws.sharethis.com/button/
89 KB
19 KB
Script
General
Full URL
https://ws.sharethis.com/button/async-buttons.js
Requested by
Host: w.sharethis.com
URL: http://w.sharethis.com/button/buttons.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:b800:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
38bdaa6ffa7c071fd9af7eb4fc6e34125cbac8965ad71fb0e93a0d2140dd2842
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 21:45:24 GMT
content-encoding
gzip
vary
Accept-Encoding
age
168590
x-cache
Hit from cloudfront
content-length
18813
server
nginx/1.20.1
etag
W/"61e1c3fb-16245"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
cache-control
max-age=259200
x-amz-cf-pop
FRA60-P4
x-robots-tag
noindex, nofollow
x-amz-cf-id
Gj790gNX1Jc7OlQqNU0xRodubnyiAplcAapISsPLMf1IFDEmon_vxg==
expires
Fri, 17 Jun 2022 21:45:24 GMT
pview
l.sharethis.com/
0
402 B
XHR
General
Full URL
https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1655411714115.61848&hostname=bloodhelpers.com&location=%2F&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Fbloodhelpers.com%2F&title=Indian%20database%20of%20blood%20donors%20-%20Donate%20Blood%20!%20Save%20a%20life%20!&sop=false&description=Indian%20database%20of%20blood%20donors%20%3A%20Help%20in%20saving%20lives%20of%20those%20who%20are%20in%20immediate%20need%20of%20blood.%20Register%20as%20blood%20donor%20and%20save%20life
Requested by
Host: w.sharethis.com
URL: http://w.sharethis.com/button/buttons.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.184.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-184-38.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 20:35:14 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Allow-Origin
http://bloodhelpers.com
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
1728000
Connection
keep-alive
Access-Control-Allow-Headers
*
buttons-secure.css
ws.sharethis.com/button/css/
23 KB
4 KB
Stylesheet
General
Full URL
https://ws.sharethis.com/button/css/buttons-secure.css
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:b800:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 01:04:20 GMT
content-encoding
gzip
last-modified
Fri, 14 Jan 2022 18:42:03 GMT
server
nginx/1.20.1
age
70254
etag
W/"61e1c3fb-5a76"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
strict-transport-security
max-age=31536000; includeSubDomains
x-robots-tag
noindex, nofollow
content-length
3851
x-amz-cf-id
ov4fQjvEiMG3TLcEcHTIT0ST56tuktHHRYZDr7P86ZIqtvUbMF_bOw==
get_counts
count-server.sharethis.com/v2.0/
454 B
816 B
Script
General
Full URL
https://count-server.sharethis.com/v2.0/get_counts?url=http%3A%2F%2Fbloodhelpers.com%2F&cb=stButtons.processCB&wd=true
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-95.fra60.r.cloudfront.net
Software
/
Resource Hash
078b4e1392e5b87ea15d8f49e36649f12c8238bafdb011087118d7a974acc3e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 14:37:30 GMT
via
1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
age
21464
etag
70e9261ad05f9870c4daca6d63f4e708
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-pop
FRA60-P1
content-length
454
apigw-requestid
T0b2sj03IAMESpg=
x-amz-cf-id
snj90z4np8fM4j1noyIPO7HJ44e0Gj_8tXlCIb3HgMa6Rbn_EUIuBA==
twitter_counter.png
ws.sharethis.com/images/2017/
2 KB
3 KB
Image
General
Full URL
https://ws.sharethis.com/images/2017/twitter_counter.png
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:b800:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
aeae37bae2130513ef8b5ea4fde8fd776b32ff8969b848b59399a63d9455e29a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 18 May 2022 09:41:16 GMT
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
server
nginx/1.20.1
age
2544838
etag
"61e1c39c-9ae"
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
2478
x-amz-cf-id
Juvp-P-dDGg0FEBqL4JApgmzTPh2HuvhPJox7CnAEtjEMqHTnO5J9g==
expires
Thu, 18 May 2023 09:41:16 GMT
facebook_counter.png
ws.sharethis.com/images/2017/
2 KB
3 KB
Image
General
Full URL
https://ws.sharethis.com/images/2017/facebook_counter.png
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:b800:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
3488c49147b809d1e457c14a37bf3a79b0455fd159c121325e8f737eea45eb75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 00:23:47 GMT
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
server
nginx/1.20.1
age
6293487
etag
"61e1c39c-977"
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
2423
x-amz-cf-id
YBxTkdsbvPFJXgJQX9012laNLvzzKr-Q7L5dJHbzI4K3Jvk2kI2Jqg==
expires
Wed, 05 Apr 2023 00:23:47 GMT
reddit_16.png
ws.sharethis.com/images/2017/
895 B
1 KB
Image
General
Full URL
https://ws.sharethis.com/images/2017/reddit_16.png
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/css/buttons-secure.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:b800:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
1600444c9b4125557ffab061b614813ee35aea6a10101fdd47c236d7d8a4c435
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ws.sharethis.com/button/css/buttons-secure.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 17 May 2022 04:51:41 GMT
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
server
nginx/1.20.1
age
2648613
etag
"61e1c39c-37f"
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
895
x-amz-cf-id
Cg6_O7jCE6pqVdTofg0JaZFiVw50CO_phoU6GDYE52y3r81J9LZhOA==
expires
Wed, 17 May 2023 04:51:41 GMT
digg_16.png
ws.sharethis.com/images/2017/
706 B
1 KB
Image
General
Full URL
https://ws.sharethis.com/images/2017/digg_16.png
