Submitted URL: http://bloxupdates.com/
Effective URL: https://bloxupdates.com/
Submission: On December 30 via api from US — Scanned from DE

Summary

This website contacted 35 IPs in 5 countries across 25 domains to perform 157 HTTP transactions. The main IP is 3.66.136.156, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is bloxupdates.com.
TLS certificate: Issued by R3 on October 30th 2022. Valid for: 3 months.
This is the only time bloxupdates.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 18.158.98.109 16509 (AMAZON-02)
67 3.66.136.156 16509 (AMAZON-02)
10 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:e4:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 192.0.76.3 2635 (AUTOMATTIC)
5 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:e4:... 13335 (CLOUDFLAR...)
1 2600:9000:214... 16509 (AMAZON-02)
2 2620:116:800d... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:211... 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2a02:2638:1::3 44788 (ASN-CRITE...)
1 2a04:4e42:400... 54113 (FASTLY)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 65.9.66.68 16509 (AMAZON-02)
1 2600:9000:205... 16509 (AMAZON-02)
10 37.157.5.141 198622 (ADFORM)
9 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 35.190.39.111 15169 (GOOGLE)
1 34.246.104.18 16509 (AMAZON-02)
1 162.19.138.117 16276 (OVH)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
6 37.157.5.72 198622 (ADFORM)
1 178.250.2.146 44788 (ASN-CRITE...)
1 34.98.64.218 396982 (GOOGLE-CL...)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
157 35
Apex Domain
Subdomains
Transfer
68 bloxupdates.com
bloxupdates.com
1 MB
18 googlesyndication.com
01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 187
pagead2.googlesyndication.com — Cisco Umbrella Rank: 145
77 KB
16 adform.net
track.adform.net — Cisco Umbrella Rank: 3383
s1.adform.net — Cisco Umbrella Rank: 6770
241 KB
10 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 285
180 KB
5 google.com
adservice.google.com — Cisco Umbrella Rank: 142
www.google.com — Cisco Umbrella Rank: 16
2 KB
5 gstatic.com
fonts.gstatic.com
118 KB
4 google.de
adservice.google.de — Cisco Umbrella Rank: 5450
1 KB
3 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 446
mug.criteo.com — Cisco Umbrella Rank: 1856
7 KB
3 openx.net
oajs.openx.net — Cisco Umbrella Rank: 3285
google-bidout-d.openx.net — Cisco Umbrella Rank: 3239
574 B
3 ezodn.com
go.ezodn.com — Cisco Umbrella Rank: 11798
basher.ezodn.com — Cisco Umbrella Rank: 12441
82 KB
2 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 6999
238 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 221
94 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1879
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1326
10 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1457
id5-sync.com — Cisco Umbrella Rank: 522
17 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1458
pixel.quantserve.com — Cisco Umbrella Rank: 985
10 KB
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 3525
pixel.wp.com — Cisco Umbrella Rank: 2942
3 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 3276
2 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 6344
2 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 488
900 B
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 743
13 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 3597
8 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1277
634 B
1 ezoic.net
go.ezoic.net — Cisco Umbrella Rank: 15640
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 127
2 KB
0 bloxman.com Failed
bloxman.com Failed
157 25
Domain Requested by
68 bloxupdates.com 1 redirects bloxupdates.com
10 track.adform.net 01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com
s1.adform.net
10 securepubads.g.doubleclick.net bloxupdates.com
securepubads.g.doubleclick.net
9 tpc.googlesyndication.com 01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
6 s1.adform.net track.adform.net
s1.adform.net
bloxupdates.com
5 fonts.gstatic.com fonts.googleapis.com
4 adservice.google.com securepubads.g.doubleclick.net
4 adservice.google.de securepubads.g.doubleclick.net
3 01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 gum.criteo.com 1 redirects static.criteo.net
2 oajs.openx.net 1 redirects bloxupdates.com
2 esp.rtbhouse.com invstatic101.creativecdn.com
2 www.googletagservices.com 01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com
2 basher.ezodn.com bloxupdates.com
1 www.google.com tpc.googlesyndication.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 mug.criteo.com bloxupdates.com
1 pixel.wp.com bloxupdates.com
1 id5-sync.com cdn.id5-sync.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 pixel.quantserve.com bloxupdates.com
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com bloxupdates.com
1 go.ezoic.net bloxupdates.com
1 stats.wp.com bloxupdates.com
1 fonts.googleapis.com bloxupdates.com
1 go.ezodn.com bloxupdates.com
0 bloxman.com Failed bloxupdates.com
157 36

This site contains links to these domains. Also see Links.

Domain
silktide.com
www.ezoic.com
Subject Issuer Validity Valid
bloxupdates.com
R3
2022-10-30 -
2023-01-28
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-04 -
2023-06-03
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA
2022-11-14 -
2023-12-15
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.ezoic.net
Amazon
2022-12-17 -
2024-01-15
a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-09 -
2023-09-09
a year crt.sh
*.google.de
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.google.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
quantserve.com
R3
2022-11-11 -
2023-02-09
3 months crt.sh
oa.openxcdn.net
GTS CA 1D4
2022-12-02 -
2023-03-02
3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-11-08 -
2023-02-04
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4
2022-12-23 -
2024-01-24
a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4
2022-11-02 -
2023-01-31
3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2022-05-01 -
2023-06-02
a year crt.sh
cdn.prod.uidapi.com
R3
2022-11-29 -
2023-02-27
3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2022-09-20 -
2023-09-20
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
esp.rtbhouse.com
GTS CA 1D4
2022-11-23 -
2023-02-21
3 months crt.sh
*.id5-sync.com
R3
2022-11-09 -
2023-02-07
3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-10-31 -
2023-01-26
3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
www.google.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh

This page contains 9 frames:

Primary Page: https://bloxupdates.com/
Frame ID: E9E3C3A6FC0BFBD6020B477E9FF351F7
Requests: 118 HTTP requests in this frame

Frame: https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FE04720B8A65414252EC09EEF320C4CA
Requests: 1 HTTP requests in this frame

Frame: https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EC49A73C2731D662A7AAB7E50BD6EED8
Requests: 16 HTTP requests in this frame

Frame: https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D75623EFD5F6A0C32F7D96DE5B0E6B8C
Requests: 16 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=bloxupdates.com
Frame ID: 96293D5322DF8E933255474BB6BF100A
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 99F745FDB86194531E2AD6B2669F04E2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 97A21BB0D8E2C06FB0DD14EBE9C06920
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 75867C9A0DE7F1851C9E22BCAD393566
Requests: 2 HTTP requests in this frame

Frame: https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 74ACF7CFE1EFDE92348C675E6DF44706
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Home - My Blog

Page URL History Show full URLs

  1. http://bloxupdates.com/ HTTP 301
    https://bloxupdates.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • cookieconsent\.min\.js

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

157
Requests

96 %
HTTPS

60 %
IPv6

25
Domains

36
Subdomains

35
IPs

5
Countries

2231 kB
Transfer

5260 kB
Size

36
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bloxupdates.com/ HTTP 301
    https://bloxupdates.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 101
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fbloxupdates.com%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fbloxupdates.com%2F&rid=esp&cc=1
Request Chain 105
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=bloxupdates.com&sn=ChromeSyncframe&so=0&topUrl=bloxupdates.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=slHcEHx6b096SllJVlNtWkV5S2VTMGNhN25ubnEya3ordEtDYmVneUd2Q3J0WGZ3U3hSQWZjbVp4Tkwwci9GejhoakxFdmExMDlkeXRXWHE2UW15S1VjK0dnblNyTkMwTGk1VEhpQjVra3pQMEFtU3ZkcXZGSmN6UThGekRlWkUzaVU3ZWlyeUpsTUwzSDROVzFkL3UxMXUrRlpQcEE0cC8vbXNaYUhVVTZPdnNETjZLK0NlSUNPdk12MHQ2aHJJSGxkMjFMbXVpdUNyUnA5NDN0ajBqaTZTNmhubnZGN09nYTdyU25WblUrS2svSDkya1FCQmtqVmlHeFVyOERkQ0d1bi85SFExSERqNEZvc3dWb2pvbnhXb0NEZz09fA&cppv=2

157 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
bloxupdates.com/
Redirect Chain
  • http://bloxupdates.com/
  • https://bloxupdates.com/
196 KB
34 KB
Document
General
Full URL
https://bloxupdates.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.6 /
Resource Hash
cf59824b6de0f006f06762b354b93b96619a19f14e8aebf3763b2afda087ddf0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0, must-revalidate, no-cache, no-store
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 30 Dec 2022 07:06:03 UTC
display
pub_site_sol
expires
Thu, 29 Dec 2022 07:06:03 GMT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
link
<https://bloxupdates.com/wp-json/>; rel="https://api.w.org/", <https://bloxupdates.com/wp-json/wp/v2/pages/1218>; rel="alternate"; type="application/json", <https://bloxupdates.com/>; rel=shortlink
pagespeed
off
response
200
server
nginx/1.21.6
vary
Accept-Encoding,User-Agent
x-endurance-cache-level
2
x-ezoic-cdn
Miss
x-middleton-display
pub_site_sol
x-middleton-response
200
x-nginx-cache
WordPress
x-origin-cache-control
max-age=7200
x-server-cache
false
x-sol
pub_site

Redirect headers

Cache-Control
public, max-age=2592000
Content-Length
232
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 30 Dec 2022 07:06:02 UTC
Display
staticcontent_sol
Location
https://bloxupdates.com/
Pagespeed
off
Response
301
Server
Apache
Vary
Accept-Encoding,User-Agent,Origin
X-Ezoic-Cdn
Hit ds;ds;ae86d72a9d7e08e8431b1c0ff0267fba;2-331802-0;cb905094-2a17-40fd-6367-7806eef50ab4
X-Middleton-Display
staticcontent_sol
X-Middleton-Response
301
X-Origin-Cache-Control
X-Sol
pub_site
gpt.js
securepubads.g.doubleclick.net/tag/js/
80 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27542
x-xss-protection
0
server
sffe
etag
"1436 / 94 of 1000 / last-modified: 1670587517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 30 Dec 2022 07:06:03 GMT
dall.js
go.ezodn.com/hb/
268 KB
81 KB
Script
General
Full URL
https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,onetag,sharethrough&cb=195-0-50
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7330408577d97f041589e853d412b8de5a7f5d7fea76e499447e5910af8d1dc7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 05 Dec 2022 19:49:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2114222
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bm3yI77Bf2eJOk1%2FSpYmnFEQsMxnj9lUeRLRXRHPHLMw%2B1HnDmuESQs9YdjM8nITRNzd8BzIcr4Gs32mafop6Obk6Wg771xGyevP4%2BB%2B6Kvapq0lPRUOryefy0zMxwhkROLrU5w6%2FD2J3wE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7818ee3e388e9b7c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
fads.js
bloxupdates.com/porpoiseant/
8 KB
2 KB
Script
General
Full URL
https://bloxupdates.com/porpoiseant/fads.js?gcb=195-0&cb=6
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
f08bda7e60fadca736bd7ed81684d6dd9bd11951aada10c84e66cbeac3c52197

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:03 GMT
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
banger.js
bloxupdates.com/porpoiseant/
52 KB
13 KB
Script
General
Full URL
https://bloxupdates.com/porpoiseant/banger.js?cb=195-0&bv=170&v=71&PageSpeed=off
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
bd6fb03f75920f79b381032152cbc75d9a59045ee4e0d73b9bd336ca8faba9d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:04 GMT
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
wp-emoji-release.min.js
bloxupdates.com/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://bloxupdates.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:05 UTC
content-encoding
br
display
staticcontent_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol
x-middleton-response
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
response
200
last-modified
Fri, 23 Dec 2022 17:53:57 GMT
server
Apache
x-nginx-cache
WordPress
x-origin-cache-control
max-age=86400
vary
Accept-Encoding,User-Agent,Origin
x-endurance-cache-level
2
content-type
application/javascript
cache-control
max-age=86400
expires
Sat, 31 Dec 2022 07:06:05 GMT
style.min.css
bloxupdates.com/wp-includes/css/dist/block-library/
93 KB
11 KB
Stylesheet
General
Full URL
https://bloxupdates.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:04 UTC
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
response
200
last-modified
Fri, 23 Dec 2022 17:53:57 GMT
server
Apache
x-nginx-cache
WordPress
x-origin-cache-control
max-age=86400
vary
Accept-Encoding,User-Agent,Origin
x-endurance-cache-level
2
content-type
text/css
cache-control
max-age=86400
expires
Sat, 31 Dec 2022 07:06:04 GMT
mediaelementplayer-legacy.min.css
bloxupdates.com/wp-includes/js/mediaelement/
11 KB
3 KB
Stylesheet
General
Full URL
https://bloxupdates.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:04 UTC
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
response
200
last-modified
Fri, 23 Dec 2022 17:53:57 GMT
server
Apache
x-nginx-cache
WordPress
x-origin-cache-control
max-age=86400
vary
Accept-Encoding,User-Agent,Origin
x-endurance-cache-level
2
content-type
text/css
cache-control
max-age=86400
expires
Sat, 31 Dec 2022 07:06:04 GMT
wp-mediaelement.min.css
bloxupdates.com/wp-includes/js/mediaelement/
4 KB
1 KB
Stylesheet
General
Full URL
https://bloxupdates.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:04 UTC
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
984
response
200
last-modified
Fri, 23 Dec 2022 17:53:57 GMT
server
Apache
x-nginx-cache
WordPress
x-origin-cache-control
max-age=86400
vary
Accept-Encoding,User-Agent,Origin
x-endurance-cache-level
2
content-type
text/css
cache-control
max-age=86400
expires
Sat, 31 Dec 2022 07:06:04 GMT
classic-themes.min.css
bloxupdates.com/wp-includes/css/
217 B
192 B
Stylesheet
General
Full URL
https://bloxupdates.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:04 UTC
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
147
response
200
last-modified
Fri, 23 Dec 2022 17:53:57 GMT
server
Apache
x-nginx-cache
WordPress
x-origin-cache-control
max-age=86400
vary
Accept-Encoding,User-Agent,Origin
x-endurance-cache-level
2
content-type
text/css
cache-control
max-age=86400
expires
Sat, 31 Dec 2022 07:06:04 GMT
styles.css
bloxupdates.com/wp-content/plugins/contact-form-7/includes/css/
3 KB
892 B
Stylesheet
General
Full URL
https://bloxupdates.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.4
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:04 UTC
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
850
response
200
last-modified
Fri, 23 Dec 2022 17:53:57 GMT
server
Apache
x-nginx-cache
WordPress
x-origin-cache-control
max-age=86400
vary
Accept-Encoding,User-Agent,Origin
x-endurance-cache-level
2
content-type
text/css
cache-control
max-age=86400
expires
Sat, 31 Dec 2022 07:06:04 GMT
cookie-law-info-public.css
bloxupdates.com/wp-content/plugins/cookie-law-info/public/css/
3 KB
869 B
Stylesheet
General
Full URL
https://bloxupdates.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.0.9
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
b8fa20af264fcdd99621fc4e3a770927452b0fe382599e0d890a3bfa31152f80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:04 UTC
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
827
response
200
last-modified
Fri, 23 Dec 2022 17:53:57 GMT
server
Apache
x-nginx-cache
WordPress
x-origin-cache-control
max-age=86400
vary
Accept-Encoding,User-Agent,Origin
x-endurance-cache-level
2
content-type
text/css
cache-control
max-age=86400
expires
Sat, 31 Dec 2022 07:06:04 GMT
cookie-law-info-gdpr.css
bloxupdates.com/wp-content/plugins/cookie-law-info/public/css/
28 KB
5 KB
Stylesheet
General
Full URL
https://bloxupdates.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.0.9
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
53581b39a00a531084a31554d7f557aaca01e4c7bc8fd0cb314c98a9dce69325

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:04 UTC
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
response
200
last-modified
Fri, 23 Dec 2022 17:53:57 GMT
server
Apache
x-nginx-cache
WordPress
x-origin-cache-control
max-age=86400
vary
Accept-Encoding,User-Agent,Origin
x-endurance-cache-level
2
content-type
text/css
cache-control
max-age=86400
expires
Sat, 31 Dec 2022 07:06:04 GMT
style.css
bloxupdates.com/wp-content/plugins/td-composer/td-multi-purpose/
36 KB
4 KB
Stylesheet
General
Full URL
https://bloxupdates.com/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=381db5cebf26144e1b1ab5f0477be694
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
d227e31ec93027f2b903fe5011b6ef0d67fd1fd8e0105843a2f56626e74f4322

