www.clixblue.com Open in urlscan Pro
2606:4700:3037::6815:57a7 Public Scan

URL:
https://www.clixblue.com/
Submission: On February 26 via api (February 26th 2021, 3:34:05 pm UTC) from US

Summary HTTP 229 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 48 IPs in 7 countries across 49 domains to perform 229 HTTP transactions. The main IP is 2606:4700:3037::6815:57a7, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.clixblue.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 12th 2020. Valid for: a year.

This is the only time www.clixblue.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
71	2606:4700:303... 2606:4700:3037::6815:57a7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	34.120.223.230 34.120.223.230	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
6	151.139.241.23 151.139.241.23	33438 (HIGHWINDS2) (HIGHWINDS2)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	145.239.193.145 145.239.193.145	16276 (OVH) (OVH)
1 1	185.86.137.114 185.86.137.114	201081 (SMARTADSE...) (SMARTADSERVER)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	145.239.192.166 145.239.192.166	16276 (OVH) (OVH)
1	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
9	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
1	54.72.125.151 54.72.125.151	16509 (AMAZON-02) (AMAZON-02)
1	65.9.23.121 65.9.23.121	16509 (AMAZON-02) (AMAZON-02)
2 4	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
5	2606:4700:303... 2606:4700:3033::ac43:d97d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	148.251.53.118 148.251.53.118	24940 (HETZNER-AS) (HETZNER-AS)
18	2606:4700::68... 2606:4700::6810:8916	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:20d... 2600:9000:20d7:5400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
14	2606:4700:20:... 2606:4700:20::ac43:4801	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	185.59.220.196 185.59.220.196	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
1	185.59.220.193 185.59.220.193	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
4	63.34.175.121 63.34.175.121	16509 (AMAZON-02) (AMAZON-02)
2 2	185.33.221.11 185.33.221.11	29990 (ASN-APPNEX) (ASN-APPNEX)
3 10	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
3 4	52.209.120.242 52.209.120.242	16509 (AMAZON-02) (AMAZON-02)
2 2	54.195.23.91 54.195.23.91	16509 (AMAZON-02) (AMAZON-02)
1 1	52.29.225.117 52.29.225.117	16509 (AMAZON-02) (AMAZON-02)
1 1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.120.207.148 34.120.207.148	15169 (GOOGLE) (GOOGLE)
1	5.9.10.165 5.9.10.165	24940 (HETZNER-AS) (HETZNER-AS)
1 1	185.33.221.13 185.33.221.13	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	185.86.138.144 185.86.138.144	201081 (SMARTADSE...) (SMARTADSERVER)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	18.195.130.212 18.195.130.212	16509 (AMAZON-02) (AMAZON-02)
1	176.34.185.174 176.34.185.174	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 5	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a04:4e42::729 2a04:4e42::729	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	37.157.6.241 37.157.6.241	198622 (ADFORM) (ADFORM)
1 1	63.33.127.66 63.33.127.66	16509 (AMAZON-02) (AMAZON-02)
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	79.137.69.120 79.137.69.120	16276 (OVH) (OVH)
2	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
229	48

71 2606:4700:3037::6815:57a7 (United States)

ASN13335 (CLOUDFLARENET, US)

www.clixblue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.223.230 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 230.223.120.34.bc.googleusercontent.com

arc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.139.241.23 (United States)

ASN33438 (HIGHWINDS2, US)

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.193.145 (France)

ASN16276 (OVH, FR)

g.themoneytizer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.114 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ww1097.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba0b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ced-ns.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.192.166 (France)

ASN16276 (OVH, FR)

tag.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.125.151 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-125-151.eu-west-1.compute.amazonaws.com

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.23.121 (Orlando, United States)

ASN16509 (AMAZON-02, US)

d2zur9cc2gf1tx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3033::ac43:d97d (United States)

ASN13335 (CLOUDFLARENET, US)

www.adthurst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.53.118 (Germany)

ASN24940 (HETZNER-AS, DE)

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700::6810:8916 (United States)

ASN13335 (CLOUDFLARENET, US)

mellowads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
banners.mellowads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20d7:5400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:20::ac43:4801 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.bmcdn1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.bmcdn1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.bmcdn1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.59.220.196 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)

static.arc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.59.220.193 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
PTR: unn-185-59-220-193.datapacket.com

core.arc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 63.34.175.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-175-121.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.11 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.209.120.242 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-120-242.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.195.23.91 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-23-91.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.225.117 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.207.148 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.9.10.165 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.165.10.9.5.clients.your-server.de

static.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.13 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.144 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.130.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

pool.grid-data.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.34.185.174 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

adtrack.adleadevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com.pk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.241 (Denmark)

ASN198622 (ADFORM, DK)

track.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.127.66 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-127-66.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.137.69.120 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: gcm10.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
71	clixblue.com www.clixblue.com	1 MB
18	doubleclick.net 3 redirects cm.g.doubleclick.net googleads.g.doubleclick.net	74 KB
18	mellowads.com mellowads.com banners.mellowads.com	262 KB
14	bmcdn1.com cdn.bmcdn1.com static.bmcdn1.com media.bmcdn1.com	221 KB
14	arc.io arc.io static.arc.io core.arc.io	234 KB
12	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	338 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	371 KB
9	zeotap.com spl.zeotap.com mwzeom.zeotap.com	3 KB
7	googleapis.com fonts.googleapis.com ajax.googleapis.com	113 KB
6	google.com 1 redirects adservice.google.com www.google.com	23 KB
6	themoneytizer.com ads.themoneytizer.com	197 KB
5	adthurst.com www.adthurst.com	84 KB
5	cpx.to p.cpx.to s.cpx.to	6 KB
4	adsrvr.org 3 redirects match.adsrvr.org	2 KB
4	google-analytics.com www.google-analytics.com ssl.google-analytics.com	36 KB
3	casalemedia.com 2 redirects as-sec.casalemedia.com ssum-sec.casalemedia.com	2 KB
3	pubmatic.com 2 redirects image2.pubmatic.com image6.pubmatic.com	2 KB
3	adnxs.com 3 redirects ib.adnxs.com secure.adnxs.com	3 KB
3	quantserve.com secure.quantserve.com pixel.quantserve.com cms.quantserve.com	9 KB
3	smartadserver.com 2 redirects ww1097.smartadserver.com sync.smartadserver.com	581 B
2	cloudflare.com cdnjs.cloudflare.com	2 KB
2	openx.net 2 redirects rtb.openx.net	591 B
2	facebook.com www.facebook.com	408 B
2	facebook.net connect.facebook.net	93 KB
2	googletagservices.com www.googletagservices.com	61 KB
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	a-ads.com ad.a-ads.com static.a-ads.com	39 KB
2	leadplace.fr tag.leadplace.fr	4 KB
1	gemius.pl 1 redirects googlecm.hit.gemius.pl	213 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	457 B
1	everesttech.net 1 redirects pixel.everesttech.net	376 B
1	seadform.net track.seadform.net
1	sentry-cdn.com browser.sentry-cdn.com	16 KB
1	recaptcha.net www.recaptcha.net	1004 B
1	googleadservices.com partner.googleadservices.com	174 B
1	google.com.pk adservice.google.com.pk	799 B
1	adleadevent.com adtrack.adleadevent.com	527 B
1	bidswitch.net pool.grid-data.bidswitch.net	300 B
1	rlcdn.com api.rlcdn.com	222 B
1	mathtag.com 1 redirects pixel.mathtag.com	708 B
1	agkn.com 1 redirects aa.agkn.com	384 B
1	quantcount.com rules.quantcount.com	996 B
1	indexww.com js-sec.indexww.com	13 KB
1	cloudfront.net d2zur9cc2gf1tx.cloudfront.net	26 KB
1	onetag-sys.com onetag-sys.com	818 B
1	criteo.com gum.criteo.com	371 B
1	sascdn.com ced-ns.sascdn.com	10 KB
1	themoneytizer.net g.themoneytizer.net	271 B
0	id5-sync.com Failed id5-sync.com Failed
229	49

	Domain	Requested by
71	www.clixblue.com	www.clixblue.com ajax.googleapis.com
15	mellowads.com	ajax.googleapis.com mellowads.com
12	static.arc.io	arc.io core.arc.io static.arc.io
10	cm.g.doubleclick.net	3 redirects www.clixblue.com googleads.g.doubleclick.net
8	static.bmcdn1.com	cdn.bmcdn1.com static.bmcdn1.com
8	googleads.g.doubleclick.net	www.adthurst.com googleads.g.doubleclick.net www.googletagservices.com
7	pagead2.googlesyndication.com	www.adthurst.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
6	mwzeom.zeotap.com	www.clixblue.com
6	ads.themoneytizer.com	www.clixblue.com ads.themoneytizer.com ajax.googleapis.com
5	tpc.googlesyndication.com	googleads.g.doubleclick.net
5	www.google.com	1 redirects www.gstatic.com www.google.com
5	cdn.bmcdn1.com	www.clixblue.com cdn.bmcdn1.com
5	www.adthurst.com	ajax.googleapis.com www.adthurst.com
5	fonts.gstatic.com	fonts.googleapis.com www.google.com
5	fonts.googleapis.com	www.clixblue.com
4	www.gstatic.com	www.recaptcha.net www.google.com www.gstatic.com
4	match.adsrvr.org	3 redirects js-sec.indexww.com
4	s.cpx.to	p.cpx.to www.clixblue.com
3	banners.mellowads.com	mellowads.com
3	spl.zeotap.com	ads.themoneytizer.com spl.zeotap.com
2	cdnjs.cloudflare.com	static.arc.io
2	ssum-sec.casalemedia.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	rtb.openx.net	2 redirects
2	www.facebook.com	cdn.bmcdn1.com www.clixblue.com
2	connect.facebook.net	static.bmcdn1.com connect.facebook.net
2	www.googletagservices.com	www.adthurst.com googleads.g.doubleclick.net
2	sync.smartadserver.com	1 redirects www.clixblue.com
2	dpm.demdex.net	2 redirects
2	ib.adnxs.com	2 redirects
2	tag.leadplace.fr	ads.themoneytizer.com tag.leadplace.fr
2	ssl.google-analytics.com	www.clixblue.com
2	www.google-analytics.com	www.clixblue.com www.google-analytics.com
2	ajax.googleapis.com	www.clixblue.com d2zur9cc2gf1tx.cloudfront.net
1	googlecm.hit.gemius.pl	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	pixel.everesttech.net	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	track.seadform.net	googleads.g.doubleclick.net
1	browser.sentry-cdn.com	arc.io
1	media.bmcdn1.com	cdn.bmcdn1.com
1	www.recaptcha.net	cdn.bmcdn1.com
1	partner.googleadservices.com	www.adthurst.com
1	adservice.google.com	www.adthurst.com
1	adservice.google.com.pk	www.adthurst.com
1	adtrack.adleadevent.com	ajax.googleapis.com
1	as-sec.casalemedia.com	js-sec.indexww.com
1	pool.grid-data.bidswitch.net	www.clixblue.com
1	image2.pubmatic.com	www.clixblue.com
1	secure.adnxs.com	1 redirects
1	static.a-ads.com	ad.a-ads.com
1	api.rlcdn.com	js-sec.indexww.com
1	pixel.quantserve.com	www.clixblue.com
1	pixel.mathtag.com	1 redirects
1	aa.agkn.com	1 redirects
1	core.arc.io	arc.io
1	rules.quantcount.com	secure.quantserve.com
1	ad.a-ads.com	ajax.googleapis.com
1	js-sec.indexww.com	ads.themoneytizer.com
1	d2zur9cc2gf1tx.cloudfront.net	ads.themoneytizer.com
1	p.cpx.to	ads.themoneytizer.com
1	secure.quantserve.com	ads.themoneytizer.com
1	onetag-sys.com	ads.themoneytizer.com
1	gum.criteo.com	ads.themoneytizer.com
1	ced-ns.sascdn.com	www.clixblue.com
1	ww1097.smartadserver.com	1 redirects
1	g.themoneytizer.net	ads.themoneytizer.com
1	arc.io	www.clixblue.com
0	id5-sync.com Failed	www.clixblue.com
229	69

This site contains links to these domains. Also see Links.

Domain
www.jssor.com
www.kvk.nl

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-12` - `2021-08-12`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.arc.io R3	`2021-01-29` - `2021-04-29`	3 months	crt.sh
*.themoneytizer.com GoGetSSL RSA DV CA	`2021-02-14` - `2022-03-17`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
g.themoneytizer.net GoGetSSL RSA DV CA	`2019-10-16` - `2022-01-17`	2 years	crt.sh
*.sascdn.com DigiCert Secure Site ECC CA-1	`2020-10-14` - `2021-11-11`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
*.leadplace.fr Gandi Standard SSL CA 2	`2020-09-11` - `2021-09-12`	a year	crt.sh
onetag-sys.com R3	`2021-02-10` - `2021-05-11`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
p.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2021-02-02` - `2022-02-02`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA	`2020-12-02` - `2022-01-02`	a year	crt.sh
static.arc.io R3	`2021-02-04` - `2021-05-05`	3 months	crt.sh
core.arc.io R3	`2021-02-04` - `2021-05-05`	3 months	crt.sh
s.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2021-02-03` - `2022-02-09`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2021-04-23`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
pool.grid-data.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-03-06` - `2022-03-06`	2 years	crt.sh
adtrack.adleadevent.com Amazon	`2020-06-15` - `2021-07-15`	a year	crt.sh
*.google.com.pk GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
misc.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-02-22` - `2022-03-26`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.seadform.net DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-03`	a year	crt.sh

This page contains 23 frames:

Primary Page: https://www.clixblue.com/
Frame ID: 7BD025363DC63E654223F3563AAF6780
Requests: 126 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1614353619797
Frame ID: 25C6E9914DB11A921222517E1053302E
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&id_mid_4=867363ee-dbf0-4e55-6d27-b33975e4e6e2&reqId=1821bf69-eb68-4d02-634a-70e70a4272d3&uc=2&zdid=1258&cmp=0
Frame ID: 148A87D465246D565B0AA44601F55191
Requests: 9 HTTP requests in this frame

Frame: https://ad.a-ads.com/1199399?size=728x90
Frame ID: 606B4F1D24F309AEACEE1E992667E26E
Requests: 3 HTTP requests in this frame

Frame: https://mellowads.com/view/4438AA8AF364
Frame ID: 4647B92592AF3A261812EA370256B819
Requests: 4 HTTP requests in this frame

Frame: https://core.arc.io/broker.html?b696a0a1f
Frame ID: CF33C97C0B055C6348CA1DF7B9E59CE6
Requests: 6 HTTP requests in this frame

Frame: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fwww.clixblue.com%2F&id=MTIZ
Frame ID: EA9D252D18390111F2C5F87B9DF56D25
Requests: 1 HTTP requests in this frame

Frame: https://mellowads.com/view/09E96B9DB3FA
Frame ID: E43ADE21992EA859DB2ADB5E3624636C
Requests: 3 HTTP requests in this frame

Frame: https://mellowads.com/view/D3F1CA4E8E85
Frame ID: 7B4FCB370DEC07C7CF264B4C0D129FB7
Requests: 4 HTTP requests in this frame

Frame: https://mellowads.com/view/32290922BCDE
Frame ID: EDC1B887BF1399B18784DC4B1343806E
Requests: 3 HTTP requests in this frame

Frame: https://mellowads.com/view/BAF35D15A54D
Frame ID: 64E971F896FD102B963A1E9EB1F5ED48
Requests: 4 HTTP requests in this frame

Frame: https://www.adthurst.com/display/index.php?page=query/items/&aduid=35&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=e99122407a2426de72db562bf87eec45&time=1614353620&deliver=clixblue.com&search_keywords=&page_referrer=aHR0cHM6Ly93d3cuY2xpeGJsdWUuY29tLw==&page_title=Clixblue%20-%20Get%20some%20Blue%20into%20your%20pockets&meta_description=
Frame ID: A72968B2D0A779CF2E8975CEF9BFEAED
Requests: 12 HTTP requests in this frame

Frame: https://cdn.bmcdn1.com/p/5e56816b6c7fa8946b9643a0/?source=https%3A%2F%2Fwww.clixblue.com%2F&ref=&ent=&we=0&fid=50d068dd648bbd0251bb752174c02be2&fidnoua=ecc3663fbf086b87cf763b12b575e917&impid=a1c4fb280f3fa3e5e403569e414377db&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&sig=0x00000&blocksubid=0
Frame ID: 661C379F3B2EF718C522A9606E4950FF
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=2.2.0.0.2.2.0.0&client=ca-pub-3528081563288327&output=html&h=250&slotname=9744456138&adk=2113135940&adf=3025194257&pi=t.ma~as.9744456138&w=300&lmt=1613213550&psa=1&format=300x250&url=http%3A%2F%2F1xbtc.io%2Fcrypto%2F&flash=0&wgl=1&dt=1613213561336&bpp=8&bdt=580&idt=538&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D&correlator=4356774016526&frm=20&pv=2&ga_vid=1670974488.1589047207&ga_sid=1613213562&ga_hid=1624293709&ga_fc=1&u_tz=300&u_his=5&u_java=0&u_h=831&u_w=1477&u_ah=831&u_aw=1477&u_cd=24&u_nplug=3&u_nmime=4&adx=8&ady=8&biw=1478&bih=759&scr_x=0&scr_y=0&eid=182984100%2C182984300%2C21068083%2C21068769%2C21068893%2C21068785&oid=3&pvsid=3651221640124249&pem=278&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1477%2C0%2C1477%2C831%2C1478%2C759&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=XUtcv4ORQR&p=http%3A//1xbtc.io&dtd=563
Frame ID: B4833A4A0ACB323418ED0DE54805831E
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=2.2.0.0.2.2.0.0&client=ca-pub-3528081563288327&output=html&adk=1812271804&adf=1573534164&lmt=1613213550&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2F1xbtc.io%2Fcrypto%2F&ea=0&flash=0&pra=7&wgl=1&dt=1613213561344&bpp=10&bdt=588&idt=567&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D&prev_fmts=300x250&nras=1&correlator=4356774016526&frm=20&pv=1&ga_vid=1670974488.1589047207&ga_sid=1613213562&ga_hid=1624293709&ga_fc=0&u_tz=300&u_his=5&u_java=0&u_h=831&u_w=1477&u_ah=831&u_aw=1477&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1478&bih=759&scr_x=0&scr_y=0&eid=182984100%2C182984300%2C21068083%2C21068769%2C21068893%2C21068785&oid=3&pvsid=3651221640124249&pem=278&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1477%2C0%2C1477%2C831%2C1478%2C759&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&dtd=575
Frame ID: F5BF472E86E6A88AFF1C1A69C3A3BCEE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/zrt_lookup.html
Frame ID: FCCDACA9DE4CF551EBC53585D9556657
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/zrt_lookup.html?fsb=1
Frame ID: 740DAC1B892F980D70DEA3D42035FA35
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdV3HgUAAAAACYiz5ZDTI3X6PRiwnqmJPNrXNpG&co=aHR0cHM6Ly9jZG4uYm1jZG4xLmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=x7xc9zt42ai5
Frame ID: F4F2913DC15E48DFE76EB715F078CACF
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 1961EEFCD8A7F61A92F871801B4DFDAF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 32681FBF0E988863962CB8D67E4FEDD6
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js
Frame ID: 17614FA5FD662B0F5A7C1D6BA3567051
Requests: 1 HTTP requests in this frame

Frame: https://static.arc.io/widget/css/widget.css?b696a0a1f
Frame ID: 4D2A7465A71AE62A281BFD12F67CB7D1
Requests: 3 HTTP requests in this frame

Frame: https://static.arc.io/widget/css/widget.css?b696a0a1f
Frame ID: 747795E28D1C90E9C2B559AE5D9464C7
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /\/prebid\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery-ui[.-]([\d.]*\d)[^/]*\.js/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery-ui[.-]([\d.]*\d)[^/]*\.js/i
script /jquery-ui.*\.js/i

Page Statistics

229
Requests

100 %
HTTPS

43 %
IPv6

49
Domains

69
Subdomains

48
IPs

7
Countries

3415 kB
Transfer

7972 kB
Size

20
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.jssor.com/
Title: Slideshow Maker

Search URL Search Domain Scan URL

URL: https://www.kvk.nl/orderstraat/product-kiezen/?kvknummer=67049362
Title: Xalvira BV

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
https://ced-ns.sascdn.com/diff/js/smart.js

Request Chain 96

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent= HTTP 302
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&domid=1033 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEEe_HYS20M0iAL7xYCuKt90&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEEe_HYS20M0iAL7xYCuKt90&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&etid=&domid=1033 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=8122490717689941876&opid=apx&ops=&utidl=tech:goo:CAESEEe_HYS20M0iAL7xYCuKt90&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&etid=&domid=1033 HTTP 303
https://id5-sync.com/qp/18.gif?puid=vec%3A11377484643&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/7/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/7/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/19/7/3.gif?puid=a3125f7bd88090608f7c13752a138c96&gdpr=1&gdpr_consent= HTTP 302
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/12/101/6/4.gif?puid=01032789-d133-4815-87ee-8d53fd8f8311&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F5%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F5%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/108/5/5.gif?puid=01b80e31-7848-11eb-8b15-9e9b130d4f06&gdpr=1&gdpr_consent= HTTP 302
https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F4%2F6.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F4%2F6.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D&xl8blockcheck=1 HTTP 302
https://id5-sync.com/c/12/103/4/6.gif?puid=08c4dd6c6abd61d6bfb6ff5d010e94e4&gdpr=1&gdpr_consent=

Request Chain 115

https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=867363ee-dbf0-4e55-6d27-b33975e4e6e2&reqId=1821bf69-eb68-4d02-634a-70e70a4272d3&uc=2&zdid=1258 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fadnxs_uid%3D%24UID%26zpartnerid%3D2%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D867363ee-dbf0-4e55-6d27-b33975e4e6e2%26reqId%3D1821bf69-eb68-4d02-634a-70e70a4272d3%26uc%3D2%26zdid%3D1258 HTTP 302
https://mwzeom.zeotap.com/mw?adnxs_uid=8122490717689941876&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=867363ee-dbf0-4e55-6d27-b33975e4e6e2&reqId=1821bf69-eb68-4d02-634a-70e70a4272d3&uc=2&zdid=1258

Request Chain 116

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=867363ee-dbf0-4e55-6d27-b33975e4e6e2&reqId=1821bf69-eb68-4d02-634a-70e70a4272d3&uc=2&zdid=1258 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=867363ee-dbf0-4e55-6d27-b33975e4e6e2&reqId=1821bf69-eb68-4d02-634a-70e70a4272d3&uc=2&zdid=1258&google_tc= HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEG-Q_pRJLBA72A-ynGzS4Mg&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=867363ee-dbf0-4e55-6d27-b33975e4e6e2&reqId=1821bf69-eb68-4d02-634a-70e70a4272d3&uc=2&zdid=1258

Request Chain 117

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D867363ee-dbf0-4e55-6d27-b33975e4e6e2%26reqId%3D1821bf69-eb68-4d02-634a-70e70a4272d3%26uc%3D2%26zdid%3D1258 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D867363ee-dbf0-4e55-6d27-b33975e4e6e2%26reqId%3D1821bf69-eb68-4d02-634a-70e70a4272d3%26uc%3D2%26zdid%3D1258 HTTP 302
https://mwzeom.zeotap.com/mw?cid=6a31a1c5-025e-4511-97e9-1df2949de075&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=867363ee-dbf0-4e55-6d27-b33975e4e6e2&reqId=1821bf69-eb68-4d02-634a-70e70a4272d3&uc=2&zdid=1258

Request Chain 118

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=867363ee-dbf0-4e55-6d27-b33975e4e6e2&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D867363ee-dbf0-4e55-6d27-b33975e4e6e2%26reqId%3D1821bf69-eb68-4d02-634a-70e70a4272d3%26uc%3D2%26zdid%3D1258 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=867363ee-dbf0-4e55-6d27-b33975e4e6e2&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D867363ee-dbf0-4e55-6d27-b33975e4e6e2%26reqId%3D1821bf69-eb68-4d02-634a-70e70a4272d3%26uc%3D2%26zdid%3D1258 HTTP 302
https://mwzeom.zeotap.com/mw?cid=83830308513050328991147742781869089714&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=867363ee-dbf0-4e55-6d27-b33975e4e6e2&reqId=1821bf69-eb68-4d02-634a-70e70a4272d3&uc=2&zdid=1258

Request Chain 119

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&id_mid_4=867363ee-dbf0-4e55-6d27-b33975e4e6e2&reqId=1821bf69-eb68-4d02-634a-70e70a4272d3&uc=2&zdid=1258 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=w5MMzfX%2FPCkvECCqRYO8mmoFaxrHIRNv%2BS41iYitP1U%3D

Request Chain 120

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D867363ee-dbf0-4e55-6d27-b33975e4e6e2%26reqId%3D1821bf69-eb68-4d02-634a-70e70a4272d3%26uc%3D2%26zdid%3D1258 HTTP 302
https://mwzeom.zeotap.com/mw?cid=e66e6039-14d4-4900-b139-4af544e21107&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&id_mid_4=867363ee-dbf0-4e55-6d27-b33975e4e6e2&reqId=1821bf69-eb68-4d02-634a-70e70a4272d3&uc=2&zdid=1258

Request Chain 131

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12768%26ref%3D%26hn_ver%3D11%26fid%3Dcbb62f44-7414-4d1a-a2fe-3b6b7b674b1c HTTP 302
https://s.cpx.to/an_fire?app_nexus_uid=8122490717689941876&pid=12768&ref=&hn_ver=11&fid=cbb62f44-7414-4d1a-a2fe-3b6b7b674b1c

Request Chain 132

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3Dcbb62f44-7414-4d1a-a2fe-3b6b7b674b1c HTTP 302
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3Dcbb62f44-7414-4d1a-a2fe-3b6b7b674b1c&cklb=1

Request Chain 134

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=cbb62f44-7414-4d1a-a2fe-3b6b7b674b1c HTTP 302
https://s.cpx.to/ca.png?dsp=dbm&fid=cbb62f44-7414-4d1a-a2fe-3b6b7b674b1c&google_gid=CAESEIDGsd9NMdid_vPLZntMIUM&google_cver=1

Request Chain 135

https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP 302
https://s.cpx.to/sync?dsp_uid=6a31a1c5-025e-4511-97e9-1df2949de075&dsp=TTD

Request Chain 207

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitUIh4SyYQEHt5XJw0cnaCxl8LbeMsDk-TPYzPAC-3yCSiolMO4KXt-g09hPC4vhfFz5rcKxWLPyk6dXql4NWHx29myM0oX14&google_gid=CAESEMy21MXk867ZKMGq9yVi3Hc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WURrVTF3QUFCWHhyU0YxSg&google_push=AQvitUIh4SyYQEHt5XJw0cnaCxl8LbeMsDk-TPYzPAC-3yCSiolMO4KXt-g09hPC4vhfFz5rcKxWLPyk6dXql4NWHx29myM0oX14

Request Chain 208

https://rtb.openx.net/sync/dds?google_gid=CAESEOoKjqNNq0uRO-Zs3GDDjuk&google_cver=1&google_push=AQvitUKf7tGU5c6d1BAU4sk8BAzAzORMO9vyzCUdlKOylA_vWBH9dwUpH0hMqJCHIXUFhw7wgVpWs2mmNIkPj7fL92JHK-ezqGuL HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEOoKjqNNq0uRO-Zs3GDDjuk&google_cver=1&google_push=AQvitUKf7tGU5c6d1BAU4sk8BAzAzORMO9vyzCUdlKOylA_vWBH9dwUpH0hMqJCHIXUFhw7wgVpWs2mmNIkPj7fL92JHK-ezqGuL&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKf7tGU5c6d1BAU4sk8BAzAzORMO9vyzCUdlKOylA_vWBH9dwUpH0hMqJCHIXUFhw7wgVpWs2mmNIkPj7fL92JHK-ezqGuL&google_hm=K0LkP08qxTAvu9RYGU2D8w==

Request Chain 209

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELMPD9fCBiprx99bCGv-1Oc&google_cver=1&google_push=AQvitUKwI2JPnAoKz6oZlzytJITZPZIViS2TyaRwJ1qmdrKNda4mwTNPgVmpwuMzKOKIu1r1D-LTdhvZiTul08ey80K-ZV_7crOm HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELMPD9fCBiprx99bCGv-1Oc&google_cver=1&google_push=AQvitUKwI2JPnAoKz6oZlzytJITZPZIViS2TyaRwJ1qmdrKNda4mwTNPgVmpwuMzKOKIu1r1D-LTdhvZiTul08ey80K-ZV_7crOm&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Iz5wQ-JTQeegMjP1gC5Nhw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKwI2JPnAoKz6oZlzytJITZPZIViS2TyaRwJ1qmdrKNda4mwTNPgVmpwuMzKOKIu1r1D-LTdhvZiTul08ey80K-ZV_7crOm

Request Chain 210

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMIMKLsZVzzs4F3PoixkKTw&google_cver=1&google_push=AQvitUKFQ8NowSA163INK6rzEJwQe7_DmuvDsVOUBOZBdIPpjSBn1mB-G_tsPOTHkgJbtTzrkUswi4EvXljpboNDRKEFfSRJ_XNF HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xNR0dTN0EtMi0yMVA2&google_push=AQvitUKFQ8NowSA163INK6rzEJwQe7_DmuvDsVOUBOZBdIPpjSBn1mB-G_tsPOTHkgJbtTzrkUswi4EvXljpboNDRKEFfSRJ_XNF

Request Chain 211

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKKrFy1tTXzeluHYDeSMGJQ&google_cver=1&google_push=AQvitUKVGMAgUN88jsGiW0FN85CZPawGMU7nbZjXmshnHCIpXkLFnGVqCdFVYQt12nHRaPGELVQMANv66B0Mxr0RDSwicocrx1er HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKKrFy1tTXzeluHYDeSMGJQ&google_cver=1&google_push=AQvitUKVGMAgUN88jsGiW0FN85CZPawGMU7nbZjXmshnHCIpXkLFnGVqCdFVYQt12nHRaPGELVQMANv66B0Mxr0RDSwicocrx1er&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YDkU14TF20JnPgNU9eFaowAABGcAAAAB&google_cver=1&google_push=AQvitUKVGMAgUN88jsGiW0FN85CZPawGMU7nbZjXmshnHCIpXkLFnGVqCdFVYQt12nHRaPGELVQMANv66B0Mxr0RDSwicocrx1er&google_gid=CAESEKKrFy1tTXzeluHYDeSMGJQ

Request Chain 212

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESELYtLc1JEyVb7e4o6C6_3eE&google_cver=1&google_push=AQvitUIjthUpH-VOSwrnvB3bk8xZ3M6m4Ww3GmTbSFyXpLC4N4EIig0DKojWHyjXyPlJvJs-yvDVMRitXVUVBhINhoXor_DEqy5H7g HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUIjthUpH-VOSwrnvB3bk8xZ3M6m4Ww3GmTbSFyXpLC4N4EIig0DKojWHyjXyPlJvJs-yvDVMRitXVUVBhINhoXor_DEqy5H7g&google_hm=

Request Chain 214

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

229 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.clixblue.com/ 34 KB
6 KB 85ms
58ms Document
text/html 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 665eaf684a20b82140a91dcf1266948847730c74948761d042c8118007ab5384

Request headers

:method: GET
:authority: www.clixblue.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d38eda28ac725c4e7c25eef3586933fbf1614353619; expires=Sun, 28-Mar-21 15:33:39 GMT; path=/; domain=.clixblue.com; HttpOnly; SameSite=Lax PHPSESSID=7luhsivb894abuv0maugqba9q2; path=/ sitetraffic=1; expires=Fri, 26-Feb-2021 23:00:00 GMT; Max-Age=26781
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 088092708f00002bad823b4000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uwLdRSGvK513IpaaM7y%2F9Qzd5dBE%2BCkNbgNyEICpkL%2BWbxJ9%2Fk34PNz1jsrW7IeGxJZmKzKRF%2BXq8yL5TL92%2FhTO2tDYPBJQ1SJIKoy9Kj7SvEaDk1BO%2BZYTCT6G"}],"group":"cf-nel"}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 627ab9c74f632bad-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 BLAjGAGfhPq9JWY9ia3R5TBwdb8.js Show response
www.clixblue.com/cdn-cgi/apps/head/ 5 KB
2 KB 39ms
20ms Script
application/javascript 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clixblue.com/cdn-cgi/apps/head/BLAjGAGfhPq9JWY9ia3R5TBwdb8.js
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a12d28439797af1b879aca57b0a66a5b681fdc9d71a4bdda9c935fa4c89bfc5f

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 890995
content-type: application/javascript; charset=utf-8
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: E7261C43A35ED432
x-amz-id-2: btSOle9o12pYDGQh9e9fcUY5wK4g/RzCAgRjs5ShE+sn4SeGrxnfZWiBC97oMwqhDEnx50oES9k=
last-modified: Tue, 28 Apr 2020 12:52:24 GMT
server: cloudflare
etag: W/"49e1581601edb6ac6917d28e5049df58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gSJ6FLZ6X5h5ubHAGBCtPach5fuy0B1TMvbiCpeqdan3L%2FWfjfzBFgiE634MX3S4I260%2BCZgJR41QuyacoipmuVOyXXiwFT0zGeiErU%2BeBp5HC6%2FMQn9minm%2FAOr"}],"group":"cf-nel"}
x-amz-version-id: xOy2T96Epa4_.tw8kmp3gsKWLm6lgnK_
cache-control: public, max-age=31536000
cf-request-id: 088092729600002bad7024d000000001
cf-ray: 627ab9ca8c352bad-FRA

GET
H2 200 css
fonts.googleapis.com/ 9 KB
849 B 26ms
10ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700

Requested by

Host: www.clixblue.com
URL: https://www.clixblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

340fb3e379311ed1ceadf7dd53577a337b47d6b1fc52a003ec959bb46cd004b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 26 Feb 2021 14:11:14 GMT
server: ESF
date: Fri, 26 Feb 2021 15:33:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 Feb 2021 15:33:39 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
671 B 27ms
11ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:400,600,500,700

