popupblockernow.com Open in urlscan Pro
188.114.96.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bbcusa.abcnewss.cloud/
Effective URL:
https://popupblockernow.com/stopnow.html?an=pa&cid=803311354298773653&sid=6118780
Submission: On April 14 via api (April 14th 2024, 9:44:34 am UTC) from US — Scanned from NL

Summary HTTP 53 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 6 countries across 21 domains to perform 53 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is popupblockernow.com. The Cisco Umbrella rank of the primary domain is 326903.
TLS certificate: Issued by GTS CA 1P5 on April 6th 2024. Valid for: 3 months.

This is the only time popupblockernow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	91.148.141.242 91.148.141.242	203380 (DAINTERNA...) (DAINTERNATIONALGROUP)
1	2606:4700:440... 2606:4700:4400::6812:2844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:15b4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.8.141 172.67.8.141	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.64.165.7 172.64.165.7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	134.70.196.1 134.70.196.1	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1 1	64.227.23.114 64.227.23.114	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 4	139.45.197.239 139.45.197.239	9002 (RETN-AS) (RETN-AS)
3	139.45.195.253 139.45.195.253	9002 (RETN-AS) (RETN-AS)
2 7	139.45.197.237 139.45.197.237	9002 (RETN-AS) (RETN-AS)
2	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
53	17

19 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

bbcusa.abcnewss.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.groovetech.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdntechone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
popupblockernow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.148.141.242 (Sofia, Bulgaria)

ASN203380 (DAINTERNATIONALGROUP, BG)
PTR: e-relab.mobi

back.lacentral.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2fu.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15b4 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.grooveapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

app.groove.cm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.8.141 (United States)

ASN13335 (CLOUDFLARENET, US)

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.165.7 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.70.196.1 (Chicago, United States)

ASN31898 (ORACLE-BMC-31898, US)

objectstorage.us-chicago-1.oraclecloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.227.23.114 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

cchcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.45.197.239 (United Kingdom) 1 redirects

ASN9002 (RETN-AS, GB)

gtoonfd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.195.253 (United Kingdom)

ASN9002 (RETN-AS, GB)

datatechone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 139.45.197.237 (United Kingdom) 2 redirects

ASN9002 (RETN-AS, GB)

thaudray.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	popupblockernow.com popupblockernow.com — Cisco Umbrella Rank: 326903	93 KB
7	thaudray.com 2 redirects thaudray.com — Cisco Umbrella Rank: 231555	17 KB
6	abcnewss.cloud bbcusa.abcnewss.cloud	14 KB
4	gtoonfd.com 1 redirects gtoonfd.com	15 KB
4	groovetech.io images.groovetech.io — Cisco Umbrella Rank: 489033	72 KB
4	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1784 ka-f.fontawesome.com — Cisco Umbrella Rank: 4272	24 KB
3	datatechone.com datatechone.com — Cisco Umbrella Rank: 31544	1 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	3 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2548	311 B
2	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 12250	984 B
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 239	52 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	99 KB
1	cdntechone.com cdntechone.com — Cisco Umbrella Rank: 90222	9 KB
1	cchcontent.com 1 redirects cchcontent.com	308 B
1	2fu.us 2fu.us — Cisco Umbrella Rank: 421519	314 B
1	oraclecloud.com objectstorage.us-chicago-1.oraclecloud.com — Cisco Umbrella Rank: 378643	2 KB
1	amung.us whos.amung.us — Cisco Umbrella Rank: 17170	30 B
1	groove.cm app.groove.cm — Cisco Umbrella Rank: 459608	301 KB
1	grooveapps.com assets.grooveapps.com — Cisco Umbrella Rank: 610264	87 KB
1	lacentral.vip back.lacentral.vip — Cisco Umbrella Rank: 347988	2 KB
0	Failed function sub() { [native code] }. Failed
53	21

	Domain	Requested by
8	popupblockernow.com	popupblockernow.com
7	thaudray.com	2 redirects gtoonfd.com thaudray.com
6	bbcusa.abcnewss.cloud	bbcusa.abcnewss.cloud
4	gtoonfd.com	1 redirects cdntechone.com
4	images.groovetech.io	bbcusa.abcnewss.cloud
3	datatechone.com	cdntechone.com gtoonfd.com thaudray.com
3	ka-f.fontawesome.com	kit.fontawesome.com
3	fonts.googleapis.com	bbcusa.abcnewss.cloud popupblockernow.com
2	region1.google-analytics.com	www.googletagmanager.com
2	my.rtmark.net	gtoonfd.com thaudray.com
2	cdnjs.cloudflare.com	bbcusa.abcnewss.cloud
1	www.googletagmanager.com	popupblockernow.com
1	cdntechone.com	2fu.us
1	cchcontent.com	1 redirects
1	2fu.us	objectstorage.us-chicago-1.oraclecloud.com
1	objectstorage.us-chicago-1.oraclecloud.com	bbcusa.abcnewss.cloud
1	whos.amung.us	bbcusa.abcnewss.cloud
1	app.groove.cm	bbcusa.abcnewss.cloud
1	assets.grooveapps.com	bbcusa.abcnewss.cloud
1	kit.fontawesome.com	bbcusa.abcnewss.cloud
1	back.lacentral.vip	bbcusa.abcnewss.cloud
0	invalid Failed	popupblockernow.com
53	22

This site contains no links.

Subject Issuer	Validity	Valid
abcnewss.cloud GTS CA 1P5	`2024-03-29` - `2024-06-27`	3 months	crt.sh
*.lacentral.vip R3	`2024-02-28` - `2024-05-28`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
groovetech.io E1	`2024-04-14` - `2024-07-13`	3 months	crt.sh
grooveapps.com Cloudflare Inc ECC CA-3	`2023-10-07` - `2024-10-06`	a year	crt.sh
groove.cm E1	`2024-03-09` - `2024-06-07`	3 months	crt.sh
ka-f.fontawesome.com GTS CA 1P5	`2024-03-05` - `2024-06-03`	3 months	crt.sh
objectstorage.us-chicago-1.oraclecloud.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-11` - `2024-08-14`	a year	crt.sh
*.2fu.us R3	`2024-03-01` - `2024-05-30`	3 months	crt.sh
cdntechone.com GTS CA 1P5	`2024-02-23` - `2024-05-23`	3 months	crt.sh
datatechone.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-10` - `2024-12-23`	a year	crt.sh
gtoonfd.com R3	`2024-04-12` - `2024-07-11`	3 months	crt.sh
thaudray.com R3	`2024-02-05` - `2024-05-05`	3 months	crt.sh
rtmark.net R3	`2024-03-02` - `2024-05-31`	3 months	crt.sh
popupblockernow.com GTS CA 1P5	`2024-04-06` - `2024-07-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://popupblockernow.com/stopnow.html?an=pa&cid=803311354298773653&sid=6118780
Frame ID: 825678593BA77A4C3C56520D4C084394
Requests: 53 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Download PopUp Blocker

Page URL History Show full URLs

https://bbcusa.abcnewss.cloud/ Page URL
https://objectstorage.us-chicago-1.oraclecloud.com/n/axuu37gtyamf/b/bucket-20240307-1309/o/video78knews.html Page URL
https://cchcontent.com/?k=dcbaa150f0cfd9a1b7b8e5764cc2ca39&type=mainstream&subtype=global&data1=pc HTTP 302
https://gtoonfd.com/link?z=4677281&var=16111&ymid=9a2957510d06c61234519912d875c40a&clickid=9a295... HTTP 302
https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=4677281&axcusid1=16... Page URL
http://gtoonfd.com/link?z=4677281&var=16111&ymid=9a2957510d06c61234519912d875c40a&clickid=9a295... HTTP 307
https://gtoonfd.com/link?z=4677281&var=16111&ymid=9a2957510d06c61234519912d875c40a&clickid=9a295... Page URL
https://thaudray.com/?z=4677282&syncedCookie=true&rhd=false HTTP 302
https://thaudray.com/4/6118780/?var=4677282&btz=Europe/Amsterdam&bto=-120 Page URL
https://thaudray.com/?z=6118780&syncedCookie=true&rhd=false HTTP 302
https://popupblockernow.com/stopnow.html?an=pa&cid=803311354298773653&sid=6118780 Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

