blox.land Open in urlscan Pro
104.22.7.114 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://blox.land/
Submission Tags: phishingrod
Submission: On June 08 via api (June 8th 2024, 2:58:55 pm UTC) from DE — Scanned from DE

Summary HTTP 47 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 7 domains to perform 47 HTTP transactions. The main IP is 104.22.7.114, located in and belongs to CLOUDFLARENET, US. The main domain is blox.land.
TLS certificate: Issued by GTS CA 1P5 on May 21st 2024. Valid for: 3 months.

This is the only time blox.land was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

	IP Address	AS Autonomous System
2 35	104.22.7.114 104.22.7.114	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	18.66.192.117 18.66.192.117	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3bb5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	18.165.183.15 18.165.183.15	16509 (AMAZON-02) (AMAZON-02)
3	54.210.79.120 54.210.79.120	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:2832	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
47	11

35 104.22.7.114 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

blox.land	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-117.muc50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3bb5 (United States)

ASN13335 (CLOUDFLARENET, US)

app.posthog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.165.183.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-183-15.zrh55.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.210.79.120 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-79-120.compute-1.amazonaws.com

us.i.posthog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:2832 (United States)

ASN13335 (CLOUDFLARENET, US)

us-assets.i.posthog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	blox.land 2 redirects blox.land	280 KB
5	posthog.com app.posthog.com — Cisco Umbrella Rank: 17123 us.i.posthog.com — Cisco Umbrella Rank: 13187 us-assets.i.posthog.com — Cisco Umbrella Rank: 26820	85 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 65 region1.google-analytics.com — Cisco Umbrella Rank: 2406	21 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 887 script.hotjar.com — Cisco Umbrella Rank: 1282	59 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	168 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 130	342 B
1	youtube.com www.youtube.com — Cisco Umbrella Rank: 95
47	7

	Domain	Requested by
35	blox.land	2 redirects blox.land
3	us.i.posthog.com	app.posthog.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	blox.land www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
1	us-assets.i.posthog.com	app.posthog.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	script.hotjar.com	static.hotjar.com
1	app.posthog.com	blox.land
1	static.hotjar.com	blox.land
1	www.youtube.com	blox.land
47	11

This site contains links to these domains. Also see Links.

Domain
discord.gg

Subject Issuer	Validity	Valid
blox.land GTS CA 1P5	`2024-05-21` - `2024-08-19`	3 months	crt.sh
*.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
posthog.com GTS CA 1P5	`2024-05-13` - `2024-08-11`	3 months	crt.sh
*.i.posthog.com Amazon RSA 2048 M03	`2024-01-15` - `2025-02-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://blox.land/
Frame ID: 55F5018B97F4220DDB4F305CCEFD0ACB
Requests: 43 HTTP requests in this frame

Frame: https://www.youtube.com/embed/PRDjwZCQ8Ms
Frame ID: 838662BE40AF72A643BD628B524D754A
Requests: 1 HTTP requests in this frame

Frame: https://blox.land/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
Frame ID: B494226EF9C6F3DF62B2BDF76FDCD6DD
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Earn R$! - Blox.Land

Page URL History Show full URLs

https://blox.land/ Page URL
https://blox.land/cdn-cgi/phish-bypass?atok=z3Y5wu3smDaGRanCEe2A94Cg_VtPmCxb.ODY5HmOWY0-171785... HTTP 301
https://blox.land/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+?href="[^"]+sweetalert2(?:\.min)?\.css
sweetalert2(?:\.all)?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

47
Requests

98 %
HTTPS

64 %
IPv6

7
Domains

11
Subdomains

11
IPs

4
Countries

612 kB
Transfer

1769 kB
Size

13
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://discord.gg/K8RjSGYtxH
Title: https://discord.gg/K8RjSGYtxH

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://blox.land/ Page URL
https://blox.land/cdn-cgi/phish-bypass?atok=z3Y5wu3smDaGRanCEe2A94Cg_VtPmCxb.ODY5HmOWY0-1717858724-0.0.1.1-%2F HTTP 301
https://blox.land/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://blox.land/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://blox.land/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js

47 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 / Show response
blox.land/ 4 KB
2 KB 192ms
15ms Document
text/html 104.22.7.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blox.land/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.7.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aeda6d0ba3b4b321240c4cbd022278771ccf33543d2e7d9255fa63b9328c2a38

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-ray: 8909bde26ee19b7a-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 08 Jun 2024 14:58:44 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H3 200 cf.errors.css
blox.land/cdn-cgi/styles/ 23 KB
5 KB 10ms
9ms Stylesheet
text/css 104.22.7.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blox.land/cdn-cgi/styles/cf.errors.css

Requested by

Host: blox.land
URL: https://blox.land/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.7.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://blox.land/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 14:58:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 04 Jun 2024 12:26:34 GMT
server: cloudflare
etag: W/"665f07fa-5df3"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 8909bde27f009b7a-FRA
expires: Sat, 08 Jun 2024 16:58:44 GMT

