URL: https://fruityblox.com/
Submission Tags: phishingrod
Submission: On October 09 via api from DE — Scanned from DE

Summary

This website contacted 19 IPs in 2 countries across 15 domains to perform 60 HTTP transactions. The main IP is 2606:4700:20::ac43:450e, located in United States and belongs to CLOUDFLARENET, US. The main domain is fruityblox.com. The Cisco Umbrella rank of the primary domain is 733955.
TLS certificate: Issued by WE1 on October 8th 2024. Valid for: 3 months.
This is the only time fruityblox.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
26 fruityblox.com
fruityblox.com — Cisco Umbrella Rank: 733955
531 KB
8 intergient.com
cdn.intergient.com — Cisco Umbrella Rank: 5309
77 KB
4 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682
154 KB
3 gstatic.com
fonts.gstatic.com
173 KB
3 btloader.com
btloader.com — Cisco Umbrella Rank: 883
api.btloader.com — Cisco Umbrella Rank: 1013
31 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215
ad.doubleclick.net — Cisco Umbrella Rank: 150
182 KB
3 faucetfoot.com
faucetfoot.com — Cisco Umbrella Rank: 323582
25 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 904
1 KB
2 playwire.com
config.playwire.com — Cisco Umbrella Rank: 7045
impression-inferences-edge-prod.playwire.com — Cisco Umbrella Rank: 6525
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
6 KB
1 moatads.com
px.moatads.com — Cisco Umbrella Rank: 1027
27 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 684
480 B
1 intergi.com
cdn.intergi.com — Cisco Umbrella Rank: 6123
164 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3643
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
105 KB
60 15
Domain Requested by
26 fruityblox.com fruityblox.com
8 cdn.intergient.com fruityblox.com
cdn.intergient.com
4 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
3 fonts.gstatic.com
3 faucetfoot.com cdn.intergient.com
faucetfoot.com
2 api.btloader.com btloader.com
2 ad-delivery.net
2 securepubads.g.doubleclick.net cdn.intergient.com
securepubads.g.doubleclick.net
1 fonts.googleapis.com
1 ad.doubleclick.net
1 px.moatads.com
1 btloader.com cdn.intergient.com
1 impression-inferences-edge-prod.playwire.com cdn.intergient.com
1 config.playwire.com cdn.intergient.com
1 static.adsafeprotected.com
1 cdn.intergi.com cdn.intergient.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com fruityblox.com
60 18

This site contains no links.

Subject Issuer Validity Valid
fruityblox.com
WE1
2024-10-08 -
2025-01-07
3 months crt.sh
*.google-analytics.com
WR2
2024-09-24 -
2024-12-17
3 months crt.sh
cdn.intergient.com
WE1
2024-10-02 -
2024-12-31
3 months crt.sh
faucetfoot.com
WE1
2024-09-17 -
2024-12-16
3 months crt.sh
*.g.doubleclick.net
WR2
2024-09-24 -
2024-12-17
3 months crt.sh
cdn.intergi.com
WE1
2024-09-27 -
2024-12-26
3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02
2024-04-25 -
2025-05-24
a year crt.sh
config.playwire.com
WE1
2024-09-23 -
2024-12-22
3 months crt.sh
*.playwire.com
Amazon RSA 2048 M03
2024-01-12 -
2025-02-09
a year crt.sh
btloader.com
WE1
2024-10-08 -
2025-01-06
3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1
2024-09-27 -
2025-09-27
a year crt.sh
*.google.com
WR2
2024-09-24 -
2024-12-17
3 months crt.sh
ad-delivery.net
WE1
2024-09-12 -
2024-12-11
3 months crt.sh
*.doubleclick.net
WR2
2024-09-24 -
2024-12-17
3 months crt.sh
api.btloader.com
WR3
2024-10-01 -
2024-12-30
3 months crt.sh
upload.video.google.com
WR2
2024-09-24 -
2024-12-17
3 months crt.sh
*.gstatic.com
WR2
2024-09-24 -
2024-12-17
3 months crt.sh

This page contains 2 frames:

Primary Page: https://fruityblox.com/
Frame ID: A919CE93A43AC4C25E49D1976774D8AB
Requests: 59 HTTP requests in this frame

Frame: https://cdn.intergient.com/pageos/1.10.66/iframe/iframe.html
Frame ID: 988900B05A73E91DC803B129EA2F4E0A
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

FruityBlox - #1 Blox Fruits Values & Trading Website

Detected technologies

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • moatads\.com

Overall confidence: 100%
Detected patterns
  • /prebid\.js

Page Statistics

60
Requests

100 %
HTTPS

84 %
IPv6

15
Domains

18
Subdomains

19
IPs

2
Countries

1452 kB
Transfer

4016 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

60 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
fruityblox.com/
53 KB
8 KB
Document
General
Full URL
https://fruityblox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:450e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash
1087cb6222142bf7ed04a621660526b302a6e91c3a7a554c9aa103aa75441dab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8cfb7a4678d0dcae-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 09 Oct 2024 04:02:52 GMT
last-modified
Wed, 09 Oct 2024 04:02:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tii5JVyHRUw8gscxRumyfkvZP1uTXiUlAe3JlqTWqOdgKhrbzf0DXwcm%2FynLdF6gUNmLVI1RnObrWAiGQsZdmf7mXefcvahqixN%2BEMQ33T7zco0em3Ca%2BkcE%2FYMZLlFtKkDBCEuGMC5W7xYF"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
x-do-app-origin
2c6b1836-3216-475c-8e3b-1aa10125f7db
x-do-orig-status
200
x-powered-by
Next.js
fbaaac7b794f7dfd.css
fruityblox.com/_next/static/css/
27 KB
7 KB
Stylesheet
General
Full URL
https://fruityblox.com/_next/static/css/fbaaac7b794f7dfd.css
Requested by
Host: fruityblox.com
URL: https://fruityblox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:450e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82e47385a0cbe325fda16e90e71368765cff7c296b8e664f410b199a7d4bd2ed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1727761693&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=APFOg5lN9Fo6urYml0MpYrAourt5qEJkTdxfrZpzDMw%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=31536000, immutable, no-store
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6c38-191e68b8548"
age
684879
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1727761693&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=APFOg5lN9Fo6urYml0MpYrAourt5qEJkTdxfrZpzDMw%3D"}]}
via
1.1 vegur
cf-ray
8cfb7a48abf2dcae-FRA
date
Wed, 09 Oct 2024 04:02:52 GMT
content-type
text/css; charset=UTF-8
last-modified
Thu, 12 Sep 2024 14:03:09 GMT
vary
Accept-Encoding
server
cloudflare
5a56e3c1761e58ad.css
fruityblox.com/_next/static/css/
14 KB
3 KB
Stylesheet
General
Full URL
https://fruityblox.com/_next/static/css/5a56e3c1761e58ad.css
Requested by
Host: fruityblox.com
URL: https://fruityblox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:450e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2a6fea938d9f2f6fc728d5866930d0de5fbb494b3cd106deae22ba21e8ae4af

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1727761693&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=APFOg5lN9Fo6urYml0MpYrAourt5qEJkTdxfrZpzDMw%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=31536000, immutable, no-store
content-encoding
gzip
cf-cache-status
HIT
etag
W/"372b-191e68b8548"
age
684878
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1727761693&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=APFOg5lN9Fo6urYml0MpYrAourt5qEJkTdxfrZpzDMw%3D"}]}
via
1.1 vegur
cf-ray
8cfb7a48abf4dcae-FRA
date
Wed, 09 Oct 2024 04:02:52 GMT
content-type
text/css; charset=UTF-8
last-modified
Thu, 12 Sep 2024 14:03:09 GMT
vary
Accept-Encoding
server
cloudflare
webpack-73831d8393c4a38f.js
fruityblox.com/_next/static/chunks/
4 KB
2 KB
Script
General
Full URL
https://fruityblox.com/_next/static/chunks/webpack-73831d8393c4a38f.js
Requested by
Host: fruityblox.com
URL: https://fruityblox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:450e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6d4a92377cb9e1f78fc13f50238a5a9a314b2ac64d08df332ae8b3e06936c5a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1727764491&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=%2Fjnf10pzqVAbqE%2FY0%2FivZ76ZupiY%2F0uRiQwivDsq%2BuY%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
cf-cache-status
HIT
etag
W/"e9e-191e68b8548"
age
682081
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1727764491&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=%2Fjnf10pzqVAbqE%2FY0%2FivZ76ZupiY%2F0uRiQwivDsq%2BuY%3D"}]}
via
1.1 vegur
cf-ray
8cfb7a48bc1cdcae-FRA
date
Wed, 09 Oct 2024 04:02:52 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 12 Sep 2024 14:03:09 GMT
vary
Accept-Encoding
server
cloudflare
fd9d1056-f9499dcf2324541c.js
fruityblox.com/_next/static/chunks/
169 KB
53 KB
Script
General
Full URL
https://fruityblox.com/_next/static/chunks/fd9d1056-f9499dcf2324541c.js
Requested by
Host: fruityblox.com
URL: https://fruityblox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:450e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71ed963804cbd4b773b16a2e290fb534288140999cca4833a8ff300a9d72a9b1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1727765743&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=rbJRalUNu6j4eoh3qiCN2g%2FNC6MHePRyDwBPTbpvrsE%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
cf-cache-status
HIT
etag
W/"2a31f-191e68b8548"
age
680829
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1727765743&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=rbJRalUNu6j4eoh3qiCN2g%2FNC6MHePRyDwBPTbpvrsE%3D"}]}
via
1.1 vegur
cf-ray
8cfb7a48bc1ddcae-FRA
date
Wed, 09 Oct 2024 04:02:52 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 12 Sep 2024 14:03:09 GMT
vary
Accept-Encoding
server
cloudflare
23-4a1cf1f5024acf9d.js
fruityblox.com/_next/static/chunks/
120 KB
31 KB
Script
General
Full URL
https://fruityblox.com/_next/static/chunks/23-4a1cf1f5024acf9d.js
Requested by
Host: fruityblox.com
URL: https://fruityblox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:450e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
839d821426383cc0f978a6a20074e6f5524d23ad66f19bdb883f6874bca1cfce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1727764491&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=%2Fjnf10pzqVAbqE%2FY0%2FivZ76ZupiY%2F0uRiQwivDsq%2BuY%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
cf-cache-status
HIT
etag
W/"1e1d6-191e68b8548"
age
682081
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1727764491&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=%2Fjnf10pzqVAbqE%2FY0%2FivZ76ZupiY%2F0uRiQwivDsq%2BuY%3D"}]}
via
1.1 vegur
cf-ray
8cfb7a48bc1edcae-FRA
date
Wed, 09 Oct 2024 04:02:52 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 12 Sep 2024 14:03:09 GMT
vary
Accept-Encoding
server
cloudflare
main-app-a3a7cdb64cd3c793.js
fruityblox.com/_next/static/chunks/
462 B
543 B
Script
General
Full URL
https://fruityblox.com/_next/static/chunks/main-app-a3a7cdb64cd3c793.js
Requested by
Host: fruityblox.com
URL: https://fruityblox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:450e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
451677e8d3a09f1487633de87e119b48fd02a5fc9ea05c62c585cf607526c280

