lp4.goblocker.xyz Open in urlscan Pro
2606:4700:3033::ac43:a9e8 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://paramountneyeork.com/
Effective URL:
https://lp4.goblocker.xyz/?&utm_campaign=00732&cep=GDTvc1OigHv_pX0SsYCqpIdWIGHCiCM_3W-py4Rb8In1zTOnTPIiNLOFUwI3GEpR_hA_WeH...
Submission: On December 02 via api (December 2nd 2021, 6:51:06 pm UTC) from US — Scanned from DE

Summary HTTP 11 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 11 HTTP transactions. The main IP is 2606:4700:3033::ac43:a9e8, located in United States and belongs to CLOUDFLARENET, US. The main domain is lp4.goblocker.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 2nd 2021. Valid for: a year.

This is the only time lp4.goblocker.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	212.32.237.90 212.32.237.90	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	173.192.101.30 173.192.101.30	36351 (SOFTLAYER) (SOFTLAYER)
2 2	2606:4700:303... 2606:4700:3035::6815:253b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3033::ac43:a9e8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	13.225.87.111 13.225.87.111	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
11	6

1 212.32.237.90 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

paramountneyeork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.192.101.30 (Dallas, United States) 2 redirects

ASN36351 (SOFTLAYER, US)
PTR: 1e.65.c0ad.ip4.static.sl-reverse.com

mybestdl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p185689.mybestdl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::6815:253b (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

track.sparta-tracking.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3033::ac43:a9e8 (United States)

ASN13335 (CLOUDFLARENET, US)

lp4.goblocker.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.87.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-111.fra2.r.cloudfront.net

script.wrap-lamb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	gstatic.com fonts.gstatic.com	192 KB
3	googleapis.com fonts.googleapis.com ajax.googleapis.com	9 KB
3	goblocker.xyz lp4.goblocker.xyz	101 KB
2	sparta-tracking.xyz 2 redirects track.sparta-tracking.xyz	3 KB
2	mybestdl.com 2 redirects mybestdl.com p185689.mybestdl.com	1 KB
1	wrap-lamb.com script.wrap-lamb.com	729 B
1	paramountneyeork.com 1 redirects paramountneyeork.com	2 KB
11	7

	Domain	Requested by
4	fonts.gstatic.com	fonts.googleapis.com
3	lp4.goblocker.xyz	lp4.goblocker.xyz
2	fonts.googleapis.com	lp4.goblocker.xyz ajax.googleapis.com
2	track.sparta-tracking.xyz	2 redirects
1	ajax.googleapis.com	lp4.goblocker.xyz
1	script.wrap-lamb.com	lp4.goblocker.xyz
1	p185689.mybestdl.com	1 redirects
1	mybestdl.com	1 redirects
1	paramountneyeork.com	1 redirects
11	9

This site contains links to these domains. Also see Links.

Domain
track.sparta-tracking.xyz

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-11-02` - `2022-11-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.wrap-lamb.com Amazon	`2021-09-24` - `2022-10-23`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://lp4.goblocker.xyz/?&utm_campaign=00732&cep=GDTvc1OigHv_pX0SsYCqpIdWIGHCiCM_3W-py4Rb8In1zTOnTPIiNLOFUwI3GEpR_hA_WeHdSOKB-hUeXMxsrV6kMHxmOZRBYhq_mMMzQ1eDX-j4XuQQlHgpXwHehuyA-LF__noNkokvSK6uFlGVGNFxt9UEgvnx01VYk8Peod4XU5T6MXeJhw-ZU2s2EKmMg6OFJBzmGZb0NoF3dpc2U-nGVwWtdN4fTLJBRGL4UEt52ID2zwn6zVWkhF_wOojx2AM0SpmRefc91kklr1IH8zfWJzodIoQi_vfctaEVf-4u87eb0BWw7FTatzKVlDmiYURq2AckBJvSfUmXg6lhwg6qAzr2LEHjj2kR3TLMxTTH2eXJk20PGqgMVpbE16eC1SCwuBfuQ88xixHuYZBOGkKlVn0ZaXwbJb2eleuxaeIe6J6KqQ8-MksNdirXyl42G7Ud3-vpd7BCASRZbPswduKwIItnaNj7UNW-rWS-NjfNdyVFNslnQ5T37y8KtNMZkFF75-AlXGVFYaAuwPpMjeiO7cmpS-dBM4KpBP43HRI&lptoken=16ee38c2474528d1610d&keyword=paramountneyeork&geo=DE&campaignname=00732&device=Desktop&os=Windows+10&browser=Chrome+96&carrier=UNKNOWN&source=438149001&bid=0.0009&clickid=87684538668
Frame ID: 1B4624CD85BCF6B6EBD22C0E2479B4B4
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Go Blocker

