urlscan.io logo urlscan.io
SecurityTrails logo

popupblocker-download.com Open in urlscan Pro
2606:4700:3030::6815:1f87  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://podefr.net/b2/l/c/redir?asid=3292763272QBirFauQ&cid=7&did=e0tpfVs&eid=698&n=ccd53770d673c580b2cf70a0&nid=1&...
Effective URL: https://popupblocker-download.com/step.html?an=pa&cid=778407920189837659&sid=4662728
Submission: On February 05 via manual from IT — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 13 domains to perform 40 HTTP transactions. The main IP is 2606:4700:3030::6815:1f87, located in United States and belongs to CLOUDFLARENET, US. The main domain is popupblocker-download.com. The Cisco Umbrella rank of the primary domain is 273590.
TLS certificate: Issued by GTS CA 1P5 on January 21st 2024. Valid for: 3 months.
This is the only time popupblocker-download.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 62.122.171.150 50245 (SERVEREL-AS)
1 1 142.132.148.212 24940 (HETZNER-AS)
1 2 139.45.196.64 9002 (RETN-AS)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 37.48.68.71 60781 (LEASEWEB-...)
5 139.45.195.8 9002 (RETN-AS)
1 17 172.64.204.9 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
40 12
1    62.122.171.150 (Amsterdam, Netherlands)

ASN50245 (SERVEREL-AS, US)
PTR: 62.122.171.150.serverel.net
podefr.net
1    142.132.148.212 (Falkenstein, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.212.148.132.142.clients.your-server.de
ads33.feed-xml.com
2    139.45.196.64 (United Kingdom)

ASN9002 (RETN-AS, GB)
luofinality.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
cdntechone.com
2    37.48.68.71 (Amsterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
datatechone.com
5    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
17    172.64.204.9 (United States)

ASN13335 (CLOUDFLARENET, US)
totalnicenewz.com
2    2606:4700:3030::6815:1f87 (United States)

ASN13335 (CLOUDFLARENET, US)
popupblocker-download.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
17 totalnicenewz.com
totalnicenewz.com
75 KB
5 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11663
3 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2029
315 B
2 gstatic.com
fonts.gstatic.com
32 KB
2 popupblocker-download.com
popupblocker-download.com — Cisco Umbrella Rank: 273590
11 KB
2 datatechone.com
datatechone.com — Cisco Umbrella Rank: 49226
937 B
2 luofinality.com
luofinality.com
3 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
92 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
1 KB
1 cdntechone.com
cdntechone.com — Cisco Umbrella Rank: 133473
9 KB
1 feed-xml.com
ads33.feed-xml.com — Cisco Umbrella Rank: 669765
435 B
1 podefr.net
podefr.net — Cisco Umbrella Rank: 372185
661 B
0 Failed
function sub() { [native code] }. Failed
40 13
Domain Requested by
17 totalnicenewz.com 1 redirects luofinality.com
totalnicenewz.com
5 my.rtmark.net luofinality.com
totalnicenewz.com
2 region1.google-analytics.com www.googletagmanager.com
2 fonts.gstatic.com fonts.googleapis.com
2 popupblocker-download.com popupblocker-download.com
2 datatechone.com cdntechone.com
totalnicenewz.com
2 luofinality.com 1 redirects cdntechone.com
1 www.googletagmanager.com popupblocker-download.com
1 fonts.googleapis.com popupblocker-download.com
1 cdntechone.com
1 ads33.feed-xml.com 1 redirects
1 podefr.net
0 dhemafmfialpibmahglbfgjihhfheepp Failed popupblocker-download.com
40 13

This site contains links to these domains. Also see Links.

Domain
popupsblocker.org
Subject Issuer Validity Valid
podefr.net
R3		 2023-12-14 -
2024-03-13		 3 months crt.sh
cdntechone.com
GTS CA 1P5		 2023-12-26 -
2024-03-25		 3 months crt.sh
datatechone.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-10 -
2024-12-23		 a year crt.sh
luofinality.com
R3		 2024-01-12 -
2024-04-11		 3 months crt.sh
rtmark.net
R3		 2023-12-23 -
2024-03-22		 3 months crt.sh
totalnicenewz.com
GTS CA 1P5		 2024-01-19 -
2024-04-18		 3 months crt.sh
popupblocker-download.com
GTS CA 1P5		 2024-01-21 -
2024-04-20		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://popupblocker-download.com/step.html?an=pa&cid=778407920189837659&sid=4662728
Frame ID: 9DCC000B95BFAF64E72D03AAFA3DF254
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Stop Ads

Page URL History Show full URLs

  1. https://podefr.net/b2/l/c/redir?asid=3292763272QBirFauQ&cid=7&did=e0tpfVs&eid=698&n=ccd53770d67... Page URL
  2. https://ads33.feed-xml.com/tracking/pc?adid=T1707150328U21B0C5E43C4C675E_760393_865865 HTTP 302
    https://luofinality.com/link?z=6489943&var=167557610514898&ymid=03B008F968B8C8AA HTTP 302
    https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=6489943&axcusid1=16... Page URL
  3. http://luofinality.com/link?z=6489943&var=167557610514898&ymid=03B008F968B8C8AA&acb=proxy-smart-lin... HTTP 307
    https://luofinality.com/link?z=6489943&var=167557610514898&ymid=03B008F968B8C8AA&acb=proxy-smart-lin... Page URL
  4. https://totalnicenewz.com/?s=778407913080496691&ssk=cc459f77ef44002424efb235855dd979&svar=1707150427&z... Page URL
  5. https://totalnicenewz.com/?s=778407913080496691&ssk=cc459f77ef44002424efb235855dd979&svar=1707150427&z... Page URL
  6. https://totalnicenewz.com/submenu/4662728/?rhd=1&var=6489944&var3=778407913080496691&oaid=e92fc34f9529... Page URL
  7. https://totalnicenewz.com/rhd?z=4662728&syncedCookie=false&rhd=true HTTP 302
    https://popupblocker-download.com/step.html?an=pa&cid=778407920189837659&sid=4662728 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

