Submitted URL: http://kerakis.moxfield.com/
Effective URL: https://www.moxfield.com/users/Kerakis
Submission: On September 16 via api from US — Scanned from DE

Summary

This website contacted 27 IPs in 3 countries across 20 domains to perform 65 HTTP transactions. The main IP is 2606:4700:10::6816:4499, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.moxfield.com. The Cisco Umbrella rank of the primary domain is 141886.
TLS certificate: Issued by WE1 on August 1st 2024. Valid for: 3 months.
This is the only time www.moxfield.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
15 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2001:4860:480... 15169 (GOOGLE)
1 2600:9000:216... 16509 (AMAZON-02)
3 2600:9000:26d... 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 52.85.64.123 16509 (AMAZON-02)
3 35.244.144.25 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.250.186.70 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 130.211.23.194 396982 (GOOGLE-CL...)
1 108.138.36.15 16509 (AMAZON-02)
1 3 52.85.65.67 16509 (AMAZON-02)
1 23.205.176.78 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
2 18.173.191.98 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
65 27
Apex Domain
Subdomains
Transfer
13 moxfield.net
assets.moxfield.net — Cisco Umbrella Rank: 162417
2 MB
10 moxfield.com
kerakis.moxfield.com
www.moxfield.com — Cisco Umbrella Rank: 141886
api2.moxfield.com — Cisco Umbrella Rank: 180151
18 KB
9 nitropay.com
s.nitropay.com — Cisco Umbrella Rank: 19786
tracker.nitropay.com — Cisco Umbrella Rank: 19425
a.nitropay.com — Cisco Umbrella Rank: 40173
225 KB
6 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 356
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 667
aax.amazon-adsystem.com — Cisco Umbrella Rank: 466
86 KB
4 geoedge.be
wrappers.geoedge.be — Cisco Umbrella Rank: 15229
rumcdn.geoedge.be — Cisco Umbrella Rank: 2193
182 KB
3 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1469
a.ad.gt — Cisco Umbrella Rank: 1575
5 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 194
3 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 213
ad.doubleclick.net — Cisco Umbrella Rank: 153
181 KB
3 btloader.com
btloader.com — Cisco Umbrella Rank: 869
api.btloader.com — Cisco Umbrella Rank: 1033
30 KB
2 nitrocnct.com
consent.nitrocnct.com — Cisco Umbrella Rank: 24747
115 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 907
1 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3310
1 scryfall.io
cards.scryfall.io — Cisco Umbrella Rank: 85059
71 KB
1 scryfall.com
c1.scryfall.com — Cisco Umbrella Rank: 886410
737 B
1 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 984
29 KB
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1628
12 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1108
17 KB
1 gstatic.com
fonts.gstatic.com
48 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
97 KB
65 20
Domain Requested by
13 assets.moxfield.net www.moxfield.com
s.nitropay.com
assets.moxfield.net
6 api2.moxfield.com assets.moxfield.net
6 s.nitropay.com www.moxfield.com
s.nitropay.com
3 sb.scorecardresearch.com 1 redirects www.moxfield.com
3 c.amazon-adsystem.com s.nitropay.com
c.amazon-adsystem.com
3 rumcdn.geoedge.be s.nitropay.com
rumcdn.geoedge.be
3 www.moxfield.com www.moxfield.com
2 id.hadron.ad.gt cdn.hadronid.net
2 a.nitropay.com s.nitropay.com
2 aax.amazon-adsystem.com c.amazon-adsystem.com
2 api.btloader.com btloader.com
2 consent.nitrocnct.com s.nitropay.com
2 ad-delivery.net www.moxfield.com
2 securepubads.g.doubleclick.net s.nitropay.com
2 region1.google-analytics.com www.googletagmanager.com
1 cards.scryfall.io
1 c1.scryfall.com 1 redirects
1 a.ad.gt s.nitropay.com
1 cdn.id5-sync.com s.nitropay.com
1 cdn.hadronid.net s.nitropay.com
1 secure.cdn.fastclick.net s.nitropay.com
1 config.aps.amazon-adsystem.com s.nitropay.com
1 fonts.gstatic.com fonts.googleapis.com
1 ad.doubleclick.net www.moxfield.com
1 tracker.nitropay.com s.nitropay.com
1 btloader.com s.nitropay.com
1 wrappers.geoedge.be s.nitropay.com
1 fonts.googleapis.com www.moxfield.com
1 www.googletagmanager.com www.moxfield.com
1 kerakis.moxfield.com 1 redirects
65 30
Subject Issuer Validity Valid
moxfield.com
WE1
2024-08-01 -
2024-10-30
3 months crt.sh
*.google-analytics.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
nitropay.com
WE1
2024-09-09 -
2024-12-08
3 months crt.sh
upload.video.google.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
moxfield.net
WE1
2024-08-10 -
2024-11-08
3 months crt.sh
gw.geoedge.be
Amazon RSA 2048 M03
2024-07-12 -
2025-08-09
a year crt.sh
btloader.com
WE1
2024-08-10 -
2024-11-08
3 months crt.sh
*.g.doubleclick.net
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-12-30 -
2024-12-04
a year crt.sh
*.nitropay.com
WR3
2024-08-02 -
2024-10-31
3 months crt.sh
ad-delivery.net
WE1
2024-09-12 -
2024-12-11
3 months crt.sh
*.doubleclick.net
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
nitrocnct.com
WE1
2024-08-16 -
2024-11-14
3 months crt.sh
*.gstatic.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
api.btloader.com
WR3
2024-08-02 -
2024-10-31
3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02
2024-01-21 -
2025-02-19
a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1
2024-08-07 -
2025-08-07
a year crt.sh
hadronid.net
WE1
2024-07-27 -
2024-10-25
3 months crt.sh
id5-sync.com
WE1
2024-08-02 -
2024-10-31
3 months crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M03
2024-03-29 -
2025-04-28
a year crt.sh
id.hadron.ad.gt
WE1
2024-07-23 -
2024-10-21
3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA
2023-12-11 -
2024-12-10
a year crt.sh
a.ad.gt
WE1
2024-08-07 -
2024-11-05
3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.moxfield.com/users/Kerakis
Frame ID: 922C2147AB601C6D1EB95C93236E2582
Requests: 60 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Frame ID: 1A7B0DF66C5616376FA1BA280BCB5C52
Requests: 1 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Frame ID: 468C9651F8181683704C2AFB588D35A1
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://kerakis.moxfield.com/ HTTP 307
    https://kerakis.moxfield.com/ HTTP 301
    https://www.moxfield.com/users/Kerakis Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

65
Requests

97 %
HTTPS

70 %
IPv6

20
Domains

30
Subdomains

27
IPs

3
Countries

3067 kB
Transfer

8980 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://kerakis.moxfield.com/ HTTP 307
    https://kerakis.moxfield.com/ HTTP 301
    https://www.moxfield.com/users/Kerakis Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://sb.scorecardresearch.com/cs/20631572/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 57
  • https://c1.scryfall.com/file/scryfall-cards/art_crop/front/5/4/54231832-d492-4812-b658-4ab9a30fefe2.jpg?1562799464 HTTP 301
  • https://cards.scryfall.io/art_crop/front/5/4/54231832-d492-4812-b658-4ab9a30fefe2.jpg?1562799464