Requested by

Host: www.clixblue.com
URL: https://www.clixblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

78c060681cf025f33e713bef7e0e5db3e9e137de9c08c2a9c0c891dd0149f2c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 26 Feb 2021 15:33:39 GMT
server: ESF
date: Fri, 26 Feb 2021 15:33:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 Feb 2021 15:33:39 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
646 B 33ms
15ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:300,400,700

Requested by

Host: www.clixblue.com
URL: https://www.clixblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

63dd70bdbc552455f670c0efa69f236f56d671071023a8fd17c36799a88ea98d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 26 Feb 2021 13:50:06 GMT
server: ESF
date: Fri, 26 Feb 2021 15:33:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 Feb 2021 15:33:39 GMT

GET
H2 200 global.css
www.clixblue.com/templates/ModernBlue/css/ 6 KB
1 KB 47ms
30ms Stylesheet
text/css 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clixblue.com/templates/ModernBlue/css/global.css
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 242b127c5ee2aa665608bd4749b74e40e54d66db97fdba5c20998e105614de58

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4793
cf-polished: origSize=6860
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088092729400002bad9f0bd000000001
last-modified: Wed, 29 Jul 2020 16:39:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pudSDxDGkAWZ%2BFV%2BVJILZqf%2FDI%2FVmo6914jl4mRxvqfXrveE7gjfXSJ7i53MwrMEH%2FZX80PechNquIVOl0Q8yabrigPVxq4KOF%2F9hMoQBe85RNp14hKSb2Q6hqh9"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 627ab9ca8c262bad-FRA
cf-bgj: minify

GET
H2 200 site.css
www.clixblue.com/templates/ModernBlue/css/ 49 KB
8 KB 36ms
18ms Stylesheet
text/css 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clixblue.com/templates/ModernBlue/css/site.css
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b600b25b251e390e865717edf2042ece62cda57def37bbd74cac0bd31f6998c9

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4967
cf-polished: origSize=60503
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088092729400002bad9c082000000001
last-modified: Wed, 29 Jul 2020 16:39:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=G4GDbCaUO7Ga69uoDyoWJYxZIsbf%2BiB%2F4cqTVhDJfr6luKoRomwRKk%2BZLcRxMK8mMscDX5UpY42wcVDCvBWboIopqybLIL96sXKBAE1YcNWwzfmnk92ERlKWuVwo"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 627ab9ca8c282bad-FRA
cf-bgj: minify

GET
H2 200 bootstrap.min.css
www.clixblue.com/templates/ModernBlue/styles/ 95 KB
15 KB 40ms
23ms Stylesheet
text/css 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clixblue.com/templates/ModernBlue/styles/bootstrap.min.css
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53db9fed6e708d31342543e4a15ef58dced8a255c6555b4652afd953a75217f6

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Jul 2020 16:39:46 GMT
server: cloudflare
age: 4967
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rlPVv5JPKr5gE%2FEtmumHd2lB3XEHdtMbqDa5j5ziHx4MS0Cm%2F3%2BbnYxp7S0SKVxr0CEWOoSvGrq40%2BjnaYuVGTHlKdmzaCJ4FZ8o7ag7uX5GHcvpSvY5ig4cXKAD"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=2678400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 627ab9ca8c292bad-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088092729400002bad43be6000000001

GET
H2 200 custom.css
www.clixblue.com/templates/ModernBlue/styles/ 35 KB
7 KB 38ms
21ms Stylesheet
text/css 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clixblue.com/templates/ModernBlue/styles/custom.css
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d87a909f26f5c050069e34f9cd11539cf2df8ba8fd41629d62f0ec86866db662

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4967
cf-polished: origSize=44648
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088092729500002bad76987000000001
last-modified: Wed, 29 Jul 2020 16:39:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jaF7Cbb7JdB18IrKtxsh3VYZu6e6xpmLvW9WXfoIZOv7yMkDApXYgsuyOLqFj5t4Rt3V2S6XUOqVQKjwALsKSZ1sIpCPu%2FtEXMsJ5ZF0br2Rr129YSItxThgVFkS"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 627ab9ca8c2a2bad-FRA
cf-bgj: minify

GET
H2 200 font-awesome.css
www.clixblue.com/templates/ModernBlue/styles/css/ 27 KB
6 KB 36ms
19ms Stylesheet
text/css 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clixblue.com/templates/ModernBlue/styles/css/font-awesome.css
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c264c6ad15eea3c8f8917e177acaba6855bc6eae109ac2acf2be2a515e9f50a

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4967
cf-polished: origSize=33233
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088092729500002bad549ab000000001
last-modified: Wed, 29 Jul 2020 16:40:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ovS5Xu0VJoI%2BPtX7Hkd97kPpvZOwTyGwJ8oEaU65WsO8shBux1i02KU1kEUi3QQm6LwRhaqMLn4oqRzLdDD6E%2BWyaYJhSNXwcwmPVS5gcBd9LAFO4OU1eBgM9Wzx"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 627ab9ca8c2b2bad-FRA
cf-bgj: minify

GET
H2 200 js_composer.min.css
www.clixblue.com/templates/ModernBlue/styles/css/ 709 KB
53 KB 52ms
35ms Stylesheet
text/css 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clixblue.com/templates/ModernBlue/styles/css/js_composer.min.css
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f468e6c70b514e6ae689b15abe6581216afafe189d44b31138659112d5307ba

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Jul 2020 16:40:19 GMT
server: cloudflare
age: 4967
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ONpmdQ%2FxvcQFyaCWLEngutdY07o%2BNi2tI0EaAIT5%2B2Zi2lJa%2FI9D0S4eqWiYgK5NLYSLtj5YwCRtjj15JZzWgafyuSKB93A%2B2h7Sr2FgEFhH1FIrWreSs084wyC9"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=2678400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 627ab9ca8c2d2bad-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088092729500002bad6113d000000001

GET
H2 200 font-awesome.min.css
www.clixblue.com/templates/ModernBlue/styles/css/ 27 KB
6 KB 47ms
31ms Stylesheet
text/css 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clixblue.com/templates/ModernBlue/styles/css/font-awesome.min.css
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Jul 2020 16:40:17 GMT
server: cloudflare
age: 4967
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sFGeBCaQBxv83CDYAH9IFpJj7ApZmAotc5vVKvHxFkUhKHmnGlOCaZluA%2FRJYtbPzMNCaplhsTHxMvWH2QapnBZ1r3KN76WJ9SYNkPFFrewNKqFpSb1WbIMhEBFk"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=2678400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 627ab9ca8c2e2bad-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088092729500002bad35182000000001

GET
H2 200 jquery.min.js Show response
www.clixblue.com/js/ 91 KB
32 KB 61ms
44ms Script
application/javascript 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clixblue.com/js/jquery.min.js
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Jul 2020 16:38:32 GMT
server: cloudflare
age: 240
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3lIj7d6BfpFNdWaaTmYyrKFnTIgG0QzNJWii6XaynQ5ytHhdNFE4fG%2BL4nzNGuni3XkMNcColJtMsrRKXYLLPRiiw6uSeVwF94crFku3I8qjuMO9BWb2P212s7Jw"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=2678400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 627ab9ca8c3c2bad-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088092729900002bad5b879000000001

GET
H2 200 jquery-ui-1.9.1.custom.min.js Show response
www.clixblue.com/js/ 232 KB
57 KB 63ms
47ms Script
application/javascript 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clixblue.com/js/jquery-ui-1.9.1.custom.min.js
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87ad2ef6106ceaae60bd93933cb3cc6defe63a5ec00188493227327260d2bf6c

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Jul 2020 16:38:32 GMT
server: cloudflare
age: 2126
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=u3Ge2dyKnYJ8SLpdOIR3fe9LYUGnjMwCfdemN2cogXEq1z2S3fM3H2ezVdUziTsVcFXt3ovckB%2BNRxh3oEFC7vSdjAqP43kcGXz3FzPYnw19WIcn4EPDJLfRtUn%2F"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=2678400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 627ab9ca8c3e2bad-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088092729c00002bad2d346000000001

GET
H2 200 jquery.marquee.js Show response
www.clixblue.com/js/ 4 KB
1 KB 51ms
35ms Script
application/javascript 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clixblue.com/js/jquery.marquee.js
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b2e9dc39c2b0c6d6a620744c82c7a2fae15b26d8a24d05fc6751d0956a9c26

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2126
cf-polished: origSize=7381
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088092729a00002bad7c1f5000000001
last-modified: Wed, 29 Jul 2020 16:38:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9vtLRfEIzwitDVj8RXN6QNPse6TIVyJaO7i24rikoxPbJKRyZCp8N1yHp2YUdMj3ElRkvOq8iqNGOIPSD%2BN5Kj0SQ%2FWIFWcK0k6wDdJ6vxk22ExYt5IS3RQmngot"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 627ab9ca8c402bad-FRA
cf-bgj: minify

GET
H2 200 bootstrap.min.js Show response
www.clixblue.com/templates/ModernBlue/styles/ 20 KB
6 KB 61ms
46ms Script
application/javascript 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clixblue.com/templates/ModernBlue/styles/bootstrap.min.js
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecb27879c669b3efe26467e7cc0168d7955b73aa22ca9fe786cc41458566545a

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Jul 2020 16:39:46 GMT
server: cloudflare
age: 4967
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=d9VM4VN8VvMO1QswVzf5FszUVS6pge3YpjEIRFw2EUBBRZY%2BM7DPrMDWDq1Nep5QRBN2UCznq%2BJDnAlYqFtMY%2Fe2uZMpV6Ok3xR8zjlc5n0L1Z4h8oF2UkK5p3zB"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=2678400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 627ab9ca8c422bad-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088092729a00002bad85857000000001

GET
H2 200 jssor.slider.mini.js Show response
www.clixblue.com/templates/ModernBlue/styles/ 44 KB
18 KB 58ms
43ms Script
application/javascript 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clixblue.com/templates/ModernBlue/styles/jssor.slider.mini.js
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d449da3aa217ba4ce0de5e489bd605abbee0298754508f02cfd0f640c16ef20

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2126
cf-polished: origSize=45269
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088092729a00002bad6496b000000001
last-modified: Wed, 29 Jul 2020 16:39:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Y282Ty0KaufwJ5B7WV3xifjRwsF9GldpZ8cOGRAo451znJV8TGlZj4fl9Xhpv30e86qZcSl8yEAnlnBBN%2BqbEZrt6dxS0zsF4p2CsCr%2BWFjbVR4ZImi9UF9e%2FSta"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 627ab9ca8c432bad-FRA
cf-bgj: minify

GET
H2 200 video.js Show response
www.clixblue.com/templates/ModernBlue/styles/ 1 KB
712 B 47ms
32ms Script
application/javascript 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clixblue.com/templates/ModernBlue/styles/video.js
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0277cefdee5ee453fe047500bb83ca8866df719ace9e7a3069b29ce0d7c8d198

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2126
cf-polished: origSize=1659
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088092729a00002bad7538c000000001
last-modified: Wed, 29 Jul 2020 16:39:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ivoMNXEsDNUA5rJjH66ogqOgNuJDXOmTh7kMygoElqx191oyAUTA9gXI8Fd7Hzf%2BREyp%2FPWXVWdy9LZ3tE1N%2F3v%2B%2B6Md7%2FCWQnRHz5odduG8E818exS%2Fw%2FHGXpNC"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 627ab9ca8c442bad-FRA
cf-bgj: minify

GET
H2 200 me.js Show response
www.clixblue.com/templates/ModernBlue/styles/ 590 B
610 B 58ms
43ms Script
application/javascript 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clixblue.com/templates/ModernBlue/styles/me.js
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 561711664274653f074a4490bcabc67372c494bb96ed36e5f2e51875a476761b

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2126
cf-polished: origSize=1226
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088092729a00002bad5533b000000001
last-modified: Wed, 29 Jul 2020 16:39:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iUWHyc9fvIh4RTwPDLu%2BeBA7aZkybsl0xWQiLqszHdPMi6PbkHpUS%2Flj1832bU8CoRtqnmg9YXr2UibpTJJ1%2B2TUGRoiLOoTd7v39AO7kObGmh0Aucsae79tT8p8"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 627ab9ca8c462bad-FRA
cf-bgj: minify

GET
H2 200 base64.js Show response
www.clixblue.com/js/ 2 KB
1 KB 46ms
31ms Script
application/javascript 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clixblue.com/js/base64.js
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f269af8112dc0471f8aec363272ae1abafeccc2a9d8ea0a81fcbebc64313f3d2

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4793
cf-polished: origSize=3479
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088092729a00002bad299b9000000001
last-modified: Wed, 29 Jul 2020 16:38:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=a08VTLioRGbnXdGNiENunZFsCWa8zZI8sw4tfzQj3HR%2FHXbaLmmUHF2qvZpwhrGfm34NpUXhIyWriIPyJuu2vFfnmvSCilwbAZooaLkEYXAyv5AdelMk2lm5L8nW"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 627ab9ca8c472bad-FRA
cf-bgj: minify

GET
H2 200 cpmbanners.js Show response
www.clixblue.com/js/ 477 B
729 B 47ms
32ms Script
application/javascript 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clixblue.com/js/cpmbanners.js
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0df50694913bc75f62ff83d043d9d1fa4d0b94007c332bf38695ae5b21c22e14

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4793
cf-polished: origSize=554
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088092729b00002bad57b43000000001
last-modified: Fri, 18 Dec 2020 07:21:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ICSmX31nbN0SsoHuViiMz4bARSOd06TM7Wgxt%2FvEBzYBIYwOuM2DPr2a82Lwv9ebhDSDgD8IpztenL9AgP2Lvvl11iMGlKu1NixXL%2B%2FVFXYKygoQRZ4FhDiTt5cc"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 627ab9ca8c492bad-FRA
cf-bgj: minify

GET
H2 200 widget.min.js Show response
arc.io/ 7 KB
3 KB 130ms
42ms Script
application/javascript 34.120.223.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://arc.io/widget.min.js
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.223.230 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 230.223.120.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2fd45e95be258e208c543385ea5bff1efa3419a3252c5a5d13f53bb8a969e74c

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 14:44:13 GMT
content-encoding: br
last-modified: Tue, 26 Jan 2021 22:34:09 GMT
server: nginx
age: 2966
etag: "601098e1-bb0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=864000
alt-svc: clear
content-length: 2992
via: 1.1 google

GET
H2 200 jquery.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.1/ 268 KB
80 KB 23ms
9ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.10.1/jquery.js

Requested by

Host: www.clixblue.com
URL: https://www.clixblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebaded49db62a60060caa2577f2a4ec1ff68726bc40861bc65d977abeb64fa7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 11:25:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14876
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81653
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 11:25:43 GMT

GET
H2 200 style.css
www.clixblue.com/css/ 266 B
464 B 31ms
17ms Stylesheet
text/css 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clixblue.com/css/style.css
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 176752cbd2786893c990bc6422c419c149796c007f2265a338aaeaf00ba9af89

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4793
cf-polished: origSize=823
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088092729500002bad95868000000001
last-modified: Wed, 29 Jul 2020 16:38:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0UIY1UbTRCUMq%2BV6rmZmMNrxc%2BqYoUSwt0A5wAVYwdm%2BnevBARFntfwekaw5ILpw3mUA9vplQcJUW2CrELgyOcLnbVJyh%2FtHbJ%2FaPoanAPrLX5hF3IaSsRjwn8ES"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 627ab9ca8c2f2bad-FRA
cf-bgj: minify

GET
H2 200 asd.js Show response
www.clixblue.com/rs-plugin/js/ 1 KB
837 B 47ms
34ms Script
application/javascript 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clixblue.com/rs-plugin/js/asd.js
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fed506dc17cd00bc138146380ce766aaa7a4a3a95d0db34be10129751e27228

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2126
cf-polished: origSize=1937
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088092729b00002bad5c95a000000001
last-modified: Wed, 29 Jul 2020 16:39:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=m7ibsOsPmEmEl%2Bf%2BxG%2BG29ArX8ZInDCp2cR9PAPMoPDK6LZBzeMxW9vLB712APzdtsQzXwMcaihMHyQqMUwY%2FDsX7VmjvBFELM3RkIhzw%2FiDA8VGefEpG5oqIcN1"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 627ab9ca8c4a2bad-FRA
cf-bgj: minify

GET
H2 200 jquery.themepunch.plugins.min.js Show response
www.clixblue.com/rs-plugin/js/ 83 KB
28 KB 59ms
46ms Script
application/javascript 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clixblue.com/rs-plugin/js/jquery.themepunch.plugins.min.js
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 482183e70b7addaf78266fce08e0afd71ae506da4c16a919ca7758eec4ccb78f

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Jul 2020 16:39:11 GMT
server: cloudflare
age: 2126
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Wq5eRmXpI2SoPlHpGrNY%2F6vLELIizhqAfG9jeFlW6zjkMcEs3%2BgrwRoL%2FMkHFN6dMM%2BBjzxeAeaQHvOF5gQCtSM4l2WrTAnb3kdWg8fY6Pc9ls0gXbqspoMN%2B5Ff"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=2678400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 627ab9ca8c4c2bad-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088092729b00002bad91854000000001

GET
H2 200 jquery.themepunch.revolution.min.js Show response
www.clixblue.com/rs-plugin/js/ 106 KB
24 KB 60ms
47ms Script
application/javascript 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clixblue.com/rs-plugin/js/jquery.themepunch.revolution.min.js
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b31b986895c3db20fa54a0c1962e9565a71aa3d8ae4962fbc60495132f561ca

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Jul 2020 16:39:11 GMT
server: cloudflare
age: 2126
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AnmPQpbyl4bQmZYlpP1PJNKUheVIlwUL%2FvKj3Vdr%2FE4UYBpciZF8iLQoovPrnytzsdvhbA%2BdSEl42Bk80rMcXKEFZjnCJ3rZzAXpkgXSSULiO%2FJUtUp4D3qQ59fw"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=2678400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 627ab9ca8c4d2bad-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088092729b00002bad37b72000000001

GET
H2 200 extralayers.css
www.clixblue.com/css/ 22 KB
3 KB 57ms
44ms Stylesheet
text/css 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clixblue.com/css/extralayers.css
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b3d11cf2921348dda11bd20e3016b6f3f651d1cbabaae29ccdab235fa2c6d59

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4967
cf-polished: origSize=27134
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088092729500002bad83339000000001
last-modified: Wed, 29 Jul 2020 16:38:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mvjLwFXt9DpGrWXN6hnT%2BVWcn09UH1bH0%2ByRC5laNsRw8RasxfsYEmoGwDzF1BL0QIlTe611vN1fGDOF4Qh5SuFZyE8jbYJb1yvQRn7INt0gHC0mq5UczXrqk1TO"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 627ab9ca8c302bad-FRA
cf-bgj: minify

GET
H2 200 settings.css
www.clixblue.com/rs-plugin/css/ 52 KB
7 KB 34ms
22ms Stylesheet
text/css 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clixblue.com/rs-plugin/css/settings.css
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a989c100ff9616aa512b79f82cfc911d351dbdb2e18f82b0bc7cb4d777feafe

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4967
cf-polished: origSize=71952
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088092729500002bad4d1f1000000001
last-modified: Wed, 29 Jul 2020 16:39:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3pnj8PQn8t5N7gwxbG5ySHVrlxpt4AR32FP231%2FwPleridwrDhRVmVFMqZ88sbH%2BlPuKNnTyk56cSk7IDPuPe%2F9u9NCo0vSkh8HgBlrWHb5kPZn8UEqgsaH36dP2"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 627ab9ca8c312bad-FRA
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ 10 KB
858 B 28ms
16ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800

Requested by

Host: www.clixblue.com
URL: https://www.clixblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

51f2f79e64b33d994f8c1f25ad14f451b51597dd36bfb9bed179b5e88315cc75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 26 Feb 2021 13:47:03 GMT
server: ESF
date: Fri, 26 Feb 2021 15:33:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 Feb 2021 15:33:39 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
697 B 29ms
17ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:100,200,300,700,800,900

Requested by

Host: www.clixblue.com
URL: https://www.clixblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

83a96fd8b1e5901d3a7cb40fc0f017fefd2a843fd1969a8eb1eb3bb8d1499195

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 26 Feb 2021 15:33:39 GMT
server: ESF
date: Fri, 26 Feb 2021 15:33:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 Feb 2021 15:33:39 GMT

GET
H2 200 countdown.js Show response
www.clixblue.com/ 56 KB
16 KB 55ms
44ms Script
application/javascript 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clixblue.com/countdown.js
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe973c6e0f447f5e4ec64051dfc5cfc439dac4a98d9bebd87ca149fc7480abf2

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 239
cf-polished: origSize=59641
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088092729b00002bad2a8f2000000001
last-modified: Wed, 29 Jul 2020 16:38:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8OY6NZ8o2rEpm8hg14I4sZKLNYciwaSnfBL7W2Kbf7R7BFABtd%2FNBLKgOXpJGGc%2F1%2BGaHvjQfVnheY5N6x8j2CyMUFDTgP53he4SBUoIhpQqiSHzQuebNuJnPaFp"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 627ab9ca8c4e2bad-FRA
cf-bgj: minify

GET
H2 200 ui.selectmenu.js Show response
www.clixblue.com/js/ 12 KB
3 KB 56ms
45ms Script
application/javascript 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clixblue.com/js/ui.selectmenu.js
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c827ce3bdb2628090e51b95a395fcbce17f466db3a175fc506e40edca9085c90

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2126
cf-polished: origSize=16470
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088092729b00002bad9f0be000000001
last-modified: Wed, 29 Jul 2020 16:38:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LYW%2B5yiuWn5QiWoDHP%2FN4ZWNsErruEXjpLdZYGPHZJH%2Fx75md72xjtJIrVsXOWOLvD0wM2jzEPp308nZkQZaLL9Hr9RqrRch1UTOmOOHd8UUXDy%2F0fvpm0UZ5Pdg"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 627ab9ca8c4f2bad-FRA
cf-bgj: minify

GET
H2 200 ui.selectmenu.css
www.clixblue.com/js/ 2 KB
717 B 46ms
35ms Stylesheet
text/css 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clixblue.com/js/ui.selectmenu.css
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94347ff759dbb0e51a66f3f70b15a4c830dba3692e79d402db5263f6e51ea07b

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4793
cf-polished: origSize=1889
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088092729600002bad94988000000001
last-modified: Wed, 29 Jul 2020 16:38:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NdCUwAtMwHoJz%2BTMQIcbIZTLXl%2B3l0EDi24RH355MxEsOO7ORro%2Ff9J7jEPiE9snUO6OzfgNF%2Bl5eBEd226L%2FJau7%2BInVp3XQ4LrJGoPJW9tmVG8zunQ2Cyo8CHQ"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 627ab9ca8c332bad-FRA
cf-bgj: minify

GET
H2 200 jquery.jgrowl.js Show response
www.clixblue.com/js/ 5 KB
2 KB 44ms
33ms Script
application/javascript 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clixblue.com/js/jquery.jgrowl.js
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 537d4319bb7cae6bc61ef91e4e6f03aee263ce9350777af4b4323b2cfa750ac9

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4793
cf-polished: origSize=12178
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088092729b00002bad9c083000000001
last-modified: Wed, 29 Jul 2020 16:38:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=R7Cd7JxEtyTJjXwIebdva%2BEAO1kW9FeYbSPvsItdFmu73QTlKYdGP%2FESLDJ%2B0Tjtp8HxmL3HBEjweGTgMBr%2Bq36Ynr29m1UQiWWtzpktbqVDzNT%2F1E%2FG9El23iOm"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 627ab9ca8c512bad-FRA
cf-bgj: minify

GET
H2 200 jquery.jgrowl.css
www.clixblue.com/js/ 3 KB
887 B 32ms
21ms Stylesheet
text/css 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clixblue.com/js/jquery.jgrowl.css
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbc42206d7ec4287cee4e72fab9157e878132a9f9af32bfbbd832d350601047d

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4793
cf-polished: origSize=4094
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088092729600002bad3a2d6000000001
last-modified: Wed, 29 Jul 2020 16:38:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TF2%2Bnixth8VY6swgQcSY6xRXI43AvNHnzXRkQTVJou%2BfqssVh4wv3XL45IxNOmd70tCV3g5xQNCy671Q1nBZn1u0YLMXf8cl7CBq1CpojdsMB%2Fu3JhVEGFqfIaXv"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 627ab9ca8c342bad-FRA
cf-bgj: minify

GET
H2 200 ptcevolution.js Show response
www.clixblue.com/js/ 13 KB
3 KB 56ms
45ms Script
application/javascript 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clixblue.com/js/ptcevolution.js
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 293ff410f03cae1dbf747a9e0961473d0d06bc46ebbd70f897c0bd14ea2d2a03

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2126
cf-polished: origSize=14741
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088092729c00002bad549ac000000001
last-modified: Wed, 29 Jul 2020 16:38:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MFbVmfubYC3zkOwQiD9OjPN8xnx2Jk9tzYtDJUL%2BtXptU%2FKYYVuIP3eJUqs4fPQPkl0FPtcBxJOzF5NKf6JvubZFfelxWc18HuTj1C4alRPVTsbHkIydG%2FEyVZJ2"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 627ab9ca8c522bad-FRA
cf-bgj: minify

GET
H2 200 l2blockit.js Show response
www.clixblue.com/js/ 2 KB
743 B 43ms
33ms Script
application/javascript 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clixblue.com/js/l2blockit.js
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7e0fbe04ced2489dc388b0b710374790593e5f45799a138a2d4b68fdeaa0d8d

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2126
cf-polished: origSize=3885
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088092729c00002bad35183000000001
last-modified: Wed, 29 Jul 2020 16:38:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FDEhsyBeNImCF6Ven98fYupdYj3oybyTskQbWXp0ql%2Bxaz4UxzmkOZsnlLyFgEoolTAUls5%2FPx198ErP2pCxHl%2BsdfQzdh%2FZdtQn8u%2FtIgVrvghyPDO8Ia2qikZP"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 627ab9ca8c542bad-FRA
cf-bgj: minify

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 4 KB
2 KB 188ms
72ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=6
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: f68870a1250e67d9eb6ae2bacb1fd3a1267db6a730f8e333fcf898c461588707

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
accept-ranges: bytes
content-length: 2158
expires: Sat, 27 Feb 2021 15:32:55 GMT

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 86 KB
12 KB 188ms
73ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=64216&formatId=6
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 19171a7c144d3ad73f0c87dc0ace9cc3885f13dc286fbc3a2fad124653cd2cc0

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
accept-ranges: bytes
expires: Sat, 27 Feb 2021 15:33:39 GMT

GET
H2 200 us.png
www.clixblue.com/images/forum/flags/ 609 B
935 B 15ms
10ms Image
image/png 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.clixblue.com/images/forum/flags/us.png
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36cce5cae3d2e0045b2b2b6cbffdad7a0aba3e99919cc219bbf0578efdc45585

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4788
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 609
cf-request-id: 088092734e00002bad3fb8c000000001
last-modified: Wed, 29 Jul 2020 16:39:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ygWYWrmRRJK%2F3IUNvEeMeJczFSlauGURrDH0cQr4i7iwCku67csypjn7YidZDS2Nve7F6e%2BdvMAb%2FT4OfDQF3ll8XCBoYjOvEfx9hWAxAIZ0SnhKTvctrKglef62"}],"group":"cf-nel"}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 627ab9cbbdf32bad-FRA

GET
H2 200 es.png
www.clixblue.com/images/forum/flags/ 469 B
778 B 20ms
15ms Image
image/png 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.clixblue.com/images/forum/flags/es.png
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9aa6fcf5e814e25b7462ed594643e25979cf9c04f3a68197b5755b476ac38a7

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4787
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 469
cf-request-id: 088092734f00002bad43bf1000000001
last-modified: Wed, 29 Jul 2020 16:39:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IQ40b94iW9NYv8lF7qDz7npZCdEWe53obY463PLD8%2BjvifxzBgeruiG3pUMXBPGpXas20ZucOL8kfX1Q9e0Fqakpgvh%2BWl82cQpImlOnYHaPK360EgjxDh%2FWf8UP"}],"group":"cf-nel"}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 627ab9cbbdf62bad-FRA

GET
H2 200 dummy.png
www.clixblue.com/images/ 191 B
685 B 18ms
14ms Image
image/png 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.clixblue.com/images/dummy.png
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 686267646d6d8cf314762bcbe3321302dcc2a158d53471bdac1f7e141cdff5d0

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4787
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 191
cf-request-id: 088092734f00002bada42c1000000001
last-modified: Wed, 29 Jul 2020 16:38:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tamMc8nHQ6sbpJXixzZiIdAGYW%2BA4DO9hQiB%2Bpy3SBU1WA0W6mxnDkFl%2FCDuNi3567A6WC25ptGpvEsVvogrUmT4qAQnOVWXiDnHO%2FvvRQOP%2BKNrSWP2kGrvcUVQ"}],"group":"cf-nel"}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 627ab9cbbdf72bad-FRA

GET
H2 200 7.gif
www.clixblue.com/images/proofs/ 1 KB
1 KB 17ms
13ms Image
image/gif 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.clixblue.com/images/proofs/7.gif
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f46a61d635ea373f7952ab6436868dbd41e01c748283a465c4294585432e1956

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4787
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1069
cf-request-id: 088092734f00002bad83344000000001
last-modified: Wed, 29 Jul 2020 16:39:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rLlHFRhCyLmFzxHY0KIyelFn7zeu%2FSX46IjYfe7GAv%2FeUCo5FtPS5z9u4uZWKp2oLypWHZNl81lupcNRylPRD5TyPtREPU%2BaCG%2BWPOIKNhiVnvpSiD0zG81UlMxw"}],"group":"cf-nel"}
content-type: image/gif
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 627ab9cbbdf92bad-FRA

GET
H2 200 23.gif
www.clixblue.com/images/proofs/ 1 KB
1 KB 19ms
12ms Image
image/gif 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.clixblue.com/images/proofs/23.gif
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6f7dca53f16a9ad837c1c29375ffcb7ce73637405fe41359097de0084719472

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4787
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1178
cf-request-id: 088092735000002bad4d1fc000000001
last-modified: Wed, 29 Jul 2020 16:39:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RRIW4F%2FtmQZ0b2GhHuTD5vmtGDRxDduC6hbvHkWp%2BO6lK6RM%2FI8cz4SWwifCh8HVFfglryT06%2B8v6NnGvLhcrxpjwYUcLcBqi24QQLWX0iKCxxmOp4MHjHwqLmT4"}],"group":"cf-nel"}
content-type: image/gif
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 627ab9cbbdfb2bad-FRA

GET
H2 200 20.gif
www.clixblue.com/images/proofs/ 680 B
978 B 25ms
16ms Image
image/gif 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.clixblue.com/images/proofs/20.gif
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b099aa71f1d5493e78d0f2320334d3f4de0b0c5f9feae339d14b649e500ce6f3

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1315
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 680
cf-request-id: 088092735900002bad2f8de000000001
last-modified: Wed, 29 Jul 2020 16:39:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AVNgCPPADu4ARvCJ68peYDFSJgu%2FBtav%2F%2Fa6QbT%2B4qx9q52khYobn1DtIHlac8rCHECLYHlPePhcC%2FhdPQ%2BM84HwdFBQ%2FROV1eZVDXcsrgC0ht9AK3VwhOGQV%2FNQ"}],"group":"cf-nel"}
content-type: image/gif
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 627ab9cbce0f2bad-FRA

GET
H2 200 21.gif
www.clixblue.com/images/proofs/ 1 KB
2 KB 27ms
18ms Image
image/gif 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.clixblue.com/images/proofs/21.gif
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53b35f5919f1737e543baf1e96739f4f6ffae5c7205c27e5dd22ecbbc92be2cd

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1315
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1302
cf-request-id: 088092735900002bad75396000000001
last-modified: Wed, 29 Jul 2020 16:39:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dJT4x0DjkQ3eXa9DWKrHThtumfNfjF3Y8R2YD4FA5oQPeALe%2B4DZlYATKQ7O%2FNUcDKoGim6eWER9re5B0e5XX6B0PPxqcoY41%2B42lU96pXOlf8511gSlS%2Fh4j02J"}],"group":"cf-nel"}
content-type: image/gif
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 627ab9cbce112bad-FRA

GET
H2 200 61.gif
www.clixblue.com/images/proofs/ 1 KB
1 KB 32ms
24ms Image
image/gif 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.clixblue.com/images/proofs/61.gif
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 610701d911f4672f005a89bc21d6298d4e46ea7508f3a46925285e7498369e93

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4787
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1122
cf-request-id: 088092735900002bad5b886000000001
last-modified: Tue, 22 Dec 2020 13:58:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FXinGpsm%2Bmo0RSgM3K0R1o54yl7JdRzse93g2B%2BNTyHooz8PqtG%2BpCLNmWlAV4NJwxRem6EDdQu%2FlaB2PqS%2F76bKJs55qQQV2Q7LVs%2Ba2TjhWmqFmIWM17D3Fg%2FB"}],"group":"cf-nel"}
content-type: image/gif
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 627ab9cbce132bad-FRA

GET
H2 200 p7.jpg
www.clixblue.com/templates/ModernBlue/styles/images/ 16 KB
17 KB 25ms
17ms Image
image/jpeg 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.clixblue.com/templates/ModernBlue/styles/images/p7.jpg
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96e5204bf2c602e1db41e85f66861c56272201c5c2b775813060d787c47d7d8c

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5301
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16728
cf-request-id: 088092735900002bad4faf5000000001
last-modified: Wed, 29 Jul 2020 16:40:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dPOvYQcSL38xGqtHlOivDUVIjq6ZA%2B7uWpcHDXEZ6Aa8vBY%2BfSzwt4gX1NXvZyuM4SOEQc%2BirNPMfFO6egHWzXwpstRsXka1cziuH5KP7lM2P8vBC5HAWRLGmYHU"}],"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 627ab9cbce142bad-FRA