40
Requests

85 %
HTTPS

50 %
IPv6

13
Domains

13
Subdomains

12
IPs

4
Countries

225 kB
Transfer

541 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://podefr.net/b2/l/c/redir?asid=3292763272QBirFauQ&cid=7&did=e0tpfVs&eid=698&n=ccd53770d673c580b2cf70a0&nid=1&sid=2A9bcHWsKilFPhhSAybEysHOYwwGThNVDmtv5qT4IudCUMqA190Dc%2BdTaIb2oKP%2BIlm6%2BEQtdzcxdwuY2ld278sXqgC2nPGD1teRU608zbnGxyyCnqFcqjYubfN1KUTWPIqf%2FVhMxg0fOCfMuBlZ52gGx4%2BO5UsyXpPv9rF1ymc3tRsD%2BJ2sJ7Bc%2B2q68X8ux1y7VVJvNYoEasUl9i12pIz9DcYuL02REbvV1WZMaDB%2FT919XYPXGTxF7ovB0mRxcD5iv5eDTAyDZg1KszUPcD%2BozSjY7u9dmC9LRRI0t0BY557XoOy1EgiZjK%2FWie1X4BnASNclmHwriYLBkKbHm4%2BJVsxcCZRTfL6Cto9af6u%2BKpBKUw8P4oJV9x%2B%2FheATTlnQqAhCgQ0SAnxgKWPJ5SImfxXZtWCj1JCGn0j7YG8i8ZDO0pHtz5i7GVyXIYvArGlzIiEVZZKM6yKjkx02WFtUSXNupULtB9yvrNm5ve8HyWoAIpyOzwEueXlIjho8gN7voR9KzNzo9UicqF6pjEx0RFa7Sp3GXiM0Wu6hBqvslkC%2FISloLlM%2BzGOzS1jB9eQjj15AV7%2Bqm9vOaX%2F11%2BA%2FedwMBd%2Fn0VOXaGqNfvoxDfwsuj2WCks6HmLi0%2B0359XkLQ6coxBh0TbeewmMeLMkbF3JjDqL3Dg0U8odvjbzUJ9e%2FIZsLNZDLA5vg53cmVvvj%2B3LGslqWpgkelE%2F8tL%2BWX%2FwVxcVv6hqquaPutQ%2F1gIXN4rukAu9EsdhdLwFAcp7%2B0goZsD%2Fqv0ndZzz3Ehy9bUnvtD7%2FxHIoj1MUiS9OfGLyAylWUJ15FjJKZ0spo9Avwdd37pEQsNiYkMeViP0iVtIKXcFM8NrwfvOAz%2FkwogB2dUZj21O1TeHI6xDKjwok2t%2Ftiq6Du887QJOfB1QUQp8eghni6n4Gu7WoWx8UYmdreuUf%2Fo%2BfCccd5hJUGmsOKeUdW5aJk8t%2BYmzqAlGLxPvQ6cQhQjKy4aVbbV81EWRRR2CbPlzLZWnjtvN2CvdBOH5dnsWyCK1EOE4zmxD5N2%2BkcvJEqsbQGz13OYLDn69VXi783jPckqsQvN566kbXwAapfoXZ0UGHwxHXXwg1ERdw9xp0gGnrdFQnz%2BFauYOXegctOTJ8aWp92xOPe0UypVYJrVYYNHN9EjYLf69qo8rC7AOHiqZQOlI8eKQHNbPfd2kFC%2Ff6tKVHV8XnTtxmNpvFUELmo%2FSjbgfB%2Fl4d13SLLDMwHu1O4q220zO%2Fxj%2FJB4SLhpSuRmT268CfgEgOhmR9VD6iJogBwpMF7IEbLicp86e7rzAKj4B52R%2BVzTIn0SUTmEBTekxjyI8l4WXNqjubKx9PqSU2fIZL9DMeVRh1CuAISAMy%2BduiBEf1e1SMqwXek1eh8tSkM7w4%2FyJU0gjBV74WlyO%2FlEX4jdUMs9kHoz4NZOQM4jZ%2FT97U%2FVrCZgAelGW68%2Blg4eCpX4xeIBQX4hlI6Wa2mEGBGBTdwPJU0NBGTD6IdtAZdvVh93jHo20UHxH%2BOB2bbrJleAQW1RTtqSTOy5T%2FwjyqGOdDe2ktzW5Mty7izU17lJ2TP%2B9%2BEt3DQlrCAPCOMxYzqSLkR828ktugiM9B%2BkGWVtzdXQp5eMTy3br1Awz8VQE3kc1pva6m3xm7blK9ZG1bOA4hhbIz3EGJ81kNI3Ot6JC85Ow05Po%2F1tGnaDImaI3%2B%2FwtCE8lO03DrW%2BTQoCZKYtHG1CSTCMIpA&ssid=3292763272QBirFauQ&ts=1707150328&ttl=86400&v=v5.9.19 Page URL
  2. https://ads33.feed-xml.com/tracking/pc?adid=T1707150328U21B0C5E43C4C675E_760393_865865 HTTP 302
    https://luofinality.com/link?z=6489943&var=167557610514898&ymid=03B008F968B8C8AA HTTP 302
    https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=6489943&axcusid1=167557610514898&clid={ymid}&r=http%3A%2F%2Fluofinality.com%2Flink%3Fz%3D6489943%26var%3D167557610514898%26ymid%3D03B008F968B8C8AA%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=9221 Page URL
  3. http://luofinality.com/link?z=6489943&var=167557610514898&ymid=03B008F968B8C8AA&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=9221 HTTP 307
    https://luofinality.com/link?z=6489943&var=167557610514898&ymid=03B008F968B8C8AA&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=9221 Page URL
  4. https://totalnicenewz.com/?s=778407913080496691&ssk=cc459f77ef44002424efb235855dd979&svar=1707150427&z=6489944&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto= Page URL
  5. https://totalnicenewz.com/?s=778407913080496691&ssk=cc459f77ef44002424efb235855dd979&svar=1707150427&z=6489944&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2 Page URL
  6. https://totalnicenewz.com/submenu/4662728/?rhd=1&var=6489944&var3=778407913080496691&oaid=e92fc34f95299760116bd2ec88e18a64 Page URL
  7. https://totalnicenewz.com/rhd?z=4662728&syncedCookie=false&rhd=true HTTP 302
    https://popupblocker-download.com/step.html?an=pa&cid=778407920189837659&sid=4662728 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://ads33.feed-xml.com/tracking/pc?adid=T1707150328U21B0C5E43C4C675E_760393_865865 HTTP 302
  • https://luofinality.com/link?z=6489943&var=167557610514898&ymid=03B008F968B8C8AA HTTP 302
  • https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=6489943&axcusid1=167557610514898&clid={ymid}&r=http%3A%2F%2Fluofinality.com%2Flink%3Fz%3D6489943%26var%3D167557610514898%26ymid%3D03B008F968B8C8AA%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=9221
Request Chain 3
  • http://luofinality.com/link?z=6489943&var=167557610514898&ymid=03B008F968B8C8AA&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=9221 HTTP 307
  • https://luofinality.com/link?z=6489943&var=167557610514898&ymid=03B008F968B8C8AA&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=9221

