urlscan.io logo urlscan.io
SecurityTrails logo

newtabthemebuilder.com Open in urlscan Pro
2606:4700:3036::ac43:d15c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://newtabthemebuilder.com/
Effective URL: https://newtabthemebuilder.com/
Submission: On April 08 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 4 countries across 13 domains to perform 37 HTTP transactions. The main IP is 2606:4700:3036::ac43:d15c, located in United States and belongs to CLOUDFLARENET, US. The main domain is newtabthemebuilder.com.
TLS certificate: Issued by GTS CA 1P5 on March 6th 2024. Valid for: 3 months.
This is the only time newtabthemebuilder.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
9 172.67.209.92 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 139.45.197.243 9002 (RETN-AS)
4 139.45.197.237 9002 (RETN-AS)
1 2001:4860:480... 15169 (GOOGLE)
1 99.86.4.9 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
9 2a02:26f0:e30... 20940 (AKAMAI-ASN1)
1 139.45.195.8 9002 (RETN-AS)
2 99.86.4.122 16509 (AMAZON-02)
1 172.67.193.52 13335 (CLOUDFLAR...)
1 139.45.195.254 9002 (RETN-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
37 15
1    2606:4700:3036::ac43:d15c (United States)

ASN13335 (CLOUDFLARENET, US)
newtabthemebuilder.com
9    172.67.209.92 (United States)

ASN13335 (CLOUDFLARENET, US)
newtabthemebuilder.com
1    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    139.45.197.243 (United Kingdom)

ASN9002 (RETN-AS, GB)
augailou.com
4    139.45.197.237 (United Kingdom)

ASN9002 (RETN-AS, GB)
outsliggooa.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    99.86.4.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-9.fra6.r.cloudfront.net
js.stripe.com
1    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
9    2a02:26f0:e300:286::3114 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
store-images.s-microsoft.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
2    99.86.4.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-122.fra6.r.cloudfront.net
js.stripe.com
1    172.67.193.52 (United States)

ASN13335 (CLOUDFLARENET, US)
tzegilo.com
1    139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)
fleraprt.com
1    2606:4700:10::6816:21ac (United States)

ASN13335 (CLOUDFLARENET, US)
offerimage.com
Apex Domain
Subdomains		 Transfer
10 newtabthemebuilder.com
newtabthemebuilder.com
880 KB
9 s-microsoft.com
store-images.s-microsoft.com — Cisco Umbrella Rank: 4246
452 KB
4 outsliggooa.com
outsliggooa.com — Cisco Umbrella Rank: 356616
34 KB
3 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1297
148 KB
3 augailou.com
augailou.com — Cisco Umbrella Rank: 551532
30 KB
1 offerimage.com
offerimage.com — Cisco Umbrella Rank: 42529
28 KB
1 fleraprt.com
fleraprt.com — Cisco Umbrella Rank: 25850
492 B
1 tzegilo.com
tzegilo.com — Cisco Umbrella Rank: 27102
8 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 13449
549 B
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 54
2 MB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2709
259 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
84 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 866
7 KB
37 13
Domain Requested by
10 newtabthemebuilder.com newtabthemebuilder.com
static.cloudflareinsights.com
9 store-images.s-microsoft.com
4 outsliggooa.com newtabthemebuilder.com
outsliggooa.com
3 js.stripe.com newtabthemebuilder.com
js.stripe.com
3 augailou.com newtabthemebuilder.com
augailou.com
1 offerimage.com
1 fleraprt.com tzegilo.com
1 tzegilo.com outsliggooa.com
1 my.rtmark.net augailou.com
1 lh3.googleusercontent.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com newtabthemebuilder.com
1 static.cloudflareinsights.com newtabthemebuilder.com
37 13

This site contains links to these domains. Also see Links.