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/css/buttons-secure.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:b800:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
62f041ce8a15ab6b5dda668380d3191d5b95b914a14cc65140a7fd717e6381a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ws.sharethis.com/button/css/buttons-secure.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 14:15:01 GMT
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
server
nginx/1.20.1
age
22054813
etag
"612ef1b8-2c2"
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
706
x-amz-cf-id
GFs-SQfEp5mzJpKNSe-g7w26SpVvhxTGTsksbk06kCce3NFfetwRUA==
expires
Tue, 04 Oct 2022 14:15:01 GMT
pview
l.sharethis.com/
0
380 B
Image
General
Full URL
https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1655411714115.61848&hostname=bloodhelpers.com&location=%2F&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Fbloodhelpers.com%2F&title=Indian%20database%20of%20blood%20donors%20-%20Donate%20Blood%20!%20Save%20a%20life%20!&sop=false&description=Indian%20database%20of%20blood%20donors%20%3A%20Help%20in%20saving%20lives%20of%20those%20who%20are%20in%20immediate%20need%20of%20blood.%20Register%20as%20blood%20donor%20and%20save%20life&description=Indian%20database%20of%20blood%20donors%20%3A%20Help%20in%20saving%20lives%20of%20those%20who%20are%20in%20immediate%20need%20of%20blood.%20Register%20as%20blood%20donor%20and%20save%20life&img_pview=true
Requested by
Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.184.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-184-38.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 20:35:14 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
1728000
Connection
keep-alive
Access-Control-Allow-Headers
*
cookie.js
partner.googleadservices.com/gampad/
220 B
647 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=bloodhelpers.com&callback=_gfp_s_&client=ca-pub-4081699989175167
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206130101/show_ads_impl_with_ama_fy2021.js?client=pub-4081699989175167&plah=bloodhelpers.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
d2386b743434075878215d1398d3043af590c334a92b54b3d0c4b190d26a99ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 20:35:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
203
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=bloodhelpers.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206130101/show_ads_impl_with_ama_fy2021.js?client=pub-4081699989175167&plah=bloodhelpers.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 16 Jun 2022 20:35:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=bloodhelpers.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206130101/show_ads_impl_with_ama_fy2021.js?client=pub-4081699989175167&plah=bloodhelpers.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 16 Jun 2022 20:35:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4E63
62 KB
20 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4081699989175167&output=html&h=600&slotname=1676498701&adk=214556337&adf=3687068580&pi=t.ma~as.1676498701&w=120&lmt=1655411714&url=http%3A%2F%2Fbloodhelpers.com%2F&wgl=1&dt=1655411714040&bpp=11&bdt=560&idt=262&shv=r20220614&mjsv=m202206130101&ptt=5&saldr=sa&abxe=1&correlator=6871375200257&frm=20&pv=2&ga_vid=467579500.1655411714&ga_sid=1655411714&ga_hid=1295908720&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1164&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31067629%2C42531606%2C42531607%2C21065725&oid=2&pvsid=3164538892089136&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=AQKtbk0vTV&p=http%3A//bloodhelpers.com&dtd=280
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206130101/show_ads_impl_with_ama_fy2021.js?client=pub-4081699989175167&plah=bloodhelpers.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a648031d69711093177d107c83b11af415cefffa7d72a0cf8ae3aacc489a3a7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bloodhelpers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
19924
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Jun 2022 20:35:14 GMT
expires
Thu, 16 Jun 2022 20:35:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
bubble_arrow_below.png
ws.sharethis.com/secure/images/
969 B
1 KB
Image
General
Full URL
https://ws.sharethis.com/secure/images/bubble_arrow_below.png
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/css/buttons-secure.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:b800:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
10ad65fee3c7f0fc6a2122915ac606daf88347db9f6173aa67e3457598665677
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ws.sharethis.com/button/css/buttons-secure.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 03:54:39 GMT
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
server
nginx/1.20.1
age
8095235
etag
"61e1c3fb-3c9"
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
969
x-amz-cf-id
bIvPS70djE5uT3ZQrqIoNTQ7hUU9JU1kSifzgfFTFZ2lm98VBSuLqA==
expires
Wed, 15 Mar 2023 03:54:39 GMT
css
fonts.googleapis.com/ Frame 4E63