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"1ce-49773873e8"
age
12224
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UlthnYiiETsTNJR5Zx%2FA8pflC%2Fz7amRzDjdluRjaMUn11%2BuFOJ4KO7otgNX2lKnKcj6sonTWBK3ZIttUT5%2F6kR8dNSUmajYw7eR45u9sZxy1rbVrGs4H0Z4onoFAHTATwgGtXqLgrR6NlCEx"}],"group":"cf-nel","max_age":604800}
x-do-app-origin
2c6b1836-3216-475c-8e3b-1aa10125f7db
cf-ray
8cfb7a48bc21dcae-FRA
date
Wed, 09 Oct 2024 04:02:52 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
server
cloudflare
x-do-orig-status
200
173-cc427a8cb39efbb4.js
fruityblox.com/_next/static/chunks/
13 KB
5 KB
Script
General
Full URL
https://fruityblox.com/_next/static/chunks/173-cc427a8cb39efbb4.js
Requested by
Host: fruityblox.com
URL: https://fruityblox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:450e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df0f191bf67f6eef25faa560d11c11bb28c865f59ed8dd1aedcdbcaefbb876a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1727764491&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=%2Fjnf10pzqVAbqE%2FY0%2FivZ76ZupiY%2F0uRiQwivDsq%2BuY%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
cf-cache-status
HIT
etag
W/"33b4-191e68b8548"
age
682081
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1727764491&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=%2Fjnf10pzqVAbqE%2FY0%2FivZ76ZupiY%2F0uRiQwivDsq%2BuY%3D"}]}
via
1.1 vegur
cf-ray
8cfb7a48bc22dcae-FRA
date
Wed, 09 Oct 2024 04:02:52 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 12 Sep 2024 14:03:09 GMT
vary
Accept-Encoding
server
cloudflare
580-78bbd13be42fec82.js
fruityblox.com/_next/static/chunks/
16 KB
7 KB
Script
General
Full URL
https://fruityblox.com/_next/static/chunks/580-78bbd13be42fec82.js
Requested by
Host: fruityblox.com
URL: https://fruityblox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:450e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff9a865d5d8a2c1085fc75aa78c73f8a6bb8e077b0f0a45d4bc9b515d81bac1e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1727777149&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=ipX6z86uPUSlCBQVr7bInXNkkUw9YX0iNo7GeklTTxQ%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
cf-cache-status
HIT
etag
W/"3e4a-191e68b8548"
age
669422
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1727777149&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=ipX6z86uPUSlCBQVr7bInXNkkUw9YX0iNo7GeklTTxQ%3D"}]}
via
1.1 vegur
cf-ray
8cfb7a48bc24dcae-FRA
date
Wed, 09 Oct 2024 04:02:52 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 12 Sep 2024 14:03:09 GMT
vary
Accept-Encoding
server
cloudflare
998-75ffd50065bb1988.js
fruityblox.com/_next/static/chunks/
35 KB
10 KB
Script
General
Full URL
https://fruityblox.com/_next/static/chunks/998-75ffd50065bb1988.js
Requested by
Host: fruityblox.com
URL: https://fruityblox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:450e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fe77556e3c0dbb3b5cdbbb281146e90b3e574c1e6001e96662a236fdc980afd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1727764491&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=%2Fjnf10pzqVAbqE%2FY0%2FivZ76ZupiY%2F0uRiQwivDsq%2BuY%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
cf-cache-status
HIT
etag
W/"8ca1-191e68b8548"
age
682081
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1727764491&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=%2Fjnf10pzqVAbqE%2FY0%2FivZ76ZupiY%2F0uRiQwivDsq%2BuY%3D"}]}
via
1.1 vegur
cf-ray
8cfb7a48bc26dcae-FRA
date
Wed, 09 Oct 2024 04:02:52 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 12 Sep 2024 14:03:09 GMT
vary
Accept-Encoding
server
cloudflare
539-e4d9ec8ab8ec92e9.js
fruityblox.com/_next/static/chunks/
19 KB
7 KB
Script
General
Full URL
https://fruityblox.com/_next/static/chunks/539-e4d9ec8ab8ec92e9.js
Requested by
Host: fruityblox.com
URL: https://fruityblox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:450e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
189da5361106d150cda41d7b7a8904b1011c3a8bb4ebfc89e690c97722b13f41

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1727764491&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=%2Fjnf10pzqVAbqE%2FY0%2FivZ76ZupiY%2F0uRiQwivDsq%2BuY%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
cf-cache-status
HIT
etag
W/"4b48-191e68b8548"
age
682081
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1727764491&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=%2Fjnf10pzqVAbqE%2FY0%2FivZ76ZupiY%2F0uRiQwivDsq%2BuY%3D"}]}
via
1.1 vegur
cf-ray
8cfb7a48bc27dcae-FRA
date
Wed, 09 Oct 2024 04:02:52 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 12 Sep 2024 14:03:09 GMT
vary
Accept-Encoding
server
cloudflare
628-5118cb637ccd6a3f.js
fruityblox.com/_next/static/chunks/
81 KB
24 KB
Script
General
Full URL
https://fruityblox.com/_next/static/chunks/628-5118cb637ccd6a3f.js
Requested by
Host: fruityblox.com
URL: https://fruityblox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:450e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff43204d93fcd7c8e437cc7fd86ece02316fed0c4bdbfe4338a16c652449a61a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1727764491&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=%2Fjnf10pzqVAbqE%2FY0%2FivZ76ZupiY%2F0uRiQwivDsq%2BuY%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
cf-cache-status
HIT
etag
W/"14511-191e68b8548"
age
682081
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1727764491&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=%2Fjnf10pzqVAbqE%2FY0%2FivZ76ZupiY%2F0uRiQwivDsq%2BuY%3D"}]}
via
1.1 vegur
cf-ray
8cfb7a48cc29dcae-FRA
date
Wed, 09 Oct 2024 04:02:52 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 12 Sep 2024 14:03:09 GMT
vary
Accept-Encoding
server
cloudflare
layout-dd07b6e88fc76062.js
fruityblox.com/_next/static/chunks/app/
17 KB
6 KB
Script
General
Full URL
https://fruityblox.com/_next/static/chunks/app/layout-dd07b6e88fc76062.js
Requested by
Host: fruityblox.com
URL: https://fruityblox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:450e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
884a7db4bbf6b4a8989acab11a0231b639fccbb6dd2e5ca0b9ae444aca81d37b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"4296-49773873e8"
age
12224
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=isox3ndMXK1omiwDVacG5ZOepRvIt3fNVBCVGLDMkFwP7Aa4Q0xC8rTacake7i0pLNvX36sUM95xTR0%2BvBYQyNYRkkOsa8ZErv8w6GrivzJ8jHL7y4TRmGTwtHi0VjObs0I90mRaxQGWxAkU"}],"group":"cf-nel","max_age":604800}
x-do-app-origin
2c6b1836-3216-475c-8e3b-1aa10125f7db
cf-ray
8cfb7a48cc2bdcae-FRA
date
Wed, 09 Oct 2024 04:02:52 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
server
cloudflare
x-do-orig-status
200
page-0f76960aba534638.js
fruityblox.com/_next/static/chunks/app/
226 B
698 B
Script
General
Full URL
https://fruityblox.com/_next/static/chunks/app/page-0f76960aba534638.js
Requested by
Host: fruityblox.com
URL: https://fruityblox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:450e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e74c5c23cb8a0eae59750c62469c17db6f7571643c52fcd25d9019b3ba1102a7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"e2-49773873e8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JtCugbiMV0dhbCaKOp%2BV5dIII5a4Zo%2FPQGBncAyiuhvdLP6ocnJfb64Q5p5xHtZ0ki%2FVirVSVIVcQ%2FNdYAVbW1iPTerdHOeFeIRDA5yp9HHKvo2x%2BpwjsiUXF%2FElWFI4BuHk14WeYPHytYwR"}],"group":"cf-nel","max_age":604800}
x-do-app-origin
2c6b1836-3216-475c-8e3b-1aa10125f7db
cf-ray
8cfb7a48cc2ddcae-FRA
date
Wed, 09 Oct 2024 04:02:53 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
server
cloudflare
x-do-orig-status
200
js
www.googletagmanager.com/gtag/
316 KB
105 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-F55Y1PYQ4M
Requested by
Host: fruityblox.com
URL: https://fruityblox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
810936641eac77944356b79cff9fa40dc117d1fd7aac91d44856d0508a7e3c81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 09 Oct 2024 04:02:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 09 Oct 2024 04:02:52 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
107232
x-xss-protection
0
server
Google Tag Manager
image
fruityblox.com/_next/
5 KB
5 KB
Image
General
Full URL
https://fruityblox.com/_next/image?url=https%3A%2F%2Ffruityblox.s3.us-east-2.amazonaws.com%2Fdough-fruit-v2.webp&w=128&q=75
Requested by
Host: fruityblox.com
URL: https://fruityblox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:450e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f834dce9e6237cda57f3eb22a26070f536c45aee9e574cf6627149852bb705ff
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