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
redir
podefr.net/b2/l/c/ 		443 B
661 B 		Document
General
Check archive.org
Download Go to
Full URL
https://podefr.net/b2/l/c/redir?asid=3292763272QBirFauQ&cid=7&did=e0tpfVs&eid=698&n=ccd53770d673c580b2cf70a0&nid=1&sid=2A9bcHWsKilFPhhSAybEysHOYwwGThNVDmtv5qT4IudCUMqA190Dc%2BdTaIb2oKP%2BIlm6%2BEQtdzcxdwuY2ld278sXqgC2nPGD1teRU608zbnGxyyCnqFcqjYubfN1KUTWPIqf%2FVhMxg0fOCfMuBlZ52gGx4%2BO5UsyXpPv9rF1ymc3tRsD%2BJ2sJ7Bc%2B2q68X8ux1y7VVJvNYoEasUl9i12pIz9DcYuL02REbvV1WZMaDB%2FT919XYPXGTxF7ovB0mRxcD5iv5eDTAyDZg1KszUPcD%2BozSjY7u9dmC9LRRI0t0BY557XoOy1EgiZjK%2FWie1X4BnASNclmHwriYLBkKbHm4%2BJVsxcCZRTfL6Cto9af6u%2BKpBKUw8P4oJV9x%2B%2FheATTlnQqAhCgQ0SAnxgKWPJ5SImfxXZtWCj1JCGn0j7YG8i8ZDO0pHtz5i7GVyXIYvArGlzIiEVZZKM6yKjkx02WFtUSXNupULtB9yvrNm5ve8HyWoAIpyOzwEueXlIjho8gN7voR9KzNzo9UicqF6pjEx0RFa7Sp3GXiM0Wu6hBqvslkC%2FISloLlM%2BzGOzS1jB9eQjj15AV7%2Bqm9vOaX%2F11%2BA%2FedwMBd%2Fn0VOXaGqNfvoxDfwsuj2WCks6HmLi0%2B0359XkLQ6coxBh0TbeewmMeLMkbF3JjDqL3Dg0U8odvjbzUJ9e%2FIZsLNZDLA5vg53cmVvvj%2B3LGslqWpgkelE%2F8tL%2BWX%2FwVxcVv6hqquaPutQ%2F1gIXN4rukAu9EsdhdLwFAcp7%2B0goZsD%2Fqv0ndZzz3Ehy9bUnvtD7%2FxHIoj1MUiS9OfGLyAylWUJ15FjJKZ0spo9Avwdd37pEQsNiYkMeViP0iVtIKXcFM8NrwfvOAz%2FkwogB2dUZj21O1TeHI6xDKjwok2t%2Ftiq6Du887QJOfB1QUQp8eghni6n4Gu7WoWx8UYmdreuUf%2Fo%2BfCccd5hJUGmsOKeUdW5aJk8t%2BYmzqAlGLxPvQ6cQhQjKy4aVbbV81EWRRR2CbPlzLZWnjtvN2CvdBOH5dnsWyCK1EOE4zmxD5N2%2BkcvJEqsbQGz13OYLDn69VXi783jPckqsQvN566kbXwAapfoXZ0UGHwxHXXwg1ERdw9xp0gGnrdFQnz%2BFauYOXegctOTJ8aWp92xOPe0UypVYJrVYYNHN9EjYLf69qo8rC7AOHiqZQOlI8eKQHNbPfd2kFC%2Ff6tKVHV8XnTtxmNpvFUELmo%2FSjbgfB%2Fl4d13SLLDMwHu1O4q220zO%2Fxj%2FJB4SLhpSuRmT268CfgEgOhmR9VD6iJogBwpMF7IEbLicp86e7rzAKj4B52R%2BVzTIn0SUTmEBTekxjyI8l4WXNqjubKx9PqSU2fIZL9DMeVRh1CuAISAMy%2BduiBEf1e1SMqwXek1eh8tSkM7w4%2FyJU0gjBV74WlyO%2FlEX4jdUMs9kHoz4NZOQM4jZ%2FT97U%2FVrCZgAelGW68%2Blg4eCpX4xeIBQX4hlI6Wa2mEGBGBTdwPJU0NBGTD6IdtAZdvVh93jHo20UHxH%2BOB2bbrJleAQW1RTtqSTOy5T%2FwjyqGOdDe2ktzW5Mty7izU17lJ2TP%2B9%2BEt3DQlrCAPCOMxYzqSLkR828ktugiM9B%2BkGWVtzdXQp5eMTy3br1Awz8VQE3kc1pva6m3xm7blK9ZG1bOA4hhbIz3EGJ81kNI3Ot6JC85Ow05Po%2F1tGnaDImaI3%2B%2FwtCE8lO03DrW%2BTQoCZKYtHG1CSTCMIpA&ssid=3292763272QBirFauQ&ts=1707150328&ttl=86400&v=v5.9.19
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
62.122.171.150 Amsterdam, Netherlands, ASN50245 (SERVEREL-AS, US),
Reverse DNS
62.122.171.150.serverel.net
Software
dspclick-v3.10.0 /
Resource Hash
fb9d2070b8f17dda7c333da2f15a409b07afd6500f0d3afdd46a38cb2696da77

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-length
443
content-type
text/html
date
Mon, 05 Feb 2024 16:27:06 GMT
server
dspclick-v3.10.0
r.html
cdntechone.com/
Redirect Chain
  • https://ads33.feed-xml.com/tracking/pc?adid=T1707150328U21B0C5E43C4C675E_760393_865865
  • https://luofinality.com/link?z=6489943&var=167557610514898&ymid=03B008F968B8C8AA
  • https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=6489943&axcusid1=167557610514898&clid={ymid}&r=http%3A%2F%2Fluofinality.com%2Flink%3Fz%3D6489943%26var%3D167557610514...
22 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=6489943&axcusid1=167557610514898&clid={ymid}&r=http%3A%2F%2Fluofinality.com%2Flink%3Fz%3D6489943%26var%3D167557610514898%26ymid%3D03B008F968B8C8AA%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=9221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69732385d6dc2ab33d4d8171ec1fb8e58cfe0bc19efd1879023dfdaa71a61ccf