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:04 UTC
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
response
200
last-modified
Fri, 23 Dec 2022 17:53:57 GMT
server
Apache
x-nginx-cache
WordPress
x-origin-cache-control
max-age=86400
vary
Accept-Encoding,User-Agent,Origin
x-endurance-cache-level
2
content-type
text/css
cache-control
max-age=86400
expires
Sat, 31 Dec 2022 07:06:04 GMT
css
fonts.googleapis.com/
27 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Archivo+Narrow%3A400%2C300%2C700%7COswald%3A400%2C300%2C700%7COpen+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=11.4
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
db53b68998caaae4358a3bc730930255dd30a319e28502fd228bb3718915e017
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 30 Dec 2022 07:06:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 30 Dec 2022 07:06:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 30 Dec 2022 07:06:03 GMT
tds-front.css
bloxupdates.com/wp-content/plugins/td-subscription/assets/css/
45 KB
7 KB
Stylesheet
General
Full URL
https://bloxupdates.com/wp-content/plugins/td-subscription/assets/css/tds-front.css?ver=___td-subscription___
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
0861ad16fd78c0e6af661a9875f6145cdfc922152a04f7295712f1df9c2b1ca8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:04 UTC
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
response
200
last-modified
Fri, 23 Dec 2022 17:53:57 GMT
server
Apache
x-nginx-cache
WordPress
x-origin-cache-control
max-age=86400
vary
Accept-Encoding,User-Agent,Origin
x-endurance-cache-level
2
content-type
text/css
cache-control
max-age=86400
expires
Sat, 31 Dec 2022 07:06:04 GMT
style.css
bloxupdates.com/wp-content/themes/Newspaper/
146 KB
23 KB
Stylesheet
General
Full URL
https://bloxupdates.com/wp-content/themes/Newspaper/style.css?ver=11.4
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e1056ba71e3fcb9898b0cd94af69bdb9f4ce94cca79fd0ac2a1ec1a4d505523a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:04 UTC
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
response
200
last-modified
Fri, 23 Dec 2022 17:53:57 GMT
server
Apache
x-nginx-cache
WordPress
x-origin-cache-control
max-age=86400
vary
Accept-Encoding,User-Agent,Origin
x-endurance-cache-level
2
content-type
text/css
cache-control
max-age=86400
expires
Sat, 31 Dec 2022 07:06:04 GMT
td_legacy_main.css
bloxupdates.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/
155 KB
22 KB
Stylesheet
General
Full URL
https://bloxupdates.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=381db5cebf26144e1b1ab5f0477be694
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
9fde46370e7dfc5dbc549914da67dad5fe3220607a612de2909483d186376bbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:04 UTC
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
response
200
last-modified
Fri, 23 Dec 2022 17:53:57 GMT
server
Apache
x-nginx-cache
WordPress
x-origin-cache-control
max-age=86400
vary
Accept-Encoding,User-Agent,Origin
x-endurance-cache-level
2
content-type
text/css
cache-control
max-age=86400
expires
Sat, 31 Dec 2022 07:06:04 GMT
td_standard_pack_main.css
bloxupdates.com/wp-content/plugins/td-standard-pack/Newspaper/assets/css/
715 KB
56 KB
Stylesheet
General
Full URL
https://bloxupdates.com/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=79f8a1d02f05c15c98a62e68cd419e0b
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
7a89d23287ae3c749a356c76da7ef88c34d0ed018c049701b05304c3f6601ab7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:04 UTC
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
response
200
last-modified
Fri, 23 Dec 2022 17:53:57 GMT
server
Apache
x-nginx-cache
WordPress
x-origin-cache-control
max-age=86400
vary
Accept-Encoding,User-Agent,Origin
x-endurance-cache-level
2
content-type
text/css
cache-control
max-age=86400
expires
Sat, 31 Dec 2022 07:06:04 GMT
jetpack.css
bloxupdates.com/wp-content/plugins/jetpack/css/
86 KB
16 KB
Stylesheet
General
Full URL
https://bloxupdates.com/wp-content/plugins/jetpack/css/jetpack.css?ver=10.6
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
1021efafbf9b43acf446f436556222d910e0d86d09d796b6fb16101efedffa22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:04 UTC
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
response
200
last-modified
Fri, 23 Dec 2022 17:53:57 GMT
server
Apache
x-nginx-cache
WordPress
x-origin-cache-control
max-age=86400
vary
Accept-Encoding,User-Agent,Origin
x-endurance-cache-level
2
content-type
text/css
cache-control
max-age=86400
expires
Sat, 31 Dec 2022 07:06:04 GMT
jquery.min.js
bloxupdates.com/wp-includes/js/jquery/
88 KB
30 KB
Script
General
Full URL
https://bloxupdates.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:04 UTC
content-encoding
br
display
staticcontent_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol
x-middleton-response
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
response
200
last-modified
Fri, 23 Dec 2022 17:53:57 GMT
server
Apache
x-nginx-cache
WordPress
x-origin-cache-control
max-age=86400
vary
Accept-Encoding,User-Agent,Origin
x-endurance-cache-level
2
content-type
application/javascript
cache-control
max-age=86400
expires
Sat, 31 Dec 2022 07:06:04 GMT
jquery-migrate.min.js
bloxupdates.com/wp-includes/js/jquery/
11 KB
4 KB
Script
General
Full URL
https://bloxupdates.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:04 UTC
content-encoding
br
display
staticcontent_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol
x-middleton-response
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
response
200
last-modified
Fri, 23 Dec 2022 17:53:57 GMT
server
Apache
x-nginx-cache
WordPress
x-origin-cache-control
max-age=86400
vary
Accept-Encoding,User-Agent,Origin
x-endurance-cache-level
2
content-type
application/javascript
cache-control
max-age=86400
expires
Sat, 31 Dec 2022 07:06:04 GMT
cookie-law-info-public.js
bloxupdates.com/wp-content/plugins/cookie-law-info/public/js/
34 KB
8 KB
Script
General
Full URL
https://bloxupdates.com/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.0.9
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
10cf2ce0cc42858f2fd454d84251301a563650a0122921694c7429ad0ba5404d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:04 UTC
content-encoding
br
display
staticcontent_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol
x-middleton-response
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
response
200
last-modified
Fri, 23 Dec 2022 17:53:57 GMT
server
Apache
x-nginx-cache
WordPress
x-origin-cache-control
max-age=86400
vary
Accept-Encoding,User-Agent,Origin
x-endurance-cache-level
2
content-type
application/javascript
cache-control
max-age=86400
expires
Sat, 31 Dec 2022 07:06:04 GMT
cookieconsent.min.js
bloxupdates.com/ezoic/
4 KB
2 KB
Script
General
Full URL
https://bloxupdates.com/ezoic/cookieconsent.min.js
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
10d4b728888654e0b85c706a9310b551087d3321fb8ebfff147d07b13fa73bf0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:03 GMT
content-encoding
br
last-modified
Fri, 23 Dec 2022 17:53:57 GMT
server
Apache/2.4.39 (Ubuntu)
etag
"11a4-5f08278397740-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-robots-tag
noindex
expires
Sat, 30 Dec 2023 07:06:03 GMT
22-300x72.png
bloxupdates.com/wp-content/uploads/2022/02/
12 KB
12 KB
Image
General
Full URL
https://bloxupdates.com/wp-content/uploads/2022/02/22-300x72.png
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
b51a3ec367e2c689bd286f090bab4ffe838610e8b004aacc67b04b45e688ee85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:05 UTC
content-encoding
br
display
staticcontent_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol
x-middleton-response
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
response
200
last-modified
Fri, 23 Dec 2022 17:53:57 GMT
server
Apache
x-nginx-cache
WordPress
x-origin-cache-control
max-age=86400
vary
Accept-Encoding,User-Agent,Origin
x-endurance-cache-level
2
content-type
image/png
cache-control
max-age=604800
expires
Sat, 31 Dec 2022 07:06:05 GMT
newspaper-rec728.jpg
bloxman.com/wp-content/uploads/2022/01/
0
0

cookie-law-info-table.css
bloxupdates.com/wp-content/plugins/cookie-law-info/public/css/
6 KB
2 KB
Stylesheet
General
Full URL
https://bloxupdates.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-table.css?ver=2.0.9
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
c637118647db8d74b6e583059b4534d627125e1075ae3cae2ac66fb9953783f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:04 UTC
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-ezoic-cdn
Hit ds;mm;b90f7a8d76ab12d275bc2694181e995a;2-331802-0;073e341e-8994-4b6b-64f9-034b7e036513
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
response
200
last-modified
Fri, 23 Dec 2022 17:53:57 GMT
server
Apache
x-nginx-cache
WordPress
x-origin-cache-control
max-age=86400
vary
Accept-Encoding,User-Agent,Origin
x-endurance-cache-level
2
content-type
text/css
cache-control
max-age=86400
regenerator-runtime.min.js
bloxupdates.com/wp-includes/js/dist/vendor/
6 KB
2 KB
Script
General
Full URL
https://bloxupdates.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:05 UTC
content-encoding
br
display
staticcontent_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol
x-middleton-response
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
response
200
last-modified
Fri, 23 Dec 2022 17:53:57 GMT
server
Apache
x-nginx-cache
WordPress
x-origin-cache-control
max-age=86400
vary
Accept-Encoding,User-Agent,Origin
x-endurance-cache-level
2
content-type
application/javascript
cache-control
max-age=86400
expires
Sat, 31 Dec 2022 07:06:05 GMT
wp-polyfill.min.js
bloxupdates.com/wp-includes/js/dist/vendor/
17 KB
6 KB
Script
General
Full URL
https://bloxupdates.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:05 UTC
content-encoding
br
display
staticcontent_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol
x-middleton-response
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
response
200
last-modified
Fri, 23 Dec 2022 17:53:57 GMT
server
Apache
x-nginx-cache
WordPress
x-origin-cache-control
max-age=86400
vary
Accept-Encoding,User-Agent,Origin
x-endurance-cache-level
2
content-type
application/javascript
cache-control
max-age=86400
expires
Sat, 31 Dec 2022 07:06:05 GMT
index.js
bloxupdates.com/wp-content/plugins/contact-form-7/includes/js/
9 KB
3 KB
Script
General
Full URL
https://bloxupdates.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.4
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:05 UTC
content-encoding
br
display
staticcontent_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol
x-middleton-response
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
response
200
last-modified
Fri, 23 Dec 2022 17:53:57 GMT
server
Apache
x-nginx-cache
WordPress
x-origin-cache-control
max-age=86400
vary
Accept-Encoding,User-Agent,Origin
x-endurance-cache-level
2
content-type
application/javascript
cache-control
max-age=86400
expires
Sat, 31 Dec 2022 07:06:05 GMT
underscore.min.js
bloxupdates.com/wp-includes/js/
18 KB
7 KB
Script
General
Full URL
https://bloxupdates.com/wp-includes/js/underscore.min.js?ver=1.13.4
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:05 UTC
content-encoding
br
display
staticcontent_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol
x-middleton-response
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
response
200
last-modified
Fri, 23 Dec 2022 17:53:57 GMT
server
Apache
x-nginx-cache
WordPress
x-origin-cache-control
max-age=86400
vary
Accept-Encoding,User-Agent,Origin
x-endurance-cache-level
2
content-type
application/javascript
cache-control
max-age=86400
expires
Sat, 31 Dec 2022 07:06:05 GMT
js_posts_autoload.min.js
bloxupdates.com/wp-content/plugins/td-cloud-library/assets/js/
5 KB
2 KB
Script
General
Full URL
https://bloxupdates.com/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=c181d64d1d8a935f19bbe229f049bcfe
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
1cb5dcdb11eda07425f9584041552e161f7ff7395cf52d201e023dcd869157f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:05 UTC
content-encoding
br
display
staticcontent_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol
x-middleton-response
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
response
200
last-modified
Fri, 23 Dec 2022 17:53:57 GMT
server
Apache
x-nginx-cache
WordPress
x-origin-cache-control
max-age=86400
vary
Accept-Encoding,User-Agent,Origin
x-endurance-cache-level
2
content-type
application/javascript
cache-control
max-age=86400
expires
Sat, 31 Dec 2022 07:06:05 GMT
tagdiv_theme.min.js
bloxupdates.com/wp-content/plugins/td-composer/legacy/Newspaper/js/
266 KB
58 KB
Script
General
Full URL
https://bloxupdates.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11.4
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
64aa3aea4984154fa8dbe542159695fdc109c6421f7e7ee3513779404181e676

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:05 UTC
content-encoding
br
display
staticcontent_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol
x-middleton-response
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
response
200
last-modified
Fri, 23 Dec 2022 17:53:57 GMT
server
Apache
x-nginx-cache
WordPress
x-origin-cache-control
max-age=86400
vary
Accept-Encoding,User-Agent,Origin
x-endurance-cache-level
2
content-type
application/javascript
cache-control
max-age=86400
expires
Sat, 31 Dec 2022 07:06:05 GMT
comment-reply.min.js
bloxupdates.com/wp-includes/js/
3 KB
1 KB
Script
General
Full URL
https://bloxupdates.com/wp-includes/js/comment-reply.min.js?ver=6.1.1
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:05 UTC
content-encoding
br
display
staticcontent_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol
x-middleton-response
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
1231
response
200
last-modified
Fri, 23 Dec 2022 17:53:57 GMT
server
Apache
x-nginx-cache
WordPress
x-origin-cache-control
max-age=86400
vary
Accept-Encoding,User-Agent,Origin
x-endurance-cache-level
2
content-type
application/javascript
cache-control
max-age=86400
expires
Sat, 31 Dec 2022 07:06:05 GMT
js_files_for_front.min.js
bloxupdates.com/wp-content/plugins/td-subscription/assets/js/
9 KB
3 KB
Script
General
Full URL
https://bloxupdates.com/wp-content/plugins/td-subscription/assets/js/js_files_for_front.min.js?ver=___td-subscription___
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
eebd5288ecc05b1f945181533def0c5d2e9da2f1bcc63ec0364b39a27ffb7a96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:05 UTC
content-encoding
br
display
staticcontent_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol
x-middleton-response
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
response
200
last-modified
Fri, 23 Dec 2022 17:53:57 GMT
server
Apache
x-nginx-cache
WordPress
x-origin-cache-control
max-age=86400
vary
Accept-Encoding,User-Agent,Origin
x-endurance-cache-level
2
content-type
application/javascript
cache-control
max-age=86400
expires
Sat, 31 Dec 2022 07:06:05 GMT
js_files_for_front.min.js
bloxupdates.com/wp-content/plugins/td-cloud-library/assets/js/
37 KB
8 KB
Script
General
Full URL
https://bloxupdates.com/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=c181d64d1d8a935f19bbe229f049bcfe
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
5d5ee2ea990988787e3dd82b9b312600c09ce412250e63530e0e347c04b06c1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:05 UTC
content-encoding
br
display
staticcontent_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol
x-middleton-response
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
response
200
last-modified
Fri, 23 Dec 2022 17:53:57 GMT
server
Apache
x-nginx-cache
WordPress
x-origin-cache-control
max-age=86400
vary
Accept-Encoding,User-Agent,Origin
x-endurance-cache-level
2
content-type
application/javascript
cache-control
max-age=86400
expires
Sat, 31 Dec 2022 07:06:05 GMT
e-202252.js
stats.wp.com/
9 KB
3 KB
Script
General
Full URL
https://stats.wp.com/e-202252.js
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nc
HIT ams
date
Fri, 30 Dec 2022 07:06:04 GMT
content-encoding
br
server
nginx
etag
W/"6197c5cf-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Wed, 27 Dec 2023 00:57:11 GMT
augusta.js
bloxupdates.com/detroitchicago/
2 KB
1013 B
Script
General
Full URL
https://bloxupdates.com/detroitchicago/augusta.js?cb=24
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
dcc0b6437eeec474b65774198371749c6e3f11c12b0bc14f3a971714d0d0e52b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:04 GMT
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
content-length
958
cmbv2.js
bloxupdates.com/detroitchicago/
48 KB
13 KB
Script
General
Full URL
https://bloxupdates.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-22y13-4y17-5y1c-y22-3y30-4y59-2y5d-22y64-1&cmbcb=118&sj=x04x02x06x07x0bx0dx13x17x1cx22x30x59x5dx64
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
b222bcf645f96c7c9c04c9d705affa8efd25d1194feb6cc2d33cd3511e75f51a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:04 GMT
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
mobile-bg.jpg
bloxman.com/wp-content/uploads/2022/01/
0
0

newspaper.woff
bloxupdates.com/wp-content/themes/Newspaper/images/icons/
24 KB
16 KB
Font
General
Full URL
https://bloxupdates.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?19
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/wp-content/themes/Newspaper/style.css?ver=11.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ea9ad8f6ace011a694d664482cc6ca0acc2dd86a8d6b684154327ec84c0c95fd

Request headers

Referer
https://bloxupdates.com/wp-content/themes/Newspaper/style.css?ver=11.4
Origin
https://bloxupdates.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:05 UTC
content-encoding
br
display
staticcontent_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol
x-middleton-response
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
response
200
last-modified
Fri, 23 Dec 2022 17:53:57 GMT
server
Apache
x-nginx-cache
WordPress
x-origin-cache-control
max-age=86400
access-control-max-age
1728000
access-control-allow-methods
POST, GET, OPTIONS
content-type
font/woff
access-control-allow-origin
https://bloxupdates.com
x-endurance-cache-level
2
cache-control
max-age=86400
vary
Accept-Encoding,User-Agent,Origin
expires
Sat, 31 Dec 2022 07:06:05 GMT
TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v49/
25 KB
25 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo+Narrow%3A400%2C300%2C700%7COswald%3A400%2C300%2C700%7COpen+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=11.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bloxupdates.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 21:13:14 GMT
x-content-type-options
nosniff
age
294770
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25372
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:24:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Dec 2023 21:13:14 GMT
truncated
/
121 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo+Narrow%3A400%2C300%2C700%7COswald%3A400%2C300%2C700%7COpen+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=11.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bloxupdates.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 19:42:15 GMT
x-content-type-options
nosniff
age
41029
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Dec 2023 19:42:15 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo+Narrow%3A400%2C300%2C700%7COswald%3A400%2C300%2C700%7COpen+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=11.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bloxupdates.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 18:50:24 GMT
x-content-type-options
nosniff
age
303340
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Dec 2023 18:50:24 GMT
tss0ApVBdCYD5Q7hcxTE1ArZ0bbwiXw.woff2
fonts.gstatic.com/s/archivonarrow/v28/
17 KB
17 KB
Font
General
Full URL
https://fonts.gstatic.com/s/archivonarrow/v28/tss0ApVBdCYD5Q7hcxTE1ArZ0bbwiXw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo+Narrow%3A400%2C300%2C700%7COswald%3A400%2C300%2C700%7COpen+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=11.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75a06255783cd39b9a9f24cd51d3a9c0ee78b535636b8dfca075a8e519416937
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bloxupdates.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 21:14:18 GMT
x-content-type-options
nosniff
age
121906
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17508
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 18:00:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Dec 2023 21:14:18 GMT
truncated
/
101 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9a612722eed86936463bc8772a9d4509e0c24f22485221beaa583a60079fef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
117 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2c9f518ec6a8748dd27703e15b4c4c1f44590cee03193fe9c542678c80c6b27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/
380 KB
129 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 21:26:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34794
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 29 Dec 2023 21:26:10 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
93 B
86 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=bloxupdates.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de7e978c99e3e782f9077d8845adeeb4bc5a3dd1e6239edeb322f416dbebd733
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62
x-xss-protection
0
expires
Fri, 30 Dec 2022 07:06:05 GMT
/
basher.ezodn.com/
234 B
698 B
XHR
General
Full URL
https://basher.ezodn.com/?did=331802&bf=10&dc=1254144
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/porpoiseant/banger.js?cb=195-0&bv=170&v=71&PageSpeed=off
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e4::ac40:a006 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d61ed2d6f691389596fad09cd95740f4408165d19d3c424152a68a29111b15de

Request headers

Referer
https://bloxupdates.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
X-PINGBACK
pingpong
Content-Type
application/json