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4081699989175167&output=html&h=600&slotname=1676498701&adk=214556337&adf=3687068580&pi=t.ma~as.1676498701&w=120&lmt=1655411714&url=http%3A%2F%2Fbloodhelpers.com%2F&wgl=1&dt=1655411714040&bpp=11&bdt=560&idt=262&shv=r20220614&mjsv=m202206130101&ptt=5&saldr=sa&abxe=1&correlator=6871375200257&frm=20&pv=2&ga_vid=467579500.1655411714&ga_sid=1655411714&ga_hid=1295908720&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1164&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31067629%2C42531606%2C42531607%2C21065725&oid=2&pvsid=3164538892089136&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=AQKtbk0vTV&p=http%3A//bloodhelpers.com&dtd=280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c261555eab7ae93e60d96a5c5f4f177d11262c0c16e6a1422cf9afadfade15be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 16 Jun 2022 20:29:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 16 Jun 2022 20:35:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Jun 2022 20:35:15 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220614/r20110914/client/ Frame 4E63
2 KB
983 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220614/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4081699989175167&output=html&h=600&slotname=1676498701&adk=214556337&adf=3687068580&pi=t.ma~as.1676498701&w=120&lmt=1655411714&url=http%3A%2F%2Fbloodhelpers.com%2F&wgl=1&dt=1655411714040&bpp=11&bdt=560&idt=262&shv=r20220614&mjsv=m202206130101&ptt=5&saldr=sa&abxe=1&correlator=6871375200257&frm=20&pv=2&ga_vid=467579500.1655411714&ga_sid=1655411714&ga_hid=1295908720&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1164&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31067629%2C42531606%2C42531607%2C21065725&oid=2&pvsid=3164538892089136&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=AQKtbk0vTV&p=http%3A//bloodhelpers.com&dtd=280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 19:46:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2951
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Jun 2022 19:46:04 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 4E63
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=ClCJFApSrYt-HHKHBxgPStquoD5-rzflp0Mvx4rYOyprmhcIoEAEg_qjaDWCVgqCCsAegAf_S3MYDyAEBqQIHAGnPssCxPqgDAaoE2AFP0DJEW6wS15ym1r9VdcFdqkmGlXBxBPvpllVGJ7t289CHljeNtY-Qua0-VzNhuUWHJC6bYpcS5kxjK-qXMl2GQjR4Srnuywx-J0nbaraDpfa-i3Di1JiK43SdpX5UidT-M3XRANisdV9yJQtG912_X3M5r8TWWBd6AdVttC-diTO3eN2h_VlFOusOytPngpzhiSboVD2h2uOVRNxFKwOEWaV5Xn485EJi4mAufs5KUtQQpgLArPiZk7Get1_MWgsvjaM5JZrTD7UuVXWnb_AnSWSkmLSjhb_ABKDOqOnxA5IFBAgEGAGSBQQIBRgEgAfprKM5qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQoocL0ggJCIDhgBAQARgfgAoByAsB2BMKiBQC0BUBgBcBshccChoIABIUcHViLTQwODE2OTk5ODkxNzUxNjcYAA&sigh=r-Y-MXAi9N8&uach_m=[UACH]&template_id=5020
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4081699989175167&output=html&h=600&slotname=1676498701&adk=214556337&adf=3687068580&pi=t.ma~as.1676498701&w=120&lmt=1655411714&url=http%3A%2F%2Fbloodhelpers.com%2F&wgl=1&dt=1655411714040&bpp=11&bdt=560&idt=262&shv=r20220614&mjsv=m202206130101&ptt=5&saldr=sa&abxe=1&correlator=6871375200257&frm=20&pv=2&ga_vid=467579500.1655411714&ga_sid=1655411714&ga_hid=1295908720&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1164&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31067629%2C42531606%2C42531607%2C21065725&oid=2&pvsid=3164538892089136&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=AQKtbk0vTV&p=http%3A//bloodhelpers.com&dtd=280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4081699989175167&output=html&h=600&slotname=1676498701&adk=214556337&adf=3687068580&pi=t.ma~as.1676498701&w=120&lmt=1655411714&url=http%3A%2F%2Fbloodhelpers.com%2F&wgl=1&dt=1655411714040&bpp=11&bdt=560&idt=262&shv=r20220614&mjsv=m202206130101&ptt=5&saldr=sa&abxe=1&correlator=6871375200257&frm=20&pv=2&ga_vid=467579500.1655411714&ga_sid=1655411714&ga_hid=1295908720&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1164&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31067629%2C42531606%2C42531607%2C21065725&oid=2&pvsid=3164538892089136&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=AQKtbk0vTV&p=http%3A//bloodhelpers.com&dtd=280
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 16 Jun 2022 20:35:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 16 Jun 2022 20:35:14 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220614/r20110914/ Frame 4E63
21 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220614/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4081699989175167&output=html&h=600&slotname=1676498701&adk=214556337&adf=3687068580&pi=t.ma~as.1676498701&w=120&lmt=1655411714&url=http%3A%2F%2Fbloodhelpers.com%2F&wgl=1&dt=1655411714040&bpp=11&bdt=560&idt=262&shv=r20220614&mjsv=m202206130101&ptt=5&saldr=sa&abxe=1&correlator=6871375200257&frm=20&pv=2&ga_vid=467579500.1655411714&ga_sid=1655411714&ga_hid=1295908720&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1164&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31067629%2C42531606%2C42531607%2C21065725&oid=2&pvsid=3164538892089136&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=AQKtbk0vTV&p=http%3A//bloodhelpers.com&dtd=280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
592a588b519b72fbab39bfde9bf9b12fc6a59a380a221578d87c9492e7b16f12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 19:54:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2419
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8671
x-xss-protection
0
server
cafe
etag
3673595682727343497
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Jun 2022 19:54:56 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220614/r20110914/client/ Frame 4E63