53
Requests

94 %
HTTPS

35 %
IPv6

21
Domains

22
Subdomains

17
IPs

6
Countries

790 kB
Transfer

5962 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bbcusa.abcnewss.cloud/ Page URL
https://objectstorage.us-chicago-1.oraclecloud.com/n/axuu37gtyamf/b/bucket-20240307-1309/o/video78knews.html Page URL
https://cchcontent.com/?k=dcbaa150f0cfd9a1b7b8e5764cc2ca39&type=mainstream&subtype=global&data1=pc HTTP 302
https://gtoonfd.com/link?z=4677281&var=16111&ymid=9a2957510d06c61234519912d875c40a&clickid=9a2957510d06c61234519912d875c40a HTTP 302
https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=4677281&axcusid1=16111&clid={ymid}&r=http%3A%2F%2Fgtoonfd.com%2Flink%3Fz%3D4677281%26var%3D16111%26ymid%3D9a2957510d06c61234519912d875c40a%26clickid%3D9a2957510d06c61234519912d875c40a%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=4225 Page URL
http://gtoonfd.com/link?z=4677281&var=16111&ymid=9a2957510d06c61234519912d875c40a&clickid=9a2957510d06c61234519912d875c40a&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=4225 HTTP 307
https://gtoonfd.com/link?z=4677281&var=16111&ymid=9a2957510d06c61234519912d875c40a&clickid=9a2957510d06c61234519912d875c40a&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=4225 Page URL
https://thaudray.com/?z=4677282&syncedCookie=true&rhd=false HTTP 302
https://thaudray.com/4/6118780/?var=4677282&btz=Europe/Amsterdam&bto=-120 Page URL
https://thaudray.com/?z=6118780&syncedCookie=true&rhd=false HTTP 302
https://popupblockernow.com/stopnow.html?an=pa&cid=803311354298773653&sid=6118780 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://cchcontent.com/?k=dcbaa150f0cfd9a1b7b8e5764cc2ca39&type=mainstream&subtype=global&data1=pc HTTP 302
https://gtoonfd.com/link?z=4677281&var=16111&ymid=9a2957510d06c61234519912d875c40a&clickid=9a2957510d06c61234519912d875c40a HTTP 302
https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=4677281&axcusid1=16111&clid={ymid}&r=http%3A%2F%2Fgtoonfd.com%2Flink%3Fz%3D4677281%26var%3D16111%26ymid%3D9a2957510d06c61234519912d875c40a%26clickid%3D9a2957510d06c61234519912d875c40a%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=4225

Request Chain 26

http://gtoonfd.com/link?z=4677281&var=16111&ymid=9a2957510d06c61234519912d875c40a&clickid=9a2957510d06c61234519912d875c40a&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=4225 HTTP 307
https://gtoonfd.com/link?z=4677281&var=16111&ymid=9a2957510d06c61234519912d875c40a&clickid=9a2957510d06c61234519912d875c40a&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=4225

Request Chain 30

https://thaudray.com/?z=4677282&syncedCookie=true&rhd=false HTTP 302
https://thaudray.com/4/6118780/?var=4677282&btz=Europe/Amsterdam&bto=-120

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 / Show response
bbcusa.abcnewss.cloud/ 23 KB
5 KB 321ms
238ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bbcusa.abcnewss.cloud/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc6768a026ab59b940726b157f3457675c02f3c410b9ef9f515d1c148af461f1

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8742c1db6e3f0a57-AMS
content-encoding: br
content-type: text/html
date: Sun, 14 Apr 2024 09:44:26 GMT
last-modified: Sat, 30 Mar 2024 01:07:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0nz3KDmQfzitE0Z1AOObcnYgyPA5HYShKt1mCsac5H7RrFMbc8Q%2BxHob7F7YmfPD3trM0GIS7jXiKnCTJOzGDeKy7eLvoFPfKqIrrLh2GS65BhqJCwhywAmSf%2FA5k6tCYv22kyGNY44%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H/1.1 200
OK fbmultiplepaisAlert Show response
back.lacentral.vip/api/scripts/ 2 KB
2 KB 367ms
83ms Script
application/javascript 91.148.141.242
DAINTERNATIONALGROUP

General

Check archive.org

Show headers Download Go to

Full URL: https://back.lacentral.vip:3069/api/scripts/fbmultiplepaisAlert?contador=arroganteyk&owner=garcia&isbot=false&before=true&selectedcountry=
Requested by: Host: bbcusa.abcnewss.cloud
URL: https://bbcusa.abcnewss.cloud/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 91.148.141.242 Sofia, Bulgaria, ASN203380 (DAINTERNATIONALGROUP, BG),
Reverse DNS: e-relab.mobi
Software: / Express
Resource Hash: 21e0de7310520951cdf0d1ac8a0c0adafe35d8e3dc024b6c03abc81d33d6c49b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bbcusa.abcnewss.cloud/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 14 Apr 2024 09:44:26 GMT
Connection: keep-alive
X-Powered-By: Express
Keep-Alive: timeout=5
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H2 200 e7647a48d4.js Show response
kit.fontawesome.com/ 12 KB
5 KB 595ms
527ms Script
text/javascript 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/e7647a48d4.js
Requested by: Host: bbcusa.abcnewss.cloud
URL: https://bbcusa.abcnewss.cloud/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2aad277b5ddbcbbb152a9c10767f5c2aca0cc3376139e6f767823a0206c23f2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bbcusa.abcnewss.cloud/
Origin: https://bbcusa.abcnewss.cloud
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 09:44:26 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 8742c1dd8d66b8b2-AMS
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F8YcVrHHL7hHMhjggouh

GET
H3 200 tailwind.min.css
cdnjs.cloudflare.com/ajax/libs/tailwindcss/1.9.6/ 2 MB
46 KB 97ms
31ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/tailwindcss/1.9.6/tailwind.min.css

Requested by

Host: bbcusa.abcnewss.cloud
URL: https://bbcusa.abcnewss.cloud/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1ad2f9d383ef7e0adb2760405b4a8518ae632f1e7efdd2963bec491c44e2f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bbcusa.abcnewss.cloud/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 09:44:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 217126
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46782
last-modified: Fri, 23 Oct 2020 19:32:33 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f932fd1-1e0602"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w9Dl491C3RGkFoTT9dU0lmv%2BUuP5j%2FLWqBJsZxSMcFwyvueUaE49lJVNJxJ%2BBpD5%2F2BT2CfRZA7PnaQ%2BwNLiFD0L9Pb0Ye8g19DG0EX1z15IKK4L7WLzgyB99VGFky6a%2BTDy4uNa"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8742c1dd8a18b8d0-AMS
expires: Fri, 04 Apr 2025 09:44:26 GMT

GET
H2 200 css2
fonts.googleapis.com/ 33 KB
2 KB 112ms
31ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Merriweather:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: bbcusa.abcnewss.cloud
URL: https://bbcusa.abcnewss.cloud/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e23b9456a09929c5ff380d3f7c6c61c5a30da47c94fe52a9d96159126f4c0dec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bbcusa.abcnewss.cloud/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sun, 14 Apr 2024 09:44:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 14 Apr 2024 09:44:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Apr 2024 09:44:26 GMT

GET
H3 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 94ms
29ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: bbcusa.abcnewss.cloud
URL: https://bbcusa.abcnewss.cloud/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bbcusa.abcnewss.cloud/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 09:44:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2115678
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QP6EvGSkoe8VpbEixY%2BAqYYRDQyG6F8MRHzswY6vnZ8xgGxqTeMpQQH0Ml4gPpxdzRurIE2RRVc6884WspACVzI2Iv2VqExz0WdrFBA%2Fh85riCk8wA%2BBnkzsQkIHxsOpo%2F%2B2doJ5"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8742c1dd8a1cb8d0-AMS
expires: Fri, 04 Apr 2025 09:44:26 GMT

GET
H3 200 style.css
bbcusa.abcnewss.cloud/css/ 15 KB
4 KB 332ms
330ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bbcusa.abcnewss.cloud/css/style.css?v=8
Requested by: Host: bbcusa.abcnewss.cloud
URL: https://bbcusa.abcnewss.cloud/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2f2dd8cda40f0844707f24233f7e7a7a2c84fac13be91d3cb5467c95b1945e7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bbcusa.abcnewss.cloud/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 09:44:26 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 30 Mar 2024 01:07:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"660765e2-3d69"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KRsboImz7nvnBCRPDQQko5R%2FbJ7SA4D1%2BEFEqEjy6SHZgp1bIuuSmtYf5b8gK126oqbelxA4xPn98q%2FEDuGtnpsOxW1IfBdYSm9V00kxysH%2Fz6UJlVu9TDQn7NgSDzIqg1%2ByteMyKCM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8742c1dd183b0a57-AMS
alt-svc: h3=":443"; ma=86400
expires: Sun, 14 Apr 2024 10:44:26 GMT