Request headers

Referer
https://podefr.net/b2/l/c/redir?asid=3292763272QBirFauQ&cid=7&did=e0tpfVs&eid=698&n=ccd53770d673c580b2cf70a0&nid=1&sid=2A9bcHWsKilFPhhSAybEysHOYwwGThNVDmtv5qT4IudCUMqA190Dc%2BdTaIb2oKP%2BIlm6%2BEQtdzcxdwuY2ld278sXqgC2nPGD1teRU608zbnGxyyCnqFcqjYubfN1KUTWPIqf%2FVhMxg0fOCfMuBlZ52gGx4%2BO5UsyXpPv9rF1ymc3tRsD%2BJ2sJ7Bc%2B2q68X8ux1y7VVJvNYoEasUl9i12pIz9DcYuL02REbvV1WZMaDB%2FT919XYPXGTxF7ovB0mRxcD5iv5eDTAyDZg1KszUPcD%2BozSjY7u9dmC9LRRI0t0BY557XoOy1EgiZjK%2FWie1X4BnASNclmHwriYLBkKbHm4%2BJVsxcCZRTfL6Cto9af6u%2BKpBKUw8P4oJV9x%2B%2FheATTlnQqAhCgQ0SAnxgKWPJ5SImfxXZtWCj1JCGn0j7YG8i8ZDO0pHtz5i7GVyXIYvArGlzIiEVZZKM6yKjkx02WFtUSXNupULtB9yvrNm5ve8HyWoAIpyOzwEueXlIjho8gN7voR9KzNzo9UicqF6pjEx0RFa7Sp3GXiM0Wu6hBqvslkC%2FISloLlM%2BzGOzS1jB9eQjj15AV7%2Bqm9vOaX%2F11%2BA%2FedwMBd%2Fn0VOXaGqNfvoxDfwsuj2WCks6HmLi0%2B0359XkLQ6coxBh0TbeewmMeLMkbF3JjDqL3Dg0U8odvjbzUJ9e%2FIZsLNZDLA5vg53cmVvvj%2B3LGslqWpgkelE%2F8tL%2BWX%2FwVxcVv6hqquaPutQ%2F1gIXN4rukAu9EsdhdLwFAcp7%2B0goZsD%2Fqv0ndZzz3Ehy9bUnvtD7%2FxHIoj1MUiS9OfGLyAylWUJ15FjJKZ0spo9Avwdd37pEQsNiYkMeViP0iVtIKXcFM8NrwfvOAz%2FkwogB2dUZj21O1TeHI6xDKjwok2t%2Ftiq6Du887QJOfB1QUQp8eghni6n4Gu7WoWx8UYmdreuUf%2Fo%2BfCccd5hJUGmsOKeUdW5aJk8t%2BYmzqAlGLxPvQ6cQhQjKy4aVbbV81EWRRR2CbPlzLZWnjtvN2CvdBOH5dnsWyCK1EOE4zmxD5N2%2BkcvJEqsbQGz13OYLDn69VXi783jPckqsQvN566kbXwAapfoXZ0UGHwxHXXwg1ERdw9xp0gGnrdFQnz%2BFauYOXegctOTJ8aWp92xOPe0UypVYJrVYYNHN9EjYLf69qo8rC7AOHiqZQOlI8eKQHNbPfd2kFC%2Ff6tKVHV8XnTtxmNpvFUELmo%2FSjbgfB%2Fl4d13SLLDMwHu1O4q220zO%2Fxj%2FJB4SLhpSuRmT268CfgEgOhmR9VD6iJogBwpMF7IEbLicp86e7rzAKj4B52R%2BVzTIn0SUTmEBTekxjyI8l4WXNqjubKx9PqSU2fIZL9DMeVRh1CuAISAMy%2BduiBEf1e1SMqwXek1eh8tSkM7w4%2FyJU0gjBV74WlyO%2FlEX4jdUMs9kHoz4NZOQM4jZ%2FT97U%2FVrCZgAelGW68%2Blg4eCpX4xeIBQX4hlI6Wa2mEGBGBTdwPJU0NBGTD6IdtAZdvVh93jHo20UHxH%2BOB2bbrJleAQW1RTtqSTOy5T%2FwjyqGOdDe2ktzW5Mty7izU17lJ2TP%2B9%2BEt3DQlrCAPCOMxYzqSLkR828ktugiM9B%2BkGWVtzdXQp5eMTy3br1Awz8VQE3kc1pva6m3xm7blK9ZG1bOA4hhbIz3EGJ81kNI3Ot6JC85Ow05Po%2F1tGnaDImaI3%2B%2FwtCE8lO03DrW%2BTQoCZKYtHG1CSTCMIpA&ssid=3292763272QBirFauQ&ts=1707150328&ttl=86400&v=v5.9.19
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
850c84d869fb6539-LHR
content-encoding
br
content-type
text/html
date
Mon, 05 Feb 2024 16:27:07 GMT
last-modified
Tue, 19 Dec 2023 15:30:37 GMT
link
<https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0SW0XpvU%2BxV%2BzHjmTejJBZxbAFHIAWcVj5hGOv7iGDQ1BERuiPKJgc%2B6nFa4vhJqKKOFJRBrOl2kScWbP28qGmkdf%2B0l0I%2BipE8f2SJtRKbjgFYzbCUwsdGkVhOevPPpsk3Z3Ggex2P7Hh2BYA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-length
0
date
Mon, 05 Feb 2024 16:27:06 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://cdntechone.com>; rel="dns-prefetch preconnect"
location
https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=6489943&axcusid1=167557610514898&clid={ymid}&r=http%3A%2F%2Fluofinality.com%2Flink%3Fz%3D6489943%26var%3D167557610514898%26ymid%3D03B008F968B8C8AA%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=9221
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
*
x-content-type-options
nosniff
x-trace-id
207de74dde0384a21ba32ac1c84c2ce1
add
datatechone.com/log/ 		2 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://datatechone.com/log/add?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853&ruid=c94ccddd-7671-4464-8654-80d0dc9f3355
Requested by
Host: cdntechone.com
URL: https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=6489943&axcusid1=167557610514898&clid={ymid}&r=http%3A%2F%2Fluofinality.com%2Flink%3Fz%3D6489943%26var%3D167557610514898%26ymid%3D03B008F968B8C8AA%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=9221
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://cdntechone.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 05 Feb 2024 16:27:07 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://cdntechone.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
2
link
luofinality.com/
Redirect Chain
  • http://luofinality.com/link?z=6489943&var=167557610514898&ymid=03B008F968B8C8AA&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=9221
  • https://luofinality.com/link?z=6489943&var=167557610514898&ymid=03B008F968B8C8AA&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=9221
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://luofinality.com/link?z=6489943&var=167557610514898&ymid=03B008F968B8C8AA&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=9221
Requested by
Host: cdntechone.com
URL: https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=6489943&axcusid1=167557610514898&clid={ymid}&r=http%3A%2F%2Fluofinality.com%2Flink%3Fz%3D6489943%26var%3D167557610514898%26ymid%3D03B008F968B8C8AA%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=9221
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.196.64 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
77e8dc7746cd782c2fb6438d84ca926d8f0d56b44620d1a5399ab709d3a3ccd8
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=6489943&axcusid1=167557610514898&clid={ymid}&r=http%3A%2F%2Fluofinality.com%2Flink%3Fz%3D6489943%26var%3D167557610514898%26ymid%3D03B008F968B8C8AA%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=9221
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf8
date
Mon, 05 Feb 2024 16:27:07 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://totalnicenewz.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
59db35557aba46678b40acb02d9f3ba6