Domain
chromewebstore.google.com
microsoftedge.microsoft.com
www.instagram.com
Subject Issuer Validity Valid
newtabthemebuilder.com
GTS CA 1P5		 2024-03-06 -
2024-06-04		 3 months crt.sh
cloudflareinsights.com
GTS CA 1P5		 2024-03-10 -
2024-06-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
augailou.com
R3		 2024-04-05 -
2024-07-04		 3 months crt.sh
outsliggooa.com
R3		 2024-02-05 -
2024-05-05		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-02-07 -
2024-05-09		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
store-images.microsoft.com
Microsoft Azure TLS Issuing CA 01		 2023-10-31 -
2024-06-27		 8 months crt.sh
rtmark.net
R3		 2024-03-02 -
2024-05-31		 3 months crt.sh
tzegilo.com
GTS CA 1P5		 2024-03-30 -
2024-06-28		 3 months crt.sh
fleraprt.com
Sectigo RSA Domain Validation Secure Server CA		 2024-01-09 -
2025-01-13		 a year crt.sh
offerimage.com
GTS CA 1P5		 2024-04-05 -
2024-07-04		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://newtabthemebuilder.com/
Frame ID: 126A5528CBB3339C4229277BA8113690
Requests: 34 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 9052CEC30C6F884F8C10C97F07B3EF7B
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-d93f8329bb25d07840c8372140aebe20.html
Frame ID: A47FA5B9043FEE50CE03D2A94B3B9255
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

New Tab Theme Builder | Custom Browser Extension Builder

Page URL History Show full URLs

  1. http://newtabthemebuilder.com/ HTTP 307
    https://newtabthemebuilder.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

37
Requests

100 %
HTTPS

47 %
IPv6

13
Domains

13
Subdomains

15
IPs

4
Countries

3404 kB
Transfer

7536 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://newtabthemebuilder.com/ HTTP 307
    https://newtabthemebuilder.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
newtabthemebuilder.com/
Redirect Chain
  • http://newtabthemebuilder.com/
  • https://newtabthemebuilder.com/
199 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newtabthemebuilder.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:d15c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9949e94b907874317bf7ae6d0153ffb5d691bc5c585b7a3e024f43e11ef4a77
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-cache-status
DYNAMIC
cf-ray
87104b335d5a698f-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 08 Apr 2024 06:45:18 GMT
last-modified
Sun, 10 Mar 2024 07:02:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nxl4YujgzZy9KOyv7N9Tm%2FwX2K4p9GIFebxwgPll8U%2FwcvRqzXmVBySfWOz3G7oIDzJto44rUM2w6fRWSEojgNjPNB%2Fb7IFHkH5DaTRvq8QXGrMTBODftqo7e1hiJUOORlKOWN6fvDN8H511XXwaSurQAGYq"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-served-by
cache-fra-eddf8230089-FRA
x-timer
S1712558718.993086,VS0,VE1

