URL: https://mobile.cartoonblox.com/
Submission Tags: phishingrod
Submission: On January 23 via api from DE — Scanned from DE

Summary

This website contacted 9 IPs in 2 countries across 8 domains to perform 18 HTTP transactions. The main IP is 199.36.158.100, located in United States and belongs to FASTLY, US. The main domain is mobile.cartoonblox.com.
TLS certificate: Issued by GTS CA 1D4 on January 23rd 2024. Valid for: 3 months.
This is the only time mobile.cartoonblox.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
4 googleapis.com
firebase.googleapis.com — Cisco Umbrella Rank: 3647
firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 557
1 KB
4 gstatic.com
www.gstatic.com
105 KB
4 cartoonblox.com
mobile.cartoonblox.com
5 KB
2 vercel.app
cartoonbloxcatalog.vercel.app
3 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2029
258 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
78 KB
1 herotofutags.com
herotofutags.com
11 KB
1 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2998
24 KB
18 8
Domain Requested by
4 www.gstatic.com mobile.cartoonblox.com
4 mobile.cartoonblox.com mobile.cartoonblox.com
2 firebaseinstallations.googleapis.com www.gstatic.com
2 firebase.googleapis.com www.gstatic.com
2 cartoonbloxcatalog.vercel.app mobile.cartoonblox.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com www.gstatic.com
1 herotofutags.com mobile.cartoonblox.com
1 stackpath.bootstrapcdn.com mobile.cartoonblox.com
18 9

This site contains links to these domains. Also see Links.

Domain
about.cartoon-blox.ml
Subject Issuer Validity Valid
www.cybergarden.au
GTS CA 1D4
2024-01-23 -
2024-04-22
3 months crt.sh
bootstrapcdn.com
GTS CA 1P5
2023-11-30 -
2024-02-28
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.vercel.app
R3
2023-12-15 -
2024-03-14
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
herotofutags.com
E1
2024-01-04 -
2024-04-03
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh

This page contains 1 frames:

Primary Page: https://mobile.cartoonblox.com/
Frame ID: C2D9AFD6D5F15C59D61EC99532EA2140
Requests: 16 HTTP requests in this frame