GET
H3 200 icon-exclamation.png
blox.land/cdn-cgi/images/ 452 B
634 B 9ms
9ms Image
image/png 104.22.7.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blox.land/cdn-cgi/images/icon-exclamation.png?1376755637

Requested by

Host: blox.land
URL: https://blox.land/cdn-cgi/styles/cf.errors.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.7.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://blox.land/cdn-cgi/styles/cf.errors.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 14:58:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 04 Jun 2024 12:26:34 GMT
server: cloudflare
etag: "665f07fa-1c4"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 8909bde29f109b7a-FRA
content-length: 452
expires: Sat, 08 Jun 2024 16:58:44 GMT

GET
H3 200 favicon.ico
blox.land/ 0
189 B 32ms
32ms Other
text/html 104.22.7.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blox.land/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.7.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://blox.land/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 14:58:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sat, 08 Jun 2024 13:49:29 GMT
server: cloudflare
age: 544
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 8909bde2bf3b9b7a-FRA
alt-svc: h3=":443"; ma=86400

GET
H3

200

Primary Request / Show response
blox.land/
Redirect Chain

https://blox.land/cdn-cgi/phish-bypass?atok=z3Y5wu3smDaGRanCEe2A94Cg_VtPmCxb.ODY5HmOWY0-1717858724-0.0.1.1-%2F
https://blox.land/

20 KB
6 KB

1486ms
1486ms

Document
text/html

104.22.7.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blox.land/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.7.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.25

Resource Hash

77dd783a78e03499859a18a6a6f6259d99c4937e72d3201d7ecec978e09ac691

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://blox.land/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-max-age: 600
alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8909be01ed959b7a-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 08 Jun 2024 14:58:50 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/7.4.25
x-xss-protection: 1; mode=block

Redirect headers

cache-control: private, no-cache
cf-ray: 8909be01dd819b7a-FRA
content-length: 167
content-type: text/html
date: Sat, 08 Jun 2024 14:58:49 GMT
location: https://blox.land/
server: cloudflare
x-content-type-options: nosniff
x-frame-options: DENY

GET
H3 200 bootstrap.min.css
blox.land/assets/css/ 152 KB
24 KB 35ms
34ms Stylesheet
text/css 104.22.7.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blox.land/assets/css/bootstrap.min.css

Requested by

Host: blox.land
URL: https://blox.land/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.7.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

882f9a6a85743235cbd8889b82d92c70da49b469eb437c68c12a760023cd8e31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://blox.land/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 14:58:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2571
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 30 May 2024 22:06:51 GMT
server: cloudflare
etag: W/"6658f87b-26040"
access-control-max-age: 600
x-frame-options: SAMEORIGIN
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=2678400
cf-ray: 8909be0b49f89b7a-FRA

GET
H3 200 fontawesome-all.min.css
blox.land/assets/css/ 58 KB
13 KB 30ms
29ms Stylesheet
text/css 104.22.7.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blox.land/assets/css/fontawesome-all.min.css

Requested by

Host: blox.land
URL: https://blox.land/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.7.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://blox.land/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 14:58:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2571
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 30 May 2024 22:06:51 GMT
server: cloudflare
etag: W/"6658f87b-e637"
access-control-max-age: 600
x-frame-options: SAMEORIGIN
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=2678400
cf-ray: 8909be0b49fc9b7a-FRA

GET
H3 200 sweetalert2.min.css
blox.land/assets/css/ 22 KB
4 KB 45ms
45ms Stylesheet
text/css 104.22.7.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blox.land/assets/css/sweetalert2.min.css

Requested by

Host: blox.land
URL: https://blox.land/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.7.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5d72cb0de5c93e3e62436666a8de967106e7b0c9efa06372a1413298009f98f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://blox.land/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 14:58:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2571
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 30 May 2024 22:06:51 GMT
server: cloudflare
etag: W/"6658f87b-588a"
access-control-max-age: 600
x-frame-options: SAMEORIGIN
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=2678400
cf-ray: 8909be0b49fe9b7a-FRA

GET
H3 200 roundslider.min.css
blox.land/assets/css/ 4 KB
1 KB 30ms
29ms Stylesheet
text/css 104.22.7.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blox.land/assets/css/roundslider.min.css

Requested by

Host: blox.land
URL: https://blox.land/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.7.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97b77296be155a286877274df20f80bbd7dfe72a0d1bf423db9bbc4e56f17b63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://blox.land/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 14:58:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2571
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 30 May 2024 22:06:51 GMT
server: cloudflare
etag: W/"6658f87b-1167"
access-control-max-age: 600
x-frame-options: SAMEORIGIN
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=2678400
cf-ray: 8909be0b4a009b7a-FRA

GET
H3 200 summernote-bs4.css
blox.land/assets/css/ 18 KB
4 KB 28ms
28ms Stylesheet
text/css 104.22.7.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blox.land/assets/css/summernote-bs4.css