GET
H3 200 jwt-decode.js Show response
bbcusa.abcnewss.cloud/js/ 4 KB
2 KB 228ms
226ms Script
application/x-javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bbcusa.abcnewss.cloud/js/jwt-decode.js
Requested by: Host: bbcusa.abcnewss.cloud
URL: https://bbcusa.abcnewss.cloud/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b190768a27312ddecca5f1f2e2ef9c55a79457391e493fc514d4ce17ebd3b224

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bbcusa.abcnewss.cloud/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 09:44:26 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 30 Mar 2024 01:07:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"660765e2-e68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2wyEDkpEXdLry0pPMzMEl7W%2FlRall8JfMK942eJzlnVcNrsbQQt8u2O6NR0zCCiKJkrZidQYXYYtgfK1aImURhqUN%2F7RW6nn26A2fNMSU8TWhy6hxaDOAwXIwYxCpJrQ7CeSlrzZAm4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=14400
cf-ray: 8742c1dd183d0a57-AMS
alt-svc: h3=":443"; ma=86400
expires: Sun, 14 Apr 2024 10:44:26 GMT

GET
H3 200 aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzM0NjZkMGU3LTk5MTItNGEwYy1hNzYwLTA1MjY1NjI1YTU2OC8xNzExNzAzMzI2X2hnaDU0NTQ0NTQ1LmpwZw.webp
images.groovetech.io/J-0Hu8ddpXS2S3qORk7ckUmlWWgfSUaMWFO0uHAbijc/rs:fit:0:0:0/g:no:0:0/c:0:0/ 20 KB
20 KB 553ms
487ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.groovetech.io/J-0Hu8ddpXS2S3qORk7ckUmlWWgfSUaMWFO0uHAbijc/rs:fit:0:0:0/g:no:0:0/c:0:0/aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzM0NjZkMGU3LTk5MTItNGEwYy1hNzYwLTA1MjY1NjI1YTU2OC8xNzExNzAzMzI2X2hnaDU0NTQ0NTQ1LmpwZw.webp

Requested by

Host: bbcusa.abcnewss.cloud
URL: https://bbcusa.abcnewss.cloud/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2011818b45654ef9eeceacedcfe494e3778b4f0a57a57dd1e5ba6df1b2a2b9ce

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bbcusa.abcnewss.cloud/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 09:44:26 GMT
content-security-policy: script-src 'none'
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="1711703326_hgh54544545.webp"
alt-svc: h3=":443"; ma=86400
content-length: 20270
x-request-id: 9810e8903dda66ba225ca41644aaa361
last-modified: Sun, 14 Apr 2024 09:44:26 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kwMPa4yDC7DpsAVKn1VpPIG0zidlSyo%2F0JcliikcTrTX4ZqkoE91HGDb8fxx70ZrwYOlcWFSa5%2BAmYZLnIq%2Fz0RiBwe6uaGxB2HdG4oiM0%2F3LLDt3AaVE1mrq9ci0zV82iHhGcIgXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8742c1dd8a7a9f75-AMS

GET
H3 200 aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmMGQ1ZDRhNmNhMWJkMDAxNmM1MTQyZi8xNjgwMTcxODE1X21haW4tYmFubmVyLnBuZw.webp
images.groovetech.io/D78qybNmGNO1Ee1dqi4ZINxcrRvoNp3UOvrur-MavDc/rs:fit:0:0:0/g:no:0:0/c:0:0/ 28 KB
28 KB 97ms
31ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.groovetech.io/D78qybNmGNO1Ee1dqi4ZINxcrRvoNp3UOvrur-MavDc/rs:fit:0:0:0/g:no:0:0/c:0:0/aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmMGQ1ZDRhNmNhMWJkMDAxNmM1MTQyZi8xNjgwMTcxODE1X21haW4tYmFubmVyLnBuZw.webp

Requested by

Host: bbcusa.abcnewss.cloud
URL: https://bbcusa.abcnewss.cloud/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93ae5132802370bcbb24e29ff7fbf93662b7c2ba159e22c13d41ae1e5679ead4

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bbcusa.abcnewss.cloud/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 09:44:26 GMT
content-security-policy: script-src 'none'
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 543358
content-disposition: inline; filename="1680171815_main-banner.webp"
alt-svc: h3=":443"; ma=86400
content-length: 28350
x-request-id: 5608591f1783105368346782c8ff121a
last-modified: Mon, 08 Apr 2024 02:48:28 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4XE%2FXF4n59mWsy1X9CrwCX%2FrTFBOO7mCzFJl7JwQuUEJXxLNcBHO%2B5gns0BmSOaum9nM8VuphiGJ1IK%2BQSWccm0MgMPPPqxyapOIXxZwsdqIFUGyfJWI3M5CWEupSQ6m5HbQgFMgCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8742c1dd8a799f75-AMS

GET
H3 200 aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmMGQ1ZDRhNmNhMWJkMDAxNmM1MTQyZi8xNjgwMTcxMTUxX2Jsb2ctMi5wbmc.webp
images.groovetech.io/IaC_JPWCA7kU5deeLjyHkVlqK0ltmc5C6fvMt-cQihA/rs:fit:0:0:0/g:no:0:0/c:0:0/ 11 KB
12 KB 24ms
23ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.groovetech.io/IaC_JPWCA7kU5deeLjyHkVlqK0ltmc5C6fvMt-cQihA/rs:fit:0:0:0/g:no:0:0/c:0:0/aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmMGQ1ZDRhNmNhMWJkMDAxNmM1MTQyZi8xNjgwMTcxMTUxX2Jsb2ctMi5wbmc.webp

Requested by

Host: bbcusa.abcnewss.cloud
URL: https://bbcusa.abcnewss.cloud/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3643ccb6ab78a00850c938303db61ff4d2d572c243863a1c961cc9ebc0a12bf

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bbcusa.abcnewss.cloud/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 09:44:26 GMT
content-security-policy: script-src 'none'
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 537685
content-disposition: inline; filename="1680171151_blog-2.webp"
alt-svc: h3=":443"; ma=86400
content-length: 11252
x-request-id: 0aebbf998e4f620a2d594b0096469f7a
last-modified: Mon, 08 Apr 2024 04:23:01 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RwPabhx6fNv%2BxbmIHl5EHBXwGclFCsdEkSciR2d5Ph2VcXbwyonb3KOJcWscZtzl0yEPGfcDp6rCQx19jWFvyglUBL6zvOJKeELEjkr9F%2FowQ0zey6RX8p15lp1qa3DHrNXVHeWvrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8742c1dddb039f75-AMS

GET
H3 200 aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmMGQ1ZDRhNmNhMWJkMDAxNmM1MTQyZi8xNjgwMTcxNDQyX2Jsb2ctMy5wbmc.webp
images.groovetech.io/kSseqhnEjTfEqvWjXgmUjcRF1M6lDvurxQBT2THUpIA/rs:fit:0:0:0/g:no:0:0/c:0:0/ 12 KB
12 KB 24ms
23ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.groovetech.io/kSseqhnEjTfEqvWjXgmUjcRF1M6lDvurxQBT2THUpIA/rs:fit:0:0:0/g:no:0:0/c:0:0/aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmMGQ1ZDRhNmNhMWJkMDAxNmM1MTQyZi8xNjgwMTcxNDQyX2Jsb2ctMy5wbmc.webp

Requested by

Host: bbcusa.abcnewss.cloud
URL: https://bbcusa.abcnewss.cloud/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bea125390c9a457da600dc62b14fe805007c83b5d97080b763dc43007818ddb