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220614/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4081699989175167&output=html&h=600&slotname=1676498701&adk=214556337&adf=3687068580&pi=t.ma~as.1676498701&w=120&lmt=1655411714&url=http%3A%2F%2Fbloodhelpers.com%2F&wgl=1&dt=1655411714040&bpp=11&bdt=560&idt=262&shv=r20220614&mjsv=m202206130101&ptt=5&saldr=sa&abxe=1&correlator=6871375200257&frm=20&pv=2&ga_vid=467579500.1655411714&ga_sid=1655411714&ga_hid=1295908720&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1164&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31067629%2C42531606%2C42531607%2C21065725&oid=2&pvsid=3164538892089136&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=AQKtbk0vTV&p=http%3A//bloodhelpers.com&dtd=280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 20:01:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Jun 2022 20:01:55 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4E63
137 KB
43 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4081699989175167&output=html&h=600&slotname=1676498701&adk=214556337&adf=3687068580&pi=t.ma~as.1676498701&w=120&lmt=1655411714&url=http%3A%2F%2Fbloodhelpers.com%2F&wgl=1&dt=1655411714040&bpp=11&bdt=560&idt=262&shv=r20220614&mjsv=m202206130101&ptt=5&saldr=sa&abxe=1&correlator=6871375200257&frm=20&pv=2&ga_vid=467579500.1655411714&ga_sid=1655411714&ga_hid=1295908720&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1164&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31067629%2C42531606%2C42531607%2C21065725&oid=2&pvsid=3164538892089136&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=AQKtbk0vTV&p=http%3A//bloodhelpers.com&dtd=280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 20:35:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43182
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1655318790223595"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 16 Jun 2022 20:35:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220614/r20110914/client/ Frame 4E63
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220614/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4081699989175167&output=html&h=600&slotname=1676498701&adk=214556337&adf=3687068580&pi=t.ma~as.1676498701&w=120&lmt=1655411714&url=http%3A%2F%2Fbloodhelpers.com%2F&wgl=1&dt=1655411714040&bpp=11&bdt=560&idt=262&shv=r20220614&mjsv=m202206130101&ptt=5&saldr=sa&abxe=1&correlator=6871375200257&frm=20&pv=2&ga_vid=467579500.1655411714&ga_sid=1655411714&ga_hid=1295908720&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1164&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31067629%2C42531606%2C42531607%2C21065725&oid=2&pvsid=3164538892089136&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=AQKtbk0vTV&p=http%3A//bloodhelpers.com&dtd=280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 19:36:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3544
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7312
x-xss-protection
0
server
cafe
etag
10280116914265038571
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Jun 2022 19:36:11 GMT
10f77a9ed5e9dbc13462adf17b625271.js
www.gstatic.com/mysidia/ Frame 4E63
31 KB
13 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/10f77a9ed5e9dbc13462adf17b625271.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4081699989175167&output=html&h=600&slotname=1676498701&adk=214556337&adf=3687068580&pi=t.ma~as.1676498701&w=120&lmt=1655411714&url=http%3A%2F%2Fbloodhelpers.com%2F&wgl=1&dt=1655411714040&bpp=11&bdt=560&idt=262&shv=r20220614&mjsv=m202206130101&ptt=5&saldr=sa&abxe=1&correlator=6871375200257&frm=20&pv=2&ga_vid=467579500.1655411714&ga_sid=1655411714&ga_hid=1295908720&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1164&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31067629%2C42531606%2C42531607%2C21065725&oid=2&pvsid=3164538892089136&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=AQKtbk0vTV&p=http%3A//bloodhelpers.com&dtd=280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f570d3cfc5df9a889452f6a2e8ea3ea6c3e6691824d54106d8928efc3abf8600
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 23:07:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77277
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12964
x-xss-protection
0
last-modified
Wed, 15 Jun 2022 22:50:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 13 Sep 2022 23:07:18 GMT
truncated
/ Frame 4E63
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
image/svg+xml
s
googleads.g.doubleclick.net/pagead/drt/ Frame B3C0
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4081699989175167&output=html&h=600&slotname=1676498701&adk=214556337&adf=3687068580&pi=t.ma~as.1676498701&w=120&lmt=1655411714&url=http%3A%2F%2Fbloodhelpers.com%2F&wgl=1&dt=1655411714040&bpp=11&bdt=560&idt=262&shv=r20220614&mjsv=m202206130101&ptt=5&saldr=sa&abxe=1&correlator=6871375200257&frm=20&pv=2&ga_vid=467579500.1655411714&ga_sid=1655411714&ga_hid=1295908720&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1164&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31067629%2C42531606%2C42531607%2C21065725&oid=2&pvsid=3164538892089136&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=AQKtbk0vTV&p=http%3A//bloodhelpers.com&dtd=280
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4081699989175167&output=html&h=600&slotname=1676498701&adk=214556337&adf=3687068580&pi=t.ma~as.1676498701&w=120&lmt=1655411714&url=http%3A%2F%2Fbloodhelpers.com%2F&wgl=1&dt=1655411714040&bpp=11&bdt=560&idt=262&shv=r20220614&mjsv=m202206130101&ptt=5&saldr=sa&abxe=1&correlator=6871375200257&frm=20&pv=2&ga_vid=467579500.1655411714&ga_sid=1655411714&ga_hid=1295908720&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1164&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31067629%2C42531606%2C42531607%2C21065725&oid=2&pvsid=3164538892089136&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=AQKtbk0vTV&p=http%3A//bloodhelpers.com&dtd=280