Redirect headers

Location
https://newtabthemebuilder.com/
Non-Authoritative-Reason
HttpsUpgrades
index-8e1a892c.css
newtabthemebuilder.com/assets/ 		285 B
784 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newtabthemebuilder.com/assets/index-8e1a892c.css
Requested by
Host: newtabthemebuilder.com
URL: https://newtabthemebuilder.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.209.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e1a892c7012a493186cd352e13018ebcf840b90685fcad0acb9334f2b753e76
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newtabthemebuilder.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 06:45:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
HIT
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230036-FRA
last-modified
Sun, 10 Mar 2024 07:02:13 GMT
server
cloudflare
x-timer
S1712284548.271850,VS0,VE1
etag
W/"1b61c89ac71048fbbd09a9ad61202dd9d04907bc694ea881557dfbaaff67f595-br"
vary
x-fh-requested-host, accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R6yvQ5rz11n8Mwr2HM4UETcdmggm%2BxfL1POXThwE8hODwumwA2WaDMu0D26JUP4jxETPG0YaANvMf0QTwHUmVy5Gh%2BAwGuIfjl%2BS%2BYNncQq%2BbhRoNFozVyditCfQFK3f3U6RKl5%2F5ye7"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=2678400
cf-ray
87104b33fd3ad6f2-CDG
priority
u=0,i=?0
x-cache-hits
1
rocket-loader.min.js
newtabthemebuilder.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newtabthemebuilder.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: newtabthemebuilder.com
URL: https://newtabthemebuilder.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.209.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newtabthemebuilder.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 06:45:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Wed, 03 Apr 2024 10:34:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
gzip
etag
W/"660d30bb-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ABr9JfQ25OB6nL1lv9kWn%2FZX0VrJMNQSGoOfJXhgDzshIvLqV%2FGu5EHW7P0wM4L%2ByK15XepdF09aVEF0YNZCNtt9BYkLVLjhcXoYNd7VcF94KYMwN4Vns64yMXxe%2F35IPkzU%2B2G5XIeC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
87104b33fd3bd6f2-CDG
expires
Wed, 10 Apr 2024 06:45:18 GMT
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: newtabthemebuilder.com
URL: https://newtabthemebuilder.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newtabthemebuilder.com/
Origin
https://newtabthemebuilder.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 06:45:18 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
87104b35288492c6-FRA
/
newtabthemebuilder.com/ 		0
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://newtabthemebuilder.com/
Requested by
Host: newtabthemebuilder.com
URL: https://newtabthemebuilder.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.209.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newtabthemebuilder.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 06:45:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
HIT
alt-svc
h3=":443"; ma=86400
x-served-by
cache-par-lfpg1960098-PAR
last-modified
Sun, 10 Mar 2024 07:02:13 GMT
server
cloudflare
x-timer
S1712558718.171772,VS0,VE1
vary
x-fh-requested-host, accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3WamAu7imsqOKGwxvNtBgaUqI%2Bi2zUhz0OlJ4OZ6j0eVutHNFYZ85Jgc6wrUk4t8rpFrTHUsl1WrXNXKre4N4Dbqp%2B3GLPhPctKvPSooHwWq6CCHKIv24mrhHfzVLNVJoQYNyJdTfV%2F2"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
max-age=3600
cf-ray
87104b347d94d6f2-CDG
priority
u=1,i
x-cache-hits
0
/
newtabthemebuilder.com/ 		0
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://newtabthemebuilder.com/
Requested by
Host: newtabthemebuilder.com
URL: https://newtabthemebuilder.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.209.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newtabthemebuilder.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 06:45:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
HIT
alt-svc
h3=":443"; ma=86400
x-served-by
cache-par-lfpg1960098-PAR
last-modified
Sun, 10 Mar 2024 07:02:13 GMT
server
cloudflare
x-timer
S1712558718.189624,VS0,VE1
vary
x-fh-requested-host, accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yji%2BO5AT1jTgTrP%2BR0SQXAzKTlybYhTlELhFcwkYSSYv1ht6ipZZDgx%2B8aeFzfrSFNqFOMIAKf2tWExkTxY7wzOI5Pgs8rthyH%2BdiK4fFE2zsmEK6MJDj9EcTpF%2BDHCBIvwuQGPsHhYU"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
max-age=3600
cf-ray
87104b34adb3d6f2-CDG
priority
u=1,i
x-cache-hits
1
index-1205f8ff.js
newtabthemebuilder.com/assets/ 		830 KB
239 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newtabthemebuilder.com/assets/index-1205f8ff.js
Requested by
Host: newtabthemebuilder.com
URL: https://newtabthemebuilder.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.209.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0384aeb65d5780aac9949b9a86113b2192ba124366ee32a4a3953ecc80756d0c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newtabthemebuilder.com/
Origin
https://newtabthemebuilder.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 06:45:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
HIT
alt-svc
h3=":443"; ma=86400
x-served-by
cache-mad2200112-MAD
last-modified
Sun, 10 Mar 2024 07:02:13 GMT
server
cloudflare
x-timer
S1710185356.903390,VS0,VE2
etag
W/"2ad4bb2f9d62ed2c6a7af3101255d670b632385173f20fdd8c371531680f2aae-br"
vary
x-fh-requested-host, accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DZAurw3rYydGKeN73%2F5HVmLn1ty1En9t2eYqus5JOHnhqc4jp%2FQpbQdQFwWsKZKDTSoGOW1ZuNt65GstcHuZ3dT0iqkJLRdJ9H06DGK4z%2FgoaSsgIlTXMR6Q05KBFH%2FOBa0bJzi29lYW"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
max-age=2678400
cf-ray
87104b34adc4d6f2-CDG
priority
u=1,i=?0
x-cache-hits
1
js
www.googletagmanager.com/gtag/ 		235 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-18YX80RBHB
Requested by
Host: newtabthemebuilder.com
URL: https://newtabthemebuilder.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d71da11c93707a57ab249009b0b72f876a4bb7c9547d582b894facaf1cc3675d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newtabthemebuilder.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 06:45:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85870
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 08 Apr 2024 06:45:18 GMT
/
augailou.com/5/6397897/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://augailou.com/5/6397897/?oo=1&aab=1
Requested by
Host: newtabthemebuilder.com
URL: https://newtabthemebuilder.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
08a291fb43f3f49c25b928dcea552e0f4e3a27fed58808b916cef19b3948c962