Page URL History Show full URLs

http://paramountneyeork.com/ HTTP 302
https://mybestdl.com/aS/feedclick?s=Un8YNmzNixpndAYfZXLGLUWut6U4gTSnQAVfxVIJjiUaUUxvZgmcSVO9kPu6B... HTTP 302
https://p185689.mybestdl.com/adServe/domainClick?ai=W6LwHsBtbbEnjGnvUcQ3XpJog2duyQXFRIomulZcEXeK4r-3PlB7u... HTTP 302
http://track.sparta-tracking.xyz/a6ef11a2-d15c-4bae-9f4e-61af287c83ac?keyword=paramountneyeork&geo=DE&campaig... HTTP 301
https://track.sparta-tracking.xyz/a6ef11a2-d15c-4bae-9f4e-61af287c83ac?keyword=paramountneyeork&geo=DE&campaig... HTTP 302
https://lp4.goblocker.xyz/?&utm_campaign=00732&cep=GDTvc1OigHv_pX0SsYCqpIdWIGHCiCM_3W-py4Rb8In1zTOnTPI... Page URL

Page Statistics

11
Requests

100 %
HTTPS

63 %
IPv6

7
Domains

9
Subdomains

6
IPs

3
Countries

302 kB
Transfer

471 kB
Size

5
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://track.sparta-tracking.xyz/click?$_clickCode=1