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3152
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Thu, 16 Jun 2022 19:42:43 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame B3C0
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4081699989175167&output=html&h=600&slotname=1676498701&adk=214556337&adf=3687068580&pi=t.ma~as.1676498701&w=120&lmt=1655411714&url=http%3A%2F%2Fbloodhelpers.com%2F&wgl=1&dt=1655411714040&bpp=11&bdt=560&idt=262&shv=r20220614&mjsv=m202206130101&ptt=5&saldr=sa&abxe=1&correlator=6871375200257&frm=20&pv=2&ga_vid=467579500.1655411714&ga_sid=1655411714&ga_hid=1295908720&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1164&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31067629%2C42531606%2C42531607%2C21065725&oid=2&pvsid=3164538892089136&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=AQKtbk0vTV&p=http%3A//bloodhelpers.com&dtd=280
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 16 Jun 2022 20:35:15 GMT
expires
Thu, 16 Jun 2022 20:35:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 16 Jun 2022 20:35:15 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 4E63
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4bd028a022ff6984556dcaab02b22930312c42754b079d2d1b21e4c2bdf841d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 4E63
28 KB
28 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 08:44:44 GMT
x-content-type-options
nosniff
age
129031
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Jun 2023 08:44:44 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
163 KB
55 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fdd996d7d8905a9de4163ee7a893b66672c9dac87fdb4eb9814ad615565b82c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 20:35:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56280
x-xss-protection
0
server
cafe
etag
8363576848512710028
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 16 Jun 2022 20:35:15 GMT
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220614&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206130101/show_ads_impl_with_ama_fy2021.js?client=pub-4081699989175167&plah=bloodhelpers.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
96203d03223e03a53737048ec9b50b13d4bebd51200cf58425b3db92eb844dba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 16 Jun 2022 20:35:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10742
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206130101/show_ads_impl_with_ama_fy2021.js?client=pub-4081699989175167&plah=bloodhelpers.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 20:35:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 16 Jun 2022 20:35:15 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220614/r20190131/ Frame 7109
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220614/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bloodhelpers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
10312
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Jun 2022 17:43:23 GMT
etag
8616628553774171045
expires
Thu, 30 Jun 2022 17:43:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=bloodhelpers.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206130101/show_ads_impl_with_ama_fy2021.js?client=pub-4081699989175167&plah=bloodhelpers.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 16 Jun 2022 20:35:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=bloodhelpers.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206130101/show_ads_impl_with_ama_fy2021.js?client=pub-4081699989175167&plah=bloodhelpers.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 16 Jun 2022 20:35:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F92B
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4081699989175167&output=html&adk=1812271804&adf=3025194257&lmt=1655411715&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fbloodhelpers.com%2F&ea=0&pra=7&wgl=1&dt=1655411715723&bpp=8&bdt=2242&idt=8&shv=r20220614&mjsv=m202206130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ae09e4b7bab35d6-22fdd3cfb4cd0088%3AT%3D1655411714%3ART%3D1655411714%3AS%3DALNI_MYQbav8UOaBXrQJ0ClqKXbdu3ATsw&prev_slotnames=1676498701&nras=1&correlator=6871375200257&frm=20&pv=1&ga_vid=467579500.1655411714&ga_sid=1655411714&ga_hid=1295908720&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C31067629%2C42531606%2C42531607%2C21065725&oid=2&psts=AGkb-H-ccvzbTl9peTpAErMtQN7m6C6ep_7liYm4RUascx4dHmKwXqZuSZUJ8zuDQ3xB1KUAjn-xxdSnSIIsGmU&pvsid=3164538892089136&tmod=2088195650&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=54
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206130101/show_ads_impl_with_ama_fy2021.js?client=pub-4081699989175167&plah=bloodhelpers.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bloodhelpers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Jun 2022 20:35:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6A4A
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bloodhelpers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2869
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Jun 2022 19:47:26 GMT
expires
Fri, 16 Jun 2023 19:47:26 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 015F
783 B
533 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8bacbf6b865d18773f349906f9e403b84b6a93850c49ee4ef24d3ec06dd8f9df
