urlscan.io logo urlscan.io
SecurityTrails logo

add-extension-now.com Open in urlscan Pro
2606:4700:3035::ac43:9879  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.co/EvDMTUiEsT
Effective URL: https://add-extension-now.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaig...
Submission: On December 12 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 9 domains to perform 47 HTTP transactions. The main IP is 2606:4700:3035::ac43:9879, located in United States and belongs to CLOUDFLARENET, US. The main domain is add-extension-now.com.
TLS certificate: Issued by E1 on October 24th 2023. Valid for: 3 months.
This is the only time add-extension-now.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    104.244.42.133 (United States)

ASN13414 (TWITTER, US)
t.co
1    139.45.197.245 (United Kingdom)

ASN9002 (RETN-AS, GB)
eptougry.net
4    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
16    139.45.197.160 (United Kingdom)

ASN9002 (RETN-AS, GB)
uponminunan.com
2    2606:4700:3032::6815:7c7 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-blocking24.net
14    2606:4700:3035::ac43:9879 (United States)

ASN13335 (CLOUDFLARENET, US)
add-extension-now.com
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:20e8:7200:12:b121:9c80:93a1 (United States)

ASN16509 (AMAZON-02, US)
euob.thatmonkeybites3.com
4    2a05:d018:56f:b800:f42c:e894:1fb0:3740 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
obseu.thatmonkeybites3.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
16 uponminunan.com
uponminunan.com — Cisco Umbrella Rank: 252013
56 KB
14 add-extension-now.com
add-extension-now.com
193 KB
5 thatmonkeybites3.com
euob.thatmonkeybites3.com — Cisco Umbrella Rank: 177165
obseu.thatmonkeybites3.com — Cisco Umbrella Rank: 186138
39 KB
4 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 12331
2 KB
2 ad-blocking24.net
ad-blocking24.net — Cisco Umbrella Rank: 125446
1 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2189
258 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
83 KB
1 eptougry.net
eptougry.net — Cisco Umbrella Rank: 731080
2 KB
1 t.co
t.co — Cisco Umbrella Rank: 589
624 B
47 9
Domain Requested by
16 uponminunan.com eptougry.net
uponminunan.com
14 add-extension-now.com uponminunan.com
add-extension-now.com
4 obseu.thatmonkeybites3.com euob.thatmonkeybites3.com
add-extension-now.com
4 my.rtmark.net eptougry.net
uponminunan.com
2 ad-blocking24.net 1 redirects add-extension-now.com
1 region1.google-analytics.com www.googletagmanager.com
1 euob.thatmonkeybites3.com add-extension-now.com
1 www.googletagmanager.com add-extension-now.com
1 eptougry.net t.co
1 t.co
47 10

This site contains no links.

Subject Issuer Validity Valid
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
rtmark.net
R3		 2023-10-07 -
2024-01-05		 3 months crt.sh
uponminunan.com
R3		 2023-11-17 -
2024-02-15		 3 months crt.sh
add-extension-now.com
E1		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.thatmonkeybites3.com
Amazon RSA 2048 M01		 2023-07-18 -
2024-08-15		 a year crt.sh
ad-blocking24.net
E1		 2023-11-05 -
2024-02-03		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://add-extension-now.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=4662728&cid=5639ffnh93zqevra42&lpkey=17ec021840fd519469&uclick=fnh93zqevr&uclickhash=fnh93zqevr-fnh93zqevr-8p6o-0-xsa9-8puo-8pfv-13c472
Frame ID: 725C4C2A22A77F4D4A89410C9D1975C1
Requests: 49 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

YTube AdSkipper

Page URL History Show full URLs

  1. https://t.co/EvDMTUiEsT Page URL
  2. http://eptougry.net/4/6743588 Page URL
  3. https://uponminunan.com/?s=758503597293183644&ssk=f962a9673e7b3816beca94f47ecd0d67&svar=1702404868&z... Page URL
  4. https://uponminunan.com/?s=758503597293183644&ssk=f962a9673e7b3816beca94f47ecd0d67&svar=1702404868&z... Page URL
  5. https://ad-blocking24.net/cp4kl7k.php?key=fickwiw7fy7yshltu1k2&visitor_id=758503598224315334&cost=0.00... HTTP 302
    https://add-extension-now.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.ne... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

47
Requests

91 %
HTTPS

60 %
IPv6

9
Domains

10
Subdomains

11
IPs

4
Countries

377 kB
Transfer

1002 kB
Size

28
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.co/EvDMTUiEsT Page URL
  2. http://eptougry.net/4/6743588 Page URL
  3. https://uponminunan.com/?s=758503597293183644&ssk=f962a9673e7b3816beca94f47ecd0d67&svar=1702404868&z=6743588&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb Page URL
  4. https://uponminunan.com/?s=758503597293183644&ssk=f962a9673e7b3816beca94f47ecd0d67&svar=1702404868&z=6743588&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 Page URL
  5. https://ad-blocking24.net/cp4kl7k.php?key=fickwiw7fy7yshltu1k2&visitor_id=758503598224315334&cost=0.003654&zoneid=4662728&campaignid=7744866&bannerid=19839484&subzoneid=0&oaid=0b4e1cb2c0cb28bc6ccdf89323d5ba0a HTTP 302
    https://add-extension-now.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=4662728&cid=5639ffnh93zqevra42&lpkey=17ec021840fd519469&uclick=fnh93zqevr&uclickhash=fnh93zqevr-fnh93zqevr-8p6o-0-xsa9-8puo-8pfv-13c472 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
EvDMTUiEsT
t.co/ 		282 B
624 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/EvDMTUiEsT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
Security Headers
Name Value
Content-Security-Policy referrer always;
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,max-age=300
content-encoding
gzip
content-length
201
content-security-policy
referrer always;
content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 18:14:27 GMT
expires
Tue, 12 Dec 2023 18:19:28 GMT
perf
7469935968
referrer-policy
unsafe-url
server
tsa_o
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
fab53308ed1d927b13443646a1cc6cb7723613a965e1a659ace369675c3ea311
x-response-time
116
x-transaction-id
07a504a4919ec5af
x-xss-protection
0
6743588
eptougry.net/4/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://eptougry.net/4/6743588
Requested by
Host: t.co
URL: https://t.co/EvDMTUiEsT
Protocol
HTTP/1.1
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://t.co/EvDMTUiEsT
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
Access-Control-Allow-Methods
GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
* *
Access-Control-Max-Age
86400
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf8
Date
Tue, 12 Dec 2023 18:14:28 GMT
Expires
Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
Link
<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://uponminunan.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
Pragma
no-cache no-cache
Server
nginx
Timing-Allow-Origin
*
Transfer-Encoding
chunked
X-Trace-Id
1789dd682effadba47997d45d31ad9fb
img.gif
my.rtmark.net/ 		43 B
504 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=d52230bdd2d24b27abd674327ba74899
Requested by
Host: eptougry.net
URL: http://eptougry.net/4/6743588
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 18:14:28 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
http://eptougry.net
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
/
uponminunan.com/ 		40 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://uponminunan.com/?s=758503597293183644&ssk=f962a9673e7b3816beca94f47ecd0d67&svar=1702404868&z=6743588&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Requested by
Host: eptougry.net
URL: http://eptougry.net/4/6743588
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.160 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx / PHP/7.4.33
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 12 Dec 2023 18:14:28 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
gid.js
my.rtmark.net/ 		65 B
543 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=0b4e1cb2c0cb28bc6ccdf89323d5ba0a
Requested by
Host: uponminunan.com
URL: https://uponminunan.com/?s=758503597293183644&ssk=f962a9673e7b3816beca94f47ecd0d67&svar=1702404868&z=6743588&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uponminunan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 18:14:28 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://uponminunan.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
micro.tag.min.js
uponminunan.com/pfe/current/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uponminunan.com/pfe/current/micro.tag.min.js?z=4662709&ymid=758503597293183644&var=6743588&sw=/sw-check-permissions/4662709&uhd=1
Requested by
Host: uponminunan.com
URL: https://uponminunan.com/?s=758503597293183644&ssk=f962a9673e7b3816beca94f47ecd0d67&svar=1702404868&z=6743588&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.160 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uponminunan.com/?s=758503597293183644&ssk=f962a9673e7b3816beca94f47ecd0d67&svar=1702404868&z=6743588&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 18:14:28 GMT
content-encoding
br
last-modified
Thu, 23 Nov 2023 20:42:33 GMT
server
nginx
etag
W/"655fb939-697f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
truncated
/ 		327 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
uponminunan.com/19/4662728/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://uponminunan.com/19/4662728/?abt_opts=1&var=6743588&var3=758503597293183644&ymid=&rhd=1
Requested by
Host: uponminunan.com
URL: https://uponminunan.com/?s=758503597293183644&ssk=f962a9673e7b3816beca94f47ecd0d67&svar=1702404868&z=6743588&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.160 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uponminunan.com/?s=758503597293183644&ssk=f962a9673e7b3816beca94f47ecd0d67&svar=1702404868&z=6743588&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 18:14:28 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
br
x-trace-id
b1769c182d28c6f77b14b6abd4d19c26
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT
/
uponminunan.com/ 		2 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://uponminunan.com/?s=758503597293183644&ssk=f962a9673e7b3816beca94f47ecd0d67&svar=1702404868&z=6743588&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&mprtr=1
Requested by
Host: uponminunan.com
URL: https://uponminunan.com/?s=758503597293183644&ssk=f962a9673e7b3816beca94f47ecd0d67&svar=1702404868&z=6743588&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.160 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx / PHP/7.4.33
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uponminunan.com/?s=758503597293183644&ssk=f962a9673e7b3816beca94f47ecd0d67&svar=1702404868&z=6743588&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 18:14:28 GMT
content-encoding
br
server
nginx
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
4662709
uponminunan.com/sw-check-permissions/ 		0
700 B 		Other
General
Check archive.org
Download Go to
Full URL
https://uponminunan.com/sw-check-permissions/4662709?var=6743588&ymid=758503597293183644&uhd=1
Requested by
Host: uponminunan.com
URL: https://uponminunan.com/pfe/current/micro.tag.min.js?z=4662709&ymid=758503597293183644&var=6743588&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.160 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx / PHP/7.4.33
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uponminunan.com/?s=758503597293183644&ssk=f962a9673e7b3816beca94f47ecd0d67&svar=1702404868&z=6743588&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 18:14:28 GMT
content-encoding
br
server
nginx
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
zone
uponminunan.com/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://uponminunan.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=uponminunan.com&var=6743588&ymid=758503597293183644&var_3=&var_4=&dsig=&tg=1&sw=3.1.471&action=prerequest
Requested by
Host: uponminunan.com
URL: https://uponminunan.com/pfe/current/micro.tag.min.js?z=4662709&ymid=758503597293183644&var=6743588&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.160 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uponminunan.com/?s=758503597293183644&ssk=f962a9673e7b3816beca94f47ecd0d67&svar=1702404868&z=6743588&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-trace-id
d5215af8cf51e36c7771e22674ac7491
date
Tue, 12 Dec 2023 18:14:28 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-origin
https://uponminunan.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
rhd
uponminunan.com/ 		0
0
gid.js
my.rtmark.net/ 		65 B
543 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=758503597293183644&var=6743588
Requested by
Host: uponminunan.com
URL: https://uponminunan.com/pfe/current/micro.tag.min.js?z=4662709&ymid=758503597293183644&var=6743588&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uponminunan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 18:14:28 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://uponminunan.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
zone
uponminunan.com/ 		798 B
735 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://uponminunan.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=uponminunan.com&var=6743588&ymid=758503597293183644&var_3=&var_4=&dsig=&tg=1&sw=3.1.471&action=settings
Requested by
Host: uponminunan.com
URL: https://uponminunan.com/pfe/current/micro.tag.min.js?z=4662709&ymid=758503597293183644&var=6743588&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.160 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uponminunan.com/?s=758503597293183644&ssk=f962a9673e7b3816beca94f47ecd0d67&svar=1702404868&z=6743588&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-trace-id
5760d38089185606686fe53288cef0af
date
Tue, 12 Dec 2023 18:14:28 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
br
server
nginx
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
/
uponminunan.com/ 		40 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://uponminunan.com/?s=758503597293183644&ssk=f962a9673e7b3816beca94f47ecd0d67&svar=1702404868&z=6743588&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Requested by
Host: uponminunan.com
URL: https://uponminunan.com/?s=758503597293183644&ssk=f962a9673e7b3816beca94f47ecd0d67&svar=1702404868&z=6743588&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.160 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx / PHP/7.4.33
Resource Hash
75be0291a060f6e6bd84a67a3d0d9486695439074ee5dec2274fae31362f2219