cf-cache-status
DYNAMIC
etag
+DTc6eYjfNpX8+siomBw9TbEWu6eV0z2YnFJhSu3Bf8=
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z5yWwPDrAT8SjKP275iBEKTdS8%2Bfq31k7M%2FleOPjwI5%2BCUD1wZSdiU8UgTewvB%2FjMSHlYA50RHtrx%2FaOnvdd1npqJVBAEQYKDPjV1YAnTjpx3cnCAm4Ix8ZBDp5oJYa4OcZFVV8FS3YnsyfK"}],"group":"cf-nel","max_age":604800}
date
Wed, 09 Oct 2024 04:02:53 GMT
content-type
image/webp
vary
Accept, Accept-Encoding
content-disposition
inline; filename="dough-fruit-v2.webp"
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
cache-control
public, max-age=60, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
2c6b1836-3216-475c-8e3b-1aa10125f7db
cf-ray
8cfb7a48fca0dcae-FRA
accept-ranges
bytes
content-length
5110
x-nextjs-cache
HIT
server
cloudflare
x-do-orig-status
200
image
fruityblox.com/_next/
1 KB
2 KB
Image
General
Full URL
https://fruityblox.com/_next/image?url=https%3A%2F%2Ffruityblox.s3.us-east-2.amazonaws.com%2Frubber-fruit-v2.webp&w=64&q=75
Requested by
Host: fruityblox.com
URL: https://fruityblox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:450e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e26af5973c5086b8eb06f664f510b571c9eb16edeecb3624065c6eeb6e3c858
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

cf-cache-status
DYNAMIC
etag
niavWXPFCGuOsG9mT1ELVxyesW7e7LNiQGXG7rbjyFg=
age
18
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ygYEIEalFEjaCU73uFGs1pMASKCl7qSabWTUYVMSYXb3FecJ0ory4C%2FFoFcoe2A8WQ7mi1Nuh9k6wZ27U3skot9mWwRkisrfxTMywu3%2BxvXvacD6R5FBM9xvLNUpE5ounMqmLcYIwYjhydKi"}],"group":"cf-nel","max_age":604800}
date
Wed, 09 Oct 2024 04:02:52 GMT
content-type
image/webp
vary
Accept, Accept-Encoding
content-disposition
inline; filename="rubber-fruit-v2.webp"
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
cache-control
public, max-age=60, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
2c6b1836-3216-475c-8e3b-1aa10125f7db
cf-ray
8cfb7a48fca2dcae-FRA
accept-ranges
bytes
content-length
1474
x-nextjs-cache
HIT
server
cloudflare
x-do-orig-status
200
image
fruityblox.com/_next/
2 KB
2 KB
Image
General
Full URL
https://fruityblox.com/_next/image?url=https%3A%2F%2Ffruityblox.s3.us-east-2.amazonaws.com%2Fblizzard-fruit-v2.webp&w=64&q=75
Requested by
Host: fruityblox.com
URL: https://fruityblox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:450e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43ffb74372d4433f74c1edb086c5d8979e3832be619d0d60f21b328e58f20789
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

cf-cache-status
DYNAMIC
etag
Q-+3Q3LUQz90we2whsXYl544Mr5hnQ1g8hsyjljyB4k=
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gBUQdVVx5e7Hwg7fmPXMmg0h7QMbrMUi1LHwlE%2B5mdIMx3iGN%2BFBnW7cCo949YfVVu3ICMAro2Fr5PekYZvaGrUQIzsJ0npbLFhBFXbyFSlLsCRXKY9RDABsTrQQUw49WvwnIh9t9r781dy3"}],"group":"cf-nel","max_age":604800}
date
Wed, 09 Oct 2024 04:02:53 GMT
content-type
image/webp
vary
Accept, Accept-Encoding
content-disposition
inline; filename="blizzard-fruit-v2.webp"
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
cache-control
public, max-age=60, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
2c6b1836-3216-475c-8e3b-1aa10125f7db
cf-ray
8cfb7a48fca3dcae-FRA
accept-ranges
bytes
content-length
2012
x-nextjs-cache
HIT
server
cloudflare
x-do-orig-status
200
image
fruityblox.com/_next/
3 KB
3 KB
Image
General
Full URL
https://fruityblox.com/_next/image?url=https%3A%2F%2Ffruityblox.s3.us-east-2.amazonaws.com%2Fphoenix-fruit-v2.webp&w=64&q=75
Requested by
Host: fruityblox.com
URL: https://fruityblox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:450e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
884458b6e359d814a9bbc4b4fda7d18a5a7ff6ac7080ac8d1c6843309f6a3c17
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

cf-cache-status
DYNAMIC
etag
iERYtuNZ2BSpu8S0-afRilp-9qxwgKyNHGhDMJ9qPBc=
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h87MmjtQmJIdctbEl%2BWQkfH0lyFiIVmelcaqdZUgbnODTKxBpl0IiXzr3G5SOvlqZ%2FNV7z19ULzHZq3fbSR9VFgL0%2FCu3PXEEN%2BiO1hiFtzm3Wcqz%2FskUhCzlwz7AeCZ8oT8E4WU6yXtH3cG"}],"group":"cf-nel","max_age":604800}
date
Wed, 09 Oct 2024 04:02:53 GMT
content-type
image/webp
vary
Accept, Accept-Encoding
content-disposition
inline; filename="phoenix-fruit-v2.webp"
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
cache-control
public, max-age=60, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
2c6b1836-3216-475c-8e3b-1aa10125f7db
cf-ray
8cfb7a48fca4dcae-FRA
accept-ranges
bytes
content-length
2728
x-nextjs-cache
HIT
server
cloudflare
x-do-orig-status
200
image
fruityblox.com/_next/
2 KB
2 KB
Image
General
Full URL
https://fruityblox.com/_next/image?url=https%3A%2F%2Ffruityblox.s3.us-east-2.amazonaws.com%2Fice-fruit-v2.webp&w=64&q=75
Requested by
Host: fruityblox.com
URL: https://fruityblox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:450e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b10a50ed245b4f0751ec5f800bfe38a343b851cc1604574246f772b16c007b9f
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

cf-cache-status
DYNAMIC
etag
sQpQ7SRbTwdR7F+AC-44o0O4UcwWBFdCRvdysWwAe58=
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ArTzbzbt49SF4vnD9jjSxsGo0fYQEkyj7mjKoZZNg2T8VPCMdKCzddliIOIWiBzrOTKm68HMgvqviHT6o40cfUsZFbNRY84UHqf8J5aA0ucZnATxudPfGm8zecjYn%2FWMyxcqvyJgf8u87pMs"}],"group":"cf-nel","max_age":604800}
date
Wed, 09 Oct 2024 04:02:53 GMT
content-type
image/webp
vary
Accept, Accept-Encoding
content-disposition
inline; filename="ice-fruit-v2.webp"
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
cache-control
public, max-age=60, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
2c6b1836-3216-475c-8e3b-1aa10125f7db
cf-ray
8cfb7a48fca6dcae-FRA
accept-ranges
bytes
content-length
2004
x-nextjs-cache
HIT
server
cloudflare
x-do-orig-status
200
image
fruityblox.com/_next/
2 KB
3 KB
Image
General
Full URL
https://fruityblox.com/_next/image?url=https%3A%2F%2Ffruityblox.s3.us-east-2.amazonaws.com%2Fmammoth-fruit-v2.webp&w=64&q=75
Requested by
Host: fruityblox.com
URL: https://fruityblox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:450e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdf76f56a456ea18bc9b5d02d0b7d95e0a50fff6b74f5597cb3eaa39a1a34a53
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