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QoV9nhUTFmHFSF_McQo7zw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://bloodhelpers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-QoV9nhUTFmHFSF_McQo7zw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 16 Jun 2022 20:35:15 GMT
expires
Thu, 16 Jun 2022 20:35:15 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js
pagead2.googlesyndication.com/bg/ Frame 6A4A
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4bb0bb3784fbd95aaf409bf6a771fc6c3391c1108898485923108740af44069
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 19:23:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
4292
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13859
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 16 Jun 2023 19:23:43 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 015F
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220614&jk=3164538892089136&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 6A4A
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?KaPPZQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 20:35:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
index.html
ws.sharethis.com/secure5x/ Frame B16E
14 KB
4 KB
Document
General
Full URL
https://ws.sharethis.com/secure5x/index.html
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:b800:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
40279417deb789df672f0165a0817b4c84893685d47a4fd8e20770e838ef4367
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://bloodhelpers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
41186
content-encoding
gzip
content-length
4082
content-type
text/html
date
Thu, 16 Jun 2022 09:08:50 GMT
etag
W/"61e1c3fb-390f"
last-modified
Fri, 14 Jan 2022 18:42:03 GMT
server
nginx/1.20.1
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
x-amz-cf-id
3qyGzrUYzIkSQRvOmisiLjybSirkT3YVW3tfEp0DwxM0bkHo1IhfyQ==
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
x-robots-tag
noindex, nofollow
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220614&jk=3164538892089136&bg=!kJOlk9fNAAbASn8N4Eo7ACkAdvg8Wnc3P_3hmOzolUgCsLaq3C0xlM7qopJpVIc9RPL37c826L2I-gIAAABYUgAAAAFoAQcKAA62jrlr1mVFyl-71nV_KpkCnyYBoGUPS04O1VEGIu50SAzt2lsQCEyUovN_6P2Fd5N3ptigNRx2T9WF55rerWGRKlpyM_oW-lnNUubgsRdM42UqKJHkZWQT5WmR-eX1ZnRkzZOTRmzfzNJObHN3YlHCsX3eHTzP_yQQpoz945BIHNtjOhIU1Xd7pocChOrJ0CMg21ojxgQAhUv3meMRfW4d8I7xzWaCvLG5BOxiWiK2GRoJ2YFAn7uy9kzOFeXNZyGtsT5WzHOcyjF92jmfVSSjsKmd8yFJbYmxVA0D8cGkdxwUvw97LKdnFzI3AdJ9TwsXKhpR5jsVBiJVg-vnKbVFqexA8O8Wt3yyuIhrNyk3l12ImYsWjDGd3DyCFlDnvoDcktZFMwcWylAVGn7DPzEKPSLuD4iasWSHKAZzEKttdChIitK6qxalPtAm6WxKJiNs0eDaIKdqQlEQMnb2sskqBYKQSIK3QvX2nzBmzZRaGtfR9N-V-uU9O3MZl2YHjtuczGSs4bPBJ4r6YqOWgBFJNEUuy29Hahl56LdrEcZnPAx4yqI2CtvJCVIr3Nvl00iH1HwTXvFkOqYqQmWnBk0mqcE5TMvKdv5PHDOufo5ZnaPoraiKzDVZlw_dQJYm4PAoQNtvLSvCwQfiYfrASIepk-BcEelm1PDfFCSJhvUu5nW0UmTp4CV73VJ45ABrWrYWZ4K38upPrzt5uGtNUi_PEtcDf38qVj1oq5SsKFO35b2Of5MzHs7WU-QB4DX7u8Qm-pd9wfgYvGQIbBzGI14dmDSV-mhcnolLU1FnT5Szv4ctnP510BieFZxnXS5kQhGysBzjBJfk6AWRs8hOtN11UdV2U0xyvrkBAZVoLjI8U1FsQweWpcv3hEaeOCoxTmD5CaMuLk-612LdwjIK9Qoq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bloodhelpers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

activeview
pagead2.googlesyndication.com/pcs/ Frame 4E63
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsttYgy3tLqO8xPkDUNMtFQEg7hbvi1EfJBNTHRorpMcFZBRcKUm_HnwuzQGAbftBbeGyf399GVBKp_Xan4xZ6pcwFWLDkaqTB2enBjxHV1_DPvhoPXqltSXXLBsFw1iR0bFpg&sai=AMfl-YRFvfWaDv8y0ID1ob1diTjd6oFM39lf2_ojhIQE_yP8WI57a_YtHCEC8pUyyxnmZWwJG7Mf8KhdD79X&sig=Cg0ArKJSzD5wkFkDx7u0EAE&id=lidar2&mcvt=1000&p=0,0,600,120&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220615&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=214556337&rs=2&la=0&cr=0&vs=4&r=v&rst=1655411714322&rpt=1119&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 20:35:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
stcommon.1f60705adac788a51a8240cf535237b0.js
ws.sharethis.com/secure5x/js/ Frame B16E
16 KB
6 KB
Script
General
Full URL
https://ws.sharethis.com/secure5x/js/stcommon.1f60705adac788a51a8240cf535237b0.js
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure5x/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:b800:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
2d200d90966b8380a648972d71130785371751cf24bb7398f2854be23afb4a65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ws.sharethis.com/secure5x/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 03:47:33 GMT
content-encoding
gzip
vary
Accept-Encoding
age
24943663
x-cache
Hit from cloudfront
content-length
5630
server
nginx/1.20.1
etag
W/"612ef1fe-40f6"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P4
x-robots-tag
noindex, nofollow
x-amz-cf-id
LZvXcDSLTmt5wxcdTv7hRAfiL-8z_7SBIxL0Mo8flZckiRevHfncDg==
expires
Thu, 01 Sep 2022 03:47:33 GMT
st.31cb6fcb48e558d491ec5da1e80ebf3d.js
ws.sharethis.com/secure5x/js/ Frame B16E
132 KB
32 KB
Script
General
Full URL
https://ws.sharethis.com/secure5x/js/st.31cb6fcb48e558d491ec5da1e80ebf3d.js
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure5x/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:b800:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
ffd7d8f21205b5a8c3d1e2fd124fd554edbc9ab1ef756b679fcf276bb00a229f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ws.sharethis.com/secure5x/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 00:33:12 GMT
content-encoding
gzip
server
nginx/1.20.1
age
8107324
etag
