urlscan.io logo urlscan.io
SecurityTrails logo

app.blockem.io Open in urlscan Pro
2606:4700:3037::6815:4d32  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://app.blockem.io/
Effective URL: https://app.blockem.io/
Submission: On September 07 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 3 countries across 16 domains to perform 39 HTTP transactions. The main IP is 2606:4700:3037::6815:4d32, located in United States and belongs to CLOUDFLARENET, US. The main domain is app.blockem.io.
TLS certificate: Issued by E1 on August 28th 2023. Valid for: 3 months.
This is the only time app.blockem.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

11    2606:4700:3037::6815:4d32 (United States)

ASN13335 (CLOUDFLARENET, US)
app.blockem.io
api.blockem.io
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    104.244.42.133 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
2    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    18.173.187.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-117.muc50.r.cloudfront.net
static.hotjar.com
7    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
partner.googleadservices.com
2    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o4504227416244224.ingest.sentry.io
1    18.173.154.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-61.muc50.r.cloudfront.net
script.hotjar.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    18.66.192.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-48.muc50.r.cloudfront.net
vc.hotjar.io
1    54.75.154.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-154-185.eu-west-1.compute.amazonaws.com
content.hotjar.io
2    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
11 blockem.io
app.blockem.io
api.blockem.io
1 MB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
216 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 53
5 KB
2 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 2914
content.hotjar.io — Cisco Umbrella Rank: 6939
417 B
2 sentry.io
o4504227416244224.ingest.sentry.io
478 B
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 793
script.hotjar.com — Cisco Umbrella Rank: 1084
59 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
216 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 186
87 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1180
602 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1977
244 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
82 KB
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 864
722 B
1 t.co
t.co — Cisco Umbrella Rank: 580
376 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 862
15 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 58
930 B
39 16
Domain Requested by
7 app.blockem.io 1 redirects app.blockem.io
6 pagead2.googlesyndication.com app.blockem.io
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 api.blockem.io app.blockem.io
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 o4504227416244224.ingest.sentry.io app.blockem.io
2 www.facebook.com app.blockem.io
2 connect.facebook.net app.blockem.io
connect.facebook.net
1 www.google.com tpc.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 content.hotjar.io app.blockem.io
1 vc.hotjar.io app.blockem.io
1 region1.google-analytics.com www.googletagmanager.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com app.blockem.io
1 www.googletagmanager.com app.blockem.io
1 analytics.twitter.com app.blockem.io
1 t.co app.blockem.io
1 static.ads-twitter.com app.blockem.io
1 fonts.googleapis.com app.blockem.io
39 20

This site contains no links.

Subject Issuer Validity Valid
blockem.io
E1		 2023-08-28 -
2023-11-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-06-16 -
2023-09-14		 3 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-14 -
2023-11-14		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-02 -
2024-09-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-25 -
2024-08-24		 a year crt.sh
*.hotjar.io
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://app.blockem.io/
Frame ID: 4C2C89ACA3981F9EC8EBF8C7C020F918
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/zrt_lookup.html
Frame ID: 8B6417E1477C64C4DF89F55AFDC53F78
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9904701906473153&output=html&adk=1812271804&adf=3025194257&lmt=1694083870&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fapp.blockem.io%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694091070785&bpp=4&bdt=930&idt=192&shv=r20230906&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7596607503864&frm=20&pv=2&ga_vid=1653659573.1694091071&ga_sid=1694091071&ga_hid=1563560739&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077330%2C31077668&oid=2&pvsid=2801479899697253&tmod=1625068985&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=212
Frame ID: 94B7DD8B84815FEDBE8917F1CB88F239
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5162DC40F585E76112BDD92D01F6BA53
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8B2D5914739077E38465A85A53DD1EE6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Blockem App | Home

Page URL History Show full URLs

  1. http://app.blockem.io/ HTTP 308
    https://app.blockem.io/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

39
Requests

100 %
HTTPS

56 %
IPv6

16
Domains

20
Subdomains

19
IPs

3
Countries

1889 kB
Transfer

6440 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://app.blockem.io/ HTTP 308
    https://app.blockem.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
app.blockem.io/
Redirect Chain
  • http://app.blockem.io/
  • https://app.blockem.io/
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.blockem.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4d32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
271551f0cbe5a624ef109f42e4da512983f13071af2e8e803d20f5d64566d133
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
13095411
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
802f14e24a9f8fdc-FRA
content-disposition
inline
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 07 Sep 2023 12:51:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9LAu3HcN6CQy3pdts6FAqbI0xx%2FbbR9xt9cNAvJ3i1ikWoxCwL2lRGP0A%2FhDqfBywKvwLR%2FRmM%2FZGfTIAFiO19TgruQAzoNd2X8vRSEVeXErhn9hgpZfYxEylquYD9pbC6nRUbtB4qxMVvu1cg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=63072000
x-vercel-cache
HIT
x-vercel-id
fra1::gmwvq-1694091069836-97af1271a321