cf-cache-status
DYNAMIC
etag
zfdvVqRW6hi8m10C0LfZXgpQ--a3T1WXyz6qOaGjSlM=
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IHms%2FgF03KjsUTY8ynWcU1V8JnIjIjO33OCymvkkDTYxPZmRF%2BFFbq8GKNdfSStnUBxAE1qGQER7giQlTlwIj02RLSTzR0rKiaT7Cm%2BLQBpEnqkwDV2ofxrxZNz0OOQKdK5AcNVNytoGigbU"}],"group":"cf-nel","max_age":604800}
date
Wed, 09 Oct 2024 04:02:53 GMT
content-type
image/webp
vary
Accept, Accept-Encoding
content-disposition
inline; filename="mammoth-fruit-v2.webp"
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
cache-control
public, max-age=60, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
2c6b1836-3216-475c-8e3b-1aa10125f7db
cf-ray
8cfb7a48fca7dcae-FRA
accept-ranges
bytes
content-length
2294
x-nextjs-cache
HIT
server
cloudflare
x-do-orig-status
200
image
fruityblox.com/_next/
2 KB
2 KB
Image
General
Full URL
https://fruityblox.com/_next/image?url=https%3A%2F%2Ffruityblox.s3.us-east-2.amazonaws.com%2Fsound-fruit-v2.webp&w=64&q=75
Requested by
Host: fruityblox.com
URL: https://fruityblox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:450e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7da14710211aa64af6de8771676c7d8e961e30c2d6d8616dd3640a2eb31fe72e
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

cf-cache-status
DYNAMIC
etag
faFHECEapkr23odxZ2x9jpYeMMLW2GFt02QKLrMf5y4=
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=svgFlA5Y2A1iPB8duZp8Q8lmrwIxtC84Mhhq9FdN71i%2F5Y1Z8btuKHW4uIeVt0OEx47kl%2FHmWiJP8ijvmES2dMJtXV044JHCSs7jTwq4mhDjuclrCcjOg%2FzNVn6Pa5voFIkCXymgJ9e6aZEJ"}],"group":"cf-nel","max_age":604800}
date
Wed, 09 Oct 2024 04:02:53 GMT
content-type
image/webp
vary
Accept, Accept-Encoding
content-disposition
inline; filename="sound-fruit-v2.webp"
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
cache-control
public, max-age=60, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
2c6b1836-3216-475c-8e3b-1aa10125f7db
cf-ray
8cfb7a48fca8dcae-FRA
accept-ranges
bytes
content-length
1836
x-nextjs-cache
HIT
server
cloudflare
x-do-orig-status
200
image
fruityblox.com/_next/
2 KB
2 KB
Image
General
Full URL
https://fruityblox.com/_next/image?url=https%3A%2F%2Ffruityblox.s3.us-east-2.amazonaws.com%2Fkitsune-fruit-v2.webp&w=64&q=75
Requested by
Host: fruityblox.com
URL: https://fruityblox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:450e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf6875cec7c75016fb85e9307a6d6d6b942ecb545d81fa75b2496341eb8bd0a9
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

cf-cache-status
DYNAMIC
etag
z2h1zsfHUBb7hekwem1ta5Quy1Rdgfp1skljQeuL0Kk=
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JNKdtnokO7miLdwS3nhRUd8y1CA30r61OpAFQLunkd7W%2FdvT7Hn5nlY0bGJsZMSsJNg8azW5Xv8aqgqObE6LzBu8k1pc3%2BouTTlD78YBeuhtIppLB6wac9r8EG8gDJhJGpseRtihQXNF2TWE"}],"group":"cf-nel","max_age":604800}
date
Wed, 09 Oct 2024 04:02:53 GMT
content-type
image/webp
vary
Accept, Accept-Encoding
content-disposition
inline; filename="kitsune-fruit-v2.webp"
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
cache-control
public, max-age=60, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
2c6b1836-3216-475c-8e3b-1aa10125f7db
cf-ray
8cfb7a48fca9dcae-FRA
accept-ranges
bytes
content-length
1892
x-nextjs-cache
MISS
server
cloudflare
x-do-orig-status
200
image
fruityblox.com/_next/
2 KB
2 KB
Image
General
Full URL
https://fruityblox.com/_next/image?url=https%3A%2F%2Ffruityblox.s3.us-east-2.amazonaws.com%2Ft-rex-fruit-v2.webp&w=64&q=75
Requested by
Host: fruityblox.com
URL: https://fruityblox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:450e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efbcc550c38ce1a515c55b59379abbe61611bbf4f8be1da5a63f0a2c6dc62d6a
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

cf-cache-status
DYNAMIC
etag
77zFUMOM4aUVxVtZN5q75hYRu-T4vh2lpj8KLG3GLWo=
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wDsabd4gI47vADlwaawtApCsCOyEI5BjbnhG%2BHJxe35UOZbipkqM8b5VpUoBRE1WgaLX1jPytw3hG5GyUpELt2kTfsRs5Z7BDjmqyDGgFPN9bZ8ZYXNUPv6v%2B%2F%2FZ0gVcHodkCgdw2Nsv3t2H"}],"group":"cf-nel","max_age":604800}
date
Wed, 09 Oct 2024 04:02:53 GMT
content-type
image/webp
vary
Accept, Accept-Encoding
content-disposition
inline; filename="t-rex-fruit-v2.webp"
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
cache-control
public, max-age=60, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
2c6b1836-3216-475c-8e3b-1aa10125f7db
cf-ray
8cfb7a48fcabdcae-FRA
accept-ranges
bytes
content-length
1990
x-nextjs-cache
HIT
server
cloudflare
x-do-orig-status
200
image
fruityblox.com/_next/
251 KB
251 KB
Image
General
Full URL
https://fruityblox.com/_next/image?url=https%3A%2F%2Ffruitybloxmedia.b-cdn.net%2Fwp-content%2Fuploads%2F2024%2F08%2FDALL%C2%B7E-2024-08-09-18.38.51-Create-a-16x9-Roblox-GFX-art-featuring-an-anime-pirate-with-powerful-fruits.-The-pirate-should-have-an-anime-inspired-look-with-a-pirate-hat-a-long-.webp&w=1920&q=75
Requested by
Host: fruityblox.com
URL: https://fruityblox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:450e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ca48ae11f273315a879cc4564ace1bb46064dda4ac87b4476e6e9ace545ee86
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

cf-cache-status
DYNAMIC
etag
XKSK4R8nMxWoecxFZKzhu0YGTdpKyHtEdubprOVF7oY=
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b4ZUnrvtWGwWhR9kB9iL%2BeYyK6NL1Gtv8NPNXkQ0%2BaVM%2FbSc%2B0NbaO72aOa1aR%2FPnFPEZAadXELdXHO75QJZR1Vd%2BPV8kyN%2FsiV%2FnRJfz5i63NrHrfRJ3h36q0PjIaoSvWk9gGxbl%2F3qfFyr"}],"group":"cf-nel","max_age":604800}
date
Wed, 09 Oct 2024 04:02:54 GMT
content-type
image/webp
vary
Accept, Accept-Encoding
content-disposition
inline; filename="DALL%C2%B7E-2024-08-09-18.webp"; filename*=UTF-8''DALL%25C2%25B7E-2024-08-09-18.webp
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
cache-control
public, max-age=31536000, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
2c6b1836-3216-475c-8e3b-1aa10125f7db
cf-ray
8cfb7a48fcaddcae-FRA
accept-ranges
bytes
content-length
256542
x-nextjs-cache
MISS
server
cloudflare
x-do-orig-status
200
image
fruityblox.com/_next/
85 KB
86 KB
Image
General
Full URL
https://fruityblox.com/_next/image?url=https%3A%2F%2Ffruitybloxmedia.b-cdn.net%2Fwp-content%2Fuploads%2F2024%2F07%2Fupdate24-featured.webp&w=1920&q=75
Requested by
Host: fruityblox.com
URL: https://fruityblox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:450e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07f24e3c109693fdb0f17baca149efc793e31296fa50b5e9480adf89c33263ac
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

cf-cache-status
DYNAMIC
etag
B-JOPBCWk-2w8XusoUnvx5PjEpb6ULXpSArficMyY6w=
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g2dG%2Bkq0Sa5f24c1RoprU8XHIYDdgXVisBhX%2BRoXx%2FJHXZ4oJBP%2FRXZ2C5pFAcgNahLkp%2B6FFe%2B7lptpOkBxrbJG0grgMxFx1ErKVfOBapJHKIJwWzyPRU3Kptzf9YsK%2FNeFd7TGBHf2E3DS"}],"group":"cf-nel","max_age":604800}
date
Wed, 09 Oct 2024 04:02:53 GMT
content-type
image/webp
vary
Accept, Accept-Encoding
content-disposition
inline; filename="update24-featured.webp"
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
cache-control
public, max-age=31536000, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
2c6b1836-3216-475c-8e3b-1aa10125f7db
cf-ray
8cfb7a48fcaedcae-FRA
accept-ranges
bytes
content-length
87276
x-nextjs-cache
MISS
server
cloudflare
x-do-orig-status
200
ramp.js
cdn.intergient.com/1024600/74335/
39 KB
8 KB
Script
General
Full URL
https://cdn.intergient.com/1024600/74335/ramp.js
Requested by
Host: fruityblox.com
URL: https://fruityblox.com/_next/static/chunks/app/layout-dd07b6e88fc76062.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1438 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1a5c165297b3e11314fe4a9141854cab0ae4379f757d2436bca362fbf78754e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