Request headers

Referer
https://uponminunan.com/?s=758503597293183644&ssk=f962a9673e7b3816beca94f47ecd0d67&svar=1702404868&z=6743588&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 12 Dec 2023 18:14:28 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
micro.tag.min.js
uponminunan.com/pfe/current/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uponminunan.com/pfe/current/micro.tag.min.js?z=4662709&ymid=758503597293183644&var=6743588&sw=/sw-check-permissions/4662709&uhd=1
Requested by
Host: uponminunan.com
URL: https://uponminunan.com/?s=758503597293183644&ssk=f962a9673e7b3816beca94f47ecd0d67&svar=1702404868&z=6743588&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.160 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
9fc2aa21f3a7bfe66783d35fdbb48147f73e72a41f87aea848f64a8cb4518eba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uponminunan.com/?s=758503597293183644&ssk=f962a9673e7b3816beca94f47ecd0d67&svar=1702404868&z=6743588&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 18:14:28 GMT
content-encoding
br
last-modified
Thu, 23 Nov 2023 20:42:33 GMT
server
nginx
etag
W/"655fb939-697f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
truncated
/ 		327 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
uponminunan.com/19/4662728/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://uponminunan.com/19/4662728/?abt_opts=1&var=6743588&var3=758503597293183644&ymid=&rhd=1
Requested by
Host: uponminunan.com
URL: https://uponminunan.com/?s=758503597293183644&ssk=f962a9673e7b3816beca94f47ecd0d67&svar=1702404868&z=6743588&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.160 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
eac8d6db07d975fda2a6395b6c66d91c4f426bea703bebe17ab0726cb5a22b39
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uponminunan.com/?s=758503597293183644&ssk=f962a9673e7b3816beca94f47ecd0d67&svar=1702404868&z=6743588&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 18:14:28 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
br
x-trace-id
65f6626bd682ec036c02b0896b9f2f9b
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT
/
uponminunan.com/ 		2 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://uponminunan.com/?s=758503597293183644&ssk=f962a9673e7b3816beca94f47ecd0d67&svar=1702404868&z=6743588&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2&mprtr=1
Requested by
Host: uponminunan.com
URL: https://uponminunan.com/?s=758503597293183644&ssk=f962a9673e7b3816beca94f47ecd0d67&svar=1702404868&z=6743588&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.160 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx / PHP/7.4.33
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uponminunan.com/?s=758503597293183644&ssk=f962a9673e7b3816beca94f47ecd0d67&svar=1702404868&z=6743588&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 18:14:28 GMT
content-encoding
br
server
nginx
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
4662709
uponminunan.com/sw-check-permissions/ 		0
700 B 		Other
General
Check archive.org
Download Go to
Full URL
https://uponminunan.com/sw-check-permissions/4662709?var=6743588&ymid=758503597293183644&uhd=1
Requested by
Host: uponminunan.com
URL: https://uponminunan.com/pfe/current/micro.tag.min.js?z=4662709&ymid=758503597293183644&var=6743588&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.160 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx / PHP/7.4.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uponminunan.com/?s=758503597293183644&ssk=f962a9673e7b3816beca94f47ecd0d67&svar=1702404868&z=6743588&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 18:14:28 GMT
content-encoding
br
server
nginx
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
zone
uponminunan.com/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://uponminunan.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=uponminunan.com&var=6743588&ymid=758503597293183644&var_3=&var_4=&dsig=&tg=1&sw=3.1.471&action=prerequest
Requested by
Host: uponminunan.com
URL: https://uponminunan.com/pfe/current/micro.tag.min.js?z=4662709&ymid=758503597293183644&var=6743588&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.160 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uponminunan.com/?s=758503597293183644&ssk=f962a9673e7b3816beca94f47ecd0d67&svar=1702404868&z=6743588&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-trace-id
0d11280cb68e60db03746bc0905de738
date
Tue, 12 Dec 2023 18:14:28 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-origin
https://uponminunan.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
gid.js
my.rtmark.net/ 		65 B
543 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=758503597293183644&var=6743588
Requested by
Host: uponminunan.com
URL: https://uponminunan.com/pfe/current/micro.tag.min.js?z=4662709&ymid=758503597293183644&var=6743588&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
5b888acae95c45a49a84fae63ff7944f3d606905948de957262ae07fca2dfe61
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uponminunan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 18:14:28 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://uponminunan.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
zone
uponminunan.com/ 		798 B
735 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://uponminunan.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=uponminunan.com&var=6743588&ymid=758503597293183644&var_3=&var_4=&dsig=&tg=1&sw=3.1.471&action=settings
Requested by
Host: uponminunan.com
URL: https://uponminunan.com/pfe/current/micro.tag.min.js?z=4662709&ymid=758503597293183644&var=6743588&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.160 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
2dea812614728023545bdf13b916b4174f0d9c75676aedb98a326692cf6d7745
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uponminunan.com/?s=758503597293183644&ssk=f962a9673e7b3816beca94f47ecd0d67&svar=1702404868&z=6743588&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-trace-id
d589883d42ab0eeb47b2e5d217ecf09d
date
Tue, 12 Dec 2023 18:14:28 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
br
server
nginx
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
rhd
uponminunan.com/ 		3 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://uponminunan.com/rhd?rb=z_52jj4Vd6cBFILaRIeNaXlHejshyX465jG8q9S6j7H3neaGTp5tyvybUeelzkHIkHULp40PwRqgZK9uZHYiJJFMbiBiMLWR0b0Wv5fji_6wp_f7jT1FCZUJqPkzU4h13vvOuDONREf5UzGHR5BEjLhQpV42OOWK1RUJA6YIHwtleVIRL5NEcnKXGNSsS_4oNrT--ZG-Ndr4TAkNziFL8UUrQNsociZexhMxCYDhnEjKTQPIGZKp4l0BAappAGeZEc3aUYuftaLGkleVGRG4rOueIkU-SaCMo06UiT-sPLnop69BWyugq-fP7fYQk8_DuBc0WyW2TLE2L5WCa6bC4hVOfih1rJFm7cRfDNAbVnH7sxtRvDaIR1b23KdrCoZrLeGZpbkfkKo95KsUiZJqvXlebIDvr2tJJyNyBimlH7iAap-OB_B0YMN63QbMv-vr6GN3YluOLtz3IfePsxV57119Rja_YXvnVJiigSIHU1MD1HIjsXapdg%3D%3D&request_ab2=150021&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fuponminunan.com%2F%3Fs%3D758503597293183644%26ssk%3Df962a9673e7b3816beca94f47ecd0d67%26svar%3D1702404868%26z%3D6743588%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26rdc%3D2&drf=https%3A%2F%2Fuponminunan.com%2F%3Fs%3D758503597293183644%26ssk%3Df962a9673e7b3816beca94f47ecd0d67%26svar%3D1702404868%26z%3D6743588%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=6743588&var3=758503597293183644&ymid=&rhd=1&m=link
Requested by
Host: uponminunan.com
URL: https://uponminunan.com/?s=758503597293183644&ssk=f962a9673e7b3816beca94f47ecd0d67&svar=1702404868&z=6743588&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.160 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
f236835a439e434ab33d1773de56270c1729050cc4ab5e005f09badafae4d77e
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uponminunan.com/?s=758503597293183644&ssk=f962a9673e7b3816beca94f47ecd0d67&svar=1702404868&z=6743588&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 18:14:28 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
br
x-trace-id
dbf818e0f03e80678746cbaf7ac46de0
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT
Primary Request /
add-extension-now.com/
Redirect Chain
  • https://ad-blocking24.net/cp4kl7k.php?key=fickwiw7fy7yshltu1k2&visitor_id=758503598224315334&cost=0.003654&zoneid=4662728&campaignid=7744866&bannerid=19839484&subzoneid=0&oaid=0b4e1cb2c0cb28bc6ccdf...
  • https://add-extension-now.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=4662728&cid=5639ffnh93zqevra42&lpkey=17ec...
5 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://add-extension-now.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=4662728&cid=5639ffnh93zqevra42&lpkey=17ec021840fd519469&uclick=fnh93zqevr&uclickhash=fnh93zqevr-fnh93zqevr-8p6o-0-xsa9-8puo-8pfv-13c472
Requested by
Host: uponminunan.com
URL: https://uponminunan.com/?s=758503597293183644&ssk=f962a9673e7b3816beca94f47ecd0d67&svar=1702404868&z=6743588&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9879 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash
a46774fb4b81a9881eafe91ba3d7a158236601bfc1a109ed58b865c270a1a136
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8347f282db094dba-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 18:14:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tWsrxo9QrlMcgO96Rrqxc6ASq3MGoN7H8yrniEPIpPHqkX5ic4ZX2vNw6exvINsK6s%2FbharUeqX1dlC51m654wN26b3mJ6C%2Fw6CdVhG9dAJPQLfJQ2roerMqJLeILrXKkyttOtvt1phwkd%2F4GXBfre7fq6s%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY
x-powered-by
Next.js