Response headers

date
Fri, 30 Dec 2022 07:06:05 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-max-age
86400
vary
Origin, Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://bloxupdates.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4rGDnPQdLKPCmyIHfHlmpjrkMCstmqylqF52C4u2yzARnC5j498l9kuTeA%2FFD2JacZ7MYoEVmEStiS06gkkmiA6MfR3HgLs%2BZDHJnlNXeQMdj2kLwxH4RcVEEuxa0hQDmIn0YxqcqKHtlXvP2i0K"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
public, max-age=84400
cf-ray
7818ee459b169235-FRA
access-control-allow-headers
Content-Type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
basher.ezodn.com/ Frame
0
0
Preflight
General
Full URL
https://basher.ezodn.com/?did=331802&bf=10&dc=1254144
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a006 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-pingback
Access-Control-Request-Method
GET
Origin
https://bloxupdates.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-pingback
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://bloxupdates.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray
7818ee456a9d8fe2-FRA
content-length
0
content-type
application/json
date
Fri, 30 Dec 2022 07:06:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7El96xFJ8ZmiWpjS8oP7OBfAxDjH7vsonR9PdVTZjJVgGcsKO%2Bf7RjJjqF0ZxTZ%2ByF3419jvzSxK14%2FiROhLrK7TCM%2Fn4fiC8XDlwY86h5vSbbLjJoRpqHU%2B48%2F6Qk7PTmmh19Mfc%2F3nuZuTZZfV"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Accept-Encoding
ezoic.png
go.ezoic.net/utilcave_com/img/
1 KB
2 KB
Image
General
Full URL
https://go.ezoic.net/utilcave_com/img/ezoic.png
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:200:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 20:21:16 GMT
via
1.1 7549433a09d06354ea864d169b689e50.cloudfront.net (CloudFront)
x-sol
middleton
display
staticcontent_sol
x-amz-cf-pop
FRA53-C1
age
557089
x-cache
Hit from cloudfront
x-lt-time
1
x-middleton-display
staticcontent_sol
content-length
1181
last-modified
Fri, 16 Dec 2022 16:32:44 GMT
server
Apache/2.4.39 (Ubuntu)
etag
"49d-5d9576f862e00-gzip-gzip"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=604800
x-amz-cf-id
pabNJvYqCbAozPHXQ2T72LRRSw1mhgiFRgE-Y4Ql94kLIcHqLai2fQ==
expires
Fri, 30 Dec 2022 20:21:16 GMT
imp.gif
bloxupdates.com/detroitchicago/
43 B
279 B
Ping
General
Full URL
https://bloxupdates.com/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A1%2C%22ad_count_adjustment%22%3A2%2C%22ad_lazyload_version%22%3A6%2C%22ad_load_version%22%3A1%2C%22ad_location_ids%22%3A%225%2C4%2C22%2C22%2C22%2C34%2C35%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A7%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A4%2C%22city%22%3A%22Frankfurt%20am%20Main%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A4%2C%22domain_id%22%3A331802%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A1%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A9%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221100%2C1106%2C1108%2C1109%2C1109%2C1109%2C1110%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%2282cf8ca0-4047-462e-5e2f-3d16f312f78b%22%2C%22position_selection_id%22%3A46%2C%22postal_code%22%3A%2260326%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A149686%2C%22response_time_orig%22%3A1302%2C%22serverid%22%3A%223.69.44.196%3A13235%22%2C%22state%22%3A%22HE%22%2C%22sub_page_ad_positions%22%3A%221100%2C1106%2C1108%2C1109%2C1109%2C1109%2C1110%22%2C%22t_epoch%22%3A1672383962%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fbloxupdates.com%2F%22%2C%22user_id%22%3A0%2C%22word_count%22%3A1200%2C%22worst_bad_word_level%22%3A0%7D
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-22y13-4y17-5y1c-y22-3y30-4y59-2y5d-22y64-1&cmbcb=118&sj=x04x02x06x07x0bx0dx13x17x1cx22x30x59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:03 GMT
content-encoding
br
access-control-max-age
1728000
access-control-allow-methods
HEAD, PUT, POST, GET, OPTIONS
content-type
image/gif
access-control-allow-origin
https://bloxupdates.com
x-middleton-display
imp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
access-control-allow-headers
Content-Type
content-length
47
expires
Thu, 29 Dec 2022 07:06:03 GMT
quant.js
secure.quantserve.com/
25 KB
10 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-22y13-4y17-5y1c-y22-3y30-4y59-2y5d-22y64-1&cmbcb=118&sj=x04x02x06x07x0bx0dx13x17x1cx22x30x59x5dx64
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d854082be0173c977aad8f65cdb9b88fd005f3dd3f34f894ab9fdba5a283780f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:05 GMT
content-encoding
gzip
etag
"StHfV9prSwQMxjKWocWEFw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Fri, 06 Jan 2023 07:06:05 GMT
cmbdv2.js
bloxupdates.com/detroitchicago/
41 KB
10 KB
Script
General
Full URL
https://bloxupdates.com/detroitchicago/cmbdv2.js?gcb=195-0&cb=03-8y0c-6y18-5y5e-22&cmbcb=118&sj=x03x0cx18x5e
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
6d268bd506ff1c1e08e64d7635a225dd65e935b40d5523dd64adf76852f4dadc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:05 GMT
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
nmash.js
bloxupdates.com/porpoiseant/
23 KB
6 KB
Other
General
Full URL
https://bloxupdates.com/porpoiseant/nmash.js?v=170
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
3bd63bf62085617848ae583a73def38fed9a18804c35ed31644e92b21d84de5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:04 GMT
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=0, public
x-robots-tag
noindex
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo+Narrow%3A400%2C300%2C700%7COswald%3A400%2C300%2C700%7COpen+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=11.4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bloxupdates.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 16:44:52 GMT
x-content-type-options
nosniff
age
310873
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Dec 2023 16:44:52 GMT
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=bloxupdates.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=bloxupdates.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
1 KB
664 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2773558372990557&correlator=3457166669287378&eid=44777628&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=1254144%3A22676949412%2Cbloxupdates_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ifi=1&adks=223049952&didk=4012793276&sfv=1-0-40&prev_scp=a%3D%257C0%257C%26iid1%3D5472584002098002%26eid%3D5472584002098002%26t%3D134%26d%3D331802%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod60-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dbloxupdates_com-medrectangle-2-5472584002098002%26eb_br%3D60474211daf1dfd4d90000ea01f56c30%26eba%3D1%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D0%26br2%3D0%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1428%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3052%2C3053%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3856%2C4184%2C4185%2C4186%2C4276&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1672383965153&lmt=1672383965&dlt=1672383963849&idt=1206&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbloxupdates.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1058121351.1672383965&ga_sid=1672383965&ga_hid=72565201&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
793fc3e0346372c935f30d745d28c2b43f5bbe63770376a65f7f594bd2acc457
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:05 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
634
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bloxupdates.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FE04
6 KB
3 KB
Document
General
Full URL
https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bloxupdates.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 07:06:05 GMT
expires
Sat, 30 Dec 2023 07:06:05 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
47 KB
11 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2773558372990557&correlator=1489763063004608&eid=44777628&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=1254144%3A22676949412%2Cbloxupdates_com-medrectangle-4&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=320x50%7C300x250%2C320x50%7C300x250%2C320x50%7C300x250&fluid=height%2Cheight%2Cheight&ifi=2&adks=3667462926%2C3287483968%2C3287483969&didk=4012791246~3557378068~3557378069&sfv=1-0-40&prev_scp=a%3D%257C0%257C%26iid1%3D8964893586124041%26eid%3D8964893586124041%26t%3D134%26d%3D331802%26t1%3D134%26pvc%3D0%26ap%3D1109%26sap%3D1109%26as%3Drevenue%26plat%3D1%26bra%3Dmod60-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D22%26al%3D1022%26compid%3D0%26tap%3Dbloxupdates_com-medrectangle-4-8964893586124041%26eb_br%3D291d27313eb66c50243129b23df8a579%26eba%3D1%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D3%26ftsn%3D12%26ftsng%3D12%26br1%3D10%26br2%3D6%26ezoic%3D1%26nmau%3D3%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1428%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3052%2C3053%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3856%2C4184%2C4185%2C4186%2C4276%7Ca%3D%257C0%257C%26iid1%3D8964893586124041%26eid%3D8964893586124041%26t%3D134%26d%3D331802%26t1%3D134%26pvc%3D0%26ap%3D1109%26sap%3D1109%26as%3Drevenue%26plat%3D1%26bra%3Dmod60-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D22%26al%3D1022%26compid%3D0%26tap%3Dbloxupdates_com-medrectangle-4-8964893586124041%26eb_br%3D291d27313eb66c50243129b23df8a579%26eba%3D1%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D3%26ftsn%3D12%26ftsng%3D12%26br1%3D10%26br2%3D6%26ezoic%3D1%26nmau%3D3%26mau%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1428%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3052%2C3053%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3856%2C4184%2C4185%2C4186%2C4276%7Ca%3D%257C0%257C%26iid1%3D8964893586124041%26eid%3D8964893586124041%26t%3D134%26d%3D331802%26t1%3D134%26pvc%3D0%26ap%3D1109%26sap%3D1109%26as%3Drevenue%26plat%3D1%26bra%3Dmod60-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D22%26al%3D1022%26compid%3D0%26tap%3Dbloxupdates_com-medrectangle-4-8964893586124041%26eb_br%3D291d27313eb66c50243129b23df8a579%26eba%3D1%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D3%26ftsn%3D12%26ftsng%3D12%26br1%3D10%26br2%3D6%26ezoic%3D1%26nmau%3D3%26mau%3D2%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1428%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3052%2C3053%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3856%2C4184%2C4185%2C4186%2C4276&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1672383965177&lmt=1672383965&dlt=1672383963849&idt=1206&adxs=315%2C638%2C962&adys=676%2C676%2C676&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbloxupdates.com%2F&frm=20&vis=1&psz=323x250%7C323x250%7C323x250&msz=323x250%7C323x250%7C323x250&fws=4%2C4%2C4&ohw=1600%2C1600%2C1600&ga_vid=1058121351.1672383965&ga_sid=1672383965&ga_hid=72565201&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2baf734a99655b7802a8d5366256ea5314a1e529d3dd295d2ab5f350d5057013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:05 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10868
x-xss-protection
0
google-lineitem-id
-1,-1,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bloxupdates.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
rules-p-31iz6hfFutd16.js
rules.quantcount.com/
160 B
634 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:6200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4718dd9f68e969d1cb5e1b6172206b7150ad1d8cd5c5c1fe5812dd0e1646d426

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 06:17:38 GMT
via
1.1 0d4b487d54766de7560aa02de852bbf8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
2907
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Fri, 14 Oct 2022 00:41:49 GMT
server
AmazonS3
etag
"af15ecfe46737cb2a37226fd060f23a6"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
6LgaeED4WSBCGaFGmwoKGYjVjJVnQDeYG4tJSXuEgyO0gKkq_6wlDw==
pixel;r=904822235;labels=Domain.bloxupdates_com%2CDomainId.331802;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fbloxupdates.com%2F;uht=2;fpan=1;fpa=P0-746061529-1672383965188;pbc=;ns=0;ce=1;qjs=1;qv=bf5...
pixel.quantserve.com/
35 B
372 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=904822235;labels=Domain.bloxupdates_com%2CDomainId.331802;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fbloxupdates.com%2F;uht=2;fpan=1;fpa=P0-746061529-1672383965188;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20221215111636;cm=;gdpr=0;ref=;d=bloxupdates.com;dst=0;et=1672383965304;tzo=0;ogl=locale.en_US%2Ctype.website%2Ctitle.Home%20-%20My%20Blog%2Curl.https%3A%2F%2Fbloxupdates%252Ecom%2F%2Csite_name.My%20Blog;ses=357b1aaf-0b23-4044-9355-e7ef00a69e6e
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 07:06:05 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
greenoaks.gif
bloxupdates.com/detroitchicago/
0
46 B
Ping
General
Full URL
https://bloxupdates.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4MmNmOGNhMC00MDQ3LTQ2MmUtNWUyZi0zZDE2ZjMxMmY3OGIiLCJkb21haW5faWQiOiIzMzE4MDIiLCJ0X2Vwb2NoIjoxNjcyMzgzOTYyLCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiODJjZjhjYTAtNDA0Ny00NjJlLTVlMmYtM2QxNmYzMTJmNzhiIiwiZG9tYWluX2lkIjoiMzMxODAyIiwidF9lcG9jaCI6MTY3MjM4Mzk2MiwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjItMTItMzAifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiI3In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjUifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjgyY2Y4Y2EwLTQwNDctNDYyZS01ZTJmLTNkMTZmMzEyZjc4YiIsImRvbWFpbl9pZCI6IjMzMTgwMiIsInRfZXBvY2giOjE2NzIzODM5NjIsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjgyY2Y4Y2EwLTQwNDctNDYyZS01ZTJmLTNkMTZmMzEyZjc4YiIsImRvbWFpbl9pZCI6IjMzMTgwMiIsInRfZXBvY2giOjE2NzIzODM5NjIsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiODJjZjhjYTAtNDA0Ny00NjJlLTVlMmYtM2QxNmYzMTJmNzhiIiwiZG9tYWluX2lkIjoiMzMxODAyIiwidF9lcG9jaCI6MTY3MjM4Mzk2MiwiZGF0YSI6W3sibmFtZSI6InRpbWVyX2ZpcnN0X2FkX3JlcXVlc3QiLCJ2YWwiOiIxNzM0In1dfV0=
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-22y13-4y17-5y1c-y22-3y30-4y59-2y5d-22y64-1&cmbcb=118&sj=x04x02x06x07x0bx0dx13x17x1cx22x30x59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://bloxupdates.com
x-middleton-display
ezp_sol
date
Fri, 30 Dec 2022 07:06:05 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 29 Dec 2022 07:06:05 GMT
army.gif
bloxupdates.com/porpoiseant/
0
39 B
Ping
General
Full URL
https://bloxupdates.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTQ3MjU4NDAwMjA5ODAwMiIsImRvbWFpbl9pZCI6IjMzMTgwMiIsInVuaXQiOiJkaXYtZ3B0LWFkLWJsb3h1cGRhdGVzX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY3MjM4Mzk2MiwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiODJjZjhjYTAtNDA0Ny00NjJlLTVlMmYtM2QxNmYzMTJmNzhiIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-22y13-4y17-5y1c-y22-3y30-4y59-2y5d-22y64-1&cmbcb=118&sj=x04x02x06x07x0bx0dx13x17x1cx22x30x59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://bloxupdates.com
x-middleton-display
ezp_sol
date
Fri, 30 Dec 2022 07:06:04 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 29 Dec 2022 07:06:04 GMT
esp.js
oa.openxcdn.net/
24 KB
8 KB
Script
General
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 17:26:25 GMT
content-encoding
gzip
age
1517980
x-guploader-uploadid
ADPycdvqYWr4XlcgogWQv1CUKqMPpl5vfnpXVcXgwGPC8Zdt9c3EaH1AN9TP9qap5Fs6TeD5UJ3zYNvH-rbYbZWiqGonRQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Tue, 12 Dec 2023 17:26:25 GMT
publishertag.ids.js
static.criteo.net/js/ld/
39 KB
13 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-9c1f"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 31 Dec 2022 07:06:05 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/
732 B
900 B
Script
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Dec 2022 07:06:05 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
9463
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
437
x-served-by
cache-fra-eddf8230064-FRA, cache-hhn-etou8220052-HHN
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
esp.js
cdn.id5-sync.com/api/1.0/
58 KB
17 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:05 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 24 Nov 2022 12:48:29 GMT
server
cloudflare
x-amz-request-id
YMFZEZYBJKEKRNPV
age
2160
etag
W/"91dadf6b1eddd8d91a5cc2e3be5ea8cf"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7818ee4a7878698b-FRA
x-amz-id-2
rR7sHzWBBNucr3XhEuqI/nIptBfNR4Bk4gz/tZK0aI7ojtEYwwSH/6l9FgWTrmHoO3CAY8xfMq0=
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/
1 KB
2 KB
Script
General
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 06:20:00 GMT
via
1.1 google
age
2765
x-guploader-uploadid
ADPycduQZ2lsCycXgaLz1GrGAYxVnFCn4bUpb2Ulx5LnaOUraFyoSG62y52_td1_U1kU2_235E_9Nmh0v9DVnRAyor17YA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1258
last-modified
Fri, 29 Jul 2022 16:55:09 GMT
server
UploadServer
etag
"f5bc066f146e3dbb049aa6c86c7012e6"
x-goog-generation
1659113709880056
x-goog-hash
crc32c=6QojvA==, md5=9bwGbxRuPbsEmqbIbHAS5g==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
1258
accept-ranges
bytes
expires
Fri, 30 Dec 2022 07:20:00 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/
32 KB
10 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66a8dfcc4572e000bf5b4351bae2a763b3357a65ed373ff27a7e7b38ec9486ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 06:30:00 GMT
content-encoding
gzip
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 18:55:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
2166
x-amz-server-side-encryption
AES256
etag
W/"2c5f4a319c3d99310927955777b5abe3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-id
I_40ut7frxFcgH9qrISerAi9clro_mph9fyg9Zu-S4bW_UjTbunDlg==
uid2SecureSignal.js
cdn.prod.uidapi.com/
2 KB
2 KB
Script
General
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:a400:a:e047:752:5701 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 00:57:30 GMT
Via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
Last-Modified
Thu, 22 Dec 2022 00:57:19 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA6-C1
Age
22115
ETag
"aded621b17723f487b3c9d0e43cf2f94"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1859
X-Amz-Cf-Id
5fABJbCQA13y51m5SykIsZsgoWTHweAACEzNKIsAavYuUJccfyx3rA==
container.html
01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EC49
6 KB
3 KB
Document
General
Full URL
https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bloxupdates.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 07:06:05 GMT
expires
Sat, 30 Dec 2023 07:06:05 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D756
6 KB
3 KB
Document
General
Full URL
https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bloxupdates.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 07:06:05 GMT
expires
Sat, 30 Dec 2023 07:06:05 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
greenoaks.gif
bloxupdates.com/detroitchicago/
0
61 B
XHR
General
Full URL
https://bloxupdates.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4MmNmOGNhMC00MDQ3LTQ2MmUtNWUyZi0zZDE2ZjMxMmY3OGIiLCJkb21haW5faWQiOiIzMzE4MDIiLCJ0X2Vwb2NoIjoxNjcyMzgzOTYyLCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfbG9hZCIsInZhbCI6IjE5NjcifV19XQ==
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-22y13-4y17-5y1c-y22-3y30-4y59-2y5d-22y64-1&cmbcb=118&sj=x04x02x06x07x0bx0dx13x17x1cx22x30x59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-middleton-display
ezp_sol
date
Fri, 30 Dec 2022 07:06:06 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 29 Dec 2022 07:06:06 GMT
army.gif
bloxupdates.com/porpoiseant/
0
16 B
Ping
General
Full URL
https://bloxupdates.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODk2NDg5MzU4NjEyNDA0MSIsImRvbWFpbl9pZCI6IjMzMTgwMiIsInVuaXQiOiJkaXYtZ3B0LWFkLWJsb3h1cGRhdGVzX2NvbS1tZWRyZWN0YW5nbGUtNC0wIiwidF9lcG9jaCI6MTY3MjM4Mzk2MiwiYWRfcG9zaXRpb24iOjExMDksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiODJjZjhjYTAtNDA0Ny00NjJlLTVlMmYtM2QxNmYzMTJmNzhiIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzUxNywiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI4OTY0ODkzNTg2MTI0MDQxIiwiZG9tYWluX2lkIjoiMzMxODAyIiwidW5pdCI6ImRpdi1ncHQtYWQtYmxveHVwZGF0ZXNfY29tLW1lZHJlY3RhbmdsZS00LTAiLCJ0X2Vwb2NoIjoxNjcyMzgzOTYyLCJhZF9wb3NpdGlvbiI6MTEwOSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI4MmNmOGNhMC00MDQ3LTQ2MmUtNWUyZi0zZDE2ZjMxMmY3OGIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTE3LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiMjkxZDI3MzEzZWI2NmM1MDI0MzEyOWIyM2RmOGE1NzkifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6Ijg5NjQ4OTM1ODYxMjQwNDEiLCJkb21haW5faWQiOiIzMzE4MDIiLCJ1bml0IjoiZGl2LWdwdC1hZC1ibG94dXBkYXRlc19jb20tbWVkcmVjdGFuZ2xlLTQtMCIsInRfZXBvY2giOjE2NzIzODM5NjIsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDEsImFkX3Bvc2l0aW9uIjoxMTA5LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDAxLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiODJjZjhjYTAtNDA0Ny00NjJlLTVlMmYtM2QxNmYzMTJmNzhiIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzUxNywiZGF0YSI6W3sibmFtZSI6ImxvYWRlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6Ijg5NjQ4OTM1ODYxMjQwNDEiLCJkb21haW5faWQiOiIzMzE4MDIiLCJ1bml0IjoiZGl2LWdwdC1hZC1ibG94dXBkYXRlc19jb20tbWVkcmVjdGFuZ2xlLTQtMCIsInRfZXBvY2giOjE2NzIzODM5NjIsImFkX3Bvc2l0aW9uIjoxMTA5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjgyY2Y4Y2EwLTQwNDctNDYyZS01ZTJmLTNkMTZmMzEyZjc4YiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MTcsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODMxMDA0MzUxNyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODk2NDg5MzU4NjEyNDA0MSIsImRvbWFpbl9pZCI6IjMzMTgwMiIsInVuaXQiOiJkaXYtZ3B0LWFkLWJsb3h1cGRhdGVzX2NvbS1tZWRyZWN0YW5nbGUtNC0wIiwidF9lcG9jaCI6MTY3MjM4Mzk2MiwiYWRfcG9zaXRpb24iOjExMDksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiODJjZjhjYTAtNDA0Ny00NjJlLTVlMmYtM2QxNmYzMTJmNzhiIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzUxNywiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiMjg2ODcyNzQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-22y13-4y17-5y1c-y22-3y30-4y59-2y5d-22y64-1&cmbcb=118&sj=x04x02x06x07x0bx0dx13x17x1cx22x30x59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://bloxupdates.com
x-middleton-display
ezp_sol
date
Fri, 30 Dec 2022 07:06:05 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 29 Dec 2022 07:06:05 GMT
army.gif
bloxupdates.com/porpoiseant/
0
15 B
XHR
General
Full URL
https://bloxupdates.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODk2NDg5MzU4NjEyNDA0MSIsImRvbWFpbl9pZCI6IjMzMTgwMiIsInVuaXQiOiJkaXYtZ3B0LWFkLWJsb3h1cGRhdGVzX2NvbS1tZWRyZWN0YW5nbGUtNC0wIiwidF9lcG9jaCI6MTY3MjM4Mzk2MiwiYWRfcG9zaXRpb24iOjExMDksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiODJjZjhjYTAtNDA0Ny00NjJlLTVlMmYtM2QxNmYzMTJmNzhiIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzUxNywiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjItMTItMzAifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiI3In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjUifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-22y13-4y17-5y1c-y22-3y30-4y59-2y5d-22y64-1&cmbcb=118&sj=x04x02x06x07x0bx0dx13x17x1cx22x30x59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-middleton-display
ezp_sol
date
Fri, 30 Dec 2022 07:06:05 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 29 Dec 2022 07:06:05 GMT
army.gif
bloxupdates.com/porpoiseant/
0
16 B
Ping
General
Full URL
https://bloxupdates.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiODk2NDg5MzU4NjEyNDA0MSIsImRvbWFpbl9pZCI6IjMzMTgwMiIsInVuaXQiOiJkaXYtZ3B0LWFkLWJsb3h1cGRhdGVzX2NvbS1tZWRyZWN0YW5nbGUtNC0wIiwidF9lcG9jaCI6MTY3MjM4Mzk2MiwiYXVjdGlvbl9lcG9jaCI6MTY3MjM4Mzk2NiwiYWRfcG9zaXRpb24iOjExMDksImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI4MmNmOGNhMC00MDQ3LTQ2MmUtNWUyZi0zZDE2ZjMxMmY3OGIiLCJiaWRfZmxvb3JfaW5pdGlhbCI6MTAsImJpZF9mbG9vcl9wcmV2IjpudWxsLCJiaWRfZmxvb3JfZmlsbGVkIjoxMCwiYXVjdGlvbl9jb3VudCI6MSwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6NjQ0LCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MywibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0=
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-22y13-4y17-5y1c-y22-3y30-4y59-2y5d-22y64-1&cmbcb=118&sj=x04x02x06x07x0bx0dx13x17x1cx22x30x59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://bloxupdates.com
x-middleton-display
ezp_sol
date
Fri, 30 Dec 2022 07:06:06 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 29 Dec 2022 07:06:06 GMT
army.gif
bloxupdates.com/porpoiseant/
0
15 B
XHR
General
Full URL
https://bloxupdates.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODk2NDg5MzU4NjEyNDA0MSIsImRvbWFpbl9pZCI6IjMzMTgwMiIsInVuaXQiOiJkaXYtZ3B0LWFkLWJsb3h1cGRhdGVzX2NvbS1tZWRyZWN0YW5nbGUtNC0wXzEiLCJ0X2Vwb2NoIjoxNjcyMzgzOTYyLCJhZF9wb3NpdGlvbiI6MTEwOSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI4MmNmOGNhMC00MDQ3LTQ2MmUtNWUyZi0zZDE2ZjMxMmY3OGIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTE3LCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6Ijg5NjQ4OTM1ODYxMjQwNDEiLCJkb21haW5faWQiOiIzMzE4MDIiLCJ1bml0IjoiZGl2LWdwdC1hZC1ibG94dXBkYXRlc19jb20tbWVkcmVjdGFuZ2xlLTQtMF8xIiwidF9lcG9jaCI6MTY3MjM4Mzk2MiwiYWRfcG9zaXRpb24iOjExMDksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiODJjZjhjYTAtNDA0Ny00NjJlLTVlMmYtM2QxNmYzMTJmNzhiIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzUxNywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6IjI5MWQyNzMxM2ViNjZjNTAyNDMxMjliMjNkZjhhNTc5In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI4OTY0ODkzNTg2MTI0MDQxIiwiZG9tYWluX2lkIjoiMzMxODAyIiwidW5pdCI6ImRpdi1ncHQtYWQtYmxveHVwZGF0ZXNfY29tLW1lZHJlY3RhbmdsZS00LTBfMSIsInRfZXBvY2giOjE2NzIzODM5NjIsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDEsImFkX3Bvc2l0aW9uIjoxMTA5LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDAxLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiODJjZjhjYTAtNDA0Ny00NjJlLTVlMmYtM2QxNmYzMTJmNzhiIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzUxNywiZGF0YSI6W3sibmFtZSI6ImxvYWRlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6Ijg5NjQ4OTM1ODYxMjQwNDEiLCJkb21haW5faWQiOiIzMzE4MDIiLCJ1bml0IjoiZGl2LWdwdC1hZC1ibG94dXBkYXRlc19jb20tbWVkcmVjdGFuZ2xlLTQtMF8xIiwidF9lcG9jaCI6MTY3MjM4Mzk2MiwiYWRfcG9zaXRpb24iOjExMDksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiODJjZjhjYTAtNDA0Ny00NjJlLTVlMmYtM2QxNmYzMTJmNzhiIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzUxNywiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzEwMDQzNTE3In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI4OTY0ODkzNTg2MTI0MDQxIiwiZG9tYWluX2lkIjoiMzMxODAyIiwidW5pdCI6ImRpdi1ncHQtYWQtYmxveHVwZGF0ZXNfY29tLW1lZHJlY3RhbmdsZS00LTBfMSIsInRfZXBvY2giOjE2NzIzODM5NjIsImFkX3Bvc2l0aW9uIjoxMTA5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjgyY2Y4Y2EwLTQwNDctNDYyZS01ZTJmLTNkMTZmMzEyZjc4YiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MTcsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjI4Njg3Mjc0In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-22y13-4y17-5y1c-y22-3y30-4y59-2y5d-22y64-1&cmbcb=118&sj=x04x02x06x07x0bx0dx13x17x1cx22x30x59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-middleton-display
ezp_sol
date
Fri, 30 Dec 2022 07:06:05 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 29 Dec 2022 07:06:05 GMT
army.gif
bloxupdates.com/porpoiseant/
0
16 B
Ping
General
Full URL
https://bloxupdates.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODk2NDg5MzU4NjEyNDA0MSIsImRvbWFpbl9pZCI6IjMzMTgwMiIsInVuaXQiOiJkaXYtZ3B0LWFkLWJsb3h1cGRhdGVzX2NvbS1tZWRyZWN0YW5nbGUtNC0wXzEiLCJ0X2Vwb2NoIjoxNjcyMzgzOTYyLCJhZF9wb3NpdGlvbiI6MTEwOSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI4MmNmOGNhMC00MDQ3LTQ2MmUtNWUyZi0zZDE2ZjMxMmY3OGIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTE3LCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMi0xMi0zMCJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjcifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiNSJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-22y13-4y17-5y1c-y22-3y30-4y59-2y5d-22y64-1&cmbcb=118&sj=x04x02x06x07x0bx0dx13x17x1cx22x30x59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://bloxupdates.com
x-middleton-display
ezp_sol
date
Fri, 30 Dec 2022 07:06:05 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 29 Dec 2022 07:06:05 GMT
army.gif
bloxupdates.com/porpoiseant/
0
16 B
Ping
General
Full URL
https://bloxupdates.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiODk2NDg5MzU4NjEyNDA0MSIsImRvbWFpbl9pZCI6IjMzMTgwMiIsInVuaXQiOiJkaXYtZ3B0LWFkLWJsb3h1cGRhdGVzX2NvbS1tZWRyZWN0YW5nbGUtNC0wXzEiLCJ0X2Vwb2NoIjoxNjcyMzgzOTYyLCJhdWN0aW9uX2Vwb2NoIjoxNjcyMzgzOTY2LCJhZF9wb3NpdGlvbiI6MTEwOSwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjgyY2Y4Y2EwLTQwNDctNDYyZS01ZTJmLTNkMTZmMzEyZjc4YiIsImJpZF9mbG9vcl9pbml0aWFsIjoxMCwiYmlkX2Zsb29yX3ByZXYiOm51bGwsImJpZF9mbG9vcl9maWxsZWQiOjEwLCJhdWN0aW9uX2NvdW50IjoxLCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo2NDksIm11bHRpX2FkX3VuaXQiOjEsIm11bHRpX2FkX2NvdW50IjozLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ==
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-22y13-4y17-5y1c-y22-3y30-4y59-2y5d-22y64-1&cmbcb=118&sj=x04x02x06x07x0bx0dx13x17x1cx22x30x59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://bloxupdates.com
x-middleton-display
ezp_sol
date
Fri, 30 Dec 2022 07:06:04 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 29 Dec 2022 07:06:04 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame EC49
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C-EBQ3Y2uY8DlD7qyx_APqr6PkAjGp9zvXL3ShYmvC8CNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02Mzk2ODQ0NzQyNDk3MjA4yAEJqQK_Yad53j6DPuACAKgDAaoE_wFP0MpWCE6aWV41L2y-0xzxYiwaJZHE7T_6yF9Szz1m1lmjBQtx8al6GfXSvC3ZmVSdkDsX8aJe5ncH_C76Y8wTN35FuCUZvgNFemObVDOzZCJDiv_dp5i6f8d7m8R9-bfkjaLlwiZ9sM3_kVuRd5xc75tdrD-qjj4kFMrdgo5bTt4s9yPbV8ixhZ2zwEIitGG-ciAV8Hwp6jBYgOAsOZvT2KLloHvHs7D14nCNfwva3iO83eioZqRhfJuN8muRQ424WXAWFNRWBD0OcG8fRspDEgro_iiwj74DWBGszT7dDVHp7ENW0-NjT2vVZ-Vr_uWKMR9CiS-m3XX5hsONF4_gBAGABt7-sLanrOPO7QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTYzOTY4NDQ3NDI0OTcyMDgYvskH&sigh=lyhwvr1uQ6M&uach_m=[UACH]&cid=CAQSSwDq26N9QVAzr20ymoytRPuNmooyUegYUpniHQEMbySUBP_FfpAtlOJJSWLTSFq_adzCh1WlQhkBjFeY0UiaDM2h_D9QwiQbml8CChgBIBM
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