65 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Kerakis
www.moxfield.com/users/
Redirect Chain
  • http://kerakis.moxfield.com/
  • https://kerakis.moxfield.com/
  • https://www.moxfield.com/users/Kerakis
4 KB
2 KB
Document
General
Full URL
https://www.moxfield.com/users/Kerakis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4499 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
456225e531481e842f33072cfe63b61f59aedcfe95baa5ebe093ccd36468ecf5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
public, maxage=900
cf-cache-status
DYNAMIC
cf-ray
8c430f6bc94ebb79-FRA
content-encoding
br
content-type
text/html
date
Mon, 16 Sep 2024 18:53:36 GMT
request-context
appId=cid-v1:de7d4d73-85ba-4f63-978f-015ef62a30fc
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
max-age=3600
cf-ray
8c430f6b68a2bb79-FRA
content-length
167
content-type
text/html
date
Mon, 16 Sep 2024 18:53:35 GMT
expires
Mon, 16 Sep 2024 19:53:35 GMT
location
https://www.moxfield.com/users/Kerakis
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/
283 KB
97 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BW2XPQDNK2
Requested by
Host: www.moxfield.com
URL: https://www.moxfield.com/users/Kerakis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8096d8feb26aa88976fad26f247de3009ba02ad2fbbb6f8cfa4db1aaa36b68d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 18:53:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
99164
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 16 Sep 2024 18:53:36 GMT
ads-546.js
s.nitropay.com/
525 KB
167 KB
Script
General
Full URL
https://s.nitropay.com/ads-546.js
Requested by
Host: www.moxfield.com
URL: https://www.moxfield.com/users/Kerakis
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c4f399915e4c019e41529d76506520a0315c659bb1a3867c6f9aa30b617f3c0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 18:53:36 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1725467203
age
3230
x-guploader-uploadid
AD-8ljuwqANe2NPp9RFOBPk52pVeBvMIAJ6qPV55rQXWWdXQhrotrZv4uJI25tK08OZu-auzW2Ganb76Eg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 16 Sep 2024 17:59:43 GMT
server
cloudflare
etag
W/"0728e8862b8347d8cc4c37b915d99626:1726509583000:DE"
vary
Accept-Encoding
x-goog-generation
1725468225075738
content-type
text/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=osTufA==, md5=ByjohiuDR9jMTDe5FdmWJg==
access-control-expose-headers
Content-Type
cache-control
private, max-age=600
x-goog-stored-content-length
531410
cf-ray
8c430f706b0a30c6-FRA
expires
Tue, 16 Sep 2025 17:59:46 GMT
css2
fonts.googleapis.com/
12 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@300;400;600;700;800&display=optional
Requested by
Host: www.moxfield.com
URL: https://www.moxfield.com/users/Kerakis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5e5fdd6681d1689e553f81e5c7abb8f33d3d140f9b4ed2f4e0c6509cf9852f78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 16 Sep 2024 18:53:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 16 Sep 2024 18:53:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 16 Sep 2024 18:53:36 GMT
phyrexian.css
www.moxfield.com/fonts/
368 B
451 B
Stylesheet
General
Full URL
https://www.moxfield.com/fonts/phyrexian.css
Requested by
Host: www.moxfield.com
URL: https://www.moxfield.com/users/Kerakis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4499 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de3e6cdf372ffbab9f4bbd1178162017291daf36f9f7cafda0412969595a289c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.moxfield.com/users/Kerakis
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 18:53:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
2593
x-xss-protection
1; mode=block
request-context
appId=cid-v1:de7d4d73-85ba-4f63-978f-015ef62a30fc
last-modified
Mon, 16 Sep 2024 22:03:46 GMT
server
cloudflare
etag
"1db08844d1ccc70"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, maxage=604800
cf-ray
8c430f702fd1bb79-FRA
moxfield.f84587395186daa1360d.css
assets.moxfield.net/assets/assets/
923 KB
168 KB
Stylesheet
General
Full URL
https://assets.moxfield.net/assets/assets/moxfield.f84587395186daa1360d.css
Requested by
Host: www.moxfield.com
URL: https://www.moxfield.com/users/Kerakis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e2cf066ed312b8a496c799b47b3ee867b18f2ebdaa1d73cb123015bf40cdb6f

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 16 Sep 2024 18:53:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
pGRnbT1Lg+sJ4WPrPMn9Yg==
age
2645
x-ms-lease-status
unlocked
last-modified
Mon, 16 Sep 2024 18:04:28 GMT
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jODIHFHuL0Q75cDOEsiLVQR%2B0Wt%2F6bz%2FjyxrXGdQp75MAtVxJt4l13ja9G1c2fA2rDp8oxQm%2BaUVc2HROlZ07AMi3vLdLjiNnaQ5%2FMMof8YT%2FHf1WihAKu4r1TK%2BA7XrzHMaI6Um2R4rh2EPdJISKZpb"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-ms-request-id
5d8ca7a8-e01e-009c-6163-08b375000000
cache-control
max-age=691200
x-ms-version
2009-09-19
cf-ray
8c430f709a12d20e-FRA
title.svg
assets.moxfield.net/assets/images/
4 KB
2 KB
Image
General
Full URL
https://assets.moxfield.net/assets/images/title.svg
Requested by
Host: www.moxfield.com
URL: https://www.moxfield.com/users/Kerakis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8027188b7e33b80a996112698bc4b25a7f0356f35932fbd0692b485c3de56ab3

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 16 Sep 2024 18:53:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
qg1Ng3tnV4OMbDYff3zBUg==
age
6383
x-ms-lease-status
unlocked
last-modified
Sat, 14 Sep 2024 13:09:25 GMT
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YR%2BgSMy2RYNYCkNxrSqb5BsQ4iKmyphrMLs4j%2BMwMkJX4iQj5vj7pwUKY8l85bPYq2pwaMeFPVZJf2vffyWG9qBdDxHwaeM5VmmW5CvfQOnMRWxVIeN9YW1SnnrqZk01hhwmZkb1OIsl2JhWRmlCR8ov"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
x-ms-request-id
2e141a93-901e-00e4-46ab-06108d000000
cache-control
max-age=691200
x-ms-version
2009-09-19
cf-ray
8c430f709a14d20e-FRA
931.f5644b350e4801a2f5ee.js
assets.moxfield.net/assets/assets/
2 MB
498 KB
Script
General
Full URL
https://assets.moxfield.net/assets/assets/931.f5644b350e4801a2f5ee.js
Requested by
Host: www.moxfield.com
URL: https://www.moxfield.com/users/Kerakis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
720354f9e50d83fe29428ae1e2404ab16d1274df82d0fec9dba2c6ad34deac12

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 16 Sep 2024 18:53:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
/RoC3q+40XjRcQhhDxnmnw==
age
390
x-ms-lease-status
unlocked
last-modified
Mon, 16 Sep 2024 18:04:28 GMT
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p%2FewpIM3n7UxeN1MYSIL3lFvqqKzbCb6Feq8pF9Vl20BW5ju5o0O49KFxK3qE5ToL%2BXBvCNNsEps9z2kvPLJZW7MDlipwqsoELORRJynZ%2FT68lfN5By6oOjcln3U8rHe102KBo9LNd0NCAS9wZBP2YJU"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
x-ms-request-id
86030b91-701e-0037-1168-08ccbf000000
cache-control
max-age=691200
x-ms-version
2009-09-19
cf-ray
8c430f709a13d20e-FRA
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-BW2XPQDNK2&gtm=45je4990v887727717za200&_p=1726512816657&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=779727908.1726512817&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1726512816&sct=1&seg=0&dl=https%3A%2F%2Fwww.moxfield.com%2Fusers%2FKerakis&dt=Kerakis%27s%20Moxfield%20Profile&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1070
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BW2XPQDNK2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Sep 2024 18:53:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.moxfield.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
wrapper.html
wrappers.geoedge.be/
3 KB
4 KB
Fetch
General
Full URL
https://wrappers.geoedge.be/wrapper.html
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-546.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2165:f800:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
68de9947c014ba26a1d48132dc5a94697f4c575972d2944da8e496f5780fd7b2

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

x-amz-version-id
SIv.6LiuODikErkt8hGkZr.zJWI3NFp8
date
Mon, 16 Sep 2024 07:23:05 GMT
via
1.1 f80ce03e444d3f6a3da206e4b0906c84.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P6
age
54465
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
3527
last-modified
Tue, 19 Dec 2023 13:15:23 GMT
server
AmazonS3
etag
"6a6d57dbabaa297544a761a67d32156f"
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
E23yODB9gLdsqhB46pto209E6yK48eX8SZh_dAjTuq9xUGB1JY0W1w==
grumi.js
rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/ Frame 1A7B
557 KB
172 KB
Script
General
Full URL
https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-546.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:0:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5ffe432342c0cef464ee2d63a7374fa89d7ebeb027e2671bd7ffb1602dac5c36

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 18:45:07 GMT
x-amz-version-id
6EInO0g3YUJaTMceI90Pyb_.sl5s1ucm
content-encoding
br
via
1.1 03d32b94cb61a4fdb1e546e888f089e4.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
age
511
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 16 Sep 2024 18:11:45 GMT
server
AmazonS3
etag
W/"c0f9955d6c420441244dc939c7337e3c"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin
*
x-amz-cf-id
GAs5mQ2TF3hQ4gRF7_IMoT4gacUv8uj1niH35MLNvXb67KujWuml5A==
tag
btloader.com/
103 KB
30 KB
Script
General
Full URL
https://btloader.com/tag?o=6278260873756672&upapi=true
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-546.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ddafd1d60fb0f91e3431e2d9761e11d9e7a82fbb8eea507dcd21673f9fca01b

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 18:53:37 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Mon, 16 Sep 2024 18:23:26 GMT
server
cloudflare
age
1775
etag
"a76700c4e5bba3aa0cff13eebf19623a"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
x-robots-tag
noindex, nofollow
cf-ray
8c430f74e9d49f4b-FRA
content-length
30108
grumi-ip.js
rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/
16 KB
6 KB
Script
General
Full URL
https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi-ip.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-546.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:0:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c2dfe6e5ac215728c72b90926e35a22da1e6a5424094bb20d80bc78c5280f03