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bbcusa.abcnewss.cloud/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 09:44:26 GMT
content-security-policy: script-src 'none'
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 543358
content-disposition: inline; filename="1680171442_blog-3.webp"
alt-svc: h3=":443"; ma=86400
content-length: 12062
x-request-id: e564b3f90537e686e80983872df46b87
last-modified: Mon, 08 Apr 2024 02:48:28 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z6SZ%2BSaFzUv6TifoTPV3LDi2NPXslFhSKdwEkD7GyK3ujrhrV9JavP9p2QQ0w3VIZ7QxNgnQjGXUSuRYzrEHww02kHIk3MNO97BwI6cXBSjNHevsHaYjW35qCaN%2B6GqtvGGJzs4dGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8742c1de2b9b9f75-AMS

GET
H2 200 1629792791_blog-1.png
assets.grooveapps.com/images/39def2de-bb20-4ac0-a39e-3abec740a811/ 86 KB
87 KB 627ms
143ms Image
image/webp 2606:4700::6812:15b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/39def2de-bb20-4ac0-a39e-3abec740a811/1629792791_blog-1.png
Requested by: Host: bbcusa.abcnewss.cloud
URL: https://bbcusa.abcnewss.cloud/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07f246bab9f2d6dc06aec29f59aebfca877000796fe2b835e2ca8aecf5976679

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bbcusa.abcnewss.cloud/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 09:44:27 GMT
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=136430
x-guploader-uploadid: ABPtcPrlCpWllIUqzXkyth--EmpuqaPhUDFS1MGXKiW6CJ2Sz3bthfNJ9Pc3WlgIS24JBzUAKXje2GewrQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1629792791_blog-1.webp"
content-length: 88092
cf-bgj: imgq:85,h2pri
last-modified: Tue, 24 Aug 2021 08:13:11 GMT
server: cloudflare
etag: "27a867fda226365c2dd513c64d8b82f3"
vary: Accept
x-goog-generation: 1629792791630363
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=D9AttQ==, md5=J6hn/aImNlwt1RPGTYuC8w==
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 136430
accept-ranges: bytes
cf-ray: 8742c1e2a8d79fdc-AMS
expires: Sun, 14 Apr 2024 13:44:27 GMT

GET
H2 200 app.js Show response
app.groove.cm/groovemail/embed/ 3 MB
301 KB 531ms
47ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.groove.cm/groovemail/embed/app.js
Requested by: Host: bbcusa.abcnewss.cloud
URL: https://bbcusa.abcnewss.cloud/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5762e30e0d600cb7d74ebe6e2c2f9b589452cd23e9bba23af5de31ff5fd435a5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bbcusa.abcnewss.cloud/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 09:44:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 17 Jan 2024 23:37:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3819
etag: W/"65a864b4-3028e1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GcjDHOAKZKnRqcYr6KOQhYOAqPiwIDsT0YmqWWAAcTw773JJQ9BQhi5CyXm3SrY%2Fuz3hZ6ETr95%2BQF9KU6T74XqKYJWvaAl2fm%2FoSDpJjguNkpQq1A6U4KS6w3txBKVKc0XqDwB31S%2FWWTU0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8742c1e2a85db8d2-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 slider.js Show response
bbcusa.abcnewss.cloud/js/ 2 KB
1 KB 222ms
221ms Script
application/x-javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bbcusa.abcnewss.cloud/js/slider.js?v=8
Requested by: Host: bbcusa.abcnewss.cloud
URL: https://bbcusa.abcnewss.cloud/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b2547651262d89b1414149e4f5b29b69df13c7b747e04fea52fe762568ca7c6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bbcusa.abcnewss.cloud/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 09:44:26 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 30 Mar 2024 01:07:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"660765e2-7ae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fQyH4y0wLWHb%2B5%2F0RSVcWsNOE3rN0rQBK4QGMnZtBWigTTkJ7ZfPXQ%2BRN6cr5wrFRG05ZeuNl3LVYRYVM9GR%2Be8FSxvW%2FAz%2BYUE%2BEZEsEYhFpUVMjeP%2Fe%2F%2BWr3emSEWlEEAyTkC%2Bi7U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=14400
cf-ray: 8742c1de59920a57-AMS
alt-svc: h3=":443"; ma=86400
expires: Sun, 14 Apr 2024 10:44:26 GMT

GET
H3 200 loadmore.js Show response
bbcusa.abcnewss.cloud/js/ 1 KB
934 B 220ms
218ms Script
application/x-javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bbcusa.abcnewss.cloud/js/loadmore.js?v=8
Requested by: Host: bbcusa.abcnewss.cloud
URL: https://bbcusa.abcnewss.cloud/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b45a9df3f79bb36620441d2eb4f8ab2bb37f7bb91e6b78f6280514d8ce6fd342

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bbcusa.abcnewss.cloud/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 09:44:27 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 30 Mar 2024 01:07:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"660765e2-47a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uQ7nhDfP0rPTyTUfpwUF1KmW9NY8nt7oRU3jjt5L2EcsSfVWDBdMjWnEyWIuBMxdvfw9hTcNvWUpwMqc0O%2B1lgn%2Bx3A8UA1rSlpbVD0%2BEmcImngnO9xxHKw%2FlmoF2qxE0duffyZtiVw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=14400
cf-ray: 8742c1df9b7f0a57-AMS
alt-svc: h3=":443"; ma=86400
expires: Sun, 14 Apr 2024 10:44:26 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
637 B 31ms
27ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito&display=swap

Requested by

Host: bbcusa.abcnewss.cloud
URL: https://bbcusa.abcnewss.cloud/css/style.css?v=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a98b3ab1d1fcf2cd367adf92734fa75730d939ac1a65f48700d5a3b8ee3e9395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bbcusa.abcnewss.cloud/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sun, 14 Apr 2024 09:44:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 14 Apr 2024 07:51:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Apr 2024 09:44:26 GMT

GET
H3 200 /
whos.amung.us/pingjs/ 30 B
30 B 533ms
124ms Image
text/javascript 172.67.8.141
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://whos.amung.us/pingjs/?k=arroganteyk&t=La%20Central&c=s&x=https://twitter.com/&y=https://twitter.com/&a=-1&d=0&v=27&r=5089
Requested by: Host: bbcusa.abcnewss.cloud
URL: https://bbcusa.abcnewss.cloud/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.8.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bbcusa.abcnewss.cloud/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 09:44:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8742c1e23bdd656f-AMS
alt-svc: h3=":443"; ma=86400
content-type: text/javascript;charset=UTF-8

GET
H3 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 157ms
53ms Fetch
text/css 172.64.165.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=e7647a48d4
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e7647a48d4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.165.7 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bbcusa.abcnewss.cloud/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 09:44:27 GMT
via: 1.1 701ed6d11cb535ec9687bbfbe3b14bc0.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS1-P2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=htoXw%2FRfpVLF2NTxIThpIgKpmCfEzXpjzqzTU8fTjVoWTioLmhLj0jTUsFwNroadg77QVGRsf6MHj%2Biaf%2BOhA5w7GtoTtq0eWv5MISXzPgNIGXkRcxeVE7QGiRFmzzflJ7hFlyI1Lw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 8742c1e2d8f40e40-AMS
access-control-allow-headers: fa-kit-token
x-amz-cf-id: sjQenafqYJuzsO3ai91rMqnVewutVwEaC-421Jl0ovXAJ3llLezpdA==

GET
H3 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 159ms
55ms Fetch
text/css 172.64.165.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=e7647a48d4
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e7647a48d4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.165.7 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bbcusa.abcnewss.cloud/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 09:44:27 GMT
via: 1.1 abf5199c76a5a64063b4cf8863f823aa.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS1-P2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=84XACA0Gf2UI19H48XzC5d6M1w6TwXhzaWRqBZB%2Bon3IxHQV97KPSYP4rwzC1BKTPSsSSlrHTyC2jLWAGWXGHjxv5Tdb03a%2BDJWRbf8O4xedA0dllfGIGQ%2FW%2BjDmx23tEY%2FCqS%2BXsA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 8742c1e2d8ee0e40-AMS
access-control-allow-headers: fa-kit-token
x-amz-cf-id: RxApxmytcTPDM_rSRSQoEs4Mp1T4YerY4LMJ770_co3Q9gpxPdtT2Q==