Screenshot

Page Title

Login Page

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

18
Requests

100 %
HTTPS

78 %
IPv6

8
Domains

9
Subdomains

9
IPs

2
Countries

228 kB
Transfer

818 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
mobile.cartoonblox.com/
2 KB
965 B
Document
General
Full URL
https://mobile.cartoonblox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ebbceb40881de38bbccfbd633f028bc40b78c81cbc09ffc5c24de5f3259f3780
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=3600
content-encoding
br
content-length
618
content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 02:08:57 GMT
etag
"77f130d48c2aecc80e0ad530c6607b2c0c99d2c3c7988bc46ffe9c1e15a245c7-br"
last-modified
Wed, 03 Jan 2024 15:17:48 GMT
strict-transport-security
max-age=31556926
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
x-cache-hits
1
x-served-by
cache-fra-eddf8230064-FRA
x-timer
S1705975737.097949,VS0,VE1
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/
152 KB
24 KB
Stylesheet
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
Requested by
Host: mobile.cartoonblox.com
URL: https://mobile.cartoonblox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mobile.cartoonblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:08:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
1078
age
4665743
cdn-cachedat
10/31/2023 18:59:49
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"a15c2ac3234aa8f6064ef9c1f7383c37"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
781fdf1c6e823e65290dac5eeb884a47
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
849c7de52ab40bdb-AMS
cdn-requestpullsuccess
True
backend.js
mobile.cartoonblox.com/js/
12 KB
3 KB
Script
General
Full URL
https://mobile.cartoonblox.com/js/backend.js
Requested by
Host: mobile.cartoonblox.com
URL: https://mobile.cartoonblox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
458535f94cb6803cbd63a5754cc24818524f75ea1a81a879ecfe6cf258af4e3d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://mobile.cartoonblox.com/
Origin
https://mobile.cartoonblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230064-FRA
strict-transport-security
max-age=31556926
content-encoding
br
date
Tue, 23 Jan 2024 02:08:57 GMT
last-modified
Wed, 03 Jan 2024 15:17:48 GMT
x-timer
S1705975737.111027,VS0,VE80
etag
"e880ac62ae477cf4a4b611d2c7b9e2d4d898c34cae1aa4e23ae54102580a9d8a-br"
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2599
x-cache-hits
0
signedinblock.js
mobile.cartoonblox.com/js/
2 KB
927 B
Script
General
Full URL
https://mobile.cartoonblox.com/js/signedinblock.js
Requested by
Host: mobile.cartoonblox.com
URL: https://mobile.cartoonblox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
00b525ac708132e2ba68f4a48999fa2337ecf9fba3f349d8720ef7014c138f13
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://mobile.cartoonblox.com/
Origin
https://mobile.cartoonblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230064-FRA
strict-transport-security
max-age=31556926
content-encoding
br
date
Tue, 23 Jan 2024 02:08:57 GMT
last-modified
Wed, 03 Jan 2024 15:17:48 GMT
x-timer
S1705975737.111466,VS0,VE118
etag
"8d828c84d6582361f5f94955aef7c0c411a9d371e73f6fde644bb135c3813612-br"
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
812
x-cache-hits
0
updateUserMessage.js
mobile.cartoonblox.com/js/
2 KB
721 B
Script
General
Full URL
https://mobile.cartoonblox.com/js/updateUserMessage.js
Requested by
Host: mobile.cartoonblox.com
URL: https://mobile.cartoonblox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ed3cf32facdefba25da746fd59a034487770af1aad74970eb70637e96d627c25
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://mobile.cartoonblox.com/
Origin
https://mobile.cartoonblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230064-FRA
strict-transport-security
max-age=31556926
content-encoding
br
date
Tue, 23 Jan 2024 02:08:57 GMT
last-modified
Wed, 03 Jan 2024 15:17:48 GMT
x-timer
S1705975737.111452,VS0,VE97
etag
"3f3495f388e79e44815197a2255f7d8d33fb11eb9aa3d2155a83fe2b0c9f9a09-br"
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
607
x-cache-hits
0
firebase-app.js
www.gstatic.com/firebasejs/9.16.0/
91 KB
20 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/9.16.0/firebase-app.js
Requested by
Host: mobile.cartoonblox.com
URL: https://mobile.cartoonblox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb5f8a95267bd9904f7a3ce9d4fcdb0464d4dd5b3ae30bdbc770d1fb2288557e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mobile.cartoonblox.com/
Origin
https://mobile.cartoonblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:03:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
518757
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20625
x-xss-protection
0
last-modified
Thu, 19 Jan 2023 22:17:27 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Jan 2025 02:03:00 GMT
firebase-analytics.js
www.gstatic.com/firebasejs/9.16.0/
24 KB
8 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/9.16.0/firebase-analytics.js
Requested by
Host: mobile.cartoonblox.com
URL: https://mobile.cartoonblox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7c33fc715ab1fdb85337108e51de9926cf1c52df75719fd519abefe6bd6b289
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mobile.cartoonblox.com/
Origin
https://mobile.cartoonblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:25:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
517413
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8367
x-xss-protection
0
last-modified
Thu, 19 Jan 2023 22:17:17 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Jan 2025 02:25:24 GMT
firebase-database.js
www.gstatic.com/firebasejs/9.16.0/
150 KB
44 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/9.16.0/firebase-database.js
Requested by
Host: mobile.cartoonblox.com
URL: https://mobile.cartoonblox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d6c12412c738a0728ff74bd0d196da6c3b692160dff500ac06355bc0a246d26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mobile.cartoonblox.com/
Origin
https://mobile.cartoonblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 06:16:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
503568
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44394
x-xss-protection
0
last-modified
Thu, 19 Jan 2023 22:17:15 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Jan 2025 06:16:09 GMT
firebase-auth.js
www.gstatic.com/firebasejs/9.16.0/
115 KB
33 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/9.16.0/firebase-auth.js
Requested by
Host: mobile.cartoonblox.com
URL: https://mobile.cartoonblox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0c85cca9f8e1200f830be60f65af83ba0da7761536769d466eea44cab90d76c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mobile.cartoonblox.com/
Origin
https://mobile.cartoonblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 09:32:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
318977
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33686
x-xss-protection
0
last-modified
Thu, 19 Jan 2023 22:17:16 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Jan 2025 09:32:40 GMT
problems.json
cartoonbloxcatalog.vercel.app/
23 B
160 B
Fetch
General
Full URL
https://cartoonbloxcatalog.vercel.app/problems.json
Requested by
Host: mobile.cartoonblox.com
URL: https://mobile.cartoonblox.com/js/backend.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
5a70333819c5eeb7fcfba20645acd2740c250b412ffec6cb51bb83b285d0950a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mobile.cartoonblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:08:57 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
Vercel
x-vercel-id
fra1::dxjv2-1705975737298-3728f678ef5f
age
231012
etag
"67350268359867bea8a9686205e4b45e"
x-vercel-cache
HIT
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="problems.json"
accept-ranges
bytes
content-length
23
catalog.json
cartoonbloxcatalog.vercel.app/
17 KB
3 KB
Fetch
General
Full URL
https://cartoonbloxcatalog.vercel.app/catalog.json
Requested by
Host: mobile.cartoonblox.com
URL: https://mobile.cartoonblox.com/js/backend.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
16db805bf88a0e77616d0ef2fac4ec9f8bcd0961abe64bfe4758f60bc421d19b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mobile.cartoonblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:08:57 GMT
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
Vercel
x-vercel-id
fra1::k7dhg-1705975737298-dd7a62fdf9a3
age
277181
etag
W/"af706080c9517c931d385cc45b3f68ac"
x-vercel-cache
HIT
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="catalog.json"
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:917283704157:web:e8bad4e48594bd243fecb4/
371 B
431 B
Fetch
General
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:917283704157:web:e8bad4e48594bd243fecb4/webConfig
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/9.16.0/firebase-analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6934aeda26449aafe28127326608819a9b027ff6101e7b106fba98c178b18f4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept
application/json
Referer
https://mobile.cartoonblox.com/
x-goog-api-key
AIzaSyDAHg9cdl6bPzRcxUJQ1ZyAcuVdkLtnNKg
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:08:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://mobile.cartoonblox.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
242
x-xss-protection
0
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:917283704157:web:e8bad4e48594bd243fecb4/
0
0
Preflight
General
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:917283704157:web:e8bad4e48594bd243fecb4/webConfig
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-api-key
Access-Control-Request-Method
GET
Origin
https://mobile.cartoonblox.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://mobile.cartoonblox.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 23 Jan 2024 02:08:57 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
installations
firebaseinstallations.googleapis.com/v1/projects/cartoon-blox-7b5f2/
625 B
677 B
Fetch
General
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/cartoon-blox-7b5f2/installations
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/9.16.0/firebase-analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f284460f2e2f614ee118f5fdc43f46e03ac3760c52b1b591ce0fbdb400bc5562
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept
application/json
Referer
https://mobile.cartoonblox.com/
x-goog-api-key
AIzaSyDAHg9cdl6bPzRcxUJQ1ZyAcuVdkLtnNKg
accept-language
de-DE,de;q=0.9
x-firebase-client
eyJ2ZXJzaW9uIjoyLCJoZWFydGJlYXRzIjpbeyJhZ2VudCI6ImZpcmUtY29yZS8wLjkuMSBmaXJlLWNvcmUtZXNtMjAxNy8wLjkuMSBmaXJlLWpzLyBmaXJlLWpzLWFsbC1jZG4vOS4xNi4wIGZpcmUtaWlkLzAuNi4xIGZpcmUtaWlkLWVzbTIwMTcvMC42LjEgZmlyZS1hbmFseXRpY3MvMC45LjEgZmlyZS1hbmFseXRpY3MtZXNtMjAxNy8wLjkuMSBmaXJlLXJ0ZGIvMC4xNC4xIGZpcmUtcnRkYi1lc20yMDE3LzAuMTQuMSBmaXJlLWF1dGgvMC4yMS4xIGZpcmUtYXV0aC1lc20yMDE3LzAuMjEuMSIsImRhdGVzIjpbIjIwMjQtMDEtMjMiXX1dfQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

