Submitted URL: http://call.uptime.africa.com/re/778.php
Effective URL: https://www.dublock.com/identify2/login.php?client_id=EdInIf6PSPaVhliF4Skt&scope=ndf%20openid%20agreement%20offline_acce...
Submission: On February 19 via manual from DK — Scanned from CA

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 47 HTTP transactions. The main IP is 162.240.17.87, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is www.dublock.com.
TLS certificate: Issued by R3 on February 1st 2022. Valid for: 3 months.
This is the only time www.dublock.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Nordea (Banking)

Domain & IP information

IP Address AS Autonomous System
2 2 149.56.72.3 16276 (OVH)
1 18 162.240.17.87 46606 (UNIFIEDLA...)
24 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
47 6
Apex Domain
Subdomains
Transfer
25 tawk.to
embed.tawk.to — Cisco Umbrella Rank: 8381
va.tawk.to — Cisco Umbrella Rank: 8056
212 KB
18 dublock.com
www.dublock.com
471 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
2 KB
2 africa.com
call.uptime.africa.com
690 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 401
39 KB
1 gstatic.com
fonts.gstatic.com
24 KB
47 6
Domain Requested by
22 embed.tawk.to www.dublock.com
embed.tawk.to
18 www.dublock.com 1 redirects www.dublock.com
3 fonts.googleapis.com embed.tawk.to
3 va.tawk.to embed.tawk.to
2 call.uptime.africa.com 2 redirects
1 cdn.jsdelivr.net embed.tawk.to
1 fonts.gstatic.com fonts.googleapis.com
47 7

This site contains no links.

Subject Issuer Validity Valid
*.dublock.com
R3
2022-02-01 -
2022-05-02
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-06-28 -
2022-06-27
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-02-07 -
2022-05-02
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-02-07 -
2022-05-02
3 months crt.sh

This page contains 6 frames:

Primary Page: https://www.dublock.com/identify2/login.php?client_id=EdInIf6PSPaVhliF4Skt&scope=ndf%20openid%20agreement%20offline_access&response_type=code&redirect_uri=https%3A%2F%2Fnetbank.nordea.dk%2Flogin%2F&nonce=TGNhJkXF0J8vRUOhSzSZICvQc70ciuts3h6Bv0NKTaClhxE04Iy8jlRJbcTkABTF&ui_locales=da&code_challenge=lGQNH3U4KKr8tyT6mWDouBENQc6gxE3nh_MfOpQvYkE&code_challenge_method=S256&state=e30%3D
Frame ID: 7D1C9CDB3B6A69CB18A4CC067258B142
Requests: 33 HTTP requests in this frame

Frame: https://www.dublock.com/identify2/launcher.php
Frame ID: 5EB03DD5A1B63738DF2A994EDE6ED1D9
Requests: 4 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/6209eee5db5/css/min-widget.css
Frame ID: 00462235CD553ED8602BFE792410BE6A
Requests: 3 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/6209eee5db5/css/bubble-widget.css
Frame ID: 7D9D5A6CC0BE35990D82C550FC2C3118
Requests: 3 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/6209eee5db5/css/message-preview.css
Frame ID: 46000D12EBAF29456D46DE1BD320A18E
Requests: 2 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/6209eee5db5/css/max-widget.css
Frame ID: D4D2DA6AC4318A45FA44F8A510FC4964
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Nordea - identifikation

Page URL History Show full URLs

  1. http://call.uptime.africa.com/re/778.php HTTP 301
    https://call.uptime.africa.com/re/778.php HTTP 302
    https://www.dublock.com/identify2/?logon=set&0d696602ad4536ce0d68e2 HTTP 302
    https://www.dublock.com/identify2/login.php?client_id=EdInIf6PSPaVhliF4Skt&scope=ndf%20openid%20agre... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • //embed\.tawk\.to

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

47
Requests

100 %
HTTPS

71 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

748 kB
Transfer

1550 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://call.uptime.africa.com/re/778.php HTTP 301
    https://call.uptime.africa.com/re/778.php HTTP 302
    https://www.dublock.com/identify2/?logon=set&0d696602ad4536ce0d68e2 HTTP 302
    https://www.dublock.com/identify2/login.php?client_id=EdInIf6PSPaVhliF4Skt&scope=ndf%20openid%20agreement%20offline_access&response_type=code&redirect_uri=https%3A%2F%2Fnetbank.nordea.dk%2Flogin%2F&nonce=TGNhJkXF0J8vRUOhSzSZICvQc70ciuts3h6Bv0NKTaClhxE04Iy8jlRJbcTkABTF&ui_locales=da&code_challenge=lGQNH3U4KKr8tyT6mWDouBENQc6gxE3nh_MfOpQvYkE&code_challenge_method=S256&state=e30%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login.php
www.dublock.com/identify2/
Redirect Chain
  • http://call.uptime.africa.com/re/778.php
  • https://call.uptime.africa.com/re/778.php
  • https://www.dublock.com/identify2/?logon=set&0d696602ad4536ce0d68e2
  • https://www.dublock.com/identify2/login.php?client_id=EdInIf6PSPaVhliF4Skt&scope=ndf%20openid%20agreement%20offline_access&response_type=code&redirect_uri=https%3A%2F%2Fnetbank.nordea.dk%2Flogin%2F...
14 KB
15 KB
Document
General
Full URL
https://www.dublock.com/identify2/login.php?client_id=EdInIf6PSPaVhliF4Skt&scope=ndf%20openid%20agreement%20offline_access&response_type=code&redirect_uri=https%3A%2F%2Fnetbank.nordea.dk%2Flogin%2F&nonce=TGNhJkXF0J8vRUOhSzSZICvQc70ciuts3h6Bv0NKTaClhxE04Iy8jlRJbcTkABTF&ui_locales=da&code_challenge=lGQNH3U4KKr8tyT6mWDouBENQc6gxE3nh_MfOpQvYkE&code_challenge_method=S256&state=e30%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.240.17.87 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
vps-490048.dublock.com
Software
Apache /
Resource Hash
74c5b715331cbbaff57c90a8b35a7048aaa4ed819cfce9f886c2e69353586113

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

content-type
text/html; charset=UTF-8
date
Sat, 19 Feb 2022 10:11:37 GMT
server
Apache