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newtabthemebuilder.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 06:45:18 GMT
content-encoding
gzip
x-trace-id
c797cfc2e52ead8352ab0e3a65014786
pragma
no-cache, no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newtabthemebuilder.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
tag.min.js
augailou.com/ 		79 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://augailou.com/tag.min.js
Requested by
Host: newtabthemebuilder.com
URL: https://newtabthemebuilder.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
0949ee583224b20c78d9d5b71b4844bc8f12d87dd7b10a9bd906bcc518ec044c
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newtabthemebuilder.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 06:45:18 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=1
content-length
25268
x-trace-id
ad1c53dcfabccea8f34d0dde55d31d4e
pragma
no-cache
last-modified
Sun, 07 Apr 2024 12:01:18 GMT
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires
Tue, 11 Jan 1994 10:00:00 GMT
6397913
outsliggooa.com/400/ 		79 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://outsliggooa.com/400/6397913
Requested by
Host: newtabthemebuilder.com
URL: https://newtabthemebuilder.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
017ed2c5acf20cc31a26cd2679802c71e2ab302b4a35c1a4bc2d743494586296
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newtabthemebuilder.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 06:45:18 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
6a2dad5b6b8d64dcf4142dd347e718b9
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
vary
Origin
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
NewTabThemeBuilderIcon.png
newtabthemebuilder.com/ 		4 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://newtabthemebuilder.com/NewTabThemeBuilderIcon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.209.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eaf64a18a5a6576913bd572f8385e9ae615b4643a02e0fefe18a7f963365c18
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newtabthemebuilder.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 06:45:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
4590
x-served-by
cache-mad22078-MAD
last-modified
Sun, 10 Mar 2024 07:02:13 GMT
server
cloudflare
x-timer
S1712056463.436073,VS0,VE1
etag
"1f3a47e400b39b5d3862f31720dedf9a6d1645ddc7c3c8476fcd6a18982a7d2f"
vary
x-fh-requested-host, accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3vRrIwk5vSNtr%2FpSWcxVRz6AswvOym3NTG7InRc2H6a8ziVqHw2ZanXvDpCiMX8AzezmH0x2EJwPgFzuDLDW8HbwG0TcqT5B3BfGvzR0MBDoOZHSVLx6hQGobNPu1Q%2FrDh52cqMViP3J"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
87104b35cebed6f2-CDG
priority
u=1,i
x-cache-hits
1
collect
region1.google-analytics.com/g/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-18YX80RBHB&gtm=45je4430v9116284122za200&_p=1712558718333&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=447611952.1712558718&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712558718&sct=1&seg=0&dl=https%3A%2F%2Fnewtabthemebuilder.com%2F&dt=New%20Tab%20Theme%20Builder%20%7C%20Custom%20Browser%20Extension%20Builder&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=580
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-18YX80RBHB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newtabthemebuilder.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 08 Apr 2024 06:45:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newtabthemebuilder.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v3
js.stripe.com/ 		600 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: newtabthemebuilder.com
URL: https://newtabthemebuilder.com/assets/index-1205f8ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3f9871a0d24a272e40b58b0230c9be1c6625882e90fb4279019665153d3a6d9f
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newtabthemebuilder.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 06:44:23 GMT
content-encoding
br
via
1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
57
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Fri, 05 Apr 2024 20:49:48 GMT
server
Cloudfront
etag
W/"0d5df4c39af8369a262b49dd2dea34a9"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
RLjxx4OnHU13eiHxHgSoDpLSXlAme5OqkNzwB3-Ikh2Bx7VJOTVNWQ==
Edge.json
newtabthemebuilder.com/ 		3 MB
590 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://newtabthemebuilder.com/Edge.json
Requested by
Host: newtabthemebuilder.com