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://luofinality.com/link?z=6489943&var=167557610514898&ymid=03B008F968B8C8AA&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=9221
Non-Authoritative-Reason
HSTS
img.gif
my.rtmark.net/ 		43 B
507 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=64e66c4e728f4b10a0191dd0d15433dd
Requested by
Host: luofinality.com
URL: https://luofinality.com/link?z=6489943&var=167557610514898&ymid=03B008F968B8C8AA&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=9221
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 16:27:07 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
https://luofinality.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
/
totalnicenewz.com/ 		40 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/?s=778407913080496691&ssk=cc459f77ef44002424efb235855dd979&svar=1707150427&z=6489944&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Requested by
Host: luofinality.com
URL: https://luofinality.com/link?z=6489943&var=167557610514898&ymid=03B008F968B8C8AA&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=9221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
b7d17f5306dd406829cb24bf1785bd48248daa33cf7651005f7aa2d78775155d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
850c84dbcfd44393-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 05 Feb 2024 16:27:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RaspVAxL1vt6negBLe651m%2FYcDGOrMfsf%2FiqUKFSjKaa4%2BbRMlB45%2Bz%2FHu1DZMs2oR0QDvMFFbxqqziAtopcGedAHomyhbjLxBmdihs7XlO2NFD18ga8zMGcXZtayJJrVX3B5g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
gid.js
my.rtmark.net/ 		65 B
544 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=e92fc34f95299760116bd2ec88e18a64
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/?s=778407913080496691&ssk=cc459f77ef44002424efb235855dd979&svar=1707150427&z=6489944&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
c878eac07a650f99025ba041704cdca64aaed6edccd19d0651cf3ab6c6911598
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://totalnicenewz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 16:27:07 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://totalnicenewz.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
micro.tag.min.js
totalnicenewz.com/pfe/current/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/pfe/current/micro.tag.min.js?z=4662709&ymid=778407913080496691&var=6489944&sw=/sw-check-permissions/4662709&uhd=1
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/?s=778407913080496691&ssk=cc459f77ef44002424efb235855dd979&svar=1707150427&z=6489944&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://totalnicenewz.com/?s=778407913080496691&ssk=cc459f77ef44002424efb235855dd979&svar=1707150427&z=6489944&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 16:27:07 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 25 Jan 2024 09:37:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65b22bc5-704a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qeG4xpR2o%2BRt8tHQPqZ3JzJhpKRQAZyDGz8a%2Fkg%2F5oM%2F8qD48TAtMWyLdOSNXsgXZLNnw7YVXVMyyE1qA939EoXYazlEtPVGCf6IB8iQxYJFOHkv8NveBPaNCrXML8Uk7fbEJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
850c84dd39ad4393-EWR
alt-svc
h3=":443"; ma=86400
truncated
/ 		327 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
totalnicenewz.com/19/4662728/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/19/4662728/?abt_opts=1&var=6489944&var3=778407913080496691&ymid=&rhd=1
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/?s=778407913080496691&ssk=cc459f77ef44002424efb235855dd979&svar=1707150427&z=6489944&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://totalnicenewz.com/?s=778407913080496691&ssk=cc459f77ef44002424efb235855dd979&svar=1707150427&z=6489944&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 16:27:07 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
875989d0786c5f47789bef3c6248dbda
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UFqCsVW%2B8iAJnXgZTFMUn7IFU9%2BgrSThGg95o0yeObdUezvUW79WkdGfhIU5c0DgqCBvSCKCp6N2Z7m12%2FJ%2FsqqAK0s3sa7%2Bbw1oBHSXgw5UikxTUV%2FilLhNVtbaBbNYWolsMg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
850c84dd39b14393-EWR
expires
Tue, 11 Jan 1994 10:00:00 GMT
/
totalnicenewz.com/ 		2 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/?s=778407913080496691&ssk=cc459f77ef44002424efb235855dd979&svar=1707150427&z=6489944&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&mprtr=1
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/?s=778407913080496691&ssk=cc459f77ef44002424efb235855dd979&svar=1707150427&z=6489944&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://totalnicenewz.com/?s=778407913080496691&ssk=cc459f77ef44002424efb235855dd979&svar=1707150427&z=6489944&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 16:27:07 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=piKOvuzzKz2XcmwWmyvswsi4oktPMobF1hanCIFC1w8%2BrruQ%2FiAnJQKkkCQMcMM1B%2Bya5XuV6P5Xaji%2Fl2QyC8%2FosruOsOAWbDEmjsF%2FG11porfr6FfWPQmoFmlBTCgJnSmyyA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
850c84dd39b54393-EWR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=86400
rhd
totalnicenewz.com/ 		0
0
4662709
totalnicenewz.com/sw-check-permissions/ 		0
998 B 		Other
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/sw-check-permissions/4662709?var=6489944&ymid=778407913080496691&uhd=1&zoneId=4662709
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/pfe/current/micro.tag.min.js?z=4662709&ymid=778407913080496691&var=6489944&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://totalnicenewz.com/?s=778407913080496691&ssk=cc459f77ef44002424efb235855dd979&svar=1707150427&z=6489944&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 16:27:07 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FtS5eaQyG%2BldNsWF6%2FC2Fvoe%2F5G8oRfdIdjEydrfUb9H%2B%2FSX2i8QM3ceacWGZHHsnb8SDi7kC1yYOHNDoba6OBQ%2BPTnWqy9LVxHdjHY09ptN9fXnkBw5CtuHb1%2BKalj%2FsBgYcg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray
850c84de3a6e3825-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
zone
totalnicenewz.com/ 		0
496 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=totalnicenewz.com&var=6489944&ymid=778407913080496691&var_3=&var_4=&dsig=&tg=1&sw=3.1.477&trace_id=8a4dad35-900f-4519-a452-b0cfc507d836&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/pfe/current/micro.tag.min.js?z=4662709&ymid=778407913080496691&var=6489944&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://totalnicenewz.com/?s=778407913080496691&ssk=cc459f77ef44002424efb235855dd979&svar=1707150427&z=6489944&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-trace-id
0b9060b98a76cf5eb8e600e2aa659cb1
date
Mon, 05 Feb 2024 16:27:07 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8TUR1Dt5YujkL1uAD4rfI4Oz2Z2rykZNgQDwzAAED2xo0FynqCmjZtpXRghgz2JTQyF%2B5SIOatG%2Fs1B56OBdVM5DnB%2BmCmH72Y8REGv7DFkMB8JI8sneJd2ktwFo3nWQ%2BCkXVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://totalnicenewz.com
access-control-allow-credentials
true
cf-ray
850c84de3a6f3825-FRA
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
alt-svc
h3=":443"; ma=86400
gid.js
my.rtmark.net/ 		65 B
544 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=778407913080496691&var=6489944
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/pfe/current/micro.tag.min.js?z=4662709&ymid=778407913080496691&var=6489944&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://totalnicenewz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 16:27:07 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://totalnicenewz.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
zone
totalnicenewz.com/ 		793 B
984 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=totalnicenewz.com&var=6489944&ymid=778407913080496691&var_3=&var_4=&dsig=&tg=1&sw=3.1.477&trace_id=8a4dad35-900f-4519-a452-b0cfc507d836&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/pfe/current/micro.tag.min.js?z=4662709&ymid=778407913080496691&var=6489944&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://totalnicenewz.com/?s=778407913080496691&ssk=cc459f77ef44002424efb235855dd979&svar=1707150427&z=6489944&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 16:27:07 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-trace-id
2d78607fbaa52cf887c58fadbb834e4a
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G4fBdBGkCafc%2B3nDYViBPaEu4e%2BliT2PLlPhrDxKjY3ubIBVGcVL5XpVC1aBFUC9%2F2MVDnbhXQyJxwZ7Dta3HHJR2qTE%2FgduLPO70dI1F2aG70UHpx4YlmUzy1WC4ms%2BZObw9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
850c84de4a7b3825-FRA
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
/
totalnicenewz.com/ 		40 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/?s=778407913080496691&ssk=cc459f77ef44002424efb235855dd979&svar=1707150427&z=6489944&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/?s=778407913080496691&ssk=cc459f77ef44002424efb235855dd979&svar=1707150427&z=6489944&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.27
Resource Hash
22830b5dfed594c31a6d7e83b5040fe20d3c13d65731cc14eafc74c07ace26b3