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8347f2822b43f15c-CDG
content-type
text/html; charset=UTF-8
date
Tue, 12 Dec 2023 18:14:29 GMT
location
https://add-extension-now.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=4662728&cid=5639ffnh93zqevra42&lpkey=17ec021840fd519469&uclick=fnh93zqevr&uclickhash=fnh93zqevr-fnh93zqevr-8p6o-0-xsa9-8puo-8pfv-13c472
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NdByI2zdr9Nr%2F0WSe9MLkEwSZBIwtwv7fhSovTvEx9p7yurKb6By8%2F8rC%2FYr3K9HzbvR3EM7UQFgDgCevuXdP659TgvbZ7HWWB%2FIyTdgy4qMzLkEKMdJCFHWprcrvxQRxdlATdJcUi%2Fgb%2BPATqnmRA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
cat.php
uponminunan.com/ 		0
573 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://uponminunan.com/cat.php?userId=0b4e1cb2c0cb28bc6ccdf89323d5ba0a&zoneid=4662728&rb=z_52jj4Vd6cBFILaRIeNaXlHejshyX465jG8q9S6j7H3neaGTp5tyvybUeelzkHIkHULp40PwRqgZK9uZHYiJJFMbiBiMLWR0b0Wv5fji_6wp_f7jT1FCZUJqPkzU4h13vvOuDONREf5UzGHR5BEjLhQpV42OOWK1RUJA6YIHwtleVIRL5NEcnKXGNSsS_4oNrT--ZG-Ndr4TAkNziFL8UUrQNsociZexhMxCYDhnEjKTQPIGZKp4l0BAappAGeZEc3aUYuftaLGkleVGRG4rOueIkU-SaCMo06UiT-sPLnop69BWyugq-fP7fYQk8_DuBc0WyW2TLE2L5WCa6bC4hVOfih1rJFm7cRfDNAbVnH7sxtRvDaIR1b23KdrCoZrLeGZpbkfkKo95KsUiZJqvXlebIDvr2tJJyNyBimlH7iAap-OB_B0YMN63QbMv-vr6GN3YluOLtz3IfePsxV57119Rja_YXvnVJiigSIHU1MD1HIjsXapdg==&var=6743588&var3=758503597293183644&ymid=&rhd=1
Requested by
Host: uponminunan.com
URL: https://uponminunan.com/?s=758503597293183644&ssk=f962a9673e7b3816beca94f47ecd0d67&svar=1702404868&z=6743588&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.160 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://uponminunan.com/?s=758503597293183644&ssk=f962a9673e7b3816beca94f47ecd0d67&svar=1702404868&z=6743588&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 12 Dec 2023 18:14:29 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-length
0
x-trace-id
9ad370f3fe58302af45deb3de74ff413
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://uponminunan.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT
js
www.googletagmanager.com/gtag/ 		235 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-D9B6K7HFTW
Requested by
Host: add-extension-now.com
URL: https://add-extension-now.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=4662728&cid=5639ffnh93zqevra42&lpkey=17ec021840fd519469&uclick=fnh93zqevr&uclickhash=fnh93zqevr-fnh93zqevr-8p6o-0-xsa9-8puo-8pfv-13c472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cebcac0531f03155e3049bfb0754982845b71797ec99a922f8881cfe3c76d3dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://add-extension-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 18:14:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84130
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 12 Dec 2023 18:14:29 GMT
8c3dd651469c9787e366b6d88eb7fa51.js
euob.thatmonkeybites3.com/sxp/i/ 		100 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://euob.thatmonkeybites3.com/sxp/i/8c3dd651469c9787e366b6d88eb7fa51.js
Requested by
Host: add-extension-now.com
URL: https://add-extension-now.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=4662728&cid=5639ffnh93zqevra42&lpkey=17ec021840fd519469&uclick=fnh93zqevr&uclickhash=fnh93zqevr-fnh93zqevr-8p6o-0-xsa9-8puo-8pfv-13c472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e8:7200:12:b121:9c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Caddy /
Resource Hash
bb78d54ae56a50e8f444358105d2b5799afd2232dedce7c61f3f7f84fa728a3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://add-extension-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 14:51:05 GMT
content-encoding
gzip
via
1.1 117b54f007fbf40fc2a4bbbd8e88fc20.cloudfront.net (CloudFront)
server
Caddy
x-amz-cf-pop
TXL52-C1
age
12206
etag
"18e67-C2H+Ndn3d7vNwbeY1CRVaRHqO54"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=43200
content-length
37263
x-amz-cf-id
Z_8YMCH7QXenat8MuWYS1tt6XyNHrtRZfujSgWJ-T9Gmdw1ZUaJtYw==
expires
Wed, 13 Dec 2023 02:51:03 GMT
c879c4b6ff58f45e.css
add-extension-now.com/_next/static/css/ 		38 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://add-extension-now.com/_next/static/css/c879c4b6ff58f45e.css
Requested by
Host: add-extension-now.com
URL: https://add-extension-now.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=4662728&cid=5639ffnh93zqevra42&lpkey=17ec021840fd519469&uclick=fnh93zqevr&uclickhash=fnh93zqevr-fnh93zqevr-8p6o-0-xsa9-8puo-8pfv-13c472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9879 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a72a4416ab7ea2d4cf58e920dd3575742c779d18ce1bde99f8dbfcfa4b73f3bf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://add-extension-now.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=4662728&cid=5639ffnh93zqevra42&lpkey=17ec021840fd519469&uclick=fnh93zqevr&uclickhash=fnh93zqevr-fnh93zqevr-8p6o-0-xsa9-8puo-8pfv-13c472
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 18:14:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
115715
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 07 Dec 2023 14:55:13 GMT
server
cloudflare
etag
W/"98b9-18c44c6923e"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BSaC2B%2Fv0I6o9HcdkfUjsDu70XGbixlJjKNNF4sFYfo4tnLV25G0iaLY5IaJK3qMTVHzi0EktPeRDtTJroQwxSWmMHwpAcceEXAgD%2BjZjjPbBLGPBKuBUhg0VqnfyozYXfCHcs4lHUxrW1Uku%2FJRny%2BAnYQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8347f2831b794dba-FRA
a85a315e20706270.css
add-extension-now.com/_next/static/css/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://add-extension-now.com/_next/static/css/a85a315e20706270.css
Requested by
Host: add-extension-now.com
URL: https://add-extension-now.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=4662728&cid=5639ffnh93zqevra42&lpkey=17ec021840fd519469&uclick=fnh93zqevr&uclickhash=fnh93zqevr-fnh93zqevr-8p6o-0-xsa9-8puo-8pfv-13c472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9879 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6a09e57f0c6c676e88d3ee2bec7cc52863854fc8029270852cfcbe5d55278a2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://add-extension-now.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=4662728&cid=5639ffnh93zqevra42&lpkey=17ec021840fd519469&uclick=fnh93zqevr&uclickhash=fnh93zqevr-fnh93zqevr-8p6o-0-xsa9-8puo-8pfv-13c472
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 18:14:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
115715
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 07 Dec 2023 14:55:13 GMT
server
cloudflare
etag
W/"42a0-18c44c6923e"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hFIOZ0fNss5QdgMi8%2FRQLFMuWjKbiVLawH7j6RRVjX3ovAvghKVPBbBQcyuH%2BLvqgcg2UYB5tI02hYmr6li1f0iLC1FUptFM5hlvcIH6T9WADXsncX0Z5O7TJ2a8bNVGbvSsCUPJ7JL9oVjO9VRYJTbL%2BG4%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8347f2831b7d4dba-FRA
928-b002b5bdc2ecfb3e.js
add-extension-now.com/_next/static/chunks/ 		56 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://add-extension-now.com/_next/static/chunks/928-b002b5bdc2ecfb3e.js
Requested by
Host: add-extension-now.com
URL: https://add-extension-now.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=4662728&cid=5639ffnh93zqevra42&lpkey=17ec021840fd519469&uclick=fnh93zqevr&uclickhash=fnh93zqevr-fnh93zqevr-8p6o-0-xsa9-8puo-8pfv-13c472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9879 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b78b743f668adfa0c2dad4df5f96e5db8d9740499540df1bd7a804b8a4db829