Requested by

Host: blox.land
URL: https://blox.land/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.7.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a095a138ed19d86db942848ace8c08309c8bb8ea5f0b62be5aa8c20b6b3cac8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://blox.land/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 14:58:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2571
cf-polished: origSize=18383
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 30 May 2024 22:06:51 GMT
server: cloudflare
etag: W/"6658f87b-47cf"
access-control-max-age: 600
x-frame-options: SAMEORIGIN
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=2678400
cf-ray: 8909be0b4a019b7a-FRA

GET
H3 200 pyro.css
blox.land/assets/css/ 11 KB
1 KB 27ms
26ms Stylesheet
text/css 104.22.7.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blox.land/assets/css/pyro.css

Requested by

Host: blox.land
URL: https://blox.land/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.7.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0aeb7bf3deba4e73ebb1ff9e7b2c9a8770c94bb44eb7b483b22621741d4f212

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://blox.land/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 14:58:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2571
cf-polished: origSize=12976
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 30 May 2024 22:06:51 GMT
server: cloudflare
etag: W/"6658f87b-32b0"
access-control-max-age: 600
x-frame-options: SAMEORIGIN
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=2678400
cf-ray: 8909be0b4a029b7a-FRA

GET
H3 200 introjs.min.css
blox.land/assets/css/ 10 KB
2 KB 46ms
45ms Stylesheet
text/css 104.22.7.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blox.land/assets/css/introjs.min.css

Requested by

Host: blox.land
URL: https://blox.land/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.7.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5614774cd602d3fac690fcf25655b834208346eb44ad8b40ac4f9203be9b34ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://blox.land/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 14:58:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2571
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 30 May 2024 22:06:51 GMT
server: cloudflare
etag: W/"6658f87b-2710"
access-control-max-age: 600
x-frame-options: SAMEORIGIN
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=2678400
cf-ray: 8909be0b4a039b7a-FRA

GET
H3 200 style-78be0df4.css
blox.land/assets/css/ 7 KB
2 KB 46ms
46ms Stylesheet
text/css 104.22.7.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blox.land/assets/css/style-78be0df4.css?185aa118

Requested by

Host: blox.land
URL: https://blox.land/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.7.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42c8a420dc98b0eec3fcabece52f7465c5be1b781ae177e3f5f1a58deb4f7d24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://blox.land/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 14:58:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2571
cf-polished: origSize=9615
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 30 May 2024 22:06:51 GMT
server: cloudflare
etag: W/"6658f87b-258f"
access-control-max-age: 600
x-frame-options: SAMEORIGIN
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=2678400
cf-ray: 8909be0b4a069b7a-FRA

GET
H3 200 logo_text_white.png
blox.land/assets/img/ 4 KB
4 KB 47ms
46ms Image
image/webp 104.22.7.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blox.land/assets/img/logo_text_white.png

Requested by

Host: blox.land
URL: https://blox.land/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.7.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ce9036cfeb5c3ef983960d2188716338df536fd2c4a612346dd4082733edd68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://blox.land/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 14:58:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2571
cf-polished: origFmt=png, origSize=12622
content-disposition: inline; filename="logo_text_white.webp"
alt-svc: h3=":443"; ma=86400
content-length: 4136
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Thu, 30 May 2024 22:06:51 GMT
server: cloudflare
etag: "6658f87b-314e"
vary: Accept
access-control-max-age: 600
content-type: image/webp
x-frame-options: SAMEORIGIN
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 8909be0b4a079b7a-FRA

GET
H3 200 irregular-shape-2-bottom.svg
blox.land/assets/svg/ 610 B
552 B 48ms
47ms Image
image/svg+xml 104.22.7.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blox.land/assets/svg/irregular-shape-2-bottom.svg

Requested by

Host: blox.land
URL: https://blox.land/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.7.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

144bf448643d10a1597a3f6d3032c6cd23f57072dbe38142947b97104cae9aac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://blox.land/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 14:58:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2571
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 30 May 2024 22:06:51 GMT
server: cloudflare
etag: W/"6658f87b-262"
access-control-max-age: 600
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=2678400
cf-ray: 8909be0b4a0a9b7a-FRA

GET
H3 200 abstract-shapes-4.svg
blox.land/assets/svg/ 3 KB
1 KB 48ms
48ms Image
image/svg+xml 104.22.7.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blox.land/assets/svg/abstract-shapes-4.svg

Requested by

Host: blox.land
URL: https://blox.land/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.7.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f18c0a790eabaa783aaaf978829195cfa02d97739cbc7ab49498ca9b4656bfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://blox.land/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 14:58:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2571
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 30 May 2024 22:06:51 GMT
server: cloudflare
etag: W/"6658f87b-acc"
access-control-max-age: 600
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=2678400
cf-ray: 8909be0b4a0c9b7a-FRA

GET
H3 200 abstract-shapes-10.svg
blox.land/assets/svg/ 8 KB
3 KB 49ms
48ms Image
image/svg+xml 104.22.7.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blox.land/assets/svg/abstract-shapes-10.svg