last-modified
Wed, 09 Oct 2024 04:00:46 GMT
hw-country-code
DE
cache-control
max-age=600, public, must-revalidate
content-encoding
br
cf-cache-status
HIT
age
127
via
1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
cf-ray
8cfb7a4b9d8dbb79-FRA
x-cache
Hit from cloudfront
x-amz-cf-id
hRbVAd6tWGP-jwOpoKxLzrFp7CZ73tmDXjbRsD5sgaEGk6zdWQSksQ==
date
Wed, 09 Oct 2024 04:02:53 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
x-amz-cf-pop
FRA60-P2
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-F55Y1PYQ4M&gtm=45je4a70v9115994205za200&_p=1728446573211&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101529665~101671035~101747727&cid=589138767.1728446573&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1728446573&sct=1&seg=0&dl=https%3A%2F%2Ffruityblox.com%2F&dt=FruityBlox%20-%20%231%20Blox%20Fruits%20Values%20%26%20Trading%20Website&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=754
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F55Y1PYQ4M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://fruityblox.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 09 Oct 2024 04:02:53 GMT
content-type
text/plain
server
Golfe2
favicon.png
fruityblox.com/
6 KB
6 KB
Other
General
Full URL
https://fruityblox.com/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:450e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24bbf9d141105072b4cbeba1f36575cefbdcdd83e00693d2384dbc7353715950

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
etag
W/"178c-49773873e8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2sutu%2FTY0B%2FHfrs6XA4OyHknkRp7u9cjRsLhw57UZJspjQ8I0xPhGkd6ZkCG4y31me3NF1skhEa1AHvk4UDpEjj7pl71n%2FqlMKuwYcpiNcsEhHsoeoUEoXV6In7eHCxeiif6BEGAew1rTKk3"}],"group":"cf-nel","max_age":604800}
x-do-app-origin
2c6b1836-3216-475c-8e3b-1aa10125f7db
cf-ray
8cfb7a4b9919dcae-FRA
accept-ranges
bytes
content-length
6028
date
Wed, 09 Oct 2024 04:02:53 GMT
content-type
image/png
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
vary
Accept-Encoding
server
cloudflare
x-do-orig-status
200
ba00070b16b2b4ec651b94223a2381.js
faucetfoot.com/dist/ab5e7cbe/
67 KB
24 KB
Script
General
Full URL
https://faucetfoot.com/dist/ab5e7cbe/ba00070b16b2b4ec651b94223a2381.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/1024600/74335/ramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:196f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
602c4f32e477c4d38eb7153dccea3a21a025a25e844a3432897286efec4c093d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

content-encoding
br
cf-cache-status
MISS
etag
W/"bbc6a32346b580b455859aebaf5b7d778bc313eb54762acf9e7fd118141d9c7f"
x-buildname
hoothoot
x-hostname
fen-hoothoot-europe-west1-spot-k7vg
date
Wed, 09 Oct 2024 04:02:53 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding, Accept-Language
strict-transport-security
max-age=15724800; preload
cache-control
private, must-revalidate, max-age=21600
timing-allow-origin
*
x-datacenter
gce-europe-west1
via
1.1 google
cf-ray
8cfb7a4c9ab14d93-FRA
x-buildnumber
1467201897
server
cloudflare
gpt.js
securepubads.g.doubleclick.net/tag/js/
105 KB
33 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/1024600/74335/ramp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a8702a907071137d4b70ca12957ae2fc72fa8cfecb38d2fbcbc457d71fbce191
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

content-encoding
br
etag
3 / 20005 / m202410030101 / config-hash: 16541090307924995831
x-content-type-options
nosniff
expires
Wed, 09 Oct 2024 04:02:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 09 Oct 2024 04:02:53 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33251
x-xss-protection
0
server
cafe
prebid.js.br
cdn.intergi.com/prebid/
521 KB
164 KB
Script
General
Full URL
https://cdn.intergi.com/prebid/prebid.js.br
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/1024600/74335/ramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b22add6e87c4f2dda0208221cf5d82670ca739f91ac91827d390894538aacf7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
tijubuJvcERDyjc9eOgsc_1oOwfrljZy
etag
W/"922890e5c3714427691aa4b5d75bc0e4"
age
1631
x-cache
Hit from cloudfront
x-amz-cf-id
tMyCTn-oM4unRyYdwpfmyV_L0hb_-V6DakxScxYd0cy9AqOvBbGqMQ==
date
Wed, 09 Oct 2024 04:02:53 GMT
content-type
text/javascript
last-modified
Wed, 28 Aug 2024 15:24:21 GMT
vary
Accept-Encoding
via
1.1 de6671ea5841a2036c9c6a7b40daeba0.cloudfront.net (CloudFront)
cf-ray
8cfb7a4c9ec42d04-FRA
x-amz-cf-pop
WAW51-P5
server
cloudflare
x-amz-server-side-encryption
AES256
ramp_core.js
cdn.intergient.com/
3 KB
1 KB
Script
General
Full URL
https://cdn.intergient.com/ramp_core.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/1024600/74335/ramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1438 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed5e7b238fcf0e93b89e5874ee93e0c35f191f9adf2756d8b8966d5446702fa6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

hw-country-code
DE
cache-control
max-age=600, public, must-revalidate
content-encoding
br
cf-cache-status
DYNAMIC
via
1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
cf-ray
8cfb7a4bddb4bb79-FRA
x-cache
Miss from cloudfront
x-amz-cf-id
MNv23y_bxvgUbGZuQZ7JTMZhmz3-enA9bz1bUMvLDT8lvlsZBIqMaw==
date
Wed, 09 Oct 2024 04:02:53 GMT
x-lambda-function
us-east-1.pageos_production:642
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
x-amz-cf-pop
FRA60-P2
pageos.js
cdn.intergient.com/pageos/1.10.66/
399 B
490 B
Script
General
Full URL
https://cdn.intergient.com/pageos/1.10.66/pageos.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp_core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1438 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dac2c66001dfa2eab951b19ea96e78988116619988b5b9c9e03c710e3051cca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"1938b6a1c193ad25082c043df4641595"
age
565940
x-cache
Hit from cloudfront
x-amz-cf-id
1z0hYQmsbYZgy2LS2DOWLpBmtafI2n7q0JOCZKmZ1oR0px626LYHfw==
date
Wed, 09 Oct 2024 04:02:53 GMT
content-type
text/javascript
last-modified
Wed, 25 Sep 2024 13:45:28 GMT
vary
Accept-Encoding
hw-country-code
DE
cache-control
public, max-age=31536000
via
1.1 4b07e670df891a80bcae1d5be052af3c.cloudfront.net (CloudFront)
cf-ray
8cfb7a4c9e30bb79-FRA
x-amz-cf-pop
FRA60-P2
server
cloudflare
x-amz-server-side-encryption
AES256
runtime.2aec7b9168e3a654b7ed.js
cdn.intergient.com/pageos/1.10.66/
3 KB
2 KB
Script
General
Full URL
https://cdn.intergient.com/pageos/1.10.66/runtime.2aec7b9168e3a654b7ed.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.66/pageos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1438 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70edfb738d1f40a4763d693dbfa9f8dbbc98a9718d5cfed3f100e245ad5b97a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"95ce939712e08fc038d3e16d2c66b458"
age
565939
x-cache
Hit from cloudfront
x-amz-cf-id
JsUbkd4Jtr3yMqjAenssZgNEP62zsP1nKYD1-80_E0iN6B20CV1JDg==
date
Wed, 09 Oct 2024 04:02:53 GMT
content-type
text/javascript
last-modified
Wed, 25 Sep 2024 13:45:28 GMT
vary
Accept-Encoding
hw-country-code
DE
cache-control
public, max-age=31536000
via
1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront)
cf-ray
8cfb7a4cce4ebb79-FRA
x-amz-cf-pop
FRA60-P2
server
cloudflare
x-amz-server-side-encryption
AES256
main.f1429b5c5c52496a7fd4.js
cdn.intergient.com/pageos/1.10.66/
202 KB
64 KB
Script
General
Full URL
https://cdn.intergient.com/pageos/1.10.66/main.f1429b5c5c52496a7fd4.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.66/pageos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1438 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9962996206f2161b1661fd4962f0b79c31b42735eb0c2c6a501d2aa527e1eff6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"cecdf8be5edc9c3a29aa8e7133c099d6"
age
611554
x-cache
Hit from cloudfront
x-amz-cf-id
8i2VIuu7L2_u13bMseeNoxgp83Rptjt8rvlXzHnGpRjONbVKPJXDmA==
date
Wed, 09 Oct 2024 04:02:53 GMT
content-type
text/javascript
last-modified
Wed, 25 Sep 2024 13:45:28 GMT
vary
Accept-Encoding
hw-country-code
DE
cache-control
public, max-age=31536000
via
1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
cf-ray
8cfb7a4cce4fbb79-FRA
x-amz-cf-pop
FRA60-P2
server
cloudflare
x-amz-server-side-encryption
AES256
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410030101/
483 KB
150 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410030101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
687524cde30fe73542b07a1b40a9e4217e6080ca31489a89c22f027fb758f8e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