/
track.adform.net/adfscript/ Frame EC49
2 KB
2 KB
Script
General
Full URL
https://track.adform.net/adfscript/?bn=59580680;rtbwp=Y66N3QAD8sAIEdk6AAPfKs7KlHcigXwc7wsd6g;rtbdata=awuutI-vty9tTieLuCu1rgZKz3xElH-ka4ZeP7_WHjfC0wwdEl4c4--3ZZ5_XZJjJTaZ-2rVt--fUA5C0QjDbzJjDXR7itnY2ClFoI6DCfQt0ymYLVOx7_iCVI5F18IS1KruQLbf15U43dqzPhFWPif8QNAgzq93R2XeqGfRfsPZt8qTfVW1H96-i_obfT1Fz9dGHJFSJ_LV-9kqbm8F4pT51uNWS2Rh0t-z9W8oY1lYiPJU_5RTzWSQgF0UwLYHut3f5QWrwUfMTzgvubJFya6herkjZF8BWZW7RyZgtAUNyHpIRfFnOIGml1Rx3oia4UFuhV40q881;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CkpSJ3Y2uY8DlD7qyx_APqr6PkAjGp9zvXL3ShYmvC8CNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02Mzk2ODQ0NzQyNDk3MjA4yAEJqQK_Yad53j6DPuACAKgDAaoEggJP0MpWCE6aWV41L2y-0xzxYiwaJZHE7T_6yF9Szz1m1lmjBQtx8al6GfXSvC3ZmVSdkDsX8aJe5ncH_C76Y8wTN35FuCUZvgNFemObVDOzZCJDiv_dp5i6f8d7m8R9-bfkjaLlwiZ9sM3_kVuRd5xc75tdrD-qjj4kFMrdgo5bTt4s9yPbV8ixhZ2zwEIitGG-ciAV8Hwp6jBYgOAsOZvT2KLloHvHs7D14nCNfwva3iO83eioZqRhfJuN8muRQ424WXAWFNRWBD0OcG8fRspDEgro_iiwj74DGhONX4ZwhThxZGraOM_vjHTBbSxh0P0wu48rEYV1w1nhfF9-OwPZ0mLgBAGABt7-sLanrOPO7QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE&num=1&sig=AOD64_2h2SwVQZYes5l_ObEcMFrGBxTyfg&client=ca-pub-6396844742497208&adurl=
Requested by
Host: 01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com
URL: https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3998922125d04bf6a34d15604902f84e46529e02a96b7f1fc9a2711917707de4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 07:06:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1722
expires
-1
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame EC49
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com
URL: https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 16:44:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
51698
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 12 Jan 2023 16:44:27 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame EC49
18 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com
URL: https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 11:30:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
70506
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 12 Jan 2023 11:30:59 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame EC49
24 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com
URL: https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 15:15:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
489051
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 24 Dec 2023 15:15:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EC49
153 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com
URL: https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 30 Dec 2022 07:06:06 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame D756
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C_wCZ3Y2uY8HlD7qyx_APqr6PkAjGp9zvXL3ShYmvC8CNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02Mzk2ODQ0NzQyNDk3MjA4yAEJqQK_Yad53j6DPuACAKgDAaoE_wFP0Etj25Fbeln6xBIiS_qSu6Ws1VbBcx8tMEOTfMJ-xCfgn01FSMecPxTNoz_Zkrs5HGH7WThYY-oKH7I1w5CduJ4hV49VcOPksMgou8oKs9kEaaiIujel1rLWOA7BJ4Z7YVywRGJCPEolgDG7NfZxtQmN0UP3XwYbGLD5dRtJXB5t38tsyznL4n_A1bWIG8bJuZz0JjiYeUFIIAt4h8LxiAIbGy5DuE5kNtq3P7bcl99SSxTt9XjpvfKPd_gWqYGKPqLqnj4lgSOqArFOivX-2ET4UKm4gga9wIy0UPcldH3mvsrhNvW_rLAYNX4LHklsBWyLDYmlr7hKlhxBh4PgBAGABqStsuDtsPXpHaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNjM5Njg0NDc0MjQ5NzIwOBi-yQc&sigh=QZhYygihyfk&uach_m=[UACH]&cid=CAQSSwDq26N9QVAzr20ymoytRPuNmooyUegYUpniHQEMbySUBP_FfpAtlOJJSWLTSFq_adzCh1WlQhkBjFeY0UiaDM2h_D9QwiQbml8CChgBIBM
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

/
track.adform.net/adfscript/ Frame D756
2 KB
2 KB
Script
General
Full URL
https://track.adform.net/adfscript/?bn=59580666;rtbwp=Y66N3QAD8sEIEdk6AAPfKhFVfv50C178vSD6tA;rtbdata=hHuuDbOgJpx8I8ep_zZjsnB9rJNSj_Rusk2ChCwb0_qoYARIN8JapO-3ZZ5_XZJjJTaZ-2rVt--fUA5C0QjDbzJjDXR7itnY2ClFoI6DCfQt0ymYLVOx78azhLmYJBN61KruQLbf15U43dqzPhFWPif8QNAgzq93R2XeqGfRfsPZt8qTfVW1H96-i_obfT1Fz9dGHJFSJ_LV-9kqbm8F4pT51uNWS2Rh0t-z9W8oY1lYiPJU_5RTzWSQgF0UwLYHut3f5QWrwUfMTzgvubJFya6herkjZF8BWZW7RyZgtAUNyHpIRfFnOIGml1Rx3oia4UFuhV40q881;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=Cpwhs3Y2uY8HlD7qyx_APqr6PkAjGp9zvXL3ShYmvC8CNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02Mzk2ODQ0NzQyNDk3MjA4yAEJqQK_Yad53j6DPuACAKgDAaoEggJP0Etj25Fbeln6xBIiS_qSu6Ws1VbBcx8tMEOTfMJ-xCfgn01FSMecPxTNoz_Zkrs5HGH7WThYY-oKH7I1w5CduJ4hV49VcOPksMgou8oKs9kEaaiIujel1rLWOA7BJ4Z7YVywRGJCPEolgDG7NfZxtQmN0UP3XwYbGLD5dRtJXB5t38tsyznL4n_A1bWIG8bJuZz0JjiYeUFIIAt4h8LxiAIbGy5DuE5kNtq3P7bcl99SSxTt9XjpvfKPd_gWqYGKPqLqnj4lgSOqArFOivX-2ET4UKm4gga9go6Vwk-I_BR-NuNt3dkzb68MP7cBMFHWj_zilSN2sZRSbICyqw_RtOngBAGABqStsuDtsPXpHaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_1fMUX8BHPC-2C94Y1zidYLIZrgEQ&client=ca-pub-6396844742497208&adurl=
Requested by
Host: 01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com
URL: https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b756c07df01bfa9650386f37d26ee172217cd606626ab15d74322f6dcaffdcfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 07:06:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1738
expires
-1
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame D756
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com
URL: https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 16:44:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
51698
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 12 Jan 2023 16:44:27 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame D756
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com
URL: https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 11:30:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
70506
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 12 Jan 2023 11:30:59 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame D756
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com
URL: https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 15:15:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
489051
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 24 Dec 2023 15:15:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D756
153 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com
URL: https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 30 Dec 2022 07:06:06 GMT
encrypt
esp.rtbhouse.com/
221 B
238 B
Fetch
General
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
617dbf19a3e29313621f98eb7b82a8be14c0b6fb87e42d332c10546017197aa2

Request headers

Referer
https://bloxupdates.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 30 Dec 2022 07:06:05 GMT
via
1.1 google
server
Google Frontend
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
66be062adbf4054b8a7d58138a87df11
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
221
encrypt
esp.rtbhouse.com/ Frame
0
0
Preflight
General
Full URL
https://esp.rtbhouse.com/encrypt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://bloxupdates.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://bloxupdates.com
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain; charset=utf-8
date
Fri, 30 Dec 2022 07:06:05 GMT
server
Google Frontend
vary
Origin
via
1.1 google
x-cloud-trace-context
85626bd41ff7439009206b841816340b
houston.js
bloxupdates.com/detroitchicago/
7 KB
2 KB
Script
General
Full URL
https://bloxupdates.com/detroitchicago/houston.js?gcb=0&cb=34
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
6e559a3864920bcf20f88f3c6df593df5c95f8339f771a2e10b2f70bb69cde7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:05 GMT
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
tuscon.js
bloxupdates.com/detroitchicago/
3 KB
1 KB
Script
General
Full URL
https://bloxupdates.com/detroitchicago/tuscon.js?gcb=0&cb=2
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
728b1253b2887baab2be3d71f6d59625ff35755cc85425d854cde26878d32fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:05 GMT
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
content-length
1006
map
bcp.crwdcntrl.net/6/
60 B
335 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.104.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-104-18.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
85070793217bfa9f4576a6cb9d132771e0953fb3b09ecfd26451e7456a447630