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
802f14e1efcf9a3b-FRA
Connection
keep-alive
Content-Type
text/plain
Date
Thu, 07 Sep 2023 12:51:09 GMT
Location
https://app.blockem.io/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Refresh
0;url=https://app.blockem.io/
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c4eThRCrT6SxmhWMhECBK3pVxKow%2BMqjUZGFovQrO%2FnPZKCOS0Ar6b%2FooQTvwYerlDQGNIN0wjbvl%2BqqpNo4RwtBCMgDHoWyEAtWuwTzBXZQ751dxoSDl%2BGQ7gg1Ih9gNPA3lC93JI%2Boo1K%2Fmw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400
css2
fonts.googleapis.com/ 		5 KB
930 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Red+Hat+Display:ital,wght@0,300;0,500;0,600;0,700;0,900;1,600&display=swap
Requested by
Host: app.blockem.io
URL: https://app.blockem.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
624fb0e136beaf4770572ab7d6afcdd7c8b11442c3c6080c8ad36ab699993499
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.blockem.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 07 Sep 2023 12:51:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 12:51:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 07 Sep 2023 12:51:09 GMT
main.61c1cacc.js
app.blockem.io/static/js/ 		5 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.blockem.io/static/js/main.61c1cacc.js
Requested by
Host: app.blockem.io
URL: https://app.blockem.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4d32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
732f491e81945a642f129fa53f97bc9cf3ef1a8bccd91eecda6f8de3c5a051fd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.blockem.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 12:51:09 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition
inline; filename="main.61c1cacc.js"
alt-svc
h3=":443"; ma=86400
x-vercel-id
fra1::8ft2j-1694091069883-059b53edb086
server
cloudflare
etag
W/"c8520a37348e0fb8be1e6340d3d4c1a0"
x-vercel-cache
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xbhr2G7LFen%2FmNFsulNff2nu%2BD5i6Jhk6s8ogMBFy2apI9b7jfC9VHjrgAD1SiwJqTU4L6cgGUuTjtXdT455Qlxhs21VbDezvUttFnY86KUc4%2FUssVRavO7cxrF0eVHrim7AG5ouDHb6hm6XrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400, s-maxage=31536000, immutable
cf-ray
802f14e29ae98fdc-FRA
main.057c724f.css
app.blockem.io/static/css/ 		45 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.blockem.io/static/css/main.057c724f.css
Requested by
Host: app.blockem.io
URL: https://app.blockem.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4d32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c428792928e345c51977e47fa85748c17b9c7db92d478c12a58fc97850546ea
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.blockem.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 12:51:09 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition
inline; filename="main.057c724f.css"
alt-svc
h3=":443"; ma=86400
x-vercel-id
fra1::nkc5h-1694091069892-a1edaf3c76b6
server
cloudflare
etag
W/"c840572c17647c3e58251f1edc186484"
x-vercel-cache
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZP1Lj%2Ba30cgZAmG8vLYwzDovbyBV0PzAO%2FiFYynBVaK05O9UI7PFN%2FkWGR6MaepBy4C%2Fsal1b4t9byd4L9kfY6N58vQcGbZKdQ%2FxcLmFHKKZRMcxcQeowX4E%2FnAx1uQmeMD6FQPVv7hhLMYMnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400, s-maxage=31536000, immutable
cf-ray
802f14e29ae88fdc-FRA
fbevents.js
connect.facebook.net/en_US/ 		193 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: app.blockem.io
URL: https://app.blockem.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.blockem.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 07 Sep 2023 12:51:09 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
52127
x-xss-protection
0
pragma
public
x-fb-debug
mTglei8a+O81Of2YCvg0GCRjW9/zU9EFCVeW+pD3We5IAo4S8gO+BccjHF3GvAmNE83kshI+fU7ECY5ueiBnlw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: app.blockem.io
URL: https://app.blockem.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.blockem.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 12:51:09 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 16:56:53 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-eddf8230026-FRA
1008885086530767
connect.facebook.net/signals/config/ 		137 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1008885086530767?v=2.9.125&r=stable&domain=app.blockem.io
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
64d385a72804b257b50283b0dd75ec3e7c26f0e307dfe7772b12ed7103ad2aef
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.blockem.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 07 Sep 2023 12:51:10 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
QzdbFKsTSFpETiGR+DtNElAk/d1J45kQJydiDEYKK+jMn/h6sMYq9+//t9zroY1MfociUzspf/yyG6aIQnXzZw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
adsct
t.co/1/i/ 		43 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=89d5a72c-c378-4f57-9ad8-3d58e27c77a5&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b1d4e595-19c5-4b8e-8ba4-45619a456b8e&tw_document_href=https%3A%2F%2Fapp.blockem.io%2F&tw_iframe_status=0&txn_id=obn7r&type=javascript&version=2.3.29