W/"61e1c3fb-20e82"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P4
strict-transport-security
max-age=31536000; includeSubDomains
x-robots-tag
noindex, nofollow
x-amz-cf-id
Evs3Nb5PfEfNX8_YCLn7fUGrArv00ZvA4nECl88OKdpAD8TBu18JAQ==
expires
Wed, 15 Mar 2023 00:33:12 GMT

Verdicts & Comments Add Verdict or Comment

221 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation function| $ function| jQuery function| SelectParser function| AbstractChosen function| Chosen function| donorLoginValidate function| trim object| google_ad_client object| google_ad_slot object| google_ad_width object| google_ad_height object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing boolean| google_plmetrics object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots number| google_unique_id object| google_ad_block object| google_ad_channel object| google_ad_format object| google_ad_host object| google_ad_host_channel object| google_ad_host_tier_id object| google_ad_layout object| google_ad_layout_key object| google_ad_output object| google_ad_region object| google_ad_section object| google_ad_type object| google_ad_unit_key object| google_ad_dom_fingerprint object| google_ad_semantic_area object| google_placement_id object| google_adtest object| google_allow_expandable_ads object| google_alternate_ad_url object| google_alternate_color object| google_apsail object| google_captcha_token object| google_city object| google_color_bg object| google_color_border object| google_color_line object| google_color_link object| google_color_text object| google_color_url object| google_container_id object| google_content_recommendation_ad_positions object| google_content_recommendation_columns_num object| google_content_recommendation_rows_num object| google_content_recommendation_ui_type object| google_content_recommendation_use_square_imgs object| google_contents object| google_country object| google_cpm object| google_ctr_threshold object| google_cust_age object| google_cust_ch object| google_cust_criteria object| google_cust_gender object| google_cust_id object| google_cust_interests object| google_cust_job object| google_cust_l object| google_cust_lh object| google_cust_u_url object| google_disable_video_autoplay object| google_enable_content_recommendations object| google_enable_ose object| google_encoding object| google_font_face object| google_font_size object| google_frame_id object| google_full_width_responsive_allowed object| efwr object| google_full_width_responsive object| gfwroh object| gfwrow object| gfwroml object| gfwromr object| gfwroz object| gfwrnh object| gfwrnwer object| gfwrnher object| google_gl object| google_hints object| google_image_size object| google_kw object| google_kw_type object| google_language object| google_loeid object| google_max_num_ads object| google_max_radlink_len object| google_max_responsive_height object| google_ml_rank object| google_mtl object| google_native_ad_template object| google_native_settings_key object| google_num_radlinks object| google_num_radlinks_per_unit object| google_override_format object| google_page_url object| google_pgb_reactive object| google_pucrd object| google_referrer_url object| google_region object| google_resizing_allowed object| google_resizing_height object| google_resizing_width object| rpe object| google_responsive_formats object| google_responsive_auto_format object| armr object| google_rl_dest_url object| google_rl_filtering object| google_rl_mode object| google_rt object| google_safe object| google_safe_for_responsive_override object| google_video_play_muted object| google_source_type object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_tag_origin object| google_tag_partner object| google_targeting object| google_tfs object| google_video_doc_id object| google_video_product_type object| google_webgl_support object| google_package object| google_debug_params object| dash object| google_restrict_data_processing object| google_ad_public_floor object| google_ad_private_floor object| google_traffic_source object| easpf boolean| google_apltlad object| google_sv_map function| searchDonorValidation object| config string| selector boolean| switchTo5x object| stlib function| _$d function| _$d0 function| _$d_ function| _$d1 function| _$d2 function| _$de function| _$dt object| _all_services boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus string| customProduct string| stWidgetVersion object| stButtons object| stWidget boolean| sop_pview_logged object| ShareThisEvent object| stLight boolean| st_showing function| init_hash boolean| showHoverbarReskinned boolean| isEsiLoaded boolean| stShowNewMobileWidget boolean| isMobileButtonLoaded boolean| stRecentServices boolean| iswhatsappCustomButton boolean| isKikCustomButton boolean| stIsLoggedIn object| servicesLoggedIn object| stFastShareObj boolean| useFastShare object| stButtonsLib function| Shareable function| shareLog undefined| __stPubGA object| async_buttons function| foursquareCallback function| __stgetPubGA function| plusoneCallback boolean| openWidget function| google_sa_impl object| google_persistent_state_async object| googleToken object| googleIMState boolean| _gfp_p_ boolean| _gfp_a_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| adsbygoogle string| baseURL object| GoogleGcLKhOms number| tmod function| google_spfd object| google_image_requests string| messageSet

4 Cookies

Domain/Path Name / Value
bloodhelpers.com/ Name: PHPSESSID
Value: 6d5f58j82h06m3ij4jssnar655