GET
H3 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
1 KB 140ms
37ms Fetch
text/css 172.64.165.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=e7647a48d4
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e7647a48d4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.165.7 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bbcusa.abcnewss.cloud/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 09:44:27 GMT
via: 1.1 e345c29560592087623dbe75e8d765d6.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS1-P2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N%2FEQwb685yOvUJcFqL6nkvX3dHzcUNTMjYcFAekm%2FzDdDXpwHRLdvQPCmLNc%2BtCMIEKpy9t5WPLt38lLvRjM7nyRQBQrGszqYTNeU4%2FH2fdfjhgwn9N5to3WRqhVqcFzLXA9G2wmIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 8742c1e2c8e90e40-AMS
access-control-allow-headers: fa-kit-token
x-amz-cf-id: jev--ISEiNXQw9zlgdGOdPItPXUurEt9osAfLUi_EYDytZDJVXROsA==

GET
H3 404 favicon.ico
bbcusa.abcnewss.cloud/ 2 KB
1 KB 223ms
222ms Other
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bbcusa.abcnewss.cloud/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bbcusa.abcnewss.cloud/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 09:44:27 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SHlx8ohdo0kivQyc34gUMe%2Bq3SQ%2B38t7pW6Ek%2Bt3DCAA7xfZF5au%2B6DbApXAGmZRiEk4GGEDK5y7QvByWFH4%2B%2FGTHd2yrRMII85DyH4SOq%2FwVG9vnGORf4iOjhP%2FWE18oSG886wEPYA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 8742c1e51a920a57-AMS
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK video78knews.html Show response
objectstorage.us-chicago-1.oraclecloud.com/n/axuu37gtyamf/b/bucket-20240307-1309/o/ 740 B
2 KB 491ms
118ms Document
text/html 134.70.196.1
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://objectstorage.us-chicago-1.oraclecloud.com/n/axuu37gtyamf/b/bucket-20240307-1309/o/video78knews.html

Requested by

Host: bbcusa.abcnewss.cloud
URL: https://bbcusa.abcnewss.cloud/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

134.70.196.1 Chicago, United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

Resource Hash

ff2c757d517e8b9b618077088ed3bdd7238b187c3b39e2ed5d1077252f1ddfc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://bbcusa.abcnewss.cloud/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Content-Length: 740
Content-Type: text/html
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
content-md5: XLb5mrmBS3rrxIQ4S5zITA==
date: Sun, 14 Apr 2024 09:44:28 GMT
etag: 1bd547c1-5e74-46ad-9ee9-2424cfedc313
last-modified: Fri, 29 Mar 2024 01:58:10 GMT
opc-request-id: ord-1:DIVaw5o2g9uZDMznkocERE9QUGXK1dtOFxsPBFAXZnwtWD7Jfus-XwaYwKVZ8rlQ
storage-tier: Standard
strict-transport-security: max-age=31536000; includeSubDomains
version-id: 342267ba-c182-4519-a7dc-0aeffd99d5d0
x-api-id: native
x-content-type-options: nosniff

GET
H2 200 index.php
2fu.us/ 119 B
314 B 246ms
44ms Script
application/javascript 91.148.141.242
DAINTERNATIONALGROUP

General

Check archive.org

Show headers Download Go to

Full URL: https://2fu.us/index.php?username=eldemo&counter=reading12345
Requested by: Host: objectstorage.us-chicago-1.oraclecloud.com
URL: https://objectstorage.us-chicago-1.oraclecloud.com/n/axuu37gtyamf/b/bucket-20240307-1309/o/video78knews.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.148.141.242 Sofia, Bulgaria, ASN203380 (DAINTERNATIONALGROUP, BG),
Reverse DNS: e-relab.mobi
Software: nginx/1.20.1 / PHP/8.0.30
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://objectstorage.us-chicago-1.oraclecloud.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 14 Apr 2024 09:44:28 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
server: nginx/1.20.1
x-powered-by: PHP/8.0.30
content-type: application/javascript

GET
H3

200

r.html Show response
cdntechone.com/
Redirect Chain

https://cchcontent.com/?k=dcbaa150f0cfd9a1b7b8e5764cc2ca39&type=mainstream&subtype=global&data1=pc
https://gtoonfd.com/link?z=4677281&var=16111&ymid=9a2957510d06c61234519912d875c40a&clickid=9a2957510d06c61234519912d875c40a
https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=4677281&axcusid1=16111&clid={ymid}&r=http%3A%2F%2Fgtoonfd.com%2Flink%3Fz%3D4677281%26var%3D16111%26ymid%3D9a2957510d0...

22 KB
9 KB

166ms
33ms

Document
text/html

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=4677281&axcusid1=16111&clid={ymid}&r=http%3A%2F%2Fgtoonfd.com%2Flink%3Fz%3D4677281%26var%3D16111%26ymid%3D9a2957510d06c61234519912d875c40a%26clickid%3D9a2957510d06c61234519912d875c40a%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=4225
Requested by: Host: 2fu.us
URL: https://2fu.us/index.php?username=eldemo&counter=reading12345
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 785c9ae55eb9710019f4b32060731514e6bf11d2fb96e0c5bc5dec7d2bfc9319

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://objectstorage.us-chicago-1.oraclecloud.com/n/axuu37gtyamf/b/bucket-20240307-1309/o/video78knews.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8742c1efabe79fca-AMS
content-encoding: br
content-type: text/html
date: Sun, 14 Apr 2024 09:44:29 GMT
last-modified: Wed, 07 Feb 2024 12:51:04 GMT
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IyeKVRM2s%2FxCHbLlOwrTMICSuh6%2B%2BZK13PRmnJRylvweGRXc9INHLZPS1B%2BKjLtLOjHfGs%2BcaUYKcvbaEFFGjbL4BWuOER6TDltiB1Ipq42SN7XRM3YLbwiQ8mh9AwKJwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-length: 0
date: Sun, 14 Apr 2024 09:44:29 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://cdntechone.com>; rel="dns-prefetch preconnect"
location: https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=4677281&axcusid1=16111&clid={ymid}&r=http%3A%2F%2Fgtoonfd.com%2Flink%3Fz%3D4677281%26var%3D16111%26ymid%3D9a2957510d06c61234519912d875c40a%26clickid%3D9a2957510d06c61234519912d875c40a%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=4225
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: *
x-content-type-options: nosniff

POST
H/1.1 200
OK add
datatechone.com/log/ 2 B
467 B 161ms
13ms XHR
text/plain 139.45.195.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://datatechone.com/log/add?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853&ruid=e30aaf37-9cab-4568-9d3a-9916eae2d821
Requested by: Host: cdntechone.com
URL: https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=4677281&axcusid1=16111&clid={ymid}&r=http%3A%2F%2Fgtoonfd.com%2Flink%3Fz%3D4677281%26var%3D16111%26ymid%3D9a2957510d06c61234519912d875c40a%26clickid%3D9a2957510d06c61234519912d875c40a%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=4225
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://cdntechone.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 14 Apr 2024 09:44:29 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://cdntechone.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 2

GET
H2

200

link Show response
gtoonfd.com/
Redirect Chain

http://gtoonfd.com/link?z=4677281&var=16111&ymid=9a2957510d06c61234519912d875c40a&clickid=9a2957510d06c61234519912d875c40a&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=4225
https://gtoonfd.com/link?z=4677281&var=16111&ymid=9a2957510d06c61234519912d875c40a&clickid=9a2957510d06c61234519912d875c40a&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=4225

33 KB
14 KB

34ms
34ms

Document
text/html

139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://gtoonfd.com/link?z=4677281&var=16111&ymid=9a2957510d06c61234519912d875c40a&clickid=9a2957510d06c61234519912d875c40a&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=4225

Requested by

Host: cdntechone.com
URL: https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=4677281&axcusid1=16111&clid={ymid}&r=http%3A%2F%2Fgtoonfd.com%2Flink%3Fz%3D4677281%26var%3D16111%26ymid%3D9a2957510d06c61234519912d875c40a%26clickid%3D9a2957510d06c61234519912d875c40a%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=4225

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

0c87fb7d0493e2486441859a55d9f6565177d34ce587c408e2b897b1d6f25139

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=4677281&axcusid1=16111&clid={ymid}&r=http%3A%2F%2Fgtoonfd.com%2Flink%3Fz%3D4677281%26var%3D16111%26ymid%3D9a2957510d06c61234519912d875c40a%26clickid%3D9a2957510d06c61234519912d875c40a%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=4225
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf8
date: Sun, 14 Apr 2024 09:44:29 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: e616c0cdd93f95e56b63dd2c0973c4cb