Request headers

Referer
https://bloxupdates.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 07:06:05 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://bloxupdates.com
cache-control
no-cache
x-server
10.45.22.125
access-control-allow-credentials
true
content-length
60
expires
0
increment
id5-sync.com/api/esp/
0
324 B
XHR
General
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://bloxupdates.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://bloxupdates.com
date
Fri, 30 Dec 2022 07:06:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
g.gif
pixel.wp.com/
50 B
116 B
Image
General
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A10.6&blog=202395819&post=1218&tz=0&srv=bloxupdates.com&host=bloxupdates.com&ref=&fcp=3086&rand=0.09273886584746771
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 30 Dec 2022 07:06:05 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fbloxupdates.com%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fbloxupdates.com%2F&rid=esp&cc=1
85 B
103 B
Fetch
General
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fbloxupdates.com%2F&rid=esp&cc=1
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H3
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
7fe2f76be73ca73d99f205b26e5695a932defc1ab45c6b199edf6f361f4daccf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:06 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-7OEYqC145zOOyp0kehVsKGZZXwU"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bloxupdates.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Fri, 30 Dec 2022 07:06:06 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://bloxupdates.com
location
/esp?url=https%3A%2F%2Fbloxupdates.com%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
syncframe
gum.criteo.com/ Frame 9629
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=bloxupdates.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://bloxupdates.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 07:06:05 GMT
server
Kestrel
server-processing-duration-in-ticks
838663
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame EC49
34 KB
16 KB
Script
General
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=59580680;rtbwp=Y66N3QAD8sAIEdk6AAPfKs7KlHcigXwc7wsd6g;rtbdata=awuutI-vty9tTieLuCu1rgZKz3xElH-ka4ZeP7_WHjfC0wwdEl4c4--3ZZ5_XZJjJTaZ-2rVt--fUA5C0QjDbzJjDXR7itnY2ClFoI6DCfQt0ymYLVOx7_iCVI5F18IS1KruQLbf15U43dqzPhFWPif8QNAgzq93R2XeqGfRfsPZt8qTfVW1H96-i_obfT1Fz9dGHJFSJ_LV-9kqbm8F4pT51uNWS2Rh0t-z9W8oY1lYiPJU_5RTzWSQgF0UwLYHut3f5QWrwUfMTzgvubJFya6herkjZF8BWZW7RyZgtAUNyHpIRfFnOIGml1Rx3oia4UFuhV40q881;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CkpSJ3Y2uY8DlD7qyx_APqr6PkAjGp9zvXL3ShYmvC8CNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02Mzk2ODQ0NzQyNDk3MjA4yAEJqQK_Yad53j6DPuACAKgDAaoEggJP0MpWCE6aWV41L2y-0xzxYiwaJZHE7T_6yF9Szz1m1lmjBQtx8al6GfXSvC3ZmVSdkDsX8aJe5ncH_C76Y8wTN35FuCUZvgNFemObVDOzZCJDiv_dp5i6f8d7m8R9-bfkjaLlwiZ9sM3_kVuRd5xc75tdrD-qjj4kFMrdgo5bTt4s9yPbV8ixhZ2zwEIitGG-ciAV8Hwp6jBYgOAsOZvT2KLloHvHs7D14nCNfwva3iO83eioZqRhfJuN8muRQ424WXAWFNRWBD0OcG8fRspDEgro_iiwj74DGhONX4ZwhThxZGraOM_vjHTBbSxh0P0wu48rEYV1w1nhfF9-OwPZ0mLgBAGABt7-sLanrOPO7QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE&num=1&sig=AOD64_2h2SwVQZYes5l_ObEcMFrGBxTyfg&client=ca-pub-6396844742497208&adurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:06 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 22 Dec 2022 19:29:50 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame D756
34 KB
16 KB
Script
General
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=59580666;rtbwp=Y66N3QAD8sEIEdk6AAPfKhFVfv50C178vSD6tA;rtbdata=hHuuDbOgJpx8I8ep_zZjsnB9rJNSj_Rusk2ChCwb0_qoYARIN8JapO-3ZZ5_XZJjJTaZ-2rVt--fUA5C0QjDbzJjDXR7itnY2ClFoI6DCfQt0ymYLVOx78azhLmYJBN61KruQLbf15U43dqzPhFWPif8QNAgzq93R2XeqGfRfsPZt8qTfVW1H96-i_obfT1Fz9dGHJFSJ_LV-9kqbm8F4pT51uNWS2Rh0t-z9W8oY1lYiPJU_5RTzWSQgF0UwLYHut3f5QWrwUfMTzgvubJFya6herkjZF8BWZW7RyZgtAUNyHpIRfFnOIGml1Rx3oia4UFuhV40q881;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=Cpwhs3Y2uY8HlD7qyx_APqr6PkAjGp9zvXL3ShYmvC8CNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02Mzk2ODQ0NzQyNDk3MjA4yAEJqQK_Yad53j6DPuACAKgDAaoEggJP0Etj25Fbeln6xBIiS_qSu6Ws1VbBcx8tMEOTfMJ-xCfgn01FSMecPxTNoz_Zkrs5HGH7WThYY-oKH7I1w5CduJ4hV49VcOPksMgou8oKs9kEaaiIujel1rLWOA7BJ4Z7YVywRGJCPEolgDG7NfZxtQmN0UP3XwYbGLD5dRtJXB5t38tsyznL4n_A1bWIG8bJuZz0JjiYeUFIIAt4h8LxiAIbGy5DuE5kNtq3P7bcl99SSxTt9XjpvfKPd_gWqYGKPqLqnj4lgSOqArFOivX-2ET4UKm4gga9go6Vwk-I_BR-NuNt3dkzb68MP7cBMFHWj_zilSN2sZRSbICyqw_RtOngBAGABqStsuDtsPXpHaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_1fMUX8BHPC-2C94Y1zidYLIZrgEQ&client=ca-pub-6396844742497208&adurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:06 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 22 Dec 2022 19:29:50 GMT
sid
mug.criteo.com/ Frame 9629
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=bloxupdates.com&sn=ChromeSyncframe&so=0&topUrl=bloxupdates.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=slHcEHx6b096SllJVlNtWkV5S2VTMGNhN25ubnEya3ordEtDYmVneUd2Q3J0WGZ3U3hSQWZjbVp4Tkwwci9GejhoakxFdmExMDlkeXRXWHE2UW15S1VjK0dnblNyTkMwTGk1VEhpQjVra3pQMEFtU3ZkcXZGSmN6UThGek...
425 B
652 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=slHcEHx6b096SllJVlNtWkV5S2VTMGNhN25ubnEya3ordEtDYmVneUd2Q3J0WGZ3U3hSQWZjbVp4Tkwwci9GejhoakxFdmExMDlkeXRXWHE2UW15S1VjK0dnblNyTkMwTGk1VEhpQjVra3pQMEFtU3ZkcXZGSmN6UThGekRlWkUzaVU3ZWlyeUpsTUwzSDROVzFkL3UxMXUrRlpQcEE0cC8vbXNaYUhVVTZPdnNETjZLK0NlSUNPdk12MHQ2aHJJSGxkMjFMbXVpdUNyUnA5NDN0ajBqaTZTNmhubnZGN09nYTdyU25WblUrS2svSDkya1FCQmtqVmlHeFVyOERkQ0d1bi85SFExSERqNEZvc3dWb2pvbnhXb0NEZz09fA&cppv=2
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
591be3c5cb598e205b2c65c31152b274fab5115d10c5aa7bf9955ac665eadc63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 07:06:05 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3042188
expires
0

Redirect headers

pragma
no-cache
date
Fri, 30 Dec 2022 07:06:05 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=slHcEHx6b096SllJVlNtWkV5S2VTMGNhN25ubnEya3ordEtDYmVneUd2Q3J0WGZ3U3hSQWZjbVp4Tkwwci9GejhoakxFdmExMDlkeXRXWHE2UW15S1VjK0dnblNyTkMwTGk1VEhpQjVra3pQMEFtU3ZkcXZGSmN6UThGekRlWkUzaVU3ZWlyeUpsTUwzSDROVzFkL3UxMXUrRlpQcEE0cC8vbXNaYUhVVTZPdnNETjZLK0NlSUNPdk12MHQ2aHJJSGxkMjFMbXVpdUNyUnA5NDN0ajBqaTZTNmhubnZGN09nYTdyU25WblUrS2svSDkya1FCQmtqVmlHeFVyOERkQ0d1bi85SFExSERqNEZvc3dWb2pvbnhXb0NEZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
665015
content-length
0
expires
0
/
track.adform.net/adfserve/ Frame EC49
7 KB
4 KB
Script
General
Full URL
https://track.adform.net/adfserve/?CC=1&bn=59580680;rtbwp=Y66N3QAD8sAIEdk6AAPfKs7KlHcigXwc7wsd6g;rtbdata=awuutI-vty9tTieLuCu1rgZKz3xElH-ka4ZeP7_WHjfC0wwdEl4c4--3ZZ5_XZJjJTaZ-2rVt--fUA5C0QjDbzJjDXR7itnY2ClFoI6DCfQt0ymYLVOx7_iCVI5F18IS1KruQLbf15U43dqzPhFWPif8QNAgzq93R2XeqGfRfsPZt8qTfVW1H96-i_obfT1Fz9dGHJFSJ_LV-9kqbm8F4pT51uNWS2Rh0t-z9W8oY1lYiPJU_5RTzWSQgF0UwLYHut3f5QWrwUfMTzgvubJFya6herkjZF8BWZW7RyZgtAUNyHpIRfFnOIGml1Rx3oia4UFuhV40q881;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CkpSJ3Y2uY8DlD7qyx_APqr6PkAjGp9zvXL3ShYmvC8CNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02Mzk2ODQ0NzQyNDk3MjA4yAEJqQK_Yad53j6DPuACAKgDAaoEggJP0MpWCE6aWV41L2y-0xzxYiwaJZHE7T_6yF9Szz1m1lmjBQtx8al6GfXSvC3ZmVSdkDsX8aJe5ncH_C76Y8wTN35FuCUZvgNFemObVDOzZCJDiv_dp5i6f8d7m8R9-bfkjaLlwiZ9sM3_kVuRd5xc75tdrD-qjj4kFMrdgo5bTt4s9yPbV8ixhZ2zwEIitGG-ciAV8Hwp6jBYgOAsOZvT2KLloHvHs7D14nCNfwva3iO83eioZqRhfJuN8muRQ424WXAWFNRWBD0OcG8fRspDEgro_iiwj74DGhONX4ZwhThxZGraOM_vjHTBbSxh0P0wu48rEYV1w1nhfF9-OwPZ0mLgBAGABt7-sLanrOPO7QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE&num=1&sig=AOD64_2h2SwVQZYes5l_ObEcMFrGBxTyfg&client=ca-pub-6396844742497208&adurl=;js=1;adfxid=1x;10651;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fbloxupdates.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8364edea9d4a5445d197bedbe2dc3101703ebb1d50fd39b137617ece70f3a4dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 07:06:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
3215
expires
-1
/
track.adform.net/adfserve/ Frame D756
7 KB
4 KB
Script
General
Full URL
https://track.adform.net/adfserve/?CC=1&bn=59580666;rtbwp=Y66N3QAD8sEIEdk6AAPfKhFVfv50C178vSD6tA;rtbdata=hHuuDbOgJpx8I8ep_zZjsnB9rJNSj_Rusk2ChCwb0_qoYARIN8JapO-3ZZ5_XZJjJTaZ-2rVt--fUA5C0QjDbzJjDXR7itnY2ClFoI6DCfQt0ymYLVOx78azhLmYJBN61KruQLbf15U43dqzPhFWPif8QNAgzq93R2XeqGfRfsPZt8qTfVW1H96-i_obfT1Fz9dGHJFSJ_LV-9kqbm8F4pT51uNWS2Rh0t-z9W8oY1lYiPJU_5RTzWSQgF0UwLYHut3f5QWrwUfMTzgvubJFya6herkjZF8BWZW7RyZgtAUNyHpIRfFnOIGml1Rx3oia4UFuhV40q881;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=Cpwhs3Y2uY8HlD7qyx_APqr6PkAjGp9zvXL3ShYmvC8CNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02Mzk2ODQ0NzQyNDk3MjA4yAEJqQK_Yad53j6DPuACAKgDAaoEggJP0Etj25Fbeln6xBIiS_qSu6Ws1VbBcx8tMEOTfMJ-xCfgn01FSMecPxTNoz_Zkrs5HGH7WThYY-oKH7I1w5CduJ4hV49VcOPksMgou8oKs9kEaaiIujel1rLWOA7BJ4Z7YVywRGJCPEolgDG7NfZxtQmN0UP3XwYbGLD5dRtJXB5t38tsyznL4n_A1bWIG8bJuZz0JjiYeUFIIAt4h8LxiAIbGy5DuE5kNtq3P7bcl99SSxTt9XjpvfKPd_gWqYGKPqLqnj4lgSOqArFOivX-2ET4UKm4gga9go6Vwk-I_BR-NuNt3dkzb68MP7cBMFHWj_zilSN2sZRSbICyqw_RtOngBAGABqStsuDtsPXpHaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_1fMUX8BHPC-2C94Y1zidYLIZrgEQ&client=ca-pub-6396844742497208&adurl=;js=1;adfxid=2x;9604;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fbloxupdates.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
de31773f1cc595b28cc63dad4b0b1e307a08a5c3b381c52dd3910ca3e3e30cd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 07:06:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
3238
expires
-1
truncated
/ Frame EC49
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f394f77e6779594c1e1012b198cff61b666a58425d75ffde8d80c494f26167e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame D756
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e43000dcd72c3476cd29096f634484aa48609180ef336356b4d8c3163901673

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame EC49
85 KB
36 KB
Script
General
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
863ad739bb9402363d8f11aa86e044ddfa80fd927de18b09814259f152fdf01f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:06 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 22 Dec 2022 17:22:49 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame 99F7
0
176 B
Document
General
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bloxupdates.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Fri, 30 Dec 2022 07:06:06 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame D756
85 KB
36 KB
Script
General
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
863ad739bb9402363d8f11aa86e044ddfa80fd927de18b09814259f152fdf01f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:06 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 22 Dec 2022 17:22:49 GMT
/
track.adform.net/csimpr/ Frame EC49
35 B
502 B
Ping
General
Full URL
https://track.adform.net/csimpr/?bn=59580680&csi=ywSrlXNz6YK2OXQRLd_gOG4wKo3-Z2Vj7JHBB82SFA7rygPkIxxfkytAvA5yVQ5Z_lSOd-1s1FDlqt7NS3bX-GQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 07:06:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
56356529.jpg
s1.adform.net/Banners/56356529/ Frame EC49
67 KB
68 KB
Image
General
Full URL
https://s1.adform.net/Banners/56356529/56356529.jpg?bv=2
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
fec17922c185dedc8fb414c90b39a2d187543df70e46438f8a04beb379f5cd89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:06 GMT
last-modified
Wed, 16 Nov 2022 14:45:22 GMT
server
nginx
x-amz-request-id
tx00000ff4cc61d959676ae-006376601f-329373d4-default
etag
"62aed8bdfb5ed3b2a6f959267064b498"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
68852
/
track.adform.net/csimpr/ Frame D756
35 B
502 B
Ping
General
Full URL
https://track.adform.net/csimpr/?bn=59580666&csi=i9GmdvHJGZfHMk4gTj4pJ0sHlU4g7x6K7JHBB82SFA7rygPkIxxfk3L6tq7hpGsJQ_JPgXEC_xwh1b7UZ-D7qWQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 07:06:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
56356524.jpg
s1.adform.net/Banners/56356524/ Frame D756
54 KB
54 KB
Image
General
Full URL
https://s1.adform.net/Banners/56356524/56356524.jpg?bv=2
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8cb567e914850ecaa4a1c79b360056e2e32202f9a41442063c6c055ae20a8e67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:06 GMT
last-modified
Wed, 16 Nov 2022 14:45:16 GMT
server
nginx
x-amz-request-id
tx00000634b7eb2d5a9a530-0063766026-32941e2b-default
etag
"04144bbf786377a168fe5aad00a8df88"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
55179
dark-bottom.css
bloxupdates.com/ezoic/styles/
3 KB
780 B
Stylesheet
General
Full URL
https://bloxupdates.com/ezoic/styles/dark-bottom.css
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/ezoic/cookieconsent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
94edf973e9deb80b5eccf17f8f3108eafe15209fe25fe417e8f8962a4d8f48b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:06 GMT
content-encoding
br
last-modified
Fri, 23 Dec 2022 17:53:57 GMT
server
Apache/2.4.39 (Ubuntu)
etag
"bd7-5f08278397740-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
accept-ranges
bytes
x-robots-tag
noindex
content-length
726
greenoaks.gif
bloxupdates.com/detroitchicago/
0
61 B
XHR
General
Full URL
https://bloxupdates.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4MmNmOGNhMC00MDQ3LTQ2MmUtNWUyZi0zZDE2ZjMxMmY3OGIiLCJkb21haW5faWQiOiIzMzE4MDIiLCJ0X2Vwb2NoIjoxNjcyMzgzOTYyLCJkYXRhIjpbeyJuYW1lIjoibmF2aWdhdGlvbl90eXBlIiwidmFsIjoiMCJ9LHsibmFtZSI6InJlZGlyZWN0X2NvdW50IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjgyY2Y4Y2EwLTQwNDctNDYyZS01ZTJmLTNkMTZmMzEyZjc4YiIsImRvbWFpbl9pZCI6IjMzMTgwMiIsInRfZXBvY2giOjE2NzIzODM5NjIsImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6IjI0OSJ9LHsibmFtZSI6InBlcmZfY29ubmVjdF90b19yZXNwX3N0YXJ0IiwidmFsIjoiMTkzOCJ9LHsibmFtZSI6InBlcmZfcmVzcF90aW1lIiwidmFsIjoiOCJ9LHsibmFtZSI6InBlcmZfaW50ZXJhY3RpdmUiLCJ2YWwiOiIyMDQ1In0seyJuYW1lIjoicGVyZl9jb250ZW50bG9hZGVkIiwidmFsIjoiMjA1MiJ9LHsibmFtZSI6InBlcmZfY29tcGxldGUiLCJ2YWwiOiIzMDg4In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiODJjZjhjYTAtNDA0Ny00NjJlLTVlMmYtM2QxNmYzMTJmNzhiIiwiZG9tYWluX2lkIjoiMzMxODAyIiwidF9lcG9jaCI6MTY3MjM4Mzk2MiwiZGF0YSI6W3sibmFtZSI6ImZpcnN0X3BhaW50IiwidmFsIjoiMzA4NiJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjgyY2Y4Y2EwLTQwNDctNDYyZS01ZTJmLTNkMTZmMzEyZjc4YiIsImRvbWFpbl9pZCI6IjMzMTgwMiIsInRfZXBvY2giOjE2NzIzODM5NjIsImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9jb250ZW50ZnVsX3BhaW50IiwidmFsIjoiMzA4NiJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjgyY2Y4Y2EwLTQwNDctNDYyZS01ZTJmLTNkMTZmMzEyZjc4YiIsImRvbWFpbl9pZCI6IjMzMTgwMiIsInRfZXBvY2giOjE2NzIzODM5NjIsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX2VmZmVjdGl2ZV90eXBlIiwidmFsIjoiNGcifV19XQ==
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-22y13-4y17-5y1c-y22-3y30-4y59-2y5d-22y64-1&cmbcb=118&sj=x04x02x06x07x0bx0dx13x17x1cx22x30x59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-middleton-display
ezp_sol
date
Fri, 30 Dec 2022 07:06:07 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 29 Dec 2022 07:06:07 GMT
greenoaks.gif
bloxupdates.com/detroitchicago/
0
15 B
XHR
General
Full URL
https://bloxupdates.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4MmNmOGNhMC00MDQ3LTQ2MmUtNWUyZi0zZDE2ZjMxMmY3OGIiLCJkb21haW5faWQiOiIzMzE4MDIiLCJ0X2Vwb2NoIjoxNjcyMzgzOTYyLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9kb3dubGluayIsInZhbCI6IjkuOCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjgyY2Y4Y2EwLTQwNDctNDYyZS01ZTJmLTNkMTZmMzEyZjc4YiIsImRvbWFpbl9pZCI6IjMzMTgwMiIsInRfZXBvY2giOjE2NzIzODM5NjIsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX3J0dCIsInZhbCI6IjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4MmNmOGNhMC00MDQ3LTQ2MmUtNWUyZi0zZDE2ZjMxMmY3OGIiLCJkb21haW5faWQiOiIzMzE4MDIiLCJ0X2Vwb2NoIjoxNjcyMzgzOTYyLCJkYXRhIjpbeyJuYW1lIjoiaXNfYWRfYmxvY2tlZCIsInZhbCI6ImZhbHNlIn1dfV0=
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-22y13-4y17-5y1c-y22-3y30-4y59-2y5d-22y64-1&cmbcb=118&sj=x04x02x06x07x0bx0dx13x17x1cx22x30x59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-middleton-display
ezp_sol
date
Fri, 30 Dec 2022 07:06:06 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 29 Dec 2022 07:06:06 GMT
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e7b2df548c568c8c78e4a6bcec693192c6145f8ecfd85d5f17e74a8918fee21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11080
x-xss-protection
0
THU2.png
bloxupdates.com/wp-content/uploads/2020/03/
284 KB
285 KB
Image
General
Full URL
https://bloxupdates.com/wp-content/uploads/2020/03/THU2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
a8ccaaf9d1709d40da537377b66fb60be417dcca8838321e92ab116f59fb2309