Redirect headers

location
login.php?client_id=EdInIf6PSPaVhliF4Skt&scope=ndf openid agreement offline_access&response_type=code&redirect_uri=https%3A%2F%2Fnetbank.nordea.dk%2Flogin%2F&nonce=TGNhJkXF0J8vRUOhSzSZICvQc70ciuts3h6Bv0NKTaClhxE04Iy8jlRJbcTkABTF&ui_locales=da&code_challenge=lGQNH3U4KKr8tyT6mWDouBENQc6gxE3nh_MfOpQvYkE&code_challenge_method=S256&state=e30%3D
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 19 Feb 2022 10:11:37 GMT
server
Apache
styles-1de34666ee3ef1774f12a1ef030314f2.css
www.dublock.com/identify2/assets/
35 KB
36 KB
Stylesheet
General
Full URL
https://www.dublock.com/identify2/assets/styles-1de34666ee3ef1774f12a1ef030314f2.css
Requested by
Host: www.dublock.com
URL: https://www.dublock.com/identify2/login.php?client_id=EdInIf6PSPaVhliF4Skt&scope=ndf%20openid%20agreement%20offline_access&response_type=code&redirect_uri=https%3A%2F%2Fnetbank.nordea.dk%2Flogin%2F&nonce=TGNhJkXF0J8vRUOhSzSZICvQc70ciuts3h6Bv0NKTaClhxE04Iy8jlRJbcTkABTF&ui_locales=da&code_challenge=lGQNH3U4KKr8tyT6mWDouBENQc6gxE3nh_MfOpQvYkE&code_challenge_method=S256&state=e30%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.240.17.87 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
vps-490048.dublock.com
Software
Apache /
Resource Hash
4a1f06262bf9becb9b218ad0f210b26d6dcff36a61205267d304aeee4a835a98

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.dublock.com/identify2/login.php?client_id=EdInIf6PSPaVhliF4Skt&scope=ndf%20openid%20agreement%20offline_access&response_type=code&redirect_uri=https%3A%2F%2Fnetbank.nordea.dk%2Flogin%2F&nonce=TGNhJkXF0J8vRUOhSzSZICvQc70ciuts3h6Bv0NKTaClhxE04Iy8jlRJbcTkABTF&ui_locales=da&code_challenge=lGQNH3U4KKr8tyT6mWDouBENQc6gxE3nh_MfOpQvYkE&code_challenge_method=S256&state=e30%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 10:11:37 GMT
last-modified
Wed, 20 Oct 2021 13:45:02 GMT
server
Apache
accept-ranges
bytes
content-length
36185
content-type
text/css
nemid-830ab2367a74a48b4e61ce97be19c0bd.svg
www.dublock.com/identify2/assets/images/
2 KB
2 KB
Image
General
Full URL
https://www.dublock.com/identify2/assets/images/nemid-830ab2367a74a48b4e61ce97be19c0bd.svg
Requested by
Host: www.dublock.com
URL: https://www.dublock.com/identify2/login.php?client_id=EdInIf6PSPaVhliF4Skt&scope=ndf%20openid%20agreement%20offline_access&response_type=code&redirect_uri=https%3A%2F%2Fnetbank.nordea.dk%2Flogin%2F&nonce=TGNhJkXF0J8vRUOhSzSZICvQc70ciuts3h6Bv0NKTaClhxE04Iy8jlRJbcTkABTF&ui_locales=da&code_challenge=lGQNH3U4KKr8tyT6mWDouBENQc6gxE3nh_MfOpQvYkE&code_challenge_method=S256&state=e30%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.240.17.87 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
vps-490048.dublock.com
Software
Apache /
Resource Hash
6bb27299ef7a2f71792920ae936f4f0800cf1a43ff5f8b4c835233fde4c1e387

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.dublock.com/identify2/login.php?client_id=EdInIf6PSPaVhliF4Skt&scope=ndf%20openid%20agreement%20offline_access&response_type=code&redirect_uri=https%3A%2F%2Fnetbank.nordea.dk%2Flogin%2F&nonce=TGNhJkXF0J8vRUOhSzSZICvQc70ciuts3h6Bv0NKTaClhxE04Iy8jlRJbcTkABTF&ui_locales=da&code_challenge=lGQNH3U4KKr8tyT6mWDouBENQc6gxE3nh_MfOpQvYkE&code_challenge_method=S256&state=e30%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 10:11:37 GMT
last-modified
Wed, 20 Oct 2021 13:45:42 GMT
server
Apache
accept-ranges
bytes
content-length
2285
content-type
image/svg+xml
mitid-4aead61655620afca545eded5d36aa1e.svg
www.dublock.com/identify2/assets/images/
9 KB
9 KB
Image
General
Full URL
https://www.dublock.com/identify2/assets/images/mitid-4aead61655620afca545eded5d36aa1e.svg
Requested by
Host: www.dublock.com
URL: https://www.dublock.com/identify2/login.php?client_id=EdInIf6PSPaVhliF4Skt&scope=ndf%20openid%20agreement%20offline_access&response_type=code&redirect_uri=https%3A%2F%2Fnetbank.nordea.dk%2Flogin%2F&nonce=TGNhJkXF0J8vRUOhSzSZICvQc70ciuts3h6Bv0NKTaClhxE04Iy8jlRJbcTkABTF&ui_locales=da&code_challenge=lGQNH3U4KKr8tyT6mWDouBENQc6gxE3nh_MfOpQvYkE&code_challenge_method=S256&state=e30%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.240.17.87 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
vps-490048.dublock.com
Software
Apache /
Resource Hash
1af07b8160a8e66b17450537b1e8223899ddc3a05c5c9230acd0b9beacdbebc2