Request headers

Referer
https://totalnicenewz.com/?s=778407913080496691&ssk=cc459f77ef44002424efb235855dd979&svar=1707150427&z=6489944&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
850c84de6ab13825-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 05 Feb 2024 16:27:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oJuiiMp1k08mzNsu2I3WmaRmWE7EZiSAqDPGSLINDbIjRtAZsnklt6a%2F%2F%2BTZS5ye2lbekYrx%2FJQD%2BgWU8bDOUEK%2BQcjWaoXsWakmfg1hlmeMnDd%2BJE6TJ3zZvoGbrWMD9odMgg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.27
micro.tag.min.js
totalnicenewz.com/pfe/current/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/pfe/current/micro.tag.min.js?z=4662709&ymid=778407913080496691&var=6489944&sw=/sw-check-permissions/4662709&uhd=1
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/?s=778407913080496691&ssk=cc459f77ef44002424efb235855dd979&svar=1707150427&z=6489944&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc5f2967a33d6cd3df5091e31bd1fecb3d19094ba3f563fe26287a8ce7117b7f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://totalnicenewz.com/?s=778407913080496691&ssk=cc459f77ef44002424efb235855dd979&svar=1707150427&z=6489944&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 16:27:08 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 25 Jan 2024 09:37:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65b22bc5-704a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WqnRX4jPSgjgdndvW%2Ft%2FcqBJ7iYn0DxQlIYC7HFgJXbihsTwuZmjWixcfwPYOv2F3B7zjLi69pr%2BOd6PuuXqcomXcRl73suI6NMMsgtWQIBaBpSI0%2FIb1nlTMYnCNYGM1lILgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
850c84df1b5a3825-FRA
alt-svc
h3=":443"; ma=86400
truncated
/ 		327 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
totalnicenewz.com/19/4662728/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/19/4662728/?abt_opts=1&var=6489944&var3=778407913080496691&ymid=&rhd=1
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/?s=778407913080496691&ssk=cc459f77ef44002424efb235855dd979&svar=1707150427&z=6489944&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aecc964aca31543b683b786c2a76b14b6abc99aa3a631ac8a6833b259e91f1d5
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://totalnicenewz.com/?s=778407913080496691&ssk=cc459f77ef44002424efb235855dd979&svar=1707150427&z=6489944&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 16:27:08 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
f4148043760e7ec0d00eb6d4a1081993
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fljv70HU55KDZo4Uucxc%2F4odv72UELTH6L3o3IDYrEBhfnr9HFmivE%2BVTguGAEY9YuWe9be9ErqiO%2BrW6UQkTUP4KpOFmAqUECIlXU21eK7PnVqxSnAsRmSFuubJ9Q9GwAh6BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
850c84df1b5b3825-FRA
expires
Tue, 11 Jan 1994 10:00:00 GMT
/
totalnicenewz.com/ 		2 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/?s=778407913080496691&ssk=cc459f77ef44002424efb235855dd979&svar=1707150427&z=6489944&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2&mprtr=1
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/?s=778407913080496691&ssk=cc459f77ef44002424efb235855dd979&svar=1707150427&z=6489944&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://totalnicenewz.com/?s=778407913080496691&ssk=cc459f77ef44002424efb235855dd979&svar=1707150427&z=6489944&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 16:27:08 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2BUkD3iKr6aLkItcBCASjfC0DlNITS%2BWYkqBgKx5c95tUXiCDpUUP6XGhcmwmsiYc6cxyRDSrT7ay1wn7Kemy4vpKyEPkR%2BRPX%2FtoqDFVCio7%2FkbvB%2FnS8QvRMzmsHpQQLlVSA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
850c84df1b5d3825-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=86400
4662709
totalnicenewz.com/sw-check-permissions/ 		0
957 B 		Other
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/sw-check-permissions/4662709?var=6489944&ymid=778407913080496691&uhd=1&zoneId=4662709
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/pfe/current/micro.tag.min.js?z=4662709&ymid=778407913080496691&var=6489944&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://totalnicenewz.com/?s=778407913080496691&ssk=cc459f77ef44002424efb235855dd979&svar=1707150427&z=6489944&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 16:27:08 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aXTh6qxg0rN6k4JLd3Silk2dlPOa8A3O0uBqVWkt%2BMlNMDI%2BoDb9pZ0NL4A4Zdclp4g%2BY2cbdGhWDyxYwTLn3CQ6UEv5WuYxobniRu1hj%2BfdK%2BQLfKhumXldlYfAORUQdQZY2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray
850c84df7bf13825-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
zone
totalnicenewz.com/ 		0
495 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=totalnicenewz.com&var=6489944&ymid=778407913080496691&var_3=&var_4=&dsig=&tg=1&sw=3.1.477&trace_id=d8af439c-15ee-4fcb-a72f-ddd6f8c16826&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/pfe/current/micro.tag.min.js?z=4662709&ymid=778407913080496691&var=6489944&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://totalnicenewz.com/?s=778407913080496691&ssk=cc459f77ef44002424efb235855dd979&svar=1707150427&z=6489944&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-trace-id
b0f7c5253edde73a006932cefeb3fb7d
date
Mon, 05 Feb 2024 16:27:08 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W4bvHLfjxO7ZHa4GykJm16aB8QoVhCN6BVZCi%2B8d56FntZXlG%2BfO1NsKP%2FC8asJy53ses99c7GAzxZlT%2FabJKsgs932jY6nWshCbRgpP1JalrgCeKH8FCymgCESx2Kovp%2BHevA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://totalnicenewz.com
access-control-allow-credentials
true
cf-ray
850c84df7bed3825-FRA
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
alt-svc
h3=":443"; ma=86400
gid.js
my.rtmark.net/ 		65 B
544 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=778407913080496691&var=6489944
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/pfe/current/micro.tag.min.js?z=4662709&ymid=778407913080496691&var=6489944&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
c878eac07a650f99025ba041704cdca64aaed6edccd19d0651cf3ab6c6911598
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://totalnicenewz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 16:27:08 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://totalnicenewz.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
zone
totalnicenewz.com/ 		793 B
988 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=totalnicenewz.com&var=6489944&ymid=778407913080496691&var_3=&var_4=&dsig=&tg=1&sw=3.1.477&trace_id=d8af439c-15ee-4fcb-a72f-ddd6f8c16826&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/pfe/current/micro.tag.min.js?z=4662709&ymid=778407913080496691&var=6489944&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ef8f04c3a4658066fd783f60421d4ce355bd401f20c1871226736f1d7e48acb
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://totalnicenewz.com/?s=778407913080496691&ssk=cc459f77ef44002424efb235855dd979&svar=1707150427&z=6489944&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 16:27:08 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-trace-id
b87b8652872471baea6376c2b9a92d97
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TR%2BCGExXRoF8%2F0mw1aU%2BRovhMaI77NduuK7HqZG5hOq%2FvGhjX6GzbL3PeOKoysW6vkx3SLOzFaI2kNn5%2BH4B%2BCqg9w%2B3r49nTSdXZVpoEy6d6dd3J2dkpjBSreFa93WTF39flA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
850c84df8c103825-FRA
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
/
totalnicenewz.com/submenu/4662728/ 		33 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/submenu/4662728/?rhd=1&var=6489944&var3=778407913080496691&oaid=e92fc34f95299760116bd2ec88e18a64
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/?s=778407913080496691&ssk=cc459f77ef44002424efb235855dd979&svar=1707150427&z=6489944&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e0b6ee3f13d8ea482ea6179cf87ec330b7ca18b9588da0e69fe2886d0c0a00a
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
850c84e2cff63825-FRA
content-encoding
gzip
content-type
text/html; charset=utf8
date
Mon, 05 Feb 2024 16:27:08 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BbwcYumneGgLJdGzC1rRlx6IXuNriIHHHKmkcdgzGN7%2BAfZwWBPEiyMBB7opCzkvJt3rpipOmmAEN0g9GePKjcHwS93tkrMZrL2VPhcUmcTkLNHrhbG7HY5%2FEYKS1wzSG%2F2BZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=1
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-trace-id
4650bd4e554cbdc004dc0215777cdc9b
sftouch
totalnicenewz.com/ 		2 B
770 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/sftouch?userId=e92fc34f95299760116bd2ec88e18a64&z=4662728&p_rid=8c1c3a5b-d4c0-40cc-a43b-3708862de3b6&p_src=sf&branchId=0&rb=KC-sF9ThW1YnYkLsmlCqGGzultkSEIxSvsqvzAAsdnbzP0zozbZnR23AOfPOzPG9p9YFrDiEPpGFu2uo6iwI8bgpY0gGAO9wSR5IMX6E89GMSBP8rnmsZ4xU2t-TRTWuVOgdNB6_N_KcRee63PBAJ7HjQFIVksP4a9bjTAPS5-9OBBhp-skx3DBh_u1b4QjPR6x88gAB6bLvtOCwbKCBA7vr9zBpPNu6FSSenvdKpMLWqJgbt71OfwP3NJ-IBDotS8Cty3oTsCWzvlek61denC7an8XwSrpQuaMVHDpBcTH-sI4jU4D_z8_Zm9BNE2A2NIvabA==
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/submenu/4662728/?rhd=1&var=6489944&var3=778407913080496691&oaid=e92fc34f95299760116bd2ec88e18a64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://totalnicenewz.com/submenu/4662728/?rhd=1&var=6489944&var3=778407913080496691&oaid=e92fc34f95299760116bd2ec88e18a64
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 16:27:08 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2
x-trace-id
915b0a552775f784e9ca0669dec3635f
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
https://totalnicenewz.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OynlI2S0%2FJA9o3eyS7heWuFIagLtjBQT8ydMSpmrDJi%2FXnUyYID%2FzgZLXkpG5ybYOa10hX1Rewx%2BZ62x6VkfADVkGkkVhbB0wFx0xJAhGQdUN0g5cqostkXFVLY10nnsU316pw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
850c84e318553825-FRA
expires
Tue, 11 Jan 1994 10:00:00 GMT
img.gif
my.rtmark.net/ 		43 B
507 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=e92fc34f95299760116bd2ec88e18a64&z=4662728&p_rid=8c1c3a5b-d4c0-40cc-a43b-3708862de3b6&p_src=sf
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/submenu/4662728/?rhd=1&var=6489944&var3=778407913080496691&oaid=e92fc34f95299760116bd2ec88e18a64
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://totalnicenewz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 16:27:08 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
https://totalnicenewz.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
add
datatechone.com/log/ 		2 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=d5493204-b004-4b4c-93fb-9a5628adea67
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/submenu/4662728/?rhd=1&var=6489944&var3=778407913080496691&oaid=e92fc34f95299760116bd2ec88e18a64
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://totalnicenewz.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 05 Feb 2024 16:27:08 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://totalnicenewz.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
2
Primary Request step.html
popupblocker-download.com/
Redirect Chain
  • https://totalnicenewz.com/rhd?z=4662728&syncedCookie=false&rhd=true
  • https://popupblocker-download.com/step.html?an=pa&cid=778407920189837659&sid=4662728
14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://popupblocker-download.com/step.html?an=pa&cid=778407920189837659&sid=4662728
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:1f87 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e809bd9f3091fb3b6fecee592ebe3384804647e8e25f7fe3672bdfc62eb7a231
Security Headers
Name Value
Strict-Transport-Security max-age=16000000