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:07 UTC
content-encoding
br
display
staticcontent_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol
x-middleton-response
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
response
200
last-modified
Fri, 23 Dec 2022 17:53:57 GMT
server
Apache
x-nginx-cache
WordPress
x-origin-cache-control
max-age=86400
vary
Accept-Encoding,User-Agent,Origin
x-endurance-cache-level
2
content-type
image/png
cache-control
max-age=604800
expires
Sat, 31 Dec 2022 07:06:07 GMT
90168089_621100448734537_2304963176573173760_n-1-1068x601.jpg
bloxupdates.com/wp-content/uploads/2020/03/
97 KB
97 KB
Image
General
Full URL
https://bloxupdates.com/wp-content/uploads/2020/03/90168089_621100448734537_2304963176573173760_n-1-1068x601.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
3f42d3a4f1437abde223f4b69fbc4a86b8e7abc7d83be8b4e2b0a416e4e116ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:07 UTC
content-encoding
br
display
staticcontent_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol
x-middleton-response
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
response
200
last-modified
Fri, 23 Dec 2022 17:53:57 GMT
server
Apache
x-nginx-cache
WordPress
x-origin-cache-control
max-age=86400
vary
Accept-Encoding,User-Agent,Origin
x-endurance-cache-level
2
content-type
image/jpeg
cache-control
max-age=604800
expires
Sat, 31 Dec 2022 07:06:07 GMT
0b3a662eccaf078ed6d444bed5dff445-485x360.jpg
bloxupdates.com/wp-content/uploads/2020/03/
23 KB
23 KB
Image
General
Full URL
https://bloxupdates.com/wp-content/uploads/2020/03/0b3a662eccaf078ed6d444bed5dff445-485x360.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
848e6bd0692f481cc5e3e285ca20931068b8167de01763c738d92a1fc9a23fba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:07 UTC
content-encoding
br
display
staticcontent_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol
x-middleton-response
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
response
200
last-modified
Fri, 23 Dec 2022 17:53:57 GMT
server
Apache
x-nginx-cache
WordPress
x-origin-cache-control
max-age=86400
vary
Accept-Encoding,User-Agent,Origin
x-endurance-cache-level
2
content-type
image/jpeg
cache-control
max-age=604800
expires
Sat, 31 Dec 2022 07:06:07 GMT
0106b5231c92f0c9547ca1ef00b52271-485x360.jpg
bloxupdates.com/wp-content/uploads/2020/05/
35 KB
35 KB
Image
General
Full URL
https://bloxupdates.com/wp-content/uploads/2020/05/0106b5231c92f0c9547ca1ef00b52271-485x360.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
4a6ec3c18e2f8077992340eacc1f6e2bfecabc384550462c77281ded7324f41a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:07 UTC
content-encoding
br
display
staticcontent_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol
x-middleton-response
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
response
200
last-modified
Fri, 23 Dec 2022 17:53:57 GMT
server
Apache
x-nginx-cache
WordPress
x-origin-cache-control
max-age=86400
vary
Accept-Encoding,User-Agent,Origin
x-endurance-cache-level
2
content-type
image/jpeg
cache-control
max-age=604800
expires
Sat, 31 Dec 2022 07:06:07 GMT
Png-100x70.png
bloxupdates.com/wp-content/uploads/2022/03/
11 KB
12 KB
Image
General
Full URL
https://bloxupdates.com/wp-content/uploads/2022/03/Png-100x70.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
5fd560f73ba82054f792464b3844bd6472335b12969ef7f78d8e667d918e1ec1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:07 UTC
content-encoding
br
display
staticcontent_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol
x-middleton-response
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
response
200
last-modified
Fri, 23 Dec 2022 17:53:57 GMT
server
Apache
x-nginx-cache
WordPress
x-origin-cache-control
max-age=86400
vary
Accept-Encoding,User-Agent,Origin
x-endurance-cache-level
2
content-type
image/png
cache-control
max-age=604800
expires
Sat, 31 Dec 2022 07:06:07 GMT
Png-324x235.png
bloxupdates.com/wp-content/uploads/2022/03/
65 KB
65 KB
Image
General
Full URL
https://bloxupdates.com/wp-content/uploads/2022/03/Png-324x235.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
6f1a5c34ee11fc2924116b51965ddbf8c4852f4c6a32bca395b557f860548a1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:07 UTC
content-encoding
br
display
staticcontent_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol
x-middleton-response
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
response
200
last-modified
Fri, 23 Dec 2022 17:53:57 GMT
server
Apache
x-nginx-cache
WordPress
x-origin-cache-control
max-age=86400
vary
Accept-Encoding,User-Agent,Origin
x-endurance-cache-level
2
content-type
image/png
cache-control
max-age=604800
expires
Sat, 31 Dec 2022 07:06:07 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 30 Dec 2022 07:06:07 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 97A2
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bloxupdates.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
29621
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 29 Dec 2022 22:52:26 GMT
expires
Fri, 29 Dec 2023 22:52:26 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7586
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fefd987e7247e4659bd2174b0f67e9a04b97c191457f6932148b0c2b8ab4cb5f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-056lp5SkWhG_-z30ziXHHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bloxupdates.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
515
content-security-policy
script-src 'report-sample' 'nonce-056lp5SkWhG_-z30ziXHHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 07:06:07 GMT
expires
Fri, 30 Dec 2022 07:06:07 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
pagead2.googlesyndication.com/bg/ Frame 97A2
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 16:55:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
137433
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Dec 2023 16:55:34 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame EC49
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstZ6T6LrPrsaDaOZXaOqS4k3ATdkwuvHViycdeEcPnjPP0auqf25oYzxntUiIjAxnn0f4Jd7PNp7gVAKaiL7G5KkMAo&sig=Cg0ArKJSzJVeUyIUIm1OEAE&id=lidar2&mcvt=1001&p=676,327,926,627&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3667462926&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672383965826&rpt=403&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 07:06:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7586
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120501&jk=2773558372990557&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

army.gif
bloxupdates.com/porpoiseant/
0
16 B
Ping
General
Full URL
https://bloxupdates.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODk2NDg5MzU4NjEyNDA0MSIsImRvbWFpbl9pZCI6IjMzMTgwMiIsInVuaXQiOiJkaXYtZ3B0LWFkLWJsb3h1cGRhdGVzX2NvbS1tZWRyZWN0YW5nbGUtNC0wIiwidF9lcG9jaCI6MTY3MjM4Mzk2MiwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTA5LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiODJjZjhjYTAtNDA0Ny00NjJlLTVlMmYtM2QxNmYzMTJmNzhiIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzUxNywiZGF0YSI6W3sibmFtZSI6InZpZXdlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-22y13-4y17-5y1c-y22-3y30-4y59-2y5d-22y64-1&cmbcb=118&sj=x04x02x06x07x0bx0dx13x17x1cx22x30x59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://bloxupdates.com
x-middleton-display
ezp_sol
date
Fri, 30 Dec 2022 07:06:07 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 29 Dec 2022 07:06:07 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D756
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstuDpj0ALRta6ST-dqXsKrTd9Uoxvk1PVzFQZS2cRbLVf979Tb8U-XpgaZOmnxFZ0VrIAembDwwaSyheH7lZxVRyRtu&sig=Cg0ArKJSzHSel5ONyY_gEAE&id=lidar2&mcvt=1005&p=676,650,926,950&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3287483968&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672383965831&rpt=424&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 07:06:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
army.gif
bloxupdates.com/porpoiseant/
0
15 B
XHR
General
Full URL
https://bloxupdates.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODk2NDg5MzU4NjEyNDA0MSIsImRvbWFpbl9pZCI6IjMzMTgwMiIsInVuaXQiOiJkaXYtZ3B0LWFkLWJsb3h1cGRhdGVzX2NvbS1tZWRyZWN0YW5nbGUtNC0wXzEiLCJ0X2Vwb2NoIjoxNjcyMzgzOTYyLCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMDksImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI4MmNmOGNhMC00MDQ3LTQ2MmUtNWUyZi0zZDE2ZjMxMmY3OGIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTE3LCJkYXRhIjpbeyJuYW1lIjoidmlld2VkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-22y13-4y17-5y1c-y22-3y30-4y59-2y5d-22y64-1&cmbcb=118&sj=x04x02x06x07x0bx0dx13x17x1cx22x30x59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-middleton-display
ezp_sol
date
Fri, 30 Dec 2022 07:06:07 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 29 Dec 2022 07:06:07 GMT
generate_204
tpc.googlesyndication.com/ Frame 97A2
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?B2D2Tg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:07 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
army.gif
bloxupdates.com/porpoiseant/
0
16 B
Ping
General
Full URL
https://bloxupdates.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODk2NDg5MzU4NjEyNDA0MSIsImRvbWFpbl9pZCI6IjMzMTgwMiIsInVuaXQiOiJkaXYtZ3B0LWFkLWJsb3h1cGRhdGVzX2NvbS1tZWRyZWN0YW5nbGUtNC0wIiwidF9lcG9jaCI6MTY3MjM4Mzk2MiwiYWRfcG9zaXRpb24iOjExMDksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiODJjZjhjYTAtNDA0Ny00NjJlLTVlMmYtM2QxNmYzMTJmNzhiIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzUxNywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzMwMCwyNTBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI4OTY0ODkzNTg2MTI0MDQxIiwiZG9tYWluX2lkIjoiMzMxODAyIiwidW5pdCI6ImRpdi1ncHQtYWQtYmxveHVwZGF0ZXNfY29tLW1lZHJlY3RhbmdsZS00LTAiLCJ0X2Vwb2NoIjoxNjcyMzgzOTYyLCJhZF9wb3NpdGlvbiI6MTEwOSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI4MmNmOGNhMC00MDQ3LTQ2MmUtNWUyZi0zZDE2ZjMxMmY3OGIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTE3LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6Ijg5NjQ4OTM1ODYxMjQwNDEiLCJkb21haW5faWQiOiIzMzE4MDIiLCJ1bml0IjoiZGl2LWdwdC1hZC1ibG94dXBkYXRlc19jb20tbWVkcmVjdGFuZ2xlLTQtMCIsInRfZXBvY2giOjE2NzIzODM5NjIsImFkX3Bvc2l0aW9uIjoxMTA5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjgyY2Y4Y2EwLTQwNDctNDYyZS01ZTJmLTNkMTZmMzEyZjc4YiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MTcsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiNjMifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-22y13-4y17-5y1c-y22-3y30-4y59-2y5d-22y64-1&cmbcb=118&sj=x04x02x06x07x0bx0dx13x17x1cx22x30x59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://bloxupdates.com
x-middleton-display
ezp_sol
date
Fri, 30 Dec 2022 07:06:07 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 29 Dec 2022 07:06:07 GMT
army.gif
bloxupdates.com/porpoiseant/
0
16 B
Ping
General
Full URL
https://bloxupdates.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODk2NDg5MzU4NjEyNDA0MSIsImRvbWFpbl9pZCI6IjMzMTgwMiIsInVuaXQiOiJkaXYtZ3B0LWFkLWJsb3h1cGRhdGVzX2NvbS1tZWRyZWN0YW5nbGUtNC0wXzEiLCJ0X2Vwb2NoIjoxNjcyMzgzOTYyLCJhZF9wb3NpdGlvbiI6MTEwOSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI4MmNmOGNhMC00MDQ3LTQ2MmUtNWUyZi0zZDE2ZjMxMmY3OGIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTE3LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMzAwLDI1MF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6Ijg5NjQ4OTM1ODYxMjQwNDEiLCJkb21haW5faWQiOiIzMzE4MDIiLCJ1bml0IjoiZGl2LWdwdC1hZC1ibG94dXBkYXRlc19jb20tbWVkcmVjdGFuZ2xlLTQtMF8xIiwidF9lcG9jaCI6MTY3MjM4Mzk2MiwiYWRfcG9zaXRpb24iOjExMDksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiODJjZjhjYTAtNDA0Ny00NjJlLTVlMmYtM2QxNmYzMTJmNzhiIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzUxNywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI4OTY0ODkzNTg2MTI0MDQxIiwiZG9tYWluX2lkIjoiMzMxODAyIiwidW5pdCI6ImRpdi1ncHQtYWQtYmxveHVwZGF0ZXNfY29tLW1lZHJlY3RhbmdsZS00LTBfMSIsInRfZXBvY2giOjE2NzIzODM5NjIsImFkX3Bvc2l0aW9uIjoxMTA5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjgyY2Y4Y2EwLTQwNDctNDYyZS01ZTJmLTNkMTZmMzEyZjc4YiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MTcsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiNjMifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-22y13-4y17-5y1c-y22-3y30-4y59-2y5d-22y64-1&cmbcb=118&sj=x04x02x06x07x0bx0dx13x17x1cx22x30x59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://bloxupdates.com
x-middleton-display
ezp_sol
date
Fri, 30 Dec 2022 07:06:05 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 29 Dec 2022 07:06:05 GMT
0b3a662eccaf078ed6d444bed5dff445-485x360.jpg
bloxupdates.com/wp-content/uploads/2020/03/
23 KB
23 KB
Image
General
Full URL
https://bloxupdates.com/wp-content/uploads/2020/03/0b3a662eccaf078ed6d444bed5dff445-485x360.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
848e6bd0692f481cc5e3e285ca20931068b8167de01763c738d92a1fc9a23fba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:08 UTC
content-encoding
br
display
staticcontent_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol
x-middleton-response
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
response
200
last-modified
Fri, 23 Dec 2022 17:53:57 GMT
server
Apache
x-nginx-cache
WordPress
x-origin-cache-control
max-age=86400
vary
Accept-Encoding,User-Agent,Origin
x-endurance-cache-level
2
content-type
image/jpeg
cache-control
max-age=604800
expires
Sat, 31 Dec 2022 07:06:08 GMT
/
track.adform.net/Serving/Event/ Frame D756
35 B
502 B
Ping
General
Full URL
https://track.adform.net/Serving/Event/?bn=59580666&event=178&time=2&baid=56356524&name=Viewable%20impressions&imprid=6080575407708994064&icid=8944310255798702345&eData=i9GmdvHJGZfXOUqac8mgBZ7ajRnpNj1H4fn4X_ACi5h_HXGVyeqWxnOddXKN9tbGL-cvRVR2Xkcau94oJsHc8Q2&rtbdata=hHuuDbOgJpx8I8ep_zZjsnB9rJNSj_Rusk2ChCwb0_qoYARIN8JapO-3ZZ5_XZJjJTaZ-2rVt--fUA5C0QjDbzJjDXR7itnY2ClFoI6DCfQt0ymYLVOx78azhLmYJBN61KruQLbf15U43dqzPhFWPif8QNAgzq93R2XeqGfRfsPZt8qTfVW1H96-i_obfT1Fz9dGHJFSJ_LV-9kqbm8F4pT51uNWS2Rh0t-z9W8oY1lYiPJU_5RTzWSQgF0UwLYHut3f5QWrwUfMTzgvubJFya6herkjZF8BWZW7RyZgtAUNyHpIRfFnOIGml1Rx3oia4UFuhV40q881&rtbwp=Y66N3QAD8sEIEdk6AAPfKhFVfv50C178vSD6tA&rnd=4270583
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 07:06:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame D756
35 B
502 B
Ping
General
Full URL
https://track.adform.net/serving/unload/?version=15&unload=8944310255798702345@@59580666,6080575407708994064,100|1101|0|0|0|0|0|0|0||43|1|||||1|0|0|YCGZ-Pg4sepX7EYoWZQhUWeFbGWWR-VCd3M6vCXLB8KYX0LJREexmRhpnBRkvb3lA7z_uuw_WOM1|||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 07:06:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
0106b5231c92f0c9547ca1ef00b52271-485x360.jpg
bloxupdates.com/wp-content/uploads/2020/05/
35 KB
35 KB
Image
General
Full URL
https://bloxupdates.com/wp-content/uploads/2020/05/0106b5231c92f0c9547ca1ef00b52271-485x360.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
4a6ec3c18e2f8077992340eacc1f6e2bfecabc384550462c77281ded7324f41a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:08 UTC
content-encoding
br
display
staticcontent_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol
x-middleton-response
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
response
200
last-modified
Fri, 23 Dec 2022 17:53:57 GMT
server
Apache
x-nginx-cache
WordPress
x-origin-cache-control
max-age=86400
vary
Accept-Encoding,User-Agent,Origin
x-endurance-cache-level
2
content-type
image/jpeg
cache-control
max-age=604800
expires
Sat, 31 Dec 2022 07:06:08 GMT
/
track.adform.net/Serving/Event/ Frame EC49
35 B
502 B
Ping
General
Full URL
https://track.adform.net/Serving/Event/?bn=59580680&event=178&time=2&baid=56356529&name=Viewable%20impressions&imprid=4244157750312061102&icid=1499587258127970761&eData=ywSrlXNz6YLjLf3Bg6415p7ajRnpNj1H4fn4X_ACi5hdPXm_Wr-jvcwKGw8r9QrwL-cvRVR2Xkcau94oJsHc8Q2&rtbdata=awuutI-vty9tTieLuCu1rgZKz3xElH-ka4ZeP7_WHjfC0wwdEl4c4--3ZZ5_XZJjJTaZ-2rVt--fUA5C0QjDbzJjDXR7itnY2ClFoI6DCfQt0ymYLVOx7_iCVI5F18IS1KruQLbf15U43dqzPhFWPif8QNAgzq93R2XeqGfRfsPZt8qTfVW1H96-i_obfT1Fz9dGHJFSJ_LV-9kqbm8F4pT51uNWS2Rh0t-z9W8oY1lYiPJU_5RTzWSQgF0UwLYHut3f5QWrwUfMTzgvubJFya6herkjZF8BWZW7RyZgtAUNyHpIRfFnOIGml1Rx3oia4UFuhV40q881&rtbwp=Y66N3QAD8sAIEdk6AAPfKs7KlHcigXwc7wsd6g&rnd=445216941
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 07:06:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame EC49
35 B
502 B
Ping
General
Full URL
https://track.adform.net/serving/unload/?version=15&unload=1499587258127970761@@59580680,4244157750312061102,100|1201|0|0|0|0|0|0|0||47|1|||||1|0|0|c0GTxmWfJ31X7EYoWZQhUWE8sVPZeY36P3tKqxMUqD981814P5LvAhhpnBRkvb3lA7z_uuw_WOM1|||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 07:06:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120501&jk=2773558372990557&bg=!-fql-r7NAAYgquz3AKo7ACkAdvg8Wt3Wi7eGuBNsC8QcgyUtkTq9JydQwoxaUA-7jaCutZyIv740zQIAAABQUgAAAANoAQeZAtnaXgg1hdLRzO_KMqdYSKrFo0LEqzKHT3k5f0d4wUJCaRoed_gEPquyk65gEk74-qOHl83kyOiG6lUf8rqokZKuVqFegjzk2Fc5ATHB5NK937MZxCK1K9PU3nbxib6UeNTYlfUuf0FcKb5RNvVinjIEfuflHl8O7FIxP5xsuj5H_SxmVyeWWGAUJKoTzc4jDA6KI0QGTzww2LoFqsIX4gqA5k6nlNE-9D8J6fWRco0-Q6OXGIcd0mBhEvl2z_sxo-tcp-Kq-uprfN5z0EO8aUx8T4IVFQh150DFjMxd7YXimCW0_ejkV7bsW6Z5RJr6_o1XWh8DExIkj8pgCW84uk7Pm9GPNhLGbVlwSJ8Z3Wyu_S64SWV09auecjq26DBzaQeCC7LL6hMib58yykgmPI7E4f0igEBiyLoRcy0dJY9dfvIeczahED-ocHkOY27C1NxKX71-_ONLexISU_iiNP-RgLg8SJLz7l9qIMxxUGxLTFADTvJYV8qowI11yLisDzC2iGMC9yGkuTYAFXeTfsFTLkcMXkY5ZyMIlaxS_tizYc_2xhIQlxWf_CfaSUo9M6Qeb-XRJ8M-ybvleicVBQF3PnOn36OVi5B5BKjkjLah1p-9S27PoDNxJHWiVteGYrIfeEvgYMH62faPINrw4G6BmjYO0dRjmM1Bj-mPUw5pUsggWBhZNxbVQ3b21eV8BBHwfom3lDzgwQx6EOjy11HJolKYcqcivRi9a96mqSRm8CUzkvzVwtTfhWoZfO1gipr2Wcz4u7KrKYeEdZHkX_iqw40k51p7Uba2MIvN8WN9CF0RsvQ-sovXIOUts1rEuTrSDW_VHZYxMSOxKxbB8a6nxKOk5rlMWuRAY6-_79hVp-6gnZCl15nrlKTMNlMdoba2vRSXBpPXtLYN6sFeOUk81GDrCWFi8Tryl0G48NOddZ0JlMpaB5aRhg9inhB8WUXjUXefiVc0oyI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