Requested by
Host: app.blockem.io
URL: https://app.blockem.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.blockem.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-response-time
90
date
Thu, 07 Sep 2023 12:51:10 GMT
strict-transport-security
max-age=0
server
tsa_f
content-type
image/gif;charset=utf-8
x-transaction-id
6dbb43d1628b0c4a
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
e2953d5089c09f6e2a7e7c279b8e3d55f7d40062fd21e70bfc000673396ecc82
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=89d5a72c-c378-4f57-9ad8-3d58e27c77a5&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b1d4e595-19c5-4b8e-8ba4-45619a456b8e&tw_document_href=https%3A%2F%2Fapp.blockem.io%2F&tw_iframe_status=0&txn_id=obn7r&type=javascript&version=2.3.29
Requested by
Host: app.blockem.io
URL: https://app.blockem.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.blockem.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-response-time
104
date
Thu, 07 Sep 2023 12:51:09 GMT
strict-transport-security
max-age=631138519
server
tsa_f
content-type
image/gif;charset=utf-8
x-transaction-id
854d7654d58372ff
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
13063158fe5bd003bf1ebb6205929ad491500126d52f6bec9bcc6b74e0390dd1
content-length
43
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1008885086530767&ev=PageView&dl=https%3A%2F%2Fapp.blockem.io%2F&rl=&if=false&ts=1694091070099&sw=1600&sh=1200&v=2.9.125&r=stable&ec=0&o=30&fbp=fb.1.1694091070097.920623015&it=1694091069986&coo=false&rqm=GET
Requested by
Host: app.blockem.io
URL: https://app.blockem.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.blockem.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 07 Sep 2023 12:51:10 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
6148.66b85948.chunk.js
app.blockem.io/static/js/ 		54 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.blockem.io/static/js/6148.66b85948.chunk.js
Requested by
Host: app.blockem.io
URL: https://app.blockem.io/static/js/main.61c1cacc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4d32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12611f55099d294b1122caa15deedffd6be9ff120776cfe48ec9c083867daa14
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.blockem.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 12:51:10 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17857
content-disposition
inline; filename="6148.66b85948.chunk.js"
alt-svc
h3=":443"; ma=86400
x-vercel-id
fra1::lldlt-1694073213465-ccd8ab34962f
server
cloudflare
etag
W/"d05ee0cd24d6976dbfd1ab33f3c5378d"
x-vercel-cache
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cOdqzubtxGRRTusMB35zlM3eJ70Io2s7idWkuSQQZrT%2BuTpfjhaPvjHOGMuwa4gBUCtE0Ja4c3fSLJimHGVcOvAS1bYyXa1dw%2FD8FeHMnnyzBXpVSwbpssJXbKc%2Fn%2B8E4ohM%2FjM20nNuxAj7IQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400, s-maxage=31536000, immutable
cf-ray
802f14e558533665-FRA
8678.e1b410dc.chunk.js
app.blockem.io/static/js/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.blockem.io/static/js/8678.e1b410dc.chunk.js
Requested by
Host: app.blockem.io
URL: https://app.blockem.io/static/js/main.61c1cacc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4d32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc4484801a591091668f2e7d3a3416e38da71cb6d9b696dd0b0acee4d308754d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.blockem.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 12:51:10 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17857
content-disposition
inline; filename="8678.e1b410dc.chunk.js"
alt-svc
h3=":443"; ma=86400
x-vercel-id
fra1::hd6vm-1694073213467-f64be0939d47
server
cloudflare
etag
W/"890da8ec0ede28513cba80803998e425"
x-vercel-cache
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1SVEFr3LswUgV9KE7wLHdQ4Z%2BohA3I0anqrbwrqdb6GAGVuaQl46NB9xB8UJ9MAxW81Nilc49MlMfNXUcmGwRAH%2FXKn18crVArj0l2uSx6X%2FhvlNia4oFBrli9oE5yWdQDIR3AYZbI3Y9zSLvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400, s-maxage=31536000, immutable
cf-ray
802f14e558543665-FRA
js
www.googletagmanager.com/gtag/ 		236 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N2351XRS4Y
Requested by
Host: app.blockem.io
URL: https://app.blockem.io/static/js/main.61c1cacc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b95d3ebef4d71661d55a6fedf9db340e1386ae6a5223a8b8292a18a0330229a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.blockem.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 12:51:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83616
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 07 Sep 2023 12:51:10 GMT
hotjar-3261661.js
static.hotjar.com/c/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3261661.js?sv=6
Requested by
Host: app.blockem.io
URL: https://app.blockem.io/static/js/main.61c1cacc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-117.muc50.r.cloudfront.net