GET
H2 200 p4.jpg
www.clixblue.com/templates/ModernBlue/styles/images/ 10 KB
11 KB 20ms
12ms Image
image/jpeg 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.clixblue.com/templates/ModernBlue/styles/images/p4.jpg
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bd411b5f2b1b0ef6138cdb0b0055f4bc892ce06372cdf2586a285a0cf898a33

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5300
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10563
cf-request-id: 088092735a00002bad57b4d000000001
last-modified: Wed, 29 Jul 2020 16:40:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rmSvGcsE7TJul6adJWWyhqwYwXW%2FMmxToQhRJQjYBUJ26A%2BBt71zZ0D6D%2Fp4lCKgusF6f%2Bb0gveIQbaB4crUSMyv%2FsXA5njas2ZfhaFnjJXAihQAIPNEnET0kQwg"}],"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 627ab9cbce152bad-FRA

GET
H2 200 p5.jpg
www.clixblue.com/templates/ModernBlue/styles/images/ 10 KB
11 KB 31ms
23ms Image
image/jpeg 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.clixblue.com/templates/ModernBlue/styles/images/p5.jpg
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 953f033af58faa7c9aa0b68d596b0bebb6869bf1863a068bbe004cd8b24a41f4

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5300
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10652
cf-request-id: 088092735a00002bad37b7c000000001
last-modified: Wed, 29 Jul 2020 16:40:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZLWqPa%2Fx2QGCrW9yjXl8QEz%2FMxliIC%2F%2BEXkzcIEwjJmn3x%2FHjsXw0jY%2B%2FLCNYaVT1HQNzmscfpyw4CmMpgehI03a0hnTqIzwSsqzvcr3Enrvyxl%2BrU22Gul0uRFM"}],"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 627ab9cbce182bad-FRA

GET
H2 200 p6.jpg
www.clixblue.com/templates/ModernBlue/styles/images/ 17 KB
18 KB 26ms
19ms Image
image/jpeg 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.clixblue.com/templates/ModernBlue/styles/images/p6.jpg
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ff3eb554f084033f390b2ee16d2d6e221404d6e40cf93fa97eebcd0dd9357ec

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5300
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17911
cf-request-id: 088092735a00002bad2a8fb000000001
last-modified: Wed, 29 Jul 2020 16:40:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pkE7vL5wu5T8D%2BI0AM%2BSaMYw1rOtQlzX8D9DFjhq1%2F9EMR15rZu3T%2FOozxivQGTKGTpyuTQB%2BWvtHK5pLY8gBgif7dMXLun0ZI1jIA4dsOikEz%2Bth4WtRdGGe%2Blo"}],"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 627ab9cbce192bad-FRA

GET
H2 200 V6jD2ooaIniAVnIUyLAwzmem7DE.js Show response
www.clixblue.com/cdn-cgi/apps/body/ 5 KB
2 KB 30ms
22ms Script
application/javascript 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clixblue.com/cdn-cgi/apps/body/V6jD2ooaIniAVnIUyLAwzmem7DE.js
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/cdn-cgi/apps/head/BLAjGAGfhPq9JWY9ia3R5TBwdb8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7c9c9da63766f3a9d88a2d52656855a6e961a17501a38ab460cffaac5741d97

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1655716
content-type: application/javascript; charset=utf-8
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 9353C7CDAF46E640
x-amz-id-2: 2CzZ26U4p42Fjz2Ch6u3NZrhIubEM4CRNVvpPKdYJ7kjRynIc2dgFkOwjykTuhkSJJlQ+jq9LX8=
last-modified: Tue, 28 Apr 2020 12:52:23 GMT
server: cloudflare
etag: W/"ac6e20fda7c7d7eb9b332210dee1ad24"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=g96oDkh3Xr2cO2vivTtr0%2F0Cc7Gi3NfSrIPfK3KrxnHJ%2BTRxfyfOTWPp%2F8V4VDTEI%2BHydlXJpGlLKpjAQAOfQAGCb9azvZmNDMbCBoR8RgB4eouwwjT1sqtJ51u4"}],"group":"cf-nel"}
x-amz-version-id: gAZ5i1BOwMroYj_lXakTQ.kmIcmgi_M4
cache-control: public, max-age=31536000
cf-request-id: 088092735a00002bad9c090000000001
cf-ray: 627ab9cbce1a2bad-FRA

GET
H2 200 uicons.css
www.clixblue.com/templates/ModernBlue/css/ 67 KB
8 KB 24ms
10ms Stylesheet
text/css 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clixblue.com/templates/ModernBlue/css/uicons.css
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/templates/ModernBlue/css/global.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f12d597028016c66ca4c7e7db40b2733243a9bc34254f677596120477fcd1a5

Request headers

Referer: https://www.clixblue.com/templates/ModernBlue/css/global.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4967
cf-polished: origSize=71765
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08809272db00002bad5c95e000000001
last-modified: Wed, 29 Jul 2020 16:39:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JrLcdrSTRGf1L7ah9ZducVlna7epDotzkSTheH8CXZFJAIwkVH1uSQOP4ctqkzNqXqQGqnUJxINicemYB5u%2Bk2ks2DPzBfR9G5vdfsdwrc3xAYBSkHPXAp99jHP1"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 627ab9cafd052bad-FRA
cf-bgj: minify

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 14ms
0ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.clixblue.com
URL: https://www.clixblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 5463
date: Fri, 26 Feb 2021 14:02:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Fri, 26 Feb 2021 16:02:36 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 52ms
5ms Script
text/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.clixblue.com
URL: https://www.clixblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 6733
date: Fri, 26 Feb 2021 13:41:26 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Fri, 26 Feb 2021 15:41:26 GMT

GET
H2 200 new_year_background.png
www.clixblue.com/templates/ModernBlue/styles/images/ 4 KB
4 KB 32ms
16ms Image
image/png 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.clixblue.com/templates/ModernBlue/styles/images/new_year_background.png
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/templates/ModernBlue/styles/custom.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d592107240acd0d1d5f53c4b2e9955be3317a1c621659ee79af0b8ca51bfbfb

Request headers

Referer: https://www.clixblue.com/templates/ModernBlue/styles/custom.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3723
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3866
cf-request-id: 088092735f00002bad85864000000001
last-modified: Wed, 29 Jul 2020 16:40:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3VIgC6TAv9CLziMreAxVVjH8tHTswqtPFOQS%2BXSvJTkK2bzeMmDzax7U6EjP76S5jRPHAg2056Si8hUpeJmcGnX8tyeJGuSaQKvMAxrcAkMUdOU62WfeHgOPaQ9F"}],"group":"cf-nel"}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 627ab9cbce262bad-FRA

GET
H/1.1 200
OK / Show response
g.themoneytizer.net/g/ 26 B
271 B 207ms
47ms Script
text/html 145.239.193.145
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://g.themoneytizer.net/g/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: f2af6a03599a30f21216920acbab05ce2903a5f62b4a6b4f9b0a2b234004e53e

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 15:33:39 GMT
Server: nginx
X-IPLB-Request-ID: C2636963:B57E_91EFC191:01BB_603914D3_85C9A99:16918
X-IPLB-Instance: 29894
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

smart.js Show response
ced-ns.sascdn.com/diff/js/
Redirect Chain

https://ww1097.smartadserver.com/config.js?nwid=1097
https://ced-ns.sascdn.com/diff/js/smart.js

32 KB
10 KB

50ms
7ms

Script
application/x-javascript

2a02:26f0:6c00::210:ba0b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/js/smart.js
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 6e8c871975be29bb26543d00cd18fa047e4b4375c0f5618d29be2d6d3be67386

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 15:33:40 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Nov 2020 10:03:04 GMT
Server: AkamaiNetStorage
ETag: "adbdf97f38751662c160738a7d673f87:1605002589.581548"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9998

Redirect headers

location: https://ced-ns.sascdn.com/diff/js/smart.js
date: Fri, 26 Feb 2021 15:33:39 GMT
content-length: 0

GET
H2 200 moneybile.js Show response
ads.themoneytizer.com/ 38 KB
16 KB 87ms
52ms Script
text/javascript 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybile.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=64216&formatId=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
content-encoding: gzip
last-modified: Mon, 13 Jul 2020 16:40:37 GMT
server: nginx
etag: "7ff1-981e-5aa5559ba8e59"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 16267
expires: Sat, 27 Feb 2021 15:33:15 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 49 B
371 B 90ms
24ms Script
text/javascript 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=64216&formatId=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Fri, 26 Feb 2021 15:33:39 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 1709
content-length: 165
expires: 60

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ 4 KB
4 KB 232ms
54ms Script
application/javascript 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=64216&formatId=6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 32adcd20942cc95376c96c686e5f4c65dba39275545f6c9c7b63b72a374d9cc0

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 15:33:40 GMT
Last-Modified: Thu, 07 Jan 2021 17:29:20 GMT
Server: nginx/1.14.2
X-IPLB-Request-ID: C2636963:E4D6_91EFC0A6:01BB_603914D3_17A80B5B:CE3D
ETag: "5ff744f0-e7c"
X-IPLB-Instance: 30196
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 3708

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 25C6 2 KB
818 B 155ms
45ms Document
text/html 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1614353619797

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=64216&formatId=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2a897e3f18e6769&cb=1614353619797
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.clixblue.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.clixblue.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H2 200 / Show response
spl.zeotap.com/ Frame 148A 2 KB
1 KB 60ms
27ms Document
text/html 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=64216&formatId=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65f37cb1b7df7953e988cd3e2e52c94b226e56de1d915f967362ad1df4c28da4

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /?env=mWeb&uc=2&zdid=1258&eventType=map
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.clixblue.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.clixblue.com/

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
content-type: text/html
set-cookie: __cfduid=d22295133395f732b7ed15be40ab869ca1614353619; expires=Sun, 28-Mar-21 15:33:39 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=867363ee-dbf0-4e55-6d27-b33975e4e6e2; Path=/; Domain=.zeotap.com; Max-Age=63072000; SameSite=None; Secure zsc=%29%15%16%17t%05g%825%96%F0%B4%93%96%BD%CC%02%E8%C2%90%16%83%BF%2CA%2A%40%CDQ%E4%7FiOE%280%D5%D5_%17d%98lT%18%E6%7B%8D%5B%3A%93%ADVV%02%91%16%D6%5B%C6%A3%05%AB%E2%AB%09%0C%CEaq%80%EC%9FI%F1%02l%EC%E4%F7%11%CE%8CF%8B%8E%C0%EDI%09%8AHQA%F8%EC%BC_%FB%A5%1C%AF%E3Z%0A; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://www.clixblue.com
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 088092738300004a80a2325000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 627ab9cc0ee44a80-FRA
content-encoding: br

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 39ms
9ms Script
application/javascript 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=64216&formatId=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2cd6cff81ed30607212a76cf14df956553f17dc9f8024a720e7acb0dd2ec1b78

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
content-encoding: gzip
etag: "/D8P7qgiWm3WmfjhiS2eTg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 05 Mar 2021 15:33:39 GMT

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/12768/ 2 KB
2 KB 303ms
73ms Script
application/javascript 54.72.125.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12768/px.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=64216&formatId=6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.125.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-125-151.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 9e4207629a5cc6891f1e578f88172fe9d555152d5b43d9d7f5bf4b51c86e0a8f

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 15:33:40 GMT
Cache-Control: max-age=2419200, public
Connection: keep-alive
Content-Length: 1631
Content-Type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 25 KB
26 KB 228ms
68ms Script
text/javascript 65.9.23.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=64216&formatId=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.23.121 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 00:38:24 GMT
Via: 1.1 7e8e21f463faf38ee9cfcd5ec5e09b6d.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Age: 53717
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
X-Amz-Cf-Pop: ZAG50-C1
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: 1hBdI5jdGHZuYQr0GGO_3VaEmwT6hSduwgscpqY9PI5YdvzJXmpfyg==

GET
H/1.1 200
OK 186329-261067657875242.js Show response
js-sec.indexww.com/ht/p/ 37 KB
13 KB 609ms
489ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=64216&formatId=6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 4d2f2b768dbcce1931e736b7c88e12621167d50c36151d8bb6a697dc8aea30b7

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 15:33:40 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 Feb 2021 15:30:32 GMT
Server: Apache
ETag: "905ac6-925a-5bc3ef2e99e64"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 12743
Expires: Fri, 26 Feb 2021 16:33:40 GMT

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid4_18AA/build_noconsent/dist/ 486 KB
152 KB 76ms
57ms Script
text/javascript 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid4_18AA/build_noconsent/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=64216&formatId=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: dc60902a094d2f5a5ec0396f6e2ed26ba791f0e4f9b2365c3b35b032f1baceb7

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
content-encoding: gzip
last-modified: Mon, 11 Jan 2021 17:19:33 GMT
server: nginx
etag: "20564-7981d-5b8a31c12c178"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 155650
expires: Sat, 27 Feb 2021 15:32:42 GMT

GET
H2 200 header.jpg
www.clixblue.com/templates/ModernBlue/styles/images/ 23 KB
23 KB 32ms
18ms Image
image/jpeg 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.clixblue.com/templates/ModernBlue/styles/images/header.jpg
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/templates/ModernBlue/styles/custom.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e56b638e5dcbb312fe7117b1c5efe48260789c9d32c280a9cbfd748782990032

Request headers

Referer: https://www.clixblue.com/templates/ModernBlue/styles/custom.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5302
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23473
cf-request-id: 088092738000002bad6532f000000001
last-modified: Wed, 29 Jul 2020 16:40:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zX8fRcxzu1D9xaZnGsPJ3h7z5KILhmi7GWbJFxpmLc1Lmhc%2Bq3s5NfVdHrFYWXPo%2Bt2pin8DLxjZjBOHOCwgSaDLg4RE2LgyKr0v%2BlctRiGtMwYSpy6gaRUNn%2Bap"}],"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 627ab9cbfe722bad-FRA

GET
H2 200 logo.png
www.clixblue.com/templates/ModernBlue/styles/images/ 5 KB
5 KB 25ms
11ms Image
image/png 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.clixblue.com/templates/ModernBlue/styles/images/logo.png
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/templates/ModernBlue/styles/custom.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3145327f0b460746d72e18bb7bd5597166ad5ce04806677d87991c42a660a9d1

Request headers

Referer: https://www.clixblue.com/templates/ModernBlue/styles/custom.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5301
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4876
cf-request-id: 088092738000002bad2a8fd000000001
last-modified: Wed, 29 Jul 2020 16:40:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sgvB2V0%2BqVNSOkuyPA5OpLOhqbpcZ9hiVmjNvSVy%2BEmKvde0CVZEZR7gEoyjzZY11ntT8hacUTlSaQjZmNGs7p2c%2B4gxVW37DtJvlprlmish5NTpXBh3G0nUaei0"}],"group":"cf-nel"}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 627ab9cbfe732bad-FRA

GET
H2 200 16.gif
www.clixblue.com/templates/ModernBlue/styles/images/ 482 B
839 B 19ms
10ms Image
image/gif 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.clixblue.com/templates/ModernBlue/styles/images/16.gif
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91d519185e6a52ff0f784e385eb0897caa3a42904389d8303c26ef73bde80d55

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4768
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 482
cf-request-id: 088092738000002bad3518f000000001
last-modified: Wed, 29 Jul 2020 16:40:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OmeMK5fjpj0flSkUsiA2f%2FYJy91lZ07w0JOaFdiw6LCnOgase9zjMo%2FsBUcBYISlNaSt6Hq0TXcsX3pXUTheSjDBDONkJRJg1bJhaTS8hvtl9HX1uB%2BxC0uzl%2FYz"}],"group":"cf-nel"}
content-type: image/gif
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 627ab9cbfe742bad-FRA

GET
H2 200 benef2.jpg
www.clixblue.com/templates/ModernBlue/styles/images/ 9 KB
10 KB 28ms
21ms Image
image/jpeg 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.clixblue.com/templates/ModernBlue/styles/images/benef2.jpg
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/templates/ModernBlue/styles/custom.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83857907ceb082c53d46f4fecc4025aee153670a53c9aa13ec2ba9a0fde4d9aa

Request headers

Referer: https://www.clixblue.com/templates/ModernBlue/styles/custom.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5300
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9527
cf-request-id: 088092738100002bad95877000000001
last-modified: Wed, 29 Jul 2020 16:40:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7HOo9BbkNDebZm6AlTiE%2FTHCdBGy9Ow4xYfQPbw%2F0isH%2FYeo5EBuCwLFnsS4x2bW8tL2nyuuWDHVAl2QzkopzcsKFmdQMYIF%2Fakae4rwzy5smS3fznpsyr%2BGjQZR"}],"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 627ab9cc0e792bad-FRA

GET
H2 200 12.jpg
www.clixblue.com/templates/ModernBlue/styles/images/ 55 KB
55 KB 30ms
23ms Image
image/jpeg 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.clixblue.com/templates/ModernBlue/styles/images/12.jpg
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7716ed439bbbb45cbeb019882c1fa075fe6ac74736a945fd74df04045218dd01

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5300
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56161
cf-request-id: 088092738100002bad4a81e000000001
last-modified: Wed, 29 Jul 2020 16:40:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mWTHyQWW2xgA8B1KNCF3%2FEVdx73uYqc2zrq9FZKn50DznWqDSagHYeuFNPPTUfycwbjhfIwORAbkX2F2PtLp4EgxkgZkHT5xvpPMyr1dD7JPl%2BejNXo9BwPQAZpa"}],"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 627ab9cc0e7b2bad-FRA

GET
H2 200 security-on.png
www.clixblue.com/templates/ModernBlue/styles/images/ 1 KB
1 KB 26ms
19ms Image
image/png 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.clixblue.com/templates/ModernBlue/styles/images/security-on.png
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/templates/ModernBlue/styles/custom.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42e60cba6960e8c55092b4912d9e267eca4bd30b70ac349194e831c34fd3399d

Request headers

Referer: https://www.clixblue.com/templates/ModernBlue/styles/custom.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4786
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1143
cf-request-id: 088092738100002bad7c202000000001
last-modified: Wed, 29 Jul 2020 16:40:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1tnE14%2FAmJath5orKn81On9OX4I47zJ2knNLvfiGegttX0ERUppEgDyRfEghS%2BClf%2FKTacrYSYRARo2dGHdmiwu3OEqz7HOYeE8zA14PEXg2RCme6j1Nf54kguMl"}],"group":"cf-nel"}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 627ab9cc0e7d2bad-FRA

GET
H2 200 13.jpg
www.clixblue.com/templates/ModernBlue/styles/images/ 54 KB
55 KB 28ms
22ms Image
image/jpeg 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.clixblue.com/templates/ModernBlue/styles/images/13.jpg
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/templates/ModernBlue/styles/custom.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 980a6191d20fad131d164f044583597ce9ca7a9133855f5f0eb1d66404ee08b2

Request headers

Referer: https://www.clixblue.com/templates/ModernBlue/styles/custom.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5299
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55784
cf-request-id: 088092738400002bada42c5000000001
last-modified: Wed, 29 Jul 2020 16:40:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=v98yjUBL7aMMME08GWc%2B8MfE%2FZrZG5YZePWJvhezrO%2BFUCLXOtZ3SgZ8mIk84RGZKaF52ipxZ%2BVwR%2BV31DFw1KMF2hLKjkuHhLc4qvZzgV2Mehad9gwQp%2FpgkFrB"}],"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 627ab9cc0e7e2bad-FRA

GET
H2 200 14.jpg
www.clixblue.com/templates/ModernBlue/styles/images/ 35 KB
35 KB 26ms
19ms Image
image/jpeg 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.clixblue.com/templates/ModernBlue/styles/images/14.jpg
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d679faa56ffbdcd66a0f0afaeb0503e64221b37cdb13f4f044104441d2aea7fe

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5299
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35456
cf-request-id: 088092738200002bad3fb91000000001
last-modified: Wed, 29 Jul 2020 16:40:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Cw4V0%2FmL1lNiIJyAmUGJ0%2Bc7tKooKJeM%2BAfOKzWomd16M1zgWpDIZ28VW7mXiLlDhRxoTHwtbVae6UsROwhbnkwFc7sWBCGGVdX%2FFTR32vaSqFNOeJDCVWmAXO2c"}],"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 627ab9cc0e7f2bad-FRA

GET
H2 404 loading.gif
www.clixblue.com/img/ 388 B
388 B 54ms
48ms Image
text/html 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.clixblue.com/img/loading.gif
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff716b57d4cc851eeb06073172057cbaf79f88d35c48188f57ec7298b43d1044

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=spqVzjbnByYO3Ef6hiQB4UKNRuMMlOvWRs4JTF7rD8L7vc33%2FHbkKSZpeAC%2Fqrx%2B60SaBUYlVu0lo4Aw3B7wAn0DwEtFRJZUrTDg4EMBXS3LvjbzIXeAK0AYTObs"}],"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=2678400
cf-ray: 627ab9cc0e812bad-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088092738200002bad85866000000001

GET
H2 200 fontawesome-webfont.woff2
www.clixblue.com/templates/ModernBlue/styles/fonts/ 65 KB
65 KB 17ms
11ms Font
font/woff2 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clixblue.com/templates/ModernBlue/styles/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/templates/ModernBlue/styles/css/font-awesome.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Origin: https://www.clixblue.com
Referer: https://www.clixblue.com/templates/ModernBlue/styles/css/font-awesome.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:39 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4768
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 66624
cf-request-id: 088092737f00002bad57b4f000000001
last-modified: Wed, 29 Jul 2020 16:40:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hOOW4L57eAxSCnOboRAfIjKnIUz30El3jvvWGkYBEE8quW9wvQB4xiwhMp2xgTDORvdmodLAf8fvCdOGKJlePLfcpVzG3mkAvXJZxK96EZP4LWLip7PVC%2BGRftnH"}],"group":"cf-nel"}
content-type: font/woff2
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 627ab9cbfe702bad-FRA

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 13 KB
13 KB 11ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.clixblue.com
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 19:41:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:14 GMT
server: sffe
age: 71533
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13324
x-xss-protection: 0
expires: Fri, 25 Feb 2022 19:41:26 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 12ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.clixblue.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:46:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 240404
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Wed, 23 Feb 2022 20:46:55 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.gstatic.com/s/raleway/v19/ 41 KB
42 KB 12ms
9ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v19/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:400,600,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb0c201f0ca67e745869967d48db2e90bf01353d1f305959d487291cab6d0755

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.clixblue.com
Referer: https://fonts.googleapis.com/css?family=Raleway:400,600,500,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 11:14:18 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:51:07 GMT
server: sffe
age: 188361
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42444
x-xss-protection: 0
expires: Thu, 24 Feb 2022 11:14:18 GMT

GET
H2 200 showBanners.php Show response
www.clixblue.com/ 1 KB
928 B 170ms
170ms XHR
text/html 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clixblue.com/showBanners.php?type=300x250&view=home&tpl=home.tpl&_=1614353619763
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.1/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 752ed51374eb3ac2d50fe99043139bd7168f49c520a364b13702675759b924c7

Request headers

Accept: */*
Referer: https://www.clixblue.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Feb 2021 15:33:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5TfQYX0FiSuFggb9kIlwJEBJzCn95x768bw8%2BVEar2isRmEO6WObdzp658ZJGZHn7ugGvYqQvNaLUoPKRkhwZHc8ry15gIjisK5labypjt4umCQJ8CQ2MOxFOz1S"}],"group":"cf-nel"}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 627ab9cda9042bad-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088092748700002bad630df000000001
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 showBanners.php Show response
www.clixblue.com/ 2 KB
1 KB 143ms
142ms XHR
text/html 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clixblue.com/showBanners.php?type=300x250&view=home&tpl=home.tpl&_=1614353619764
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.1/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9126c3e6de7a464a8ab270ba91ed042d832650ed600ce367e260c435cf3b6d3

Request headers

Accept: */*
Referer: https://www.clixblue.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Feb 2021 15:33:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XlDo1W7FT9ZOFtVP3lg1kQs15dW%2BzjiSIWtCUP4wF9MY6eTWaiVVhREPzrrJYgskXDghuSPyu%2FgCtcWlOp5MdhUkXWr4VrUKFZpbAm19nhP62Z0sseOhmiIh9Tn1"}],"group":"cf-nel"}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 627ab9cda9052bad-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088092748700002bad3d151000000001
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 showBanners.php Show response
www.clixblue.com/ 1 KB
1 KB 50ms
50ms XHR
text/html 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clixblue.com/showBanners.php?type=300x250&view=home&tpl=home.tpl&_=1614353619765
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.1/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e38f5e8da0e0a07af750f7881ca38965e49dcb867385bc5dcb89d7822916fc51

Request headers

Accept: */*
Referer: https://www.clixblue.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Feb 2021 15:33:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QL%2FcbawBXfgoMrwuajUA3Uaq%2BFAttSiOkwTHUVOlfFJi4LePptxOGJQgt0LW%2FBI%2BlylrKqaGYFnHwliufqsgXwXh9zIjOl33PzjEPROZ6FuYlAJ1v3UWzPy6sYXR"}],"group":"cf-nel"}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 627ab9cda9062bad-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088092748700002bad6115b000000001
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 showBanners.php Show response
www.clixblue.com/ 1 KB
1 KB 56ms
56ms XHR
text/html 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clixblue.com/showBanners.php?type=728x90&view=home&tpl=home.tpl&_=1614353619766
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.1/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d7dfe5b73f58693ebcc4bb6d024aa9a386a01e67de7f3fe9063ce919c4dc45f

Request headers

Accept: */*
Referer: https://www.clixblue.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Feb 2021 15:33:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dtYNMkiMiWvByq%2BQXghHr%2B%2FzybFy2d9HOQF1NEn36fu5EhfX0xq%2B38gg8VZ6ROIiOFqVAuLNAKVeDrHv4CiDas7kcUGwA%2BZynAdhpNz6dk3zfJtayNZQTKUObyKk"}],"group":"cf-nel"}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 627ab9cda9072bad-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088092748700002bad753aa000000001
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 showBanners.php Show response
www.clixblue.com/ 1 KB
953 B 71ms
71ms XHR
text/html 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clixblue.com/showBanners.php?type=300x250&view=home&tpl=footer.tpl&_=1614353619767
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.1/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9bcbee0b28877129abee0922dfff48f756f17d66dacba6de48f42e3506f0345

Request headers

Accept: */*
Referer: https://www.clixblue.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Feb 2021 15:33:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0eTW6vjEx7KLxAjPtiX%2FCtyJj5u9q32rlFN76YQwDet8eE3%2FqkoyBqH%2FSefwz6XNkAo1WOndDSJfKje%2FQsauR4jPwE%2BLw1JXmfvO52pP3Qoq0ci0Qg8jwCOdHP6w"}],"group":"cf-nel"}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 627ab9cda9082bad-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088092748700002bad6b82d000000001
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 showBanners.php Show response
www.clixblue.com/ 1 KB
987 B 167ms
166ms XHR
text/html 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clixblue.com/showBanners.php?type=300x250&view=home&tpl=footer.tpl&_=1614353619768
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.1/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dba5990e090a0ad9eab82503a1305d6b09493723fb5d3dbe12960f370c703f36

Request headers

Accept: */*
Referer: https://www.clixblue.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Feb 2021 15:33:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FAUKYas%2FvW3E3duIwuQfz9Hleqpbe728UJfUEX4ueeN3xyC5%2FfQq4%2FgrWK0p9yvAXxM8aonZZVFeOBW7HU1hRSnRe18UtuKzyOWLBWdFtWus81ih6AbrZxRpKHjC"}],"group":"cf-nel"}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 627ab9cda9092bad-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088092748700002bad5c979000000001
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 showBanners.php Show response
www.clixblue.com/ 1 KB
1 KB 170ms
169ms XHR
text/html 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clixblue.com/showBanners.php?type=300x250&view=home&tpl=footer.tpl&_=1614353619769
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.1/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 085e36b012154e476c745b8f1a0f4e6ae4a87548b5febda5da9d30e669fcf2f3

Request headers

Accept: */*
Referer: https://www.clixblue.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Feb 2021 15:33:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cCHgbKJgQ5tQXWatuRE1aAuCI3aDV0uNUd7z11fPpbO2pPY4FkCM1cl2%2B34VXynfvYn81dKqE9Gs%2FKcXKoT7kDlwrdUzjBeWhmXzvNPxAEMbwgIt%2FOQjtndILIsX"}],"group":"cf-nel"}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 627ab9cda90a2bad-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088092748800002bad55359000000001
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 showBanners.php Show response
www.clixblue.com/ 1 KB
1 KB 176ms
175ms XHR
text/html 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clixblue.com/showBanners.php?type=468x60&view=home&tpl=footer.tpl&_=1614353619770
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.1/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4e899300032910f4c3fc4e723044ccf3b7bca81ba3c82cc92e8d77a20851444

Request headers

Accept: */*
Referer: https://www.clixblue.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Feb 2021 15:33:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SbJsU15Ahqzya3zT%2FIF5zGpAgt0kU7t7LvVGprYJ8V%2F4fl%2BfJuihU5fdvBYEOpzPevwr13WQUAm%2FTs0Pc89mmDIhjM89pHvUSXt7DBEosj%2FSNSYr3s%2BHi%2FUHk4tk"}],"group":"cf-nel"}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 627ab9cda90b2bad-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088092748800002bad66b0a000000001
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 showBanners.php Show response
www.clixblue.com/ 1 KB
947 B 165ms
164ms XHR
text/html 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clixblue.com/showBanners.php?type=468x60&view=home&tpl=footer.tpl&_=1614353619771
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.1/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b60a8e7d173e0c3803ac4db764d7b81bd6264c0d8b77bb37636be7270a44cf6c

Request headers

Accept: */*
Referer: https://www.clixblue.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Feb 2021 15:33:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yHPbPgThI74739UmQERAU0kdx0y8hPL5hKySQyg9YPfrGHM%2FW99q8zzwawyuuMegT7GRGOUQgtVT0Q5nxJMKuej7IYihwdTAkKtQQhrpq5DZH40ivD2BLYNXo%2FSe"}],"group":"cf-nel"}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 627ab9cda90c2bad-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088092748800002bad6533e000000001
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 timer.png
www.clixblue.com/rs-plugin/assets/ 125 B
475 B 11ms
11ms Image
image/png 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.clixblue.com/rs-plugin/assets/timer.png
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/rs-plugin/css/settings.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a15348b049a18c85702dde38f379aa78d3809af8c07adcf25236c69b03f6f746

Request headers

Referer: https://www.clixblue.com/rs-plugin/css/settings.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:40 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1126
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 125
cf-request-id: 088092748a00002bad883d4000000001
last-modified: Wed, 29 Jul 2020 16:39:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LSKnViQeLbbKlKdRIcNGVtxGIzdvPQvrkoQF%2FTcDC6F2Dc0Uj%2FCc1aaGuzXowrZMlpjiltfVbAtAMNk5eXDS2jEkwO%2FsZjx0OfF9kFzUMzDEmrgLTRUPXSv7ftev"}],"group":"cf-nel"}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 627ab9cda90f2bad-FRA

GET
H2 200 logs.png
www.clixblue.com/templates/ModernBlue/styles/images/ 39 KB
39 KB 13ms
11ms Image
image/png 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.clixblue.com/templates/ModernBlue/styles/images/logs.png
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d115f01e33d46d366b2511f1f2a0a5f22348f5a7ac18a12e0b3973e4f1680b3

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:40 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5061
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39856
cf-request-id: 088092749800002bad2f8f2000000001
last-modified: Wed, 29 Jul 2020 16:40:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4uKIg1CUCxwLPVkM4aC8QMVKdUXSzbMSiTDkbEWY7wb7XsMr8R5ucKdbaHuRqXvas%2FjzYOPBsAsOLJXojtNGB9ZbpKm5vCj8IGeuQWicEiRGqcbYFFRqMG23utiG"}],"group":"cf-nel"}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 627ab9cdb9302bad-FRA

GET
H2 200 greyline.png
www.clixblue.com/images/ 944 B
1 KB 13ms
12ms Image
image/png 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.clixblue.com/images/greyline.png
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff7442a73d3d7f79668aa60373d515c4d7c971a626ee65e721170e844592b148

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:40 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4769
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 944
cf-request-id: 088092749800002bad2d364000000001
last-modified: Wed, 29 Jul 2020 16:38:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=i5UpNQaOEqyoK6MatiKpdRqhqZLH3tJjfwOSD999Lpmtr%2BSrAeDHqwcNP%2FYMGWVvfx2nHyHlzqcSW8km9m094iLRIA9uDl6v5DMahgDX71E%2FRLoRUlS3qedXGMu1"}],"group":"cf-nel"}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 627ab9cdc9332bad-FRA

GET
H2 200 doublearrow2.png
www.clixblue.com/images/ 1 KB
1 KB 18ms
17ms Image
image/png 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.clixblue.com/images/doublearrow2.png
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e00e8f3fe28976c83dcdf9897a32bfa92ac458a962f012811c56ef5032dad887

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:40 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 209
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1179
cf-request-id: 088092749800002bad3d152000000001
last-modified: Wed, 29 Jul 2020 16:38:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=J7IPUESddnaAVPzVrAB97KXXC7NcBWVqkHO2F%2FYSSQYy7ZR0EVMoQxiaEeMxUa0VnLk8CXdGVfS8SRlVhzBFcFL1UmOXwQ04Nn387INmjDgH7XQu5cSo21HdmLFK"}],"group":"cf-nel"}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 627ab9cdc9342bad-FRA

GET
H2 200 uk.png
www.clixblue.com/templates/ModernBlue/styles/images/ 473 KB
473 KB 14ms
13ms Image
image/png 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.clixblue.com/templates/ModernBlue/styles/images/uk.png
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f7703ae279ef474e1c2550235574fe501a95af4eef08ea99bfc0025db7a136c

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:40 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3039
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 483895
cf-request-id: 088092749800002bad6115c000000001
last-modified: Wed, 29 Jul 2020 16:40:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Pas6FzJsuVYg1ny8CS4fEyECdxsmKFh78owjsjXn1B24Gb0LVTN7g0a25Hh0VAubJWRYnCO2Ebh2Ona3McEQa1OWDn56oO7JLRr6fq51%2FRx7kHpYm2OjNAE6Usxm"}],"group":"cf-nel"}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 627ab9cdc9362bad-FRA