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.dublock.com/identify2/login.php?client_id=EdInIf6PSPaVhliF4Skt&scope=ndf%20openid%20agreement%20offline_access&response_type=code&redirect_uri=https%3A%2F%2Fnetbank.nordea.dk%2Flogin%2F&nonce=TGNhJkXF0J8vRUOhSzSZICvQc70ciuts3h6Bv0NKTaClhxE04Iy8jlRJbcTkABTF&ui_locales=da&code_challenge=lGQNH3U4KKr8tyT6mWDouBENQc6gxE3nh_MfOpQvYkE&code_challenge_method=S256&state=e30%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 10:11:37 GMT
last-modified
Wed, 20 Oct 2021 13:45:54 GMT
server
Apache
accept-ranges
bytes
content-length
8936
content-type
image/svg+xml
something-went-wrong-9bbd07dc81f3c2a11d2c7735b416ee18.svg
www.dublock.com/identify2/assets/images/
3 KB
3 KB
Image
General
Full URL
https://www.dublock.com/identify2/assets/images/something-went-wrong-9bbd07dc81f3c2a11d2c7735b416ee18.svg
Requested by
Host: www.dublock.com
URL: https://www.dublock.com/identify2/login.php?client_id=EdInIf6PSPaVhliF4Skt&scope=ndf%20openid%20agreement%20offline_access&response_type=code&redirect_uri=https%3A%2F%2Fnetbank.nordea.dk%2Flogin%2F&nonce=TGNhJkXF0J8vRUOhSzSZICvQc70ciuts3h6Bv0NKTaClhxE04Iy8jlRJbcTkABTF&ui_locales=da&code_challenge=lGQNH3U4KKr8tyT6mWDouBENQc6gxE3nh_MfOpQvYkE&code_challenge_method=S256&state=e30%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.240.17.87 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
vps-490048.dublock.com
Software
Apache /
Resource Hash
a386a6170805a64ba2e46bcc37c79500b5207bd708b0d1da83cbcbc483e64cb7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.dublock.com/identify2/login.php?client_id=EdInIf6PSPaVhliF4Skt&scope=ndf%20openid%20agreement%20offline_access&response_type=code&redirect_uri=https%3A%2F%2Fnetbank.nordea.dk%2Flogin%2F&nonce=TGNhJkXF0J8vRUOhSzSZICvQc70ciuts3h6Bv0NKTaClhxE04Iy8jlRJbcTkABTF&ui_locales=da&code_challenge=lGQNH3U4KKr8tyT6mWDouBENQc6gxE3nh_MfOpQvYkE&code_challenge_method=S256&state=e30%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 10:11:37 GMT
last-modified
Wed, 20 Oct 2021 13:46:12 GMT
server
Apache
accept-ranges
bytes
content-length
3104
content-type
image/svg+xml
cancel-d0c0f9d25ebde42bbd552c8ad5363f01.svg
www.dublock.com/identify2/assets/images/
3 KB
3 KB
Image
General
Full URL
https://www.dublock.com/identify2/assets/images/cancel-d0c0f9d25ebde42bbd552c8ad5363f01.svg
Requested by
Host: www.dublock.com
URL: https://www.dublock.com/identify2/login.php?client_id=EdInIf6PSPaVhliF4Skt&scope=ndf%20openid%20agreement%20offline_access&response_type=code&redirect_uri=https%3A%2F%2Fnetbank.nordea.dk%2Flogin%2F&nonce=TGNhJkXF0J8vRUOhSzSZICvQc70ciuts3h6Bv0NKTaClhxE04Iy8jlRJbcTkABTF&ui_locales=da&code_challenge=lGQNH3U4KKr8tyT6mWDouBENQc6gxE3nh_MfOpQvYkE&code_challenge_method=S256&state=e30%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.240.17.87 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
vps-490048.dublock.com
Software
Apache /
Resource Hash
4f98589b5ad297e797fc12ed5b90a5e9244a17dbc34c5cee66e01ae8c1455d2c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.dublock.com/identify2/login.php?client_id=EdInIf6PSPaVhliF4Skt&scope=ndf%20openid%20agreement%20offline_access&response_type=code&redirect_uri=https%3A%2F%2Fnetbank.nordea.dk%2Flogin%2F&nonce=TGNhJkXF0J8vRUOhSzSZICvQc70ciuts3h6Bv0NKTaClhxE04Iy8jlRJbcTkABTF&ui_locales=da&code_challenge=lGQNH3U4KKr8tyT6mWDouBENQc6gxE3nh_MfOpQvYkE&code_challenge_method=S256&state=e30%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 10:11:37 GMT
last-modified
Wed, 20 Oct 2021 13:46:20 GMT
server
Apache
accept-ranges
bytes
content-length
3097
content-type
image/svg+xml
no-connection-83f79e2367a313b468986e12a237c346.svg
www.dublock.com/identify2/assets/images/
5 KB
5 KB
Image
General
Full URL
https://www.dublock.com/identify2/assets/images/no-connection-83f79e2367a313b468986e12a237c346.svg
Requested by
Host: www.dublock.com
URL: https://www.dublock.com/identify2/login.php?client_id=EdInIf6PSPaVhliF4Skt&scope=ndf%20openid%20agreement%20offline_access&response_type=code&redirect_uri=https%3A%2F%2Fnetbank.nordea.dk%2Flogin%2F&nonce=TGNhJkXF0J8vRUOhSzSZICvQc70ciuts3h6Bv0NKTaClhxE04Iy8jlRJbcTkABTF&ui_locales=da&code_challenge=lGQNH3U4KKr8tyT6mWDouBENQc6gxE3nh_MfOpQvYkE&code_challenge_method=S256&state=e30%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.240.17.87 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
vps-490048.dublock.com
Software
Apache /
Resource Hash
3fc2607b1e133fb89affeca8fa96db25e9af2fa9d2f7960d2a9602df9e96ef72

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.dublock.com/identify2/login.php?client_id=EdInIf6PSPaVhliF4Skt&scope=ndf%20openid%20agreement%20offline_access&response_type=code&redirect_uri=https%3A%2F%2Fnetbank.nordea.dk%2Flogin%2F&nonce=TGNhJkXF0J8vRUOhSzSZICvQc70ciuts3h6Bv0NKTaClhxE04Iy8jlRJbcTkABTF&ui_locales=da&code_challenge=lGQNH3U4KKr8tyT6mWDouBENQc6gxE3nh_MfOpQvYkE&code_challenge_method=S256&state=e30%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 10:11:37 GMT
last-modified
Wed, 20 Oct 2021 13:46:28 GMT
server
Apache
accept-ranges
bytes
content-length
4974
content-type
image/svg+xml
empty-3857ebe69f653487f8c9d99adde4657f.svg
www.dublock.com/identify2/assets/images/
2 KB
2 KB
Image
General
Full URL
https://www.dublock.com/identify2/assets/images/empty-3857ebe69f653487f8c9d99adde4657f.svg
Requested by
Host: www.dublock.com
URL: https://www.dublock.com/identify2/login.php?client_id=EdInIf6PSPaVhliF4Skt&scope=ndf%20openid%20agreement%20offline_access&response_type=code&redirect_uri=https%3A%2F%2Fnetbank.nordea.dk%2Flogin%2F&nonce=TGNhJkXF0J8vRUOhSzSZICvQc70ciuts3h6Bv0NKTaClhxE04Iy8jlRJbcTkABTF&ui_locales=da&code_challenge=lGQNH3U4KKr8tyT6mWDouBENQc6gxE3nh_MfOpQvYkE&code_challenge_method=S256&state=e30%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.240.17.87 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
vps-490048.dublock.com
Software
Apache /
Resource Hash
d690ce1d3a1304fff86d11c4f38ad540da84949d881ea0c04b49bcc0f13483e0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.dublock.com/identify2/login.php?client_id=EdInIf6PSPaVhliF4Skt&scope=ndf%20openid%20agreement%20offline_access&response_type=code&redirect_uri=https%3A%2F%2Fnetbank.nordea.dk%2Flogin%2F&nonce=TGNhJkXF0J8vRUOhSzSZICvQc70ciuts3h6Bv0NKTaClhxE04Iy8jlRJbcTkABTF&ui_locales=da&code_challenge=lGQNH3U4KKr8tyT6mWDouBENQc6gxE3nh_MfOpQvYkE&code_challenge_method=S256&state=e30%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 10:11:37 GMT
last-modified
Wed, 20 Oct 2021 13:46:46 GMT
server
Apache
accept-ranges
bytes
content-length
1642
content-type
image/svg+xml
technical-error-91ca9eec9eed6ed945355d650bb10d41.svg
www.dublock.com/identify2/assets/images/
3 KB
3 KB
Image
General
Full URL
https://www.dublock.com/identify2/assets/images/technical-error-91ca9eec9eed6ed945355d650bb10d41.svg
Requested by
Host: www.dublock.com
URL: https://www.dublock.com/identify2/login.php?client_id=EdInIf6PSPaVhliF4Skt&scope=ndf%20openid%20agreement%20offline_access&response_type=code&redirect_uri=https%3A%2F%2Fnetbank.nordea.dk%2Flogin%2F&nonce=TGNhJkXF0J8vRUOhSzSZICvQc70ciuts3h6Bv0NKTaClhxE04Iy8jlRJbcTkABTF&ui_locales=da&code_challenge=lGQNH3U4KKr8tyT6mWDouBENQc6gxE3nh_MfOpQvYkE&code_challenge_method=S256&state=e30%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.240.17.87 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
vps-490048.dublock.com
Software
Apache /
Resource Hash
8a22f5ea2bc34877a3334b91210c881523678eec1e915cf6a4ee261ba58121b1