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 18:45:07 GMT
x-amz-version-id
LZuTdbyptmNU5g8kHGyQEzsXSshvu.pp
content-encoding
br
last-modified
Tue, 10 Sep 2024 17:37:17 GMT
server
AmazonS3
via
1.1 03d32b94cb61a4fdb1e546e888f089e4.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
etag
W/"f2cb174a2a3ae8a763fd6c650b4ce0c5"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=14400, stale-while-revalidate=14400, immutable
age
511
x-amz-cf-id
fQmTb14zCXOqXXGi-wgm0WVqbjAK5BUEuBPDffOeIvO4klH-C2jEJw==
gpt.js
securepubads.g.doubleclick.net/tag/js/
104 KB
32 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-546.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df29647c2fed59b3a258eedced3dba2df6380da8257b7672d83f186c3fb36808
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 18:53:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32302
x-xss-protection
0
server
cafe
etag
393 / 19982 / 31086966 / config-hash: 1273018494298144183
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 16 Sep 2024 18:53:37 GMT
gpp-df59d81.min.js
s.nitropay.com/
266 KB
50 KB
Script
General
Full URL
https://s.nitropay.com/gpp-df59d81.min.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-546.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40d3155aba7594ec43e3a0fb10f6b0c922815701b09861664150bdd5d4311f95
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 18:53:37 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
age
337291
x-guploader-uploadid
AHxI1nMIyxC6Rx0XFQkZdaAwbeB47TuEWJdm946VyKrG1kEMtjd2E5hilpOq1YHNh7iU-rN6uiy_UKBDEQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 29 Aug 2024 21:07:44 GMT
server
cloudflare
etag
W/"0c519a6e7da30099e17347b428d00134"
vary
Accept-Encoding
x-goog-generation
1724965664063706
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=mjEkgA==, md5=DFGabn2jAJnhc0e0KNABNA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=604800
x-goog-stored-content-length
272066
cf-ray
8c430f74680230c6-FRA
expires
Thu, 19 Sep 2024 21:12:06 GMT
apstag.js
c.amazon-adsystem.com/aax2/
324 KB
80 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-546.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.64.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-64-123.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
64171bed8b1e093ab735ee9c6cdc99440d0fea8e8f8c9f362fae3c093f1332f1

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 18:38:41 GMT
content-encoding
gzip
via
1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront), 1.1 7e8fb5897171311635245be9d021a224.cloudfront.net (CloudFront)
last-modified
Wed, 28 Aug 2024 22:46:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, MUC50-P6
age
897
x-amz-server-side-encryption
AES256
etag
W/"f2dd6786b4537f2bb6a3e22886b855f2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
rp9mXr83cG8AVGNxpREjbpOuwWnzlFxqWIy5XAJCcOglgbz2ttJxZw==
546
tracker.nitropay.com/a/
0
0
Fetch
General
Full URL
https://tracker.nitropay.com/a/546?d=eyJocmVmIjoiaHR0cHM6Ly93d3cubW94ZmllbGQuY29tL3VzZXJzL0tlcmFraXMiLCJ2Ijo4MywiYSI6ZmFsc2UsInMiOnRydWUsImMiOiJERSIsInIiOiIifQ%3D%3D
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-546.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.144.25 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
25.144.244.35.bc.googleusercontent.com
Software
nginx/1.27.0 /
Resource Hash

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 18:53:37 GMT
via
1.1 google
server
nginx/1.27.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1.gif
s.nitropay.com/
42 B
616 B
Image
General
Full URL
https://s.nitropay.com/1.gif?x=1&adslot=
Requested by
Host: www.moxfield.com
URL: https://www.moxfield.com/users/Kerakis
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 18:53:37 GMT
strict-transport-security
max-age=2592000; includeSubDomains
cf-cache-status
HIT
age
534217
x-guploader-uploadid
AHxI1nOro0bAzLMkwVt8Rhn3_q4xGrzb1c6O4CbER55Hv6co_Kqu9FAhV42iu69LYzJUdSexooQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
42
x-goog-meta-
last-modified
Fri, 22 Jan 2021 08:58:45 GMT
server
cloudflare
etag
"d89746888da2d9510b64a9f031eaecd5"
vary
Accept-Encoding
x-goog-generation
1611305925409947
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=ljrbyA==, md5=2JdGiI2i2VELZKnwMers1Q==
access-control-expose-headers
Content-Type
cache-control
public, max-age=604800
x-goog-stored-content-length
42
accept-ranges
bytes
cf-ray
8c430f74985130c6-FRA
expires
Tue, 17 Sep 2024 14:30:00 GMT
moxfield.ecef3dc5e635ad0c01c1.js
assets.moxfield.net/assets/assets/
964 KB
207 KB
Script
General
Full URL
https://assets.moxfield.net/assets/assets/moxfield.ecef3dc5e635ad0c01c1.js
Requested by
Host: www.moxfield.com
URL: https://www.moxfield.com/users/Kerakis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e53b24312b4f57b412571f0d21602fecdb20d51aef0a3890099cc87b0279d5e5

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 16 Sep 2024 18:53:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
tX0RlUTN1b8KjWAVLVg8jQ==
age
2720
x-ms-lease-status
unlocked
last-modified
Mon, 16 Sep 2024 18:04:28 GMT
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7xVFG%2FvCc53jdVIT7PN2w4RtHPfLTFksIJ0aLuiTE0N8%2B4tD%2FdJRiNwzGg2ZJQ1rGzVS6e02Y2pBTDiHO6Upppf4TVHmCR%2FZRcbikfZdLvxCUhNGdXraah9NuwLHWwZo%2FTrI%2FfD29UHdmck90oAnamG9"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
x-ms-request-id
0453994a-301e-0026-2b63-08560b000000
cache-control
max-age=691200
x-ms-version
2009-09-19
cf-ray
8c430f74ae6cd20e-FRA
px.gif
ad-delivery.net/
43 B
924 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.moxfield.com
URL: https://www.moxfield.com/users/Kerakis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 18:53:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1711775
x-guploader-uploadid
ABPtcPrux6dlODB5e_tasWROPm5jTBdL450Xz1Wts3KrxFSKJRkUiuPhL3oKK-QLBZQzrtIKB6QwkkAwAQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LSGFgxwxIbCoQ6cTOuBLiOtp%2BSksEe%2BZcDAy%2Bkc6LWUTlSKRcc4BGgMk3HFGG4dJVIb5sk47OQ5Kbt5R4k2%2BoUFABKTDQV8zpcldjRPmWWZ8sXTOBvkiZ3b7tV6GwI6qAjH7349nQ%2Fi%2FoY4Usw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
8c430f75fc501e14-FRA
expires
Wed, 28 Aug 2024 00:22:45 GMT
favicon.ico
ad.doubleclick.net/
1 KB
130 B
Image
General
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.moxfield.com
URL: https://www.moxfield.com/users/Kerakis
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 06:50:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43416
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 Sep 2024 06:50:01 GMT
px.gif
ad-delivery.net/
43 B
339 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.2763067044845775
Requested by
Host: www.moxfield.com
URL: https://www.moxfield.com/users/Kerakis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 18:53:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1711775
x-guploader-uploadid
ABPtcPrux6dlODB5e_tasWROPm5jTBdL450Xz1Wts3KrxFSKJRkUiuPhL3oKK-QLBZQzrtIKB6QwkkAwAQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jIy%2FduuawALRoGguwQvu4Hfr1vacJFFK1MQj2q2x6wlG3%2FfOyzahliMowP1PKRxAbisoGsovp8rCb%2FKKZr84CsAbYE9YJa9bzsLwWaXSgGLdWvQxDDMgsGCsIDLM0cIW%2FGb3ZqtKFjRzVliWKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
8c430f75fc521e14-FRA
expires
Wed, 28 Aug 2024 00:22:45 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409090101/
478 KB
149 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409090101/pubads_impl.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-546.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fe0af73f7a72c3e19aeb8c017287a8833ae5341a95cd1748452f8cf142437587
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 16:14:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
9537
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
152738
x-xss-protection
0
server
cafe
etag
1911625866439914310
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 16 Sep 2025 16:14:40 GMT
additional-consent-providers.csv
consent.nitrocnct.com/
116 KB
36 KB
XHR
General
Full URL
https://consent.nitrocnct.com/additional-consent-providers.csv
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/gpp-df59d81.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
006b6d64d07be11c46ecbbff71b2a1a7ed3d408a26687241849ff1bc0d177015

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 18:53:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
258236
x-guploader-uploadid
ABPtcPovagbPkgfluwR80yhj4ly3mPyvUjLTZTDo4jb1OOKUFV6f5UFHKquoIVodikIJANEMWn0ww31Deg
x-goog-storage-class
STANDARD
x-goog-metageneration
4
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 12 Jul 2023 07:31:30 GMT
server
cloudflare
etag
W/"81f96867523b7ea4a2f05a62b9fdf1c7"
vary
Accept-Encoding
x-goog-hash
crc32c=x8iKUw==, md5=gfloZ1I7fqSi8Fpiuf3xxw==
x-goog-generation
1689147090287559
content-type
text/plain
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=604800
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GNKfvkOVIm52CKh66I%2FYARwlOkWLRIm%2Fm3hk3rydWK4oWww40zZQzoT33NMEvEo9Uwz7tQ7q%2Bpt35wX0%2FK4A%2FRy%2BltrXvRBFlT0PBvEzutgI2mVGeCrej3voiPOQzb3lXbtJQXVfrodPdQ03LKeKWyk9aiY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
119221
cf-ray
8c430f775ac239d0-FRA
expires
Fri, 20 Sep 2024 18:44:08 GMT
vendor-list-v3.json
consent.nitrocnct.com/
629 KB
79 KB
XHR
General
Full URL
https://consent.nitrocnct.com/vendor-list-v3.json
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/gpp-df59d81.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5ac5647c0e879c9df5f09fa63106ec9368f5828ee25da2bd10189e2a8e24ea9