Software
/
Resource Hash
7d5bdb2056d22cd4569e954eed9251921a1f669834b58f10fd0abc1686482de2
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.blockem.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 12:51:10 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
etag
W/38e549ed039d10c5424a09e5907d185e
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
eLIpyNwJCGpybvG3WhNtEOPVZT47c-ZGuDWeVc93wZ6bVty5uz8qjg==
popular
api.blockem.io/project/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.blockem.io/project/popular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4d32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://app.blockem.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*,Accept,Authorization,Content-Type,X-CSRF-Token,x-auth,Access-Control-Allow-Origin,Access-Control-Allow-Methods,Access-Control-Allow-Credentials
access-control-allow-methods
*,GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin
https://app.blockem.io
access-control-max-age
300
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
802f14e78e251973-FRA
date
Thu, 07 Sep 2023 12:51:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nr6xwS3NgEp%2FKUtCsaQ58g5PUZbYQJc7I0XLV4TbXN2l07jeAsrhm3vr3dpRwdg%2FvPJ9KayIDxVV7xBwms74X9wkeo%2BT9Ih6wtbU9E7hsJ%2F5b%2BmG3gwJ5QsKRrNHiGJq4aJh5oXO3fyBw4ciHg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
popular
api.blockem.io/user/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.blockem.io/user/popular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4d32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://app.blockem.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*,Accept,Authorization,Content-Type,X-CSRF-Token,x-auth,Access-Control-Allow-Origin,Access-Control-Allow-Methods,Access-Control-Allow-Credentials
access-control-allow-methods
*,GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin
https://app.blockem.io
access-control-max-age
300
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
802f14e78e281973-FRA
date
Thu, 07 Sep 2023 12:51:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mWN1TD4iQ2c8FaBjat9YRhmmAXYduA6fOpCNfuIj%2Fj6gvbKR2biz6fl5i8UvDnjew7fUaFomk78DuJI%2FWDNua9yAZRni2EXyuqcilrt2mZ%2F0o5yiS%2FaadqVa%2FLzsGVxtEPeDKQjyY8EOuE2syg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9904701906473153
Requested by
Host: app.blockem.io
URL: https://app.blockem.io/static/js/main.61c1cacc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
415d4caaaa3aba215c7aed37e9d82c5ddc4df86fe964b3edd449a65cb81a7ae0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.blockem.io/
Origin
https://app.blockem.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 12:51:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50427
x-xss-protection
0
server
cafe
etag
3948586181847644252
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 07 Sep 2023 12:51:10 GMT
/
o4504227416244224.ingest.sentry.io/api/4504227420766208/envelope/ 		41 B
373 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o4504227416244224.ingest.sentry.io/api/4504227420766208/envelope/?sentry_key=5f1b89aeb731402ba908d3da34fdc177&sentry_version=7&sentry_client=sentry.javascript.react%2F7.21.1
Requested by
Host: app.blockem.io
URL: https://app.blockem.io/static/js/main.61c1cacc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c03926d1c96b7d3fb536df11ea52c2114df532dfbf504355a5281b248c99484c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://app.blockem.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 07 Sep 2023 12:51:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41
banner-mobile.e2ccd0fc8a308a1da060.png
app.blockem.io/static/media/ 		76 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.blockem.io/static/media/banner-mobile.e2ccd0fc8a308a1da060.png
Requested by
Host: app.blockem.io
URL: https://app.blockem.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4d32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f002e6cdee5a4adae87a714567f14777da13853efb27ce18f3e983e6ca69fb7a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.blockem.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 12:51:10 GMT
strict-transport-security
max-age=63072000
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition
inline; filename="banner-mobile.e2ccd0fc8a308a1da060.png"
alt-svc
h3=":443"; ma=86400
content-length
77762
x-vercel-id
fra1::82ddx-1694091070613-5ebd06fb95ce
server
cloudflare
etag
"cd24caf9de36ca4717c4ea3e2f58c4c4"
x-vercel-cache
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BorCb1uaSXe6gE%2Fies7iAjhN8XbQRjv%2FAjzBD2euVCsnajte0UT95Rg5m0wDf6Q%2B60WEpZBVUnvBbsm%2Bo%2BOCITS%2Fu0Xr%2FiWvQsl8FvwLsgjfNDZZh3Iya%2Frln3zc0V5aH4ajFP5tmLQuaSOgIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400, s-maxage=31536000, immutable
accept-ranges
bytes
cf-ray
802f14e72aac3665-FRA
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d9a3198fc189ba6852de453de9faa81d65a50302955cb8e82b6d3b24abef9170