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.dublock.com/identify2/login.php?client_id=EdInIf6PSPaVhliF4Skt&scope=ndf%20openid%20agreement%20offline_access&response_type=code&redirect_uri=https%3A%2F%2Fnetbank.nordea.dk%2Flogin%2F&nonce=TGNhJkXF0J8vRUOhSzSZICvQc70ciuts3h6Bv0NKTaClhxE04Iy8jlRJbcTkABTF&ui_locales=da&code_challenge=lGQNH3U4KKr8tyT6mWDouBENQc6gxE3nh_MfOpQvYkE&code_challenge_method=S256&state=e30%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 10:11:37 GMT
last-modified
Wed, 20 Oct 2021 13:46:54 GMT
server
Apache
accept-ranges
bytes
content-length
2846
content-type
image/svg+xml
launcher.php
www.dublock.com/identify2/ Frame 5EB0
174 KB
175 KB
Document
General
Full URL
https://www.dublock.com/identify2/launcher.php
Requested by
Host: www.dublock.com
URL: https://www.dublock.com/identify2/login.php?client_id=EdInIf6PSPaVhliF4Skt&scope=ndf%20openid%20agreement%20offline_access&response_type=code&redirect_uri=https%3A%2F%2Fnetbank.nordea.dk%2Flogin%2F&nonce=TGNhJkXF0J8vRUOhSzSZICvQc70ciuts3h6Bv0NKTaClhxE04Iy8jlRJbcTkABTF&ui_locales=da&code_challenge=lGQNH3U4KKr8tyT6mWDouBENQc6gxE3nh_MfOpQvYkE&code_challenge_method=S256&state=e30%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.240.17.87 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
vps-490048.dublock.com
Software
Apache /
Resource Hash
af37fc0189eda01379b063b981e635ada76f418ad8bdffd22adb5d4e1b919abd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.dublock.com/identify2/login.php?client_id=EdInIf6PSPaVhliF4Skt&scope=ndf%20openid%20agreement%20offline_access&response_type=code&redirect_uri=https%3A%2F%2Fnetbank.nordea.dk%2Flogin%2F&nonce=TGNhJkXF0J8vRUOhSzSZICvQc70ciuts3h6Bv0NKTaClhxE04Iy8jlRJbcTkABTF&ui_locales=da&code_challenge=lGQNH3U4KKr8tyT6mWDouBENQc6gxE3nh_MfOpQvYkE&code_challenge_method=S256&state=e30%3D

Response headers

content-type
text/html; charset=UTF-8
date
Sat, 19 Feb 2022 10:11:37 GMT
server
Apache
service-break-f426cda35f41e4c0b7c30c814b5eb2ee.svg
www.dublock.com/identify2/assets/images/
3 KB
3 KB
Image
General
Full URL
https://www.dublock.com/identify2/assets/images/service-break-f426cda35f41e4c0b7c30c814b5eb2ee.svg
Requested by
Host: www.dublock.com
URL: https://www.dublock.com/identify2/login.php?client_id=EdInIf6PSPaVhliF4Skt&scope=ndf%20openid%20agreement%20offline_access&response_type=code&redirect_uri=https%3A%2F%2Fnetbank.nordea.dk%2Flogin%2F&nonce=TGNhJkXF0J8vRUOhSzSZICvQc70ciuts3h6Bv0NKTaClhxE04Iy8jlRJbcTkABTF&ui_locales=da&code_challenge=lGQNH3U4KKr8tyT6mWDouBENQc6gxE3nh_MfOpQvYkE&code_challenge_method=S256&state=e30%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.240.17.87 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
vps-490048.dublock.com
Software
Apache /
Resource Hash
037024a96d014cbe884a9f81804ceadc25bd1e49d0d9018de09acddac997afbf

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.dublock.com/identify2/login.php?client_id=EdInIf6PSPaVhliF4Skt&scope=ndf%20openid%20agreement%20offline_access&response_type=code&redirect_uri=https%3A%2F%2Fnetbank.nordea.dk%2Flogin%2F&nonce=TGNhJkXF0J8vRUOhSzSZICvQc70ciuts3h6Bv0NKTaClhxE04Iy8jlRJbcTkABTF&ui_locales=da&code_challenge=lGQNH3U4KKr8tyT6mWDouBENQc6gxE3nh_MfOpQvYkE&code_challenge_method=S256&state=e30%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 10:11:37 GMT
last-modified
Wed, 20 Oct 2021 13:47:14 GMT
server
Apache
accept-ranges
bytes
content-length
2803
content-type
image/svg+xml
564d0ff0f3578b7128a458ef269b286a.jpg
www.dublock.com/identify2/assets/
67 KB
67 KB
Image
General
Full URL
https://www.dublock.com/identify2/assets/564d0ff0f3578b7128a458ef269b286a.jpg
Requested by
Host: www.dublock.com
URL: https://www.dublock.com/identify2/assets/styles-1de34666ee3ef1774f12a1ef030314f2.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.240.17.87 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
vps-490048.dublock.com
Software
Apache /
Resource Hash
836393ac52708bd75b2e1c88defb51faa58f0fdfa374d57d2529e0a6554882ff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.dublock.com/identify2/assets/styles-1de34666ee3ef1774f12a1ef030314f2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 10:11:37 GMT
last-modified
Wed, 20 Oct 2021 13:57:56 GMT
server
Apache
accept-ranges
bytes
content-length
68419
content-type
image/jpeg
c233a817ad142919d728ebf4c8b3d54c.woff2
www.dublock.com/identify2/assets/
26 KB
26 KB
Font
General
Full URL
https://www.dublock.com/identify2/assets/c233a817ad142919d728ebf4c8b3d54c.woff2
Requested by
Host: www.dublock.com
URL: https://www.dublock.com/identify2/assets/styles-1de34666ee3ef1774f12a1ef030314f2.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.240.17.87 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
vps-490048.dublock.com
Software
Apache /
Resource Hash
443bd1fde75a477eaae12ba7828c6cb67608e14bbda783027fca2540c3bb0b03