90168089_621100448734537_2304963176573173760_n-1-1068x601.jpg
bloxupdates.com/wp-content/uploads/2020/03/
97 KB
97 KB
Image
General
Full URL
https://bloxupdates.com/wp-content/uploads/2020/03/90168089_621100448734537_2304963176573173760_n-1-1068x601.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
3f42d3a4f1437abde223f4b69fbc4a86b8e7abc7d83be8b4e2b0a416e4e116ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:08 UTC
content-encoding
br
display
staticcontent_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol
x-middleton-response
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
response
200
last-modified
Fri, 23 Dec 2022 17:53:57 GMT
server
Apache
x-nginx-cache
WordPress
x-origin-cache-control
max-age=86400
vary
Accept-Encoding,User-Agent,Origin
x-endurance-cache-level
2
content-type
image/jpeg
cache-control
max-age=604800
expires
Sat, 31 Dec 2022 07:06:08 GMT
THU2.png
bloxupdates.com/wp-content/uploads/2020/03/
284 KB
285 KB
Image
General
Full URL
https://bloxupdates.com/wp-content/uploads/2020/03/THU2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
a8ccaaf9d1709d40da537377b66fb60be417dcca8838321e92ab116f59fb2309

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:08 UTC
content-encoding
br
display
staticcontent_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol
x-middleton-response
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
response
200
last-modified
Fri, 23 Dec 2022 17:53:57 GMT
server
Apache
x-nginx-cache
WordPress
x-origin-cache-control
max-age=86400
vary
Accept-Encoding,User-Agent,Origin
x-endurance-cache-level
2
content-type
image/png
cache-control
max-age=604800
expires
Sat, 31 Dec 2022 07:06:08 GMT
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=bloxupdates.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=bloxupdates.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
956 B
449 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2773558372990557&correlator=1310161159194021&eid=44777628&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=1254144%3A22676949412%2Cbloxupdates_com-medrectangle-4&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=5&adks=3287483969&didk=3557378069&sfv=1-0-40&ris=3&rcs=1&prev_scp=a%3D%257C0%257C%26iid1%3D8964893586124041%26eid%3D8964893586124041%26t%3D134%26d%3D331802%26t1%3D134%26pvc%3D0%26ap%3D1109%26sap%3D1109%26as%3Drevenue%26plat%3D1%26bra%3Dmod60-c%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D22%26al%3D1022%26compid%3D0%26tap%3Dbloxupdates_com-medrectangle-4-8964893586124041%26eb_br%3D33dd523f8e4dda158f0aa99686dda7f2%26eba%3D1%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D3%26ftsn%3D12%26ftsng%3D12%26br1%3D6%26br2%3D6%26ezoic%3D1%26nmau%3D3%26mau%3D2%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1428%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3052%2C3053%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3856%2C4184%2C4185%2C4186%2C4276%26lb%3D10%26reqt%3D1672383968553&eri=1&sc=1&cookie=ID%3D1fdd137c06d10824%3AT%3D1672383965%3AS%3DALNI_MYqJDf2RHOw7iY45uGcRl6KB3btWw&gpic=UID%3D00000b99c6f2a209%3AT%3D1672383965%3ART%3D1672383965%3AS%3DALNI_MZN9N8FMHOZ0RUkMr4U6zlonFaxyw&abxe=1&dt=1672383968559&lmt=1672383968&dlt=1672383963849&idt=1206&adxs=962&adys=676&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbloxupdates.com%2F&frm=20&vis=1&psz=323x250&msz=323x250&fws=4&ohw=1600&psts=ACgb8tuRJQV3aL0wM5iAvTk_u1w1&ga_vid=1058121351.1672383965&ga_sid=1672383965&ga_hid=72565201&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY-tTojtYwSABSAghkEhkKCnB1YmNpZC5vcmcYydXojtYwSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPrU6I7WMEgAUgIIZBLCAQoIcnRiaG91c2USrAF1czZROU9GbHR5YlNMVmdBNzFEUzk1RldjVHU2OHVXczJOdHRzS2hpS2dTNmdHaCt4Ymxub3Z2ZHk5YUszVGdLaXlBNEdCY05JcTZMTnB3eGZwaUJuUG05d1NrY0gyL0lnVUFhbkhXR2pzWS9RYVRCOWN2MVErd01kUXFEbmQyYzlZMTVreDZrcEgyTS9pcEQ5bzV6QjFhVXdaRzlnRy9oM3VGVjVOcElMUFE9GIrW6I7WMEgAEj4KBW9wZW54EixleUpwSWpvaVYyWjRURmxSUTBkVFduVlhaM0ptVW1OTlVFTmpkejA5SW4wPRi02OiO1jBIABIZCgp1aWRhcGkuY29tGPrU6I7WMEgAUgIIZBIbCgxpZDUtc3luYy5jb20Y_dXojtYwSABSAghq
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d6f55032a680e701e23de23ca7c66239d030a3737ef63d1c67bacaae22f93fb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:08 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
420
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bloxupdates.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=bloxupdates.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=bloxupdates.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
956 B
449 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2773558372990557&correlator=795925430814698&eid=44777628&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=1254144%3A22676949412%2Cbloxupdates_com-medrectangle-4&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=6&adks=3287483969&didk=3557378069&sfv=1-0-40&ris=2&rcs=2&prev_scp=a%3D%257C0%257C%26iid1%3D8964893586124041%26eid%3D8964893586124041%26t%3D134%26d%3D331802%26t1%3D134%26pvc%3D0%26ap%3D1109%26sap%3D1109%26as%3Drevenue%26plat%3D1%26bra%3Dmod60-c%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D22%26al%3D1022%26compid%3D0%26tap%3Dbloxupdates_com-medrectangle-4-8964893586124041%26eb_br%3D9c3e4ee8eae7f1433cb2fe69b1326605%26eba%3D1%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D3%26ftsn%3D12%26ftsng%3D12%26br1%3D4%26br2%3D6%26ezoic%3D1%26nmau%3D3%26mau%3D2%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1428%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3052%2C3053%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3856%2C4184%2C4185%2C4186%2C4276%26lb%3D6%26reqt%3D1672383969064&eri=1&sc=1&cookie=ID%3D1fdd137c06d10824%3AT%3D1672383965%3AS%3DALNI_MYqJDf2RHOw7iY45uGcRl6KB3btWw&gpic=UID%3D00000b99c6f2a209%3AT%3D1672383965%3ART%3D1672383965%3AS%3DALNI_MZN9N8FMHOZ0RUkMr4U6zlonFaxyw&abxe=1&dt=1672383970069&lmt=1672383970&dlt=1672383963849&idt=1206&adxs=962&adys=676&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbloxupdates.com%2F&frm=20&vis=1&psz=323x250&msz=323x250&fws=4&ohw=1600&psts=ACgb8tuRJQV3aL0wM5iAvTk_u1w1&ga_vid=1058121351.1672383965&ga_sid=1672383965&ga_hid=72565201&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY-tTojtYwSABSAghkEhkKCnB1YmNpZC5vcmcYydXojtYwSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPrU6I7WMEgAUgIIZBLCAQoIcnRiaG91c2USrAF1czZROU9GbHR5YlNMVmdBNzFEUzk1RldjVHU2OHVXczJOdHRzS2hpS2dTNmdHaCt4Ymxub3Z2ZHk5YUszVGdLaXlBNEdCY05JcTZMTnB3eGZwaUJuUG05d1NrY0gyL0lnVUFhbkhXR2pzWS9RYVRCOWN2MVErd01kUXFEbmQyYzlZMTVreDZrcEgyTS9pcEQ5bzV6QjFhVXdaRzlnRy9oM3VGVjVOcElMUFE9GIrW6I7WMEgAEj4KBW9wZW54EixleUpwSWpvaVYyWjRURmxSUTBkVFduVlhaM0ptVW1OTlVFTmpkejA5SW4wPRi02OiO1jBIABIZCgp1aWRhcGkuY29tGPrU6I7WMEgAUgIIZBIbCgxpZDUtc3luYy5jb20Y_dXojtYwSABSAghq
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a1df37122a3c2301605e83e63ee3cf769f2fea48d74b93f6ce76e335d9b75efd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
420
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bloxupdates.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=bloxupdates.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=bloxupdates.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
26 KB
12 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2773558372990557&correlator=3008098235588051&eid=44777628&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=1254144%3A22676949412%2Cbloxupdates_com-medrectangle-4&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=7&adks=3287483969&didk=3557378069&sfv=1-0-40&ris=1&rcs=3&prev_scp=a%3D%257C0%257C%26iid1%3D8964893586124041%26eid%3D8964893586124041%26t%3D134%26d%3D331802%26t1%3D134%26pvc%3D0%26ap%3D1109%26sap%3D1109%26as%3Drevenue%26plat%3D1%26bra%3Dmod60-c%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D22%26al%3D1022%26compid%3D0%26tap%3Dbloxupdates_com-medrectangle-4-8964893586124041%26eb_br%3Db6c98a8bb15764f1c4ee331dcb724178%26eba%3D1%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D3%26ftsn%3D12%26ftsng%3D12%26br1%3D2%26br2%3D6%26ezoic%3D1%26nmau%3D3%26mau%3D2%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1428%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3052%2C3053%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3856%2C4184%2C4185%2C4186%2C4276%26lb%3D4%26reqt%3D1672383970572&eri=1&sc=1&cookie=ID%3D1fdd137c06d10824%3AT%3D1672383965%3AS%3DALNI_MYqJDf2RHOw7iY45uGcRl6KB3btWw&gpic=UID%3D00000b99c6f2a209%3AT%3D1672383965%3ART%3D1672383965%3AS%3DALNI_MZN9N8FMHOZ0RUkMr4U6zlonFaxyw&abxe=1&dt=1672383970578&lmt=1672383970&dlt=1672383963849&idt=1206&adxs=962&adys=676&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbloxupdates.com%2F&frm=20&vis=1&psz=323x250&msz=323x250&fws=4&ohw=1600&psts=ACgb8tuRJQV3aL0wM5iAvTk_u1w1&ga_vid=1058121351.1672383965&ga_sid=1672383965&ga_hid=72565201&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY-tTojtYwSABSAghkEhkKCnB1YmNpZC5vcmcYydXojtYwSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPrU6I7WMEgAUgIIZBLCAQoIcnRiaG91c2USrAF1czZROU9GbHR5YlNMVmdBNzFEUzk1RldjVHU2OHVXczJOdHRzS2hpS2dTNmdHaCt4Ymxub3Z2ZHk5YUszVGdLaXlBNEdCY05JcTZMTnB3eGZwaUJuUG05d1NrY0gyL0lnVUFhbkhXR2pzWS9RYVRCOWN2MVErd01kUXFEbmQyYzlZMTVreDZrcEgyTS9pcEQ5bzV6QjFhVXdaRzlnRy9oM3VGVjVOcElMUFE9GIrW6I7WMEgAEj4KBW9wZW54EixleUpwSWpvaVYyWjRURmxSUTBkVFduVlhaM0ptVW1OTlVFTmpkejA5SW4wPRi02OiO1jBIABIZCgp1aWRhcGkuY29tGPrU6I7WMEgAUgIIZBIbCgxpZDUtc3luYy5jb20Y_dXojtYwSABSAghq
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 07:06:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11989
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bloxupdates.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 74AC
0
0

army.gif
bloxupdates.com/porpoiseant/
0
74 B
Ping
General
Full URL
https://bloxupdates.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODk2NDg5MzU4NjEyNDA0MSIsImRvbWFpbl9pZCI6IjMzMTgwMiIsInVuaXQiOiJkaXYtZ3B0LWFkLWJsb3h1cGRhdGVzX2NvbS1tZWRyZWN0YW5nbGUtNC0wXzIiLCJ0X2Vwb2NoIjoxNjcyMzgzOTYyLCJhZF9wb3NpdGlvbiI6MTEwOSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI4MmNmOGNhMC00MDQ3LTQ2MmUtNWUyZi0zZDE2ZjMxMmY3OGIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTE3LCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjQifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6Ijg5NjQ4OTM1ODYxMjQwNDEiLCJkb21haW5faWQiOiIzMzE4MDIiLCJ1bml0IjoiZGl2LWdwdC1hZC1ibG94dXBkYXRlc19jb20tbWVkcmVjdGFuZ2xlLTQtMF8yIiwidF9lcG9jaCI6MTY3MjM4Mzk2MiwiYWRfcG9zaXRpb24iOjExMDksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiODJjZjhjYTAtNDA0Ny00NjJlLTVlMmYtM2QxNmYzMTJmNzhiIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzUxNywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6ImI2Yzk4YThiYjE1NzY0ZjFjNGVlMzMxZGNiNzI0MTc4In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI4OTY0ODkzNTg2MTI0MDQxIiwiZG9tYWluX2lkIjoiMzMxODAyIiwidW5pdCI6ImRpdi1ncHQtYWQtYmxveHVwZGF0ZXNfY29tLW1lZHJlY3RhbmdsZS00LTBfMiIsInRfZXBvY2giOjE2NzIzODM5NjIsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDAyLCJhZF9wb3NpdGlvbiI6MTEwOSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMDIsImJpZF9mbG9vcl9wcmV2IjowLjAwMDA0LCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI4MmNmOGNhMC00MDQ3LTQ2MmUtNWUyZi0zZDE2ZjMxMmY3OGIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTE3LCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODk2NDg5MzU4NjEyNDA0MSIsImRvbWFpbl9pZCI6IjMzMTgwMiIsInVuaXQiOiJkaXYtZ3B0LWFkLWJsb3h1cGRhdGVzX2NvbS1tZWRyZWN0YW5nbGUtNC0wXzIiLCJ0X2Vwb2NoIjoxNjcyMzgzOTYyLCJhZF9wb3NpdGlvbiI6MTEwOSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI4MmNmOGNhMC00MDQ3LTQ2MmUtNWUyZi0zZDE2ZjMxMmY3OGIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTE3LCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTA0MTY5ODgifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6Ijg5NjQ4OTM1ODYxMjQwNDEiLCJkb21haW5faWQiOiIzMzE4MDIiLCJ1bml0IjoiZGl2LWdwdC1hZC1ibG94dXBkYXRlc19jb20tbWVkcmVjdGFuZ2xlLTQtMF8yIiwidF9lcG9jaCI6MTY3MjM4Mzk2MiwiYWRfcG9zaXRpb24iOjExMDksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiODJjZjhjYTAtNDA0Ny00NjJlLTVlMmYtM2QxNmYzMTJmNzhiIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzUxNywiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiMjg2ODcyNzQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: bloxupdates.com
URL: https://bloxupdates.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-22y13-4y17-5y1c-y22-3y30-4y59-2y5d-22y64-1&cmbcb=118&sj=x04x02x06x07x0bx0dx13x17x1cx22x30x59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bloxupdates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://bloxupdates.com
x-middleton-display
ezp_sol
date
Fri, 30 Dec 2022 07:06:11 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 29 Dec 2022 07:06:11 GMT
army.gif
bloxupdates.com/porpoiseant/
0
0

army.gif
bloxupdates.com/porpoiseant/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bloxman.com
URL
https://bloxman.com/wp-content/uploads/2022/01/newspaper-rec728.jpg
Domain
bloxman.com
URL
https://bloxman.com/wp-content/uploads/2022/01/mobile-bg.jpg
Domain
01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com
URL
https://01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Domain
bloxupdates.com
URL
https://bloxupdates.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODk2NDg5MzU4NjEyNDA0MSIsImRvbWFpbl9pZCI6IjMzMTgwMiIsInVuaXQiOiJkaXYtZ3B0LWFkLWJsb3h1cGRhdGVzX2NvbS1tZWRyZWN0YW5nbGUtNC0wXzIiLCJ0X2Vwb2NoIjoxNjcyMzgzOTYyLCJhZF9wb3NpdGlvbiI6MTEwOSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI4MmNmOGNhMC00MDQ3LTQ2MmUtNWUyZi0zZDE2ZjMxMmY3OGIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTE3LCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMi0xMi0zMCJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjcifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiNSJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Domain
bloxupdates.com
URL
https://bloxupdates.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiODk2NDg5MzU4NjEyNDA0MSIsImRvbWFpbl9pZCI6IjMzMTgwMiIsInVuaXQiOiJkaXYtZ3B0LWFkLWJsb3h1cGRhdGVzX2NvbS1tZWRyZWN0YW5nbGUtNC0wXzIiLCJ0X2Vwb2NoIjoxNjcyMzgzOTYyLCJhdWN0aW9uX2Vwb2NoIjoxNjcyMzgzOTcxLCJhZF9wb3NpdGlvbiI6MTEwOSwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjgyY2Y4Y2EwLTQwNDctNDYyZS01ZTJmLTNkMTZmMzEyZjc4YiIsImJpZF9mbG9vcl9pbml0aWFsIjoxMCwiYmlkX2Zsb29yX3ByZXYiOjQsImJpZF9mbG9vcl9maWxsZWQiOjIsImF1Y3Rpb25fY291bnQiOjQsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjUyNSwibXVsdGlfYWRfdW5pdCI6MiwibXVsdGlfYWRfY291bnQiOjMsIm5ldHdvcmtfY29kZSI6MTI1NDE0NCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjoyODY4NzI3NH1d