GET
H2 200 light2.png
www.clixblue.com/templates/ModernBlue/styles/images/ 7 KB
8 KB 18ms
17ms Image
image/png 2606:4700:3037::6815:57a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.clixblue.com/templates/ModernBlue/styles/images/light2.png
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:57a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: faa151a98dc2e13ec98be51ba710413804d67734a4c79c38956a124c9c87881a

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:40 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5061
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7511
cf-request-id: 088092749800002bad753ab000000001
last-modified: Wed, 29 Jul 2020 16:40:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=No5vgiBRCUnOSOAzZ1UkGMUcbTUXXp8kLwRiIWyRCyWlp0iCEnKk93gRLWt8MsYCNUMnEeb4ucWAM6r9qzQez0NjXCpFSvFuBoKHxivUVnUiKFqtBkDkPylsD1mN"}],"group":"cf-nel"}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 627ab9cdc9372bad-FRA

GET

6.gif
id5-sync.com/c/12/103/4/
Redirect Chain

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent=
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&domid=1033
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid...
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid=1033...
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEEe_HYS20M0iAL7xYCuKt90&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0Rv...
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=8122490717689941876&opid=apx&ops=&utidl=tech:goo:CAESEEe_HYS20M0iAL7xYCuKt90&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0a...
https://id5-sync.com/qp/18.gif?puid=vec%3A11377484643&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/7/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/7/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://id5-sync.com/c/12/19/7/3.gif?puid=a3125f7bd88090608f7c13752a138c96&gdpr=1&gdpr_consent=
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/12/101/6/4.gif?puid=01032789-d133-4815-87ee-8d53fd8f8311&gdpr=1&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F5%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_cons...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F5%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdp...
https://id5-sync.com/c/12/108/5/5.gif?puid=01b80e31-7848-11eb-8b15-9e9b130d4f06&gdpr=1&gdpr_consent=
https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F4%2F6.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D
https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F4%2F6.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D&xl8blockcheck=1
https://id5-sync.com/c/12/103/4/6.gif?puid=08c4dd6c6abd61d6bfb6ff5d010e94e4&gdpr=1&gdpr_consent=

0
0

GET
H2 200 items.php Show response
www.adthurst.com/display/ 67 KB
11 KB 312ms
290ms Script
application/javascript 2606:4700:3033::ac43:d97d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.adthurst.com/display/items.php?35&35&300&250&1&0&0
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.1/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:d97d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 224367207d5782e6498257fa92c069e83b6e4eefcf525bc4061212f6e498eee2

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088092750a00004ed95e9b8000000001
pragma: no-cache
last-modified: Fri, 26 Feb 2021 15:33:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WSM01aVgcOHM2gI%2FGBlBz4zHpRhhx78pHAAoHZqDgS7s1vHwPFpsKefd9QDGsORs4nwe8%2B2aZD44t54xHPvm5hy9b6yTYuznNrewmDvf%2BMnmjZEUw7OhhGXJ1XtS"}],"max_age":604800}
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 627ab9ce7f174ed9-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 1199399 Show response
ad.a-ads.com/ Frame 606B 6 KB
2 KB 153ms
53ms Document
text/html 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1199399?size=728x90

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.1/jquery.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx/1.14.0 (Ubuntu) / Phusion Passenger

Resource Hash

125e674a1b54439f3e06bfed174b30c4b28cc34b98a231762c3e46098060407a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.clixblue.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.clixblue.com/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Fri, 26 Feb 2021 15:33:40 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger
X-Original-Referer: https://www.clixblue.com/
Content-Encoding: gzip

GET
H/1.1 200
OK Cookie set 4438AA8AF364 Show response
mellowads.com/view/ Frame 4647 2 KB
2 KB 292ms
259ms Document
text/html 2606:4700::6810:8916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mellowads.com/view/4438AA8AF364
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.1/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 706f436f993dfc5ef3957d57eb993c48eefac5ef05e017e8590ce5e3ac0527b1

Request headers

Host: mellowads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.clixblue.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.clixblue.com/

Response headers

Date: Fri, 26 Feb 2021 15:33:40 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=dfc822b71ecfe2c35916c9c590a8b038f1614353620; expires=Sun, 28-Mar-21 15:33:40 GMT; path=/; domain=.mellowads.com; HttpOnly; SameSite=Lax user=referrer=; expires=Thu, 27-May-2021 14:33:41 GMT; path=/
Cache-Control: private
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
CF-Cache-Status: DYNAMIC
cf-request-id: 088092752700004e5092865000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 627ab9ceab774e50-FRA
Content-Encoding: gzip

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
67 B 14ms
14ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=2085786993&t=pageview&_s=1&dl=https%3A%2F%2Fwww.clixblue.com%2F&ul=en-us&de=UTF-8&dt=Clixblue%20-%20Get%20some%20Blue%20into%20your%20pockets&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=389464985&gjid=508884202&cid=1751174303.1614353620&tid=UA-41058957-2&_gid=758004860.1614353620&_r=1&_slc=1&z=1486509421

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 Feb 2021 15:33:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.clixblue.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 854 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8567910c20a8d5d4780282da4d9bbd8d6ecb51cda15a6a52c0ff0e08d21e44ca

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H2 200 rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/ 1 KB
996 B 85ms
26ms Script
application/x-javascript 2600:9000:20d7:5400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20d7:5400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 14:44:15 GMT
content-encoding: gzip
last-modified: Mon, 19 Mar 2018 22:28:36 GMT
server: AmazonS3
age: 2965
etag: W/"9a93052877e57b42aeefaab6e7ec5f90"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 e9ebe38de33a70557cf9d9c1d7e5d11f.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: fNrVx7sS7ZfDcJ_Y1VdRHxE0Dj1RB9pM0pTBg7OmYTep4AE3w65tlw==

GET
H3-Q050 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
378 B 42ms
28ms Image
image/gif 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1996614387&utmhn=www.clixblue.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Clixblue%20-%20Get%20some%20Blue%20into%20your%20pockets&utmhid=2085786993&utmr=-&utmp=%2F&utmht=1614353620339&utmac=UA-41058957-2&utmcc=__utma%3D235807059.1751174303.1614353620.1614353620.1614353620.1%3B%2B__utmz%3D235807059.1614353620.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=909782818&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~

Requested by

Host: www.clixblue.com
URL: https://www.clixblue.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Feb 2021 15:33:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5e56816b6c7fa8946b9643a0.js Show response
cdn.bmcdn1.com/js/ 60 KB
18 KB 120ms
101ms Script
application/javascript 2606:4700:20::ac43:4801
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bmcdn1.com/js/5e56816b6c7fa8946b9643a0.js
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4801 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec33ca2ecc05bd5aecc7937d5ba7611e21ba5f0be33088e83cf07d93124e74a3

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bJgpIlJTSMGSPl6V7E%2BAWu75TtfWlWwe116nFLUoKLgfmwGZFTCa6sNyRzh%2F%2BCBQdwQ7GPTKwGWqACJHGeL9ef0cL27a%2BDUHqPimnYCmc8XoWb9mlUOLeZpq9A%3D%3D"}],"max_age":604800}
cache-control: max-age=1800, public
cf-ray: 627ab9cf4dc44e3e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
cf-request-id: 088092758d00004e3ea88df000000001
expires: Fri, 26 Feb 2021 16:03:40 GMT

GET
H2 200 core.js Show response
static.arc.io/widget/js/ 305 KB
99 KB 3763ms
3664ms Script
application/javascript 185.59.220.196
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL

https://static.arc.io/widget/js/core.js?b696a0a1f

Requested by

Host: arc.io
URL: https://arc.io/widget.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.196 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

Software

BunnyCDN-DE1-565 /

Resource Hash

bb080cb6579012eb4d6bf408ed6df2baaedef925648ae6435dfb97b2aa90ef17

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Origin: https://www.clixblue.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:44 GMT
content-encoding: br
vary: Accept-Encoding
cdn-edgestorageid: 565
access-control-allow-origin: *
cdn-cachedat: 2021-01-26 23:44:53
cdn-pullzone: 196434
cdn-requestpullsuccess: True
last-modified: Tue, 26 Jan 2021 22:34:09 GMT
server: BunnyCDN-DE1-565
cdn-requestpullcode: 200
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control: max-age=2592000, public, stale-while-revalidate=864000
cdn-requestid: 674452f78970d714358dbd4d0eaba527
cdn-requestcountrycode: PL
expires: Thu, 25 Feb 2021 22:44:53 GMT

GET
H2 200 broker.html Show response
core.arc.io/ Frame CF33 1 KB
1 KB 157ms
61ms Document
text/html 185.59.220.193
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL

https://core.arc.io/broker.html?b696a0a1f

Requested by

Host: arc.io
URL: https://arc.io/widget.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.193 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-193.datapacket.com

Software

BunnyCDN-DE1-601 /

Resource Hash

c02b42d4ccfacd5bf024964dc1201954a5dd6c780543ab13f13082a9b53e5dfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: core.arc.io
:scheme: https
:path: /broker.html?b696a0a1f
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.clixblue.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.clixblue.com/

Response headers

date: Fri, 26 Feb 2021 15:33:40 GMT
content-type: text/html
vary: Accept-Encoding
server: BunnyCDN-DE1-601
cdn-pullzone: 196434
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: PL
cdn-edgestorageid: 601
last-modified: Tue, 26 Jan 2021 22:29:14 GMT
expires: Thu, 25 Feb 2021 22:40:36 GMT
cache-control: max-age=2592000 public
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
cdn-cachedat: 2021-01-26 23:40:36
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-requestid: f247229e74cebc48d6139b013a76c43a
cdn-cache: HIT
content-encoding: br

GET
H/1.1 200
OK wckr.php Show response
tag.leadplace.fr/ Frame EA9D 0
246 B 53ms
53ms Document
text/html 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fwww.clixblue.com%2F&id=MTIZ
Requested by: Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/libJsLP.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: tag.leadplace.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.clixblue.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.clixblue.com/

Response headers

Server: nginx/1.14.2
Date: Fri, 26 Feb 2021 15:33:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
X-IPLB-Request-ID: C2636963:E4D6_91EFC0A6:01BB_603914D4_17A80B7F:CE3D
X-IPLB-Instance: 30196

GET
H/1.1 200
OK fire.js Show response
s.cpx.to/ 854 B
1 KB 255ms
64ms Script
application/javascript 63.34.175.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.cpx.to/fire.js?pid=12768&ref=&hn_ver=11&fid=cbb62f44-7414-4d1a-a2fe-3b6b7b674b1c

Requested by

Host: p.cpx.to
URL: https://p.cpx.to/p/12768/px.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.34.175.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-34-175-121.eu-west-1.compute.amazonaws.com

Software

Resource Hash

4ec34051eae24ef72179baafd392762e216591ff9e94678a4163b175ac7d26e0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Feb 2021 15:33:40 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript; charset=UTF-8
Content-Length: 854
Expires: Wed, 24 Feb 2021 09:43:56 GMT

GET
H/1.1 200
OK Cookie set 09E96B9DB3FA Show response
mellowads.com/view/ Frame E43A 2 KB
2 KB 271ms
258ms Document
text/html 2606:4700::6810:8916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mellowads.com/view/09E96B9DB3FA
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.1/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7685323ce61b25e91877049bb40854519ba7cccffde3bcdc2ed8594d7f40cfbf

Request headers

Host: mellowads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.clixblue.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.clixblue.com/

Response headers

Date: Fri, 26 Feb 2021 15:33:40 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=db1e745b0c2a7507d68ad0740c941d3f81614353620; expires=Sun, 28-Mar-21 15:33:40 GMT; path=/; domain=.mellowads.com; HttpOnly; SameSite=Lax user=referrer=; expires=Thu, 27-May-2021 14:33:41 GMT; path=/
Cache-Control: private
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
CF-Cache-Status: DYNAMIC
cf-request-id: 088092759a0000176a67864000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 627ab9cf58c1176a-FRA
Content-Encoding: gzip

GET
H/1.1 200
OK Cookie set D3F1CA4E8E85 Show response
mellowads.com/view/ Frame 7B4F 2 KB
2 KB 266ms
254ms Document
text/html 2606:4700::6810:8916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mellowads.com/view/D3F1CA4E8E85
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.1/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7757b697698663321d1aa627d28ed136dfc56005aed7419652f12c20ebfbddc

Request headers

Host: mellowads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.clixblue.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.clixblue.com/

Response headers

Date: Fri, 26 Feb 2021 15:33:40 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=da8a6a2516149e0d59e7236512833744e1614353620; expires=Sun, 28-Mar-21 15:33:40 GMT; path=/; domain=.mellowads.com; HttpOnly; SameSite=Lax user=referrer=; expires=Thu, 27-May-2021 14:33:41 GMT; path=/
Cache-Control: private
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
CF-Cache-Status: DYNAMIC
cf-request-id: 088092759d0000176eed9b4000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 627ab9cf6dbc176e-FRA
Content-Encoding: gzip

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 4 KB
2 KB 42ms
41ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=2
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.1/jquery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: f68870a1250e67d9eb6ae2bacb1fd3a1267db6a730f8e333fcf898c461588707

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:40 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
accept-ranges: bytes
content-length: 2158
expires: Sat, 27 Feb 2021 15:32:52 GMT

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 89 KB
12 KB 44ms
44ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=64216&formatId=2
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.1/jquery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 265b9c397678048238d334495fea1378de5c822e4e1d249a58e47914e0eba89e

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:40 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
accept-ranges: bytes
content-length: 12527
expires: Sat, 27 Feb 2021 15:33:40 GMT

GET
H/1.1 200
OK Cookie set 32290922BCDE Show response
mellowads.com/view/ Frame EDC1 3 KB
2 KB 262ms
250ms Document
text/html 2606:4700::6810:8916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mellowads.com/view/32290922BCDE
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.1/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b965f3023d2635e66fa519a7ef69c94d3b2c644f322fb0b5177a31199c15a8ec

Request headers

Host: mellowads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.clixblue.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.clixblue.com/

Response headers

Date: Fri, 26 Feb 2021 15:33:40 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=dcef7906b02ea0c1d2f8c22150e06e0b91614353620; expires=Sun, 28-Mar-21 15:33:40 GMT; path=/; domain=.mellowads.com; HttpOnly; SameSite=Lax user=referrer=; expires=Thu, 27-May-2021 14:32:52 GMT; path=/
Cache-Control: private
X-AspNet-Version: 4.0.30319
CF-Cache-Status: DYNAMIC
cf-request-id: 08809275a400002b713e2cc000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 627ab9cf6dde2b71-FRA
Content-Encoding: gzip

GET
H/1.1 200
OK Cookie set BAF35D15A54D Show response
mellowads.com/view/ Frame 64E9 2 KB
2 KB 270ms
257ms Document
text/html 2606:4700::6810:8916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mellowads.com/view/BAF35D15A54D
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.1/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df30204172065eaf9ae6823bd576561243795a8d2afccdf76622197af1035b6f

Request headers

Host: mellowads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.clixblue.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.clixblue.com/

Response headers

Date: Fri, 26 Feb 2021 15:33:40 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d3bfa35c8584f29c0d9592734ef18c9ac1614353620; expires=Sun, 28-Mar-21 15:33:40 GMT; path=/; domain=.mellowads.com; HttpOnly; SameSite=Lax user=referrer=; expires=Thu, 27-May-2021 14:33:48 GMT; path=/
Cache-Control: private
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
CF-Cache-Status: DYNAMIC
cf-request-id: 08809275a6000024848e2e3000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 627ab9cf6ba32484-FRA
Content-Encoding: gzip

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 148A
Redirect Chain

https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=867363ee-dbf0-4e55-6d27-b33975e4e6e2&reqId=1821bf69-eb68-4d02-634a-70e70a4272d3&...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fadnxs_uid%3D%24UID%26zpartnerid%3D2%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D867363ee-dbf0-4e55-6d27-b33975e4e6e2%2...
https://mwzeom.zeotap.com/mw?adnxs_uid=8122490717689941876&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=867363ee-dbf0-4e55-6d27-b33975e4e6e2&reqId=1821bf69-eb68-4d02-634a-70e70a4272d3&uc=2&zdid=1258

95 B
179 B

23ms
23ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?adnxs_uid=8122490717689941876&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=867363ee-dbf0-4e55-6d27-b33975e4e6e2&reqId=1821bf69-eb68-4d02-634a-70e70a4272d3&uc=2&zdid=1258
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:41 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 627ab9d3bb424a80-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 088092785800004a80d998f000000001

Redirect headers

Pragma: no-cache
Date: Fri, 26 Feb 2021 15:33:40 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.149:80
AN-X-Request-Uuid: 834a5d43-2380-491e-80af-970ac625f7bd
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://mwzeom.zeotap.com/mw?adnxs_uid=8122490717689941876&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=867363ee-dbf0-4e55-6d27-b33975e4e6e2&reqId=1821bf69-eb68-4d02-634a-70e70a4272d3&uc=2&zdid=1258
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 148A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=867363ee-dbf0-4e55-6d27-b33975e4e6e2&reqId=1821bf69-eb68-4d02-634a-70e70a4272d3&uc=2&...
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=867363ee-dbf0-4e55-6d27-b33975e4e6e2&reqId=1821bf69-eb68-4d02-634a-70e70a4272d3&uc=2...
https://mwzeom.zeotap.com/mw?google_gid=CAESEG-Q_pRJLBA72A-ynGzS4Mg&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=867363ee-dbf0-4e55-6d27-b33975e4e6e2&reqId=1821bf69-eb68-4d02-634a-70e...

95 B
190 B

29ms
24ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEG-Q_pRJLBA72A-ynGzS4Mg&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=867363ee-dbf0-4e55-6d27-b33975e4e6e2&reqId=1821bf69-eb68-4d02-634a-70e70a4272d3&uc=2&zdid=1258
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:40 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 627ab9d10eb54a80-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 08809276aa00004a8077813000000001

Redirect headers

pragma: no-cache
date: Fri, 26 Feb 2021 15:33:40 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEG-Q_pRJLBA72A-ynGzS4Mg&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=867363ee-dbf0-4e55-6d27-b33975e4e6e2&reqId=1821bf69-eb68-4d02-634a-70e70a4272d3&uc=2&zdid=1258
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 450
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 148A
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D867363ee-dbf0-4e55-6d27-b33975e4e6e2%26reqId%3D1821bf69-eb68-4d02-634a-70e70a...
https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D867363ee-dbf0-4e55-6d27-b33975e4e6e2%26reqId%3D1821bf69-eb68-4d02-634a-70e70a...
https://mwzeom.zeotap.com/mw?cid=6a31a1c5-025e-4511-97e9-1df2949de075&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=867363ee-dbf0-4e55-6d27-b33975e4e6e2&reqId=1821bf69-eb68-4d02-634a-70e70a4272d3&uc...

95 B
179 B

33ms
31ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=6a31a1c5-025e-4511-97e9-1df2949de075&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=867363ee-dbf0-4e55-6d27-b33975e4e6e2&reqId=1821bf69-eb68-4d02-634a-70e70a4272d3&uc=2&zdid=1258
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:41 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 627ab9d44c0a4a80-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 08809278ae00004a805c194000000001

Redirect headers

pragma: no-cache
date: Fri, 26 Feb 2021 15:33:41 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://mwzeom.zeotap.com/mw?cid=6a31a1c5-025e-4511-97e9-1df2949de075&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=867363ee-dbf0-4e55-6d27-b33975e4e6e2&reqId=1821bf69-eb68-4d02-634a-70e70a4272d3&uc=2&zdid=1258
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 449

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 148A
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=867363ee-dbf0-4e55-6d27-b33975e4e6e2&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=867363ee-dbf0-4e55-6d27-b33975e4e6e2&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=83830308513050328991147742781869089714&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=867363ee-dbf0-4e55-6d27-b33975e4e6e2&reqId=1821bf69-eb68-4d02-634a-70e70a4272d...

95 B
179 B

22ms
21ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=83830308513050328991147742781869089714&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=867363ee-dbf0-4e55-6d27-b33975e4e6e2&reqId=1821bf69-eb68-4d02-634a-70e70a4272d3&uc=2&zdid=1258
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:41 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 627ab9d46c2e4a80-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 08809278be00004a8077837000000001

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 2T5nWSbtQ94=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=83830308513050328991147742781869089714&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=867363ee-dbf0-4e55-6d27-b33975e4e6e2&reqId=1821bf69-eb68-4d02-634a-70e70a4272d3&uc=2&zdid=1258
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 148A
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&id_mid_4=867363ee-dbf0-4e55-6d27-b33975e4e6e2&reqId=1821bf69-eb68-4d02-634a-70e70a4272d3&uc=2&zdid=1258
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=w5MMzfX%2FPCkvECCqRYO8mmoFaxrHIRNv%2BS41iYitP1U%3D

95 B
306 B

24ms
22ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=w5MMzfX%2FPCkvECCqRYO8mmoFaxrHIRNv%2BS41iYitP1U%3D
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:41 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 627ab9d39af94a80-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 088092783f00004a80832fb000000001

Redirect headers

pragma: no-cache
date: Fri, 26 Feb 2021 15:33:40 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=w5MMzfX%2FPCkvECCqRYO8mmoFaxrHIRNv%2BS41iYitP1U%3D
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 148A
Redirect Chain

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D867363e...
https://mwzeom.zeotap.com/mw?cid=e66e6039-14d4-4900-b139-4af544e21107&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&id_mid_4=867363ee-dbf0-4e55-6d27-b33975e4e6e2&reqId=1821bf69-eb68-4d02-634a-70e7...

95 B
179 B

30ms
25ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=e66e6039-14d4-4900-b139-4af544e21107&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&id_mid_4=867363ee-dbf0-4e55-6d27-b33975e4e6e2&reqId=1821bf69-eb68-4d02-634a-70e70a4272d3&uc=2&zdid=1258
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:40 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 627ab9d10ead4a80-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 08809276a900004a806b936000000001

Redirect headers

Date: Fri, 26 Feb 2021 15:33:40 GMT
Server: MT3 3518 2f03077 master cdg-pixel-x8
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://mwzeom.zeotap.com/mw?cid=e66e6039-14d4-4900-b139-4af544e21107&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&id_mid_4=867363ee-dbf0-4e55-6d27-b33975e4e6e2&reqId=1821bf69-eb68-4d02-634a-70e70a4272d3&uc=2&zdid=1258
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Fri, 26 Feb 2021 15:34:11 GMT

GET
H2 200 cmp.min.js Show response
spl.zeotap.com/ Frame 148A 541 B
614 B 36ms
36ms Script
text/plain 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&id_mid_4=867363ee-dbf0-4e55-6d27-b33975e4e6e2&reqId=1821bf69-eb68-4d02-634a-70e70a4272d3&uc=2&zdid=1258
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26d89ced3da96c6971287826c5701f5e4e26da32d091698fdeff8a8c7149351d

Request headers

Referer: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 627ab9cfdce24a80-FRA
date: Fri, 26 Feb 2021 15:33:40 GMT
via: 1.1 google
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *
cf-request-id: 08809275e900004a805ebec000000001

GET
H3-Q050 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 84 KB
30 KB 40ms
20ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 22:51:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60118
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30186
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Feb 2022 22:51:42 GMT

GET
H2 200 pixel;r=605056414;labels=Categories.shopping;rf=0;uht=2;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fwww.clixblue.com%2F;fpan=1;fpa=P0-1385114713-1614353620508;ns=0;ce=1;qjs=1;qv=fd8a15ce-20210219171058;cm=...
pixel.quantserve.com/ 35 B
372 B 30ms
8ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=605056414;labels=Categories.shopping;rf=0;uht=2;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fwww.clixblue.com%2F;fpan=1;fpa=P0-1385114713-1614353620508;ns=0;ce=1;qjs=1;qv=fd8a15ce-20210219171058;cm=;gdpr=0;ref=;d=clixblue.com;je=0;sr=1600x1200x24;dst=1;et=1614353620508;tzo=-60;ogl=

Requested by

Host: www.clixblue.com
URL: https://www.clixblue.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Feb 2021 15:33:40 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
545 B 137ms
67ms XHR
application/json 52.209.120.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186329
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.120.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-120-242.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4311ceca8db47402a962cf1cca9264441d951815e2654bbc73128a7e57dddc95

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 26 Feb 2021 15:33:40 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.clixblue.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Sun, 28 Mar 2021 15:33:40 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ 0
222 B 154ms
55ms XHR
text/plain 34.120.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.207.148 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 148.207.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 26 Feb 2021 15:33:40 GMT
via: 1.1 google
alt-svc: clear
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.clixblue.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H2 204 cmp
spl.zeotap.com/ Frame 148A 0
0 29ms
23ms Document
text/plain 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&id_mid_4=867363ee-dbf0-4e55-6d27-b33975e4e6e2&reqId=1821bf69-eb68-4d02-634a-70e70a4272d3&uc=2&zdid=1258&cmp=0
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&id_mid_4=867363ee-dbf0-4e55-6d27-b33975e4e6e2&reqId=1821bf69-eb68-4d02-634a-70e70a4272d3&uc=2&zdid=1258
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /cmp?env=mWeb&eventType=map&id_mid_4=867363ee-dbf0-4e55-6d27-b33975e4e6e2&reqId=1821bf69-eb68-4d02-634a-70e70a4272d3&uc=2&zdid=1258&cmp=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: zc=867363ee-dbf0-4e55-6d27-b33975e4e6e2; zsc=%29%15%16%17t%05g%825%96%F0%B4%93%96%BD%CC%02%E8%C2%90%16%83%BF%2CA%2A%40%CDQ%E4%7FiOE%280%D5%D5_%17d%98lT%18%E6%7B%8D%5B%3A%93%ADVV%02%91%16%D6%5B%C6%A3%05%AB%E2%AB%09%0C%CEaq%80%EC%9FI%F1%02l%EC%E4%F7%11%CE%8CF%8B%8E%C0%EDI%09%8AHQA%F8%EC%BC_%FB%A5%1C%AF%E3Z%0A
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map

Response headers

date: Fri, 26 Feb 2021 15:33:40 GMT
set-cookie: __cfduid=d06171b5102c89e3c138d104fb3c639c91614353620; expires=Sun, 28-Mar-21 15:33:40 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://spl.zeotap.com
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 088092763200004a80b3b79000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 627ab9d05d994a80-FRA

GET
H/1.1 200
OK 728x90
static.a-ads.com/a-ads-banners/138837/ Frame 606B 36 KB
36 KB 193ms
83ms Image
image/gif 5.9.10.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/138837/728x90?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1199399?size=728x90
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.9.10.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.10.9.5.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 0b3597ca37388a851c4ea15dce0634c685b97c2a86f6929ac3caa46496b93882

Request headers

Referer: https://ad.a-ads.com/1199399?size=728x90
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 15:33:40 GMT
Last-Modified: Tue, 16 Feb 2021 09:34:22 GMT
Server: nginx/1.14.0 (Ubuntu)
x-amz-request-id: 9B165609BB1227F1
ETag: "492649696b2fa5716430a38cc80a3a25"
Content-Type: image/gif
Cache-Control: max-age=315360000
Content-Length: 36604
Connection: keep-alive
Accept-Ranges: bytes
x-amz-version-id: null
x-amz-id-2: QA/o/XJfiLHSlb9psLP7REaOqEBtgOqgGNgRKroRIj8TNTNCWJuy79kI5YALE5ii6PGXzUQB0Ws=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 606B 305 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 /
cdn.bmcdn1.com/pv/5ae27a25d8189a00104ca5bb/ 35 B
465 B 105ms
105ms Image
image/gif 2606:4700:20::ac43:4801
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bmcdn1.com/pv/5ae27a25d8189a00104ca5bb/?source=https%3A%2F%2Fwww.clixblue.com%2F&ref=&ent=&we=0&fid=50d068dd648bbd0251bb752174c02be2&fidnoua=ecc3663fbf086b87cf763b12b575e917&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&sig=0x00000&blocksubid=0&impid=a1c4fb280f3fa3e5e403569e414377db
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4801 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:41 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zc9Vn%2B%2FJKijZhfHqtezPqIL6V7to1Et4upAhQ6VuaQNOWnSiOp8J%2FDeqeAbO%2FdDuG26fY%2B2BTtpCHcgB97W32Po0kOdnrBkQJ13kXXy0JShLrN%2FroCItdY3H6Q%3D%3D"}],"max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cf-ray: 627ab9d419d94e3e-FRA
content-length: 35
cf-request-id: 088092788d00004e3e0d1cb000000001

GET
H2 200 index.php Show response
www.adthurst.com/display/ Frame A729 14 KB
4 KB 327ms
327ms Document
text/html 2606:4700:3033::ac43:d97d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.adthurst.com/display/index.php?page=query/items/&aduid=35&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=e99122407a2426de72db562bf87eec45&time=1614353620&deliver=clixblue.com&search_keywords=&page_referrer=aHR0cHM6Ly93d3cuY2xpeGJsdWUuY29tLw==&page_title=Clixblue%20-%20Get%20some%20Blue%20into%20your%20pockets&meta_description=
Requested by: Host: www.adthurst.com
URL: https://www.adthurst.com/display/items.php?35&35&300&250&1&0&0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:d97d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc94c5e59f594984e4129a481e711ef425c56f2a57c114203f387c5cd91b87d1

Request headers

:method: GET
:authority: www.adthurst.com
:scheme: https
:path: /display/index.php?page=query/items/&aduid=35&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=e99122407a2426de72db562bf87eec45&time=1614353620&deliver=clixblue.com&search_keywords=&page_referrer=aHR0cHM6Ly93d3cuY2xpeGJsdWUuY29tLw==&page_title=Clixblue%20-%20Get%20some%20Blue%20into%20your%20pockets&meta_description=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.clixblue.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.clixblue.com/

Response headers

date: Fri, 26 Feb 2021 15:33:41 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d45b035ef19542cd004ccc91e0ec60b151614353621; expires=Sun, 28-Mar-21 15:33:41 GMT; path=/; domain=.adthurst.com; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 088092789400004ed93aaf1000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=D0RfrLBV9U%2FJA1SpMl14YsGL%2BZIVkLJ5ocSHz2HphmzX6LEl0wjqzbeCEex767o0JuaMuBiMaeLaVJjdMushcgSyNBqCkYgEHmB%2BTHCeZCgfobx6GenJzohc9YyU"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 627ab9d418c54ed9-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

an_fire
s.cpx.to/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12768%26ref%3D%26hn_ver%3D11%26fid%3Dcbb62f44-7414-4d1a-a2fe-3b6b7b674b1c
https://s.cpx.to/an_fire?app_nexus_uid=8122490717689941876&pid=12768&ref=&hn_ver=11&fid=cbb62f44-7414-4d1a-a2fe-3b6b7b674b1c

95 B
865 B

104ms
66ms

Image
image/png

63.34.175.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/an_fire?app_nexus_uid=8122490717689941876&pid=12768&ref=&hn_ver=11&fid=cbb62f44-7414-4d1a-a2fe-3b6b7b674b1c

Requested by

Host: www.clixblue.com
URL: https://www.clixblue.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.34.175.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-34-175-121.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Feb 2021 15:33:41 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Fri, 26 Feb 2021 15:33:41 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 26 Feb 2021 15:33:41 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 729.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.134:80
AN-X-Request-Uuid: 256c7a6f-7bf7-4522-a1c5-dd979baf542f
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.cpx.to/an_fire?app_nexus_uid=8122490717689941876&pid=12768&ref=&hn_ver=11&fid=cbb62f44-7414-4d1a-a2fe-3b6b7b674b1c
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3Dcbb62f44-7414-4d1a-a2fe-3b6b7b674b1c
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3Dcbb62f44-7414-4d1a-a2fe-3b6b7b674b1c&cklb=1

0
75 B

72ms
72ms

Image
text/plain

185.86.138.144
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3Dcbb62f44-7414-4d1a-a2fe-3b6b7b674b1c&cklb=1
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.144 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:41 GMT
content-length: 0

Redirect headers

location: https://sync.smartadserver.com:443/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3Dcbb62f44-7414-4d1a-a2fe-3b6b7b674b1c&cklb=1
pragma: no-cache
date: Fri, 26 Feb 2021 15:33:41 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 502
Bad Gateway UCookieSetPug
image2.pubmatic.com/AdServer/ 0
0 297ms
70ms Image
text/html 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dcbb62f44-7414-4d1a-a2fe-3b6b7b674b1c
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1

200
OK

ca.png
s.cpx.to/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=cbb62f44-7414-4d1a-a2fe-3b6b7b674b1c
https://s.cpx.to/ca.png?dsp=dbm&fid=cbb62f44-7414-4d1a-a2fe-3b6b7b674b1c&google_gid=CAESEIDGsd9NMdid_vPLZntMIUM&google_cver=1

95 B
804 B

74ms
73ms

Image
image/png

63.34.175.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?dsp=dbm&fid=cbb62f44-7414-4d1a-a2fe-3b6b7b674b1c&google_gid=CAESEIDGsd9NMdid_vPLZntMIUM&google_cver=1

Requested by

Host: www.clixblue.com
URL: https://www.clixblue.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.34.175.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-34-175-121.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Feb 2021 15:33:41 GMT
X-Frame-Options: sameorigin
Content-Type: image/png
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95

Redirect headers

pragma: no-cache
date: Fri, 26 Feb 2021 15:33:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.cpx.to/ca.png?dsp=dbm&fid=cbb62f44-7414-4d1a-a2fe-3b6b7b674b1c&google_gid=CAESEIDGsd9NMdid_vPLZntMIUM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
https://s.cpx.to/sync?dsp_uid=6a31a1c5-025e-4511-97e9-1df2949de075&dsp=TTD

95 B
876 B

126ms
71ms

Image
image/png

63.34.175.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp_uid=6a31a1c5-025e-4511-97e9-1df2949de075&dsp=TTD

Requested by

Host: www.clixblue.com
URL: https://www.clixblue.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.34.175.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-34-175-121.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 26 Feb 2021 15:33:41 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Fri, 26 Feb 2021 15:33:41 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Feb 2021 15:33:41 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://s.cpx.to/sync?dsp_uid=6a31a1c5-025e-4511-97e9-1df2949de075&dsp=TTD
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 179