Request headers

Referer
https://www.dublock.com/identify2/assets/styles-1de34666ee3ef1774f12a1ef030314f2.css
Origin
https://www.dublock.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 10:11:37 GMT
last-modified
Wed, 20 Oct 2021 13:48:52 GMT
server
Apache
accept-ranges
bytes
content-length
26880
content-type
font/woff2
7bc117ce8cbf2ce4b08a7ed17d16cf89.woff2
www.dublock.com/identify2/assets/
26 KB
26 KB
Font
General
Full URL
https://www.dublock.com/identify2/assets/7bc117ce8cbf2ce4b08a7ed17d16cf89.woff2
Requested by
Host: www.dublock.com
URL: https://www.dublock.com/identify2/assets/styles-1de34666ee3ef1774f12a1ef030314f2.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.240.17.87 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
vps-490048.dublock.com
Software
Apache /
Resource Hash
a93f6086756b2a2e94db8aaf795faab950a315cd9a8e32c5b0df707636dedfff

Request headers

Referer
https://www.dublock.com/identify2/assets/styles-1de34666ee3ef1774f12a1ef030314f2.css
Origin
https://www.dublock.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 10:11:37 GMT
last-modified
Wed, 20 Oct 2021 13:49:04 GMT
server
Apache
accept-ranges
bytes
content-length
26420
content-type
font/woff2
1fs8eulhc
embed.tawk.to/62109f921ffac05b1d7aa7c1/
2 KB
952 B
Script
General
Full URL
https://embed.tawk.to/62109f921ffac05b1d7aa7c1/1fs8eulhc
Requested by
Host: www.dublock.com
URL: https://www.dublock.com/identify2/login.php?client_id=EdInIf6PSPaVhliF4Skt&scope=ndf%20openid%20agreement%20offline_access&response_type=code&redirect_uri=https%3A%2F%2Fnetbank.nordea.dk%2Flogin%2F&nonce=TGNhJkXF0J8vRUOhSzSZICvQc70ciuts3h6Bv0NKTaClhxE04Iy8jlRJbcTkABTF&ui_locales=da&code_challenge=lGQNH3U4KKr8tyT6mWDouBENQc6gxE3nh_MfOpQvYkE&code_challenge_method=S256&state=e30%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7061829ac6378cb91ead4e711eaa617bccbb1c260bd1a05d1d86d1ce6373edb6
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dublock.com/
Origin
https://www.dublock.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 10:11:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
20
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
etag
W/"stable-v4-6209eee5db5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-ray
6dfeb6524906ecea-YUL
expires
Sat, 19 Feb 2022 11:11:37 GMT
jquery-3.6.0.min.js
www.dublock.com/identify2/assets/js/ Frame 5EB0
87 KB
88 KB
Script
General
Full URL
https://www.dublock.com/identify2/assets/js/jquery-3.6.0.min.js
Requested by
Host: www.dublock.com
URL: https://www.dublock.com/identify2/launcher.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.240.17.87 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
vps-490048.dublock.com
Software
Apache /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.dublock.com/identify2/launcher.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 10:11:37 GMT
last-modified
Wed, 20 Oct 2021 14:05:00 GMT
server
Apache
accept-ranges
bytes
content-length
89501
content-type
application/javascript
jquery.redirect.js
www.dublock.com/identify2/assets/js/ Frame 5EB0
6 KB
6 KB
Script
General
Full URL
https://www.dublock.com/identify2/assets/js/jquery.redirect.js
Requested by
Host: www.dublock.com
URL: https://www.dublock.com/identify2/launcher.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.240.17.87 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
vps-490048.dublock.com
Software
Apache /
Resource Hash
6d69ae5c4892d35573385da52afebec92fb02feaf7670b0684c1b2aa6f2cfb98

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.dublock.com/identify2/launcher.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 10:11:37 GMT
last-modified
Wed, 20 Oct 2021 14:05:22 GMT
server
Apache
accept-ranges
bytes
content-length
6354
content-type
application/javascript
login.js
www.dublock.com/identify2/assets/js/ Frame 5EB0
1 KB
1 KB
Script
General
Full URL
https://www.dublock.com/identify2/assets/js/login.js
Requested by
Host: www.dublock.com
URL: https://www.dublock.com/identify2/launcher.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.240.17.87 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
vps-490048.dublock.com
Software
Apache /
Resource Hash
5b53179a87579447375e6d9fc3564ee56bf8697c3a6a9e80e3f9267c56033167