Requested by

Host: blox.land
URL: https://blox.land/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.7.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23378fdb06086ab7cbbc27456459158b657bd8f7be5dbc186786496b162fbb42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://blox.land/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 14:58:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2571
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 30 May 2024 22:06:51 GMT
server: cloudflare
etag: W/"6658f87b-1f02"
access-control-max-age: 600
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=2678400
cf-ray: 8909be0b4a0d9b7a-FRA

GET
H3 200 avatar.png
blox.land/assets/img/ 15 KB
16 KB 49ms
49ms Image
image/webp 104.22.7.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blox.land/assets/img/avatar.png

Requested by

Host: blox.land
URL: https://blox.land/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.7.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

470ae2ca26cb6e7a2d5a5e5bbc0ba08bf70df789b2c63faa1e46b3b260338af0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://blox.land/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 14:58:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2571
cf-polished: origFmt=png, origSize=23229
content-disposition: inline; filename="avatar.webp"
alt-svc: h3=":443"; ma=86400
content-length: 15866
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Thu, 30 May 2024 22:06:51 GMT
server: cloudflare
etag: "6658f87b-5abd"
vary: Accept
access-control-max-age: 600
content-type: image/webp
x-frame-options: SAMEORIGIN
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 8909be0b4a0e9b7a-FRA

GET
H3 200 email-decode.min.js Show response
blox.land/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
835 B 16ms
16ms Script
application/javascript 104.22.7.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blox.land/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: blox.land
URL: https://blox.land/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.7.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://blox.land/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 14:58:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 04 Jun 2024 12:27:30 GMT
server: cloudflare
etag: W/"665f0832-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 8909be0b4a119b7a-FRA
expires: Mon, 10 Jun 2024 14:58:50 GMT

GET
H3 200 rocket-loader.min.js Show response
blox.land/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 17ms
17ms Script
application/javascript 104.22.7.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blox.land/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: blox.land
URL: https://blox.land/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.7.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://blox.land/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 14:58:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 04 Jun 2024 12:27:30 GMT
server: cloudflare
etag: W/"665f0832-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 8909be0b4a129b7a-FRA
expires: Mon, 10 Jun 2024 14:58:50 GMT

GET
H2 200 PRDjwZCQ8Ms
www.youtube.com/embed/ Frame 8386 0
0 121ms
88ms Document
text/html 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/PRDjwZCQ8Ms

Requested by

Host: blox.land
URL: https://blox.land/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://blox.land/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jun 2024 14:58:50 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 fa-solid-900.woff2
blox.land/assets/webfonts/ 78 KB
78 KB 165ms
165ms Font
font/woff2 104.22.7.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blox.land/assets/webfonts/fa-solid-900.woff2

Requested by

Host: blox.land
URL: https://blox.land/assets/css/fontawesome-all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.7.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://blox.land/assets/css/fontawesome-all.min.css
Origin: https://blox.land
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 14:58:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 80148
x-xss-protection: 1; mode=block
last-modified: Thu, 30 May 2024 22:06:51 GMT
server: cloudflare
etag: "6658f87b-13914"
x-frame-options: SAMEORIGIN
access-control-max-age: 600
content-type: font/woff2
vary: Accept-Encoding
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 8909be0bba739b7a-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 206 KB
75 KB 67ms
44ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-122952025-1

Requested by

Host: blox.land
URL: https://blox.land/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

149626aac7cc7a6aa500fef629c556a7e06df42d30c692f64eab3ae8067ec3d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://blox.land/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 14:58:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75958
x-xss-protection: 0
last-modified: Sat, 08 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 08 Jun 2024 14:58:50 GMT

GET
H3 200 script-4bbb5b20.js Show response
blox.land/assets/js/ 37 KB
10 KB 26ms
25ms Script
application/javascript 104.22.7.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blox.land/assets/js/script-4bbb5b20.js?mmmb433bgg

Requested by

Host: blox.land
URL: https://blox.land/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.7.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1613600a1ad82e22a2c89e07365f609465f62456606ef8a4c71b6b91b758c255

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://blox.land/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 14:58:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2571
cf-polished: origSize=55539
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 30 May 2024 22:06:51 GMT
server: cloudflare
etag: W/"6658f87b-d8f3"
access-control-max-age: 600
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=2678400
cf-ray: 8909be0bba809b7a-FRA

GET
H3 200 intro.min.js Show response
blox.land/assets/js/ 28 KB
7 KB 28ms
27ms Script
application/javascript 104.22.7.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blox.land/assets/js/intro.min.js

Requested by

Host: blox.land
URL: https://blox.land/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.7.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ce3c799a6a6aa41cfbf84181b192248a9bb3bfdc6009e39e78a505d895ea0ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://blox.land/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 14:58:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2571
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 30 May 2024 22:06:51 GMT
server: cloudflare
etag: W/"6658f87b-70fe"
access-control-max-age: 600
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=2678400
cf-ray: 8909be0bba829b7a-FRA

GET
H3 200 roundslider.min.js Show response
blox.land/assets/js/ 28 KB
9 KB 23ms
23ms Script
application/javascript 104.22.7.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blox.land/assets/js/roundslider.min.js