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b8f716a74a7b4d6f5114b230277bafd76288cdf614a4ed6026cb0d2f1ae23d2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f08e1134c1e3af9c14e71e5377c1a210a0b793c15e70f761996afbbf874c983

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/png
popular
api.blockem.io/project/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.blockem.io/project/popular
Requested by
Host: app.blockem.io
URL: https://app.blockem.io/static/js/main.61c1cacc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4d32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdf146bc79eb2c1f374fe5335bc69589e0f670e0814fec4bff94b6d06d72a487

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.blockem.io/
accept-language
de-DE,de;q=0.9
Authorization
Bearer 885118ed058924cb9367879454bdeec45f9f13937a87011d65942580b6899dbc868270a51ae14277158057e269df55f78444dab0418b954872e0356f6600514b66ede16f98a2f1e808a786e162b4026c546beba5d1e3d5b1d3a328e956f42c03}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 12:51:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tT899gvk%2B7YcyNPNt0OEToUC0NeENJswwlRVGpy1N9NcvzPiDlk9roFGyyyv45bN%2FOye1YWrx0WAAZy1rvUIxhDywfiRaJ9SlPqXClA4T88PETFLRJ%2BS9AwvQy5LyWzXc8TGoZt9aUTb4F6WOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://app.blockem.io
access-control-expose-headers
*,Link
access-control-allow-credentials
true
cf-ray
802f14ea9e0b9945-FRA
alt-svc
h3=":443"; ma=86400
popular
api.blockem.io/user/ 		1 KB
848 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.blockem.io/user/popular
Requested by
Host: app.blockem.io
URL: https://app.blockem.io/static/js/main.61c1cacc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4d32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27259714976a5fa9ff2628410260ee28aee3d8f94c9833f40b5efd33a37e0002

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.blockem.io/
accept-language
de-DE,de;q=0.9
Authorization
Bearer 6cf5d4354c3bb641b2405ae5d717d2de31957b93024e36a8c709f60e59f6cff8131a08b05c36a12df1d50e49e4db4ccae9ffc3daa7bba4bc20034270899561e1c22dd39de043e9e52fffc7b90f139e80e62d8ee6efb74bc870dde4fcc3f33c4c}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 12:51:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=afqaOqxU89Iu5KQ%2FEDXb8%2FbUzJNcaajvdOUX1U6wh35aFLcfMADbIMK%2FpaPLz6pZyVDK6lZBsyw2Tu2mODVbOMu82jIZ3MJhX90gb%2B4ncFW%2ByoFYLx2YpfajUhgSxZZgIjTLrzWzG9%2FD1RknHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://app.blockem.io
access-control-expose-headers
*,Link
access-control-allow-credentials
true
cf-ray
802f14ea49931973-FRA
alt-svc
h3=":443"; ma=86400
modules.c7962ba31267c30299df.js
script.hotjar.com/ 		223 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.c7962ba31267c30299df.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3261661.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-61.muc50.r.cloudfront.net
Software
/
Resource Hash
f5d7e440936d0aa4088a8bacc16206224b58b6fa1882dc54c3f953450fc75563
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.blockem.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 08:53:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 f4ef6af6f595152791fb5c57054106ea.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
age
14284
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
55578
last-modified
Thu, 07 Sep 2023 08:52:45 GMT
etag
"628a0bf92690f9881613d19390363f0b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
uxCDb_VevY7FZy6zYUXlwkjsPvhmDm2TKmzkjAKorszuvAC-1JQegQ==
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1008885086530767&ev=Microdata&dl=https%3A%2F%2Fapp.blockem.io%2F&rl=&if=false&ts=1694091070601&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Blockem%20App%20%7C%20Home%22%2C%22meta%3Adescription%22%3A%22Block%20socially%20engineered%20crypto%20scams%20for%20good.%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Blockem%22%2C%22og%3Adescription%22%3A%22Block%20socially%20engineered%20crypto%20scams%20for%20good.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fblockem.s3.us-east-2.amazonaws.com%2FLinkShare.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.125&r=stable&ec=1&o=30&fbp=fb.1.1694091070097.920623015&it=1694091069986&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: app.blockem.io
URL: https://app.blockem.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.blockem.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 07 Sep 2023 12:51:10 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
region1.google-analytics.com/g/ 		0
244 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-N2351XRS4Y&gtm=45je38u0&_p=1563560739&cid=1653659573.1694091071&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dp=%2F&sid=1694091070&sct=1&seg=0&dl=https%3A%2F%2Fapp.blockem.io%2F&dt=Blockem%20App%20%7C%20Home&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N2351XRS4Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.blockem.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 12:51:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.blockem.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
3261661
vc.hotjar.io/sessions/ 		0
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/3261661?s=0.25&r=0.05199338416733168
Requested by
Host: app.blockem.io
URL: https://app.blockem.io/static/js/main.61c1cacc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-48.muc50.r.cloudfront.net
Software
Python/3.8 aiohttp/3.8.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.blockem.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 12:51:10 GMT
via
1.1 af1bbc213b3a9ee2f125be77ca3609a0.cloudfront.net (CloudFront)
server
Python/3.8 aiohttp/3.8.4
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
T711z7xi3ammaqi9bZRHzgcNFLkjG3T2sPOme3Y-ECf61jTAYUaPYQ==
/
content.hotjar.io/ 		56 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.hotjar.io/?gzip=1
Requested by
Host: app.blockem.io
URL: https://app.blockem.io/static/js/main.61c1cacc.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.75.154.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-154-185.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3f954d9d17d8d4730a17f1324a6a376ee00d3c8ebec9a46ecd1d7d315455aab3