content-encoding
br
etag
5163995724407734425
age
72585
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 07:53:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 08 Oct 2024 07:53:08 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
153279
x-xss-protection
0
server
cafe
skeleton.gif
static.adsafeprotected.com/
43 B
480 B
Image
General
Full URL
https://static.adsafeprotected.com/skeleton.gif?adspot_id=wtjae_728x90_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:9600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
age
3662
x-cache
Hit from cloudfront
x-amz-cf-id
3B1gbFw8jVdok_ByaU3LVoCgdmqBqmf2Ko4uZE4_sLLlqBiORDNhIA==
date
Wed, 09 Oct 2024 03:01:52 GMT
content-type
image/gif
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=315360000
via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
43
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
videoCard.5ed8eb34c11835040def.js
cdn.intergient.com/pageos/1.10.66/
559 B
521 B
Script
General
Full URL
https://cdn.intergient.com/pageos/1.10.66/videoCard.5ed8eb34c11835040def.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.66/runtime.2aec7b9168e3a654b7ed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1438 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
795041923e6338abe450ff9524ef70fd40432f278f32c9c35cdbb08239574fb1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"6880c1609e3243c11c7b4f1285e14d89"
age
1038730
x-cache
Hit from cloudfront
x-amz-cf-id
fq3HK915po1bNiCJj5E_8Hipc_JFmCa85KAQsfMKp1w-OqvNsrX5NA==
date
Wed, 09 Oct 2024 04:02:53 GMT
content-type
text/javascript
last-modified
Wed, 25 Sep 2024 13:45:28 GMT
vary
Accept-Encoding
hw-country-code
DE
cache-control
public, max-age=31536000
via
1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
cf-ray
8cfb7a4d4eb1bb79-FRA
x-amz-cf-pop
FRA60-P2
server
cloudflare
x-amz-server-side-encryption
AES256
iframe.html
cdn.intergient.com/pageos/1.10.66/iframe/ Frame 9889
0
0
Document
General
Full URL
https://cdn.intergient.com/pageos/1.10.66/iframe/iframe.html
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.66/main.f1429b5c5c52496a7fd4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1538 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://fruityblox.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
611553
cache-control
public, max-age=31536000
cf-cache-status
HIT
cf-ray
8cfb7a4daf519957-FRA
content-encoding
br
content-type
text/html
date
Wed, 09 Oct 2024 04:02:53 GMT
hw-country-code
DE
last-modified
Wed, 25 Sep 2024 13:45:28 GMT
server
cloudflare
vary
Accept-Encoding
via
1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
x-amz-cf-id
BYcqO_aynjeRMov4MFQpEZxcERn9aD41zWJlq_DcWRChKcpvmCZiow==
x-amz-cf-pop
FRA60-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
styles.css
config.playwire.com/1024600/v2/websites/74335/
2 KB
2 KB
Stylesheet
General
Full URL
https://config.playwire.com/1024600/v2/websites/74335/styles.css
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.66/main.f1429b5c5c52496a7fd4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a331e217b8dbe8f5f940c40bdab4a708dc38ebddf0c9494d2686219fe84e6960

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
277
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1728412747&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=bumpsKaOBQAZHAS4lI%2ButqaiZu8Ftyng6rGMR%2F0Lgzg%3D"}]}
x-cache
Hit from cloudfront
x-amz-cf-id
v2L6QqNaddYBSxfzeDyd3EoT73tJ1Om1ihvpXKl-9LMPh0ApjCn6tQ==
date
Wed, 09 Oct 2024 04:02:53 GMT
last-modified
Wed, 09 Oct 2024 03:58:16 GMT
content-type
text/css
vary
Accept-Encoding,Origin
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1728412747&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=bumpsKaOBQAZHAS4lI%2ButqaiZu8Ftyng6rGMR%2F0Lgzg%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=86400
via
1.1 vegur, 1.1 08f9b351f61685659ad70b790734f9b0.cloudfront.net (CloudFront)
cf-ray
8cfb7a4dbb23d412-FRA
x-amz-cf-pop
VIE50-P2
server
cloudflare
gdpr.7cd13264b394b9b4f82e.js
cdn.intergient.com/pageos/1.10.66/
5 KB
2 KB
Script
General
Full URL
https://cdn.intergient.com/pageos/1.10.66/gdpr.7cd13264b394b9b4f82e.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.66/runtime.2aec7b9168e3a654b7ed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1438 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
488fc490455a5a09c9262dc8b826c02a80b206608aa1577e2f4e3c64bc6183c1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"c4ad5cd6a9fda5a11571578508958b35"
age
1145282
x-cache
Hit from cloudfront
x-amz-cf-id
1jtMEqBQZm1XnKIPI6qK1K7zvD3k2pHqtT0TYmGmNcueA39Wd25byw==
date
Wed, 09 Oct 2024 04:02:53 GMT
content-type
text/javascript
last-modified
Wed, 25 Sep 2024 13:45:28 GMT
vary
Accept-Encoding
hw-country-code
DE
cache-control
public, max-age=31536000
via
1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
cf-ray
8cfb7a4d6ec2bb79-FRA
x-amz-cf-pop
FRA60-P2
server
cloudflare
x-amz-server-side-encryption
AES256
GDPR
impression-inferences-edge-prod.playwire.com/websites/74335/v1/Wed/0/desktop/Chrome/
1 KB
621 B
XHR
General
Full URL
https://impression-inferences-edge-prod.playwire.com/websites/74335/v1/Wed/0/desktop/Chrome/GDPR
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.66/main.f1429b5c5c52496a7fd4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2670:aa00:b:99e7:bb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
9d05a353cef910b080a2c19ea3ef5d5c629883233550b47f4e3b6f172faabbb2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

cache-control
max-age=3600, public, must-revalidate
access-control-expose-headers
*
content-encoding
br
age
164
via
1.1 f9b794511293751fa3df3ec945ab397e.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
UuKVHAjZODWrAVHY2bAxvMn-RcDWascbkaDyZytiAhwBVh10Kw9JPQ==
date
Wed, 09 Oct 2024 04:00:09 GMT
content-type
application/json
vary
Accept-Encoding
server
CloudFront
x-amz-cf-pop
FRA56-P9
tag
btloader.com/
110 KB
31 KB
Script
General
Full URL
https://btloader.com/tag?o=5150306120761344&upapi=true
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.66/main.f1429b5c5c52496a7fd4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30d99eee3a44e87c88e0d9329797bc7d7252e13f0b7cacf440b8ff63ff4d80e5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

x-robots-tag
noindex, nofollow
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
content-encoding
gzip
cf-cache-status
HIT
etag
"a07ca1ee7f094c2ee9a3db0c3f6500c0"
age
479
via
1.1 google
cf-ray
8cfb7a4dbc692c7b-FRA
accept-ranges
bytes
content-length
31281
date
Wed, 09 Oct 2024 04:02:53 GMT
content-type
application/javascript
last-modified
Wed, 09 Oct 2024 03:51:20 GMT
vary
Origin, Accept-Encoding
server
cloudflare
pixel.gif
px.moatads.com/
27 B
27 B
Image
General
Full URL
https://px.moatads.com/pixel.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.28.89.220 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-89-220.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5607bc0b49036b5f13acf3f5767e0fb2fb947f5369bda253939e78e2b11f85b4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Connection
keep-alive
Expires
Wed, 09 Oct 2024 04:02:53 GMT
Content-Length
27
Date
Wed, 09 Oct 2024 04:02:53 GMT
AK-GRN
0.0ab31402.1728446573.12b53e4e
Content-Type
text/html
154013155
fundingchoicesmessages.google.com/i/
200 KB
66 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/154013155?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
50c5d718203e922d95c3e825dab745dd4c6a972dc9c6f2428cadee48cd152d71
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-S8M8Ho-88LcFeajhqSZ56g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 09 Oct 2024 04:02:53 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmLw1JBiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B2JDhUuszkDsWHSJ1ROIVXsusZoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYWIL7ddIX1MRAL8XC8bZixg01gxqVlXcxKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJoYGBuZ6BobxBQYAOy1KMA"
content-security-policy
script-src 'report-sample' 'nonce-S8M8Ho-88LcFeajhqSZ56g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
px.gif
ad-delivery.net/
43 B
341 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
685729
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aRppwzwuihb1vQacivprX3yYI9nzP3NiA%2B0S1skZ3HmVOMrJBESwxhbqVGdIe1%2F6WHtf1QjA9%2BEMrQVEBZ6WI6iZEdmzKSmQ7iE5IoSQ%2F1HrGk4KtcI%2BS6oqSUmrZNsOgGhH4Ou05tRRwCN0LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Tue, 01 Oct 2024 06:06:13 GMT
x-goog-stored-content-length
43
date
Wed, 09 Oct 2024 04:02:53 GMT
content-type
image/gif
last-modified
Wed, 05 May 2021 19:25:32 GMT
vary
Accept-Encoding
x-guploader-uploadid
AD-8ljuOLkODf00KOP9lNn69IZ3IvtrVwKAv_5ZFceL-TlyY0jpaqhvRcaGbAYLLhl-MKeYoWus_Atd1NQ
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8cfb7a4e4904dc4e-FRA
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
favicon.ico
ad.doubleclick.net/
1 KB
130 B
Image
General
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