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://add-extension-now.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=4662728&cid=5639ffnh93zqevra42&lpkey=17ec021840fd519469&uclick=fnh93zqevr&uclickhash=fnh93zqevr-fnh93zqevr-8p6o-0-xsa9-8puo-8pfv-13c472
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 18:14:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
115715
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 07 Dec 2023 14:55:13 GMT
server
cloudflare
etag
W/"e0e3-18c44c6923e"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uMYoGpBq7OIt4Ypqh%2FhKE7g0ryIDThfao9MO6HuA5taBaY%2FeVMgvYReGM%2B%2FUGEnw8QU3O5%2BOE2ys77x%2Boqq6USvUoVla1Onk0Rvg%2FRUW5Gzenk66Lo2jccnenViwtE107eWU328BRKrPhftPO4omjj2wFyA%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8347f2831b8c4dba-FRA
2.944cae28dafd6244.js
add-extension-now.com/_next/static/chunks/ 		69 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://add-extension-now.com/_next/static/chunks/2.944cae28dafd6244.js
Requested by
Host: add-extension-now.com
URL: https://add-extension-now.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=4662728&cid=5639ffnh93zqevra42&lpkey=17ec021840fd519469&uclick=fnh93zqevr&uclickhash=fnh93zqevr-fnh93zqevr-8p6o-0-xsa9-8puo-8pfv-13c472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9879 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a40498f2332ad081b1a5ad52455487c1db238fa9bb44275fd875ede527909814
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://add-extension-now.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=4662728&cid=5639ffnh93zqevra42&lpkey=17ec021840fd519469&uclick=fnh93zqevr&uclickhash=fnh93zqevr-fnh93zqevr-8p6o-0-xsa9-8puo-8pfv-13c472
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 18:14:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
115715
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 07 Dec 2023 14:55:13 GMT
server
cloudflare
etag
W/"114b7-18c44c6923a"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DoT3sVycpARuXV6aCqaffoyOOXJAXOAWrdDT%2FBju7IXg7vFimqnSAM2Xi7Fg5QbFSpvD0QRTNTckAcvhnWJtkO%2F3dKn9JPEu9bNSptJBk2K7TFwzkUEB9%2FMpbRc7SI%2FY11B%2FIAK1SbcAKkNKraEcb2IrR3s%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8347f2831b8f4dba-FRA
webpack-da099db999a5dd31.js
add-extension-now.com/_next/static/chunks/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://add-extension-now.com/_next/static/chunks/webpack-da099db999a5dd31.js
Requested by
Host: add-extension-now.com
URL: https://add-extension-now.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=4662728&cid=5639ffnh93zqevra42&lpkey=17ec021840fd519469&uclick=fnh93zqevr&uclickhash=fnh93zqevr-fnh93zqevr-8p6o-0-xsa9-8puo-8pfv-13c472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9879 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17e6f1da31e1a591bc82ad05c1e16dfb26c58aed8af1df4925d80564a60f8359
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://add-extension-now.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=4662728&cid=5639ffnh93zqevra42&lpkey=17ec021840fd519469&uclick=fnh93zqevr&uclickhash=fnh93zqevr-fnh93zqevr-8p6o-0-xsa9-8puo-8pfv-13c472
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 18:14:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
115715
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 07 Dec 2023 14:55:13 GMT
server
cloudflare
etag
W/"162d-18c44c6923a"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BwxxlD6DHu9hEYH9X%2BRZPzJUQK6sZ3STMQ2BpMctE3UQgZFnr41%2B560AAY437Ftpu2HDSLLjnqoCvGkGz3eno38zLkgtqK4DGeu%2BHe2nsAv4W%2BB8Cp1KwuVqinpAXAWqSIfSvyIleU3RgRiE1Vlap7424mo%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8347f2831b904dba-FRA
framework-2c79e2a64abdb08b.js
add-extension-now.com/_next/static/chunks/ 		138 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://add-extension-now.com/_next/static/chunks/framework-2c79e2a64abdb08b.js
Requested by
Host: add-extension-now.com
URL: https://add-extension-now.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=4662728&cid=5639ffnh93zqevra42&lpkey=17ec021840fd519469&uclick=fnh93zqevr&uclickhash=fnh93zqevr-fnh93zqevr-8p6o-0-xsa9-8puo-8pfv-13c472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9879 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2ae26ff518d9519afd2a3dc277d84e098458e6b6b85fa9548cda2bed24435e7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://add-extension-now.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=4662728&cid=5639ffnh93zqevra42&lpkey=17ec021840fd519469&uclick=fnh93zqevr&uclickhash=fnh93zqevr-fnh93zqevr-8p6o-0-xsa9-8puo-8pfv-13c472
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 18:14:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
115715
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 07 Dec 2023 14:55:13 GMT
server
cloudflare
etag
W/"226fc-18c44c6923a"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a7EfAjUIgeSiDgV3%2F4BexoPyCzOtu5lL2s5WlTaG4LQW61hjs7%2BOf%2Bvc8bgqdUCga%2BsUaPOscGUv0cBuTHHH7rH5eqgI08qGGf2i%2BAlWjQG8sZrs5Z21cVrQz3e1UDjDgifPtxpcxosum2147pIQI%2BMb3A0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8347f2831b914dba-FRA
main-a0dca5a2ff5035f1.js
add-extension-now.com/_next/static/chunks/ 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://add-extension-now.com/_next/static/chunks/main-a0dca5a2ff5035f1.js
Requested by
Host: add-extension-now.com
URL: https://add-extension-now.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=4662728&cid=5639ffnh93zqevra42&lpkey=17ec021840fd519469&uclick=fnh93zqevr&uclickhash=fnh93zqevr-fnh93zqevr-8p6o-0-xsa9-8puo-8pfv-13c472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9879 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b3b7c9705ecbf8632f614da7fa876ed266ce03e7ee3dc21a2cb6c32bd64e0c2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://add-extension-now.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=4662728&cid=5639ffnh93zqevra42&lpkey=17ec021840fd519469&uclick=fnh93zqevr&uclickhash=fnh93zqevr-fnh93zqevr-8p6o-0-xsa9-8puo-8pfv-13c472
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 18:14:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
115715
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 07 Dec 2023 14:55:13 GMT
server
cloudflare
etag
W/"15cfe-18c44c6923a"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VijJsSsCd%2FJhCOEr%2BMYy0KtZkbv%2FuxUfEkUUTavQVKLuvDcj%2BDo4fKIABz5RA88iKYmjsjdeA6B5YyjKIbiBif5DOxLavHp9Wkd1dJSURX7Ny%2Ba93v2SxTltOnjwrqu%2Ft%2F7kL0nvT%2Bb9Mm4p8s81ClhzahE%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8347f2831b954dba-FRA
_app-c624ed1cd7465c06.js
add-extension-now.com/_next/static/chunks/pages/ 		65 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://add-extension-now.com/_next/static/chunks/pages/_app-c624ed1cd7465c06.js
Requested by
Host: add-extension-now.com
URL: https://add-extension-now.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=4662728&cid=5639ffnh93zqevra42&lpkey=17ec021840fd519469&uclick=fnh93zqevr&uclickhash=fnh93zqevr-fnh93zqevr-8p6o-0-xsa9-8puo-8pfv-13c472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9879 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65b43dd6c779cd6456b05b135399b22acc72cb50f75dd64f9b657db5c5f568ab