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://gtoonfd.com/link?z=4677281&var=16111&ymid=9a2957510d06c61234519912d875c40a&clickid=9a2957510d06c61234519912d875c40a&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=4225
Non-Authoritative-Reason: HSTS

POST
H2 200 sftouch
thaudray.com/ 0
0 279ms
16ms Ping
text/plain 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thaudray.com/sftouch?userId=04803ec55e344794feb80c7af53ba299&z=4677282&p_rid=4845f797-0d15-45fe-a022-51bb0fb92fc7&p_src=sf&branchId=0&rb=QVFG0Uztyp2YsQ9gwgd-w8-6lx4d4Dt0YPieL6WjIaN5iOnVtMdFrdTvXiDCwwXqP910HSEGdfZPPwCtaVuTZiqFPCLtfoYSTA8c2HYw4FHVv9UwcxRsc__tNRrDS73BoYTPqfCcBvFVWBLWLeGoReWoc-B6B_O86c_Sdht0iYHVF-3IYu40N-Rm0g_Mdv_vetq_U3dko6ueZ_zQXIFr97oQu23DYaQQXYCSiyfe3B06j96I1ImijGziz1c7_wUeSe7bNeWlRf-XfZzh3XbKPCSkZXJO9_ggxqb_d_8AKqApEdWsxHZqHlVFJGIuG2W1El0ns_pzux4=
Requested by: Host: gtoonfd.com
URL: https://gtoonfd.com/link?z=4677281&var=16111&ymid=9a2957510d06c61234519912d875c40a&clickid=9a2957510d06c61234519912d875c40a&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=4225
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gtoonfd.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

POST
H/1.1 200
OK add Show response
datatechone.com/log/ 2 B
464 B 132ms
21ms XHR
text/plain 139.45.195.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=4845f797-0d15-45fe-a022-51bb0fb92fc7
Requested by: Host: gtoonfd.com
URL: https://gtoonfd.com/link?z=4677281&var=16111&ymid=9a2957510d06c61234519912d875c40a&clickid=9a2957510d06c61234519912d875c40a&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=4225
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://gtoonfd.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 14 Apr 2024 09:44:30 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://gtoonfd.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 2

GET
H2 200 img.gif
my.rtmark.net/ 43 B
492 B 436ms
18ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=04803ec55e344794feb80c7af53ba299&z=4677282&p_rid=4845f797-0d15-45fe-a022-51bb0fb92fc7&p_src=sf

Requested by

Host: gtoonfd.com
URL: https://gtoonfd.com/link?z=4677281&var=16111&ymid=9a2957510d06c61234519912d875c40a&clickid=9a2957510d06c61234519912d875c40a&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=4225

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gtoonfd.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 09:44:30 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2

200

/
thaudray.com/4/6118780/
Redirect Chain

https://thaudray.com/?z=4677282&syncedCookie=true&rhd=false
https://thaudray.com/4/6118780/?var=4677282&btz=Europe/Amsterdam&bto=-120

33 KB
14 KB

38ms
36ms

Document
text/html

139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://thaudray.com/4/6118780/?var=4677282&btz=Europe/Amsterdam&bto=-120

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Content-Type: application/x-www-form-urlencoded
Origin: https://gtoonfd.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf8
date: Sun, 14 Apr 2024 09:44:30 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: 5688e3eaaf88a6018f34d0c751322877

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://gtoonfd.com
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length: 0
date: Sun, 14 Apr 2024 09:44:30 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://thaudray.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location: https://thaudray.com/4/6118780/?var=4677282&btz=Europe/Amsterdam&bto=-120
pragma: no-cache
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: 4a9130a36e11e080a4c89dffb91ed85e

GET
H2 204 favicon.ico
gtoonfd.com/ 0
150 B 67ms
65ms Other
text/plain 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gtoonfd.com/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "123.0.6312.122"
Referer: https://gtoonfd.com/afu.php?zoneid=4677282&var=4677282&rid=ksX-wKK1z8yLZCaWKyzJyw%3D%3D&rhd=false&ab2r=0&sf=1&os=win32&os_version=10.0.0&is_mobile=false&browser_version=123.0.6312.122
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Sun, 14 Apr 2024 09:44:30 GMT
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
server: nginx
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 204 favicon.ico
gtoonfd.com/ 0
0 7ms
7ms Other
text/plain 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gtoonfd.com/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "123.0.6312.122"
Referer: https://gtoonfd.com/afu.php?zoneid=4677282&var=4677282&rid=ksX-wKK1z8yLZCaWKyzJyw%3D%3D&rhd=false&ab2r=0&sf=1&os=win32&os_version=10.0.0&is_mobile=false&browser_version=123.0.6312.122
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Sun, 14 Apr 2024 09:44:30 GMT
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
server: nginx
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 sftouch
thaudray.com/ 2 B
604 B 16ms
15ms Ping
text/plain 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://thaudray.com/sftouch?userId=00803eacb6364253fefa9293f940e814&z=6118780&p_rid=e81bb3a8-5661-46bd-87a2-776b642fb59d&p_src=sf&branchId=0&rb=FCSB52-WcowuCecRKSO60IKUl6t4jzoqisyfNAOPpNrNsDEBO4TZ7RmjzjEe4dFtaNYUflNqDSuyvDvF4kftDNtAqSux3JetnwApl10d3v9VssXu2zXTcCdQk-PYGouhkJcYTPgue3bwSVRKdofNK50FIA2xS05te6AIWrBrljv6Hx8d_FwHVPfn8T5hiM96lk_vqyoGKCDsHrBh4DVCfbjlnF5MS_fGhrRK3ad10zinQSOMcLKV9j9LLoWSLlDuyYVdNLnSU-iwjgMFKlpnPvCb0ZuRbN--_JWanv2MXd0f_RDB

Requested by

Host: thaudray.com
URL: https://thaudray.com/4/6118780/?var=4677282&btz=Europe/Amsterdam&bto=-120

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "123.0.6312.122"
Referer: https://thaudray.com/4/6118780/?var=4677282&btz=Europe/Amsterdam&bto=-120
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 09:44:31 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-length: 2
x-trace-id: 89565a8c968ba9d843f83b476d9d0e04
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: https://thaudray.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 img.gif
my.rtmark.net/ 43 B
492 B 44ms
14ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=00803eacb6364253fefa9293f940e814&z=6118780&p_rid=e81bb3a8-5661-46bd-87a2-776b642fb59d&p_src=sf

Requested by

Host: thaudray.com
URL: https://thaudray.com/4/6118780/?var=4677282&btz=Europe/Amsterdam&bto=-120

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thaudray.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 09:44:31 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

POST
H/1.1 200
OK add
datatechone.com/log/ 2 B
465 B 42ms
13ms XHR
text/plain 139.45.195.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=e81bb3a8-5661-46bd-87a2-776b642fb59d
Requested by: Host: thaudray.com
URL: https://thaudray.com/4/6118780/?var=4677282&btz=Europe/Amsterdam&bto=-120
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://thaudray.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 14 Apr 2024 09:44:31 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://thaudray.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 2

GET
H2 204 favicon.ico
thaudray.com/ 0
150 B 17ms
14ms Other
text/plain 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thaudray.com/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "123.0.6312.122"
Referer: https://thaudray.com/4/6118780/?var=4677282&btz=Europe/Amsterdam&bto=-120
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Sun, 14 Apr 2024 09:44:31 GMT
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
server: nginx
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3

200

Primary Request stopnow.html Show response
popupblockernow.com/
Redirect Chain

https://thaudray.com/?z=6118780&syncedCookie=true&rhd=false
https://popupblockernow.com/stopnow.html?an=pa&cid=803311354298773653&sid=6118780

9 KB
3 KB

87ms
43ms

Document
text/html

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://popupblockernow.com/stopnow.html?an=pa&cid=803311354298773653&sid=6118780

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63a1a6a3878b5336d94f43bdb3c16faf7bf60592d2daf608b153ac3aa512adfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Content-Type: application/x-www-form-urlencoded
Origin: https://thaudray.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-arch: "x86"
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version: "123.0.6312.122"
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-mobile: ?0
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8742c1fcb896971e-AMS
content-encoding: br
content-type: text/html
date: Sun, 14 Apr 2024 09:44:31 GMT
last-modified: Sat, 06 Apr 2024 05:58:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U%2B9A6j3XgOuR6uBCxm7AlUrwiHO77ItZjgv0csQr7w6nC1iO5k%2BBmaR61nV5xwLgNzBA1b0rWPLTI8CqlSh0qz9MJUE1eFVQRRU8ajHzAAskBm%2FKdb4S8GCfGUI4sM%2FhXmWlWyHZ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=16000000
vary: Accept-Encoding