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 18:53:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
307770
x-guploader-uploadid
AD-8ljvHxzIrmcO80Z3EgN4Yed-rk0H-SI3_vWRgPufd4uVb5nb3HH785fnFd2jRQefNEpwAyVA
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 12 Sep 2024 16:15:10 GMT
server
cloudflare
etag
W/"3569923e46ef5416c82847d226d333be"
vary
Accept-Encoding
x-goog-hash
crc32c=yDOaFg==, md5=NWmSPkbvVBbIKEfSJtMzvg==
x-goog-generation
1726157709936989
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ekMGOyz%2B4KCPN1VbmyfMJCo18adrIGWypqb912aqB60DNzWsVjTydemhHsUxw%2B59j7uOOV658JVeT87zQXfK0sJX%2BXjwuWmBblaGxJ1gOeAUEHII8n8SLqECtrbioypS7pfxiFSe4lYSvOf7KIVklv7xhP4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
public, max-age=604800
x-goog-stored-content-length
644372
access-control-expose-headers
Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cf-ray
8c430f775ac339d0-FRA
expires
Fri, 20 Sep 2024 05:15:43 GMT
280.fb8110202afa959a03b1.css
assets.moxfield.net/assets/assets/
302 B
556 B
Stylesheet
General
Full URL
https://assets.moxfield.net/assets/assets/280.fb8110202afa959a03b1.css
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-546.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a1aa596dceea97db2a0ac76c0112984ff589b9e5aeed725dfd04032d470ab3b

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 16 Sep 2024 18:53:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
t9AisyjZ4OKHoUxmr82cRg==
age
1469
x-ms-lease-status
unlocked
last-modified
Mon, 16 Sep 2024 18:04:18 GMT
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z8j9mF5H7utws%2B8fuQjJkrSLCDSnGyUWLYmjPDMEJqoR%2F7yPHUeASGlAA9XXECTauUjAN%2Fw8QoGQoOONP8GuMDq%2FFWQwJSq8thN%2BEYHJIKTRBnvNxVDoWV26t8VtwYghsX5MDlgTQQ1J%2F%2FESy%2Bln5%2FEa"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-ms-request-id
4cfe0b30-701e-009e-6166-080dcd000000
cache-control
max-age=691200
x-ms-version
2009-09-19
cf-ray
8c430f77490bd20e-FRA
280.aed1aa109e409eaff8c4.js
assets.moxfield.net/assets/assets/
11 KB
4 KB
Script
General
Full URL
https://assets.moxfield.net/assets/assets/280.aed1aa109e409eaff8c4.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-546.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c80b6dad19d53cf0a4c3c677b5490f7bbc87d80e7081ea2b80f09df5caee2c9

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 16 Sep 2024 18:53:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
+SI/aFocT4kZEM6xDLr/sg==
age
1573
x-ms-lease-status
unlocked
last-modified
Mon, 16 Sep 2024 18:04:18 GMT
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4TqYJkb6VSOXX2v%2Fqu3BzMCLB5qKxBpilv2vMoZN4fiemtUGN3fq6HMql7xsgd7Pmo5qMLyOkr0pL5YrphjFZDKG%2BYl5k8giRqV%2FZhkrz%2FPLir1MZbtzYdPCkOxnN5FkL5F93sPuQ8GjFxitOV0FFTc5"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
x-ms-request-id
c6650755-c01e-0022-4966-08db0c000000
cache-control
max-age=691200
x-ms-version
2009-09-19
cf-ray
8c430f77490ed20e-FRA
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;600;700;800&display=optional
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.moxfield.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 19:12:26 GMT
x-content-type-options
nosniff
age
171671
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48444
x-xss-protection
0
last-modified
Mon, 29 Jul 2024 22:51:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Sep 2025 19:12:26 GMT
country
api.btloader.com/
37 B
215 B
Fetch
General
Full URL
https://api.btloader.com/country?o=6278260873756672
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 18:53:37 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
da657530-03e5-4306-95bc-d4eb370426c9
config.aps.amazon-adsystem.com/configs/
563 B
830 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/da657530-03e5-4306-95bc-d4eb370426c9
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-546.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-15.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
99429943bd63a607e02c901c102b36ab1967d894fa247f960dc5bf45518bc60c

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 18:14:27 GMT
via
1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
MUC50-P2
age
2350
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
563
x-amz-cf-id
8AzNZls2YCUDzW1xw30xRe5w6G7pJK-cAtc_zgRKWbT2PxcSRtMdBQ==
config
c.amazon-adsystem.com/cdn/prod/
2 KB
2 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.moxfield.com&pubid=da657530-03e5-4306-95bc-d4eb370426c9
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.64.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-64-123.muc50.r.cloudfront.net
Software
Server /
Resource Hash
f4d2dfedba36ea1a797a8881a4dd30448dad8459e21cecea2089ab3bc166aa12

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 14:47:12 GMT
via
1.1 7e8fb5897171311635245be9d021a224.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MUC50-P6
age
14785
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.moxfield.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1591
x-amz-cf-id
j-5DW_NW64a-U3oO0f7JYZ9GIIFEKZyoU9R_m-Ad95sgaRntYh7B_w==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.64.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-64-123.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding
gzip
via
1.1 dde93e57e0f1abed8c2375fe422387a8.cloudfront.net (CloudFront)
date
Mon, 16 Sep 2024 03:49:48 GMT
x-amz-cf-pop
MUC50-P6
age
54906
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
ibD6k4KfZ4FHcIY3_1pliYmDTQVdtDNIjcA2hP_0xazORI8SxFGXnw==
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/20631572/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: www.moxfield.com
URL: https://www.moxfield.com/users/Kerakis
Protocol
H2
Server
52.85.65.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-65-67.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 02:25:02 GMT
content-encoding
gzip
via
1.1 34487f8527afa9dd69067b863d5246b8.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:02:23 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P6
age
59317
x-amz-server-side-encryption
AES256
etag
W/"77ff4ede4693897337a38594321529a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
RARuysNPYLdOddozHN6I-VoI5aNVg0rMrYaek6iyx8weorqgMN1lRg==

Redirect headers

date
Mon, 16 Sep 2024 18:53:38 GMT
via
1.1 34487f8527afa9dd69067b863d5246b8.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
MUC50-P6
x-cache
Miss from cloudfront
location
/internal-cs/default/beacon.js
content-length
0
x-amz-cf-id
r99857E6EBzksJxqTQTEyaucHwYrlwJNEmFWsDPpFdpaXHaWfZvK9w==
grumi.js
rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/ Frame 468C
557 KB
0
Script
General
Full URL
https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:0:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5ffe432342c0cef464ee2d63a7374fa89d7ebeb027e2671bd7ffb1602dac5c36

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 18:45:07 GMT
x-amz-version-id
6EInO0g3YUJaTMceI90Pyb_.sl5s1ucm
content-encoding
br
via
1.1 03d32b94cb61a4fdb1e546e888f089e4.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
age
511
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 16 Sep 2024 18:11:45 GMT
server
AmazonS3
etag
W/"c0f9955d6c420441244dc939c7337e3c"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin
*
x-amz-cf-id
GAs5mQ2TF3hQ4gRF7_IMoT4gacUv8uj1niH35MLNvXb67KujWuml5A==
pv
api.btloader.com/
0
66 B
XHR
General
Full URL
https://api.btloader.com/pv?tid=rIUd4gRp&w=5711302939901952&o=6278260873756672&cv=2.1.53-2-g9f547cd&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.moxfield.com%2Fusers%2FKerakis&sid=tZQczgwV&pm=true&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 16 Sep 2024 18:53:37 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/
54 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-546.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.176.78 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-176-78.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 18:53:38 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Mon, 16 Sep 2024 19:08:38 GMT
hadron.js
cdn.hadronid.net/
56 KB
12 KB
Script
General
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.moxfield.com%2Fusers%2FKerakis&ref=&_it=amazon&partner_id=720
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-546.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 18:53:38 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 04 Jun 2024 15:30:02 GMT
server
cloudflare
x-amz-request-id
4GNMNHQXA94JVW78
age
3320
etag
W/"1e77f38a1df1490d4175e3c4878bd150"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=432000
cf-ray
8c430f787bca65be-FRA
x-amz-id-2
FNS8Lc8R9Qji432eQyZbGDDgvyWHvIXmOzDykwh9qe1J2fX8u6aO0aANuFN3vxu6aVi9rB6lRRQ=
id5-api.js
cdn.id5-sync.com/api/1.0/
98 KB
29 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-546.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
827eba33ff7f627627e79285ae329f7269998b7ca965f96f2c1ee59ce7116406
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 18:53:38 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 16 Sep 2024 11:24:35 GMT
server
cloudflare
x-amz-request-id
471K7JSG1PR9YK0R
age
293
etag
W/"6f43174cf2798dcd024756859322fc73"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8c430f789b9e9f29-FRA
x-amz-id-2
BAGaPuFBAEcKZYKS1p5wyMIzfZvjLmRIGsVP4nxU+EZQpizij0gp2jvEl9IR8pQSPz6MmELYAZik2vt+qwVICg==
343.077ed54295b7fc46bb41.css
assets.moxfield.net/assets/assets/
434 B
779 B
Stylesheet
General
Full URL
https://assets.moxfield.net/assets/assets/343.077ed54295b7fc46bb41.css
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-546.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0acfb7d0a318166f3a8795e531bfd2df799c0c1f87ad066c644da2923fd58131