Verdicts & Comments Add Verdict or Comment

443 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| oncontentvisibilityautostatechange object| __ez string| __sellerid string| __schain_domain string| __ez_nid object| ezasVars object| ezslots_raw object| __advertiserRule object| google_reactive_ads_global_state function| ezasvEvent function| ezaslEvent function| ezoAdBackFill object| ezoSTPixels function| ezoSTPixelAdd function| ezoGetSlotById function| ezoGetSlotNum function| ezoSTPixelFire boolean| ezhbopt boolean| ezpbCache object| __banger_pmp_deals object| _ebcids number| ezobv object| ez_ad_units object| ezslots object| ezrpos object| ezsrqt boolean| __ez_fad_haspo boolean| __ez_fad_hascp object| __ez_fad_po boolean| __ez_fad_floatshowd function| __ez_fad_csnt function| __ez_fad_rdy function| __ez_fad_position function| __ez_fad_display function| ezSetTargetingFromMap function| ezSetSlotTargeting function| ezGetSlotById function| __ez_close_anchor boolean| isEZABL number| ezmadspc boolean| ezoViewCheck boolean| ezDisableInitialLoad object| googletag object| ezaxmns object| ezaucmns object| __ez_fad_floating boolean| __ez_fad_gptd boolean| __ez_fad_ezpbinitd number| __ez_fad_pbt function| __ez_fad_gpt function| __ez_fad_pb function| __ez_init_slot function| ezogetbrkey boolean| ezoll string| ezoadxnc string| ezoadhb boolean| ezoicTestActive object| _ezaq object| _ezim_d object| _ezat object| _wpemojiSettings undefined| $ function| jQuery object| Cli_Data object| cli_cookiebar_settings object| log_object object| CLI_Cookie object| CLI object| cliBlocker string| CLI_ACCEPT_COOKIE_NAME string| CLI_PREFERNCE_COOKIE number| CLI_ACCEPT_COOKIE_EXPIRE boolean| CLI_COOKIEBAR_AS_POPUP object| tdb_globals object| tdwGlobal object| tdaGlobal object| tdBlocksArray function| tdBlock object| tdLocalCache object| td_viewport_interval_list string| td_animation_stack_effect boolean| tds_animation_stack string| td_animation_stack_specific_selectors string| td_animation_stack_general_selectors string| tds_general_modal_image string| tdc_is_installed string| td_ajax_url string| td_get_template_directory_uri string| tds_snap_menu string| tds_logo_on_sticky string| tds_header_style string| td_please_wait string| td_email_user_pass_incorrect string| td_email_user_incorrect string| td_email_incorrect string| td_user_incorrect string| td_email_user_empty string| td_pass_empty string| td_pass_pattern_incorrect string| td_retype_pass_incorrect string| tds_more_articles_on_post_enable string| tds_more_articles_on_post_time_to_wait number| tds_more_articles_on_post_pages_distance_from_top string| tds_theme_color_site_wide string| tds_smart_sidebar string| tdThemeName string| td_magnific_popup_translation_tPrev string| td_magnific_popup_translation_tNext string| td_magnific_popup_translation_tCounter string| td_magnific_popup_translation_ajax_tError string| td_magnific_popup_translation_image_tError string| tdBlockNonce object| tdDateNamesI18n string| td_ad_background_click_link string| td_ad_background_click_target object| cookieconsent_options boolean| hasCookieConsent string| ezouid string| ezoTemplate string| ezoFormfactor object| ezo_elements_to_check string| soc_app_id number| did string| ezdomain number| ezoicSearchable function| create_ezolpl function| attach_ezolpl string| _audins_dom number| _audins_did object| block_tdi_8 object| block_tdi_34 object| ggeac object| google_tag_data object| google_js_reporting_queue string| ezoScriptHost object| IL11ILILIIlLLLILILLLLIILLLIIL11111LLILiiLIliLlILlLiiLLIiILL function| ezoSyncToDfp function| ezoGetDFPSlot object| ezomash boolean| ezowwinit function| ezbanger function| ezvt function| ezvb function| ezsr function| ezosethbbid function| ezosethbbids function| ezGetSlotViewedTime function| formatBid function| fetchezoibfh object| ezoibfh number| ezoibfhHF function| adjustHbValues function| ezasBuild function| ezorefgsl object| block_tdi_53 function| ez_attachEvent function| ez_attachEventWithCapture function| ez_detachEvent function| ez_getQueryString object| ezux function| detectAdBlock object| metricNameMap function| ezlogVital object| ezRBA function| __ezDotData object| _ezfd object| riveted number| ez_tos_track_count number| ez_last_activity_count object| webVitals object| _qevents function| uglipop object| block_tdi_56 object| block_tdi_57 undefined| google_measure_js_timing object| ezslot_2 object| ezslot_3 object| ezslot_4 number| i3 object| googleToken object| googleIMState function| processGoogleToken object| head object| style object| ezslot_0 number| google_unique_id object| gaGlobal object| ezmt object| ezua object| ezuxgoals object| ezdent object| ezDenty object| ct function| quantserve function| __qc object| ezt object| _qoptions object| runtime object| regeneratorRuntime object| twemoji object| wp function| setImmediate function| clearImmediate object| wpcf7 number| ezouspvv object| signal_decrypted function| _ object| tdbAutoload object| $jscomp object| tdAnalytics object| tdDetect object| tdViewport object| tdMenu object| tdUtil object| tdAffix function| td_smart_list_dropdown object| td_more_articles_box number| td_resize_timer_id function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life boolean| tdIsScrollingAnimation boolean| td_mouse_wheel_or_touch_moved boolean| td_scroll_to_top_is_visible function| td_events_scroll_scroll_to_top function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| td_comments_form_validation object| tdLoadingBox object| tdAjaxSearch string| tdModalImageLastEl object| tdBlocks object| tdLogin object| tdLoginMob object| tdDemoMenu object| tdTrendingNow object| td_history object| tdSmartSidebar object| tdStickyRow object| tdScrollToClass object| tdInfiniteLoader function| Froogaloop object| tdCustomEvents object| tdEvents object| tdHeader object| tdAjaxCount object| tdYoutubePlayers object| tdVimeoPlayers function| td_resize_smartlist_slides function| td_resize_smartlist_sliders_and_update function| td_resize_normal_slide function| td_resize_normal_slide_and_update object| tdPullDown object| td_fps object| tdAnimationScroll object| tdHomepageFull object| tdBackstr object| tdShowVideo object| tdAnimationStack function| td_compute_parallax_background function| td_compute_backstretch_item object| td_backstretch_items object| tdAjaxLoop object| tdWeather object| tdAnimationSprite function| td_date_i18n object| tdSocialSharing function| tdModalImage object| tdAjaxVideoModal object| tdfAjaxFlickr object| tdPopupModal object| tdConfirm function| $f function| onYouTubeIframeAPIReady object| addComment object| tds_js_globals object| tdsLeads object| tdsMain undefined| eventHub object| tdbMenu object| tdbMenuItemPullDown object| tdbSearch object| tdcPostSettings function| tdbGetMobileTemplates object| _stq function| __ez_fad_ezpbinit object| ezAYL object| ezAMX object| ezOneTag function| ezjsps object| epbjs boolean| __enableAnalytics object| __s2sbidders object| __s2sinstreambidders object| __allBidders string| __id5pd string| __uIdHash string| __sspDomain function| __ez_tkn_evnt undefined| __ez_dims function| lotameIsCompatible function| sync16589_ba function| sync16589_b undefined| sync16589_c undefined| sync16589_ca undefined| sync16589_d function| sync16589_e object| sync16589_g function| sync16589_da function| sync16589_ea object| sync16589_ object| sync16589_ha object| sync16589_o object| sync16589_ta object| sync16589_K function| sync16589_aa function| sync16589_a function| sync16589_f function| sync16589_h function| sync16589_i function| sync16589_j function| sync16589_k function| sync16589_ga function| sync16589_fa function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_p function| sync16589_ia function| sync16589_ja function| sync16589_r function| sync16589_ka function| sync16589_s function| sync16589_t function| sync16589_q function| sync16589_u function| sync16589_la function| sync16589_v function| sync16589_w function| sync16589_x function| sync16589_y function| sync16589_z function| sync16589_A function| sync16589_B function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_C function| sync16589_ma function| sync16589_G function| sync16589_H function| sync16589_na function| sync16589_oa function| sync16589_I function| sync16589_J function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_L function| sync16589_M function| sync16589_N function| sync16589_O function| sync16589_P function| sync16589_Q function| sync16589_R function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_Z function| sync16589_X function| sync16589__ function| sync16589_Y function| sync16589_0 function| sync16589_1 function| sync16589_2 function| sync16589_3 function| sync16589_8 function| sync16589_ua function| sync16589_4 function| sync16589_6 function| sync16589_va function| sync16589_wa function| sync16589_9 function| sync16589_7 function| sync16589_5 function| sync16589_xa function| sync16589_ya function| sync16589_za function| sync16589_Aa function| sync16589_$ function| sync16589_Ba function| sync16589_Ca function| sync16589_Da function| sync16589_Ea object| lotame_sync_16589 object| pbjs function| ezoChar function| ezoCharSize function| st_go function| linktracker_init object| wpcom string| currentText string| categoryCookie object| categoryCookieValue object| cli_chkbox_elm string| cli_chkbox_data_id string| cli_chkbox_data_id_trimmed object| srcReplaceableElms object| ox_esp object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_132 object| Criteo object| Criteo_identitytag_132 object| __uid2SecureSignalProvider object| __uid2 function| epbjsRequestAdUnits function| epbjsRefreshSlot object| ezoptbid function| update_cookieconsent_options object| perf_vals string| token object| GoogleGcLKhOms object| slots string| slot object| google_image_requests object| epbjsChunk object| ezSchain

36 Cookies

Domain/Path Name / Value
.bloxupdates.com/ Name: ezoadgid_331802
Value: -1
.bloxupdates.com/ Name: ezoref_331802
Value:
.bloxupdates.com/ Name: ezosuibasgeneris-1
Value: a9cd14c7-b07c-43fa-4a86-e463c46e696d
.bloxupdates.com/ Name: ezoab_331802
Value: mod60-c
.bloxupdates.com/ Name: active_template::331802
Value: pub_site.1672383962
.bloxupdates.com/ Name: ezopvc_331802
Value: 1
.bloxupdates.com/ Name: ezepvv
Value: 0
.bloxupdates.com/ Name: ezovid_331802
Value: 2025541991
.bloxupdates.com/ Name: lp_331802
Value: https://bloxupdates.com/
.bloxupdates.com/ Name: ezovuuidtime_331802
Value: 1672383963
.bloxupdates.com/ Name: ezovuuid_331802
Value: 8ab724ef-9760-4584-5feb-976672745568
.quantserve.com/ Name: mc
Value: 63ae8ddd-4e87b-d088d-b9bb2
.bloxupdates.com/ Name: __qca
Value: P0-746061529-1672383965188
.bloxupdates.com/ Name: __gads
Value: ID=1fdd137c06d10824:T=1672383965:S=ALNI_MYqJDf2RHOw7iY45uGcRl6KB3btWw
.bloxupdates.com/ Name: __gpi
Value: UID=00000b99c6f2a209:T=1672383965:RT=1672383965:S=ALNI_MZN9N8FMHOZ0RUkMr4U6zlonFaxyw
bloxupdates.com/ Name: ezouspvh
Value: 10
bloxupdates.com/ Name: ezouspvv
Value: 20
bloxupdates.com/ Name: ezouspva
Value: 2
bloxupdates.com/ Name: ezds
Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
bloxupdates.com/ Name: ezohw
Value: w%3D1600%2Ch%3D1200
.doubleclick.net/ Name: IDE
Value: AHWqTUngELeZI-WqDaGD0X8cW6u7Ij0ZkZ-m6SocHpRrFkWIgs4ckBD722GwZqmbk8E
bloxupdates.com/ Name: cookielawinfo-checkbox-necessary
Value: yes
bloxupdates.com/ Name: cookielawinfo-checkbox-functional
Value: no
bloxupdates.com/ Name: cookielawinfo-checkbox-performance
Value: no
bloxupdates.com/ Name: cookielawinfo-checkbox-analytics
Value: no
bloxupdates.com/ Name: cookielawinfo-checkbox-advertisement
Value: no
bloxupdates.com/ Name: cookielawinfo-checkbox-others
Value: no
.adform.net/ Name: C
Value: 1
.criteo.com/ Name: uid
Value: a40dbfca-9784-42a9-8dce-7606a06a8f31
.bloxupdates.com/ Name: cto_bundle
Value: 7N-gt181dHhvR0RLUWpIc3JvSE1ycnc4Q1FGVVVyeVltajMwNVJFUXROVWhZN3I0QTMlMkI5bHFoU2d2MUNJd1g1SFBGd2ZaOGdCJTJCV1FVemxySjBlOFdxelFxRmVQdm5nd3Y5c3ROc3Y5ZXF6bkpiRnBncTRYNHJnY0Q4UjdTclR3MHZveVFZUmglMkJSVXVNMUl3WVYwbjhNY3pZakElM0QlM0Q
.openx.net/ Name: i
Value: 59fc4b61-0086-499b-9682-b7d170c3c273|1672383966
.adform.net/ Name: uid
Value: 8944310255798702345
.adform.net/ Name: TPC
Value: 1672383966165
bloxupdates.com/ Name: ezux_lpl_331802
Value: 1672383966944|82cf8ca0-4047-462e-5e2f-3d16f312f78b|false
bloxupdates.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bloxupdates.com/ Name: _sharedid
Value: f2ff604c-033b-4d90-8ca2-bd60823026db

2 Console Messages

Source Level URL
Text
network error URL: https://bloxman.com/wp-content/uploads/2022/01/newspaper-rec728.jpg
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://bloxman.com/wp-content/uploads/2022/01/mobile-bg.jpg
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
basher.ezodn.com
bcp.crwdcntrl.net
bloxman.com
bloxupdates.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
esp.rtbhouse.com
fonts.googleapis.com
fonts.gstatic.com
go.ezodn.com
go.ezoic.net
google-bidout-d.openx.net
gum.criteo.com
id5-sync.com
invstatic101.creativecdn.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pixel.quantserve.com
pixel.wp.com
rules.quantcount.com
s1.adform.net
secure.quantserve.com
securepubads.g.doubleclick.net
static.criteo.net
stats.wp.com
tags.crwdcntrl.net
tpc.googlesyndication.com
track.adform.net
www.google.com
www.googletagservices.com
01cf11406c9d4121e63c5f9cedf3b7a8.safeframe.googlesyndication.com
bloxman.com
bloxupdates.com
162.19.138.117
178.250.2.146
18.158.98.109
192.0.76.3
2600:9000:2057:a400:a:e047:752:5701
2600:9000:211e:6200:6:44e3:f8c0:93a1
2600:9000:214f:200:2:cb38:840:93a1
2606:4700:10::6816:3456
2606:4700:e4::ac40:a006
2606:4700:e4::ac40:a106
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:802::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2004
2a00:1450:4001:813::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:400d:80c::2002
2a00:1450:400d:80d::200a
2a02:2638:1::13
2a02:2638:1::3
2a04:4e42:400::485
3.66.136.156
34.102.146.192
34.120.135.53
34.246.104.18
34.96.70.87
34.98.64.218
35.190.39.111
37.157.5.141
37.157.5.72
65.9.66.68
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0861ad16fd78c0e6af661a9875f6145cdfc922152a04f7295712f1df9c2b1ca8
0e7b2df548c568c8c78e4a6bcec693192c6145f8ecfd85d5f17e74a8918fee21
1021efafbf9b43acf446f436556222d910e0d86d09d796b6fb16101efedffa22
10cf2ce0cc42858f2fd454d84251301a563650a0122921694c7429ad0ba5404d
10d4b728888654e0b85c706a9310b551087d3321fb8ebfff147d07b13fa73bf0
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
1cb5dcdb11eda07425f9584041552e161f7ff7395cf52d201e023dcd869157f2
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8
2baf734a99655b7802a8d5366256ea5314a1e529d3dd295d2ab5f350d5057013
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
3998922125d04bf6a34d15604902f84e46529e02a96b7f1fc9a2711917707de4
3bd63bf62085617848ae583a73def38fed9a18804c35ed31644e92b21d84de5a
3f42d3a4f1437abde223f4b69fbc4a86b8e7abc7d83be8b4e2b0a416e4e116ad
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4718dd9f68e969d1cb5e1b6172206b7150ad1d8cd5c5c1fe5812dd0e1646d426
4a6ec3c18e2f8077992340eacc1f6e2bfecabc384550462c77281ded7324f41a
53581b39a00a531084a31554d7f557aaca01e4c7bc8fd0cb314c98a9dce69325
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
591be3c5cb598e205b2c65c31152b274fab5115d10c5aa7bf9955ac665eadc63
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5d5ee2ea990988787e3dd82b9b312600c09ce412250e63530e0e347c04b06c1a
5fd560f73ba82054f792464b3844bd6472335b12969ef7f78d8e667d918e1ec1
617dbf19a3e29313621f98eb7b82a8be14c0b6fb87e42d332c10546017197aa2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64aa3aea4984154fa8dbe542159695fdc109c6421f7e7ee3513779404181e676
66a8dfcc4572e000bf5b4351bae2a763b3357a65ed373ff27a7e7b38ec9486ae
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
6d268bd506ff1c1e08e64d7635a225dd65e935b40d5523dd64adf76852f4dadc
6e559a3864920bcf20f88f3c6df593df5c95f8339f771a2e10b2f70bb69cde7c
6f1a5c34ee11fc2924116b51965ddbf8c4852f4c6a32bca395b557f860548a1b
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
728b1253b2887baab2be3d71f6d59625ff35755cc85425d854cde26878d32fb7
7330408577d97f041589e853d412b8de5a7f5d7fea76e499447e5910af8d1dc7
75a06255783cd39b9a9f24cd51d3a9c0ee78b535636b8dfca075a8e519416937
793fc3e0346372c935f30d745d28c2b43f5bbe63770376a65f7f594bd2acc457
7a89d23287ae3c749a356c76da7ef88c34d0ed018c049701b05304c3f6601ab7
7e43000dcd72c3476cd29096f634484aa48609180ef336356b4d8c3163901673
7fe2f76be73ca73d99f205b26e5695a932defc1ab45c6b199edf6f361f4daccf
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8364edea9d4a5445d197bedbe2dc3101703ebb1d50fd39b137617ece70f3a4dc
848e6bd0692f481cc5e3e285ca20931068b8167de01763c738d92a1fc9a23fba
85070793217bfa9f4576a6cb9d132771e0953fb3b09ecfd26451e7456a447630
863ad739bb9402363d8f11aa86e044ddfa80fd927de18b09814259f152fdf01f
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8cb567e914850ecaa4a1c79b360056e2e32202f9a41442063c6c055ae20a8e67
94edf973e9deb80b5eccf17f8f3108eafe15209fe25fe417e8f8962a4d8f48b3
9fde46370e7dfc5dbc549914da67dad5fe3220607a612de2909483d186376bbf
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1df37122a3c2301605e83e63ee3cf769f2fea48d74b93f6ce76e335d9b75efd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a8ccaaf9d1709d40da537377b66fb60be417dcca8838321e92ab116f59fb2309
a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2
b222bcf645f96c7c9c04c9d705affa8efd25d1194feb6cc2d33cd3511e75f51a
b51a3ec367e2c689bd286f090bab4ffe838610e8b004aacc67b04b45e688ee85
b756c07df01bfa9650386f37d26ee172217cd606626ab15d74322f6dcaffdcfe
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b8fa20af264fcdd99621fc4e3a770927452b0fe382599e0d890a3bfa31152f80
bd6fb03f75920f79b381032152cbc75d9a59045ee4e0d73b9bd336ca8faba9d3
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c637118647db8d74b6e583059b4534d627125e1075ae3cae2ac66fb9953783f8
c9a612722eed86936463bc8772a9d4509e0c24f22485221beaa583a60079fef2
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cf59824b6de0f006f06762b354b93b96619a19f14e8aebf3763b2afda087ddf0
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d227e31ec93027f2b903fe5011b6ef0d67fd1fd8e0105843a2f56626e74f4322
d2c9f518ec6a8748dd27703e15b4c4c1f44590cee03193fe9c542678c80c6b27
d61ed2d6f691389596fad09cd95740f4408165d19d3c424152a68a29111b15de
d6f55032a680e701e23de23ca7c66239d030a3737ef63d1c67bacaae22f93fb4
d854082be0173c977aad8f65cdb9b88fd005f3dd3f34f894ab9fdba5a283780f
db53b68998caaae4358a3bc730930255dd30a319e28502fd228bb3718915e017
dcc0b6437eeec474b65774198371749c6e3f11c12b0bc14f3a971714d0d0e52b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de31773f1cc595b28cc63dad4b0b1e307a08a5c3b381c52dd3910ca3e3e30cd9
de7e978c99e3e782f9077d8845adeeb4bc5a3dd1e6239edeb322f416dbebd733
e1056ba71e3fcb9898b0cd94af69bdb9f4ce94cca79fd0ac2a1ec1a4d505523a
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
ea9ad8f6ace011a694d664482cc6ca0acc2dd86a8d6b684154327ec84c0c95fd
eebd5288ecc05b1f945181533def0c5d2e9da2f1bcc63ec0364b39a27ffb7a96
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c
f08bda7e60fadca736bd7ed81684d6dd9bd11951aada10c84e66cbeac3c52197
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f394f77e6779594c1e1012b198cff61b666a58425d75ffde8d80c494f26167e9
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fec17922c185dedc8fb414c90b39a2d187543df70e46438f8a04beb379f5cd89
fefd987e7247e4659bd2174b0f67e9a04b97c191457f6932148b0c2b8ab4cb5f