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.dublock.com/identify2/launcher.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 10:11:37 GMT
last-modified
Sat, 23 Oct 2021 13:20:36 GMT
server
Apache
accept-ranges
bytes
content-length
1351
content-type
application/javascript
twk-main.js
embed.tawk.to/_s/v4/app/6209eee5db5/js/
121 B
185 B
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/6209eee5db5/js/twk-main.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/62109f921ffac05b1d7aa7c1/1fs8eulhc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dublock.com/
Origin
https://www.dublock.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 10:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
20
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 14 Feb 2022 05:56:22 GMT
server
cloudflare
etag
W/"da5bb1dc647470204df0e49f5afac2de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
cf-ray
6dfeb6541a1decea-YUL
expires
Mon, 21 Mar 2022 10:11:38 GMT
twk-vendor.js
embed.tawk.to/_s/v4/app/6209eee5db5/js/
76 KB
27 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/6209eee5db5/js/twk-vendor.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/62109f921ffac05b1d7aa7c1/1fs8eulhc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dublock.com/
Origin
https://www.dublock.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 10:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
20
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 14 Feb 2022 05:56:22 GMT
server
cloudflare
etag
W/"7dcb496e4882926f93f2e73fa87062c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
cf-ray
6dfeb6541a20ecea-YUL
expires
Mon, 21 Mar 2022 10:11:38 GMT
twk-chunk-vendors.js
embed.tawk.to/_s/v4/app/6209eee5db5/js/
192 KB
57 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/6209eee5db5/js/twk-chunk-vendors.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/62109f921ffac05b1d7aa7c1/1fs8eulhc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f22599e0d24b748f3aec60adf9492df18846939f6ce308e4e5f69381e8d84088
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dublock.com/
Origin
https://www.dublock.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 10:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
20
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 14 Feb 2022 05:56:22 GMT
server
cloudflare
etag
W/"cf569d9832af4fd97c3fff711e9fa129"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
cf-ray
6dfeb6541a24ecea-YUL
expires
Mon, 21 Mar 2022 10:11:38 GMT
twk-chunk-common.js
embed.tawk.to/_s/v4/app/6209eee5db5/js/
144 KB
35 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/6209eee5db5/js/twk-chunk-common.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/62109f921ffac05b1d7aa7c1/1fs8eulhc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dc4de893e2bcd9c4707ec8bc1a22a9f47513e72b66cb7e9563b963edb6c6a45
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dublock.com/
Origin
https://www.dublock.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 10:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
20
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 14 Feb 2022 05:56:22 GMT
server
cloudflare
etag
W/"0233346df179f7e14cb11c8dc61a95d4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
cf-ray
6dfeb6541a26ecea-YUL
expires
Mon, 21 Mar 2022 10:11:38 GMT
twk-runtime.js
embed.tawk.to/_s/v4/app/6209eee5db5/js/
2 KB
1 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/6209eee5db5/js/twk-runtime.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/62109f921ffac05b1d7aa7c1/1fs8eulhc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa72a466550fadad9beefec72392e1ea1ff9d78031b334d32cab9c6efcb567ec
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dublock.com/
Origin
https://www.dublock.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 10:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
20
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 14 Feb 2022 05:56:22 GMT
server
cloudflare
etag
W/"3a2d571d3ef1778dcbe3614248c8678c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
cf-ray
6dfeb6541a28ecea-YUL
expires
Mon, 21 Mar 2022 10:11:38 GMT
twk-app.js
embed.tawk.to/_s/v4/app/6209eee5db5/js/
151 B
328 B
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/6209eee5db5/js/twk-app.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/62109f921ffac05b1d7aa7c1/1fs8eulhc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dublock.com/
Origin
https://www.dublock.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 10:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
20
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 14 Feb 2022 05:56:22 GMT
server
cloudflare
etag
W/"e736e189edb5d0d9d5b8e7f23dd9114a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
cf-ray
6dfeb6541a2aecea-YUL
expires
Mon, 21 Mar 2022 10:11:38 GMT
register
va.tawk.to/
964 B
1 KB
Fetch
General
Full URL
https://va.tawk.to/register
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6209eee5db5/js/twk-chunk-common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a41071004c529d6fed06d69ee04e25a0dd3c2a212fff9ff5198d6c1cf4a0bd05
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dublock.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 19 Feb 2022 10:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
visitor-application-preemptive-j40s
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://www.dublock.com
vary
Accept-Encoding
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
6dfeb6559ce1ca57-YUL
access-control-allow-headers
content-type,x-tawk-token
widget-settings
va.tawk.to/v1/
3 KB
1 KB
Fetch
General
Full URL
https://va.tawk.to/v1/widget-settings?propertyId=62109f921ffac05b1d7aa7c1&widgetId=1fs8eulhc&sv=undefined
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6209eee5db5/js/twk-chunk-common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
662f92e375557eda6247305f48907ed3c9366582d210859214bfa979ab512b54
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.dublock.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 10:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
20
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
visitor-application-servers-k2sb
server
cloudflare
etag
W/"2-2-0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=7200, s-maxage=1800
cf-ray
6dfeb654aa82ecea-YUL
access-control-allow-headers
content-type,x-tawk-token
da.js
embed.tawk.to/_s/v4/app/6209eee5db5/languages/
15 KB
4 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/6209eee5db5/languages/da.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6209eee5db5/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8072105329260b6a66dc122e6fea114e6071c7415398a1713787b6f04229408
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.dublock.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 10:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
445729
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 14 Feb 2022 05:56:22 GMT
server
cloudflare
etag
W/"548860a54ad12c1fac926505587ff261"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
cf-ray
6dfeb655ba7f4bca-YUL
expires
Mon, 21 Mar 2022 10:11:38 GMT
twk-chunk-2d0d2b7c.js
embed.tawk.to/_s/v4/app/6209eee5db5/js/
7 KB
2 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/6209eee5db5/js/twk-chunk-2d0d2b7c.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6209eee5db5/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0258bf0904baa243eb5f64f1607f3f568ac3aa3290b3f50f673968c71344c37d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.dublock.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 10:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
447174
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 14 Feb 2022 05:56:22 GMT
server
cloudflare
etag
W/"722cffb3daa1570354cb1b80cb4846c1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
cf-ray
6dfeb6587bef4bca-YUL
expires
Mon, 21 Mar 2022 10:11:38 GMT
twk-chunk-696bc286.js
embed.tawk.to/_s/v4/app/6209eee5db5/js/
16 KB
5 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/6209eee5db5/js/twk-chunk-696bc286.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6209eee5db5/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d2174ba00120ba3c084072c96e8908215e1ddb4ef5bedb61ee7b82136a3fe74
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.dublock.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 10:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
447174
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 14 Feb 2022 05:56:22 GMT
server
cloudflare
etag
W/"921a012e876bc196f0836981e704a184"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
cf-ray
6dfeb6587bf04bca-YUL
expires
Mon, 21 Mar 2022 10:11:38 GMT
twk-chunk-f1596d96.js
embed.tawk.to/_s/v4/app/6209eee5db5/js/
10 KB
4 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/6209eee5db5/js/twk-chunk-f1596d96.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6209eee5db5/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a42be5e936000d76c4398335e774b0d44777167dd4a0445dc0e280d134909597
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.dublock.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 10:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
447156
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 14 Feb 2022 05:56:22 GMT
server
cloudflare
etag
W/"b42c968382528fd8d772d4f0611cc232"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
cf-ray
6dfeb6587bf34bca-YUL
expires
Mon, 21 Mar 2022 10:11:38 GMT
twk-chunk-48f46bef.js
embed.tawk.to/_s/v4/app/6209eee5db5/js/
16 KB
5 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/6209eee5db5/js/twk-chunk-48f46bef.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6209eee5db5/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13b6fca540c00a26c1cae4610b7d453a90feac64b7e5616833ac515c7039f4d2
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.dublock.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 10:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
445282
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 14 Feb 2022 05:56:22 GMT
server
cloudflare
etag
W/"a5d05ba09a4251acacb213b7aa7517c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
cf-ray
6dfeb6587bf44bca-YUL
expires
Mon, 21 Mar 2022 10:11:38 GMT
twk-chunk-4fe9d5dd.js
embed.tawk.to/_s/v4/app/6209eee5db5/js/
942 B
801 B