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 16 Sep 2024 18:53:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
q7OVGWto2Yp9nVpFQVhs6w==
age
3102
x-ms-lease-status
unlocked
last-modified
Sat, 14 Sep 2024 13:09:24 GMT
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l4piAp6ahGcZB1f7fMIOjxbeLM7Sn%2FolNKqBcYr59Yh%2FL%2BNWJMcmohEW6LeFKcQXCqvVRqrVGwNdHMN1WYvlKi3af33LCl2E9qF4LcGDg8iYnzotSUm518lwwKdp2K%2F21eqGAvU2D2Tlzlnm%2Bud1ghP%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-ms-request-id
2c25cabd-901e-0010-37b3-06db7b000000
cache-control
max-age=691200
x-ms-version
2009-09-19
cf-ray
8c430f782a0dd20e-FRA
343.b38ccd02313a1fd4425b.js
assets.moxfield.net/assets/assets/
58 KB
13 KB
Script
General
Full URL
https://assets.moxfield.net/assets/assets/343.b38ccd02313a1fd4425b.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-546.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
435655d3fba44e4753ce83e8684ff55c03e18d50530118f11894da270aa6cad9

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 16 Sep 2024 18:53:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
Ir3DLCl8Sw08sAEwMBdatg==
age
2428
x-ms-lease-status
unlocked
last-modified
Mon, 16 Sep 2024 18:04:21 GMT
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RFQkM71kJZSKNrDgQGjj3UoW8uTJ99E%2FQ%2FDCmFNgBG%2FCQbZOuOM1fdOFOXgcgoewe3rlIyUCnlWUT%2Bpm59PBFfI5k%2FI0rb12koTwkamiSX8QLSF0mTAWM8zEjFMtuGoRVQDiv%2FJtomdb%2FuYQRaSxHCdV"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
x-ms-request-id
076a9dc7-701e-0055-5464-080e98000000
cache-control
max-age=691200
x-ms-version
2009-09-19
cf-ray
8c430f782a10d20e-FRA
logo-text-color.svg
assets.moxfield.net/assets/images/
10 KB
4 KB
Image
General
Full URL
https://assets.moxfield.net/assets/images/logo-text-color.svg
Requested by
Host: www.moxfield.com
URL: https://www.moxfield.com/users/Kerakis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91aaef966cd9b8d4992ff63269ab55cd8e09a191fbb0796f0f3e8ba5d87f3eee

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 16 Sep 2024 18:53:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
JEr/ZNWJABNnQkMzd/UQTQ==
age
3138
x-ms-lease-status
unlocked
last-modified
Sat, 14 Sep 2024 13:09:24 GMT
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=47IxSFX83TipXBv9%2Fc62P%2FnxtT7rO1csEgAmL8xsc0OZM8bROkMhGxCOqzeWsc%2F2SeRYJBXuWSYolVSYd%2BXn%2B90Fj49y%2FQkEcXCTUFjRLroaGSc4eWbjHaPQUgcJCS7BKl8IkRi5B%2Flu9YmmgF8wUoWC"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
x-ms-request-id
cc8dcbdb-b01e-0081-02b0-06bec9000000
cache-control
max-age=691200
x-ms-version
2009-09-19
cf-ray
8c430f783a23d20e-FRA
kickbacks
api2.moxfield.com/v1/affiliates/tcgplayer/
0
244 B
XHR
General
Full URL
https://api2.moxfield.com/v1/affiliates/tcgplayer/kickbacks
Requested by
Host: assets.moxfield.net
URL: https://assets.moxfield.net/assets/assets/931.f5644b350e4801a2f5ee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4499 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.moxfield.com/
x-moxfield-version
2024.09.16.1
Authorization
Bearer undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 18:53:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
server
cloudflare
age
2662
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://www.moxfield.com
access-control-expose-headers
ETag,X-Deck-Version,X-Public-Deck-ID,X-Deck-Has-Changed,x-moxfield-version
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
8c430f7b5825bb79-FRA
x-xss-protection
1; mode=block
request-context
appId=cid-v1:c8984016-78b2-499d-b263-0a8e085fe0a6
kickbacks
api2.moxfield.com/v1/affiliates/tcgplayer/ Frame
0
0
Preflight
General
Full URL
https://api2.moxfield.com/v1/affiliates/tcgplayer/kickbacks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4599 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-moxfield-version
Access-Control-Request-Method
GET
Origin
https://www.moxfield.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,x-moxfield-version
access-control-allow-methods
GET
access-control-allow-origin
https://www.moxfield.com
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
8c430f78bc619158-FRA
date
Mon, 16 Sep 2024 18:53:38 GMT
request-context
appId=cid-v1:c8984016-78b2-499d-b263-0a8e085fe0a6
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
lang.png
s.nitropay.com/cmp/
2 KB
2 KB
Image
General
Full URL
https://s.nitropay.com/cmp/lang.png
Requested by
Host: www.moxfield.com
URL: https://www.moxfield.com/users/Kerakis
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eda5ec1c59939f001bdc15f557f3a905110aac0a60afc5a1eb92d8cdc2d2cbb5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 18:53:38 GMT
strict-transport-security
max-age=2592000; includeSubDomains
cf-cache-status
HIT
age
39
x-guploader-uploadid
AHxI1nM_0r2QNmlMrcBNNJdspku2Elsj3ISj5afDLdVODmlukyzIab95JgU_f1SXBQgl1q1pQW8D28FG0w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
1887
last-modified
Fri, 21 Oct 2022 09:20:58 GMT
server
cloudflare
etag
"ca072a3965f49a2c242c45d535163a53"
vary
Accept-Encoding
x-goog-generation
1666344058779792
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=7x+tRA==, md5=ygcqOWX0miwkLEXVNRY6Uw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
1887
accept-ranges
bytes
cf-ray
8c430f789d1c30c6-FRA
expires
Mon, 16 Sep 2024 19:52:58 GMT
cancel.png
s.nitropay.com/cmp/
1 KB
2 KB
Image
General
Full URL
https://s.nitropay.com/cmp/cancel.png
Requested by
Host: www.moxfield.com
URL: https://www.moxfield.com/users/Kerakis
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89863d0411e5273c7c2befe50bceeab57034e26b5df8751cc13c3bd78c73511d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 18:53:38 GMT
strict-transport-security
max-age=2592000; includeSubDomains
cf-cache-status
HIT
age
787
x-guploader-uploadid
AHxI1nNb27-cu8xGG4RyKnSzGH5VQVovceKBhT6kL8WpgOyj5pSBm0D1tsSdHwurdNpDE3F-Kb13GVC5lw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
1302
last-modified
Fri, 21 Oct 2022 09:20:58 GMT
server
cloudflare
etag
"c707b2d501a53bc2c66e98e4e5cabefb"
vary
Accept-Encoding
x-goog-generation
1666344058825998
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=QrhBNA==, md5=xwey1QGlO8LGbpjk5cq++w==
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
1302
accept-ranges
bytes
cf-ray
8c430f789d1e30c6-FRA
expires
Mon, 16 Sep 2024 19:40:31 GMT
logo.png
s.nitropay.com/cmp/
3 KB
3 KB
Image
General
Full URL
https://s.nitropay.com/cmp/logo.png
Requested by
Host: www.moxfield.com
URL: https://www.moxfield.com/users/Kerakis
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d8fea63a817b75ec9bfbc153b60b576dd31392e4d2afbec0d83cc813f8aca4d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 18:53:38 GMT
strict-transport-security
max-age=2592000; includeSubDomains
cf-cache-status
HIT
age
2653
x-guploader-uploadid
AHxI1nMMh3oKpeYKkJQGcjvHh5cuxScIqChalxw7XDx8aawBNT-znus_cYF25XDW0w5fpwNtYzI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
2592
last-modified
Fri, 21 Oct 2022 09:20:58 GMT
server
cloudflare
etag
"940aa5b81e99bbb7414acc474a89bad9"
vary
Accept-Encoding
x-goog-generation
1666344058842900
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=naGVVg==, md5=lAqluB6Zu7dBSsxHSom62Q==
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
2592
accept-ranges
bytes
cf-ray
8c430f789d2130c6-FRA
expires
Mon, 16 Sep 2024 18:22:47 GMT
bid
aax.amazon-adsystem.com/e/dtb/
23 B
376 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.moxfield.com%2Fusers%2FKerakis&pid=fh894Z1k53NDL&cb=0&ws=1600x1200&v=24.827.1552&t=2200&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A1%2C%22id%22%3A%22Outstream_Floating%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&schain=1.0%2C1%21nitropay.com%2C502%2C1%2C%2C%2C&gpp=DBABM%7E&gpp_sid=%5B2%5D&pubid=da657530-03e5-4306-95bc-d4eb370426c9&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.191.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-191-98.muc50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 18:53:38 GMT
content-encoding
gzip
via
1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MUC50-P4
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.moxfield.com
access-control-allow-credentials
true
content-length
43
x-amz-cf-id
xKuu1FqvXe3RFr6VYy4qGuLk36LUaL0rFAUoltee64ti65bs5SXbVA==
openrtb2
a.nitropay.com/v4/
57 B
283 B
Fetch
General
Full URL
https://a.nitropay.com/v4/openrtb2
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-546.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.144.25 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
25.144.244.35.bc.googleusercontent.com
Software
/
Resource Hash
fb5b9891c09a1238655964fc1b71370238384d23e82b8faf0e1cf97591de6753