Request headers

Referer
https://app.blockem.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 07 Sep 2023 12:51:10 GMT
content-length
56
vary
Origin
content-type
application/json
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/ 		379 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9904701906473153&plah=app.blockem.io&bust=31077668
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9904701906473153
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3bfe9110bd82a20f3017d0e28aa85764d59fd66102b333df17fb11115f0de1b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.blockem.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 12:51:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131805
x-xss-protection
0
server
cafe
etag
2681210433367372207
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 07 Sep 2023 12:51:10 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/ Frame 8B64 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9904701906473153
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.blockem.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
43926
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4438
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 00:39:04 GMT
etag
8554266389219770021
expires
Thu, 21 Sep 2023 00:39:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		387 B
602 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=app.blockem.io&callback=_gfp_s_&client=ca-pub-9904701906473153
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9904701906473153&plah=app.blockem.io&bust=31077668
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f39b27d8a67fd6c49e32dd341a0a5bc724a652d0a84ab428b31d3070578a0126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.blockem.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 12:51:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
251
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 94B7 		603 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9904701906473153&output=html&adk=1812271804&adf=3025194257&lmt=1694083870&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fapp.blockem.io%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694091070785&bpp=4&bdt=930&idt=192&shv=r20230906&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7596607503864&frm=20&pv=2&ga_vid=1653659573.1694091071&ga_sid=1694091071&ga_hid=1563560739&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077330%2C31077668&oid=2&pvsid=2801479899697253&tmod=1625068985&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=212
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9904701906473153&plah=app.blockem.io&bust=31077668
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.blockem.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 12:51:11 GMT
expires
Thu, 07 Sep 2023 12:51:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230906&st=env
Requested by
Host: app.blockem.io
URL: https://app.blockem.io/static/js/main.61c1cacc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce5c90853d08f3d5c10ba13d8b1563f2cfaa4d84e84cf2071ccf06b3bb3f452a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.blockem.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 12:51:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11665
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9904701906473153&plah=app.blockem.io&bust=31077668
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.blockem.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 12:51:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 07 Sep 2023 12:51:11 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5162 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.blockem.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