GET
H/1.1 200
OK sync
pool.grid-data.bidswitch.net/ 43 B
300 B 277ms
59ms Image
image/gif 18.195.130.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pool.grid-data.bidswitch.net/sync?pid=42
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.130.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 15:33:41 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length: 43
Content-Type: image/gif

GET
H2 200 broker.5be85bf8.js Show response
static.arc.io/broker/js/ Frame CF33 29 KB
11 KB 2262ms
2259ms Script
application/javascript 185.59.220.196
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL

https://static.arc.io/broker/js/broker.5be85bf8.js

Requested by

Host: core.arc.io
URL: https://core.arc.io/broker.html?b696a0a1f

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.196 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

Software

BunnyCDN-DE1-565 /

Resource Hash

d9c1bcd0e1b4cb61c1e9a0d957b23bc829c2f4388d802782b7e85e2b18cbe510

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Origin: https://core.arc.io
Referer: https://core.arc.io/broker.html?b696a0a1f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:43 GMT
content-encoding: br
vary: Accept-Encoding
cdn-edgestorageid: 601
access-control-allow-origin: *
cdn-cachedat: 2021-01-26 23:41:51
cdn-pullzone: 196434
cdn-requestpullsuccess: True
last-modified: Tue, 26 Jan 2021 22:29:14 GMT
server: BunnyCDN-DE1-565
cdn-requestpullcode: 200
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control: max-age=2592000, public
cdn-requestid: a5358e96302f740f1319ba45a40b417a
cdn-requestcountrycode: PL
expires: Thu, 25 Feb 2021 22:41:51 GMT

GET
H2 200 chunk-vendors.81e1c8c9.js Show response
static.arc.io/broker/js/ Frame CF33 43 KB
17 KB 2284ms
2282ms Script
application/javascript 185.59.220.196
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL

https://static.arc.io/broker/js/chunk-vendors.81e1c8c9.js

Requested by

Host: core.arc.io
URL: https://core.arc.io/broker.html?b696a0a1f

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.196 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

Software

BunnyCDN-DE1-565 /

Resource Hash

7471acc9e0da2032be52c9b3ac85605e85721cf25c70bc39d72cc3ad09ce464f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Origin: https://core.arc.io
Referer: https://core.arc.io/broker.html?b696a0a1f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:43 GMT
content-encoding: br
vary: Accept-Encoding
cdn-edgestorageid: 632
access-control-allow-origin: *
cdn-cachedat: 2021-01-26 23:41:16
cdn-pullzone: 196434
cdn-requestpullsuccess: True
last-modified: Tue, 26 Jan 2021 22:29:14 GMT
server: BunnyCDN-DE1-565
cdn-requestpullcode: 200
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control: max-age=2592000, public
cdn-requestid: beded33747c9d0826e95ab510d926e7f
cdn-requestcountrycode: PL
expires: Thu, 25 Feb 2021 22:41:16 GMT

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
314 B 175ms
68ms XHR
text/plain 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=415712&u=https%3A%2F%2Fwww.clixblue.com%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 26 Feb 2021 15:33:41 GMT
Server: Apache
Access-Control-Allow-Origin: https://www.clixblue.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Fri, 26 Feb 2021 15:33:41 GMT

GET
H/1.1 200
OK notifyme.php Show response
adtrack.adleadevent.com/ 0
527 B 526ms
311ms XHR
application/x-javascript 176.34.185.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.34.185.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Feb 2021 15:33:41 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 Feb 2021 15:33:41 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://www.clixblue.com
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 lazy-iwc.30187216.js
static.arc.io/broker/js/ Frame CF33 0
5 KB 3486ms
162ms Other
application/javascript 185.59.220.196
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL

https://static.arc.io/broker/js/lazy-iwc.30187216.js

Requested by

Host: core.arc.io
URL: https://core.arc.io/broker.html?b696a0a1f

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.196 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

Software

BunnyCDN-DE1-565 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://core.arc.io/broker.html?b696a0a1f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:44 GMT
content-encoding: br
vary: Accept-Encoding
cdn-edgestorageid: 565
access-control-allow-origin: *
cdn-cachedat: 2021-02-11 03:02:40
cdn-pullzone: 196434
cdn-requestpullsuccess: True
last-modified: Tue, 26 Jan 2021 22:29:14 GMT
server: BunnyCDN-DE1-565
cdn-requestpullcode: 200
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control: max-age=2592000, public
cdn-requestid: 05a12898d5cffd061a078df25a7068f4
cdn-requestcountrycode: PL
expires: Sat, 13 Mar 2021 02:02:40 GMT

GET
H2 200 lazy-modules.c61ab2d8.js
static.arc.io/broker/js/ Frame CF33 0
16 KB 3447ms
124ms Other
application/javascript 185.59.220.196
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL

https://static.arc.io/broker/js/lazy-modules.c61ab2d8.js

Requested by

Host: core.arc.io
URL: https://core.arc.io/broker.html?b696a0a1f

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.196 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

Software

BunnyCDN-DE1-565 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://core.arc.io/broker.html?b696a0a1f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:44 GMT
content-encoding: br
vary: Accept-Encoding
cdn-edgestorageid: 722
access-control-allow-origin: *
cdn-cachedat: 2021-02-01 13:33:50
cdn-pullzone: 196434
cdn-requestpullsuccess: True
last-modified: Tue, 26 Jan 2021 22:29:14 GMT
server: BunnyCDN-DE1-565
cdn-requestpullcode: 200
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control: max-age=2592000, public
cdn-requestid: ab05790f511603bbfbeca583dadcbcec
cdn-requestcountrycode: PL
expires: Wed, 03 Mar 2021 12:33:50 GMT

GET
H/1.1 200
OK size4.css
mellowads.com/css/ Frame 4647 1 KB
1 KB 18ms
17ms Stylesheet
text/css 2606:4700::6810:8916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mellowads.com/css/size4.css?v18
Requested by: Host: mellowads.com
URL: https://mellowads.com/view/4438AA8AF364
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21de9b90173dd3bd8c897b2c173617ffc15eed321a42b0f9c0b68dda34399ea5

Request headers

Referer: https://mellowads.com/view/4438AA8AF364
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 15:33:41 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 4337
Cf-Polished: origSize=1482
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 08809278b400002484ea268000000001
Last-Modified: Wed, 15 Nov 2017 09:57:33 GMT
Server: cloudflare
ETag: W/"b5b87228f85dd31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: text/css
Expires: Mon, 29 Mar 2021 15:33:41 GMT
Cache-Control: public, max-age=2678400
CF-RAY: 627ab9d458b62484-FRA
Cf-Bgj: minify

GET
H/1.1 200
OK minibrand.png
mellowads.com/img/ Frame 4647 880 B
2 KB 15ms
14ms Image
image/png 2606:4700::6810:8916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mellowads.com/img/minibrand.png
Requested by: Host: mellowads.com
URL: https://mellowads.com/view/4438AA8AF364
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e14c1a668a02a6e7d92ccef711b8ecb2d73523c4c2f41f6ec4218da1953c0f0

Request headers

Referer: https://mellowads.com/view/4438AA8AF364
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 15:33:41 GMT
CF-Cache-Status: HIT
Age: 214566
Cf-Polished: status=not_needed
Connection: keep-alive
Content-Length: 880
cf-request-id: 08809278b700002b71c90a7000000001
Last-Modified: Wed, 15 Nov 2017 09:57:38 GMT
Server: cloudflare
ETag: "db70512bf85dd31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/png
Expires: Mon, 29 Mar 2021 15:33:41 GMT
Cache-Control: public, max-age=2678400
Accept-Ranges: bytes
CF-RAY: 627ab9d45c9f2b71-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK B05ABE0C8DCF.gif
banners.mellowads.com/ads/ Frame 4647 125 KB
126 KB 38ms
17ms Image
image/gif 2606:4700::6810:8916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banners.mellowads.com/ads/B05ABE0C8DCF.gif
Requested by: Host: mellowads.com
URL: https://mellowads.com/view/4438AA8AF364
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a68c390da50baf3d51a8c3bf88336ddd68a1ef0180afc8f8da3a7b57b6f46431

Request headers

Referer: https://mellowads.com/view/4438AA8AF364
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 15:33:41 GMT
CF-Cache-Status: HIT
Age: 214565
Cf-Polished: status=not_needed
Connection: keep-alive
Content-Length: 128119
cf-request-id: 08809278c90000062db10b0000000001
Last-Modified: Wed, 20 May 2020 12:09:37 GMT
Server: cloudflare
ETag: "b1150889f2ed61:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/gif
Expires: Mon, 29 Mar 2021 15:33:41 GMT
Cache-Control: public, max-age=2678400
Accept-Ranges: bytes
CF-RAY: 627ab9d47af7062d-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK size4.css
mellowads.com/css/ Frame 7B4F 1 KB
1 KB 14ms
13ms Stylesheet
text/css 2606:4700::6810:8916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mellowads.com/css/size4.css?v18
Requested by: Host: mellowads.com
URL: https://mellowads.com/view/D3F1CA4E8E85
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21de9b90173dd3bd8c897b2c173617ffc15eed321a42b0f9c0b68dda34399ea5

Request headers

Referer: https://mellowads.com/view/D3F1CA4E8E85
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 15:33:41 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 4337
Cf-Polished: origSize=1482
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 08809278c00000176a39a63000000001
Last-Modified: Wed, 15 Nov 2017 09:57:33 GMT
Server: cloudflare
ETag: W/"b5b87228f85dd31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: text/css
Expires: Mon, 29 Mar 2021 15:33:41 GMT
Cache-Control: public, max-age=2678400
CF-RAY: 627ab9d46de9176a-FRA
Cf-Bgj: minify

GET
H/1.1 200
OK minibrand.png
mellowads.com/img/ Frame 7B4F 880 B
2 KB 12ms
11ms Image
image/png 2606:4700::6810:8916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mellowads.com/img/minibrand.png
Requested by: Host: mellowads.com
URL: https://mellowads.com/view/D3F1CA4E8E85
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e14c1a668a02a6e7d92ccef711b8ecb2d73523c4c2f41f6ec4218da1953c0f0

Request headers

Referer: https://mellowads.com/view/D3F1CA4E8E85
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 15:33:41 GMT
CF-Cache-Status: HIT
Age: 214566
Cf-Polished: status=not_needed
Connection: keep-alive
Content-Length: 880
cf-request-id: 08809278c00000176e46a11000000001
Last-Modified: Wed, 15 Nov 2017 09:57:38 GMT
Server: cloudflare
ETag: "db70512bf85dd31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/png
Expires: Mon, 29 Mar 2021 15:33:41 GMT
Cache-Control: public, max-age=2678400
Accept-Ranges: bytes
CF-RAY: 627ab9d46b72176e-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK 70A8DD966B90.gif
banners.mellowads.com/ads/ Frame 7B4F 48 KB
48 KB 36ms
14ms Image
image/gif 2606:4700::6810:8916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banners.mellowads.com/ads/70A8DD966B90.gif
Requested by: Host: mellowads.com
URL: https://mellowads.com/view/D3F1CA4E8E85
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbcc8ad11f96d21cfc94629b8f6e50a94260561eac53cc2cf5aa15c1ed7021ef

Request headers

Referer: https://mellowads.com/view/D3F1CA4E8E85
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 15:33:41 GMT
CF-Cache-Status: HIT
Age: 141229
Cf-Polished: origSize=48899
Connection: keep-alive
Content-Length: 48783
cf-request-id: 08809278d700004eb008999000000001
Last-Modified: Thu, 30 Jul 2020 18:49:03 GMT
Server: cloudflare
ETag: "a4e28d18a266d61:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/gif
Expires: Mon, 29 Mar 2021 15:33:41 GMT
Cache-Control: public, max-age=2678400
Accept-Ranges: bytes
CF-RAY: 627ab9d4895f4eb0-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK size0.css
mellowads.com/css/ Frame E43A 395 B
1 KB 19ms
11ms Stylesheet
text/css 2606:4700::6810:8916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mellowads.com/css/size0.css?v18
Requested by: Host: mellowads.com
URL: https://mellowads.com/view/09E96B9DB3FA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab678728d50221c34ab637a8db8060f2d87621fced24a19b1f41ee4ca6a3e3ff

Request headers

Referer: https://mellowads.com/view/09E96B9DB3FA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 15:33:41 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 1887
Cf-Polished: origSize=593
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 08809278c900002b71f8a06000000001
Last-Modified: Wed, 15 Nov 2017 09:57:32 GMT
Server: cloudflare
ETag: W/"aaacc827f85dd31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: text/css
Expires: Mon, 29 Mar 2021 15:33:41 GMT
Cache-Control: public, max-age=2678400
CF-RAY: 627ab9d47cfe2b71-FRA
Cf-Bgj: minify

GET
H/1.1 200
OK minibrand.png
mellowads.com/img/ Frame E43A 880 B
2 KB 14ms
11ms Image
image/png 2606:4700::6810:8916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mellowads.com/img/minibrand.png
Requested by: Host: mellowads.com
URL: https://mellowads.com/view/09E96B9DB3FA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e14c1a668a02a6e7d92ccef711b8ecb2d73523c4c2f41f6ec4218da1953c0f0

Request headers

Referer: https://mellowads.com/view/09E96B9DB3FA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 15:33:41 GMT
CF-Cache-Status: HIT
Age: 214566
Cf-Polished: status=not_needed
Connection: keep-alive
Content-Length: 880
cf-request-id: 08809278c400004e50b1149000000001
Last-Modified: Wed, 15 Nov 2017 09:57:38 GMT
Server: cloudflare
ETag: "db70512bf85dd31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/png
Expires: Mon, 29 Mar 2021 15:33:41 GMT
Cache-Control: public, max-age=2678400
Accept-Ranges: bytes
CF-RAY: 627ab9d46c2c4e50-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK size4.css
mellowads.com/css/ Frame EDC1 1 KB
1 KB 18ms
13ms Stylesheet
text/css 2606:4700::6810:8916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mellowads.com/css/size4.css?v18
Requested by: Host: mellowads.com
URL: https://mellowads.com/view/32290922BCDE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21de9b90173dd3bd8c897b2c173617ffc15eed321a42b0f9c0b68dda34399ea5

Request headers

Referer: https://mellowads.com/view/32290922BCDE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 15:33:41 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 4337
Cf-Polished: origSize=1482
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 08809278ca00002484a32e0000000001
Last-Modified: Wed, 15 Nov 2017 09:57:33 GMT
Server: cloudflare
ETag: W/"b5b87228f85dd31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: text/css
Expires: Mon, 29 Mar 2021 15:33:41 GMT
Cache-Control: public, max-age=2678400
CF-RAY: 627ab9d478ee2484-FRA
Cf-Bgj: minify

GET
H/1.1 200
OK minibrand.png
mellowads.com/img/ Frame EDC1 880 B
2 KB 26ms
14ms Image
image/png 2606:4700::6810:8916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mellowads.com/img/minibrand.png
Requested by: Host: mellowads.com
URL: https://mellowads.com/view/32290922BCDE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e14c1a668a02a6e7d92ccef711b8ecb2d73523c4c2f41f6ec4218da1953c0f0

Request headers

Referer: https://mellowads.com/view/32290922BCDE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 15:33:41 GMT
CF-Cache-Status: HIT
Age: 214566
Cf-Polished: status=not_needed
Connection: keep-alive
Content-Length: 880
cf-request-id: 08809278d20000176a1b08c000000001
Last-Modified: Wed, 15 Nov 2017 09:57:38 GMT
Server: cloudflare
ETag: "db70512bf85dd31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/png
Expires: Mon, 29 Mar 2021 15:33:41 GMT
Cache-Control: public, max-age=2678400
Accept-Ranges: bytes
CF-RAY: 627ab9d48dfa176a-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK size0.css
mellowads.com/css/ Frame 64E9 395 B
1 KB 28ms
15ms Stylesheet
text/css 2606:4700::6810:8916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mellowads.com/css/size0.css?v18
Requested by: Host: mellowads.com
URL: https://mellowads.com/view/BAF35D15A54D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab678728d50221c34ab637a8db8060f2d87621fced24a19b1f41ee4ca6a3e3ff

Request headers

Referer: https://mellowads.com/view/BAF35D15A54D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 15:33:41 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 1887
Cf-Polished: origSize=593
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 08809278d40000176ebe2cb000000001
Last-Modified: Wed, 15 Nov 2017 09:57:32 GMT
Server: cloudflare
ETag: W/"aaacc827f85dd31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: text/css
Expires: Mon, 29 Mar 2021 15:33:41 GMT
Cache-Control: public, max-age=2678400
CF-RAY: 627ab9d48b95176e-FRA
Cf-Bgj: minify

GET
H/1.1 200
OK minibrand.png
mellowads.com/img/ Frame 64E9 880 B
2 KB 24ms
14ms Image
image/png 2606:4700::6810:8916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mellowads.com/img/minibrand.png
Requested by: Host: mellowads.com
URL: https://mellowads.com/view/BAF35D15A54D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e14c1a668a02a6e7d92ccef711b8ecb2d73523c4c2f41f6ec4218da1953c0f0

Request headers

Referer: https://mellowads.com/view/BAF35D15A54D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 15:33:41 GMT
CF-Cache-Status: HIT
Age: 214566
Cf-Polished: status=not_needed
Connection: keep-alive
Content-Length: 880
cf-request-id: 08809278d200004e5082150000000001
Last-Modified: Wed, 15 Nov 2017 09:57:38 GMT
Server: cloudflare
ETag: "db70512bf85dd31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/png
Expires: Mon, 29 Mar 2021 15:33:41 GMT
Cache-Control: public, max-age=2678400
Accept-Ranges: bytes
CF-RAY: 627ab9d48c534e50-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK CACB3CB80637.gif
banners.mellowads.com/ads/ Frame 64E9 65 KB
65 KB 49ms
33ms Image
image/gif 2606:4700::6810:8916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banners.mellowads.com/ads/CACB3CB80637.gif
Requested by: Host: mellowads.com
URL: https://mellowads.com/view/BAF35D15A54D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fa232a21d87a8f414d57819642249d553cb2067cf6e182fe6e251933cf23b38

Request headers

Referer: https://mellowads.com/view/BAF35D15A54D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 15:33:41 GMT
CF-Cache-Status: HIT
Age: 890505
Cf-Polished: status=not_needed
Connection: keep-alive
Content-Length: 66166
cf-request-id: 08809278da00004a8be58a6000000001
Last-Modified: Wed, 20 May 2020 12:13:46 GMT
Server: cloudflare
ETag: "731aa61ca02ed61:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/gif
Expires: Mon, 29 Mar 2021 15:33:41 GMT
Cache-Control: public, max-age=2678400
Accept-Ranges: bytes
CF-RAY: 627ab9d48c594a8b-FRA
Cf-Bgj: imgq:100,h2pri

GET
H2 200 integrator.js Show response
adservice.google.com.pk/adsid/ Frame A729 107 B
799 B 54ms
28ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.pk/adsid/integrator.js?domain=1xbtc.io

Requested by

Host: www.adthurst.com
URL: https://www.adthurst.com/display/index.php?page=query/items/&aduid=35&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=e99122407a2426de72db562bf87eec45&time=1614353620&deliver=clixblue.com&search_keywords=&page_referrer=aHR0cHM6Ly93d3cuY2xpeGJsdWUuY29tLw==&page_title=Clixblue%20-%20Get%20some%20Blue%20into%20your%20pockets&meta_description=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.adthurst.com/display/index.php?page=query/items/&aduid=35&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=e99122407a2426de72db562bf87eec45&time=1614353620&deliver=clixblue.com&search_keywords=&page_referrer=aHR0cHM6Ly93d3cuY2xpeGJsdWUuY29tLw==&page_title=Clixblue%20-%20Get%20some%20Blue%20into%20your%20pockets&meta_description=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Feb 2021 15:33:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame A729 107 B
165 B 28ms
27ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=1xbtc.io

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.adthurst.com/display/index.php?page=query/items/&aduid=35&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=e99122407a2426de72db562bf87eec45&time=1614353620&deliver=clixblue.com&search_keywords=&page_referrer=aHR0cHM6Ly93d3cuY2xpeGJsdWUuY29tLw==&page_title=Clixblue%20-%20Get%20some%20Blue%20into%20your%20pockets&meta_description=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Feb 2021 15:33:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 jquery.min.js Show response
www.adthurst.com/display/js/ Frame A729 243 KB
68 KB 23ms
22ms Script
application/javascript 2606:4700:3033::ac43:d97d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.adthurst.com/display/js/jquery.min.js
Requested by: Host: www.adthurst.com
URL: https://www.adthurst.com/display/index.php?page=query/items/&aduid=35&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=e99122407a2426de72db562bf87eec45&time=1614353620&deliver=clixblue.com&search_keywords=&page_referrer=aHR0cHM6Ly93d3cuY2xpeGJsdWUuY29tLw==&page_title=Clixblue%20-%20Get%20some%20Blue%20into%20your%20pockets&meta_description=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:d97d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0047f2b4e58d50cd286045db5a9a694d843c551e96e92f7bcd10bf2e111149f2

Request headers

Referer: https://www.adthurst.com/display/index.php?page=query/items/&aduid=35&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=e99122407a2426de72db562bf87eec45&time=1614353620&deliver=clixblue.com&search_keywords=&page_referrer=aHR0cHM6Ly93d3cuY2xpeGJsdWUuY29tLw==&page_title=Clixblue%20-%20Get%20some%20Blue%20into%20your%20pockets&meta_description=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 15 Jun 2020 12:51:32 GMT
server: cloudflare
age: 1505
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zRrGzVWecNBPxhtGkCd69S%2BpBFwmSkv%2Fo3gxTcD4N9drBERn3wKavG0PN%2FbU5VYLoDVpvuJOTRxhfXIlxdo%2B5V6PkZgzbjCYZZpF7QYUoRLaEiZtZNbBnqcYfzYn"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 627ab9d69cbc4ed9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0880927a1d00004ed945b3b000000001

GET
H2 200 data.png
www.adthurst.com/images/ Frame A729 931 B
1 KB 26ms
17ms Image
image/png 2606:4700:3033::ac43:d97d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.adthurst.com/images/data.png
Requested by: Host: www.adthurst.com
URL: https://www.adthurst.com/display/index.php?page=query/items/&aduid=35&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=e99122407a2426de72db562bf87eec45&time=1614353620&deliver=clixblue.com&search_keywords=&page_referrer=aHR0cHM6Ly93d3cuY2xpeGJsdWUuY29tLw==&page_title=Clixblue%20-%20Get%20some%20Blue%20into%20your%20pockets&meta_description=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:d97d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f65dd0ed5ab0097e2cb276b346ccfaddb2a9134c9278af39c6a24cd821fce06f

Request headers

Referer: https://www.adthurst.com/display/index.php?page=query/items/&aduid=35&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=e99122407a2426de72db562bf87eec45&time=1614353620&deliver=clixblue.com&search_keywords=&page_referrer=aHR0cHM6Ly93d3cuY2xpeGJsdWUuY29tLw==&page_title=Clixblue%20-%20Get%20some%20Blue%20into%20your%20pockets&meta_description=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:41 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1548
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 931
cf-request-id: 0880927ab900004ed969974000000001
last-modified: Mon, 15 Jun 2020 12:51:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5xgL7bT9Qb3ajXCju55Nr3atIPAh7uTPLw22ePwbGYojbHIKQKNjqNH0zz223sfGZhegxU01L1olnMc4Cvy4lAlI%2BC8zUGbcQn8AFoSHvU00gt2MM3fyP4IS2tKH"}],"max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 627ab9d78e754ed9-FRA

GET
H2 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/ Frame A729 141 KB
51 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/reactive_library_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3fba32560ae5021cadb1fb9d1a0c7deb49e6e62a460f2e65bf67ad4e3c4bf02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.adthurst.com/display/index.php?page=query/items/&aduid=35&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=e99122407a2426de72db562bf87eec45&time=1614353620&deliver=clixblue.com&search_keywords=&page_referrer=aHR0cHM6Ly93d3cuY2xpeGJsdWUuY29tLw==&page_title=Clixblue%20-%20Get%20some%20Blue%20into%20your%20pockets&meta_description=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 51872
x-xss-protection: 0
server: cafe
etag: 14133287640318024660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Feb 2021 15:33:41 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame A729 74 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ba484681d0972c8f5fdd10ab0986c9fa68a6511ef29684db473cc2fab186e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.adthurst.com/display/index.php?page=query/items/&aduid=35&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=e99122407a2426de72db562bf87eec45&time=1614353620&deliver=clixblue.com&search_keywords=&page_referrer=aHR0cHM6Ly93d3cuY2xpeGJsdWUuY29tLw==&page_title=Clixblue%20-%20Get%20some%20Blue%20into%20your%20pockets&meta_description=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614169937710944"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28419
x-xss-protection: 0
expires: Fri, 26 Feb 2021 15:33:41 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame A729 114 B
174 B 89ms
79ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=1xbtc.io&callback=_gfp_s_&client=ca-pub-3528081563288327&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

3a4c28d3a7d5a965f4d8d1bc7ccc0839c1684cd8b0d6fbed7c593d933910905c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.adthurst.com/display/index.php?page=query/items/&aduid=35&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=e99122407a2426de72db562bf87eec45&time=1614353620&deliver=clixblue.com&search_keywords=&page_referrer=aHR0cHM6Ly93d3cuY2xpeGJsdWUuY29tLw==&page_title=Clixblue%20-%20Get%20some%20Blue%20into%20your%20pockets&meta_description=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/ Frame A729 227 KB
85 KB 42ms
33ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df209fcebac38b3fbd1de0599707e5d5ccd6ff272d14f30a8990cfc262e151de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.adthurst.com/display/index.php?page=query/items/&aduid=35&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=e99122407a2426de72db562bf87eec45&time=1614353620&deliver=clixblue.com&search_keywords=&page_referrer=aHR0cHM6Ly93d3cuY2xpeGJsdWUuY29tLw==&page_title=Clixblue%20-%20Get%20some%20Blue%20into%20your%20pockets&meta_description=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 87193
x-xss-protection: 0
server: cafe
etag: 8066595472758703697
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Feb 2021 15:33:41 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A729 138 KB
48 KB 33ms
25ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ceb7d8bd86090ef7c0598b8e51c8786a553aff03223c25d58de6dac1b246e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.adthurst.com/display/index.php?page=query/items/&aduid=35&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=e99122407a2426de72db562bf87eec45&time=1614353620&deliver=clixblue.com&search_keywords=&page_referrer=aHR0cHM6Ly93d3cuY2xpeGJsdWUuY29tLw==&page_title=Clixblue%20-%20Get%20some%20Blue%20into%20your%20pockets&meta_description=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 49409
x-xss-protection: 0
server: cafe
etag: 3993680949290623300
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 26 Feb 2021 15:33:41 GMT

GET
H2 200 / Show response
cdn.bmcdn1.com/p/5e56816b6c7fa8946b9643a0/ Frame 661C 2 KB
1 KB 121ms
120ms Document
text/html 2606:4700:20::ac43:4801
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bmcdn1.com/p/5e56816b6c7fa8946b9643a0/?source=https%3A%2F%2Fwww.clixblue.com%2F&ref=&ent=&we=0&fid=50d068dd648bbd0251bb752174c02be2&fidnoua=ecc3663fbf086b87cf763b12b575e917&impid=a1c4fb280f3fa3e5e403569e414377db&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&sig=0x00000&blocksubid=0
Requested by: Host: cdn.bmcdn1.com
URL: https://cdn.bmcdn1.com/js/5e56816b6c7fa8946b9643a0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4801 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97c4df86df890dea3b3d0828291d7bae320f99e115580667b6867776e78decdf

Request headers

:method: GET
:authority: cdn.bmcdn1.com
:scheme: https
:path: /p/5e56816b6c7fa8946b9643a0/?source=https%3A%2F%2Fwww.clixblue.com%2F&ref=&ent=&we=0&fid=50d068dd648bbd0251bb752174c02be2&fidnoua=ecc3663fbf086b87cf763b12b575e917&impid=a1c4fb280f3fa3e5e403569e414377db&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&sig=0x00000&blocksubid=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.clixblue.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.clixblue.com/

Response headers

date: Fri, 26 Feb 2021 15:33:41 GMT
content-type: text/html
set-cookie: __cfduid=d86e6dbb50bbac0f72d88b724ac488c1f1614353621; expires=Sun, 28-Mar-21 15:33:41 GMT; path=/; domain=.bmcdn1.com; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-request-id: 0880927a8e00004e3ea5ab1000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qgI8kmISGl8SF%2BYvUFQzPv5XyePUDBIG2D4uhgGwY3GlIBcShLvUTuy%2BHiG%2FyEbBTbSb6uxtpJz1lXXA1O5Z%2B%2BeLI7V8sscGfWQi18dMvyKai5s6INiTLOsi%2BQ%3D%3D"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 627ab9d749504e3e-FRA
content-encoding: br

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B483 60 KB
23 KB 357ms
356ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=2.2.0.0.2.2.0.0&client=ca-pub-3528081563288327&output=html&h=250&slotname=9744456138&adk=2113135940&adf=3025194257&pi=t.ma~as.9744456138&w=300&lmt=1613213550&psa=1&format=300x250&url=http%3A%2F%2F1xbtc.io%2Fcrypto%2F&flash=0&wgl=1&dt=1613213561336&bpp=8&bdt=580&idt=538&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D&correlator=4356774016526&frm=20&pv=2&ga_vid=1670974488.1589047207&ga_sid=1613213562&ga_hid=1624293709&ga_fc=1&u_tz=300&u_his=5&u_java=0&u_h=831&u_w=1477&u_ah=831&u_aw=1477&u_cd=24&u_nplug=3&u_nmime=4&adx=8&ady=8&biw=1478&bih=759&scr_x=0&scr_y=0&eid=182984100%2C182984300%2C21068083%2C21068769%2C21068893%2C21068785&oid=3&pvsid=3651221640124249&pem=278&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1477%2C0%2C1477%2C831%2C1478%2C759&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=XUtcv4ORQR&p=http%3A//1xbtc.io&dtd=563

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81e47eeba11310f29f968b247106fd09ddfe41c7d3d94752be730675a1ba269f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=2.2.0.0.2.2.0.0&client=ca-pub-3528081563288327&output=html&h=250&slotname=9744456138&adk=2113135940&adf=3025194257&pi=t.ma~as.9744456138&w=300&lmt=1613213550&psa=1&format=300x250&url=http%3A%2F%2F1xbtc.io%2Fcrypto%2F&flash=0&wgl=1&dt=1613213561336&bpp=8&bdt=580&idt=538&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D&correlator=4356774016526&frm=20&pv=2&ga_vid=1670974488.1589047207&ga_sid=1613213562&ga_hid=1624293709&ga_fc=1&u_tz=300&u_his=5&u_java=0&u_h=831&u_w=1477&u_ah=831&u_aw=1477&u_cd=24&u_nplug=3&u_nmime=4&adx=8&ady=8&biw=1478&bih=759&scr_x=0&scr_y=0&eid=182984100%2C182984300%2C21068083%2C21068769%2C21068893%2C21068785&oid=3&pvsid=3651221640124249&pem=278&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1477%2C0%2C1477%2C831%2C1478%2C759&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=XUtcv4ORQR&p=http%3A//1xbtc.io&dtd=563
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.adthurst.com/display/index.php?page=query/items/&aduid=35&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=e99122407a2426de72db562bf87eec45&time=1614353620&deliver=clixblue.com&search_keywords=&page_referrer=aHR0cHM6Ly93d3cuY2xpeGJsdWUuY29tLw==&page_title=Clixblue%20-%20Get%20some%20Blue%20into%20your%20pockets&meta_description=
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmknA3u-moX9ysT0NAB5hYNS_QiCmDlwcEMGHLEmD4YdTjLM9SNAldB5u2DNVM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.adthurst.com/display/index.php?page=query/items/&aduid=35&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=e99122407a2426de72db562bf87eec45&time=1614353620&deliver=clixblue.com&search_keywords=&page_referrer=aHR0cHM6Ly93d3cuY2xpeGJsdWUuY29tLw==&page_title=Clixblue%20-%20Get%20some%20Blue%20into%20your%20pockets&meta_description=

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 26 Feb 2021 15:33:42 GMT
server: cafe
content-length: 23411
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F5BF 152 KB
39 KB 292ms
291ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=2.2.0.0.2.2.0.0&client=ca-pub-3528081563288327&output=html&adk=1812271804&adf=1573534164&lmt=1613213550&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2F1xbtc.io%2Fcrypto%2F&ea=0&flash=0&pra=7&wgl=1&dt=1613213561344&bpp=10&bdt=588&idt=567&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D&prev_fmts=300x250&nras=1&correlator=4356774016526&frm=20&pv=1&ga_vid=1670974488.1589047207&ga_sid=1613213562&ga_hid=1624293709&ga_fc=0&u_tz=300&u_his=5&u_java=0&u_h=831&u_w=1477&u_ah=831&u_aw=1477&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1478&bih=759&scr_x=0&scr_y=0&eid=182984100%2C182984300%2C21068083%2C21068769%2C21068893%2C21068785&oid=3&pvsid=3651221640124249&pem=278&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1477%2C0%2C1477%2C831%2C1478%2C759&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&dtd=575