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 16 Sep 2024 18:53:38 GMT
via
1.1 google
last-modified
Mon, 16 Sep 2024 18:53:38 GMT
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.moxfield.com
cache-control
max-age:0, private, no-store, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57
hadron.json
id.hadron.ad.gt/v1/
122 B
280 B
XHR
General
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=720&sync=0&domain=www.moxfield.com&url=https://www.moxfield.com/users/Kerakis
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.moxfield.com%2Fusers%2FKerakis&ref=&_it=amazon&partner_id=720
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70cf6b43230da77533cb48b61463b0351e1ceb1f30aaddb8cc550716d607981f

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 16 Sep 2024 18:53:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization,content-type
cf-ray
8c430f7ac8b0360a-FRA
hadron.json
id.hadron.ad.gt/v1/ Frame
0
0
Preflight
General
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=720&sync=0&domain=www.moxfield.com&url=https://www.moxfield.com/users/Kerakis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.moxfield.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
8c430f79ff7e360a-FRA
content-length
0
content-type
application/json
date
Mon, 16 Sep 2024 18:53:38 GMT
debug
OPTIONS block
expires
Tue, 16 Sep 2025 18:53:38 GMT
server
cloudflare
Kerakis
api2.moxfield.com/v1/users/ Frame
0
0
Preflight
General
Full URL
https://api2.moxfield.com/v1/users/Kerakis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4599 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-moxfield-version
Access-Control-Request-Method
GET
Origin
https://www.moxfield.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,x-moxfield-version
access-control-allow-methods
GET
access-control-allow-origin
https://www.moxfield.com
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
8c430f79cdc09158-FRA
date
Mon, 16 Sep 2024 18:53:38 GMT
request-context
appId=cid-v1:c8984016-78b2-499d-b263-0a8e085fe0a6
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
bid
aax.amazon-adsystem.com/e/dtb/
23 B
376 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.moxfield.com%2Fusers%2FKerakis&pid=fh894Z1k53NDL&cb=1&ws=1600x1200&v=24.827.1552&t=2200&slots=%5B%7B%22sd%22%3A%22profilebanner-floating-ad-desktop%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&schain=1.0%2C1%21nitropay.com%2C502%2C1%2C%2C%2C&gpp=DBABM%7E&gpp_sid=%5B2%5D&pubid=da657530-03e5-4306-95bc-d4eb370426c9&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.191.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-191-98.muc50.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 18:53:37 GMT
content-encoding
gzip
via
1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MUC50-P4
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.moxfield.com
access-control-allow-credentials
true
content-length
43
x-amz-cf-id
rk2PntNR_TCi9gK_AJTv5ehTDJS6jQww8SnCHdC4V_2Vy-6H1qd-9g==
Kerakis
api2.moxfield.com/v1/users/
1 KB
955 B
XHR
General
Full URL
https://api2.moxfield.com/v1/users/Kerakis
Requested by
Host: assets.moxfield.net
URL: https://assets.moxfield.net/assets/assets/931.f5644b350e4801a2f5ee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4499 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b165f1dfd6ebf95d051f9ecb65f8d66480480322e762784b003fbaffdea4a4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.moxfield.com/
x-moxfield-version
2024.09.16.1
Authorization
Bearer undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 18:53:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
BYPASS
content-encoding
br
x-xss-protection
1; mode=block
request-context
appId=cid-v1:c8984016-78b2-499d-b263-0a8e085fe0a6
server
cloudflare
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.moxfield.com
access-control-expose-headers
ETag,X-Deck-Version,X-Public-Deck-ID,X-Deck-Has-Changed,x-moxfield-version
cache-control
no-store
access-control-allow-credentials
true
cf-ray
8c430f7c5952bb79-FRA
openrtb2
a.nitropay.com/v4/
57 B
110 B
Fetch
General
Full URL
https://a.nitropay.com/v4/openrtb2
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-546.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.144.25 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
25.144.244.35.bc.googleusercontent.com
Software
/
Resource Hash
a385316d634ce9fbd7e16b804e1f861d4dce1d0a2578fc652a71238cca2b0edb

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 16 Sep 2024 18:53:38 GMT
via
1.1 google
last-modified
Mon, 16 Sep 2024 18:53:38 GMT
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.moxfield.com
cache-control
max-age:0, private, no-store, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57
b2
sb.scorecardresearch.com/
0
226 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=20631572&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1726512818235&ns_c=UTF-8&gdpr=1&gdpr_p1t=0&gdpr_li=1&gdpr_purps=&gdpr_pcc=US&cs_cmp_nc=0&cs_cmp_id=242&cs_cmp_sv=3026&cs_cmp_rt=0&cs_fpcd=1&c7=https%3A%2F%2Fwww.moxfield.com%2Fusers%2FKerakis&c8=Kerakis%20%2F%2F%20Moxfield%20%E2%80%94%20MTG%20Deck%20Builder&c9=
Requested by
Host: www.moxfield.com
URL: https://www.moxfield.com/users/Kerakis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.65.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-65-67.muc50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 18:53:38 GMT
via
1.1 34487f8527afa9dd69067b863d5246b8.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
MUC50-P6
x-amz-cf-id
O1VJU96rMmyU_n53nZ7MUsBzRoLUkQEtR5gC2aTNPbUtdbaiyd0SEg==
x-cache
Miss from cloudfront
favicon.png
www.moxfield.com/
12 KB
12 KB
Other
General
Full URL
https://www.moxfield.com/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4499 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e1696a25ea7946f93e5ca4d863bc08af54a16556d70cc817dee786855498b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.moxfield.com/users/Kerakis
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 18:53:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
2593
content-length
12144
x-xss-protection
1; mode=block
request-context
appId=cid-v1:de7d4d73-85ba-4f63-978f-015ef62a30fc
last-modified
Mon, 16 Sep 2024 22:03:44 GMT
server
cloudflare
etag
"1db08844beb8f70"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, maxage=604800
accept-ranges
bytes
cf-ray
8c430f7a6e93bb79-FRA
720
a.ad.gt/api/v1/u/matches/
13 KB
4 KB
Script
General
Full URL
https://a.ad.gt/api/v1/u/matches/720?_it=amazon
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-546.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b3cc8d13578c3e7c9cdafc8c0caab9884a1b515a7e48b018e01b0e07f868b2d

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 18:53:38 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 16 Sep 2024 18:48:23 GMT
server
cloudflare
age
299
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
8c430f7c2dcf03a0-FRA
profile-1754-9140f954-fbd5-46eb-9c80-c5a1525e9288
assets.moxfield.net/profile/
54 KB
54 KB
Image
General
Full URL
https://assets.moxfield.net/profile/profile-1754-9140f954-fbd5-46eb-9c80-c5a1525e9288
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dcb55f3f42ea48946ff3607e36c0770e88eded8a6a91148ab0eadd528de3f86