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://add-extension-now.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=4662728&cid=5639ffnh93zqevra42&lpkey=17ec021840fd519469&uclick=fnh93zqevr&uclickhash=fnh93zqevr-fnh93zqevr-8p6o-0-xsa9-8puo-8pfv-13c472
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 18:14:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
115715
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 07 Dec 2023 14:55:13 GMT
server
cloudflare
etag
W/"1032b-18c44c6923a"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FwUbMVcP8q3pRR4uJ6%2Bo6H9ptrdCBm18smWQ08L%2Bm28dch%2FkWUwTp4kyKgTW7VWgqnXQWTn4axBeLvcnDA5FEjvHlEilABxKrI6IpEXxVXEsX2OtgPTyPdO49yk%2FDqJd21FOrg2uAuF4E2K1nYhN9b6swI0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8347f2831b974dba-FRA
index-38eb391d7d485452.js
add-extension-now.com/_next/static/chunks/pages/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://add-extension-now.com/_next/static/chunks/pages/index-38eb391d7d485452.js
Requested by
Host: add-extension-now.com
URL: https://add-extension-now.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=4662728&cid=5639ffnh93zqevra42&lpkey=17ec021840fd519469&uclick=fnh93zqevr&uclickhash=fnh93zqevr-fnh93zqevr-8p6o-0-xsa9-8puo-8pfv-13c472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9879 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb8f13c3efd897cfa71a51732762b2ba618d70a42a79917ae58847375cc777a9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://add-extension-now.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=4662728&cid=5639ffnh93zqevra42&lpkey=17ec021840fd519469&uclick=fnh93zqevr&uclickhash=fnh93zqevr-fnh93zqevr-8p6o-0-xsa9-8puo-8pfv-13c472
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 18:14:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
115715
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 07 Dec 2023 14:55:13 GMT
server
cloudflare
etag
W/"2649-18c44c6923a"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q3zKrJRzgr2PHd%2FPoTCIsQV90CaQ60Edvy0RgL99%2Bnf7Mv3RgNP6ZTF8HztHv8039z1jhOtJXClnJDL83WgJ0Hfg54wUQEL36e992VaMYgBVNMNgg8UL26F0I3E12quZ1Y0hrQ7anPsNy0Qh9HBKrqdXcEc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8347f2831b994dba-FRA
_buildManifest.js
add-extension-now.com/_next/static/cXSVYdc_RosEVSCK23lC_/ 		997 B
836 B 		Script
General
Check archive.org
Download Go to
Full URL
https://add-extension-now.com/_next/static/cXSVYdc_RosEVSCK23lC_/_buildManifest.js
Requested by
Host: add-extension-now.com
URL: https://add-extension-now.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=4662728&cid=5639ffnh93zqevra42&lpkey=17ec021840fd519469&uclick=fnh93zqevr&uclickhash=fnh93zqevr-fnh93zqevr-8p6o-0-xsa9-8puo-8pfv-13c472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9879 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c29b59e4699b04707b785e5d41a3a961721c25ef09846d3efec7bbfe91fbf160
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://add-extension-now.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=4662728&cid=5639ffnh93zqevra42&lpkey=17ec021840fd519469&uclick=fnh93zqevr&uclickhash=fnh93zqevr-fnh93zqevr-8p6o-0-xsa9-8puo-8pfv-13c472
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 18:14:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
219528
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 07 Dec 2023 14:55:13 GMT
server
cloudflare
etag
W/"3e5-18c44c6923e"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jypzwB65FjD%2B%2Ftpq0JiolIQkzlxjd0FgOEfVluRqSFHoH0w7kFiRAaMtque6TARrwdpcM9dvKGThQC6nfFOWO2jYhQM1DSpNWeysYdGhUjEfDQ0fEtx%2BX9EoWyc4OaaythirKGzjE%2FdHAwwddr2UPGRdToQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8347f2831b9d4dba-FRA
_ssgManifest.js
add-extension-now.com/_next/static/cXSVYdc_RosEVSCK23lC_/ 		77 B
393 B 		Script
General
Check archive.org
Download Go to
Full URL
https://add-extension-now.com/_next/static/cXSVYdc_RosEVSCK23lC_/_ssgManifest.js
Requested by
Host: add-extension-now.com
URL: https://add-extension-now.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=4662728&cid=5639ffnh93zqevra42&lpkey=17ec021840fd519469&uclick=fnh93zqevr&uclickhash=fnh93zqevr-fnh93zqevr-8p6o-0-xsa9-8puo-8pfv-13c472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9879 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://add-extension-now.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=4662728&cid=5639ffnh93zqevra42&lpkey=17ec021840fd519469&uclick=fnh93zqevr&uclickhash=fnh93zqevr-fnh93zqevr-8p6o-0-xsa9-8puo-8pfv-13c472
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 18:14:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
115715
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 07 Dec 2023 14:55:13 GMT
server
cloudflare
etag
W/"4d-18c44c6923e"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ga610iuNXB3Cbtgwtk1tYFHcmBbQmJIvmnqy371f4KzsOdDlMIgzEC6ILmQuqUZjG%2FTx5Yd0iHCZtVRSVt9%2BVpHp%2F%2BunA%2Bmlj%2FNAsGs1yDcpO4XU1FU3DmATZFEWToDN9dDCT%2FIxoniFxvGN25mO5HbWz2Q%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8347f2832baf4dba-FRA
icon.svg
add-extension-now.com/images/promo-images/salmon/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://add-extension-now.com/images/promo-images/salmon/icon.svg
Requested by
Host: add-extension-now.com
URL: https://add-extension-now.com/_next/static/css/a85a315e20706270.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:9879 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed9c06d28b4aab2e9425dd9e64248d3d5e5d8c2036129164d2e2e3a925fa3afa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://add-extension-now.com/_next/static/css/a85a315e20706270.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 18:14:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 07 Dec 2023 14:55:00 GMT
server
cloudflare
etag
W/"c75-18c44c65dce"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L2ad8MNTjN00U2V3rzRBfJ0MWLOT8DphvveJ%2FQO4O1yZ8vTro3LS%2BNW0vh32wfhR1zk2iRpHYmU0SqSdEyZ6P%2FJHBG00CXMhXlddnCGUJ1zHYsosYo6bVPM%2F8hjw0rAr1vP2qsuf%2BYiHPhr9myTBc6edKc4%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
8347f2834e572c39-FRA
available-in-chrome.svg
add-extension-now.com/images/browser-icons/ 		21 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://add-extension-now.com/images/browser-icons/available-in-chrome.svg
Requested by
Host: add-extension-now.com
URL: https://add-extension-now.com/_next/static/css/c879c4b6ff58f45e.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:9879 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
724121ec42efc03e19ee936460fb1270c3b90b3ebf1ff940191e0a32e4504caa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://add-extension-now.com/_next/static/css/c879c4b6ff58f45e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 18:14:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 07 Dec 2023 14:55:00 GMT
server
cloudflare
etag
W/"5287-18c44c65dae"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2F%2Ffvkl1WRH1RaeOTQajNURPTbOCoRVCBIdyphA8LdD4nWnfM8NyeK0fYhsj5nens4Xr9uIjNQ20q37RWy9OVaicqJfKK4ZPOM8YW3m5JXapyFP8K5O7fa%2Bhk7GTbUmrVXAc9XIJlaCDTzjTggVxspr9iMU%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
8347f2834e582c39-FRA
cp4kl7k.php
ad-blocking24.net/ 		0
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-blocking24.net/cp4kl7k.php?add_event6=1&uclick=fnh93zqevr