Requested by

Host: blox.land
URL: https://blox.land/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.7.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79d9a4b54158e0d6211177e8ba62ba7305b49c6a934238ff1063853a47629501

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://blox.land/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 14:58:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2571
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 30 May 2024 22:06:51 GMT
server: cloudflare
etag: W/"6658f87b-71b8"
access-control-max-age: 600
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=2678400
cf-ray: 8909be0bba849b7a-FRA

GET
H3 200 sweetalert2.min.js Show response
blox.land/assets/js/ 40 KB
13 KB 33ms
32ms Script
application/javascript 104.22.7.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blox.land/assets/js/sweetalert2.min.js

Requested by

Host: blox.land
URL: https://blox.land/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.7.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cab84e1454913894e4566b0f311d2027d0f80ab5b166c1140ee7860e09fa96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://blox.land/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 14:58:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2571
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 30 May 2024 22:06:51 GMT
server: cloudflare
etag: W/"6658f87b-a08b"
access-control-max-age: 600
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=2678400
cf-ray: 8909be0bba879b7a-FRA

GET
H3 200 typed.min.js Show response
blox.land/assets/js/ 11 KB
4 KB 37ms
36ms Script
application/javascript 104.22.7.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blox.land/assets/js/typed.min.js

Requested by

Host: blox.land
URL: https://blox.land/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.7.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d180a87fcc37baec7a18a3a6aa47f65fd73012426c5d6851851535f53c1e3778

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://blox.land/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 14:58:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2571
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 30 May 2024 22:06:51 GMT
server: cloudflare
etag: W/"6658f87b-2dbe"
access-control-max-age: 600
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=2678400
cf-ray: 8909be0bba889b7a-FRA

GET
H3 200 bootstrap.bundle.min.js Show response
blox.land/assets/js/ 77 KB
23 KB 29ms
28ms Script
application/javascript 104.22.7.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blox.land/assets/js/bootstrap.bundle.min.js

Requested by

Host: blox.land
URL: https://blox.land/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.7.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0e3f4cdc282dc2223fa74f47f49bf78cf0d5ead8b667f6c431e390a2abd1c19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://blox.land/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 14:58:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2571
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 30 May 2024 22:06:51 GMT
server: cloudflare
etag: W/"6658f87b-132fa"
access-control-max-age: 600
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=2678400
cf-ray: 8909be0bba8a9b7a-FRA

GET
H3 200 jquery-3.4.1.min.js Show response
blox.land/assets/js/ 86 KB
31 KB 34ms
33ms Script
application/javascript 104.22.7.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blox.land/assets/js/jquery-3.4.1.min.js

Requested by

Host: blox.land
URL: https://blox.land/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.7.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://blox.land/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 14:58:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2571
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 30 May 2024 22:06:51 GMT
server: cloudflare
etag: W/"6658f87b-15851"
access-control-max-age: 600
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=2678400
cf-ray: 8909be0bba8c9b7a-FRA

GET
H3

200

main.js Show response
blox.land/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/ Frame B494
Redirect Chain

https://blox.land/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://blox.land/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js

8 KB
4 KB

21ms
20ms

Script
application/javascript

104.22.7.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blox.land/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js

Requested by

Host: blox.land
URL: https://blox.land/

Protocol

Server

104.22.7.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

777f90d1a1f876f2e67abdaebdf1b0188b09e9ec0958088f2c93f82f010b8ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Sat, 08 Jun 2024 14:58:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8909be0bdab19b7a-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sat, 08 Jun 2024 14:58:50 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
cache-control: max-age=300, public
cf-ray: 8909be0bba8f9b7a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 8909be01ed959b7a Show response
blox.land/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame B494 0
401 B 47ms
47ms XHR
text/plain 104.22.7.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blox.land/cdn-cgi/challenge-platform/h/g/jsd/r/8909be01ed959b7a
Requested by: Host: blox.land
URL: https://blox.land/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.22.7.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 08 Jun 2024 14:58:50 GMT
server: cloudflare
cf-ray: 8909be0c5b8e9b7a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H3 200 favicon.ico
blox.land/assets/icons/rewards/ 4 KB
4 KB 155ms
154ms Other
image/x-icon 104.22.7.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blox.land/assets/icons/rewards/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.7.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c0ab250bb4f11869923809a13d577a474aefd61e70a04e7f5676517235862ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://blox.land/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 14:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 30 May 2024 22:06:51 GMT
server: cloudflare
etag: W/"6658f87b-f4c"
access-control-max-age: 600
x-frame-options: SAMEORIGIN
content-type: image/x-icon
vary: Accept-Encoding
cache-control: max-age=2678400
cf-ray: 8909be0dfdea9b7a-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 hotjar-1759528.js Show response
static.hotjar.com/c/ 9 KB
4 KB 45ms
16ms Script
application/javascript 18.66.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1759528.js?sv=6

Requested by

Host: blox.land
URL: https://blox.land/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-117.muc50.r.cloudfront.net