619
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 12:40:52 GMT
expires
Fri, 06 Sep 2024 12:40:52 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8B2D 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ef0ac5c5887c0db4d61cbe923a5fdfcad3c3a2deb3c04595738c7ce83175154f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Oh2ltOgJIjj1ieAoqg4E2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.blockem.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
536
content-security-policy
script-src 'report-sample' 'nonce-Oh2ltOgJIjj1ieAoqg4E2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 12:51:11 GMT
expires
Thu, 07 Sep 2023 12:51:11 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
pagead2.googlesyndication.com/bg/ Frame 5162 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 02:32:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
123531
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14745
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Sep 2024 02:32:20 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8B2D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230906&jk=2801479899697253&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 5162 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?gWEZ9g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 12:51:11 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230906&jk=2801479899697253&bg=!dnWldTrNAAa6D61Rmg87ADQBe5WfOIbPFcxsdr46EQnbzwKlCZGq42dLPqukl2HVKO_MExlRpeljsVtRQ_MqJfYFW1C-AgAAAHZSAAAAFGgBB5kCy2MmJloR0ZBTUQq1uICJkZHQrBVvGCzeUkxjnId5s9ly45UCMqjoQSdMGxqpxNY6ChVWK6AxVAms2KGBoDrQ3jgvdiAe3aIT0k31aw3QV6FN9rDjeFhWl5pTHBo_aZqUmG28gw-fKjf6ClDGU1CRzTIux4jVMLU-vCVQF360rThwdM0iMr81kVOBPFR3hbW76RY1FZEN0Y-U7mtbfI50xP-Ftoe851WMLKLrtZrmSAo87b7jOAWMs_QAk8wu9fzLEJwxpeNXJDmXc4anzTx-G-FxlrgQgsbRl_W3lKQeAen9W1ueObykxjtILugnsokulebn81ii1xp3OF_AZRM3fCK3XKqe9GVZiSJ_ywIpHcl_feoVPG28XgLWIqRIfTyONKWvNiz6bUlR4eIGoXcHBpyEjjhqEU7hE-GKXLrGNza6K5G_jtagaresqWLPHGfcxhmcBEWj7QCsC12EvbMZW8GTmzHwpPxkiKoTPoMndPRu3GdJVESdypSdk4N9aZP64HSxbfaaFK_swseXr6UTBko4Mc7TtfC9PRFkmfyXHmpxGdKhg40_pTkRBPxOJBjPBIDFpgUonR4C2jZIZfvC8kQVL3RrlQAfdd8PtGdS5plzhZ6gnpB02iBMsenh1BU-uYTYZfNMJ1b3PDGaxOCv-8kmVP90-jlguNnS0t4cZataUxcOcXZIDgusipyCkJe3evySA9n-ZO99UHq9_1Z2r9r9OI-1ydzPh9FexdYRd9ewi2iu2ubn14xioy01qarw2FEWPASmTpgiwDuXmzGmMvxUG5kl11hp6PsVcnGM8FHp5ykr4uY3-8XCH-fa8hg4HNmdMeSNbjAikUDYy6m1ZUp-ZTKmv1VuVXP-W48Hlt3TG-q5oayGefN3y69ZCyF_UPTC_SwLloA1P2kgmVJEXGPgdlLqWOjpw47LnVtQ_5dQQJNxPlv5uu0FgGE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.blockem.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
/
o4504227416244224.ingest.sentry.io/api/4504227420766208/envelope/ 		41 B
105 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o4504227416244224.ingest.sentry.io/api/4504227420766208/envelope/?sentry_key=5f1b89aeb731402ba908d3da34fdc177&sentry_version=7&sentry_client=sentry.javascript.react%2F7.21.1
Requested by
Host: app.blockem.io
URL: https://app.blockem.io/static/js/main.61c1cacc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
8f27e3c05649f0f4aca09df5c7d0c91e7dcf2b9ba601106da70477142fe1e997
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://app.blockem.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 07 Sep 2023 12:51:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| documentPictureInPicture function| fbq function| _fbq function| twq object| regeneratorRuntime object| twttr object| webpackChunkblockem_web_app object| __SENTRY__ function| setImmediate function| clearImmediate object| dataLayer function| gtag function| hj object| _hjSettings string| _scriptPath function| Buffer object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