Search URL Search Domain Scan URL

URL: https://track.sparta-tracking.xyz/click

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://paramountneyeork.com/ HTTP 302
https://mybestdl.com/aS/feedclick?s=Un8YNmzNixpndAYfZXLGLUWut6U4gTSnQAVfxVIJjiUaUUxvZgmcSVO9kPu6BC6pWj8LQHqdt3gdK7X5QIc3n0hfs9IVa7UGgGUtnOtrdEShwgPSYDeeRknv65QJjHchqWfap4yUt_iPH1TzciB1Qg6AZUDRz9bjOEX4iGGchU0uqmLH6bGB2uynuPaEBCqhSqa9tcJGb3mpfNP6ZavVPvI-ZrPSlLyC_4z_KEquvQpkWrUi5Pif1yB_n5taZQ67GMtBPqxSOx0qV7EU5_59iuthz2mT0FbYo-hx_F531mumNtzrsBkc4Fsgu-XqpKx9cTFQHWwWAdIWXGi1jNIv0uowVSsGeK6IJ11OSz8XXPvC4FM7Wu-VrgJyooWJLnlb9oSWFXvyVLAtWFIAm55_BrMoYOH1pdAhPa_VWfwUQeU9R1px3jB93aHW1cIilSaTqgfubXBKVvY_6jjF5AuvolT8tWr_lUbcikqJF8RmSS-tX7EeIKXA2Cb5LQS6BinV_iS3Sx1OjC3qRKdBGp0qepl7cVEa5DMbws37w9JUdd5a0BStXyhqvC429jFAqhFRS81--j5LoPH_U3cuSU4tCruZIqUQ1JQlDcMrrfYVfEGzIPvzidKpFcUeO_7FlDuGtVVTCnwvwDFULjs3jJ9ZxontiOMU8pWvTTKi8RsWItmxejCscAFk-kcGyTs9O1D9zfIXwHctZgpXqG7Ia1BND2R65NPSE5Ud8_C1t8f4tB_nKLBCK8bfZ6abQoYeVlSBL22CsUNE0L0gmOKllM3Vior7MIzLEemwkwRDUjGI3FELgL3ESYXyxySvSEfpFOW48c1pEqwc3YmdiNApFrWHhXbjwZDhzCOhMGgZfllCiYhCk61BMnyYb9ljajBxStm1UuTbOvQejjLD1tLjMNMYCJM1iQpz4GxasPmVvOSsq1jylm4dFMSFV_L61iPFs1agJ3XJpSBtv-HemUyZNX7HiHnaMzr4fK_SpbHq3qHI854uIThJx8qICM20OLad-9qoA4tjuR-zAAoGzFbh82PrnrdoWlLXwGPjtto633hCLxruZh0qJZTfP0f7e7Plm3cdolvMisrk30SaUNoHu1KPvWfEFlu4-m5-BjEgSgHYVPENlbqDXjUnQVQw4K1E-HTs-Feat60ijNzUBtLQ9JdmnRXHs3m32_EEaT9y8U6NjsKzLcKOpAXCSNxETkqTsfuV_iRS-deZyclR2mrokr7bOO1sATOyxe_2GqZwxLFOBvREiia6VlwRdytf_6vsgybp35O5zCH-7o2tv4ebflghvtR7UBuGFQfUqrp_4PW626KI5EQU_A0p15A0haNBCPp5HJ7SdEi6aOzfKcPlQ5sGLtIuIPqdBHSBvJ3rK4K8_RmSaINnbskFxUSKJrpWXBF3x5QMXBDPtaJTBwMhm0U8qN4dZzAPdq0asIicm7Oa14yqQyAtmR4ET3cEaPZUz5UqW46blRhsU-tt51jBqPLKy5s-urFnbdKT4HJunKpK9iEQiSZlBCHtda5lmVgZTKx4ZZJCxAdeOqU HTTP 302
https://p185689.mybestdl.com/adServe/domainClick?ai=W6LwHsBtbbEnjGnvUcQ3XpJog2duyQXFRIomulZcEXeK4r-3PlB7uSDWxTNnnKvZ4-P7UZK8ccO8EtlL4tOu-gW2EPX3lzlhOP4Y9yygj9tfb5FQeZl75NtmHa-sXA6Bvg7zv1ZX_NDeHWcwD3atGpPoHiC6J0YTZT4gk-eVXV8JbewQCztnWYsIwoUE6HLaMtEeV-sktQDehh549zcApu23ycf_aUTQtcouryzB-T94k0D-mNFP-JQliEo_gZ_sW2jB4zFuRTFWdau7IN9FdV9I9zFVCeL5p92cp-vkcPmEf3qd4ONyUKC7q00sm1d_81VZTL6WTs8WO4QP-Vi7zRe7zzBJbLAQvEGFQ0jWJkN4bvlPQArirYN_a0ud9b5iKiXhLmiyflhHQ2DhJtv57Pgpt-TBvcxCEwrLEAaOW_jHHIZ2SFx9kTcoOtNobNpqJAzwVqRCBUrBs34dAjVMmg&ui=Un8YNmzNixpndAYfZXLGLccaKRMNtL4xIaIc3yOo5HLSLiD6nQR0gUBwR_DUWzhMuPa3wk0mn7QqLVWqtsd2fmtskR3wd1ncC1XwQTjtRWAt0t1P8xsgKQ&si=1&oref=d1085d5275eaad575cc50ce82babe45d&optunit=1BiCzIGIYdX6GWpopBQEiK0rozPkVpWr&rb=CAvjm8pIjLs&rr=4&isco=t&abtg=0 HTTP 302
http://track.sparta-tracking.xyz/a6ef11a2-d15c-4bae-9f4e-61af287c83ac?keyword=paramountneyeork&geo=DE&campaignname=00732&device=Desktop&os=Windows+10&browser=Chrome+96&carrier=UNKNOWN&source=438149001&bid=0.0009&clickid=87684538668 HTTP 301
https://track.sparta-tracking.xyz/a6ef11a2-d15c-4bae-9f4e-61af287c83ac?keyword=paramountneyeork&geo=DE&campaignname=00732&device=Desktop&os=Windows+10&browser=Chrome+96&carrier=UNKNOWN&source=438149001&bid=0.0009&clickid=87684538668 HTTP 302
https://lp4.goblocker.xyz/?&utm_campaign=00732&cep=GDTvc1OigHv_pX0SsYCqpIdWIGHCiCM_3W-py4Rb8In1zTOnTPIiNLOFUwI3GEpR_hA_WeHdSOKB-hUeXMxsrV6kMHxmOZRBYhq_mMMzQ1eDX-j4XuQQlHgpXwHehuyA-LF__noNkokvSK6uFlGVGNFxt9UEgvnx01VYk8Peod4XU5T6MXeJhw-ZU2s2EKmMg6OFJBzmGZb0NoF3dpc2U-nGVwWtdN4fTLJBRGL4UEt52ID2zwn6zVWkhF_wOojx2AM0SpmRefc91kklr1IH8zfWJzodIoQi_vfctaEVf-4u87eb0BWw7FTatzKVlDmiYURq2AckBJvSfUmXg6lhwg6qAzr2LEHjj2kR3TLMxTTH2eXJk20PGqgMVpbE16eC1SCwuBfuQ88xixHuYZBOGkKlVn0ZaXwbJb2eleuxaeIe6J6KqQ8-MksNdirXyl42G7Ud3-vpd7BCASRZbPswduKwIItnaNj7UNW-rWS-NjfNdyVFNslnQ5T37y8KtNMZkFF75-AlXGVFYaAuwPpMjeiO7cmpS-dBM4KpBP43HRI&lptoken=16ee38c2474528d1610d&keyword=paramountneyeork&geo=DE&campaignname=00732&device=Desktop&os=Windows+10&browser=Chrome+96&carrier=UNKNOWN&source=438149001&bid=0.0009&clickid=87684538668 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
lp4.goblocker.xyz/
Redirect Chain