Software

Resource Hash

7b38360cbf7af3a84b43aa0f124b14583dbcd55b8afa0d855e89004ce5f04e3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://blox.land/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Sat, 08 Jun 2024 14:58:51 GMT
via: 1.1 6ef87569c26a159f552948d3c30a2be0.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 27
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/c827e6c54491286f6a4c2c6e12b378bf
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: MVqVIAzlkDGfQs05A4_LMKsY5tOV7TyaDlsn1DioDZAojR3z7-i6qA==

GET
H2 200 array.js Show response
app.posthog.com/static/ 130 KB
46 KB 51ms
17ms Script
text/javascript 2606:4700:10::6816:3bb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.posthog.com/static/array.js

Requested by

Host: blox.land
URL: https://blox.land/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3bb5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecfb345dc90de430df1edef523bf751076765b1e7711dd4a6759fc4aef80e1be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://blox.land/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 14:58:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 167
x-envoy-upstream-service-time: 33
referrer-policy: same-origin
last-modified: Sat, 08 Jun 2024 09:14:13 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Cookie, Accept-Encoding
content-type: text/javascript; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 8909be0e3d699048-FRA

POST
H3 200 8909be01ed959b7a Show response
blox.land/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame B494 0
400 B 29ms
29ms XHR
text/plain 104.22.7.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blox.land/cdn-cgi/challenge-platform/h/g/jsd/r/8909be01ed959b7a
Requested by: Host: blox.land
URL: https://blox.land/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.22.7.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 08 Jun 2024 14:58:51 GMT
server: cloudflare
cf-ray: 8909be0e5e7f9b7a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 270 KB
93 KB 44ms
44ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0X17H2223V&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-122952025-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

82ed157268568b1829649e0035bf6e3a0b62ee12c10bb134dbc523d2e1e6a7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://blox.land/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 14:58:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95188
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 08 Jun 2024 14:58:51 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 37ms
8ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-122952025-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://blox.land/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 08 Jun 2024 13:41:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4668
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 08 Jun 2024 15:41:03 GMT

GET
H2 200 modules.349061f2d87d84c4c336.js Show response
script.hotjar.com/ 222 KB
55 KB 120ms
77ms Script
application/javascript 18.165.183.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.349061f2d87d84c4c336.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1759528.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.165.183.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-165-183-15.zrh55.r.cloudfront.net

Software

Resource Hash

5ade1526f1674ac49650f04fa328b8aec7266c24c9a045f5efbb96b6984422c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://blox.land/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 11:43:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 ff571229df9f46b01b0e434bcb36f9e6.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH55-P1
age: 270944
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56093
last-modified: Wed, 05 Jun 2024 11:42:10 GMT
etag: "4aa8ac29ac41e30cfd27b0bfd1a19aca"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: N_MTqsip3_4yf8UiLsJjZ7KjyaB_0BnCVZ-mBpghEs5MnlShPGp75w==

POST
H2 200 / Show response
us.i.posthog.com/decide/ 684 B
757 B 334ms
107ms XHR
application/json 54.210.79.120
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://us.i.posthog.com/decide/?v=3&ip=1&_=1717858731274&ver=1.138.0&compression=base64

Requested by

Host: app.posthog.com
URL: https://app.posthog.com/static/array.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.210.79.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-210-79-120.compute-1.amazonaws.com

Software

envoy /

Resource Hash

70feeed8587037cea3843bf74e86d006cfcc72ea7842503cc6d5cd914cbee1ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://blox.land/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 08 Jun 2024 14:58:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
server: envoy
cross-origin-opener-policy: same-origin
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://blox.land
access-control-allow-credentials: true
x-envoy-upstream-service-time: 10
access-control-allow-headers: X-Requested-With,Content-Type

POST
H2 200 / Show response
us.i.posthog.com/e/ 13 B
408 B 329ms
106ms XHR
application/json 54.210.79.120
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://us.i.posthog.com/e/?ip=1&_=1717858731278&ver=1.138.0&compression=base64

Requested by

Host: app.posthog.com
URL: https://app.posthog.com/static/array.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.210.79.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-210-79-120.compute-1.amazonaws.com

Software

envoy /

Resource Hash

7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://blox.land/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 08 Jun 2024 14:58:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
server: envoy
cross-origin-opener-policy: same-origin
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://blox.land
access-control-allow-credentials: true
x-envoy-upstream-service-time: 8
access-control-allow-headers: X-Requested-With,Content-Type

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
203 B 29ms
29ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1669754108&t=pageview&_s=1&dl=https%3A%2F%2Fblox.land%2F&ul=de-de&de=UTF-8&dt=Earn%20R%24!%20-%20Blox.Land&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=477548689&gjid=931055761&cid=718279728.1717858731&uid=&tid=UA-122952025-1&_gid=930851930.1717858731&_r=1&gtm=457e4650za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&jsscut=1&npa=1&z=849893739