16 Cookies

Domain/Path Name / Value
.blockem.io/ Name: _fbp
Value: fb.1.1694091070097.920623015
.t.co/ Name: muc_ads
Value: 2ca930c8-9e54-4854-960b-76f4bcdcd39e
.twitter.com/ Name: guest_id_marketing
Value: v1%3A169409107015594277
.twitter.com/ Name: guest_id_ads
Value: v1%3A169409107015594277
.twitter.com/ Name: personalization_id
Value: "v1_c6ia8ICpQ3VQ+qgdiNkeYQ=="
.twitter.com/ Name: guest_id
Value: v1%3A169409107015594277
.blockem.io/ Name: _ga
Value: GA1.1.1653659573.1694091071
.blockem.io/ Name: _ga_N2351XRS4Y
Value: GS1.1.1694091070.1.0.1694091070.0.0.0
.blockem.io/ Name: _hjSessionUser_3261661
Value: eyJpZCI6ImNlMWNjOTFjLWM2YjItNTQzNS1iMDE1LTQxYTRkYjkzN2U5YyIsImNyZWF0ZWQiOjE2OTQwOTEwNzA3MjUsImV4aXN0aW5nIjpmYWxzZX0=
.blockem.io/ Name: _hjFirstSeen
Value: 1
.blockem.io/ Name: _hjIncludedInSessionSample_3261661
Value: 1
.blockem.io/ Name: _hjSession_3261661
Value: eyJpZCI6ImYyZjQxMTEwLTBhMDAtNGM0My1hODc2LWI1NTI0MGEzYThiNyIsImNyZWF0ZWQiOjE2OTQwOTEwNzA3MjYsImluU2FtcGxlIjp0cnVlfQ==
.blockem.io/ Name: _hjAbsoluteSessionInProgress
Value: 1
.blockem.io/ Name: __gads
Value: ID=c726bc4ca65c443c-22e1435568de00b9:T=1694091071:RT=1694091071:S=ALNI_MZ0HDFND9P8_QT15IZlzfuv1OlMpQ
.blockem.io/ Name: __gpi
Value: UID=00000c700560375c:T=1694091071:RT=1694091071:S=ALNI_MYcylAOQ0k5ChdjyqNiTL9zG8loPg
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
api.blockem.io
app.blockem.io
connect.facebook.net
content.hotjar.io
fonts.googleapis.com
googleads.g.doubleclick.net
o4504227416244224.ingest.sentry.io
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
script.hotjar.com
static.ads-twitter.com
static.hotjar.com
t.co
tpc.googlesyndication.com
vc.hotjar.io
www.facebook.com
www.google.com
www.googletagmanager.com
104.244.42.133
104.244.42.195
146.75.116.157
18.173.154.61
18.173.187.117
18.66.192.48
2001:4860:4802:34::36
2606:4700:3037::6815:4d32
2a00:1450:4001:80f::2008
2a00:1450:4001:81c::200a
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
34.120.195.249
54.75.154.185
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
12611f55099d294b1122caa15deedffd6be9ff120776cfe48ec9c083867daa14
271551f0cbe5a624ef109f42e4da512983f13071af2e8e803d20f5d64566d133
27259714976a5fa9ff2628410260ee28aee3d8f94c9833f40b5efd33a37e0002
3bfe9110bd82a20f3017d0e28aa85764d59fd66102b333df17fb11115f0de1b8
3f08e1134c1e3af9c14e71e5377c1a210a0b793c15e70f761996afbbf874c983
3f954d9d17d8d4730a17f1324a6a376ee00d3c8ebec9a46ecd1d7d315455aab3
415d4caaaa3aba215c7aed37e9d82c5ddc4df86fe964b3edd449a65cb81a7ae0
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
624fb0e136beaf4770572ab7d6afcdd7c8b11442c3c6080c8ad36ab699993499
64d385a72804b257b50283b0dd75ec3e7c26f0e307dfe7772b12ed7103ad2aef
732f491e81945a642f129fa53f97bc9cf3ef1a8bccd91eecda6f8de3c5a051fd
7d5bdb2056d22cd4569e954eed9251921a1f669834b58f10fd0abc1686482de2
8c428792928e345c51977e47fa85748c17b9c7db92d478c12a58fc97850546ea
8f27e3c05649f0f4aca09df5c7d0c91e7dcf2b9ba601106da70477142fe1e997
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b8f716a74a7b4d6f5114b230277bafd76288cdf614a4ed6026cb0d2f1ae23d2f
b95d3ebef4d71661d55a6fedf9db340e1386ae6a5223a8b8292a18a0330229a1
bc4484801a591091668f2e7d3a3416e38da71cb6d9b696dd0b0acee4d308754d
c03926d1c96b7d3fb536df11ea52c2114df532dfbf504355a5281b248c99484c
ce5c90853d08f3d5c10ba13d8b1563f2cfaa4d84e84cf2071ccf06b3bb3f452a
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d9a3198fc189ba6852de453de9faa81d65a50302955cb8e82b6d3b24abef9170
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef0ac5c5887c0db4d61cbe923a5fdfcad3c3a2deb3c04595738c7ce83175154f
f002e6cdee5a4adae87a714567f14777da13853efb27ce18f3e983e6ca69fb7a
f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03
f39b27d8a67fd6c49e32dd341a0a5bc724a652d0a84ab428b31d3070578a0126
f5d7e440936d0aa4088a8bacc16206224b58b6fa1882dc54c3f953450fc75563
fdf146bc79eb2c1f374fe5335bc69589e0f670e0814fec4bff94b6d06d72a487