http://paramountneyeork.com/
https://mybestdl.com/aS/feedclick?s=Un8YNmzNixpndAYfZXLGLUWut6U4gTSnQAVfxVIJjiUaUUxvZgmcSVO9kPu6BC6pWj8LQHqdt3gdK7X5QIc3n0hfs9IVa7UGgGUtnOtrdEShwgPSYDeeRknv65QJjHchqWfap4yUt_iPH1TzciB1Qg6AZUDRz9bjO...
https://p185689.mybestdl.com/adServe/domainClick?ai=W6LwHsBtbbEnjGnvUcQ3XpJog2duyQXFRIomulZcEXeK4r-3PlB7uSDWxTNnnKvZ4-P7UZK8ccO8EtlL4tOu-gW2EPX3lzlhOP4Y9yygj9tfb5FQeZl75NtmHa-sXA6Bvg7zv1ZX_NDeHWcwD...
http://track.sparta-tracking.xyz/a6ef11a2-d15c-4bae-9f4e-61af287c83ac?keyword=paramountneyeork&geo=DE&campaignname=00732&device=Desktop&os=Windows+10&browser=Chrome+96&carrier=UNKNOWN&source=438149...
https://track.sparta-tracking.xyz/a6ef11a2-d15c-4bae-9f4e-61af287c83ac?keyword=paramountneyeork&geo=DE&campaignname=00732&device=Desktop&os=Windows+10&browser=Chrome+96&carrier=UNKNOWN&source=43814...
https://lp4.goblocker.xyz/?&utm_campaign=00732&cep=GDTvc1OigHv_pX0SsYCqpIdWIGHCiCM_3W-py4Rb8In1zTOnTPIiNLOFUwI3GEpR_hA_WeHdSOKB-hUeXMxsrV6kMHxmOZRBYhq_mMMzQ1eDX-j4XuQQlHgpXwHehuyA-LF__noNkokvSK6uFl...

175 KB
35 KB

147ms
92ms

Document
text/html

2606:4700:3033::ac43:a9e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lp4.goblocker.xyz/?&utm_campaign=00732&cep=GDTvc1OigHv_pX0SsYCqpIdWIGHCiCM_3W-py4Rb8In1zTOnTPIiNLOFUwI3GEpR_hA_WeHdSOKB-hUeXMxsrV6kMHxmOZRBYhq_mMMzQ1eDX-j4XuQQlHgpXwHehuyA-LF__noNkokvSK6uFlGVGNFxt9UEgvnx01VYk8Peod4XU5T6MXeJhw-ZU2s2EKmMg6OFJBzmGZb0NoF3dpc2U-nGVwWtdN4fTLJBRGL4UEt52ID2zwn6zVWkhF_wOojx2AM0SpmRefc91kklr1IH8zfWJzodIoQi_vfctaEVf-4u87eb0BWw7FTatzKVlDmiYURq2AckBJvSfUmXg6lhwg6qAzr2LEHjj2kR3TLMxTTH2eXJk20PGqgMVpbE16eC1SCwuBfuQ88xixHuYZBOGkKlVn0ZaXwbJb2eleuxaeIe6J6KqQ8-MksNdirXyl42G7Ud3-vpd7BCASRZbPswduKwIItnaNj7UNW-rWS-NjfNdyVFNslnQ5T37y8KtNMZkFF75-AlXGVFYaAuwPpMjeiO7cmpS-dBM4KpBP43HRI&lptoken=16ee38c2474528d1610d&keyword=paramountneyeork&geo=DE&campaignname=00732&device=Desktop&os=Windows+10&browser=Chrome+96&carrier=UNKNOWN&source=438149001&bid=0.0009&clickid=87684538668

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:a9e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d15d426807a318ccdf61b73d076302a1c660c36ad9aaebeb78c8a044f793ebbc