Requested by
Host: add-extension-now.com
URL: https://add-extension-now.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=4662728&cid=5639ffnh93zqevra42&lpkey=17ec021840fd519469&uclick=fnh93zqevr&uclickhash=fnh93zqevr-fnh93zqevr-8p6o-0-xsa9-8puo-8pfv-13c472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://add-extension-now.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=4662728&cid=5639ffnh93zqevra42&lpkey=17ec021840fd519469&uclick=fnh93zqevr&uclickhash=fnh93zqevr-fnh93zqevr-8p6o-0-xsa9-8puo-8pfv-13c472
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 18:14:29 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j1UJQef5ZAPbwFa4T6YLf%2B5r%2BAdBdpRdUIOCzj3vV6e5b7zPqVUKAQYLSCXomWY1NZt%2FC5EANiipQMAaCbqtf3grXcRDz0ChCB5RiuqhHQOQQltkt8cm9Q1e%2Bw2OEXBp%2B%2BcLwBtkok%2Bc6i36gDx%2F4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
8347f283cd64f15c-CDG
alt-svc
h3=":443"; ma=86400
ct
obseu.thatmonkeybites3.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://obseu.thatmonkeybites3.com/ct?id=46468&url=https%3A%2F%2Fadd-extension-now.com%2F%3Fextension%3Dytube_adskipper%26promo%3Dsalmon%26big%3Dnone%26clk_domain%3Dad-blocking24.net%26flow%3Dbinom%26campaignId%3D10557%26trafficsource%3D3%26src%3D4662728%26cid%3D5639ffnh93zqevra42%26lpkey%3D17ec021840fd519469%26uclick%3Dfnh93zqevr%26uclickhash%3Dfnh93zqevr-fnh93zqevr-8p6o-0-xsa9-8puo-8pfv-13c472&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1702404869780&hl=26&op=0&ag=144935025&rand=138227681067186020701192289086586366723086189783908618629275142061195002769620716298&fs=1600x1200&fst=1600x1200&np=win32&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDUzNjhdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbFwiLFwidlwiOlwiaW50ZWwgaW5jLlwiLFwiclwiOlwiaW50ZWwgaXJpcyBvcGVuZ2wgZW5naW5lXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wIChvcGVuZ2wgZXMgZ2xzbCBlcyAxLjAgY2hyb21pdW0pXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjAgKG9wZW5nbCBlcyAyLjAgY2hyb21pdW0pXCIsXCJndmVuXCI6XCJ3ZWJraXRcIixcImJlblwiOjQsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjozNjk4NTE4NzEwLFwic2VjXCI6XCJcIn0iXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVlKSB7XG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAgICAgICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAgICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAgICAgICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAgIH0pXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAgIH1dIl0sWyJjYiIsIjAsMCwwLDAsMCwwLDAsMCwwLDIsMCwwLDQsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMTAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsNCwwLDAsMCwwLDAsMCwwLDIsMCJdLFstMSwiLSJdLFstMiwiNSxlQUhXWDEvZjNxekN2Ymt1eW1Rd2dsSWFGM3BFc1JFRVRwb1ZkRlZCUVFwUmNSQkZTS0lJZ2lSSXIwS2hKUnFwU0F0Q0FrUUhwSXp5YmJYcG1aci81L2Q5NmJ6Y3VTQVBKL0d0Il0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJtaGpmYm1kZ2NmamJicGFlb2pvZm9ob2VmZ2llaGphaVwiLFwiaW50ZXJuYWwtbmFjbC1wbHVnaW5cIl0iXSxbLTQsIi0iXSxbLTUsIi0iXSxbLTYsIi0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIisiXSxbLTEwLCItIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W119Il0sWy0xMiwibnVsbCJdLFstMTMsIi0iXSxbLTE0LCItIl0sWy0xNSwiLSJdLFstMTYsIjAiXSxbLTE3LCI0Il0sWy0xOCwiWzAsMCwwLDFdIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAwLDAsMCwwLDAsXCItXCIsXCItXCIsMTYwMCwxMjAwXSJdLFstMjAsIi0iXSxbLTIxLCItIl0sWy0yMiwiW1wiblwiLFwiblwiXSJdLFstMjMsIisiXSxbLTI0LCJbXSJdLFstMjUsIi0iXSxbLTI2LCJ7XCJ0amhzXCI6MTE5MDAwMDAsXCJ1amhzXCI6MTAwMDAwMDAsXCJqaHNsXCI6Mzc2MDAwMDAwMH0iXSxbLTI3LCJbMCwxMCwwLFwiNGdcIixudWxsXSJdLFstMjgsImVuLVVTLGVuIl0sWy0yOSwiLSJdLFstMzAsIltcInZcIiwwXSJdLFstMzEsImZhbHNlIl0sWy0zMiwiLSJdLFstMzMsIi0iXSxbLTM0LCItIl0sWy0zNSwiWzE3MDI0MDQ4Njk3NTQsLTFdIl0sWy0zNiwiW1wiNC8zXCIsXCI0LzNcIl0iXSxbLTM3LCItMTQ0LTY2LTE4MC0iXSxbLTM4LCJpLC0xLC0xLDEyMywwLDEwLDAsMCwzMSwzMiwtMSwwLDI0My40LDI0My40LDM0NiwzNDciXSxbLTM5LCJbXCIyMDAzMDEwN1wiLDQsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixudWxsLG51bGwsdHJ1ZSw4LGZhbHNlLG51bGwsMyxmYWxzZSx0cnVlLG51bGwsMCx0cnVlLHRydWVdIl0sWy00MCwiMzMiXSxbLTQxLCItIl0sWy00MiwiMTcyNDI5NzY1MyJdLFstNDMsIjAwMDAwMDAxMDEwMDAwMDEwMDExMTAxMTAwMTAxMTAxMDAwMDAxIl0sWy00NCwiMCwwLDAsNSJdLFstNDUsIjYyMCw2NzcsMCwwLDAsNTYyLDAsMCw2NDgsMCwwLDAsMCwwLDAsMCwwLDAsMCw2ODQsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAiXSxbLTQ2LCIwIl0sWy00NywiRXVyb3BlL0Jlcmxpbixlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWy01MCwiLSJdLFstNTEsIi0iXSxbLTUyLCItIl0sWy01MywiMTAwIl0sWy01NCwiLSJdLFstNTUsIjIiXSxbLTU2LCJsYW5kc2NhcGUtcHJpbWFyeSJdLFstNTcsIldFMFpWMXhPY1ZoWFhWVmNTeGNGV2xaVVNVeE5YRjBIR1dKWVNobFlTVWxWUUdRWkVWeFBXRlVaV0UwWkJWaFhWbGRBVkZaTVNnY1pFUU1PQXdnTUNRNElBUkFWR1FWWVYxWlhRRlJXVEVvSEF3Z0JBd29KRUJWWVRSbDRTMHRZUUJkY1hCa1JVVTFOU1VvREZoWmNURlpiRjAxUldFMVVWbGRTWEVCYlVFMWNTZ29YV2xaVUZrcEJTUlpRRmdGYUNsMWREd3dJRFE4QVdnQU9BUTVjQ2c4UFd3OWRBUUZjV3c1ZldBd0lGMU5LQXdnRER3OEpBUTBRRlZoTkdVMFhYRUZKVmt0TlNoa1JVVTFOU1VvREZoWmNURlpiRjAxUldFMVVWbGRTWEVCYlVFMWNTZ29YV2xaVUZrcEJTUlpRRmdGYUNsMWREd3dJRFE4QVdnQU9BUT09Il0sWy01OCwiLSJdLFstNTksImRlZmF1bHQiXSxbLTYwLDIyMl0sWy02MSwie1wid2dzbFwiOlwiMDtcIixcInBjZlwiOlwiYmdyYTh1bm9ybVwifSJdLFstNjIsIjgwIl0sWy02MywiMCJdLFstNjQsIlswLFwiXCIsW11dIl0sWy02NSwiLSJdLFstNjYsImdlb2xvY2F0aW9uLHN0b3JhZ2VhY2Nlc3MsZ2FtZXBhZCxjaGVjdCxtaWRpLGRpc3BsYXljYXB0dXJlLHVzYixsb2NhbGZvbnRzLHBpY3R1cmVpbnBpY3R1cmUscHVibGlja2V5Y3JlZGVudGlhbHNnZXQsb3RwY3JlZGVudGlhbHMsY2h1YWZvcm1mYWN0b3IsZW5jcnlwdGVkbWVkaWEsY2hzYXZlZGF0YSxjaHVhZnVsbHZlcnNpb25saXN0LGNodWF3b3c2NCxjaGRvd25saW5rLGNocHJlZmVyc2NvbG9yc2NoZW1lLHN5bmN4aHIsY2h1YW1vZGVsLGNocHJlZmVyc3JlZHVjZWR0cmFuc3BhcmVuY3ksc2VyaWFsLGNhbWVyYSxjaHByZWZlcnNyZWR1Y2VkbW90aW9uLHByaXZhdGVzdGF0ZXRva2VuaXNzdWFuY2UsaWRlbnRpdHljcmVkZW50aWFsc2dldCxjaHVhZnVsbHZlcnNpb24sZnVsbHNjcmVlbixjaGRwcix1bmxvYWQsa2V5Ym9hcmRtYXAsY2h1YXBsYXRmb3JtLGd5cm9zY29wZSxjaHVhbW9iaWxlLHdpbmRvd21hbmFnZW1lbnQsY2h1YSxtYWduZXRvbWV0ZXIsYWNjZWxlcm9tZXRlcixwcml2YXRlc3RhdGV0b2tlbnJlZGVtcHRpb24sY2h1YWFyY2gseHJzcGF0aWFsdHJhY2tpbmcsaWRsZWRldGVjdGlvbixjaHVhcGxhdGZvcm12ZXJzaW9uLGNod2lkdGgsY2xpcGJvYXJkcmVhZCxjaHZpZXdwb3J0d2lkdGgscGF5bWVudCxjaHZpZXdwb3J0aGVpZ2h0LGNocnR0LGF1dG9wbGF5LGNyb3Nzb3JpZ2luaXNvbGF0ZWQsaGlkLGNodWFiaXRuZXNzLHNjcmVlbndha2Vsb2NrLGNsaXBib2FyZHdyaXRlLGNoZGV2aWNlbWVtb3J5LG1pY3JvcGhvbmUiXSxbLTY3LCIyNTMyMzEyODg4OjEzIl0sWyJkZGIiLCIwLDUsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwxLDAsNCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMywwLDEsMCwwLDAsMCwxMyJdLFsiYm5jaCIsNTZdLFsiYWJuY2giLDU2XV0%3D&dep=0&pre=0&sdd=%7B%7D&cri=9u7mtScm0E&pto=372&ver=57&gac=-&mei=&ap=&fe=1&duid=1.1702404869.NLIX2oy1Tgf41LYk&suid=1.1702404869.LbQDEB51KgGibwcN&tuid=1.1702404869.KSauyU5Iph88Lgmq&fbc=-&gtm=W10%3D&it=20%2C199%2C93&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=
Requested by
Host: euob.thatmonkeybites3.com
URL: https://euob.thatmonkeybites3.com/sxp/i/8c3dd651469c9787e366b6d88eb7fa51.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a05:d018:56f:b800:f42c:e894:1fb0:3740 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5b997a21f4efb90fbcbdc4f6d7d3751f943503d6388fd80d87e53b532e3aac6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://add-extension-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
text/javascript
pragma
no-cache
date
Tue, 12 Dec 2023 18:14:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1542