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://totalnicenewz.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
850c84e4ce49642b-LHR
content-encoding
br
content-type
text/html
date
Mon, 05 Feb 2024 16:27:09 GMT
last-modified
Fri, 26 Jan 2024 14:37:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z7PxcbffDc9uobogpBUvAJazatJGR5VkQcXXis837RyQtEuqeFcq%2BJwXFHvG9IOfKRy54cV5HIGsrlQo3WLHBKFc%2F9TAFiu5AKQSej%2B6qb2vgVeTPWK8M8l51MTlyobnkZQuBg5NKEfMSGxe3vupwrKNXpmq13aY"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=16000000
vary
Accept-Encoding

Redirect headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://totalnicenewz.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
850c84e3489c3825-FRA
content-length
0
date
Mon, 05 Feb 2024 16:27:08 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://popupblocker-download.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location
https://popupblocker-download.com/step.html?an=pa&cid=778407920189837659&sid=4662728
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lKBquqy%2F16Wu2y3cKuvvlrxCjSZDC8d0mbijNJ%2FzyCiJ3YxASxunnsCqtoI8TODgZX2xhJarnX%2BNxqztns4Ssd47XgPdTAV%2BKKCtmg6CQIVe0%2BI5Uj8l28reTYxhirCRqdWxkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=1
timing-allow-origin
*
x-content-type-options
nosniff
x-trace-id
f02603d1fd176bbc4f840e12ba10e495
css2
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@100;200;300;400;500&display=swap
Requested by
Host: popupblocker-download.com
URL: https://popupblocker-download.com/step.html?an=pa&cid=778407920189837659&sid=4662728
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d264548caacccea2efe197440c3781b08e97e5c2d86e164c9920d60a1f51932e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 05 Feb 2024 16:27:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 16:18:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 05 Feb 2024 16:27:09 GMT
js
www.googletagmanager.com/gtag/ 		280 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-15SDG98XYJ
Requested by
Host: popupblocker-download.com
URL: https://popupblocker-download.com/step.html?an=pa&cid=778407920189837659&sid=4662728
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
db02ec0afb5ee083e84164b4da1f87aa3e6ba25232cc7ea8df67309836e36d23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 16:27:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94241
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 05 Feb 2024 16:27:09 GMT
ChromeWebStore_Badge_v2_340x96.png
popupblocker-download.com/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popupblocker-download.com/img/ChromeWebStore_Badge_v2_340x96.png
Requested by
Host: popupblocker-download.com
URL: https://popupblocker-download.com/step.html?an=pa&cid=778407920189837659&sid=4662728
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:1f87 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f49e4bff319083c20b3386f23547315773631e155e389ed42550295e4913e12d
Security Headers
Name Value
Strict-Transport-Security max-age=16000000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 16:27:09 GMT
strict-transport-security
max-age=16000000
cf-cache-status
HIT
last-modified
Thu, 30 Nov 2023 17:50:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5114
etag
W/"1608-60b6249725cf5-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tCIk7kMfMBTh88ek8darrZD38CRm%2B0CNaEaLeDJDuHUo16f1ZTHvTtJHFedJYQ7X31ATUo1s1QzB9G6IWTHiBxNBdk1yf4ZKQj81mEmkg9lDlsXe5wBI934b1%2B3l7j1WK0DgJkSOaC5vzHrUZLXov7bqqu8uP%2FfY"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
850c84e57f9a642b-LHR
alt-svc
h3=":443"; ma=86400
128.png
dhemafmfialpibmahglbfgjihhfheepp/ 		0
0
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;200;300;400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://popupblocker-download.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 09:10:14 GMT
x-content-type-options
nosniff
age
544615
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 09:10:14 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;200;300;400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://popupblocker-download.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:50:29 GMT
x-content-type-options
nosniff
age
509800
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 18:50:29 GMT
collect
region1.google-analytics.com/g/ 		0
261 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-15SDG98XYJ&gtm=45je41v0v9171646941za200&_p=1707150429097&gcd=11l1l1l1l1&npa=0&dma_cps=sypham&dma=1&cid=595327985.1707150429&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707150429&sct=1&seg=0&dl=https%3A%2F%2Fpopupblocker-download.com%2Fstep.html%3Fan%3Dpa%26cid%3D778407920189837659%26sid%3D4662728&dt=Stop%20Ads&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=501
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-15SDG98XYJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 16:27:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://popupblocker-download.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-15SDG98XYJ&gtm=45je41v0v9171646941za200&_p=1707150429097&gcd=11l1l1l1l1&npa=0&dma_cps=sypham&dma=1&cid=595327985.1707150429&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=2&sid=1707150429&sct=1&seg=0&dl=https%3A%2F%2Fpopupblocker-download.com%2Fstep.html%3Fan%3Dpa%26cid%3D778407920189837659%26sid%3D4662728&dt=Stop%20Ads&en=step&_ee=1&ep.adNet=pa&ep.action=view&_et=3&tfd=511
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-15SDG98XYJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Feb 2024 16:27:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://popupblocker-download.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
128.png
dhemafmfialpibmahglbfgjihhfheepp/ 		0
0
128.png
dhemafmfialpibmahglbfgjihhfheepp/ 		0
0
128.png
dhemafmfialpibmahglbfgjihhfheepp/ 		0
0
128.png
dhemafmfialpibmahglbfgjihhfheepp/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
totalnicenewz.com
URL
https://totalnicenewz.com/rhd?rb=_aSjbugehl6lJrixwojeqlcAhlojUj-4HqRF5177HPPx1f9F7SARNqh0GGaEN4bXR6hnCFI3RhqC7eaDMM_vQJqn6pZnG9wpfkBfC8SxQu9wBU-FvIb5zXTKmbMLeLkhi4BwbjWQOc16xqxtq2qsoVVJ1JB6FYLve_7ecb51ysR-kKqlgCXXepI__F8QkaRD1BBrFenmNT6WrHIgXuBxw74RnEYFbNqd73FKdLXXoGKtH5_pZH4DtVrVQ3gW2KwKV3u7Vt35yjBAEjOMSqJA7DslFcO2FQHSlmZvOTpyDAG-P414lUzw9_ydyBteRxk4JPDKjeP2_qPsMHWGAy9ep4G_-FzlFDqRU1ssnvzAmViF2hKtyls9Jzdm2YPWQxQsz936DtvwcruVY9ZPK3AXzxjh2qBWmSxMwL7iN5pGpAGt0uH5j0Q17Qa_nmq0KryDM6cpHy6mgGijMewMh_3KvnqhSrHylqAXzBdEOb_CMYAPqIe6UcDENHqYrqw39IZwIXYigiJuLVFpseyvIDfdBKgE2mY%3D&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Ftotalnicenewz.com%2F%3Fs%3D778407913080496691%26ssk%3Dcc459f77ef44002424efb235855dd979%26svar%3D1707150427%26z%3D6489944%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26btz%3D%26bto%3D&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=6489944&var3=778407913080496691&ymid=&rhd=1&m=link
Domain
dhemafmfialpibmahglbfgjihhfheepp
URL
chrome-extension://dhemafmfialpibmahglbfgjihhfheepp/128.png
Domain
dhemafmfialpibmahglbfgjihhfheepp
URL
chrome-extension://dhemafmfialpibmahglbfgjihhfheepp/128.png
Domain
dhemafmfialpibmahglbfgjihhfheepp
URL
chrome-extension://dhemafmfialpibmahglbfgjihhfheepp/128.png
Domain
dhemafmfialpibmahglbfgjihhfheepp
URL
chrome-extension://dhemafmfialpibmahglbfgjihhfheepp/128.png
Domain
dhemafmfialpibmahglbfgjihhfheepp
URL
chrome-extension://dhemafmfialpibmahglbfgjihhfheepp/128.png