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 02 Dec 2021 18:51:01 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: ALLOWALL
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, Authorization
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zAiRq7Lsp8mIKvHBPfDBasVm%2FrNLBrDzdgClDldU8q406fp9TktuxT8jc4cGNSSz19UUqdpZ4HtYivnIGY%2BKDVUQpPLXf3GL%2F2W9i6Rbv9V0YvJGfg65UmW5lmh1rt3N9lQEpOtJY72aetIWbY2H8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b76be87eada3758-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Thu, 02 Dec 2021 18:51:01 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://lp4.goblocker.xyz/?&utm_campaign=00732&cep=GDTvc1OigHv_pX0SsYCqpIdWIGHCiCM_3W-py4Rb8In1zTOnTPIiNLOFUwI3GEpR_hA_WeHdSOKB-hUeXMxsrV6kMHxmOZRBYhq_mMMzQ1eDX-j4XuQQlHgpXwHehuyA-LF__noNkokvSK6uFlGVGNFxt9UEgvnx01VYk8Peod4XU5T6MXeJhw-ZU2s2EKmMg6OFJBzmGZb0NoF3dpc2U-nGVwWtdN4fTLJBRGL4UEt52ID2zwn6zVWkhF_wOojx2AM0SpmRefc91kklr1IH8zfWJzodIoQi_vfctaEVf-4u87eb0BWw7FTatzKVlDmiYURq2AckBJvSfUmXg6lhwg6qAzr2LEHjj2kR3TLMxTTH2eXJk20PGqgMVpbE16eC1SCwuBfuQ88xixHuYZBOGkKlVn0ZaXwbJb2eleuxaeIe6J6KqQ8-MksNdirXyl42G7Ud3-vpd7BCASRZbPswduKwIItnaNj7UNW-rWS-NjfNdyVFNslnQ5T37y8KtNMZkFF75-AlXGVFYaAuwPpMjeiO7cmpS-dBM4KpBP43HRI&lptoken=16ee38c2474528d1610d&keyword=paramountneyeork&geo=DE&campaignname=00732&device=Desktop&os=Windows+10&browser=Chrome+96&carrier=UNKNOWN&source=438149001&bid=0.0009&clickid=87684538668
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DX5UJAHrglMLxyLsWxmYDjmF%2FZrfzmQxxBRbXgekHBe04776ei6CDd0QzN6Zbr2mUmhtHC3PowTQYCHPhO0Y6x9ybr0Zr%2Bbx9il13P2ZVMIbyyjhDyZsKVcBqL7XVRgcBggcwMwvdPvGgxxhbSDSy0USWsVrqR%2FH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b76be86ea4f0f82-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 icon
fonts.googleapis.com/ 569 B
869 B 41ms
17ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: lp4.goblocker.xyz
URL: https://lp4.goblocker.xyz/?&utm_campaign=00732&cep=GDTvc1OigHv_pX0SsYCqpIdWIGHCiCM_3W-py4Rb8In1zTOnTPIiNLOFUwI3GEpR_hA_WeHdSOKB-hUeXMxsrV6kMHxmOZRBYhq_mMMzQ1eDX-j4XuQQlHgpXwHehuyA-LF__noNkokvSK6uFlGVGNFxt9UEgvnx01VYk8Peod4XU5T6MXeJhw-ZU2s2EKmMg6OFJBzmGZb0NoF3dpc2U-nGVwWtdN4fTLJBRGL4UEt52ID2zwn6zVWkhF_wOojx2AM0SpmRefc91kklr1IH8zfWJzodIoQi_vfctaEVf-4u87eb0BWw7FTatzKVlDmiYURq2AckBJvSfUmXg6lhwg6qAzr2LEHjj2kR3TLMxTTH2eXJk20PGqgMVpbE16eC1SCwuBfuQ88xixHuYZBOGkKlVn0ZaXwbJb2eleuxaeIe6J6KqQ8-MksNdirXyl42G7Ud3-vpd7BCASRZbPswduKwIItnaNj7UNW-rWS-NjfNdyVFNslnQ5T37y8KtNMZkFF75-AlXGVFYaAuwPpMjeiO7cmpS-dBM4KpBP43HRI&lptoken=16ee38c2474528d1610d&keyword=paramountneyeork&geo=DE&campaignname=00732&device=Desktop&os=Windows+10&browser=Chrome+96&carrier=UNKNOWN&source=438149001&bid=0.0009&clickid=87684538668