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-D9B6K7HFTW&gtm=45je3bt0v9138996702&_p=1702404869611&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1482839590.1702404870&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702404869&sct=1&seg=0&dl=https%3A%2F%2Fadd-extension-now.com%2F%3Fextension%3Dytube_adskipper%26promo%3Dsalmon%26big%3Dnone%26clk_domain%3Dad-blocking24.net%26flow%3Dbinom%26campaignId%3D10557%26trafficsource%3D3%26src%3D4662728%26cid%3D5639ffnh93zqevra42%26lpkey%3D17ec021840fd519469%26uclick%3Dfnh93zqevr%26uclickhash%3Dfnh93zqevr-fnh93zqevr-8p6o-0-xsa9-8puo-8pfv-13c472&dt=YTube%20AdSkipper&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=499
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D9B6K7HFTW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://add-extension-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 18:14:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://add-extension-now.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tc_imp.gif
obseu.thatmonkeybites3.com/tracker/ 		43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obseu.thatmonkeybites3.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126aecc335ee4f8c949225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5a17896b2f17071a10acf9f29f674d81d18c0e786913fc7b75028e39de36c1026507259500540932525cc0ed6a1e77be26bb25cb43e2916af05165ad5f2f7a1bda53ec40f4c1d7de3cbb2807ff7ecaa8556d8e0e3143714493d60266a060b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c4b92177af998ffe4198b6dec06c213f85e162ae7d133722b325f817c99ec59b058609fc6e359143e3dd385293e88864c06513c157a77bb9e70392652b48d1c2ad7f4ec3ee3b8192d4079b4a7a7948677a0dbde53e2489b592e019cbecbf7af2b95dfe57594351ccdeb8b795904fd736aac941d64bdd1fb268852fc17bb844b9047cb9e2ec43c64979f728b6498d3e9e193fdbd4c38fc2eb6bdf2294d26f9913f82be50eb0102419457459a8185ce8efb9f26cf26c195b88437e2716e78857524d9c9965431d7e462a00cebcc568060af7a7f4852dd3fb41fcec0be3baa9735c811b89edfd5688355006df65b4b5f73457983ad6dbd78d2c18827ae923afe9663da8ce4ff7484bce20f303284ee4800dfb9044f5df4e7ee39f92cc9bb01afb177e522d9659852d411d2af2a835876b2f8cb357c602541795e5114bca2ce3fdf06b1434c442bf0a21c86cc1509f8bbd6ecea329ae4e7b6c7ade9b31a4b3eed1bc6ed0c278e42624e84635f7064f27bf9221cc3e2c56583769276d7f27f96b55bc72306226a432955ded6a188602206c14014d68bd4edee925a06d4f1e83bd4d2252580db117628acd79b4b29f721da429f07ab7cca1bc6c053bde52feadbde94854661bce43c61906ab4d9e5b91c9d70265450c52b1c0ea3a95c8ce508d8ca89c246b9f2952f1c6555b43cb717ef04a08b6d8a200174176f3f3db4189c8b2147a57d93ffe73fcb9c15d93577ef512f3e83fa8f5b1cb726a4ca498559230a58e2293090f8861b970e6bc4c16af5cdd7ed9d50c64f037066ae2e700cd8e9584eb02efaecdd3fcd8ffe04367dbe77260902d30a53ee9af21b13967e72d09e9b5ccadcbbd34421bd39a71a6c56cd523e79d5d4185c88d0e3caffb413e326bb6fd525c18f1ed9ecf82b37ec9a5dc39ebeb2c0efcbcc34428ce139489a3f920a9542fce52ba8cdc5c96cb386d5fbfa5a6695e1e6fd41dd49895216611574d7913936df6df640d48a36a81745fe7f0a8b69e79c7566a4797116459ef0d8298ddd573c073b55b8dd82f3934cc143bfad4e57cd900a1a4804306d2de931b2e57a50fea5d4c5e0aea0a5a2b37a8381ff6d2f7c3c350273341ad9704514e7f7a8ad23ffc7784394974bac95528791cbce95f3cb7fb7509024f757ef8ca4cabf2a2e88c297ae2b3b4974d4e3f3ec2d42e5ca5b6d1eb67df2712d4f9912b23d8c0f7ace781498c2e4b387c792e4c26b8407dad43cd5eca1c737a7dfed79478082cb62ef35b597cc5f6b8ec4278ec9772aae1e1bfe194c7c157eb4d3705be5176a6377c330e0def97f53af324f5f3d8ab9b4fa37da&cri=9u7mtScm0E&ts=134&cb=1702404869914
Requested by
Host: add-extension-now.com
URL: https://add-extension-now.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=4662728&cid=5639ffnh93zqevra42&lpkey=17ec021840fd519469&uclick=fnh93zqevr&uclickhash=fnh93zqevr-fnh93zqevr-8p6o-0-xsa9-8puo-8pfv-13c472
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a05:d018:56f:b800:f42c:e894:1fb0:3740 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://add-extension-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
date
Tue, 12 Dec 2023 18:14:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
ef6d4136-5abc-4efe-a245-efe8ca8f99a3
https://add-extension-now.com/ 		261 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://add-extension-now.com/ef6d4136-5abc-4efe-a245-efe8ca8f99a3
Requested by
Host: add-extension-now.com
URL: https://add-extension-now.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=4662728&cid=5639ffnh93zqevra42&lpkey=17ec021840fd519469&uclick=fnh93zqevr&uclickhash=fnh93zqevr-fnh93zqevr-8p6o-0-xsa9-8puo-8pfv-13c472
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d0f7651011e01f23b3d92d97ef0148c2d79e318db3cf78bc4f0dd7c3ad87c2cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length
261
Content-Type
9e30fc5f-8487-4041-9527-5c58ea177415
https://add-extension-now.com/ 		529 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://add-extension-now.com/9e30fc5f-8487-4041-9527-5c58ea177415
Requested by
Host: add-extension-now.com
URL: https://add-extension-now.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=4662728&cid=5639ffnh93zqevra42&lpkey=17ec021840fd519469&uclick=fnh93zqevr&uclickhash=fnh93zqevr-fnh93zqevr-8p6o-0-xsa9-8puo-8pfv-13c472
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0efb4b1c8f6464dbcda85532d1e86e7dc8f0457241765569c9bdb81e834802a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length
529
Content-Type
mon
obseu.thatmonkeybites3.com/ 		0
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://obseu.thatmonkeybites3.com/mon
Requested by
Host: euob.thatmonkeybites3.com
URL: https://euob.thatmonkeybites3.com/sxp/i/8c3dd651469c9787e366b6d88eb7fa51.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a05:d018:56f:b800:f42c:e894:1fb0:3740 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://add-extension-now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://add-extension-now.com
date
Tue, 12 Dec 2023 18:14:30 GMT
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
mon
obseu.thatmonkeybites3.com/ 		0
39 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://obseu.thatmonkeybites3.com/mon
Requested by
Host: euob.thatmonkeybites3.com
URL: https://euob.thatmonkeybites3.com/sxp/i/8c3dd651469c9787e366b6d88eb7fa51.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a05:d018:56f:b800:f42c:e894:1fb0:3740 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://add-extension-now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://add-extension-now.com
date
Tue, 12 Dec 2023 18:14:32 GMT
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
uponminunan.com
URL
https://uponminunan.com/rhd?rb=oH9p7WgLAhajf77mpY_x3L3QDA9Xwm8j28XSN2iZuFRnZsvCog0TbZXSb1BgOtFq3r_qksSXslpC2DVMj0vZieDtFLAH5Y1sxyGR0xo8OuV6Oi1d6rakOi1BurnC4SIPzC75oa1oxVOATzIFa-VD3REhv0WxyWtxGakXAO-iRnUSPhcLkeRGNCbfyZuFJWC5aKkyYAu6tTxXW76vD46bJroqI2N4KmaxFA4n1WHFQ7fonP_tUOfkBAMReJWpwARC5KLiY-x9IwruhhH6xCr_HdrGnku2jSgcQw165MTVdVQvCncc6kd6t5oy6u8LSkSyfaBunvf4Fc7dMyC_4aSS5-pVY2-XWTNdbsMPY8kMeHFCr6dsTuC_xUkGFaRQwMljh57RDLjB9pvv3NAF3VCex01irnDzGlO35UT5dIFmJLTAcPddJsvKxhI_oBf079ue1oYTLFpY3lr_0BWLQT8AydlUa8mlp2OQngSG9D7UuWZVOHqG&request_ab2=150021&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fuponminunan.com%2F%3Fs%3D758503597293183644%26ssk%3Df962a9673e7b3816beca94f47ecd0d67%26svar%3D1702404868%26z%3D6743588%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=6743588&var3=758503597293183644&ymid=&rhd=1&m=link