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83e3f6cb8f13f4a8c796fc1056b348af529a1eaef82692f18991436cc0899df4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=2.2.0.0.2.2.0.0&client=ca-pub-3528081563288327&output=html&adk=1812271804&adf=1573534164&lmt=1613213550&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2F1xbtc.io%2Fcrypto%2F&ea=0&flash=0&pra=7&wgl=1&dt=1613213561344&bpp=10&bdt=588&idt=567&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D&prev_fmts=300x250&nras=1&correlator=4356774016526&frm=20&pv=1&ga_vid=1670974488.1589047207&ga_sid=1613213562&ga_hid=1624293709&ga_fc=0&u_tz=300&u_his=5&u_java=0&u_h=831&u_w=1477&u_ah=831&u_aw=1477&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1478&bih=759&scr_x=0&scr_y=0&eid=182984100%2C182984300%2C21068083%2C21068769%2C21068893%2C21068785&oid=3&pvsid=3651221640124249&pem=278&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1477%2C0%2C1477%2C831%2C1478%2C759&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&dtd=575
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.adthurst.com/display/index.php?page=query/items/&aduid=35&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=e99122407a2426de72db562bf87eec45&time=1614353620&deliver=clixblue.com&search_keywords=&page_referrer=aHR0cHM6Ly93d3cuY2xpeGJsdWUuY29tLw==&page_title=Clixblue%20-%20Get%20some%20Blue%20into%20your%20pockets&meta_description=
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmknA3u-moX9ysT0NAB5hYNS_QiCmDlwcEMGHLEmD4YdTjLM9SNAldB5u2DNVM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.adthurst.com/display/index.php?page=query/items/&aduid=35&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=e99122407a2426de72db562bf87eec45&time=1614353620&deliver=clixblue.com&search_keywords=&page_referrer=aHR0cHM6Ly93d3cuY2xpeGJsdWUuY29tLw==&page_title=Clixblue%20-%20Get%20some%20Blue%20into%20your%20pockets&meta_description=

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 26 Feb 2021 15:33:42 GMT
server: cafe
content-length: 40332
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/ Frame FCCD 10 KB
5 KB 9ms
7ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/zrt_lookup.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210211/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.adthurst.com/display/index.php?page=query/items/&aduid=35&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=e99122407a2426de72db562bf87eec45&time=1614353620&deliver=clixblue.com&search_keywords=&page_referrer=aHR0cHM6Ly93d3cuY2xpeGJsdWUuY29tLw==&page_title=Clixblue%20-%20Get%20some%20Blue%20into%20your%20pockets&meta_description=
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmknA3u-moX9ysT0NAB5hYNS_QiCmDlwcEMGHLEmD4YdTjLM9SNAldB5u2DNVM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.adthurst.com/display/index.php?page=query/items/&aduid=35&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=e99122407a2426de72db562bf87eec45&time=1614353620&deliver=clixblue.com&search_keywords=&page_referrer=aHR0cHM6Ly93d3cuY2xpeGJsdWUuY29tLw==&page_title=Clixblue%20-%20Get%20some%20Blue%20into%20your%20pockets&meta_description=

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 25 Feb 2021 16:31:41 GMT
expires: Thu, 11 Mar 2021 16:31:41 GMT
content-type: text/html; charset=UTF-8
etag: 6440208225989294717
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4777
x-xss-protection: 0
age: 82920
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/ Frame 740D 10 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210211/r20190131/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.adthurst.com/display/index.php?page=query/items/&aduid=35&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=e99122407a2426de72db562bf87eec45&time=1614353620&deliver=clixblue.com&search_keywords=&page_referrer=aHR0cHM6Ly93d3cuY2xpeGJsdWUuY29tLw==&page_title=Clixblue%20-%20Get%20some%20Blue%20into%20your%20pockets&meta_description=
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmknA3u-moX9ysT0NAB5hYNS_QiCmDlwcEMGHLEmD4YdTjLM9SNAldB5u2DNVM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.adthurst.com/display/index.php?page=query/items/&aduid=35&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=e99122407a2426de72db562bf87eec45&time=1614353620&deliver=clixblue.com&search_keywords=&page_referrer=aHR0cHM6Ly93d3cuY2xpeGJsdWUuY29tLw==&page_title=Clixblue%20-%20Get%20some%20Blue%20into%20your%20pockets&meta_description=

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 26 Feb 2021 06:09:55 GMT
expires: Fri, 12 Mar 2021 06:09:55 GMT
content-type: text/html; charset=UTF-8
etag: 6440208225989294717
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4777
x-xss-protection: 0
age: 33826
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/ Frame A729 227 KB
85 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3528081563288327&plah=www.adthurst.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f634b91be542081897250daa08ff62f5bdbd0d114a3485efe020d2c07f21fdc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.adthurst.com/display/index.php?page=query/items/&aduid=35&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=e99122407a2426de72db562bf87eec45&time=1614353620&deliver=clixblue.com&search_keywords=&page_referrer=aHR0cHM6Ly93d3cuY2xpeGJsdWUuY29tLw==&page_title=Clixblue%20-%20Get%20some%20Blue%20into%20your%20pockets&meta_description=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87195
x-xss-protection: 0
server: cafe
etag: 3111314854812010922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 26 Feb 2021 15:33:41 GMT

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ Frame 661C 884 B
1004 B 42ms
16ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?render=6LdV3HgUAAAAACYiz5ZDTI3X6PRiwnqmJPNrXNpG

Requested by

Host: cdn.bmcdn1.com
URL: https://cdn.bmcdn1.com/p/5e56816b6c7fa8946b9643a0/?source=https%3A%2F%2Fwww.clixblue.com%2F&ref=&ent=&we=0&fid=50d068dd648bbd0251bb752174c02be2&fidnoua=ecc3663fbf086b87cf763b12b575e917&impid=a1c4fb280f3fa3e5e403569e414377db&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&sig=0x00000&blocksubid=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

88e851e94bd5449b000b9a41f72551019e14e014d875517ee487b86280cc0bc2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.bmcdn1.com/p/5e56816b6c7fa8946b9643a0/?source=https%3A%2F%2Fwww.clixblue.com%2F&ref=&ent=&we=0&fid=50d068dd648bbd0251bb752174c02be2&fidnoua=ecc3663fbf086b87cf763b12b575e917&impid=a1c4fb280f3fa3e5e403569e414377db&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&sig=0x00000&blocksubid=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 587
x-xss-protection: 1; mode=block
expires: Fri, 26 Feb 2021 15:33:41 GMT

GET
H2 200 grecaptcha.js Show response
static.bmcdn1.com/js/ Frame 661C 1 KB
839 B 21ms
16ms Script
application/javascript 2606:4700:20::ac43:4801
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.bmcdn1.com/js/grecaptcha.js?v=v1.23.9
Requested by: Host: cdn.bmcdn1.com
URL: https://cdn.bmcdn1.com/p/5e56816b6c7fa8946b9643a0/?source=https%3A%2F%2Fwww.clixblue.com%2F&ref=&ent=&we=0&fid=50d068dd648bbd0251bb752174c02be2&fidnoua=ecc3663fbf086b87cf763b12b575e917&impid=a1c4fb280f3fa3e5e403569e414377db&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&sig=0x00000&blocksubid=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4801 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbfbfbd6dd6c5235592a2758e9e25d14b2bf0c92c466f6fb99f647a9190696d4

Request headers

Referer: https://cdn.bmcdn1.com/p/5e56816b6c7fa8946b9643a0/?source=https%3A%2F%2Fwww.clixblue.com%2F&ref=&ent=&we=0&fid=50d068dd648bbd0251bb752174c02be2&fidnoua=ecc3663fbf086b87cf763b12b575e917&impid=a1c4fb280f3fa3e5e403569e414377db&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&sig=0x00000&blocksubid=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Dec 2020 14:22:14 GMT
server: cloudflare
age: 7079
etag: W/"5fd38096-4d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qynsx8y63aKzOP57aAYAvQGe%2B8MNKJcMsonL%2BQ6TZMG9ceDBdmjaZ0PKPTvV24z%2B%2BoVSNEILx35pHEs6sa%2F%2FqkdfnkHgqqzxZO5HPbWomy0etoiZl13GajxRttgb9A%3D%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 627ab9d8cd124e3e-FRA
cf-request-id: 0880927b8200004e3edd9ab000000001

GET
H2 200 facebook.js Show response
static.bmcdn1.com/js/ Frame 661C 467 B
730 B 21ms
18ms Script
application/javascript 2606:4700:20::ac43:4801
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.bmcdn1.com/js/facebook.js?v=v1.23.9
Requested by: Host: cdn.bmcdn1.com
URL: https://cdn.bmcdn1.com/p/5e56816b6c7fa8946b9643a0/?source=https%3A%2F%2Fwww.clixblue.com%2F&ref=&ent=&we=0&fid=50d068dd648bbd0251bb752174c02be2&fidnoua=ecc3663fbf086b87cf763b12b575e917&impid=a1c4fb280f3fa3e5e403569e414377db&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&sig=0x00000&blocksubid=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4801 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cb463d045636d5163b6f07104cf3dc649c47dde299c74f4e41022c9e511cabe

Request headers

Referer: https://cdn.bmcdn1.com/p/5e56816b6c7fa8946b9643a0/?source=https%3A%2F%2Fwww.clixblue.com%2F&ref=&ent=&we=0&fid=50d068dd648bbd0251bb752174c02be2&fidnoua=ecc3663fbf086b87cf763b12b575e917&impid=a1c4fb280f3fa3e5e403569e414377db&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&sig=0x00000&blocksubid=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 28 Oct 2020 17:17:54 GMT
server: cloudflare
age: 7079
etag: W/"5f99a7c2-1d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mKsFSALvvU5ZmzUt9eIRxppQ88750Y9AM302ZI39jUS0JI9smI7LRqKIfAxVKR6OJZ%2B5411da4h5AWOoshFe5%2BZvQOggKxDpvR6CHNNkN9dZSOtS87g0wJ22LU%2F%2F2g%3D%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 627ab9d8cd0e4e3e-FRA
cf-request-id: 0880927b8200004e3efa87d000000001

GET
H2 200 basic.css
static.bmcdn1.com/css/ Frame 661C 2 KB
758 B 21ms
17ms Stylesheet
text/css 2606:4700:20::ac43:4801
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.bmcdn1.com/css/basic.css?v=v1.23.9
Requested by: Host: cdn.bmcdn1.com
URL: https://cdn.bmcdn1.com/p/5e56816b6c7fa8946b9643a0/?source=https%3A%2F%2Fwww.clixblue.com%2F&ref=&ent=&we=0&fid=50d068dd648bbd0251bb752174c02be2&fidnoua=ecc3663fbf086b87cf763b12b575e917&impid=a1c4fb280f3fa3e5e403569e414377db&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&sig=0x00000&blocksubid=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4801 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31b433ff737eab9512e7bb0bfb44619768f6b9590f5cc36d78fd03a147dd9582

Request headers

Referer: https://cdn.bmcdn1.com/p/5e56816b6c7fa8946b9643a0/?source=https%3A%2F%2Fwww.clixblue.com%2F&ref=&ent=&we=0&fid=50d068dd648bbd0251bb752174c02be2&fidnoua=ecc3663fbf086b87cf763b12b575e917&impid=a1c4fb280f3fa3e5e403569e414377db&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&sig=0x00000&blocksubid=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 10 Dec 2020 17:46:14 GMT
server: cloudflare
age: 7079
etag: W/"5fd25ee6-6c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JfNTW%2FSnbwQMPPaPkyCvD4%2BCMKN6AWHaPv%2FXfusGCzvgW3zxWKwO7CrdLar8YDaFycGB1gKAUhD8SqbiB1a8qMBACCUA5mx6yfr4av%2Bho%2F8DKfFP%2FrvxHqhdnW%2BS4A%3D%3D"}],"max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 627ab9d8cd094e3e-FRA
cf-request-id: 0880927b8100004e3e0838a000000001

GET
H2 200 img.css
static.bmcdn1.com/css/ Frame 661C 401 B
635 B 18ms
14ms Stylesheet
text/css 2606:4700:20::ac43:4801
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.bmcdn1.com/css/img.css?v=v1.23.9
Requested by: Host: cdn.bmcdn1.com
URL: https://cdn.bmcdn1.com/p/5e56816b6c7fa8946b9643a0/?source=https%3A%2F%2Fwww.clixblue.com%2F&ref=&ent=&we=0&fid=50d068dd648bbd0251bb752174c02be2&fidnoua=ecc3663fbf086b87cf763b12b575e917&impid=a1c4fb280f3fa3e5e403569e414377db&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&sig=0x00000&blocksubid=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4801 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a35210cbca0e6febd9e208d1aedcde494c3320f8d849521d4e77d38e04675e72

Request headers

Referer: https://cdn.bmcdn1.com/p/5e56816b6c7fa8946b9643a0/?source=https%3A%2F%2Fwww.clixblue.com%2F&ref=&ent=&we=0&fid=50d068dd648bbd0251bb752174c02be2&fidnoua=ecc3663fbf086b87cf763b12b575e917&impid=a1c4fb280f3fa3e5e403569e414377db&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&sig=0x00000&blocksubid=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Nov 2020 15:55:58 GMT
server: cloudflare
age: 7079
etag: W/"5fa17d8e-191"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DVd2v6XqkpQzqno1YYLRMa3rBwiTKMwARrmXZRLv6U%2BkaLoJcfZKou7%2FmVAyYWgp3s4hjb13naMoKmJXYW3q02NcTAAwRlVPkCiYyloSVVw7VttLiycn8c3gRoM7mg%3D%3D"}],"max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 627ab9d8cd044e3e-FRA
cf-request-id: 0880927b8100004e3e95995000000001

GET
H2 200 18be5350-6a01-11eb-8216-d9c37e972d7ae53552fe-d683-419b-af1c-88c4c0648d3f.png
media.bmcdn1.com/static/ Frame 661C 192 KB
193 KB 32ms
23ms Image
image/png 2606:4700:20::ac43:4801
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.bmcdn1.com/static/18be5350-6a01-11eb-8216-d9c37e972d7ae53552fe-d683-419b-af1c-88c4c0648d3f.png
Requested by: Host: cdn.bmcdn1.com
URL: https://cdn.bmcdn1.com/p/5e56816b6c7fa8946b9643a0/?source=https%3A%2F%2Fwww.clixblue.com%2F&ref=&ent=&we=0&fid=50d068dd648bbd0251bb752174c02be2&fidnoua=ecc3663fbf086b87cf763b12b575e917&impid=a1c4fb280f3fa3e5e403569e414377db&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&sig=0x00000&blocksubid=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4801 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76bd326b284a653901afc0182bf79777ae22a419855a0cd7cf94d6b3fda1861a

Request headers

Referer: https://cdn.bmcdn1.com/p/5e56816b6c7fa8946b9643a0/?source=https%3A%2F%2Fwww.clixblue.com%2F&ref=&ent=&we=0&fid=50d068dd648bbd0251bb752174c02be2&fidnoua=ecc3663fbf086b87cf763b12b575e917&impid=a1c4fb280f3fa3e5e403569e414377db&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&sig=0x00000&blocksubid=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:41 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 6807
content-length: 196927
cf-request-id: 0880927bb200004e3e0e116000000001
last-modified: Mon, 08 Feb 2021 11:30:50 GMT
server: cloudflare
etag: "602120ea-3013f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IpZIMAMegaMjx9QosNkrbnI18uEvRAfbQkTUXA68mtSPrk7ba%2Fq06Oer7nMGZWJqx624AIcrhCeXKyn2gM%2FXGNjaCo%2FgIMiQvKq%2BwW4NtLj8YsqoDNx9VyfN2k3W"}],"max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 627ab9d91dc04e3e-FRA

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/ Frame 661C 331 KB
129 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?render=6LdV3HgUAAAAACYiz5ZDTI3X6PRiwnqmJPNrXNpG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46c97699759b3239f2306f7d09df96131fb1044315b07cfdd62b66c2e4c0125b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://cdn.bmcdn1.com
Referer: https://cdn.bmcdn1.com/p/5e56816b6c7fa8946b9643a0/?source=https%3A%2F%2Fwww.clixblue.com%2F&ref=&ent=&we=0&fid=50d068dd648bbd0251bb752174c02be2&fidnoua=ecc3663fbf086b87cf763b12b575e917&impid=a1c4fb280f3fa3e5e403569e414377db&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&sig=0x00000&blocksubid=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 515
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132194
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 03:04:57 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Feb 2022 15:25:06 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 661C 91 KB
23 KB 8ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: static.bmcdn1.com
URL: https://static.bmcdn1.com/js/facebook.js?v=v1.23.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://cdn.bmcdn1.com/p/5e56816b6c7fa8946b9643a0/?source=https%3A%2F%2Fwww.clixblue.com%2F&ref=&ent=&we=0&fid=50d068dd648bbd0251bb752174c02be2&fidnoua=ecc3663fbf086b87cf763b12b575e917&impid=a1c4fb280f3fa3e5e403569e414377db&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&sig=0x00000&blocksubid=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: 9bwE6Z5uGxJZkqGg+youBPrqXzuDY0PGIY5CUc0j+8juJ3CwFuIfOdDcFuP6ceiPQ4uE5NbOIt39XHUF78I6Xw==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Fri, 26 Feb 2021 15:33:41 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 new_bm_logo_v2.svg
static.bmcdn1.com/img/ Frame 661C 675 B
860 B 24ms
22ms Image
image/svg+xml 2606:4700:20::ac43:4801
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bmcdn1.com/img/new_bm_logo_v2.svg
Requested by: Host: static.bmcdn1.com
URL: https://static.bmcdn1.com/css/basic.css?v=v1.23.9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4801 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5dad722ce42464ca6eeba6979cce9e699d33df3024b38282f34f104c123f6b9

Request headers

Referer: https://static.bmcdn1.com/css/basic.css?v=v1.23.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 17 Jan 2019 10:06:54 GMT
server: cloudflare
age: 5313
etag: W/"5c4053be-2a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=leVSVW9fiF5WO3VtiBQIUO0RTX8eqhexPoofnOBtx2Tbkf3Mu0r6rYf1ioBOZKJtiDwSIqHfg4rgz6tJC7UnjtW6lOmdf%2F6eJAnJHE%2Fsakspgt7%2BsLoYGMGDD7KflA%3D%3D"}],"max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 627ab9d91dc34e3e-FRA
cf-request-id: 0880927bb200004e3ea29ea000000001

GET
H2 200 by_bm_v2.svg
static.bmcdn1.com/img/ Frame 661C 4 KB
2 KB 31ms
29ms Image
image/svg+xml 2606:4700:20::ac43:4801
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bmcdn1.com/img/by_bm_v2.svg
Requested by: Host: static.bmcdn1.com
URL: https://static.bmcdn1.com/css/basic.css?v=v1.23.9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4801 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13709341c595645bf12fce15afd2d622beb3bfbc018d872d117432c87bf3f95b

Request headers

Referer: https://static.bmcdn1.com/css/basic.css?v=v1.23.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Oct 2020 11:45:28 GMT
server: cloudflare
age: 1053
etag: W/"5f883658-e03"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mPqWelfRh%2BspfxdwpaMhg8JpKK9rbUffDmdj90zbJs%2BlN7cW9SBbYj7j2IQL3y7tJLUdhWO14c6E2WASL%2B4%2FkEIn4baRl9k3LYvUYDJlFAjL4SYlRYU%2F1y8W09QOUQ%3D%3D"}],"max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 627ab9d91dc44e3e-FRA
cf-request-id: 0880927bb300004e3e000f4000000001

GET
H2 200 choice_v2.svg
static.bmcdn1.com/img/ Frame 661C 351 B
537 B 31ms
29ms Image
image/svg+xml 2606:4700:20::ac43:4801
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bmcdn1.com/img/choice_v2.svg
Requested by: Host: static.bmcdn1.com
URL: https://static.bmcdn1.com/css/basic.css?v=v1.23.9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4801 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06bc03e4f5a5277ac8d3d697b8dee3a3cfdf698b96a7ebe6d1027fe0e01ec199

Request headers

Referer: https://static.bmcdn1.com/css/basic.css?v=v1.23.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Oct 2020 11:44:30 GMT
server: cloudflare
age: 5313
etag: W/"5f88361e-15f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KYbUhrx8wBz%2BGxhSQVUwKfkV6uuE3V5PfCc3K225kg4ch6PrucREeMyP9V1SaxOJP5xsyuCCYgBysXYLfRZ8DLMEnbpHj2IEOYH0vEAkK57udnbikjD%2FCwywFIiliw%3D%3D"}],"max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 627ab9d91dc54e3e-FRA
cf-request-id: 0880927bb300004e3e0d216000000001

GET
H2 200 choices_v2.svg
static.bmcdn1.com/img/ Frame 661C 2 KB
1 KB 31ms
30ms Image
image/svg+xml 2606:4700:20::ac43:4801
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bmcdn1.com/img/choices_v2.svg
Requested by: Host: static.bmcdn1.com
URL: https://static.bmcdn1.com/css/basic.css?v=v1.23.9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4801 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 967af3993132271f062ec7da3ac3ed4290536b65bac071c7c30f7ae3ff83ac48

Request headers

Referer: https://static.bmcdn1.com/css/basic.css?v=v1.23.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Oct 2020 11:45:54 GMT
server: cloudflare
age: 5309
etag: W/"5f883672-892"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pn5uWhWXxlx1%2FTeFeCR9xcTiJsVmKE3Uz%2FjIshvbFk5dhcswEsD2HRmo0kOmDiCVMGoMVr22isyBgNKhDmEWf7O58Xg2HKW3EoPsFCnXCbY5kxrrM6UkVDiYumNM1w%3D%3D"}],"max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 627ab9d91dc64e3e-FRA
cf-request-id: 0880927bb300004e3eb180e000000001

GET
H2 200 2199626567028208 Show response
connect.facebook.net/signals/config/ Frame 661C 241 KB
70 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2199626567028208?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ca81eda30e45c6ae8d16e07c9ca5c196d5689be5c03ee6033ee20f213017bb84

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://cdn.bmcdn1.com/p/5e56816b6c7fa8946b9643a0/?source=https%3A%2F%2Fwww.clixblue.com%2F&ref=&ent=&we=0&fid=50d068dd648bbd0251bb752174c02be2&fidnoua=ecc3663fbf086b87cf763b12b575e917&impid=a1c4fb280f3fa3e5e403569e414377db&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&sig=0x00000&blocksubid=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70822
x-fb-rlafr: 0
pragma: public
x-fb-debug: LXNMRoAMW1FH2uzRBs9uLryRkybyA9OfoWvTRvSOu68dLhXtxhWE3/sa7L6e2YqJZVNgrMNuFNFPa18TtIWtlA==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Fri, 26 Feb 2021 15:33:42 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 1078292794
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 anchor Show response
www.google.com/recaptcha/api2/ Frame F4F2 19 KB
10 KB 25ms
25ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdV3HgUAAAAACYiz5ZDTI3X6PRiwnqmJPNrXNpG&co=aHR0cHM6Ly9jZG4uYm1jZG4xLmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=x7xc9zt42ai5

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d6bfb73b4114f5ab01f594decca5629c81cad999d141c37a52f3f7f59c75058c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pqNYiIUytG+chBcv/dL4mA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LdV3HgUAAAAACYiz5ZDTI3X6PRiwnqmJPNrXNpG&co=aHR0cHM6Ly9jZG4uYm1jZG4xLmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=x7xc9zt42ai5
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.bmcdn1.com/p/5e56816b6c7fa8946b9643a0/?source=https%3A%2F%2Fwww.clixblue.com%2F&ref=&ent=&we=0&fid=50d068dd648bbd0251bb752174c02be2&fidnoua=ecc3663fbf086b87cf763b12b575e917&impid=a1c4fb280f3fa3e5e403569e414377db&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&sig=0x00000&blocksubid=0
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=210=TikqXaiQ4YBgXP52rq-SSPldOgEv0jbCVhzbzyI0p9Dy6yAoJG4MXhECFhWGOPCE78x0X3jF3Kdo0VCjjXzrhwZanIxSjNIBZsuX3eHYtNbAbfGHN1ES3m7ZdUf9uB0Q_jZfEv3d5etM33dC8kCx-BNYrKtQuB12UsN_iFIXyC4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://cdn.bmcdn1.com/p/5e56816b6c7fa8946b9643a0/?source=https%3A%2F%2Fwww.clixblue.com%2F&ref=&ent=&we=0&fid=50d068dd648bbd0251bb752174c02be2&fidnoua=ecc3663fbf086b87cf763b12b575e917&impid=a1c4fb280f3fa3e5e403569e414377db&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&sig=0x00000&blocksubid=0

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Feb 2021 15:33:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-pqNYiIUytG+chBcv/dL4mA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9910
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
www.facebook.com/tr/ Frame 661C 44 B
261 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2199626567028208&ev=PageView&dl=https%3A%2F%2Fcdn.bmcdn1.com%2Fp%2F5e56816b6c7fa8946b9643a0%2F%3Fsource%3Dhttps%253A%252F%252Fwww.clixblue.com%252F%26ref%3D%26ent%3D%26we%3D0%26fid%3D50d068dd648bbd0251bb752174c02be2%26fidnoua%3Decc3663fbf086b87cf763b12b575e917%26impid%3Da1c4fb280f3fa3e5e403569e414377db%26ua%3DMozilla%252F5.0%2520(Macintosh%253B%2520Intel%2520Mac%2520OS%2520X%252010_14_5)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F83.0.4103.61%2520Safari%252F537.36%26sig%3D0x00000%26blocksubid%3D0&rl=https%3A%2F%2Fwww.clixblue.com%2F&if=true&ts=1614353622743&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&it=1614353622012&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cdn.bmcdn1.com/p/5e56816b6c7fa8946b9643a0/?source=https%3A%2F%2Fwww.clixblue.com%2F&ref=&ent=&we=0&fid=50d068dd648bbd0251bb752174c02be2&fidnoua=ecc3663fbf086b87cf763b12b575e917&impid=a1c4fb280f3fa3e5e403569e414377db&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&sig=0x00000&blocksubid=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 26 Feb 2021 15:33:42 GMT

GET
H2 200 bundle.min.js Show response
browser.sentry-cdn.com/5.9.1/ 51 KB
16 KB 47ms
16ms Script
application/javascript 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/5.9.1/bundle.min.js

Requested by

Host: arc.io
URL: https://arc.io/widget.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

297ea7466b446d1c83023e7713b8619a49ce814ef877b1aa8aed20f7a0bdd1a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:42 GMT
content-encoding: gzip
last-modified: Tue, 19 Nov 2019 10:29:47 GMT
server: Fastly
age: 13405467
etag: "31ff343b783ff902ada3a13c10d5cb2d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 16243
expires: Fri, 24 Sep 2021 11:49:16 GMT

GET
H2 200 9095861656793670284
tpc.googlesyndication.com/daca_images/simgad/ Frame B483 35 KB
35 KB 13ms
7ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/9095861656793670284

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=2.2.0.0.2.2.0.0&client=ca-pub-3528081563288327&output=html&h=250&slotname=9744456138&adk=2113135940&adf=3025194257&pi=t.ma~as.9744456138&w=300&lmt=1613213550&psa=1&format=300x250&url=http%3A%2F%2F1xbtc.io%2Fcrypto%2F&flash=0&wgl=1&dt=1613213561336&bpp=8&bdt=580&idt=538&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D&correlator=4356774016526&frm=20&pv=2&ga_vid=1670974488.1589047207&ga_sid=1613213562&ga_hid=1624293709&ga_fc=1&u_tz=300&u_his=5&u_java=0&u_h=831&u_w=1477&u_ah=831&u_aw=1477&u_cd=24&u_nplug=3&u_nmime=4&adx=8&ady=8&biw=1478&bih=759&scr_x=0&scr_y=0&eid=182984100%2C182984300%2C21068083%2C21068769%2C21068893%2C21068785&oid=3&pvsid=3651221640124249&pem=278&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1477%2C0%2C1477%2C831%2C1478%2C759&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=XUtcv4ORQR&p=http%3A//1xbtc.io&dtd=563

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

102c2095316e25201a7930023956c4efc09b7a1a03e024c2b230a7adeda34eb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=2.2.0.0.2.2.0.0&client=ca-pub-3528081563288327&output=html&h=250&slotname=9744456138&adk=2113135940&adf=3025194257&pi=t.ma~as.9744456138&w=300&lmt=1613213550&psa=1&format=300x250&url=http%3A%2F%2F1xbtc.io%2Fcrypto%2F&flash=0&wgl=1&dt=1613213561336&bpp=8&bdt=580&idt=538&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D&correlator=4356774016526&frm=20&pv=2&ga_vid=1670974488.1589047207&ga_sid=1613213562&ga_hid=1624293709&ga_fc=1&u_tz=300&u_his=5&u_java=0&u_h=831&u_w=1477&u_ah=831&u_aw=1477&u_cd=24&u_nplug=3&u_nmime=4&adx=8&ady=8&biw=1478&bih=759&scr_x=0&scr_y=0&eid=182984100%2C182984300%2C21068083%2C21068769%2C21068893%2C21068785&oid=3&pvsid=3651221640124249&pem=278&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1477%2C0%2C1477%2C831%2C1478%2C759&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=XUtcv4ORQR&p=http%3A//1xbtc.io&dtd=563
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 00:16:19 GMT
x-content-type-options: nosniff
age: 141443
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35890
x-xss-protection: 0
last-modified: Wed, 17 Feb 2021 13:58:48 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Feb 2022 00:16:19 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/ Frame B483 18 KB
7 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=2.2.0.0.2.2.0.0&client=ca-pub-3528081563288327&output=html&h=250&slotname=9744456138&adk=2113135940&adf=3025194257&pi=t.ma~as.9744456138&w=300&lmt=1613213550&psa=1&format=300x250&url=http%3A%2F%2F1xbtc.io%2Fcrypto%2F&flash=0&wgl=1&dt=1613213561336&bpp=8&bdt=580&idt=538&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D&correlator=4356774016526&frm=20&pv=2&ga_vid=1670974488.1589047207&ga_sid=1613213562&ga_hid=1624293709&ga_fc=1&u_tz=300&u_his=5&u_java=0&u_h=831&u_w=1477&u_ah=831&u_aw=1477&u_cd=24&u_nplug=3&u_nmime=4&adx=8&ady=8&biw=1478&bih=759&scr_x=0&scr_y=0&eid=182984100%2C182984300%2C21068083%2C21068769%2C21068893%2C21068785&oid=3&pvsid=3651221640124249&pem=278&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1477%2C0%2C1477%2C831%2C1478%2C759&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=XUtcv4ORQR&p=http%3A//1xbtc.io&dtd=563
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:29:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 275
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 18079855114753437313
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 Mar 2021 15:29:07 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame B483 3 KB
2 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=2.2.0.0.2.2.0.0&client=ca-pub-3528081563288327&output=html&h=250&slotname=9744456138&adk=2113135940&adf=3025194257&pi=t.ma~as.9744456138&w=300&lmt=1613213550&psa=1&format=300x250&url=http%3A%2F%2F1xbtc.io%2Fcrypto%2F&flash=0&wgl=1&dt=1613213561336&bpp=8&bdt=580&idt=538&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D&correlator=4356774016526&frm=20&pv=2&ga_vid=1670974488.1589047207&ga_sid=1613213562&ga_hid=1624293709&ga_fc=1&u_tz=300&u_his=5&u_java=0&u_h=831&u_w=1477&u_ah=831&u_aw=1477&u_cd=24&u_nplug=3&u_nmime=4&adx=8&ady=8&biw=1478&bih=759&scr_x=0&scr_y=0&eid=182984100%2C182984300%2C21068083%2C21068769%2C21068893%2C21068785&oid=3&pvsid=3651221640124249&pem=278&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1477%2C0%2C1477%2C831%2C1478%2C759&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=XUtcv4ORQR&p=http%3A//1xbtc.io&dtd=563
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:32:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 Mar 2021 15:32:07 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B483 107 KB
33 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c2fd04bc7557ff3208e06324dba5f6e0538554a026630abba81dbb398a5a27d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=2.2.0.0.2.2.0.0&client=ca-pub-3528081563288327&output=html&h=250&slotname=9744456138&adk=2113135940&adf=3025194257&pi=t.ma~as.9744456138&w=300&lmt=1613213550&psa=1&format=300x250&url=http%3A%2F%2F1xbtc.io%2Fcrypto%2F&flash=0&wgl=1&dt=1613213561336&bpp=8&bdt=580&idt=538&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D&correlator=4356774016526&frm=20&pv=2&ga_vid=1670974488.1589047207&ga_sid=1613213562&ga_hid=1624293709&ga_fc=1&u_tz=300&u_his=5&u_java=0&u_h=831&u_w=1477&u_ah=831&u_aw=1477&u_cd=24&u_nplug=3&u_nmime=4&adx=8&ady=8&biw=1478&bih=759&scr_x=0&scr_y=0&eid=182984100%2C182984300%2C21068083%2C21068769%2C21068893%2C21068785&oid=3&pvsid=3651221640124249&pem=278&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1477%2C0%2C1477%2C831%2C1478%2C759&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=XUtcv4ORQR&p=http%3A//1xbtc.io&dtd=563
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614169956137819"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33369
x-xss-protection: 0
expires: Fri, 26 Feb 2021 15:33:42 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame B483 14 KB
6 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=2.2.0.0.2.2.0.0&client=ca-pub-3528081563288327&output=html&h=250&slotname=9744456138&adk=2113135940&adf=3025194257&pi=t.ma~as.9744456138&w=300&lmt=1613213550&psa=1&format=300x250&url=http%3A%2F%2F1xbtc.io%2Fcrypto%2F&flash=0&wgl=1&dt=1613213561336&bpp=8&bdt=580&idt=538&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D&correlator=4356774016526&frm=20&pv=2&ga_vid=1670974488.1589047207&ga_sid=1613213562&ga_hid=1624293709&ga_fc=1&u_tz=300&u_his=5&u_java=0&u_h=831&u_w=1477&u_ah=831&u_aw=1477&u_cd=24&u_nplug=3&u_nmime=4&adx=8&ady=8&biw=1478&bih=759&scr_x=0&scr_y=0&eid=182984100%2C182984300%2C21068083%2C21068769%2C21068893%2C21068785&oid=3&pvsid=3651221640124249&pem=278&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1477%2C0%2C1477%2C831%2C1478%2C759&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=XUtcv4ORQR&p=http%3A//1xbtc.io&dtd=563
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:32:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 4905056106247604317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 Mar 2021 15:32:32 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame B483 26 KB
11 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8d2aaf7646d6a9b92552246e0b4059d1bdd8823f94e232e8c9a48da9be334e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=2.2.0.0.2.2.0.0&client=ca-pub-3528081563288327&output=html&h=250&slotname=9744456138&adk=2113135940&adf=3025194257&pi=t.ma~as.9744456138&w=300&lmt=1613213550&psa=1&format=300x250&url=http%3A%2F%2F1xbtc.io%2Fcrypto%2F&flash=0&wgl=1&dt=1613213561336&bpp=8&bdt=580&idt=538&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D&correlator=4356774016526&frm=20&pv=2&ga_vid=1670974488.1589047207&ga_sid=1613213562&ga_hid=1624293709&ga_fc=1&u_tz=300&u_his=5&u_java=0&u_h=831&u_w=1477&u_ah=831&u_aw=1477&u_cd=24&u_nplug=3&u_nmime=4&adx=8&ady=8&biw=1478&bih=759&scr_x=0&scr_y=0&eid=182984100%2C182984300%2C21068083%2C21068769%2C21068893%2C21068785&oid=3&pvsid=3651221640124249&pem=278&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1477%2C0%2C1477%2C831%2C1478%2C759&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=XUtcv4ORQR&p=http%3A//1xbtc.io&dtd=563
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 14:24:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4156
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10821
x-xss-protection: 0
server: cafe
etag: 17492731367415995335
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 Mar 2021 14:24:26 GMT