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99c1697bfc05f8e00314bc2aa32c60b123b311965e94e91801d3876d86d72fdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp4.goblocker.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 02 Dec 2021 18:51:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 02 Dec 2021 18:51:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Dec 2021 18:51:01 GMT

GET
H2 200 script.js Show response
script.wrap-lamb.com/ 382 B
729 B 43ms
8ms Script
application/json 13.225.87.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://script.wrap-lamb.com/script.js
Requested by: Host: lp4.goblocker.xyz
URL: https://lp4.goblocker.xyz/?&utm_campaign=00732&cep=GDTvc1OigHv_pX0SsYCqpIdWIGHCiCM_3W-py4Rb8In1zTOnTPIiNLOFUwI3GEpR_hA_WeHdSOKB-hUeXMxsrV6kMHxmOZRBYhq_mMMzQ1eDX-j4XuQQlHgpXwHehuyA-LF__noNkokvSK6uFlGVGNFxt9UEgvnx01VYk8Peod4XU5T6MXeJhw-ZU2s2EKmMg6OFJBzmGZb0NoF3dpc2U-nGVwWtdN4fTLJBRGL4UEt52ID2zwn6zVWkhF_wOojx2AM0SpmRefc91kklr1IH8zfWJzodIoQi_vfctaEVf-4u87eb0BWw7FTatzKVlDmiYURq2AckBJvSfUmXg6lhwg6qAzr2LEHjj2kR3TLMxTTH2eXJk20PGqgMVpbE16eC1SCwuBfuQ88xixHuYZBOGkKlVn0ZaXwbJb2eleuxaeIe6J6KqQ8-MksNdirXyl42G7Ud3-vpd7BCASRZbPswduKwIItnaNj7UNW-rWS-NjfNdyVFNslnQ5T37y8KtNMZkFF75-AlXGVFYaAuwPpMjeiO7cmpS-dBM4KpBP43HRI&lptoken=16ee38c2474528d1610d&keyword=paramountneyeork&geo=DE&campaignname=00732&device=Desktop&os=Windows+10&browser=Chrome+96&carrier=UNKNOWN&source=438149001&bid=0.0009&clickid=87684538668
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-111.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp4.goblocker.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 15:06:00 GMT
via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
last-modified: Wed, 09 Jun 2021 10:30:09 GMT
server: AmazonS3
age: 13774
etag: "10263a40a9d604e06e31e20f0b213918"
x-cache: Hit from cloudfront
content-type: application/json
cache-control: no-cache
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 382
x-amz-cf-id: REs5-pFUOGWBJweXwWDt6Iq8Uh_yMoiYkn7VMh_ZAGwiZnBsw_E69w==

GET
H2 200 email-decode.min.js Show response
lp4.goblocker.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 20ms
20ms Script
application/javascript 2606:4700:3033::ac43:a9e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lp4.goblocker.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:a9e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp4.goblocker.xyz/?&utm_campaign=00732&cep=GDTvc1OigHv_pX0SsYCqpIdWIGHCiCM_3W-py4Rb8In1zTOnTPIiNLOFUwI3GEpR_hA_WeHdSOKB-hUeXMxsrV6kMHxmOZRBYhq_mMMzQ1eDX-j4XuQQlHgpXwHehuyA-LF__noNkokvSK6uFlGVGNFxt9UEgvnx01VYk8Peod4XU5T6MXeJhw-ZU2s2EKmMg6OFJBzmGZb0NoF3dpc2U-nGVwWtdN4fTLJBRGL4UEt52ID2zwn6zVWkhF_wOojx2AM0SpmRefc91kklr1IH8zfWJzodIoQi_vfctaEVf-4u87eb0BWw7FTatzKVlDmiYURq2AckBJvSfUmXg6lhwg6qAzr2LEHjj2kR3TLMxTTH2eXJk20PGqgMVpbE16eC1SCwuBfuQ88xixHuYZBOGkKlVn0ZaXwbJb2eleuxaeIe6J6KqQ8-MksNdirXyl42G7Ud3-vpd7BCASRZbPswduKwIItnaNj7UNW-rWS-NjfNdyVFNslnQ5T37y8KtNMZkFF75-AlXGVFYaAuwPpMjeiO7cmpS-dBM4KpBP43HRI&lptoken=16ee38c2474528d1610d&keyword=paramountneyeork&geo=DE&campaignname=00732&device=Desktop&os=Windows+10&browser=Chrome+96&carrier=UNKNOWN&source=438149001&bid=0.0009&clickid=87684538668
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:51:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 01 Dec 2021 12:21:00 GMT
server: cloudflare
etag: W/"61a768ac-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9upAc%2FppV5AwVCpWw%2FwdJWmq2Std31gdHH3dkX9tkbmeX6lgggHprvZO54jI4%2FkM0QNxoQL01QDjGQf7gL9heETVlhgy%2FzN8R5RLqn8S5tod%2BQpMvVXBOqoDrzgkxQFPqtblw4QyAQUp%2FSSh7RismA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b76be88accc3758-MXP
vary: Accept-Encoding
expires: Sat, 04 Dec 2021 18:51:01 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8818a814be96761b810e63c72181b0be3889f44bdb50c399e24e945180529833