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture function| gtag object| dataLayer object| webpackChunk_N_E function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E function| __NEXT_PRELOADREADY object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST function| __ctcg_ct_46468_exec object| google_tag_manager object| google_tag_data object| gaGlobal object| _cq

28 Cookies

Domain/Path Name / Value
.t.co/ Name: muc
Value: 2f7e59b4-0fd6-4d82-a7a5-ef1dd48ad9e1
eptougry.net/ Name: OAID
Value: d52230bdd2d24b27abd674327ba74899
eptougry.net/ Name: oaidts
Value: 1702404868
my.rtmark.net/ Name: ID
Value: d52230bdd2d24b27abd674327ba74899
uponminunan.com/ Name: oaidts
Value: 1702404868
uponminunan.com/ Name: syncedCookie
Value: true
uponminunan.com/ Name: OAID
Value: 0b4e1cb2c0cb28bc6ccdf89323d5ba0a
uponminunan.com/ Name: prefetchAd_4662728
Value: true
uponminunan.com/ Name: reverse
Value: UNd3lWRsc-m94FOHFPlquKiL-vhE96LtUjpO8r0zwx4
ad-blocking24.net/ Name: uclick
Value: fnh93zqevr
ad-blocking24.net/ Name: uclickhash
Value: fnh93zqevr-fnh93zqevr-8p6o-0-xsa9-8puo-8pfv-13c472
.add-extension-now.com/ Name: extension
Value: ytube_adskipper
.add-extension-now.com/ Name: promo
Value: salmon
.add-extension-now.com/ Name: big
Value: none
.add-extension-now.com/ Name: clk_domain
Value: ad-blocking24.net
.add-extension-now.com/ Name: flow
Value: binom
.add-extension-now.com/ Name: campaignId
Value: 10557
.add-extension-now.com/ Name: trafficsource
Value: 3
.add-extension-now.com/ Name: src
Value: 4662728
.add-extension-now.com/ Name: cid
Value: 5639ffnh93zqevra42
.add-extension-now.com/ Name: lpkey
Value: 17ec021840fd519469
.add-extension-now.com/ Name: uclick
Value: fnh93zqevr
.add-extension-now.com/ Name: uclickhash
Value: fnh93zqevr-fnh93zqevr-8p6o-0-xsa9-8puo-8pfv-13c472
.add-extension-now.com/ Name: _cq_duid
Value: 1.1702404869.NLIX2oy1Tgf41LYk
.add-extension-now.com/ Name: _cq_suid
Value: 1.1702404869.LbQDEB51KgGibwcN
obseu.thatmonkeybites3.com/ Name: cg_uuid
Value: 43b59df82326921d66e266bdf7f36c1a
.add-extension-now.com/ Name: _ga_D9B6K7HFTW
Value: GS1.1.1702404869.1.0.1702404869.0.0.0
.add-extension-now.com/ Name: _ga
Value: GA1.1.1482839590.1702404870

2 Console Messages

Source Level URL
Text
security error URL: https://t.co/EvDMTUiEsT
Message:
Unrecognized Content-Security-Policy directive 'referrer'.
worker verbose URL: blob:https://add-extension-now.com/ef6d4136-5abc-4efe-a245-efe8ca8f99a3(Line 1)
Message:
Error

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy referrer always;
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-blocking24.net
add-extension-now.com
eptougry.net
euob.thatmonkeybites3.com
my.rtmark.net
obseu.thatmonkeybites3.com
region1.google-analytics.com
t.co
uponminunan.com
www.googletagmanager.com
uponminunan.com
104.244.42.133
139.45.195.8
139.45.197.160
139.45.197.245
2001:4860:4802:32::36
2600:9000:20e8:7200:12:b121:9c80:93a1
2606:4700:3032::6815:7c7
2606:4700:3035::ac43:9879
2a00:1450:4001:82b::2008
2a05:d018:56f:b800:f42c:e894:1fb0:3740
0efb4b1c8f6464dbcda85532d1e86e7dc8f0457241765569c9bdb81e834802a8
17e6f1da31e1a591bc82ad05c1e16dfb26c58aed8af1df4925d80564a60f8359
2dea812614728023545bdf13b916b4174f0d9c75676aedb98a326692cf6d7745
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc
5b3b7c9705ecbf8632f614da7fa876ed266ce03e7ee3dc21a2cb6c32bd64e0c2
5b888acae95c45a49a84fae63ff7944f3d606905948de957262ae07fca2dfe61
5b997a21f4efb90fbcbdc4f6d7d3751f943503d6388fd80d87e53b532e3aac6f
65b43dd6c779cd6456b05b135399b22acc72cb50f75dd64f9b657db5c5f568ab
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
724121ec42efc03e19ee936460fb1270c3b90b3ebf1ff940191e0a32e4504caa
75be0291a060f6e6bd84a67a3d0d9486695439074ee5dec2274fae31362f2219
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9b78b743f668adfa0c2dad4df5f96e5db8d9740499540df1bd7a804b8a4db829
9fc2aa21f3a7bfe66783d35fdbb48147f73e72a41f87aea848f64a8cb4518eba
a40498f2332ad081b1a5ad52455487c1db238fa9bb44275fd875ede527909814
a46774fb4b81a9881eafe91ba3d7a158236601bfc1a109ed58b865c270a1a136
a6a09e57f0c6c676e88d3ee2bec7cc52863854fc8029270852cfcbe5d55278a2
a72a4416ab7ea2d4cf58e920dd3575742c779d18ce1bde99f8dbfcfa4b73f3bf
bb78d54ae56a50e8f444358105d2b5799afd2232dedce7c61f3f7f84fa728a3f
c29b59e4699b04707b785e5d41a3a961721c25ef09846d3efec7bbfe91fbf160
cb8f13c3efd897cfa71a51732762b2ba618d70a42a79917ae58847375cc777a9
cebcac0531f03155e3049bfb0754982845b71797ec99a922f8881cfe3c76d3dc
d0f7651011e01f23b3d92d97ef0148c2d79e318db3cf78bc4f0dd7c3ad87c2cb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eac8d6db07d975fda2a6395b6c66d91c4f426bea703bebe17ab0726cb5a22b39
ed9c06d28b4aab2e9425dd9e64248d3d5e5d8c2036129164d2e2e3a925fa3afa
f236835a439e434ab33d1773de56270c1729050cc4ab5e005f09badafae4d77e
f2ae26ff518d9519afd2a3dc277d84e098458e6b6b85fa9548cda2bed24435e7