content-encoding
gzip
age
23749
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Wed, 09 Oct 2024 21:27:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 21:27:04 GMT
last-modified
Tue, 08 May 2012 13:08:06 GMT
content-type
image/x-icon
vary
Accept-Encoding
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
104
x-xss-protection
0
server
sffe
px.gif
ad-delivery.net/
43 B
926 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.43205915922079785
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
685729
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mqF9PcXI%2BxD%2FYpvacYyULV7YlbHXZEBsb7Pdf7kanMR2tMjA5uzLz3%2BGuLrKlKCrWki%2F82DMvNZ0Mo5fK%2B15Q0W0sVAPF4O%2FzHcFKRJJEP4Zk2nOLGqoRBLzkc2lmRfsi%2B9RMoClJb%2FALYwWGA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Tue, 01 Oct 2024 06:06:13 GMT
x-goog-stored-content-length
43
date
Wed, 09 Oct 2024 04:02:53 GMT
content-type
image/gif
last-modified
Wed, 05 May 2021 19:25:32 GMT
vary
Accept-Encoding
x-guploader-uploadid
AD-8ljuOLkODf00KOP9lNn69IZ3IvtrVwKAv_5ZFceL-TlyY0jpaqhvRcaGbAYLLhl-MKeYoWus_Atd1NQ
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8cfb7a4e4903dc4e-FRA
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
country
api.btloader.com/
37 B
215 B
Fetch
General
Full URL
https://api.btloader.com/country?o=5150306120761344
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5150306120761344&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
date
Wed, 09 Oct 2024 04:02:53 GMT
content-type
application/json
vary
Origin
pv
api.btloader.com/
0
66 B
XHR
General
Full URL
https://api.btloader.com/pv?tid=9K1I08pIF&w=5075835129692160&o=5150306120761344&cv=2.1.59-1-g78ed83d&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Ffruityblox.com%2F&sid=P6oXZ5Coq&pm=true&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5150306120761344&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

via
1.1 google
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 09 Oct 2024 04:02:53 GMT
vary
Origin
AGSKWxWm7FIMBRjWJUhF4mC-MjxIDLMDMQPgW0ALSTvuxnpnzzWN80LrJDKWzgMlTQVp5pvK5LvVF0vLexlXfJqxULW8w2XdYeqa17aJ0gIB5bMYwDhf3WZYRw8ZSBJlvkGIMQKnpt8T6w==
fundingchoicesmessages.google.com/f/
695 KB
88 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWm7FIMBRjWJUhF4mC-MjxIDLMDMQPgW0ALSTvuxnpnzzWN80LrJDKWzgMlTQVp5pvK5LvVF0vLexlXfJqxULW8w2XdYeqa17aJ0gIB5bMYwDhf3WZYRw8ZSBJlvkGIMQKnpt8T6w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI4NDQ2NTczLDkwMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9mcnVpdHlibG94LmNvbS8iLG51bGwsW1s4LCJQV3Fob2hRR0VwZyJdLFs5LCJkZSJdLFsxOSwiMSJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.PWqhohQGEpg.es5.O/am=YDA/d=1/rs=AJlcJMyJUrx9Waw-78Qx3w-p0DHWZKZhsw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
118f1014497b064a5b8ab5d4da690a3a5d883e8a2e2de6885d79854346463a5f
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-2Per7hJty1TDC1NFJ4U9Uw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 09 Oct 2024 04:02:53 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjqtDikmLw15BiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B2JDhUuszkDsWHSJ1ROIVXsusZoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYWIL7ddIX1MRAL8XC8bZixg02gYfPJa8xKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJoYGBuZ6BobxBQYASHJKbg"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-2Per7hJty1TDC1NFJ4U9Uw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
26dd01cab3ba_c9c01e8b393e0e6289cdc04720606199e558601ad0
faucetfoot.com/post/
303 B
749 B
Fetch
General
Full URL
https://faucetfoot.com/post/26dd01cab3ba_c9c01e8b393e0e6289cdc04720606199e558601ad0
Requested by
Host: faucetfoot.com
URL: https://faucetfoot.com/dist/ab5e7cbe/ba00070b16b2b4ec651b94223a2381.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:196f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a34cc4d61246877aa3e5b705e8eab9351abb00be756c0c88f7a74c17124695e8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://fruityblox.com/

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
x-buildname
hoothoot
access-control-allow-methods
POST, OPTIONS
x-hostname
fen-hoothoot-europe-west1-spot-k7vg
expires
Wed, 09 Oct 2024 04:02:52 GMT
date
Wed, 09 Oct 2024 04:02:54 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding, Origin
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
strict-transport-security
max-age=15724800; preload
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
access-control-allow-credentials
true
x-datacenter
gce-europe-west1
via
1.1 google
cf-ray
8cfb7a4f4dffd275-FRA
access-control-allow-origin
https://fruityblox.com
x-buildnumber
1467201897
server
cloudflare
27dd01cab3ba_c9c01e8b393e0e6289cdc04720606199e558601ad0
faucetfoot.com/
3 B
93 B
Fetch
General
Full URL
https://faucetfoot.com/27dd01cab3ba_c9c01e8b393e0e6289cdc04720606199e558601ad0
Requested by
Host: faucetfoot.com
URL: https://faucetfoot.com/dist/ab5e7cbe/ba00070b16b2b4ec651b94223a2381.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:196f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://fruityblox.com/

Response headers

cf-cache-status
DYNAMIC
x-buildname
hoothoot
access-control-allow-methods
POST, OPTIONS
x-hostname
fen-hoothoot-europe-west1-spot-k7vg
expires
Wed, 09 Oct 2024 04:02:53 GMT
date
Wed, 09 Oct 2024 04:02:54 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding, Origin
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
strict-transport-security
max-age=15724800; preload
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
access-control-allow-credentials
true
x-datacenter
gce-europe-west1
via
1.1 google
cf-ray
8cfb7a4fbe9ed275-FRA
access-control-allow-origin
https://fruityblox.com
content-length
3
x-buildnumber
1467201897
server
cloudflare
css
fonts.googleapis.com/
111 KB
6 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.PWqhohQGEpg.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMy2amyzmrTjPeB3T_DHWv8ei_NGvg/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e76305d106f1ca56316b5c5d4ac4212034c6ca81530643f61a148fa0eee724d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fruityblox.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 09 Oct 2024 04:02:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 09 Oct 2024 04:02:54 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 09 Oct 2024 04:02:54 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://fruityblox.com
Referer
https://fruityblox.com/

Response headers

age
72219
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 07:59:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 07:59:15 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/
125 KB
125 KB
Font
General
Full URL
https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://fruityblox.com
Referer
https://fruityblox.com/

Response headers

age
76773
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 06:43:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 06:43:21 GMT
last-modified
Mon, 08 Apr 2024 19:04:47 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
128352
x-xss-protection
0
server
sffe
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
0
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://fruityblox.com
Referer
https://fruityblox.com/

Response headers

age
72219
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 07:59:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 07:59:15 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
AGSKWxUg6sYh-wG-qSJBNbOl5XdDwE3dgBzdOoveNQCY8maYmY6Lzi6Hb6KukutmVZsLcvklBJkyZGHoMK20NGTpL9a0LQI19O3VAXvCdgPmYuov5y41n6vMty1mZcP7iTDVQ9TxboSGqg==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUg6sYh-wG-qSJBNbOl5XdDwE3dgBzdOoveNQCY8maYmY6Lzi6Hb6KukutmVZsLcvklBJkyZGHoMK20NGTpL9a0LQI19O3VAXvCdgPmYuov5y41n6vMty1mZcP7iTDVQ9TxboSGqg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.PWqhohQGEpg.es5.O/am=YDA/d=1/rs=AJlcJMyJUrx9Waw-78Qx3w-p0DHWZKZhsw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-z6GA1NT_uo5JLTjUhJFu1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://fruityblox.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 09 Oct 2024 04:02:54 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw0gDi9BmsAUDsrnWR1R-Iv-65xPoXiPd-vMR6FIiFuDneNczYwSbwY9JHZyWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkYmhgYK5nYB5fYAAAs64vMw"
content-security-policy
script-src 'report-sample' 'nonce-z6GA1NT_uo5JLTjUhJFu1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://fruityblox.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxUg6sYh-wG-qSJBNbOl5XdDwE3dgBzdOoveNQCY8maYmY6Lzi6Hb6KukutmVZsLcvklBJkyZGHoMK20NGTpL9a0LQI19O3VAXvCdgPmYuov5y41n6vMty1mZcP7iTDVQ9TxboSGqg==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUg6sYh-wG-qSJBNbOl5XdDwE3dgBzdOoveNQCY8maYmY6Lzi6Hb6KukutmVZsLcvklBJkyZGHoMK20NGTpL9a0LQI19O3VAXvCdgPmYuov5y41n6vMty1mZcP7iTDVQ9TxboSGqg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.PWqhohQGEpg.es5.O/am=YDA/d=1/rs=AJlcJMyJUrx9Waw-78Qx3w-p0DHWZKZhsw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gGtQWtbUV1WMB08v_fkRUg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://fruityblox.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 09 Oct 2024 04:02:54 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw1ZBicEqfwRoAxO5aF1n9gfjrnkusf4F478dLrEeBWIib413DjB1sAg_eHfNQcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGBgbmegbm8QUGAL2qL1Q"
content-security-policy
script-src 'report-sample' 'nonce-gGtQWtbUV1WMB08v_fkRUg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://fruityblox.com
content-length
0
x-xss-protection
0
server
ESF