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Roboto-Regular.woff2
lp4.goblocker.xyz/fonts/roboto/ 63 KB
64 KB 94ms
94ms Font
application/octet-stream 2606:4700:3033::ac43:a9e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lp4.goblocker.xyz/fonts/roboto/Roboto-Regular.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a9e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02a7cd67c545041654af047f04ce327f2df086386eab421adc16269010c50365

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer: https://lp4.goblocker.xyz/?&utm_campaign=00732&cep=GDTvc1OigHv_pX0SsYCqpIdWIGHCiCM_3W-py4Rb8In1zTOnTPIiNLOFUwI3GEpR_hA_WeHdSOKB-hUeXMxsrV6kMHxmOZRBYhq_mMMzQ1eDX-j4XuQQlHgpXwHehuyA-LF__noNkokvSK6uFlGVGNFxt9UEgvnx01VYk8Peod4XU5T6MXeJhw-ZU2s2EKmMg6OFJBzmGZb0NoF3dpc2U-nGVwWtdN4fTLJBRGL4UEt52ID2zwn6zVWkhF_wOojx2AM0SpmRefc91kklr1IH8zfWJzodIoQi_vfctaEVf-4u87eb0BWw7FTatzKVlDmiYURq2AckBJvSfUmXg6lhwg6qAzr2LEHjj2kR3TLMxTTH2eXJk20PGqgMVpbE16eC1SCwuBfuQ88xixHuYZBOGkKlVn0ZaXwbJb2eleuxaeIe6J6KqQ8-MksNdirXyl42G7Ud3-vpd7BCASRZbPswduKwIItnaNj7UNW-rWS-NjfNdyVFNslnQ5T37y8KtNMZkFF75-AlXGVFYaAuwPpMjeiO7cmpS-dBM4KpBP43HRI&lptoken=16ee38c2474528d1610d&keyword=paramountneyeork&geo=DE&campaignname=00732&device=Desktop&os=Windows+10&browser=Chrome+96&carrier=UNKNOWN&source=438149001&bid=0.0009&clickid=87684538668
Origin: https://lp4.goblocker.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:51:01 GMT
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 64832
last-modified: Wed, 01 Dec 2021 08:56:45 GMT
server: cloudflare
etag: "61a738cd-fd40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: ALLOWALL
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oA44%2F%2BBTqrIty3YTSKUYKP2OOp7tare03q6KnDdk2rG%2FaWjYqEirJGuWHvDBHti2SiwqBRxrDt18mgsImnWCHCeg2syyNZ%2BpRu0QWvUWnji10Q2laupITMoIks9TX0feTJ6ccqrfOgZMtXHxCMbtiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b76be88ed590f6a-MXP
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, Authorization

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v118/ 117 KB
117 KB 33ms
9ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v118/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5750e404dee79ec463531c5b93847bbada31f7e3c6d88bfc48d8b09b8812f543

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lp4.goblocker.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 21:19:55 GMT
x-content-type-options: nosniff
age: 163866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119540
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 20:45:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 30 Nov 2022 21:19:55 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.5.18/ 16 KB
7 KB 32ms
9ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.5.18/webfont.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp4.goblocker.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 15:07:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13404
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6490
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Dec 2022 15:07:37 GMT

GET
H3 200 css
fonts.googleapis.com/ 20 KB
1 KB 34ms
19ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,600,700,900%7COpen+Sans:300,400,200i,600,700