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://thaudray.com
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length: 0
date: Sun, 14 Apr 2024 09:44:31 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://popupblockernow.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location: https://popupblockernow.com/stopnow.html?an=pa&cid=803311354298773653&sid=6118780
pragma: no-cache
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: e280be583bc51538ea3ee84a13505004

GET
H2 204 favicon.ico
thaudray.com/ 0
0 1ms
0ms Other
text/plain 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thaudray.com/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "123.0.6312.122"
Referer: https://thaudray.com/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&os=win32&os_version=10.0.0&is_mobile=false&browser_version=123.0.6312.122
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Sun, 14 Apr 2024 09:44:31 GMT
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
server: nginx
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 style.css
popupblockernow.com/ 5 KB
2 KB 28ms
27ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://popupblockernow.com/style.css

Requested by

Host: popupblockernow.com
URL: https://popupblockernow.com/stopnow.html?an=pa&cid=803311354298773653&sid=6118780

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37449c1cc972ec6c8820ed69ac3f8f1ba64143aecc42f7a83ef9795c239a71d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 09:44:31 GMT
strict-transport-security: max-age=16000000
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 06 Apr 2024 05:58:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1757
etag: W/"1373-6156744bd602c-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oOb7wKFH5A1QAwqSDTW1WYhTDWTnCMAxRC348dK%2BRsscLrT3xkO%2B7VkKKjPfIRgSXPqqadDVXg%2Bn%2BWORiywNo2UdEhyBYj3GZtaynOmDySSZF9C7M4WqFVQFZPk5hBjxRKkHuCMH"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 8742c1fd4961971e-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1 KB 104ms
31ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Plus+Jakarta+Sans:ital,wght@0,700;1,400&display=swap

Requested by

Host: popupblockernow.com
URL: https://popupblockernow.com/stopnow.html?an=pa&cid=803311354298773653&sid=6118780

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

10f7738415f125d9c21336ca24b5aa1d6ce2aa56af368b6105fdff14e3f3c18f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sun, 14 Apr 2024 09:44:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 14 Apr 2024 09:43:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Apr 2024 09:44:31 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 298 KB
99 KB 110ms
38ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-15SDG98XYJ

Requested by

Host: popupblockernow.com
URL: https://popupblockernow.com/stopnow.html?an=pa&cid=803311354298773653&sid=6118780

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9b60378c2cd0fdb7b91aa45b4597624accc1089e0179c0eb5a270b9e2eaef7af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 09:44:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 100884
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 14 Apr 2024 09:44:31 GMT

GET
H3 200 shield.webp
popupblockernow.com/assets/img/ 2 KB
2 KB 21ms
20ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://popupblockernow.com/assets/img/shield.webp

Requested by

Host: popupblockernow.com
URL: https://popupblockernow.com/stopnow.html?an=pa&cid=803311354298773653&sid=6118780

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ece54ea24fbb080515ffc6e4bae52180768537a739c02aeb3d84faf3f8fe62f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 09:44:31 GMT
strict-transport-security: max-age=16000000
cf-cache-status: HIT
last-modified: Sat, 06 Apr 2024 05:59:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2180
etag: W/"722-61567458d04b4-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mJPwp7zgfQZa7FZxVHFgm28thXG7ZXTbpa38Dq2vv%2BJiVZhoqhXmmNwdg5x4OzcUn%2BWGJTBpKwt69UkdsRnSjLqEqvgp5GdR7hBm3XLlJFHyJXUHH9sl7miQc1u4r4HV6TvL4vnN"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=86400
cf-ray: 8742c1fd4963971e-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 ChromeWebStore_Badge_v2_340x96.png
popupblockernow.com/img/ 6 KB
6 KB 24ms
23ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://popupblockernow.com/img/ChromeWebStore_Badge_v2_340x96.png

Requested by

Host: popupblockernow.com
URL: https://popupblockernow.com/stopnow.html?an=pa&cid=803311354298773653&sid=6118780

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f49e4bff319083c20b3386f23547315773631e155e389ed42550295e4913e12d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 09:44:31 GMT
strict-transport-security: max-age=16000000
cf-cache-status: HIT
last-modified: Sat, 06 Apr 2024 05:59:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6735
etag: W/"1608-6156744fde3e3-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VvGUHxzYWYoxFLgo3OQzrj%2BCWViDO18evfddqC4JlKk9Pzklh867C9Y7ncaEy0Id3GkmjnFiKzCT%2B%2F32tlMVnusRMyPoTNEVtsp9cfdiGKZUmAKLUpUTtuXYDTjspmbaqKNICHBj"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
cf-ray: 8742c1fd4966971e-AMS
alt-svc: h3=":443"; ma=86400

GET /
invalid/ 0
0

GET
H3 200 ProductSans-Bold.ttf
popupblockernow.com/assets/fonts/ 54 KB
25 KB 37ms
36ms Font
font/ttf 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://popupblockernow.com/assets/fonts/ProductSans-Bold.ttf

Requested by

Host: popupblockernow.com
URL: https://popupblockernow.com/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8dbeee804c249634fd860cae932f54afe759de8c17c136995fcae57c24348cf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://popupblockernow.com/style.css
Origin: https://popupblockernow.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 09:44:31 GMT
strict-transport-security: max-age=16000000
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 06 Apr 2024 05:59:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1674
etag: W/"d8fc-6156745ebaf34-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3j85Wz5KvE0kIaTETpeIVZriQ8kd31b%2B2xXLpcWhyhKBOaPO6JQjupJXlzvKkpLzBoOaIgYbCQNfOgW2cbYfdBLUQeR4t%2BnJ1RBjb2vrwqYSb%2F1rsKeSGoBRSlbhjvTHU4sqt9S9"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: max-age=86400
cf-ray: 8742c1fdfa81971e-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 ProductSans-Regular.ttf
popupblockernow.com/assets/fonts/ 40 KB
18 KB 24ms
23ms Font
font/ttf 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://popupblockernow.com/assets/fonts/ProductSans-Regular.ttf

Requested by

Host: popupblockernow.com
URL: https://popupblockernow.com/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b34cbb71d75b84eb4925f51e050249f65fb3e3550133aba0a4c161c6820aec82

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://popupblockernow.com/style.css
Origin: https://popupblockernow.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 09:44:31 GMT
strict-transport-security: max-age=16000000
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 06 Apr 2024 05:59:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1674
etag: W/"a09c-6156745ff373b-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bws0afD2rdkaITIEhmg6wVsRKkUgY7NpYHyx72DyDWn6zCyTgnF9qfvSqN8NBCtM4YWwkI0GADuxkXWzdu1M%2B%2F2MRjco3P1GmwKCjG4aQ4hv4bQRTw9NWPvwJh7WTx16x9qQiqNZ"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: max-age=86400
cf-ray: 8742c1fdfa85971e-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 CircularStd-Book.otf
popupblockernow.com/assets/fonts/ 81 KB
34 KB 52ms
51ms Font
font/ttf 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://popupblockernow.com/assets/fonts/CircularStd-Book.otf

Requested by

Host: popupblockernow.com
URL: https://popupblockernow.com/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b7cb787d3306875da9d407ed280744db2e4295477dc1d88ea23326103266487

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://popupblockernow.com/style.css
Origin: https://popupblockernow.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 09:44:31 GMT
strict-transport-security: max-age=16000000
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 06 Apr 2024 05:59:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1674
etag: W/"143a8-6156745d6cf6d-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tDQzb9N6LWu4rYwtpj8%2FOtDFKt0oTU50zjHNpZAVQ2Gef9tJWPAQhTGiBmZ4eggkzwpcmzcImWaZIjQa%2FkNM2zPD1KTuGBUCTGIJ0EUOB0z2XMfUfrfsAXEUP4Zs9naqOIhPkLUB"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: max-age=86400
cf-ray: 8742c1fdfa89971e-AMS
alt-svc: h3=":443"; ma=86400