date
Tue, 23 Jan 2024 02:08:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://mobile.cartoonblox.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
487
x-xss-protection
0
installations
firebaseinstallations.googleapis.com/v1/projects/cartoon-blox-7b5f2/
0
0
Preflight
General
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/cartoon-blox-7b5f2/installations
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-firebase-client,x-goog-api-key
Access-Control-Request-Method
POST
Origin
https://mobile.cartoonblox.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-firebase-client,x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://mobile.cartoonblox.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 23 Jan 2024 02:08:57 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
v1.js
herotofutags.com/sticky/
32 KB
11 KB
Script
General
Full URL
https://herotofutags.com/sticky/v1.js?pk=pk_55714031ff2d17dbb6f492ad85f5b6e9
Requested by
Host: mobile.cartoonblox.com
URL: https://mobile.cartoonblox.com/js/backend.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d481 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a221f4010d4030f848a801a45ce05436f113fd3874ad9bfb9ba6a0a3dddb78dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mobile.cartoonblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:08:57 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iGC3rXDH1ePE4g4b4PuuOw5B2WV0Fufb5byNc6Fd%2B7IUdQYENSL5RktwySZ7DOoH6xXyvEpTRnpxey57JKqAUW2BXTapb5YXVs%2FJYK884Wa%2BtTpAdGfBtSLsWm%2FRSmO0QMdw5ESjP%2Fu5L8OlOy7E"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
content-type
text/javascript
cf-ray
849c7de6bcd40df4-AMS
access-control-allow-headers
Content-Type, Authorization
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/
219 KB
78 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-LR6W5LY1F6
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/9.16.0/firebase-analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a95d81cd9ad48bb502c7424943ea7b31f951f03e52f7aa02e179c69fba9ea898
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mobile.cartoonblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:08:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79432
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 23 Jan 2024 02:08:57 GMT
collect
region1.google-analytics.com/g/
0
258 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-LR6W5LY1F6&gtm=45je41h0v899916629&_p=1705975737374&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&_fid=cteHIIfAOdx-93R9rEkUkJ&cid=220304919.1705975737&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705975737&sct=1&seg=0&dl=https%3A%2F%2Fmobile.cartoonblox.com%2F&dt=Login%20Page&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.origin=firebase&tfd=450
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-LR6W5LY1F6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mobile.cartoonblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 02:08:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mobile.cartoonblox.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer function| gtag object| herotofu object| google_tag_manager object| google_tag_data object| gaGlobal function| t function| e object| o number| n function| r function| a object| s object| c function| d object| h object| p object| u function| m undefined| g undefined| f undefined| w undefined| b object| v function| x function| y function| _ object| k function| C function| T object| N object| S function| Y function| W function| R function| U function| K function| X function| G function| herotofuStickies