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.5.18/webfont.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13a472f2ed2a67dd2489ee93e9fd85f9d5142315c08c51fd039e34f158dde4d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp4.goblocker.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 02 Dec 2021 18:51:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 02 Dec 2021 18:51:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Dec 2021 18:51:01 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 29ms
14ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,600,700,900%7COpen+Sans:300,400,200i,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lp4.goblocker.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 15:45:42 GMT
x-content-type-options: nosniff
age: 97520
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 01 Dec 2022 15:45:42 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 25ms
12ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,600,700,900%7COpen+Sans:300,400,200i,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lp4.goblocker.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 20:07:55 GMT
x-content-type-options: nosniff
age: 168187
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 30 Nov 2022 20:07:55 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 18ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,600,700,900%7COpen+Sans:300,400,200i,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lp4.goblocker.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 15:57:38 GMT
x-content-type-options: nosniff
age: 96804
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 01 Dec 2022 15:57:38 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.paramountneyeork.com/	1970-02-13 19:39:14	Name: sid Value: ca5da1cc-53a0-11ec-ba8f-899285d8c941
.mybestdl.com/	1970-01-20 03:27:03	Name: rhid Value: 80227538005
.mybestdl.com/	1970-01-19 23:07:54	Name: loi Value: ad_1133445_off_577864_aff_8203_cid_185689-PARAMOUNTNEYEORK.COM_ts_1638471061
.track.sparta-tracking.xyz/	1970-01-19 23:09:17	Name: a6ef11a2-d15c-4bae-9f4e-61af287c83ac-v4 Value: oz9PBV-IAOm2ScBi7KqeFbjTf-eVUnjWM5JtwLMr7-Q
.track.sparta-tracking.xyz/	1970-01-19 23:09:17	Name: cep-v4 Value: 08M9Z3hjNY1Wm6hYjmboEylH_NgQc1SqsDR-Y95yuHnMha22vnmqRWkBsNlKHMtITQyBRQ04YYteUMa7IQVyiB_D68Sc8IYJf9w63fOwceBrtgKfpklg1g4Ro_YetuD2w_Wm_UhAxQK0F63nIEKeG_Mh5F_YZo3oDa4O-8My6z6lrTqfhbrAJjdPFrmz6_BmrcVoFzFUIyPrR_vE8UDT4Q6WylohSMNSuNg9mU8Ulc5V3otUMuRdtjEJZJHgCR-7ea4OLIPhpzhYdk8scPQczq8tJ2G5wIciA576FuvzJrvocgqntE5iIRXjPpVYM7ph0IWocKjAuDcI1dYY-KhyErELyI9HT7s81DyshbQUOdjOKytePjF_zj_TkcF5cE1c5bYG0Vyur0WFxCKYIUjG2LSPNS8ANS-Ox5R1-Gbn_HKO3e_TyOQO584koHAeG9YbA-fIEZrjkzIzRo-Y1DoF3HpT_49-HhpP9OAJn1YNlUC3U7wuKi5jzPKOxV2m6tHRlZMNVVqFPB4Y-aC213wXxZF8dLdDqE0oQCf2WSQejrU

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	ALLOWALL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
lp4.goblocker.xyz
mybestdl.com
p185689.mybestdl.com
paramountneyeork.com
script.wrap-lamb.com
track.sparta-tracking.xyz
13.225.87.111
173.192.101.30
212.32.237.90
2606:4700:3033::ac43:a9e8
2606:4700:3035::6815:253b
2a00:1450:4001:809::2003
2a00:1450:4001:811::200a
2a00:1450:4001:82b::200a
02a7cd67c545041654af047f04ce327f2df086386eab421adc16269010c50365
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
13a472f2ed2a67dd2489ee93e9fd85f9d5142315c08c51fd039e34f158dde4d1
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
5750e404dee79ec463531c5b93847bbada31f7e3c6d88bfc48d8b09b8812f543
8818a814be96761b810e63c72181b0be3889f44bdb50c399e24e945180529833
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
99c1697bfc05f8e00314bc2aa32c60b123b311965e94e91801d3876d86d72fdd
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
d15d426807a318ccdf61b73d076302a1c660c36ad9aaebeb78c8a044f793ebbc

lp4.goblocker.xyz Open in urlscan Pro 2606:4700:3033::ac43:a9e8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

11 Requests

100 %HTTPS

63 %IPv6

7 Domains

9 Subdomains

6 IPs

3 Countries

302 kBTransfer

471 kBSize

5 Cookies

2 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

5 Cookies

Security Headers

Indicators

lp4.goblocker.xyz Open in urlscan Pro
2606:4700:3033::ac43:a9e8 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

63 %
IPv6

7
Domains

9
Subdomains

6
IPs

3
Countries

302 kB
Transfer

471 kB
Size

5
Cookies

11 HTTP transactions
1 data transactions