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://blox.land/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 08 Jun 2024 14:58:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blox.land
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 favicon-32x32.png
blox.land/assets/icons/rewards/ 1 KB
2 KB 37ms
37ms Other
image/webp 104.22.7.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blox.land/assets/icons/rewards/favicon-32x32.png

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.7.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15aa218de97172512a64bdc5ccdeefaeba967d448e3adec4d27352afb25dcd72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://blox.land/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 14:58:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6866
cf-polished: origFmt=png, origSize=2851
content-disposition: inline; filename="favicon-32x32.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1412
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Thu, 30 May 2024 22:06:51 GMT
server: cloudflare
etag: "6658f87b-b23"
vary: Accept
access-control-max-age: 600
content-type: image/webp
x-frame-options: SAMEORIGIN
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 8909be0f0f5d9b7a-FRA

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
342 B 73ms
20ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-122952025-1&cid=718279728.1717858731&jid=477548689&gjid=931055761&_gid=930851930.1717858731&npa=1&_u=YEBAAUAAAAAAACAAI~&z=809194038

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://blox.land/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 08 Jun 2024 14:58:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blox.land
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recorder.js Show response
us-assets.i.posthog.com/static/ 106 KB
37 KB 301ms
20ms Script
text/javascript 2606:4700:10::ac43:2832
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us-assets.i.posthog.com/static/recorder.js?v=1.138.0

Requested by

Host: app.posthog.com
URL: https://app.posthog.com/static/array.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2832 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a5ad2cddb306d5a863aee2113d632426b5c54d771bdf9403d86f72d0f7ca6db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://blox.land/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 14:58:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 49
x-envoy-upstream-service-time: 16
referrer-policy: same-origin
last-modified: Sat, 08 Jun 2024 09:14:13 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Cookie, Accept-Encoding
content-type: text/javascript; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8909be12596fbbaf-FRA

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 79ms
28ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-0X17H2223V&gtm=45je4650v9134917326za200&_p=1717858731200&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=718279728.1717858731&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&uid=&sid=1717858731&sct=1&seg=0&dl=https%3A%2F%2Fblox.land%2F&dr=https%3A%2F%2Fblox.land%2F&dt=Earn%20R%24!%20-%20Blox.Land&en=page_view&_fv=1&_ss=1&tfd=2411&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0X17H2223V&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://blox.land/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 08 Jun 2024 14:58:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blox.land
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
us.i.posthog.com/s/ 13 B
408 B 337ms
246ms XHR
application/json 54.210.79.120
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://us.i.posthog.com/s/?ip=1&_=1717858734274&ver=1.138.0&compression=gzip-js

Requested by

Host: app.posthog.com
URL: https://app.posthog.com/static/array.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.210.79.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-210-79-120.compute-1.amazonaws.com

Software

envoy /

Resource Hash

7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://blox.land/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 08 Jun 2024 14:58:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
server: envoy
cross-origin-opener-policy: same-origin
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://blox.land
access-control-allow-credentials: true
x-envoy-upstream-service-time: 61
access-control-allow-headers: X-Requested-With,Content-Type

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.blox.land/	1970-01-20 21:12:25	Name: __cf_mw_byp Value: z3Y5wu3smDaGRanCEe2A94Cg_VtPmCxb.ODY5HmOWY0-1717858724-0.0.1.1-/
blox.land/	1970-01-20 21:54:48	Name: Session Value: pbcb88nfjq3oejqtvdshj0rjg6
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: rJSUrXRH8qY
.youtube.com/	1970-01-21 01:30:10	Name: VISITOR_INFO1_LIVE Value: ucr1sZNSRQg
.youtube.com/	1970-01-21 01:30:10	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgag%3D%3D
.blox.land/	1970-01-21 05:56:34	Name: cf_clearance Value: jbPzYS.qPrEYBi2ph7QCK8EbhD__IFoTe1jIau1kaaI-1717858731-1.0.1.1-h8CK8Vvc2dpGE.C_8BV.Ek7SOCNQFkBzDIWpTeyLXWfZK1CkjduoONYHhes_CC2U31clo15OJZ4mI2t4fAti8g
.blox.land/	1970-01-20 21:12:25	Name: _gid Value: GA1.2.930851930.1717858731
.blox.land/	1970-01-20 21:10:58	Name: _gat_gtag_UA_122952025_1 Value: 1
.blox.land/	1970-01-21 05:56:34	Name: _hjSessionUser_1759528 Value: eyJpZCI6IjcxODhkYzZmLTBjZTEtNTM1OC04Mzc1LTFhMTFjYzQ1ZWE0MCIsImNyZWF0ZWQiOjE3MTc4NTg3MzE0MTIsImV4aXN0aW5nIjpmYWxzZX0=
.blox.land/	1970-01-20 21:11:00	Name: _hjSession_1759528 Value: eyJpZCI6ImFiNzJmNTk3LTZiN2MtNDNlNi1hYzlmLWY4ZTRiZjRhYmJhYyIsImMiOjE3MTc4NTg3MzE0MTMsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.blox.land/	1970-01-21 05:56:34	Name: ph_phc_KJLN4lEaJdgsXPUFzOEq4Wp70gA11nNrY3yins1svmm_posthog Value: %7B%22distinct_id%22%3A%22018ff85c-0509-74d1-ae10-a4c487b26e82%22%2C%22%24sesid%22%3A%5B1717858731611%2C%22018ff85c-0508-7934-b272-e38c9054005f%22%2C1717858731272%5D%7D
.blox.land/	1970-01-21 06:46:58	Name: _ga_0X17H2223V Value: GS1.1.1717858731.1.0.1717858731.0.0.0
.blox.land/	1970-01-21 06:46:58	Name: _ga Value: GA1.1.718279728.1717858731