2 Cookies

Domain/Path Name / Value
.cartoonblox.com/ Name: _ga_LR6W5LY1F6
Value: GS1.1.1705975737.1.0.1705975737.0.0.0
.cartoonblox.com/ Name: _ga
Value: GA1.1.220304919.1705975737

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556926

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cartoonbloxcatalog.vercel.app
firebase.googleapis.com
firebaseinstallations.googleapis.com
herotofutags.com
mobile.cartoonblox.com
region1.google-analytics.com
stackpath.bootstrapcdn.com
www.googletagmanager.com
www.gstatic.com
199.36.158.100
2001:4860:4802:32::36
2606:4700:3030::ac43:d481
2606:4700::6812:acf
2a00:1450:4001:800::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:831::2008
76.76.21.241
00b525ac708132e2ba68f4a48999fa2337ecf9fba3f349d8720ef7014c138f13
16db805bf88a0e77616d0ef2fac4ec9f8bcd0961abe64bfe4758f60bc421d19b
458535f94cb6803cbd63a5754cc24818524f75ea1a81a879ecfe6cf258af4e3d
5a70333819c5eeb7fcfba20645acd2740c250b412ffec6cb51bb83b285d0950a
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
6934aeda26449aafe28127326608819a9b027ff6101e7b106fba98c178b18f4e
7d6c12412c738a0728ff74bd0d196da6c3b692160dff500ac06355bc0a246d26
a221f4010d4030f848a801a45ce05436f113fd3874ad9bfb9ba6a0a3dddb78dc
a95d81cd9ad48bb502c7424943ea7b31f951f03e52f7aa02e179c69fba9ea898
d0c85cca9f8e1200f830be60f65af83ba0da7761536769d466eea44cab90d76c
d7c33fc715ab1fdb85337108e51de9926cf1c52df75719fd519abefe6bd6b289
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb5f8a95267bd9904f7a3ce9d4fcdb0464d4dd5b3ae30bdbc770d1fb2288557e
ebbceb40881de38bbccfbd633f028bc40b78c81cbc09ffc5c24de5f3259f3780
ed3cf32facdefba25da746fd59a034487770af1aad74970eb70637e96d627c25
f284460f2e2f614ee118f5fdc43f46e03ac3760c52b1b591ce0fbdb400bc5562