.bloodhelpers.com/ Name: __gads
Value: ID=6ae09e4b7bab35d6-22fdd3cfb4cd0088:T=1655411714:RT=1655411714:S=ALNI_MYQbav8UOaBXrQJ0ClqKXbdu3ATsw
.doubleclick.net/ Name: IDE
Value: AHWqTUlHbkJUuf3M7DLTnjXXY4Qqb_np_FQfitbu2tXQGRMMhfv3kS9FovVkLnjXMX8
.doubleclick.net/ Name: DSID
Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
bloodhelpers.com
count-server.sharethis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
l.sharethis.com
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
w.sharethis.com
ws.sharethis.com
www.facebook.com
www.google.com
www.googletagservices.com
www.gstatic.com
13.32.121.95
142.250.181.226
2400:8901::f03c:92ff:fe8a:f267
2600:9000:225e:b800:3:c04e:c780:93a1
2a00:1450:4001:801::2002
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:812::2001
2a00:1450:4001:813::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2004
2a03:2880:f11c:8183:face:b00c:0:25de
35.158.184.38
0697c07c0ab6e661ea446ec8242304225e7cec860c1913ac9d0c2f25611b96e9
078b4e1392e5b87ea15d8f49e36649f12c8238bafdb011087118d7a974acc3e2
0eefc2d7f64647f430757895d13bd823e9106b542cacf8ed5adc05c772ea2cde
10ad65fee3c7f0fc6a2122915ac606daf88347db9f6173aa67e3457598665677
10b02de004b97512fd30c6f064abbdee71b11f73eb02929c24e5b0133e692b97
1600444c9b4125557ffab061b614813ee35aea6a10101fdd47c236d7d8a4c435
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
232066e3f6f1351afdaee1acb70c409766641fd5669e0b55ce7c77fac0a857ef
248efbcc76b3d0a7264cb4cbc225aa44606b05c639dc6bd1ddf40157f72d43c7
266d11c6058f9a59e25b5a5232f571dc69eb3578beb0faec8fa3d2088836388c
2d200d90966b8380a648972d71130785371751cf24bb7398f2854be23afb4a65
31db83f7dee8772cf449eb52412da6d98ede3db1f1266cf772e53fa3d10579bf
3488c49147b809d1e457c14a37bf3a79b0455fd159c121325e8f737eea45eb75
353a5cce0bff7f591984f8b938c48d46d505ec73640a1cd5a5fd8ddb41fbcbca
38bdaa6ffa7c071fd9af7eb4fc6e34125cbac8965ad71fb0e93a0d2140dd2842
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d
40279417deb789df672f0165a0817b4c84893685d47a4fd8e20770e838ef4367
465d576714c8de5cf1f7f962251bcf51d64fb73155a41ebf3ac2525938501a2d
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
4f0b8a92c4b966af8298f43c059ec089461ee7a36fe53ee407ab39485194e358
4f197c444784333a55ff4b224157f0d800e70c9daa39d86bcedc8c7ef162915d
5457dbdf5b8ea7afe9c7d54038caee3eb372bf261b751577a20de58a98e024ae
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5608227c7f669c0d9a2becf40df6b1e818c4bf5031cff42356ea83b953079541
592a588b519b72fbab39bfde9bf9b12fc6a59a380a221578d87c9492e7b16f12
5e0eb783dd1df7d0d104169c210fe8775412af11f797b5c9fd368c6d0b5b1c93
608e0382cd5327f9ee7c19cefe7d6fd4447233ae38e1ddcf0074765a09e4293e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f041ce8a15ab6b5dda668380d3191d5b95b914a14cc65140a7fd717e6381a2
694d659009eac3d41baa98f316082395d708e93affbfddbba5fed6289b2560c6
6da64d35e0719af8338c2ca65f4597386a5d95632da247f6eabea44087e94f73
71433994ecb2f3e40a95e326d1900399c0824cd87811d49bc664bd461d2cec66
72733f17413f79408f89e9d85b9e44fcd10c9a8351d26c204b497d2769b67fc1
776654f7b3bf08c9ad34b8a4346af6dd89590ebee0c4f7c6dd8d7f34ea1f1698
7ba38c636940db54018406db91e3a02040d14fd6ce7dabf8bdb011067ba8eb41
7c1dc78e5284f0f937fc9159ca5418fd27aac3e93eb813bf6477cca5c34bf998
7fdd996d7d8905a9de4163ee7a893b66672c9dac87fdb4eb9814ad615565b82c
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8bacbf6b865d18773f349906f9e403b84b6a93850c49ee4ef24d3ec06dd8f9df
90ae6a92534dd5280d5dd7ee4e2ae906e67b238cd99eb101d1cd9b8ce448ef97
9127f2cdabb4d9e77c19f2fc42789bc1606b2e56e4e97bfd106f10c5f69dc314
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05
96203d03223e03a53737048ec9b50b13d4bebd51200cf58425b3db92eb844dba
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9908a313001cfb6df4c6dc006c43f13dfcca49840f203ca7fc81d71e9366f6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4bd028a022ff6984556dcaab02b22930312c42754b079d2d1b21e4c2bdf841d
a648031d69711093177d107c83b11af415cefffa7d72a0cf8ae3aacc489a3a7e
aa7d7130a1412cd7df7976029c244e17ae541393962321ef3798d4fd31a8c1fa
aeae37bae2130513ef8b5ea4fde8fd776b32ff8969b848b59399a63d9455e29a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c1abbde5f157de3a571a6e12ceea7466953640d23fbe0e5b7339d04c4b0e73ab
c261555eab7ae93e60d96a5c5f4f177d11262c0c16e6a1422cf9afadfade15be
c4b8a8c6703278963efa13c2536ca546ed08f55a0dbab145d5500f850691d8a3
d2386b743434075878215d1398d3043af590c334a92b54b3d0c4b190d26a99ce
d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5
d4bb0bb3784fbd95aaf409bf6a771fc6c3391c1108898485923108740af44069
d7edabff24413c30b4dde336cebbe87b2cd664e81b1536a2a6ed2149ec6901e8
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de9beb5ad10173669f0b41c34c327f869c48dd0e4300d398e72603eb4a119a48
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e498735abec99119623c06b3b289a236709fe4bae0e75f8a2bcdc236c4fa7416
e670fdcaf8cd467a9a1a67e9a5c1f73288089f59dc08031b118dc26fbd233c80
e7f3e6e7de4d0e4b7b1ac851f43188836a609a0e77b4c6f5ade29b8c9b80e946
e8d4ff5367de8df94634d960c32dd62bceb138308cffddbc2656492fcfd7a934
eba396bb2d056206fff4af829b6e6edfd05ab820e06fed281e762c9bfe6f2911
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f570d3cfc5df9a889452f6a2e8ea3ea6c3e6691824d54106d8928efc3abf8600
fc345ad17d1564c82cf169a6e0a9be99d6a67f66568396c49575678d0179f4d7
fd0d2d25b0bae9f94ab8afb18b9b5341bec98a9f20926e91bbb528acdccf5dc0
fdf2ce1dd291ed85237de3ca32c8595089ea91b09439ed40afc63a240549e4fa
ffc5b915284c210bfb56d123358c80408200d967819e1a52979fb7572a98ba65
ffd7d8f21205b5a8c3d1e2fd124fd554edbc9ab1ef756b679fcf276bb00a229f