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.posthog.com
blox.land
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
us-assets.i.posthog.com
us.i.posthog.com
www.google-analytics.com
www.googletagmanager.com
www.youtube.com
104.22.7.114
18.165.183.15
18.66.192.117
2001:4860:4802:34::36
2606:4700:10::6816:3bb5
2606:4700:10::ac43:2832
2a00:1450:4001:801::200e
2a00:1450:4001:806::2008
2a00:1450:4001:82f::200e
2a00:1450:400c:c06::9c
54.210.79.120
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
13cab84e1454913894e4566b0f311d2027d0f80ab5b166c1140ee7860e09fa96
144bf448643d10a1597a3f6d3032c6cd23f57072dbe38142947b97104cae9aac
149626aac7cc7a6aa500fef629c556a7e06df42d30c692f64eab3ae8067ec3d1
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
15aa218de97172512a64bdc5ccdeefaeba967d448e3adec4d27352afb25dcd72
1613600a1ad82e22a2c89e07365f609465f62456606ef8a4c71b6b91b758c255
23378fdb06086ab7cbbc27456459158b657bd8f7be5dbc186786496b162fbb42
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
42c8a420dc98b0eec3fcabece52f7465c5be1b781ae177e3f5f1a58deb4f7d24
470ae2ca26cb6e7a2d5a5e5bbc0ba08bf70df789b2c63faa1e46b3b260338af0
4a095a138ed19d86db942848ace8c08309c8bb8ea5f0b62be5aa8c20b6b3cac8
4c0ab250bb4f11869923809a13d577a474aefd61e70a04e7f5676517235862ff
5614774cd602d3fac690fcf25655b834208346eb44ad8b40ac4f9203be9b34ae
5ade1526f1674ac49650f04fa328b8aec7266c24c9a045f5efbb96b6984422c0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70feeed8587037cea3843bf74e86d006cfcc72ea7842503cc6d5cd914cbee1ce
777f90d1a1f876f2e67abdaebdf1b0188b09e9ec0958088f2c93f82f010b8ace
77dd783a78e03499859a18a6a6f6259d99c4937e72d3201d7ecec978e09ac691
79d9a4b54158e0d6211177e8ba62ba7305b49c6a934238ff1063853a47629501
7b38360cbf7af3a84b43aa0f124b14583dbcd55b8afa0d855e89004ce5f04e3b
7ce3c799a6a6aa41cfbf84181b192248a9bb3bfdc6009e39e78a505d895ea0ba
7ce9036cfeb5c3ef983960d2188716338df536fd2c4a612346dd4082733edd68
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
82ed157268568b1829649e0035bf6e3a0b62ee12c10bb134dbc523d2e1e6a7c0
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
882f9a6a85743235cbd8889b82d92c70da49b469eb437c68c12a760023cd8e31
8f18c0a790eabaa783aaaf978829195cfa02d97739cbc7ab49498ca9b4656bfd
97b77296be155a286877274df20f80bbd7dfe72a0d1bf423db9bbc4e56f17b63
9a5ad2cddb306d5a863aee2113d632426b5c54d771bdf9403d86f72d0f7ca6db
aeda6d0ba3b4b321240c4cbd022278771ccf33543d2e7d9255fa63b9328c2a38
b5d72cb0de5c93e3e62436666a8de967106e7b0c9efa06372a1413298009f98f
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
d180a87fcc37baec7a18a3a6aa47f65fd73012426c5d6851851535f53c1e3778
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecfb345dc90de430df1edef523bf751076765b1e7711dd4a6759fc4aef80e1be
f0aeb7bf3deba4e73ebb1ff9e7b2c9a8770c94bb44eb7b483b22621741d4f212
f0e3f4cdc282dc2223fa74f47f49bf78cf0d5ead8b667f6c431e390a2abd1c19
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

blox.land Open in urlscan Pro 104.22.7.114 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

47 Requests

98 %HTTPS

64 %IPv6

7 Domains

11 Subdomains

11 IPs

4 Countries

612 kBTransfer

1769 kBSize

13 Cookies

1 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

blox.land Open in urlscan Pro
104.22.7.114 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

98 %
HTTPS

64 %
IPv6

7
Domains

11
Subdomains

11
IPs

4
Countries

612 kB
Transfer

1769 kB
Size

13
Cookies

47 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!