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 48ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-15SDG98XYJ&gtm=45je44a0v9171646941za200&_p=1713087871662&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1595131750.1713087872&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1713087871&sct=1&seg=0&dl=https%3A%2F%2Fpopupblockernow.com%2Fstopnow.html%3Fan%3Dpa%26cid%3D803311354298773653%26sid%3D6118780&dt=Download%20PopUp%20Blocker&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=490
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-15SDG98XYJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 14 Apr 2024 09:44:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://popupblockernow.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 36ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-15SDG98XYJ&gtm=45je44a0v9171646941za200&_p=1713087871662&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1595131750.1713087872&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=2&sid=1713087871&sct=1&seg=0&dl=https%3A%2F%2Fpopupblockernow.com%2Fstopnow.html%3Fan%3Dpa%26cid%3D803311354298773653%26sid%3D6118780&dt=Download%20PopUp%20Blocker&en=17stopnow-v3&_ee=1&ep.adNet=pa&ep.action=view&_et=2&tfd=504
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-15SDG98XYJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 14 Apr 2024 09:44:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://popupblockernow.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 favicon.ico
popupblockernow.com/ 2 KB
3 KB 30ms
30ms Other
image/vnd.microsoft.icon 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://popupblockernow.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5407c173dfcbc26b399dc49e2e180ec0f36f5daaf97e16bdd9a6cf9bda98f1c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 09:44:31 GMT
strict-transport-security: max-age=16000000
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 06 Apr 2024 05:59:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7104
etag: W/"8e1-6156744cf51f3-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KhYlgAcTE3WBSrrhPvkwFQupx14Q4u69k5DoX9m82JQUKUAh9vm5pqBlWxvrHvvwlpTAHAMasjt24g0kwHo8Z4dm67O%2BthL0q8afTRvdGOL5yyVB4IoqP3T6PCj2e%2F7k1JoElIkr"}],"group":"cf-nel","max_age":604800}
content-type: image/vnd.microsoft.icon
cache-control: max-age=86400
cf-ray: 8742c1fecbe2971e-AMS
alt-svc: h3=":443"; ma=86400

GET /
invalid/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gtoonfd.com/	1970-01-21 04:37:03	Name: OAID Value: 04803ec55e344794feb80c7af53ba299
gtoonfd.com/	1970-01-21 04:37:03	Name: oaidts Value: 1713087869
gtoonfd.com/	1970-01-20 19:52:54	Name: phpckd4677281 Value: true
gtoonfd.com/	1970-01-21 04:37:03	Name: allcnt Value: 1
my.rtmark.net/	1970-01-21 04:37:03	Name: ID Value: 04803ec55e344794feb80c7af53ba299
thaudray.com/	1970-01-21 04:37:03	Name: oaidts Value: 1713087870
thaudray.com/	1970-01-21 04:37:03	Name: OAID Value: 04803ec55e344794feb80c7af53ba299
thaudray.com/	1970-01-20 20:01:32	Name: syncedCookie Value: true
.popupblockernow.com/	1970-01-21 05:27:27	Name: _ga Value: GA1.1.1595131750.1713087872
.popupblockernow.com/	1970-01-21 05:27:27	Name: _ga_15SDG98XYJ Value: GS1.1.1713087871.1.0.1713087871.0.0.0

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bbcusa.abcnewss.cloud/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://gtoonfd.com/afu.php?zoneid=4677282&var=4677282&rid=ksX-wKK1z8yLZCaWKyzJyw%3D%3D&rhd=false&ab2r=0&sf=1&os=win32&os_version=10.0.0&is_mobile=false&browser_version=123.0.6312.122 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://thaudray.com/4/6118780/?var=4677282&btz=Europe/Amsterdam&bto=-120 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://thaudray.com/4/6118780/?var=4677282&btz=Europe/Amsterdam&bto=-120 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2fu.us
app.groove.cm
assets.grooveapps.com
back.lacentral.vip
bbcusa.abcnewss.cloud
cchcontent.com
cdnjs.cloudflare.com
cdntechone.com
datatechone.com
fonts.googleapis.com
gtoonfd.com
images.groovetech.io
invalid
ka-f.fontawesome.com
kit.fontawesome.com
my.rtmark.net
objectstorage.us-chicago-1.oraclecloud.com
popupblockernow.com
region1.google-analytics.com
thaudray.com
whos.amung.us
www.googletagmanager.com
invalid
104.17.24.14
134.70.196.1
139.45.195.253
139.45.195.8
139.45.197.237
139.45.197.239
172.64.165.7
172.67.8.141
188.114.96.3
2001:4860:4802:34::36
2606:4700:4400::6812:2844
2606:4700::6812:15b4
2a00:1450:4001:808::2008
2a00:1450:4001:80b::200a
2a06:98c1:3121::3
64.227.23.114
91.148.141.242
07f246bab9f2d6dc06aec29f59aebfca877000796fe2b835e2ca8aecf5976679
0b7cb787d3306875da9d407ed280744db2e4295477dc1d88ea23326103266487
0c87fb7d0493e2486441859a55d9f6565177d34ce587c408e2b897b1d6f25139
10f7738415f125d9c21336ca24b5aa1d6ce2aa56af368b6105fdff14e3f3c18f
1bea125390c9a457da600dc62b14fe805007c83b5d97080b763dc43007818ddb
2011818b45654ef9eeceacedcfe494e3778b4f0a57a57dd1e5ba6df1b2a2b9ce
21e0de7310520951cdf0d1ac8a0c0adafe35d8e3dc024b6c03abc81d33d6c49b
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
37449c1cc972ec6c8820ed69ac3f8f1ba64143aecc42f7a83ef9795c239a71d6
5407c173dfcbc26b399dc49e2e180ec0f36f5daaf97e16bdd9a6cf9bda98f1c4
5762e30e0d600cb7d74ebe6e2c2f9b589452cd23e9bba23af5de31ff5fd435a5
63a1a6a3878b5336d94f43bdb3c16faf7bf60592d2daf608b153ac3aa512adfb
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
785c9ae55eb9710019f4b32060731514e6bf11d2fb96e0c5bc5dec7d2bfc9319
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
8b2547651262d89b1414149e4f5b29b69df13c7b747e04fea52fe762568ca7c6
8dbeee804c249634fd860cae932f54afe759de8c17c136995fcae57c24348cf9
93ae5132802370bcbb24e29ff7fbf93662b7c2ba159e22c13d41ae1e5679ead4
9b60378c2cd0fdb7b91aa45b4597624accc1089e0179c0eb5a270b9e2eaef7af
a2f2dd8cda40f0844707f24233f7e7a7a2c84fac13be91d3cb5467c95b1945e7
a98b3ab1d1fcf2cd367adf92734fa75730d939ac1a65f48700d5a3b8ee3e9395
b190768a27312ddecca5f1f2e2ef9c55a79457391e493fc514d4ce17ebd3b224
b1ad2f9d383ef7e0adb2760405b4a8518ae632f1e7efdd2963bec491c44e2f69
b34cbb71d75b84eb4925f51e050249f65fb3e3550133aba0a4c161c6820aec82
b45a9df3f79bb36620441d2eb4f8ab2bb37f7bb91e6b78f6280514d8ce6fd342
e23b9456a09929c5ff380d3f7c6c61c5a30da47c94fe52a9d96159126f4c0dec
e2aad277b5ddbcbbb152a9c10767f5c2aca0cc3376139e6f767823a0206c23f2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ece54ea24fbb080515ffc6e4bae52180768537a739c02aeb3d84faf3f8fe62f7
f3643ccb6ab78a00850c938303db61ff4d2d572c243863a1c961cc9ebc0a12bf
f49e4bff319083c20b3386f23547315773631e155e389ed42550295e4913e12d
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
fc6768a026ab59b940726b157f3457675c02f3c410b9ef9f515d1c148af461f1
ff2c757d517e8b9b618077088ed3bdd7238b187c3b39e2ed5d1077252f1ddfc6

popupblockernow.com Open in urlscan Pro 188.114.96.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

94 %HTTPS

35 %IPv6

21 Domains

22 Subdomains

17 IPs

6 Countries

790 kBTransfer

5962 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

popupblockernow.com Open in urlscan Pro
188.114.96.3 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

94 %
HTTPS

35 %
IPv6

21
Domains

22
Subdomains

17
IPs

6
Countries

790 kB
Transfer

5962 kB
Size

10
Cookies

53 HTTP transactions
0 data transactions