GET
H2 200 /
track.seadform.net/adfserve/ Frame B483 35 B
0 169ms
56ms Fetch
image/gif 37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.seadform.net/adfserve/?bn=44000812;1x1inv=1;srctype=3;gdpr=;gdpr_consent=;ord=2855164608

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=2.2.0.0.2.2.0.0&client=ca-pub-3528081563288327&output=html&h=250&slotname=9744456138&adk=2113135940&adf=3025194257&pi=t.ma~as.9744456138&w=300&lmt=1613213550&psa=1&format=300x250&url=http%3A%2F%2F1xbtc.io%2Fcrypto%2F&flash=0&wgl=1&dt=1613213561336&bpp=8&bdt=580&idt=538&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D&correlator=4356774016526&frm=20&pv=2&ga_vid=1670974488.1589047207&ga_sid=1613213562&ga_hid=1624293709&ga_fc=1&u_tz=300&u_his=5&u_java=0&u_h=831&u_w=1477&u_ah=831&u_aw=1477&u_cd=24&u_nplug=3&u_nmime=4&adx=8&ady=8&biw=1478&bih=759&scr_x=0&scr_y=0&eid=182984100%2C182984300%2C21068083%2C21068769%2C21068893%2C21068785&oid=3&pvsid=3651221640124249&pem=278&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1477%2C0%2C1477%2C831%2C1478%2C759&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=XUtcv4ORQR&p=http%3A//1xbtc.io&dtd=563
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Feb 2021 15:33:42 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame B483 0
0 49ms
47ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CNIdN1RQ5YICaNML0bJOeuuAJua6t0GH2vaSQnQ3S4dLgsgEQASCcvqg6YJUCoAGMn-bOA8gBAqkC6QmLM9BTtD6oAwHIA8kEqgSfAU_QLAaUpkISR8ZLTKZEunSlkIuBg36XmiDsi7lOif-4_W9zAN-GIhGr1gP33JZF-GGl6YUbtISpfou8WfW2MpHCPYSk7Ue8cnpnE1-x358RgYwx2o5gRvuZKH85bpKajjnDYGGyYuBuk7XJhFw65dWMlRHlzB8xuJapHe0sk3CZ-4CuG5raVwkADISgUiDGxQG6iqpHwkmFWYgNZO5BssAEnLO52LwDoAYCgAfc4JkxqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEM_3D9IICQiA4YAQEAEYH4AKAcgLAdgTA7IXGgoYCAASFHB1Yi0zNTI4MDgxNTYzMjg4MzI3&sigh=S5ZR3zwljV8&tpd=AGWhJmtovZFDlBIXJV4JrUaoqgoBgXyZ4LkiZDfsjbPsqm68-Q

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=2.2.0.0.2.2.0.0&client=ca-pub-3528081563288327&output=html&h=250&slotname=9744456138&adk=2113135940&adf=3025194257&pi=t.ma~as.9744456138&w=300&lmt=1613213550&psa=1&format=300x250&url=http%3A%2F%2F1xbtc.io%2Fcrypto%2F&flash=0&wgl=1&dt=1613213561336&bpp=8&bdt=580&idt=538&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D&correlator=4356774016526&frm=20&pv=2&ga_vid=1670974488.1589047207&ga_sid=1613213562&ga_hid=1624293709&ga_fc=1&u_tz=300&u_his=5&u_java=0&u_h=831&u_w=1477&u_ah=831&u_aw=1477&u_cd=24&u_nplug=3&u_nmime=4&adx=8&ady=8&biw=1478&bih=759&scr_x=0&scr_y=0&eid=182984100%2C182984300%2C21068083%2C21068769%2C21068893%2C21068785&oid=3&pvsid=3651221640124249&pem=278&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1477%2C0%2C1477%2C831%2C1478%2C759&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=XUtcv4ORQR&p=http%3A//1xbtc.io&dtd=563
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 26 Feb 2021 15:33:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/ Frame F4F2 50 KB
25 KB 11ms
9ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdV3HgUAAAAACYiz5ZDTI3X6PRiwnqmJPNrXNpG&co=aHR0cHM6Ly9jZG4uYm1jZG4xLmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=x7xc9zt42ai5

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdV3HgUAAAAACYiz5ZDTI3X6PRiwnqmJPNrXNpG&co=aHR0cHM6Ly9jZG4uYm1jZG4xLmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=x7xc9zt42ai5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 10:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 03:04:57 GMT
server: sffe
age: 16708
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25479
x-xss-protection: 0
expires: Sat, 26 Feb 2022 10:55:14 GMT

GET
H3-Q050 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/ Frame F4F2 331 KB
129 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46c97699759b3239f2306f7d09df96131fb1044315b07cfdd62b66c2e4c0125b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdV3HgUAAAAACYiz5ZDTI3X6PRiwnqmJPNrXNpG&co=aHR0cHM6Ly9jZG4uYm1jZG4xLmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=x7xc9zt42ai5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 516
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132194
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 03:04:57 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Feb 2022 15:25:06 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1961 143 B
216 B 11ms
7ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?guci=2.2.0.0.2.2.0.0&client=ca-pub-3528081563288327&output=html&h=250&slotname=9744456138&adk=2113135940&adf=3025194257&pi=t.ma~as.9744456138&w=300&lmt=1613213550&psa=1&format=300x250&url=http%3A%2F%2F1xbtc.io%2Fcrypto%2F&flash=0&wgl=1&dt=1613213561336&bpp=8&bdt=580&idt=538&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D&correlator=4356774016526&frm=20&pv=2&ga_vid=1670974488.1589047207&ga_sid=1613213562&ga_hid=1624293709&ga_fc=1&u_tz=300&u_his=5&u_java=0&u_h=831&u_w=1477&u_ah=831&u_aw=1477&u_cd=24&u_nplug=3&u_nmime=4&adx=8&ady=8&biw=1478&bih=759&scr_x=0&scr_y=0&eid=182984100%2C182984300%2C21068083%2C21068769%2C21068893%2C21068785&oid=3&pvsid=3651221640124249&pem=278&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1477%2C0%2C1477%2C831%2C1478%2C759&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=XUtcv4ORQR&p=http%3A//1xbtc.io&dtd=563
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmknA3u-moX9ysT0NAB5hYNS_QiCmDlwcEMGHLEmD4YdTjLM9SNAldB5u2DNVM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=2.2.0.0.2.2.0.0&client=ca-pub-3528081563288327&output=html&h=250&slotname=9744456138&adk=2113135940&adf=3025194257&pi=t.ma~as.9744456138&w=300&lmt=1613213550&psa=1&format=300x250&url=http%3A%2F%2F1xbtc.io%2Fcrypto%2F&flash=0&wgl=1&dt=1613213561336&bpp=8&bdt=580&idt=538&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D&correlator=4356774016526&frm=20&pv=2&ga_vid=1670974488.1589047207&ga_sid=1613213562&ga_hid=1624293709&ga_fc=1&u_tz=300&u_his=5&u_java=0&u_h=831&u_w=1477&u_ah=831&u_aw=1477&u_cd=24&u_nplug=3&u_nmime=4&adx=8&ady=8&biw=1478&bih=759&scr_x=0&scr_y=0&eid=182984100%2C182984300%2C21068083%2C21068769%2C21068893%2C21068785&oid=3&pvsid=3651221640124249&pem=278&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1477%2C0%2C1477%2C831%2C1478%2C759&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=XUtcv4ORQR&p=http%3A//1xbtc.io&dtd=563

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 26 Feb 2021 14:34:33 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3549
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3268 1 KB
834 B 7ms
6ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?guci=2.2.0.0.2.2.0.0&client=ca-pub-3528081563288327&output=html&h=250&slotname=9744456138&adk=2113135940&adf=3025194257&pi=t.ma~as.9744456138&w=300&lmt=1613213550&psa=1&format=300x250&url=http%3A%2F%2F1xbtc.io%2Fcrypto%2F&flash=0&wgl=1&dt=1613213561336&bpp=8&bdt=580&idt=538&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D&correlator=4356774016526&frm=20&pv=2&ga_vid=1670974488.1589047207&ga_sid=1613213562&ga_hid=1624293709&ga_fc=1&u_tz=300&u_his=5&u_java=0&u_h=831&u_w=1477&u_ah=831&u_aw=1477&u_cd=24&u_nplug=3&u_nmime=4&adx=8&ady=8&biw=1478&bih=759&scr_x=0&scr_y=0&eid=182984100%2C182984300%2C21068083%2C21068769%2C21068893%2C21068785&oid=3&pvsid=3651221640124249&pem=278&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1477%2C0%2C1477%2C831%2C1478%2C759&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=XUtcv4ORQR&p=http%3A//1xbtc.io&dtd=563
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=2.2.0.0.2.2.0.0&client=ca-pub-3528081563288327&output=html&h=250&slotname=9744456138&adk=2113135940&adf=3025194257&pi=t.ma~as.9744456138&w=300&lmt=1613213550&psa=1&format=300x250&url=http%3A%2F%2F1xbtc.io%2Fcrypto%2F&flash=0&wgl=1&dt=1613213561336&bpp=8&bdt=580&idt=538&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D&correlator=4356774016526&frm=20&pv=2&ga_vid=1670974488.1589047207&ga_sid=1613213562&ga_hid=1624293709&ga_fc=1&u_tz=300&u_his=5&u_java=0&u_h=831&u_w=1477&u_ah=831&u_aw=1477&u_cd=24&u_nplug=3&u_nmime=4&adx=8&ady=8&biw=1478&bih=759&scr_x=0&scr_y=0&eid=182984100%2C182984300%2C21068083%2C21068769%2C21068893%2C21068785&oid=3&pvsid=3651221640124249&pem=278&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1477%2C0%2C1477%2C831%2C1478%2C759&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=XUtcv4ORQR&p=http%3A//1xbtc.io&dtd=563

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 26 Feb 2021 15:30:58 GMT
expires: Sat, 27 Feb 2021 15:30:58 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 164
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame B483 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4df6a78f7cef13198ef9801ab028001ce43ca05809572e3a590e9a2413bd36a9

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 OO1-U3lU0dAcjgy9Mul1Jwiij773bxCQH26zOKTm-Ow.js Show response
www.google.com/js/bg/ Frame F4F2 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/OO1-U3lU0dAcjgy9Mul1Jwiij773bxCQH26zOKTm-Ow.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38ed7e537954d1d01c8e0cbd32e9752708a28fbef76f10901f6eb338a4e6f8ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdV3HgUAAAAACYiz5ZDTI3X6PRiwnqmJPNrXNpG&co=aHR0cHM6Ly9jZG4uYm1jZG4xLmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=x7xc9zt42ai5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:04:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:00:00 GMT
server: sffe
age: 170970
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6301
x-xss-protection: 0
expires: Thu, 24 Feb 2022 16:04:13 GMT

GET
H3-Q050 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame F4F2 2 KB
2 KB 15ms
14ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/styles__ltr.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/styles__ltr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:56:30 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 95833
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
expires: Thu, 04 Mar 2021 12:56:30 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F4F2 10 KB
11 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdV3HgUAAAAACYiz5ZDTI3X6PRiwnqmJPNrXNpG&co=aHR0cHM6Ly9jZG4uYm1jZG4xLmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=x7xc9zt42ai5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 04:25:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:51 GMT
server: sffe
age: 40085
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10748
x-xss-protection: 0
expires: Sat, 26 Feb 2022 04:25:38 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F4F2 11 KB
11 KB 22ms
9ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b79781efede37903be212fcdf63955e41c8649e678b6b83adf824459d240a188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdV3HgUAAAAACYiz5ZDTI3X6PRiwnqmJPNrXNpG&co=aHR0cHM6Ly9jZG4uYm1jZG4xLmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=x7xc9zt42ai5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 07:00:06 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 30817
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10788
x-xss-protection: 0
expires: Sat, 26 Feb 2022 07:00:06 GMT

GET
H3-Q050 200 webworker.js
www.google.com/recaptcha/api2/ Frame F4F2 102 B
218 B 16ms
15ms Other
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ab1e16c1b3f793e0aec723c7a7add9e179781105d1646ced630af7007ca52720

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdV3HgUAAAAACYiz5ZDTI3X6PRiwnqmJPNrXNpG&co=aHR0cHM6Ly9jZG4uYm1jZG4xLmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=x7xc9zt42ai5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 26 Feb 2021 15:33:43 GMT

POST
H3-Q050 200 reload Show response
www.google.com/recaptcha/api2/ Frame F4F2 9 KB
7 KB 39ms
39ms XHR
application/json 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LdV3HgUAAAAACYiz5ZDTI3X6PRiwnqmJPNrXNpG

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

61c07c30e85f6ba04de770bdcc2b14ad5658d17ddcb597aa51a7e0a6bae0e621

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdV3HgUAAAAACYiz5ZDTI3X6PRiwnqmJPNrXNpG&co=aHR0cHM6Ly9jZG4uYm1jZG4xLmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=x7xc9zt42ai5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Fri, 26 Feb 2021 15:33:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6657
x-xss-protection: 1; mode=block
expires: Fri, 26 Feb 2021 15:33:43 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 3268 35 B
363 B 24ms
7ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBqyPXZoIOS89LhXRIRCeFk&google_cver=1&google_push=AQvitUIUYMQuEwvTb-y7gfPwyzRkpwWkfnfTChzkDXpHnO-XKkUEHd7GL8BhAGImig6V8HdmfV8EKrFfReIpJnVmnTJWG46DRhyg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Feb 2021 15:33:43 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 3268
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitUIh4SyYQEHt5XJw0cnaCxl8LbeMsDk-TPYzPAC...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WURrVTF3QUFCWHhyU0YxSg&google_push=AQvitUIh4SyYQEHt5XJw0cnaCxl8LbeMsDk-TPYzPAC-3yCSiolMO4KXt-g09hPC4vhfFz5rcKxWLPyk6dXql4NWHx29myM0oX14

170 B
190 B

50ms
49ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WURrVTF3QUFCWHhyU0YxSg&google_push=AQvitUIh4SyYQEHt5XJw0cnaCxl8LbeMsDk-TPYzPAC-3yCSiolMO4KXt-g09hPC4vhfFz5rcKxWLPyk6dXql4NWHx29myM0oX14

Requested by

Host: www.clixblue.com
URL: https://www.clixblue.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Feb 2021 15:33:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WURrVTF3QUFCWHhyU0YxSg&google_push=AQvitUIh4SyYQEHt5XJw0cnaCxl8LbeMsDk-TPYzPAC-3yCSiolMO4KXt-g09hPC4vhfFz5rcKxWLPyk6dXql4NWHx29myM0oX14
Date: Fri, 26 Feb 2021 15:33:43 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 3268
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEOoKjqNNq0uRO-Zs3GDDjuk&google_cver=1&google_push=AQvitUKf7tGU5c6d1BAU4sk8BAzAzORMO9vyzCUdlKOylA_vWBH9dwUpH0hMqJCHIXUFhw7wgVpWs2mmNIkPj7fL92JHK-ezqGuL
https://rtb.openx.net/sync/dds?google_gid=CAESEOoKjqNNq0uRO-Zs3GDDjuk&google_cver=1&google_push=AQvitUKf7tGU5c6d1BAU4sk8BAzAzORMO9vyzCUdlKOylA_vWBH9dwUpH0hMqJCHIXUFhw7wgVpWs2mmNIkPj7fL92JHK-ezqGuL&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKf7tGU5c6d1BAU4sk8BAzAzORMO9vyzCUdlKOylA_vWBH9dwUpH0hMqJCHIXUFhw7wgVpWs2mmNIkPj7fL92JHK-ezqGuL&google_hm=K0LkP08qxTAvu9RYGU2D8w==

170 B
190 B

50ms
49ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKf7tGU5c6d1BAU4sk8BAzAzORMO9vyzCUdlKOylA_vWBH9dwUpH0hMqJCHIXUFhw7wgVpWs2mmNIkPj7fL92JHK-ezqGuL&google_hm=K0LkP08qxTAvu9RYGU2D8w==

Requested by

Host: www.clixblue.com
URL: https://www.clixblue.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Feb 2021 15:33:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Feb 2021 15:33:43 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKf7tGU5c6d1BAU4sk8BAzAzORMO9vyzCUdlKOylA_vWBH9dwUpH0hMqJCHIXUFhw7wgVpWs2mmNIkPj7fL92JHK-ezqGuL&google_hm=K0LkP08qxTAvu9RYGU2D8w==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: qu49t4m8ugvbjjcva6kbg8dp9h9mrll0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 3268
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Iz5wQ-JTQeegMjP1gC5Nhw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
190 B

48ms
48ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Iz5wQ-JTQeegMjP1gC5Nhw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKwI2JPnAoKz6oZlzytJITZPZIViS2TyaRwJ1qmdrKNda4mwTNPgVmpwuMzKOKIu1r1D-LTdhvZiTul08ey80K-ZV_7crOm

Requested by

Host: www.clixblue.com
URL: https://www.clixblue.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Feb 2021 15:33:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Iz5wQ-JTQeegMjP1gC5Nhw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKwI2JPnAoKz6oZlzytJITZPZIViS2TyaRwJ1qmdrKNda4mwTNPgVmpwuMzKOKIu1r1D-LTdhvZiTul08ey80K-ZV_7crOm
Date: Fri, 26 Feb 2021 15:33:41 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 3268
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMIMKLsZVzzs4F3PoixkKTw&google_cver=1&google_push=AQvitUKFQ8NowSA163INK6rzEJwQe7_DmuvDsVOUBOZBdIPpjSBn1mB-G_tsPOTHkgJbtTzrkUs...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xNR0dTN0EtMi0yMVA2&google_push=AQvitUKFQ8NowSA163INK6rzEJwQe7_DmuvDsVOUBOZBdIPpjSBn1mB-G_tsPOTHkgJbtTzrkUswi4EvXljpboNDRKEFfSRJ_XNF

170 B
190 B

53ms
51ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xNR0dTN0EtMi0yMVA2&google_push=AQvitUKFQ8NowSA163INK6rzEJwQe7_DmuvDsVOUBOZBdIPpjSBn1mB-G_tsPOTHkgJbtTzrkUswi4EvXljpboNDRKEFfSRJ_XNF

Requested by

Host: www.clixblue.com
URL: https://www.clixblue.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Feb 2021 15:33:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xNR0dTN0EtMi0yMVA2&google_push=AQvitUKFQ8NowSA163INK6rzEJwQe7_DmuvDsVOUBOZBdIPpjSBn1mB-G_tsPOTHkgJbtTzrkUswi4EvXljpboNDRKEFfSRJ_XNF
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 3268
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKKrFy1tTXzeluHYDeSMGJQ&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKKrFy1tTXzeluHYDeSMGJQ&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YDkU14TF20JnPgNU9eFaowAABGcAAAAB&google_cver=1&google_push=AQvitUKVGMAgUN88jsGiW0FN85CZPawGMU7nbZjXmshnHCIpXkLFnGVqCdFVYQt12nHRaPGELVQM...

170 B
190 B

61ms
54ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YDkU14TF20JnPgNU9eFaowAABGcAAAAB&google_cver=1&google_push=AQvitUKVGMAgUN88jsGiW0FN85CZPawGMU7nbZjXmshnHCIpXkLFnGVqCdFVYQt12nHRaPGELVQMANv66B0Mxr0RDSwicocrx1er&google_gid=CAESEKKrFy1tTXzeluHYDeSMGJQ

Requested by

Host: www.clixblue.com
URL: https://www.clixblue.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Feb 2021 15:33:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 26 Feb 2021 15:33:43 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YDkU14TF20JnPgNU9eFaowAABGcAAAAB&google_cver=1&google_push=AQvitUKVGMAgUN88jsGiW0FN85CZPawGMU7nbZjXmshnHCIpXkLFnGVqCdFVYQt12nHRaPGELVQMANv66B0Mxr0RDSwicocrx1er&google_gid=CAESEKKrFy1tTXzeluHYDeSMGJQ
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 460
Expires: Fri, 26 Feb 2021 15:33:43 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 3268
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESELYtLc1JEyVb7e4o6C6_3eE&google_cver=1&google_push=AQvitUIjthUpH-VOSwrnvB3b...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUIjthUpH-VOSwrnvB3bk8xZ3M6m4Ww3GmTbSFyXpLC4N4EIig0DKojWHyjXyPlJvJs-yvDVMRitXVUVBhINhoXor_DEqy5H7g&google_hm=

170 B
198 B

58ms
57ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUIjthUpH-VOSwrnvB3bk8xZ3M6m4Ww3GmTbSFyXpLC4N4EIig0DKojWHyjXyPlJvJs-yvDVMRitXVUVBhINhoXor_DEqy5H7g&google_hm=

Requested by

Host: www.clixblue.com
URL: https://www.clixblue.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Feb 2021 15:33:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Feb 2021 15:33:43 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUIjthUpH-VOSwrnvB3bk8xZ3M6m4Ww3GmTbSFyXpLC4N4EIig0DKojWHyjXyPlJvJs-yvDVMRitXVUVBhINhoXor_DEqy5H7g&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Thu, 25 Feb 2021 15:33:43 GMT

GET
H3-Q050 204 attr
cm.g.doubleclick.net/pixel/ Frame 3268 0
39 B 63ms
47ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KXscSbUfg_9MZI4sSALZvwjCOWabyCwlaSbnxlUNjaL4b89xWSe_6KWzY2gMBEMiySowUL0A

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:43 GMT
server: HTTP server (unknown)
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1961
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
162 B

47ms
39ms

Document
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmknA3u-moX9ysT0NAB5hYNS_QiCmDlwcEMGHLEmD4YdTjLM9SNAldB5u2DNVM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 26 Feb 2021 15:33:43 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 26-Feb-2021 16:33:43 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 26 Feb 2021 15:33:43 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 26 Feb 2021 15:33:43 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js Show response
pagead2.googlesyndication.com/bg/ Frame 1761 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=2.2.0.0.2.2.0.0&client=ca-pub-3528081563288327&output=html&h=250&slotname=9744456138&adk=2113135940&adf=3025194257&pi=t.ma~as.9744456138&w=300&lmt=1613213550&psa=1&format=300x250&url=http%3A%2F%2F1xbtc.io%2Fcrypto%2F&flash=0&wgl=1&dt=1613213561336&bpp=8&bdt=580&idt=538&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D&correlator=4356774016526&frm=20&pv=2&ga_vid=1670974488.1589047207&ga_sid=1613213562&ga_hid=1624293709&ga_fc=1&u_tz=300&u_his=5&u_java=0&u_h=831&u_w=1477&u_ah=831&u_aw=1477&u_cd=24&u_nplug=3&u_nmime=4&adx=8&ady=8&biw=1478&bih=759&scr_x=0&scr_y=0&eid=182984100%2C182984300%2C21068083%2C21068769%2C21068893%2C21068785&oid=3&pvsid=3651221640124249&pem=278&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1477%2C0%2C1477%2C831%2C1478%2C759&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=XUtcv4ORQR&p=http%3A//1xbtc.io&dtd=563
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 17:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 166989
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6224
x-xss-protection: 0
expires: Thu, 24 Feb 2022 17:10:34 GMT

GET
H2 200 /
cdn.bmcdn1.com/reconfirm/ 35 B
610 B 155ms
150ms Image
image/gif 2606:4700:20::ac43:4801
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bmcdn1.com/reconfirm/?clickid=c67b5725-eb07-44e5-8129-edddfbbfe14c&token=03AGdBq24YfpLbk57Ka5e37fhc8a8WSo_XdQ4ko1EGUYhsMAy5PhyEFZFyk0q5mGkQr9ZCSuuUfHotU1i2txRGTQLZ0s6fxWtaubCiFh96sb6Lfey9VzXouni7iWHSkm0lhvrmm2VDRTL853QnxXD5c2puTPrbPjafqy8S-Eu8YB-PClDebIInvu0klSG1eHBdwPFJp6w6X7UTFkqkf3_ihG06JpVL3VrjU2r3O7gXOGoyZHBA3QVm81p82gh14dJdCdxGQ0JDzhUPycXXk5QsO_4XbKuuKcd5XUsOtF-JxQOxdJwqgiCjmh8c3oHvYg7JkPA05s48aox4O1XBop0C-PaixCC-ZtihyKkdgEP59FG9R7NEdbq6vtfUU2aCB7dQtsKtN8Lzv3oIBzlu4bG2I4AkmKecXqIURAczPq2bt9emvq_7NtzUOqk7Vye5PUEzrVIEqdIlb5AxtzRB--VH8_KDObEOA9eFtIxbMvqmemsLLLtRYVD3SkM&fid=50d068dd648bbd0251bb752174c02be2
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4801 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Feb 2021 15:33:44 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ljUzzUsJGfXA4HUCS4gs4WdgijsDamaTgzkrWq4hMZ2dFZCSyrRahsL8io8DfzIduPGkBHcT5AvaJe%2BlnNU5quwJMRfywaVVDao06Ha5n6RIdTYpeLvqwzxBMw%3D%3D"}],"max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 627ab9e51bf44e3e-FRA
content-length: 35
cf-request-id: 088092833300004e3e08048000000001

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame B483 0
0 48ms
43ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CrWte1RQ5YICaNML0bJOeuuAJua6t0GH2vaSQnQ3S4dLgsgEQASCcvqg6YJUCoAGMn-bOA8gBAqkC6QmLM9BTtD6oAwGqBJ8BT9AsBpSmQhJHxktMpkS6dKWQi4GDfpeaIOyLuU6J_7j9b3MA34YiEavWA_fclkX4YaXphRu0hKl-i7xZ9bYykcI9hKTtR7xyemcTX7HfnxGBjDHajmBG-5kofzlukpqOOcNgYbJi4G6TtcmEXDrl1YyVEeXMHzG4lqkd7SyTcJn7gK4bmtpXCQAMhKBSIMbFAbqKqkfCSYVZiA1k7kGywAScs7nYvAOgBgKAB9zgmTGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQz_cP0ggJCIDhgBAQARgfgAoByAsB2BMDshcaChgIABIUcHViLTM1MjgwODE1NjMyODgzMjc&sigh=OIvOsaHzCYw&vt=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=2.2.0.0.2.2.0.0&client=ca-pub-3528081563288327&output=html&h=250&slotname=9744456138&adk=2113135940&adf=3025194257&pi=t.ma~as.9744456138&w=300&lmt=1613213550&psa=1&format=300x250&url=http%3A%2F%2F1xbtc.io%2Fcrypto%2F&flash=0&wgl=1&dt=1613213561336&bpp=8&bdt=580&idt=538&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D&correlator=4356774016526&frm=20&pv=2&ga_vid=1670974488.1589047207&ga_sid=1613213562&ga_hid=1624293709&ga_fc=1&u_tz=300&u_his=5&u_java=0&u_h=831&u_w=1477&u_ah=831&u_aw=1477&u_cd=24&u_nplug=3&u_nmime=4&adx=8&ady=8&biw=1478&bih=759&scr_x=0&scr_y=0&eid=182984100%2C182984300%2C21068083%2C21068769%2C21068893%2C21068785&oid=3&pvsid=3651221640124249&pem=278&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1477%2C0%2C1477%2C831%2C1478%2C759&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=XUtcv4ORQR&p=http%3A//1xbtc.io&dtd=563
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 26 Feb 2021 15:33:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B483 42 B
89 B 47ms
44ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuZ5uxZF2LL0-ZNaw920AmkvYb9ndYzarJbx9BReTEFg81pFnR9D_z1EYRAoCoJQOM6CS7n7w5rX87PybrW--pRs2ysRPnvyi-jgg-Hiji2BauzjPVs8JuJbOAvhQ&sai=AMfl-YTW56S0kc2Laptps6HwHL1zXhFfVsPHN6qkR5a4LGJGlMHrfJuBiBIN1_L7ShQAv6l9rayxByiMOrsL_gWlievIBTtZsI1rR-U&sig=Cg0ArKJSzH9DakCxQ2OGEAE&cid=CAASF-RoBTtdX-LKWVCh3DZ2vpvKqE-iNgfQ&id=osdim&mcvt=1081&p=0,0,250,300&mtos=1081,1081,1081,1081,1081&tos=1081,0,0,0,0&v=20210224&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=2113135940&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=2.2.0.0.2.2.0.0&client=ca-pub-3528081563288327&output=html&h=250&slotname=9744456138&adk=2113135940&adf=3025194257&pi=t.ma~as.9744456138&w=300&lmt=1613213550&psa=1&format=300x250&url=http%3A%2F%2F1xbtc.io%2Fcrypto%2F&flash=0&wgl=1&dt=1613213561336&bpp=8&bdt=580&idt=538&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D&correlator=4356774016526&frm=20&pv=2&ga_vid=1670974488.1589047207&ga_sid=1613213562&ga_hid=1624293709&ga_fc=1&u_tz=300&u_his=5&u_java=0&u_h=831&u_w=1477&u_ah=831&u_aw=1477&u_cd=24&u_nplug=3&u_nmime=4&adx=8&ady=8&biw=1478&bih=759&scr_x=0&scr_y=0&eid=182984100%2C182984300%2C21068083%2C21068769%2C21068893%2C21068785&oid=3&pvsid=3651221640124249&pem=278&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1477%2C0%2C1477%2C831%2C1478%2C759&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=XUtcv4ORQR&p=http%3A//1xbtc.io&dtd=563
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Feb 2021 15:33:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lazy-modules.c61ab2d8.js Show response
static.arc.io/broker/js/ Frame CF33 48 KB
16 KB 449ms
135ms Script
application/javascript 185.59.220.196
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL

https://static.arc.io/broker/js/lazy-modules.c61ab2d8.js

Requested by

Host: static.arc.io
URL: https://static.arc.io/broker/js/broker.5be85bf8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.196 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

Software

BunnyCDN-DE1-565 /

Resource Hash

46cdeed91475022a019a9188c11c8a90b8cd648302d281495c317d03c155649a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://core.arc.io/broker.html?b696a0a1f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:44 GMT
content-encoding: br
vary: Accept-Encoding
cdn-edgestorageid: 722
access-control-allow-origin: *
cdn-cachedat: 2021-02-01 13:33:50
cdn-pullzone: 196434
cdn-requestpullsuccess: True
last-modified: Tue, 26 Jan 2021 22:29:14 GMT
server: BunnyCDN-DE1-565
cdn-requestpullcode: 200
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control: max-age=2592000, public
cdn-requestid: 268c87ded89e8740cfa6312542790448
cdn-requestcountrycode: PL
expires: Wed, 03 Mar 2021 12:33:50 GMT

GET
H2 200 vendors~widget-ui.js Show response
static.arc.io/widget/js/ 90 KB
33 KB 396ms
152ms Script
application/javascript 185.59.220.196
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL

https://static.arc.io/widget/js/vendors~widget-ui.js?b696a0a1f

Requested by

Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?b696a0a1f

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.196 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

Software

BunnyCDN-DE1-565 /

Resource Hash

a223c78dd6413e093bbbd4c4fb3ea4aae1b3b841c50be948ffc525f98c379fb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:44 GMT
content-encoding: br
vary: Accept-Encoding
cdn-edgestorageid: 632
access-control-allow-origin: *
cdn-cachedat: 2021-01-26 23:40:38
cdn-pullzone: 196434
cdn-requestpullsuccess: True
last-modified: Tue, 26 Jan 2021 22:34:09 GMT
server: BunnyCDN-DE1-565
cdn-requestpullcode: 200
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control: max-age=2592000, public, stale-while-revalidate=864000
cdn-requestid: efffc8f4115ad1bfd067827f60726656
cdn-requestcountrycode: PL
expires: Thu, 25 Feb 2021 22:40:38 GMT

GET
H2 200 widget.css
static.arc.io/widget/css/ 11 KB
3 KB 325ms
83ms Stylesheet
text/css 185.59.220.196
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL

https://static.arc.io/widget/css/widget.css?b696a0a1f

Requested by

Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?b696a0a1f

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.196 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

Software

BunnyCDN-DE1-565 /

Resource Hash

bb2b0ce93dcd19f2ecb4a88a81eaf36461c6bb491931b224ab4864c86369ce95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:44 GMT
content-encoding: br
vary: Accept-Encoding
cdn-edgestorageid: 632
access-control-allow-origin: *
cdn-cachedat: 2021-01-26 23:40:38
cdn-pullzone: 196434
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires: Thu, 25 Feb 2021 22:40:38 GMT
last-modified: Tue, 26 Jan 2021 22:34:09 GMT
server: BunnyCDN-DE1-565
cdn-requestpullcode: 200
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/css
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=2592000, public, stale-while-revalidate=864000
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestid: 54063ad58d03d841c2087c4616c1ead0
cdn-requestcountrycode: PL
cdn-requestpullsuccess: True

GET
H2 200 widget-ui.js Show response
static.arc.io/widget/js/ 30 KB
11 KB 334ms
93ms Script
application/javascript 185.59.220.196
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL

https://static.arc.io/widget/js/widget-ui.js?b696a0a1f

Requested by

Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?b696a0a1f

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.196 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