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 16 Sep 2024 18:53:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
j1wclFeQEtjqPEeww/XBsQ==
content-length
54894
x-ms-lease-status
unlocked
last-modified
Tue, 13 Oct 2020 20:37:47 GMT
server
cloudflare
etag
0x8D86FB7D897854F
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MjCGQqo9yi9fJBglDzjdSI0nppjqdC4TDhcQTptuHB8M0E1ZqQVMnSzWollsGKX4YQnJnz2p9zFFBEDNJ2g6OjVHUZXE%2Fa7ohpS38d5sKfEeTaoFgAU%2FwQhkKJhiLMcehz2YdD4wf5bTQO1bbQGTtprs"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
x-ms-request-id
592e0a39-f01e-0080-5d69-08e115000000
x-ms-version
2009-09-19
cf-ray
8c430f7dafb0d20e-FRA
54231832-d492-4812-b658-4ab9a30fefe2.jpg
cards.scryfall.io/art_crop/front/5/4/
Redirect Chain
  • https://c1.scryfall.com/file/scryfall-cards/art_crop/front/5/4/54231832-d492-4812-b658-4ab9a30fefe2.jpg?1562799464
  • https://cards.scryfall.io/art_crop/front/5/4/54231832-d492-4812-b658-4ab9a30fefe2.jpg?1562799464
70 KB
71 KB
Image
General
Full URL
https://cards.scryfall.io/art_crop/front/5/4/54231832-d492-4812-b658-4ab9a30fefe2.jpg?1562799464
Protocol
H2
Server
2606:4700:20::681a:405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c98af6defb36d4e5262149902251aa97de296843e1adf511c32b248015d7b260
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 18:53:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13477
content-disposition
inline; filename="hou-104-neheb-the-eternal.jpg"
content-length
72166
cf-bgj
h2pri
last-modified
Mon, 03 Oct 2022 05:50:53 GMT
server
cloudflare
etag
"fc06f3cee5ef8f2ee3b575649989dbd4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mfc29KPSzFy3FCORmfMwhOgCzCRGTwmID7kVorwHHEzztpN7MP%2BbmAJzxtnZ9rlYmHgYDoz7Fql%2B%2FvE0KIDEpMd8S1NYbv%2FQcLyV6hOpUzNigS65kWDyQgmYbyMJPSCbfQkiBH1FVkDiW2W7MnbE"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8c430f7eae6f3637-FRA

Redirect headers

date
Mon, 16 Sep 2024 18:53:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q5knx1Gkaax5CgMtK1WtCYGoXuvfgCIL88nj8%2FXaaq6UhIWy%2FWV8D8FIfEulsOEDOWRifTOhjBoMK99sRb9McPJXaPAjZQxuoGIN2y5X5QzPChG0f6bx1ggYIO1%2FnlDSNGExgmJoyyYXL9mhCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://cards.scryfall.io/art_crop/front/5/4/54231832-d492-4812-b658-4ab9a30fefe2.jpg?1562799464
cache-control
max-age=3600
cf-ray
8c430f7e0d741992-FRA
content-length
167
expires
Mon, 16 Sep 2024 19:53:38 GMT
search-sfw
api2.moxfield.com/v2/decks/
20 KB
2 KB
XHR
General
Full URL
https://api2.moxfield.com/v2/decks/search-sfw?includePinned=true&showIllegal=true&authorUserNames=Kerakis&pageNumber=1&pageSize=12&sortType=updated&sortDirection=descending&board=mainboard
Requested by
Host: assets.moxfield.net
URL: https://assets.moxfield.net/assets/assets/931.f5644b350e4801a2f5ee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4499 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfcd7b2540ba9fc3baf054a82dd143871903002348ff77bcf66c58c2832c8316
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.moxfield.com/
x-moxfield-version
2024.09.16.1
Authorization
Bearer undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 18:53:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
EXPIRED
content-encoding
br
x-xss-protection
1; mode=block
request-context
appId=cid-v1:c8984016-78b2-499d-b263-0a8e085fe0a6
last-modified
Mon, 16 Sep 2024 18:53:39 GMT
server
cloudflare
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.moxfield.com
access-control-expose-headers
ETag,X-Deck-Version,X-Public-Deck-ID,X-Deck-Has-Changed,x-moxfield-version
cache-control
public, max-age=900
access-control-allow-credentials
true
cf-ray
8c430f7e8c2abb79-FRA
search-sfw
api2.moxfield.com/v2/decks/ Frame
0
0
Preflight
General
Full URL
https://api2.moxfield.com/v2/decks/search-sfw?includePinned=true&showIllegal=true&authorUserNames=Kerakis&pageNumber=1&pageSize=12&sortType=updated&sortDirection=descending&board=mainboard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4599 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-moxfield-version
Access-Control-Request-Method
GET
Origin
https://www.moxfield.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,x-moxfield-version
access-control-allow-methods
GET
access-control-allow-origin
https://www.moxfield.com
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
8c430f7dab519158-FRA
date
Mon, 16 Sep 2024 18:53:38 GMT
request-context
appId=cid-v1:c8984016-78b2-499d-b263-0a8e085fe0a6
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
truncated
/
277 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
33948e168acd7ace15961a0b328bff698614fcb9705254da1e4cf993611c0edf

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
fa-solid-900.woff2
assets.moxfield.net/assets/fonts/
342 KB
343 KB
Font
General
Full URL
https://assets.moxfield.net/assets/fonts/fa-solid-900.woff2
Requested by
Host: assets.moxfield.net
URL: https://assets.moxfield.net/assets/assets/moxfield.f84587395186daa1360d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c1249ac344ac2ba5266d08460e9a083aecca1b96b592eafc4a7b4c754e2e928

Request headers

Referer
https://assets.moxfield.net/assets/assets/moxfield.f84587395186daa1360d.css
Origin
https://www.moxfield.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 16 Sep 2024 18:53:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
ZesrOtqJGhrxBimRE1YtzQ==
age
2563
content-length
350540
x-ms-lease-status
unlocked
last-modified
Mon, 16 Sep 2024 18:04:23 GMT
server
cloudflare
etag
0x8DCD679FECEDD00
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h%2BRNP%2BSHVItU1SoVTZF7kZBRhfdw8gQiww8o8A5%2BR3mRPZ8ESAWI3D7G3%2F8%2B25FFmLNXdNfcTpwJBcnYEXyIVZg5WKIMj7eAPKCDuCV6qY4537P0jOxv%2FrJSF80sqKuGB%2F2VHkTzwZ9R2qc0TzCYKKlg"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
https://www.moxfield.com
x-ms-request-id
e749563e-901e-0000-2063-081e13000000
cache-control
max-age=691200
access-control-allow-credentials
true
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8c430f8068f89b80-FRA
mana.woff
assets.moxfield.net/assets/fonts/
201 KB
201 KB
Font
General
Full URL
https://assets.moxfield.net/assets/fonts/mana.woff
Requested by
Host: assets.moxfield.net
URL: https://assets.moxfield.net/assets/assets/moxfield.f84587395186daa1360d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88fc59afe30b785ab5d2c0191805cb141720e7112ce986b8f0f90f70b1ba2585

Request headers

Referer
https://assets.moxfield.net/assets/assets/moxfield.f84587395186daa1360d.css
Origin
https://www.moxfield.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 16 Sep 2024 18:53:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
5Gs/XcIwTDB5AWizb9PCww==
age
6526
content-length
205476
x-ms-lease-status
unlocked
last-modified
Sat, 14 Sep 2024 13:09:30 GMT
server
cloudflare
etag
0x8DCD4BE786B9C84
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rJEW1TppAQjrY0L6T53dkch6SomMt9IbryYCE0O8l3BBu%2FH1RKc6LDk7QwC6tae%2FziANhMVowWwLSwTWhVAywmFtndVR0%2FMx86qXOsrL3Jh1a1G5GnrfcLPL%2FPo9ji8WhFQ7Qb1eKgj%2FUbbvyxhqQ62s"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
https://www.moxfield.com
x-ms-request-id
648fe777-d01e-002e-01b3-064c04000000
cache-control
max-age=691200
access-control-allow-credentials
true
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8c430f8068fb9b80-FRA
fa-light-300.woff2
assets.moxfield.net/assets/fonts/
450 KB
451 KB
Font
General
Full URL
https://assets.moxfield.net/assets/fonts/fa-light-300.woff2
Requested by
Host: assets.moxfield.net
URL: https://assets.moxfield.net/assets/assets/moxfield.f84587395186daa1360d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d111d3c5e66efb37517ab8c67148d2cc9815311afed1c0e39ef7897726d9a5b5