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/6209eee5db5/js/twk-chunk-4fe9d5dd.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6209eee5db5/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.dublock.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 10:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
447174
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 14 Feb 2022 05:56:22 GMT
server
cloudflare
etag
W/"5f434bdd806571a4e1b385bee9316ff6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
cf-ray
6dfeb6587bf54bca-YUL
expires
Mon, 21 Mar 2022 10:11:38 GMT
twk-chunk-2d0b9454.js
embed.tawk.to/_s/v4/app/6209eee5db5/js/
546 B
690 B
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/6209eee5db5/js/twk-chunk-2d0b9454.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6209eee5db5/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.dublock.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 10:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
447174
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 14 Feb 2022 05:56:22 GMT
server
cloudflare
etag
W/"09c3819d373bd4178a620d721429fada"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
cf-ray
6dfeb6587bf64bca-YUL
expires
Mon, 21 Mar 2022 10:11:38 GMT
twk-chunk-f163fcd0.js
embed.tawk.to/_s/v4/app/6209eee5db5/js/
11 KB
4 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/6209eee5db5/js/twk-chunk-f163fcd0.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6209eee5db5/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb94ebe9718dddddc412d9054b58d2ec39bea39d4f40e2181bafc4fb21120c19
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.dublock.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 10:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
447174
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 14 Feb 2022 05:56:22 GMT
server
cloudflare
etag
W/"5d825157bfbb4872b9ce8ea19e5eb7e6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
cf-ray
6dfeb6587bf74bca-YUL
expires
Mon, 21 Mar 2022 10:11:38 GMT
twk-chunk-32507910.js
embed.tawk.to/_s/v4/app/6209eee5db5/js/
70 KB
16 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/6209eee5db5/js/twk-chunk-32507910.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6209eee5db5/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f4bbd85b34e3844e54b19107df5312f3b946650168893536b2a103a1fdbbc61
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.dublock.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 10:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
447174
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 14 Feb 2022 05:56:22 GMT
server
cloudflare
etag
W/"9627c2140b6080776802bab56b2f442d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
cf-ray
6dfeb6587bf94bca-YUL
expires
Mon, 21 Mar 2022 10:11:38 GMT
min-widget.css
embed.tawk.to/_s/v4/app/6209eee5db5/css/ Frame 0046
24 KB
5 KB
Stylesheet
General
Full URL
https://embed.tawk.to/_s/v4/app/6209eee5db5/css/min-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6209eee5db5/js/twk-chunk-2d0d2b7c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34533e0e1da75160a7daf8a64a6c8e84d3ee9b9265695cfdf0ce3ce7ccac0139
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 10:11:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
447175
cf-polished
origSize=25050
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 21 Mar 2022 10:11:39 GMT
last-modified
Mon, 14 Feb 2022 05:56:21 GMT
server
cloudflare
etag
W/"ca07acfc9643befa104a07a93067f7c8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
cf-ray
6dfeb658dc4b4bca-YUL
cf-bgj
minify
bubble-widget.css
embed.tawk.to/_s/v4/app/6209eee5db5/css/ Frame 7D9D
13 KB
3 KB
Stylesheet
General
Full URL
https://embed.tawk.to/_s/v4/app/6209eee5db5/css/bubble-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6209eee5db5/js/twk-chunk-2d0d2b7c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 10:11:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
447157
cf-polished
origSize=13594
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 21 Mar 2022 10:11:39 GMT
last-modified
Mon, 14 Feb 2022 05:56:21 GMT
server
cloudflare
etag
W/"ce7913b80c763449b3895d46419f7a6b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
cf-ray
6dfeb6590c674bca-YUL
cf-bgj
minify
message-preview.css
embed.tawk.to/_s/v4/app/6209eee5db5/css/ Frame 4600
37 KB
8 KB
Stylesheet
General
Full URL
https://embed.tawk.to/_s/v4/app/6209eee5db5/css/message-preview.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6209eee5db5/js/twk-chunk-2d0d2b7c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c441a4185403c04c6660b68f8e08dbb2c1006c6a0f792fd454216a35b73fc867
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 10:11:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
447175
cf-polished
origSize=37650
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 21 Mar 2022 10:11:39 GMT
last-modified
Mon, 14 Feb 2022 05:56:21 GMT
server
cloudflare
etag
W/"792b46302ed8c4acdf03169ba30069fc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
cf-ray
6dfeb6592c734bca-YUL
cf-bgj
minify
css
fonts.googleapis.com/ Frame 0046
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6209eee5db5/css/min-widget.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d1b077ad91dc6d449f971f581046afff929ab4f742fdfdb7c3017418425c9a56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://embed.tawk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 19 Feb 2022 09:37:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 19 Feb 2022 10:11:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 19 Feb 2022 10:11:39 GMT
max-widget.css
embed.tawk.to/_s/v4/app/6209eee5db5/css/ Frame D4D2
72 KB
14 KB
Stylesheet
General
Full URL
https://embed.tawk.to/_s/v4/app/6209eee5db5/css/max-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6209eee5db5/js/twk-chunk-2d0d2b7c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a44a41a1ca5c56b7c8e93f6ac217c528a9fb559c3060d08816655dd8e047a177
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 10:11:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
447175
cf-polished
origSize=74174
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 21 Mar 2022 10:11:39 GMT
last-modified
Mon, 14 Feb 2022 05:56:21 GMT
server
cloudflare
etag
W/"10800e304a016c10a8f6e969ac0c17d5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
cf-ray
6dfeb6598ca44bca-YUL
cf-bgj
minify
168-r-br.svg
embed.tawk.to/_s/v4/assets/images/attention-grabbers/ Frame 7D9D
22 KB
6 KB
Image
General
Full URL
https://embed.tawk.to/_s/v4/assets/images/attention-grabbers/168-r-br.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5108ef00c54e1f6ce859852834135447457cf19ee19aa7b0fb55b64b425cb526
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 10:11:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
594822
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 22 May 2021 07:25:19 GMT
server
cloudflare
etag
W/"f66e029841759471d2ec78b86760dca7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
image/svg+xml
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
cf-ray
6dfeb6598ca64bca-YUL
expires
Mon, 21 Mar 2022 10:11:39 GMT
css
fonts.googleapis.com/ Frame 4600
7 KB
665 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6209eee5db5/css/message-preview.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d1b077ad91dc6d449f971f581046afff929ab4f742fdfdb7c3017418425c9a56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://embed.tawk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 19 Feb 2022 09:32:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 19 Feb 2022 10:11:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 19 Feb 2022 10:11:39 GMT
tawk-font-icon-2.woff2
embed.tawk.to/_s/v4/assets/fonts/ Frame 7D9D
10 KB
11 KB
Font
General
Full URL
https://embed.tawk.to/_s/v4/assets/fonts/tawk-font-icon-2.woff2?55755728=
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6209eee5db5/css/bubble-widget.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://embed.tawk.to/_s/v4/app/6209eee5db5/css/bubble-widget.css
Origin
https://www.dublock.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 10:11:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
20
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10520
last-modified
Sat, 22 May 2021 07:25:13 GMT
server
cloudflare
etag
"054b3b66812d0a4b87ffc6776f0a42f1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
font/woff2
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6dfeb6599a5fecee-YUL
expires
Mon, 21 Mar 2022 10:11:39 GMT
css
fonts.googleapis.com/ Frame D4D2
7 KB
665 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6209eee5db5/css/max-widget.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d1b077ad91dc6d449f971f581046afff929ab4f742fdfdb7c3017418425c9a56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://embed.tawk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 19 Feb 2022 09:29:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 19 Feb 2022 10:11:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 19 Feb 2022 10:11:39 GMT
v3
va.tawk.to/log-performance/
5 B
346 B
Fetch
General
Full URL
https://va.tawk.to/log-performance/v3
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6209eee5db5/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dublock.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 19 Feb 2022 10:11:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
visitor-application-preemptive-qlkx
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.dublock.com
vary
Accept-Encoding
access-control-allow-credentials
true
cf-ray
6dfeb659ca87ecee-YUL
access-control-allow-headers
content-type,x-tawk-token
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ Frame 0046
23 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.dublock.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 19:29:28 GMT
x-content-type-options
nosniff
age
225731
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:14:03 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Feb 2023 19:29:28 GMT
emojione.min.js
cdn.jsdelivr.net/emojione/2.2.7/lib/js/
295 KB
39 KB
Script
General
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6209eee5db5/js/twk-chunk-vendors.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.dublock.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 10:11:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
479706
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19142-FRA, cache-yyz4548-YYZ
timing-allow-origin
*
server
cloudflare
etag
W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6dfeb65a483d4bd6-YUL