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| __next_f object| webpackChunk_N_E object| _N_E object| next object| regeneratorRuntime function| Pusher function| gtag object| dataLayer object| ramp object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| admiral object| googletag string| _pwUserContentEncoding object| PageOS boolean| pwRAMPInitiated object| _pwTycheAB object| pwKinesisCreds number| cmpVersion boolean| tycheSampling number| tycheSamplingRate string| tychePath boolean| rampSampling number| rampSamplingRate string| rampPath number| _pageViewSR number| _adImpressionSR object| _pwLogger string| _pwKassandraVer number| _pwFpSampling string| _pwUserCC object| pwEdgeFlags object| pwEdgeYieldOptions string| _pwCurrentHourEST object| tyche object| ggeac object| google_js_reporting_queue function| 4dm1r11545242527 object| webpackChunkpageos object| pageos object| __core-js_shared__ object| core object| __pwpbjs__ object| _pbjsGlobals object| google_reactive_ads_global_state object| googlefc object| __bt object| __bt_intrnl object| __bt_tag_d boolean| __bt_already_invoked object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NTBiODRhZTA3MTliYzg1Y2xvYWRlcl9qcw== string| NTBiODRhZTA3MTliYzg1Y2NhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady

7 Cookies

Domain/Path Name / Value
.fruityblox.com/ Name: _ga_F55Y1PYQ4M
Value: GS1.1.1728446573.1.0.1728446573.0.0.0
.fruityblox.com/ Name: _ga
Value: GA1.1.589138767.1728446573
.intergi.com/ Name: __cf_bm
Value: o480n6vPEFhCwewtCF4POnNLKb5nub4nl43ocBnmGmI-1728446573-1.0.1.1-q8Qn4XeWDA2hv1YM7y.TY4gsxxRXjU6.8GfGA5WrROc11Cmk4jVxFZESlqZj9.3QiS6VGW.CPqXVVH80Zchb6w
fruityblox.com/ Name: usprivacy
Value: 1---
.playwire.com/ Name: __cf_bm
Value: joAYXCFgzVDqTl7zLwuU_jHEbP2sSTWNFJyDNlBMf9Y-1728446573-1.0.1.1-lnxHcg73BCG_azJGKMmAj.AvuqsdqdVMcst4YpnVai.9CZrJ1I4HiarWtkEr62Z3f8bZviZGTD3lydgb0gnH8A
.intergient.com/ Name: __cf_bm
Value: ABhipwKLL.9u9dmuq34uySc6sEsI7RlteUMABUe42IM-1728446573-1.0.1.1-gclE.q2rSYuYnTYTJPhT38t5L1s9VgxuJ1fC_9MkR1V9LqzQMhwSLxLB6V4B_p8w.g7j.OQLIZyyskTrfDv9rQ
.fruityblox.com/ Name: _awl
Value: 2.1728446574.5-3736c2123128de0def4fc958f49980fb-6763652d6575726f70652d7765737431-0

1 Console Messages

Source Level URL
Text
network error URL: https://px.moatads.com/pixel.gif
Message:
Failed to load resource: the server responded with a status of 500 (Internal Server Error)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-delivery.net
ad.doubleclick.net
api.btloader.com
btloader.com
cdn.intergi.com
cdn.intergient.com
config.playwire.com
faucetfoot.com
fonts.googleapis.com
fonts.gstatic.com
fruityblox.com
fundingchoicesmessages.google.com
impression-inferences-edge-prod.playwire.com
px.moatads.com
region1.google-analytics.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
www.googletagmanager.com
130.211.23.194
142.250.185.70
184.28.89.220
2001:4860:4802:32::36
2600:9000:223f:9600:8:48e:53c0:93a1
2600:9000:2670:aa00:b:99e7:bb00:93a1
2606:4700:10::6816:4bd8
2606:4700:20::681a:346
2606:4700:20::ac43:450e
2606:4700::6812:1438
2606:4700::6812:1538
2606:4700::6812:196f
2606:4700::6812:19f2
2606:4700::6812:acf
2a00:1450:4001:81d::200e
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2008
04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce
07f24e3c109693fdb0f17baca149efc793e31296fa50b5e9480adf89c33263ac
1087cb6222142bf7ed04a621660526b302a6e91c3a7a554c9aa103aa75441dab
118f1014497b064a5b8ab5d4da690a3a5d883e8a2e2de6885d79854346463a5f
189da5361106d150cda41d7b7a8904b1011c3a8bb4ebfc89e690c97722b13f41
24bbf9d141105072b4cbeba1f36575cefbdcdd83e00693d2384dbc7353715950
2fe77556e3c0dbb3b5cdbbb281146e90b3e574c1e6001e96662a236fdc980afd
30d99eee3a44e87c88e0d9329797bc7d7252e13f0b7cacf440b8ff63ff4d80e5
3b22add6e87c4f2dda0208221cf5d82670ca739f91ac91827d390894538aacf7
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
43ffb74372d4433f74c1edb086c5d8979e3832be619d0d60f21b328e58f20789
451677e8d3a09f1487633de87e119b48fd02a5fc9ea05c62c585cf607526c280
488fc490455a5a09c9262dc8b826c02a80b206608aa1577e2f4e3c64bc6183c1
50c5d718203e922d95c3e825dab745dd4c6a972dc9c6f2428cadee48cd152d71
5607bc0b49036b5f13acf3f5767e0fb2fb947f5369bda253939e78e2b11f85b4
5ca48ae11f273315a879cc4564ace1bb46064dda4ac87b4476e6e9ace545ee86
602c4f32e477c4d38eb7153dccea3a21a025a25e844a3432897286efec4c093d
687524cde30fe73542b07a1b40a9e4217e6080ca31489a89c22f027fb758f8e7
6dac2c66001dfa2eab951b19ea96e78988116619988b5b9c9e03c710e3051cca
70edfb738d1f40a4763d693dbfa9f8dbbc98a9718d5cfed3f100e245ad5b97a3
71ed963804cbd4b773b16a2e290fb534288140999cca4833a8ff300a9d72a9b1
795041923e6338abe450ff9524ef70fd40432f278f32c9c35cdbb08239574fb1
7da14710211aa64af6de8771676c7d8e961e30c2d6d8616dd3640a2eb31fe72e
810936641eac77944356b79cff9fa40dc117d1fd7aac91d44856d0508a7e3c81
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
82e47385a0cbe325fda16e90e71368765cff7c296b8e664f410b199a7d4bd2ed
839d821426383cc0f978a6a20074e6f5524d23ad66f19bdb883f6874bca1cfce
884458b6e359d814a9bbc4b4fda7d18a5a7ff6ac7080ac8d1c6843309f6a3c17
884a7db4bbf6b4a8989acab11a0231b639fccbb6dd2e5ca0b9ae444aca81d37b
9962996206f2161b1661fd4962f0b79c31b42735eb0c2c6a501d2aa527e1eff6
9d05a353cef910b080a2c19ea3ef5d5c629883233550b47f4e3b6f172faabbb2
9e26af5973c5086b8eb06f664f510b571c9eb16edeecb3624065c6eeb6e3c858
a331e217b8dbe8f5f940c40bdab4a708dc38ebddf0c9494d2686219fe84e6960
a34cc4d61246877aa3e5b705e8eab9351abb00be756c0c88f7a74c17124695e8
a8702a907071137d4b70ca12957ae2fc72fa8cfecb38d2fbcbc457d71fbce191
b10a50ed245b4f0751ec5f800bfe38a343b851cc1604574246f772b16c007b9f
b1a5c165297b3e11314fe4a9141854cab0ae4379f757d2436bca362fbf78754e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cdf76f56a456ea18bc9b5d02d0b7d95e0a50fff6b74f5597cb3eaa39a1a34a53
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf6875cec7c75016fb85e9307a6d6d6b942ecb545d81fa75b2496341eb8bd0a9
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
df0f191bf67f6eef25faa560d11c11bb28c865f59ed8dd1aedcdbcaefbb876a3
e2a6fea938d9f2f6fc728d5866930d0de5fbb494b3cd106deae22ba21e8ae4af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e74c5c23cb8a0eae59750c62469c17db6f7571643c52fcd25d9019b3ba1102a7
e76305d106f1ca56316b5c5d4ac4212034c6ca81530643f61a148fa0eee724d6
ed5e7b238fcf0e93b89e5874ee93e0c35f191f9adf2756d8b8966d5446702fa6
efbcc550c38ce1a515c55b59379abbe61611bbf4f8be1da5a63f0a2c6dc62d6a
f6d4a92377cb9e1f78fc13f50238a5a9a314b2ac64d08df332ae8b3e06936c5a
f834dce9e6237cda57f3eb22a26070f536c45aee9e574cf6627149852bb705ff
ff43204d93fcd7c8e437cc7fd86ece02316fed0c4bdbfe4338a16c652449a61a
ff9a865d5d8a2c1085fc75aa78c73f8a6bb8e077b0f0a45d4bc9b515d81bac1e