Request headers

Referer
https://assets.moxfield.net/assets/assets/moxfield.f84587395186daa1360d.css
Origin
https://www.moxfield.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 16 Sep 2024 18:53:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
DRhDR8UZSKi829f8qVZw9Q==
age
5826
content-length
460556
x-ms-lease-status
unlocked
last-modified
Sat, 14 Sep 2024 13:09:30 GMT
server
cloudflare
etag
0x8DCD4BE7860FA18
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wi%2FKx9GeBfM3yvbflve4fSIzjOA47lrFBU6WAiruzEDq459qtkHb9bQXZQXgfk15wcb7J9Mur6TetvHjY33qGzEq%2Fd%2FGsPEJO1SNoUqSC8hXwbA486qgvbudVDDSpisDZI9NE7DpDbvYbwTN8NYehB05"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
https://www.moxfield.com
x-ms-request-id
87a1d838-801e-00d7-21b5-064f26000000
cache-control
max-age=691200
access-control-allow-credentials
true
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8c430f8068fd9b80-FRA
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-BW2XPQDNK2&gtm=45je4990v887727717za200&_p=1726512816657&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=779727908.1726512817&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1726512816&sct=1&seg=0&dl=https%3A%2F%2Fwww.moxfield.com%2Fusers%2FKerakis&dt=Kerakis%27s%20Moxfield%20Profile&en=scroll&epn.percent_scrolled=90&_et=39&tfd=6112
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BW2XPQDNK2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.moxfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Sep 2024 18:53:41 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.moxfield.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| gtag object| dataLayer object| nitroAds object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| webpackChunkmoxfield object| ads object| nads object| napbjs object| _pbjsGlobals object| _comscore object| grumi object| googletag function| __uspapi object| __gpp_queue object| __gpp_events number| __gpp_lastId function| __gpp object| nitroAdsCustomConsents string| nitroAdsPublisherCC object| __tcfapi_queue function| __tcfapi object| apstag object| __bt object| __bt_intrnl object| __bt_tag_d object| ggeac object| google_js_reporting_queue object| regeneratorRuntime object| FontAwesomeConfig object| ___FONT_AWESOME___ function| saveAs object| nitroAdsCMP object| __npcmp_queue function| __npcmp string| __npcmp_geo string| __npcmp_region boolean| __npcmp_init function| __cmp boolean| __npcmp_gdpr boolean| __bt_already_invoked object| _aps boolean| apstagLOADED object| apscustom object| win object| doc object| google_reactive_ads_global_state function| ha object| hadron boolean| __halo_loaded__ object| PublisherCommonId object| __id5_finalization_registry object| ID5 object| COMSCORE object| ns_p object| au

7 Cookies

Domain/Path Name / Value
.www.moxfield.com/ Name: TiPMix
Value: 12.80697458707164
.www.moxfield.com/ Name: x-ms-routing-name
Value: self
.nitropay.com/ Name: __cf_bm
Value: ggOW6l_E9rlavNI0gn504quovFZeBsKWTec83pB_RUo-1726512816-1.0.1.1-BFdqUvAxR.7Dr472qioWeocNb1hkCEnIaYxcfc9mIg2wj8RcDlunbWkW3bcXEBaIT35F6SQm2_MuNLBAC._RMA
.moxfield.com/ Name: _ga
Value: GA1.1.779727908.1726512817
.moxfield.com/ Name: _ga_BW2XPQDNK2
Value: GS1.1.1726512816.1.0.1726512816.0.0.0
.moxfield.com/ Name: ncmp.domain
Value: moxfield.com
.ad.gt/ Name: au_3p_check
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
a.nitropay.com
aax.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
api.btloader.com
api2.moxfield.com
assets.moxfield.net
btloader.com
c.amazon-adsystem.com
c1.scryfall.com
cards.scryfall.io
cdn.hadronid.net
cdn.id5-sync.com
config.aps.amazon-adsystem.com
consent.nitrocnct.com
fonts.googleapis.com
fonts.gstatic.com
id.hadron.ad.gt
kerakis.moxfield.com
region1.google-analytics.com
rumcdn.geoedge.be
s.nitropay.com
sb.scorecardresearch.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
tracker.nitropay.com
wrappers.geoedge.be
www.googletagmanager.com
www.moxfield.com
108.138.36.15
130.211.23.194
142.250.186.70
18.173.191.98
2001:4860:4802:34::36
23.205.176.78
2600:9000:2165:f800:2:d490:4d80:93a1
2600:9000:26db:0:4:b37b:9440:93a1
2606:4700:10::6816:3456
2606:4700:10::6816:35ad
2606:4700:10::6816:445
2606:4700:10::6816:4499
2606:4700:10::6816:4599
2606:4700:10::6816:4ad8
2606:4700:10::6816:545
2606:4700:20::681a:405
2606:4700:20::681a:8e6
2606:4700:20::ac43:4513
2606:4700::6812:34e
2a00:1450:4001:81c::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2002
2a06:98c1:3121::3
35.244.144.25
52.85.64.123
52.85.65.67
006b6d64d07be11c46ecbbff71b2a1a7ed3d408a26687241849ff1bc0d177015
04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0acfb7d0a318166f3a8795e531bfd2df799c0c1f87ad066c644da2923fd58131
0c4f399915e4c019e41529d76506520a0315c659bb1a3867c6f9aa30b617f3c0
1ddafd1d60fb0f91e3431e2d9761e11d9e7a82fbb8eea507dcd21673f9fca01b
2b3cc8d13578c3e7c9cdafc8c0caab9884a1b515a7e48b018e01b0e07f868b2d
2c2dfe6e5ac215728c72b90926e35a22da1e6a5424094bb20d80bc78c5280f03
33948e168acd7ace15961a0b328bff698614fcb9705254da1e4cf993611c0edf
3b165f1dfd6ebf95d051f9ecb65f8d66480480322e762784b003fbaffdea4a4f
40d3155aba7594ec43e3a0fb10f6b0c922815701b09861664150bdd5d4311f95
42e1696a25ea7946f93e5ca4d863bc08af54a16556d70cc817dee786855498b2
435655d3fba44e4753ce83e8684ff55c03e18d50530118f11894da270aa6cad9
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
456225e531481e842f33072cfe63b61f59aedcfe95baa5ebe093ccd36468ecf5
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586
5dcb55f3f42ea48946ff3607e36c0770e88eded8a6a91148ab0eadd528de3f86
5e5fdd6681d1689e553f81e5c7abb8f33d3d140f9b4ed2f4e0c6509cf9852f78
5ffe432342c0cef464ee2d63a7374fa89d7ebeb027e2671bd7ffb1602dac5c36
64171bed8b1e093ab735ee9c6cdc99440d0fea8e8f8c9f362fae3c093f1332f1
68de9947c014ba26a1d48132dc5a94697f4c575972d2944da8e496f5780fd7b2
6a1aa596dceea97db2a0ac76c0112984ff589b9e5aeed725dfd04032d470ab3b
6d8fea63a817b75ec9bfbc153b60b576dd31392e4d2afbec0d83cc813f8aca4d
70cf6b43230da77533cb48b61463b0351e1ceb1f30aaddb8cc550716d607981f
720354f9e50d83fe29428ae1e2404ab16d1274df82d0fec9dba2c6ad34deac12
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7e2cf066ed312b8a496c799b47b3ee867b18f2ebdaa1d73cb123015bf40cdb6f
8027188b7e33b80a996112698bc4b25a7f0356f35932fbd0692b485c3de56ab3
8096d8feb26aa88976fad26f247de3009ba02ad2fbbb6f8cfa4db1aaa36b68d5
827eba33ff7f627627e79285ae329f7269998b7ca965f96f2c1ee59ce7116406
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
88fc59afe30b785ab5d2c0191805cb141720e7112ce986b8f0f90f70b1ba2585
89863d0411e5273c7c2befe50bceeab57034e26b5df8751cc13c3bd78c73511d
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8c80b6dad19d53cf0a4c3c677b5490f7bbc87d80e7081ea2b80f09df5caee2c9
91aaef966cd9b8d4992ff63269ab55cd8e09a191fbb0796f0f3e8ba5d87f3eee
99429943bd63a607e02c901c102b36ab1967d894fa247f960dc5bf45518bc60c
9c1249ac344ac2ba5266d08460e9a083aecca1b96b592eafc4a7b4c754e2e928
a385316d634ce9fbd7e16b804e1f861d4dce1d0a2578fc652a71238cca2b0edb
c98af6defb36d4e5262149902251aa97de296843e1adf511c32b248015d7b260
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfcd7b2540ba9fc3baf054a82dd143871903002348ff77bcf66c58c2832c8316
d111d3c5e66efb37517ab8c67148d2cc9815311afed1c0e39ef7897726d9a5b5
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
de3e6cdf372ffbab9f4bbd1178162017291daf36f9f7cafda0412969595a289c
df29647c2fed59b3a258eedced3dba2df6380da8257b7672d83f186c3fb36808
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53b24312b4f57b412571f0d21602fecdb20d51aef0a3890099cc87b0279d5e5
e5ac5647c0e879c9df5f09fa63106ec9368f5828ee25da2bd10189e2a8e24ea9
eda5ec1c59939f001bdc15f557f3a905110aac0a60afc5a1eb92d8cdc2d2cbb5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
f4d2dfedba36ea1a797a8881a4dd30448dad8459e21cecea2089ab3bc166aa12
fb5b9891c09a1238655964fc1b71370238384d23e82b8faf0e1cf97591de6753
fe0af73f7a72c3e19aeb8c017287a8833ae5341a95cd1748452f8cf142437587