Software

BunnyCDN-DE1-565 /

Resource Hash

72b0207278d028df88975824ff74d5f7e73171c77324fda546f18c07ed8c235a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:44 GMT
content-encoding: br
vary: Accept-Encoding
cdn-edgestorageid: 601
access-control-allow-origin: *
cdn-cachedat: 2021-01-26 23:41:17
cdn-pullzone: 196434
cdn-requestpullsuccess: True
last-modified: Tue, 26 Jan 2021 22:34:09 GMT
server: BunnyCDN-DE1-565
cdn-requestpullcode: 200
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control: max-age=2592000, public, stale-while-revalidate=864000
cdn-requestid: cdc493e54c3e2c9c288805412c9db693
cdn-requestcountrycode: PL
expires: Thu, 25 Feb 2021 22:41:17 GMT

GET
H2 200 brokers.js Show response
static.arc.io/widget/js/ 26 KB
9 KB 392ms
186ms Script
application/javascript 185.59.220.196
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL

https://static.arc.io/widget/js/brokers.js?b696a0a1f

Requested by

Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?b696a0a1f

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.196 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

Software

BunnyCDN-DE1-565 /

Resource Hash

3839fc726c6327cd0e718483c000a310ba168eb7c03f91551e58eb857be123f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:44 GMT
content-encoding: br
vary: Accept-Encoding
cdn-edgestorageid: 565
access-control-allow-origin: *
cdn-cachedat: 2021-01-27 00:06:46
cdn-pullzone: 196434
cdn-requestpullsuccess: True
last-modified: Tue, 26 Jan 2021 22:34:09 GMT
server: BunnyCDN-DE1-565
cdn-requestpullcode: 200
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control: max-age=2592000, public, stale-while-revalidate=864000
cdn-requestid: a546aa882c122755a490f3249c8800f7
cdn-requestcountrycode: PL
expires: Thu, 25 Feb 2021 23:06:45 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 661C 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2199626567028208&ev=Microdata&dl=https%3A%2F%2Fcdn.bmcdn1.com%2Fp%2F5e56816b6c7fa8946b9643a0%2F%3Fsource%3Dhttps%253A%252F%252Fwww.clixblue.com%252F%26ref%3D%26ent%3D%26we%3D0%26fid%3D50d068dd648bbd0251bb752174c02be2%26fidnoua%3Decc3663fbf086b87cf763b12b575e917%26impid%3Da1c4fb280f3fa3e5e403569e414377db%26ua%3DMozilla%252F5.0%2520(Macintosh%253B%2520Intel%2520Mac%2520OS%2520X%252010_14_5)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F83.0.4103.61%2520Safari%252F537.36%26sig%3D0x00000%26blocksubid%3D0&rl=https%3A%2F%2Fwww.clixblue.com%2F&if=true&ts=1614353624350&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&it=1614353622012&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.clixblue.com
URL: https://www.clixblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cdn.bmcdn1.com/p/5e56816b6c7fa8946b9643a0/?source=https%3A%2F%2Fwww.clixblue.com%2F&ref=&ent=&we=0&fid=50d068dd648bbd0251bb752174c02be2&fidnoua=ecc3663fbf086b87cf763b12b575e917&impid=a1c4fb280f3fa3e5e403569e414377db&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&sig=0x00000&blocksubid=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:44 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 26 Feb 2021 15:33:44 GMT

GET
H2 200 /
cdn.bmcdn1.com/confirm/c67b5725-eb07-44e5-8129-edddfbbfe14c/ 0
374 B 111ms
110ms Image
text/plain 2606:4700:20::ac43:4801
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bmcdn1.com/confirm/c67b5725-eb07-44e5-8129-edddfbbfe14c/?fid=50d068dd648bbd0251bb752174c02be2
Requested by: Host: www.clixblue.com
URL: https://www.clixblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4801 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.clixblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-request-id: 088092854500004e3eea10c000000001
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
date: Fri, 26 Feb 2021 15:33:44 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IEZ74MYWQ3sOwrRZpcp3fh%2FFfOLoatpYd450ZFvlqkAx%2BFnnTJwpQxUqgmbV1hs7sx9wKCmlhpofDVQvDib2Igd%2F8i7dZshPUDWFCggYGK3W9J8Gj8SHBLzpzQ%3D%3D"}],"max_age":604800}
cf-ray: 627ab9e86c434e3e-FRA
content-length: 0

GET
H2 200 widget.css
static.arc.io/widget/css/ Frame 4D2A 11 KB
3 KB 84ms
83ms Stylesheet
text/css 185.59.220.196
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL

https://static.arc.io/widget/css/widget.css?b696a0a1f

Requested by

Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?b696a0a1f

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.196 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

Software

BunnyCDN-DE1-565 /

Resource Hash

bb2b0ce93dcd19f2ecb4a88a81eaf36461c6bb491931b224ab4864c86369ce95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:44 GMT
content-encoding: br
vary: Accept-Encoding
cdn-edgestorageid: 632
access-control-allow-origin: *
cdn-cachedat: 2021-01-26 23:40:38
cdn-pullzone: 196434
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires: Thu, 25 Feb 2021 22:40:38 GMT
last-modified: Tue, 26 Jan 2021 22:34:09 GMT
server: BunnyCDN-DE1-565
cdn-requestpullcode: 200
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/css
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=2592000, public, stale-while-revalidate=864000
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestid: 1dc11666c0a0b59714275b1a52e507b7
cdn-requestcountrycode: PL
cdn-requestpullsuccess: True

GET
H2 200 normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/ Frame 4D2A 2 KB
1022 B 15ms
14ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css

Requested by

Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?b696a0a1f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5398572
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 631
cf-request-id: 08809286b500004e1fc906c000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f2b-732"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ilsw9iGi2lPXe6I2PwNShoKSDl9qWHYzZWovVwEB94iNugiW9OHOsuePIGuv%2Ba2r5b6wE23SdLTFdlygm%2FoFiiGjimRIY626g3gqQ7FzgZhofD2XSQnmG0HC9OqwneysQA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 627ab9eab9bc4e1f-FRA
expires: Wed, 16 Feb 2022 15:33:44 GMT

GET
H2 200 widget.css
static.arc.io/widget/css/ Frame 7477 11 KB
3 KB 69ms
68ms Stylesheet
text/css 185.59.220.196
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL

https://static.arc.io/widget/css/widget.css?b696a0a1f

Requested by

Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?b696a0a1f

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.196 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

Software

BunnyCDN-DE1-565 /

Resource Hash

bb2b0ce93dcd19f2ecb4a88a81eaf36461c6bb491931b224ab4864c86369ce95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:44 GMT
content-encoding: br
vary: Accept-Encoding
cdn-edgestorageid: 632
access-control-allow-origin: *
cdn-cachedat: 2021-01-26 23:40:38
cdn-pullzone: 196434
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires: Thu, 25 Feb 2021 22:40:38 GMT
last-modified: Tue, 26 Jan 2021 22:34:09 GMT
server: BunnyCDN-DE1-565
cdn-requestpullcode: 200
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/css
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=2592000, public, stale-while-revalidate=864000
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestid: 477c67b1c626a171299c8cbfa1fe7eda
cdn-requestcountrycode: PL
cdn-requestpullsuccess: True

GET
H2 200 normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/ Frame 7477 2 KB
1 KB 12ms
11ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css

Requested by

Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?b696a0a1f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5398572
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 631
cf-request-id: 08809286c400004e1fec19f000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f2b-732"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=boI164qbNZ4HeceL2WKGcXvIrwKLExAuC%2BzNhnQwbjzNGuWEnGPW3H%2FG87M%2BW%2FL18AhFSYFq0DOBudzSiX6AZLEqfyxrChEIQ0tYZTnNWFJ8iCHx23glLLTjR1u3nNToMw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 627ab9ead9e84e1f-FRA
expires: Wed, 16 Feb 2022 15:33:44 GMT

GET
DATA 200
OK truncated
/ Frame 4D2A 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ebc52127ad3835c66baadf8b2a1f32e64c57687f6fbafdcc2b93a77db6d5cb8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7477 277 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb2b1971e54b31144a8794057598aba69ebe1d416c8c75d3a142942917f5e58b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7477 461 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 238f8c428970eec0a173fdef23bd5b3fd058fe2f3ec3751fd9dbd3d10d2736c9

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 index.php Show response
www.adthurst.com/track/ Frame A729 132 B
526 B 312ms
307ms Script
application/javascript 2606:4700:3033::ac43:d97d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.adthurst.com/track/index.php?page=click/data/0|6|0|35|35|1|0|2|0|6|0.00015|0.00015|0|0/d37b2300d03874506f6b94e19d68b014/1614353638/DE/
Requested by: Host: www.adthurst.com
URL: https://www.adthurst.com/display/index.php?page=query/items/&aduid=35&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=e99122407a2426de72db562bf87eec45&time=1614353620&deliver=clixblue.com&search_keywords=&page_referrer=aHR0cHM6Ly93d3cuY2xpeGJsdWUuY29tLw==&page_title=Clixblue%20-%20Get%20some%20Blue%20into%20your%20pockets&meta_description=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:d97d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 521d2f6373e2fedfed6df689d8c612c7f1c7aa0328267affcca93c361fbdff05

Request headers

Referer: https://www.adthurst.com/display/index.php?page=query/items/&aduid=35&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=e99122407a2426de72db562bf87eec45&time=1614353620&deliver=clixblue.com&search_keywords=&page_referrer=aHR0cHM6Ly93d3cuY2xpeGJsdWUuY29tLw==&page_title=Clixblue%20-%20Get%20some%20Blue%20into%20your%20pockets&meta_description=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:33:49 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=X4DxZDdfDbaWK%2Bc6YQN%2BhUm0z6yZ%2Fb7qRQ0MXycRYZhmHP7A5yJlXGQGmtyGJpsLv5%2B7Lv9wXDm17E7VnRfPU%2BDU3rpim3oIeCZEKRglg%2BlUjJqfmNzCckQwQYLa"}],"max_age":604800}
content-type: application/javascript
cf-ray: 627aba044d2f4ed9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08809296ae00004ed9331f8000000001

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: id5-sync.com
URL: https://id5-sync.com/c/12/103/4/6.gif?puid=08c4dd6c6abd61d6bfb6ff5d010e94e4&gdpr=1&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

336 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-19 20:49:24	Name: NID Value: 210=TikqXaiQ4YBgXP52rq-SSPldOgEv0jbCVhzbzyI0p9Dy6yAoJG4MXhECFhWGOPCE78x0X3jF3Kdo0VCjjXzrhwZanIxSjNIBZsuX3eHYtNbAbfGHN1ES3m7ZdUf9uB0Q_jZfEv3d5etM33dC8kCx-BNYrKtQuB12UsN_iFIXyC4
.google.com/recaptcha	1970-01-19 20:45:05	Name: _GRECAPTCHA Value: 09AAb-fcx_rAuN8YrvMAopLHy83jg-sMen-SNWgDtxsciP6m95BSBdCLA43saI8On78Yc-A9AX8VsyWVYPRYMT5_U
core.arc.io/	1970-01-20 01:11:29	Name: _immortal\|Arc_nodeId Value: Qz5mGx4G95is5YX6Jw4Fmn
.zeotap.com/	1970-01-19 16:27:20	Name: zsc Value: %29%15%16%17t%05g%825%96%F0%B4%93%96%BD%CC%02%E8%C2%90%16%83%BF%2CA%2A%40%CDQ%E4%7FiOE%280%D5%D5_%17d%98lT%18%E6%7B%8D%5B%3A%93%ADVV%02%91%16%D6%5B%C6%A3%05%AB%E2%AB%09%0C%CEaq%80%EC%9FI%F1%02l%EC%E4%F7%11%CE%8CF%8B%8E%C0%EDI%09%8AHQA%F8%EC%BC_%FB%A5%1C%AF%E3Z%0A
.zeotap.com/	1970-01-20 09:57:05	Name: zc Value: 867363ee-dbf0-4e55-6d27-b33975e4e6e2
.clixblue.com/	1970-01-19 16:25:55	Name: __utmb Value: 235807059.1.10.1614353620
.clixblue.com/	1970-01-19 20:48:41	Name: __utmz Value: 235807059.1614353620.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
www.clixblue.com/	1970-01-19 16:36:02	Name: bitmedia_fid Value: eyJmaWQiOiI1MGQwNjhkZDY0OGJiZDAyNTFiYjc1MjE3NGMwMmJlMiIsImZpZG5vdWEiOiJlY2MzNjYzZmJmMDg2Yjg3Y2Y3NjNiMTJiNTc1ZTkxNyJ9
.clixblue.com/	1969-12-31 23:59:59	Name: __utmc Value: 235807059
.clixblue.com/	1970-01-20 09:57:05	Name: __utma Value: 235807059.1751174303.1614353620.1614353620.1614353620.1
.clixblue.com/	1970-01-19 16:25:54	Name: __utmt Value: 1
.clixblue.com/	1970-01-20 01:50:22	Name: __qca Value: P0-1385114713-1614353620508
.clixblue.com/	1970-01-19 17:09:05	Name: __cfduid Value: d38eda28ac725c4e7c25eef3586933fbf1614353619
.clixblue.com/	1970-01-19 16:25:53	Name: _gat Value: 1
.clixblue.com/	1970-01-19 16:27:20	Name: _gid Value: GA1.2.758004860.1614353620
.clixblue.com/	1970-01-20 09:57:05	Name: _ga Value: GA1.2.1751174303.1614353620
.doubleclick.net/	1970-01-19 16:25:57	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 01:47:29	Name: IDE Value: AHWqTUmknA3u-moX9ysT0NAB5hYNS_QiCmDlwcEMGHLEmD4YdTjLM9SNAldB5u2DNVM
www.clixblue.com/	1970-01-19 16:26:20	Name: sitetraffic Value: 1
www.clixblue.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 7luhsivb894abuv0maugqba9q2

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.clixblue.com/templates/ModernBlue/styles/video.js(Line 3) Message: 1205
console-api	log	URL: https://www.clixblue.com/templates/ModernBlue/styles/video.js(Line 3) Message: 1205
console-api	log	URL: https://www.clixblue.com/templates/ModernBlue/styles/video.js(Line 3) Message: 1205
console-api	log	URL: https://www.clixblue.com/cdn-cgi/apps/body/V6jD2ooaIniAVnIUyLAwzmem7DE.js(Line 2) Message: [object Object]
console-api	warning	URL: https://browser.sentry-cdn.com/5.9.1/bundle.min.js(Line 2) Message: Failed to install Arc's Service Worker. For installation help, see https://portal.arc.io/installation. Service Worker documentation: https://developer.mozilla.org/en-US/docs/Web/API/Service_Worker_API/Using_Service_Workers#Why_is_my_service_worker_failing_to_register. TypeError Cannot read property 'removeItem' of null
console-api	log	URL: https://browser.sentry-cdn.com/5.9.1/bundle.min.js(Line 2) Message: Vue global error handler TypeError: Cannot convert undefined or null to object [object Object] mounted hook (Promise/async)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
ad.a-ads.com
ads.themoneytizer.com
adservice.google.com
adservice.google.com.pk
adtrack.adleadevent.com
ajax.googleapis.com
api.rlcdn.com
arc.io
as-sec.casalemedia.com
banners.mellowads.com
browser.sentry-cdn.com
cdn.bmcdn1.com
cdnjs.cloudflare.com
ced-ns.sascdn.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
core.arc.io
d2zur9cc2gf1tx.cloudfront.net
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
g.themoneytizer.net
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
gum.criteo.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image6.pubmatic.com
js-sec.indexww.com
match.adsrvr.org
media.bmcdn1.com
mellowads.com
mwzeom.zeotap.com
onetag-sys.com
p.cpx.to
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
pool.grid-data.bidswitch.net
rtb.openx.net
rules.quantcount.com
s.cpx.to
secure.adnxs.com
secure.quantserve.com
spl.zeotap.com
ssl.google-analytics.com
ssum-sec.casalemedia.com
static.a-ads.com
static.arc.io
static.bmcdn1.com
sync.smartadserver.com
tag.leadplace.fr
tpc.googlesyndication.com
track.seadform.net
ww1097.smartadserver.com
www.adthurst.com
www.clixblue.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.recaptcha.net
id5-sync.com
142.250.185.194
145.239.192.166
145.239.193.145
148.251.53.118
151.139.241.23
176.34.185.174
18.195.130.212
185.33.221.11
185.33.221.13
185.59.220.193
185.59.220.196
185.64.189.115
185.64.190.80
185.86.137.114
185.86.138.144
2.18.233.201
2.18.234.21
216.58.212.130
2600:9000:20d7:5400:6:44e3:f8c0:93a1
2606:4700:10::6816:1957
2606:4700:20::ac43:4801
2606:4700:3033::ac43:d97d
2606:4700:3037::6815:57a7
2606:4700::6810:125e
2606:4700::6810:8916
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:800::200e
2a00:1450:4001:803::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2003
2a00:1450:4001:810::2008
2a00:1450:4001:810::200a
2a00:1450:4001:811::2001
2a00:1450:4001:811::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82a::200a
2a02:2638::1c
2a02:26f0:6c00::210:ba0b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42::729
34.120.207.148
34.120.223.230
35.186.253.211
37.157.6.241
5.9.10.165
51.89.9.251
52.209.120.242
52.29.225.117
54.195.23.91
54.72.125.151
63.33.127.66
63.34.175.121
65.9.23.121
69.173.144.165
79.137.69.120
0047f2b4e58d50cd286045db5a9a694d843c551e96e92f7bcd10bf2e111149f2
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
0277cefdee5ee453fe047500bb83ca8866df719ace9e7a3069b29ce0d7c8d198
06bc03e4f5a5277ac8d3d697b8dee3a3cfdf698b96a7ebe6d1027fe0e01ec199
085e36b012154e476c745b8f1a0f4e6ae4a87548b5febda5da9d30e669fcf2f3
0b3597ca37388a851c4ea15dce0634c685b97c2a86f6929ac3caa46496b93882
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d7dfe5b73f58693ebcc4bb6d024aa9a386a01e67de7f3fe9063ce919c4dc45f
0df50694913bc75f62ff83d043d9d1fa4d0b94007c332bf38695ae5b21c22e14
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
102c2095316e25201a7930023956c4efc09b7a1a03e024c2b230a7adeda34eb8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
125e674a1b54439f3e06bfed174b30c4b28cc34b98a231762c3e46098060407a
13709341c595645bf12fce15afd2d622beb3bfbc018d872d117432c87bf3f95b
176752cbd2786893c990bc6422c419c149796c007f2265a338aaeaf00ba9af89
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19171a7c144d3ad73f0c87dc0ace9cc3885f13dc286fbc3a2fad124653cd2cc0
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c2fd04bc7557ff3208e06324dba5f6e0538554a026630abba81dbb398a5a27d
1f468e6c70b514e6ae689b15abe6581216afafe189d44b31138659112d5307ba
1fa232a21d87a8f414d57819642249d553cb2067cf6e182fe6e251933cf23b38
21de9b90173dd3bd8c897b2c173617ffc15eed321a42b0f9c0b68dda34399ea5
224367207d5782e6498257fa92c069e83b6e4eefcf525bc4061212f6e498eee2
238f8c428970eec0a173fdef23bd5b3fd058fe2f3ec3751fd9dbd3d10d2736c9
242b127c5ee2aa665608bd4749b74e40e54d66db97fdba5c20998e105614de58
265b9c397678048238d334495fea1378de5c822e4e1d249a58e47914e0eba89e
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
26d89ced3da96c6971287826c5701f5e4e26da32d091698fdeff8a8c7149351d
293ff410f03cae1dbf747a9e0961473d0d06bc46ebbd70f897c0bd14ea2d2a03
297ea7466b446d1c83023e7713b8619a49ce814ef877b1aa8aed20f7a0bdd1a3
2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a
2cd6cff81ed30607212a76cf14df956553f17dc9f8024a720e7acb0dd2ec1b78
2d592107240acd0d1d5f53c4b2e9955be3317a1c621659ee79af0b8ca51bfbfb
2e14c1a668a02a6e7d92ccef711b8ecb2d73523c4c2f41f6ec4218da1953c0f0
2fd45e95be258e208c543385ea5bff1efa3419a3252c5a5d13f53bb8a969e74c
3145327f0b460746d72e18bb7bd5597166ad5ce04806677d87991c42a660a9d1
31b433ff737eab9512e7bb0bfb44619768f6b9590f5cc36d78fd03a147dd9582
32adcd20942cc95376c96c686e5f4c65dba39275545f6c9c7b63b72a374d9cc0
340fb3e379311ed1ceadf7dd53577a337b47d6b1fc52a003ec959bb46cd004b6
36cce5cae3d2e0045b2b2b6cbffdad7a0aba3e99919cc219bbf0578efdc45585
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3839fc726c6327cd0e718483c000a310ba168eb7c03f91551e58eb857be123f4
38ed7e537954d1d01c8e0cbd32e9752708a28fbef76f10901f6eb338a4e6f8ec
3a4c28d3a7d5a965f4d8d1bc7ccc0839c1684cd8b0d6fbed7c593d933910905c
3a989c100ff9616aa512b79f82cfc911d351dbdb2e18f82b0bc7cb4d777feafe
3cb463d045636d5163b6f07104cf3dc649c47dde299c74f4e41022c9e511cabe
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ebc52127ad3835c66baadf8b2a1f32e64c57687f6fbafdcc2b93a77db6d5cb8
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3
42e60cba6960e8c55092b4912d9e267eca4bd30b70ac349194e831c34fd3399d
4311ceca8db47402a962cf1cca9264441d951815e2654bbc73128a7e57dddc95
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
46c97699759b3239f2306f7d09df96131fb1044315b07cfdd62b66c2e4c0125b
46cdeed91475022a019a9188c11c8a90b8cd648302d281495c317d03c155649a
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
482183e70b7addaf78266fce08e0afd71ae506da4c16a919ca7758eec4ccb78f
4c264c6ad15eea3c8f8917e177acaba6855bc6eae109ac2acf2be2a515e9f50a
4d2f2b768dbcce1931e736b7c88e12621167d50c36151d8bb6a697dc8aea30b7
4df6a78f7cef13198ef9801ab028001ce43ca05809572e3a590e9a2413bd36a9
4ec34051eae24ef72179baafd392762e216591ff9e94678a4163b175ac7d26e0
4fed506dc17cd00bc138146380ce766aaa7a4a3a95d0db34be10129751e27228
51f2f79e64b33d994f8c1f25ad14f451b51597dd36bfb9bed179b5e88315cc75
521d2f6373e2fedfed6df689d8c612c7f1c7aa0328267affcca93c361fbdff05
537d4319bb7cae6bc61ef91e4e6f03aee263ce9350777af4b4323b2cfa750ac9
53b35f5919f1737e543baf1e96739f4f6ffae5c7205c27e5dd22ecbbc92be2cd
53db9fed6e708d31342543e4a15ef58dced8a255c6555b4652afd953a75217f6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
561711664274653f074a4490bcabc67372c494bb96ed36e5f2e51875a476761b
5b31b986895c3db20fa54a0c1962e9565a71aa3d8ae4962fbc60495132f561ca
5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187
610701d911f4672f005a89bc21d6298d4e46ea7508f3a46925285e7498369e93
61c07c30e85f6ba04de770bdcc2b14ad5658d17ddcb597aa51a7e0a6bae0e621
63dd70bdbc552455f670c0efa69f236f56d671071023a8fd17c36799a88ea98d
65f37cb1b7df7953e988cd3e2e52c94b226e56de1d915f967362ad1df4c28da4
665eaf684a20b82140a91dcf1266948847730c74948761d042c8118007ab5384
686267646d6d8cf314762bcbe3321302dcc2a158d53471bdac1f7e141cdff5d0
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939
6d449da3aa217ba4ce0de5e489bd605abbee0298754508f02cfd0f640c16ef20
6e8c871975be29bb26543d00cd18fa047e4b4375c0f5618d29be2d6d3be67386
6f12d597028016c66ca4c7e7db40b2733243a9bc34254f677596120477fcd1a5
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
706f436f993dfc5ef3957d57eb993c48eefac5ef05e017e8590ce5e3ac0527b1
72b0207278d028df88975824ff74d5f7e73171c77324fda546f18c07ed8c235a
7471acc9e0da2032be52c9b3ac85605e85721cf25c70bc39d72cc3ad09ce464f
752ed51374eb3ac2d50fe99043139bd7168f49c520a364b13702675759b924c7
7685323ce61b25e91877049bb40854519ba7cccffde3bcdc2ed8594d7f40cfbf
76bd326b284a653901afc0182bf79777ae22a419855a0cd7cf94d6b3fda1861a
7716ed439bbbb45cbeb019882c1fa075fe6ac74736a945fd74df04045218dd01
78c060681cf025f33e713bef7e0e5db3e9e137de9c08c2a9c0c891dd0149f2c5
7f7703ae279ef474e1c2550235574fe501a95af4eef08ea99bfc0025db7a136c
7ff3eb554f084033f390b2ee16d2d6e221404d6e40cf93fa97eebcd0dd9357ec
81e47eeba11310f29f968b247106fd09ddfe41c7d3d94752be730675a1ba269f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83857907ceb082c53d46f4fecc4025aee153670a53c9aa13ec2ba9a0fde4d9aa
83a96fd8b1e5901d3a7cb40fc0f017fefd2a843fd1969a8eb1eb3bb8d1499195
83e3f6cb8f13f4a8c796fc1056b348af529a1eaef82692f18991436cc0899df4
8567910c20a8d5d4780282da4d9bbd8d6ecb51cda15a6a52c0ff0e08d21e44ca
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
87ad2ef6106ceaae60bd93933cb3cc6defe63a5ec00188493227327260d2bf6c
88e851e94bd5449b000b9a41f72551019e14e014d875517ee487b86280cc0bc2
8b3d11cf2921348dda11bd20e3016b6f3f651d1cbabaae29ccdab235fa2c6d59
8bd411b5f2b1b0ef6138cdb0b0055f4bc892ce06372cdf2586a285a0cf898a33
8d115f01e33d46d366b2511f1f2a0a5f22348f5a7ac18a12e0b3973e4f1680b3
91d519185e6a52ff0f784e385eb0897caa3a42904389d8303c26ef73bde80d55
94347ff759dbb0e51a66f3f70b15a4c830dba3692e79d402db5263f6e51ea07b
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7
953f033af58faa7c9aa0b68d596b0bebb6869bf1863a068bbe004cd8b24a41f4
967af3993132271f062ec7da3ac3ed4290536b65bac071c7c30f7ae3ff83ac48
96e5204bf2c602e1db41e85f66861c56272201c5c2b775813060d787c47d7d8c
97c4df86df890dea3b3d0828291d7bae320f99e115580667b6867776e78decdf
980a6191d20fad131d164f044583597ce9ca7a9133855f5f0eb1d66404ee08b2
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ba484681d0972c8f5fdd10ab0986c9fa68a6511ef29684db473cc2fab186e38
9e4207629a5cc6891f1e578f88172fe9d555152d5b43d9d7f5bf4b51c86e0a8f
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e
a12d28439797af1b879aca57b0a66a5b681fdc9d71a4bdda9c935fa4c89bfc5f
a15348b049a18c85702dde38f379aa78d3809af8c07adcf25236c69b03f6f746
a223c78dd6413e093bbbd4c4fb3ea4aae1b3b841c50be948ffc525f98c379fb4
a35210cbca0e6febd9e208d1aedcde494c3320f8d849521d4e77d38e04675e72
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a68c390da50baf3d51a8c3bf88336ddd68a1ef0180afc8f8da3a7b57b6f46431
a6f7dca53f16a9ad837c1c29375ffcb7ce73637405fe41359097de0084719472
a7c9c9da63766f3a9d88a2d52656855a6e961a17501a38ab460cffaac5741d97
a9126c3e6de7a464a8ab270ba91ed042d832650ed600ce367e260c435cf3b6d3
ab1e16c1b3f793e0aec723c7a7add9e179781105d1646ced630af7007ca52720
ab678728d50221c34ab637a8db8060f2d87621fced24a19b1f41ee4ca6a3e3ff
b099aa71f1d5493e78d0f2320334d3f4de0b0c5f9feae339d14b649e500ce6f3
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b600b25b251e390e865717edf2042ece62cda57def37bbd74cac0bd31f6998c9
b60a8e7d173e0c3803ac4db764d7b81bd6264c0d8b77bb37636be7270a44cf6c
b79781efede37903be212fcdf63955e41c8649e678b6b83adf824459d240a188
b965f3023d2635e66fa519a7ef69c94d3b2c644f322fb0b5177a31199c15a8ec
bb080cb6579012eb4d6bf408ed6df2baaedef925648ae6435dfb97b2aa90ef17
bb0c201f0ca67e745869967d48db2e90bf01353d1f305959d487291cab6d0755
bb2b0ce93dcd19f2ecb4a88a81eaf36461c6bb491931b224ab4864c86369ce95
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c02b42d4ccfacd5bf024964dc1201954a5dd6c780543ab13f13082a9b53e5dfd
c3fba32560ae5021cadb1fb9d1a0c7deb49e6e62a460f2e65bf67ad4e3c4bf02
c7e0fbe04ced2489dc388b0b710374790593e5f45799a138a2d4b68fdeaa0d8d
c827ce3bdb2628090e51b95a395fcbce17f466db3a175fc506e40edca9085c90
ca81eda30e45c6ae8d16e07c9ca5c196d5689be5c03ee6033ee20f213017bb84
ceb7d8bd86090ef7c0598b8e51c8786a553aff03223c25d58de6dac1b246e87b
d5dad722ce42464ca6eeba6979cce9e699d33df3024b38282f34f104c123f6b9
d679faa56ffbdcd66a0f0afaeb0503e64221b37cdb13f4f044104441d2aea7fe
d6bfb73b4114f5ab01f594decca5629c81cad999d141c37a52f3f7f59c75058c
d7757b697698663321d1aa627d28ed136dfc56005aed7419652f12c20ebfbddc
d87a909f26f5c050069e34f9cd11539cf2df8ba8fd41629d62f0ec86866db662
d9c1bcd0e1b4cb61c1e9a0d957b23bc829c2f4388d802782b7e85e2b18cbe510
dba5990e090a0ad9eab82503a1305d6b09493723fb5d3dbe12960f370c703f36
dbfbfbd6dd6c5235592a2758e9e25d14b2bf0c92c466f6fb99f647a9190696d4
dc60902a094d2f5a5ec0396f6e2ed26ba791f0e4f9b2365c3b35b032f1baceb7
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
df209fcebac38b3fbd1de0599707e5d5ccd6ff272d14f30a8990cfc262e151de
df30204172065eaf9ae6823bd576561243795a8d2afccdf76622197af1035b6f
e00e8f3fe28976c83dcdf9897a32bfa92ac458a962f012811c56ef5032dad887
e38f5e8da0e0a07af750f7881ca38965e49dcb867385bc5dcb89d7822916fc51
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b2e9dc39c2b0c6d6a620744c82c7a2fae15b26d8a24d05fc6751d0956a9c26
e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1
e56b638e5dcbb312fe7117b1c5efe48260789c9d32c280a9cbfd748782990032
e9aa6fcf5e814e25b7462ed594643e25979cf9c04f3a68197b5755b476ac38a7
e9bcbee0b28877129abee0922dfff48f756f17d66dacba6de48f42e3506f0345
ebaded49db62a60060caa2577f2a4ec1ff68726bc40861bc65d977abeb64fa7d
ec33ca2ecc05bd5aecc7937d5ba7611e21ba5f0be33088e83cf07d93124e74a3
ecb27879c669b3efe26467e7cc0168d7955b73aa22ca9fe786cc41458566545a
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f269af8112dc0471f8aec363272ae1abafeccc2a9d8ea0a81fcbebc64313f3d2
f2af6a03599a30f21216920acbab05ce2903a5f62b4a6b4f9b0a2b234004e53e
f46a61d635ea373f7952ab6436868dbd41e01c748283a465c4294585432e1956
f4e899300032910f4c3fc4e723044ccf3b7bca81ba3c82cc92e8d77a20851444
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f634b91be542081897250daa08ff62f5bdbd0d114a3485efe020d2c07f21fdc5
f65dd0ed5ab0097e2cb276b346ccfaddb2a9134c9278af39c6a24cd821fce06f
f68870a1250e67d9eb6ae2bacb1fd3a1267db6a730f8e333fcf898c461588707
f8d2aaf7646d6a9b92552246e0b4059d1bdd8823f94e232e8c9a48da9be334e7
faa151a98dc2e13ec98be51ba710413804d67734a4c79c38956a124c9c87881a
fb2b1971e54b31144a8794057598aba69ebe1d416c8c75d3a142942917f5e58b
fbc42206d7ec4287cee4e72fab9157e878132a9f9af32bfbbd832d350601047d
fbcc8ad11f96d21cfc94629b8f6e50a94260561eac53cc2cf5aa15c1ed7021ef
fc94c5e59f594984e4129a481e711ef425c56f2a57c114203f387c5cd91b87d1
fe973c6e0f447f5e4ec64051dfc5cfc439dac4a98d9bebd87ca149fc7480abf2
ff716b57d4cc851eeb06073172057cbaf79f88d35c48188f57ec7298b43d1044
ff7442a73d3d7f79668aa60373d515c4d7c971a626ee65e721170e844592b148
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

www.clixblue.com Open in urlscan Pro 2606:4700:3037::6815:57a7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

229 Requests

100 %HTTPS

43 %IPv6

49 Domains

69 Subdomains

48 IPs

7 Countries

3415 kBTransfer

7972 kBSize

20 Cookies

2 Outgoing links

Redirected requests

229 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.clixblue.com Open in urlscan Pro
2606:4700:3037::6815:57a7 Public Scan

Screenshot
Live screenshot

Full Image

229
Requests

100 %
HTTPS

43 %
IPv6

49
Domains

69
Subdomains

48
IPs

7
Countries

3415 kB
Transfer

7972 kB
Size

20
Cookies

229 HTTP transactions
6 data transactions