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Nordea (Banking)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| structuredClone object| Tawk_API object| Tawk_LoadStart string| $_Tawk_AccountKey string| $_Tawk_WidgetId boolean| $_Tawk_Unstable object| $_Tawk object| tawkJsonp function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| regeneratorRuntime object| Tawk_Window object| emojione

4 Cookies

Domain/Path Name / Value
va.tawk.to/ Name: ss
Value: fehdq9lji1
va.tawk.to/ Name: tawkUUID
Value: TH25kND8%2Bz9lsd6Ic%2BFGlr4ul3CyNs9jHtzk1prPgu%2BWH0UWWzLO4G7bw3GuiytR%7C%7C2
www.dublock.com/ Name: TawkConnectionTime
Value: 0
.dublock.com/ Name: __tawkuuid
Value: e::dublock.com::fJMZqFAprWdHcQzH0h/L3T2XlomDl7leRaiSwbJQl7XLMUgJ/Ma/RMYXNDBcf2Ow::2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

call.uptime.africa.com
cdn.jsdelivr.net
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
va.tawk.to
www.dublock.com
149.56.72.3
162.240.17.87
2606:4700:10::6816:1883
2606:4700:10::ac43:2642
2606:4700::6810:5814
2607:f8b0:4006:806::2003
2607:f8b0:4006:81f::200a
0258bf0904baa243eb5f64f1607f3f568ac3aa3290b3f50f673968c71344c37d
037024a96d014cbe884a9f81804ceadc25bd1e49d0d9018de09acddac997afbf
13b6fca540c00a26c1cae4610b7d453a90feac64b7e5616833ac515c7039f4d2
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
1af07b8160a8e66b17450537b1e8223899ddc3a05c5c9230acd0b9beacdbebc2
1dc4de893e2bcd9c4707ec8bc1a22a9f47513e72b66cb7e9563b963edb6c6a45
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c
34533e0e1da75160a7daf8a64a6c8e84d3ee9b9265695cfdf0ce3ce7ccac0139
3fc2607b1e133fb89affeca8fa96db25e9af2fa9d2f7960d2a9602df9e96ef72
443bd1fde75a477eaae12ba7828c6cb67608e14bbda783027fca2540c3bb0b03
48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c
4a1f06262bf9becb9b218ad0f210b26d6dcff36a61205267d304aeee4a835a98
4f98589b5ad297e797fc12ed5b90a5e9244a17dbc34c5cee66e01ae8c1455d2c
5108ef00c54e1f6ce859852834135447457cf19ee19aa7b0fb55b64b425cb526
5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7
5b53179a87579447375e6d9fc3564ee56bf8697c3a6a9e80e3f9267c56033167
662f92e375557eda6247305f48907ed3c9366582d210859214bfa979ab512b54
6bb27299ef7a2f71792920ae936f4f0800cf1a43ff5f8b4c835233fde4c1e387
6d69ae5c4892d35573385da52afebec92fb02feaf7670b0684c1b2aa6f2cfb98
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
7061829ac6378cb91ead4e711eaa617bccbb1c260bd1a05d1d86d1ce6373edb6
74c5b715331cbbaff57c90a8b35a7048aaa4ed819cfce9f886c2e69353586113
7d2174ba00120ba3c084072c96e8908215e1ddb4ef5bedb61ee7b82136a3fe74
836393ac52708bd75b2e1c88defb51faa58f0fdfa374d57d2529e0a6554882ff
8a22f5ea2bc34877a3334b91210c881523678eec1e915cf6a4ee261ba58121b1
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
9f4bbd85b34e3844e54b19107df5312f3b946650168893536b2a103a1fdbbc61
a386a6170805a64ba2e46bcc37c79500b5207bd708b0d1da83cbcbc483e64cb7
a41071004c529d6fed06d69ee04e25a0dd3c2a212fff9ff5198d6c1cf4a0bd05
a42be5e936000d76c4398335e774b0d44777167dd4a0445dc0e280d134909597
a44a41a1ca5c56b7c8e93f6ac217c528a9fb559c3060d08816655dd8e047a177
a93f6086756b2a2e94db8aaf795faab950a315cd9a8e32c5b0df707636dedfff
af37fc0189eda01379b063b981e635ada76f418ad8bdffd22adb5d4e1b919abd
bb94ebe9718dddddc412d9054b58d2ec39bea39d4f40e2181bafc4fb21120c19
c441a4185403c04c6660b68f8e08dbb2c1006c6a0f792fd454216a35b73fc867
d1b077ad91dc6d449f971f581046afff929ab4f742fdfdb7c3017418425c9a56
d690ce1d3a1304fff86d11c4f38ad540da84949d881ea0c04b49bcc0f13483e0
e8072105329260b6a66dc122e6fea114e6071c7415398a1713787b6f04229408
f22599e0d24b748f3aec60adf9492df18846939f6ce308e4e5f69381e8d84088
f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
fa72a466550fadad9beefec72392e1ea1ff9d78031b334d32cab9c6efcb567ec
fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e