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| article string| bucket undefined| source string| navlangue string| lng string| storeurl string| lp number| checker function| get_i18n function| popupcws function| ga function| chromeinitcontrol object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

14 Cookies

Domain/Path Name / Value
podefr.net/ Name: adcsid-c-3292763272QBirFauQ
Value: 1
.feed-xml.com/ Name: vmuid
Value: dd76f9fa54b5e247
luofinality.com/ Name: OAID
Value: 64e66c4e728f4b10a0191dd0d15433dd
luofinality.com/ Name: oaidts
Value: 1707150426
luofinality.com/ Name: phpckd6489943
Value: true
luofinality.com/ Name: allcnt
Value: 1
my.rtmark.net/ Name: ID
Value: 64e66c4e728f4b10a0191dd0d15433dd
totalnicenewz.com/ Name: syncedCookie
Value: true
totalnicenewz.com/ Name: prefetchAd_4662728
Value: true
totalnicenewz.com/ Name: reverse
Value: 6dFX9R07fotT7-Jh3g4jn966pwJgyCfrzbb6n9ayxNc
totalnicenewz.com/ Name: oaidts
Value: 1707150428
totalnicenewz.com/ Name: OAID
Value: 64e66c4e728f4b10a0191dd0d15433dd
.popupblocker-download.com/ Name: _ga
Value: GA1.1.595327985.1707150429
.popupblocker-download.com/ Name: _ga_15SDG98XYJ
Value: GS1.1.1707150429.1.0.1707150429.0.0.0

19 Console Messages

Source Level URL
Text
other warning URL: https://luofinality.com/partitial/5117867/?var=6489944&ab2r=0&prfrev=false&rhd=false
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://totalnicenewz.com/?s=778407913080496691&ssk=cc459f77ef44002424efb235855dd979&svar=1707150427&z=6489944&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://totalnicenewz.com/?s=778407913080496691&ssk=cc459f77ef44002424efb235855dd979&svar=1707150427&z=6489944&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://totalnicenewz.com/?s=778407913080496691&ssk=cc459f77ef44002424efb235855dd979&svar=1707150427&z=6489944&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://totalnicenewz.com/?s=778407913080496691&ssk=cc459f77ef44002424efb235855dd979&svar=1707150427&z=6489944&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://totalnicenewz.com/?s=778407913080496691&ssk=cc459f77ef44002424efb235855dd979&svar=1707150427&z=6489944&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://totalnicenewz.com/?s=778407913080496691&ssk=cc459f77ef44002424efb235855dd979&svar=1707150427&z=6489944&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://totalnicenewz.com/afu.php?zoneid=4662728&var=4662728&rid=01rRcJlUYhuPvc1Bl3BO0Q%3D%3D&rhd=true
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://totalnicenewz.com/afu.php?zoneid=4662728&var=4662728&rid=01rRcJlUYhuPvc1Bl3BO0Q%3D%3D&rhd=true
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript error URL: https://popupblocker-download.com/step.html?an=pa&cid=778407920189837659&sid=4662728(Line 262)
Message:
Access to XMLHttpRequest at 'chrome-extension://dhemafmfialpibmahglbfgjihhfheepp/128.png' from origin 'https://popupblocker-download.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network error URL: chrome-extension://dhemafmfialpibmahglbfgjihhfheepp/128.png
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://popupblocker-download.com/step.html?an=pa&cid=778407920189837659&sid=4662728
Message:
Access to XMLHttpRequest at 'chrome-extension://dhemafmfialpibmahglbfgjihhfheepp/128.png' from origin 'https://popupblocker-download.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network error URL: chrome-extension://dhemafmfialpibmahglbfgjihhfheepp/128.png
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://popupblocker-download.com/step.html?an=pa&cid=778407920189837659&sid=4662728
Message:
Access to XMLHttpRequest at 'chrome-extension://dhemafmfialpibmahglbfgjihhfheepp/128.png' from origin 'https://popupblocker-download.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network error URL: chrome-extension://dhemafmfialpibmahglbfgjihhfheepp/128.png
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://popupblocker-download.com/step.html?an=pa&cid=778407920189837659&sid=4662728
Message:
Access to XMLHttpRequest at 'chrome-extension://dhemafmfialpibmahglbfgjihhfheepp/128.png' from origin 'https://popupblocker-download.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network error URL: chrome-extension://dhemafmfialpibmahglbfgjihhfheepp/128.png
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://popupblocker-download.com/step.html?an=pa&cid=778407920189837659&sid=4662728
Message:
Access to XMLHttpRequest at 'chrome-extension://dhemafmfialpibmahglbfgjihhfheepp/128.png' from origin 'https://popupblocker-download.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network error URL: chrome-extension://dhemafmfialpibmahglbfgjihhfheepp/128.png
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads33.feed-xml.com
cdntechone.com
datatechone.com
dhemafmfialpibmahglbfgjihhfheepp
fonts.googleapis.com
fonts.gstatic.com
luofinality.com
my.rtmark.net
podefr.net
popupblocker-download.com
region1.google-analytics.com
totalnicenewz.com
www.googletagmanager.com
dhemafmfialpibmahglbfgjihhfheepp
totalnicenewz.com
139.45.195.8
139.45.196.64
142.132.148.212
172.64.204.9
2001:4860:4802:34::36
2606:4700:3030::6815:1f87
2a00:1450:4001:811::2008
2a00:1450:4001:812::200a
2a00:1450:4001:831::2003
2a06:98c1:3120::3
37.48.68.71
62.122.171.150
22830b5dfed594c31a6d7e83b5040fe20d3c13d65731cc14eafc74c07ace26b3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc
69732385d6dc2ab33d4d8171ec1fb8e58cfe0bc19efd1879023dfdaa71a61ccf
6ef8f04c3a4658066fd783f60421d4ce355bd401f20c1871226736f1d7e48acb
77e8dc7746cd782c2fb6438d84ca926d8f0d56b44620d1a5399ab709d3a3ccd8
9e0b6ee3f13d8ea482ea6179cf87ec330b7ca18b9588da0e69fe2886d0c0a00a
aecc964aca31543b683b786c2a76b14b6abc99aa3a631ac8a6833b259e91f1d5
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b7d17f5306dd406829cb24bf1785bd48248daa33cf7651005f7aa2d78775155d
c878eac07a650f99025ba041704cdca64aaed6edccd19d0651cf3ab6c6911598
cc5f2967a33d6cd3df5091e31bd1fecb3d19094ba3f563fe26287a8ce7117b7f
d264548caacccea2efe197440c3781b08e97e5c2d86e164c9920d60a1f51932e
db02ec0afb5ee083e84164b4da1f87aa3e6ba25232cc7ea8df67309836e36d23
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e809bd9f3091fb3b6fecee592ebe3384804647e8e25f7fe3672bdfc62eb7a231
f49e4bff319083c20b3386f23547315773631e155e389ed42550295e4913e12d
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fb9d2070b8f17dda7c333da2f15a409b07afd6500f0d3afdd46a38cb2696da77