URL: https://newtabthemebuilder.com/assets/index-1205f8ff.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.209.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15181fe4e31e60f52d39e6d6419a4d77c169ca0ab12752c5bbe759a4cd99704c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newtabthemebuilder.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 06:45:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
HIT
alt-svc
h3=":443"; ma=86400
x-served-by
cache-par-lfpg1960098-PAR
last-modified
Sun, 10 Mar 2024 07:02:13 GMT
server
cloudflare
x-timer
S1712558719.754004,VS0,VE1
etag
W/"4ed8399c542a529a4c65ee68b53f2ec6d87856ed2ca7e5e6c3cba78dad68db05-br"
vary
x-fh-requested-host, accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VZi8twEF%2FhrJ2bnD5d5r4x4%2Fpm1IY5859eHzkkkn9xW%2FgRlLvEMj3R%2BRrwP9HjH32zMzU%2FLWTFeCN0jwzYos%2B7AgxINnl7cAkDO3q8wMDOk8FSLMBlGIcnePSAQR5weyeJ16BIC2nnKU"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
max-age=3600
cf-ray
87104b38294fd6f2-CDG
priority
u=1,i
x-cache-hits
0
NewTabThemeBuilderIcon.png
newtabthemebuilder.com/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newtabthemebuilder.com/NewTabThemeBuilderIcon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.209.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eaf64a18a5a6576913bd572f8385e9ae615b4643a02e0fefe18a7f963365c18
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newtabthemebuilder.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 06:45:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
4590
x-served-by
cache-mad22078-MAD
last-modified
Sun, 10 Mar 2024 07:02:13 GMT
server
cloudflare
x-timer
S1712056463.436073,VS0,VE1
etag
"1f3a47e400b39b5d3862f31720dedf9a6d1645ddc7c3c8476fcd6a18982a7d2f"
vary
x-fh-requested-host, accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BuNhCZ835EPr2qANpovDR6eFJHJ8ecNUsvVF0%2FMlfMRpK36Lx%2FYFnK%2FBsv0aSuZBc1rGMGleGb77nfWYipZH5O54IwszhuejPmbIW0IccR2hKZ%2B7Zbsv5ZUEhe7AJGc61u%2BhE2nM9zwR"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
87104b382958d6f2-CDG
priority
u=3,i
x-cache-hits
1
lWmnlK8f8THNXUKR5bubgueYr6CG7NMPIBbGRzLfwz6epaPYcbKI8anLJNS1o77r4oOEbsYJCGu_GMxgeSTKoidCCQ=s1280-w1280-h800
lh3.googleusercontent.com/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/lWmnlK8f8THNXUKR5bubgueYr6CG7NMPIBbGRzLfwz6epaPYcbKI8anLJNS1o77r4oOEbsYJCGu_GMxgeSTKoidCCQ=s1280-w1280-h800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7cdbefeb29f7165880cc90c120346c0c0be204fdf4292112ed758c22c5b43aae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newtabthemebuilder.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 03:50:55 GMT
x-content-type-options
nosniff
age
10463
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1770998
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 09 Apr 2024 03:50:55 GMT
apps.58410.11b5b296-f2e4-4493-bd13-d593d3ceb121.928997b1-e188-49e9-bc09-c58b7aa6d350.12836321-8fa5-4d7c-b599-d4626d8cf765
store-images.s-microsoft.com/image/ 		152 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://store-images.s-microsoft.com/image/apps.58410.11b5b296-f2e4-4493-bd13-d593d3ceb121.928997b1-e188-49e9-bc09-c58b7aa6d350.12836321-8fa5-4d7c-b599-d4626d8cf765
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300:286::3114 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
064bab10d893f96a48430a2fb10e9243d475389fc06c02978cc5b768c5865770

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newtabthemebuilder.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 08 Apr 2024 06:45:18 GMT
Last-Modified
Thu, 10 Aug 2023 16:54:21 GMT
ETag
W/"gEDUIDB4OERCOTlDMjcxQzkyNDVB"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
MS-CV
Cache-Control
public, max-age=7776000, s-maxage=7776000
Connection
keep-alive
Accept-Ranges
none
MS-CV
0PIAJ8jb9USAimxh.0
Content-Length
155424
apps.14694.50af041a-6c0d-46ca-9b85-a8d7bb2e9463.b84ec2a2-9655-4535-89dc-56dfa57426bd.1ab00ea0-534e-49cb-9cc7-322645b0d5f5
store-images.s-microsoft.com/image/ 		131 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://store-images.s-microsoft.com/image/apps.14694.50af041a-6c0d-46ca-9b85-a8d7bb2e9463.b84ec2a2-9655-4535-89dc-56dfa57426bd.1ab00ea0-534e-49cb-9cc7-322645b0d5f5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300:286::3114 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
156ef6c6e3f2fed24299a7827f35289a23acd0a80201cab0b719ea4c4966a266

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newtabthemebuilder.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 08 Apr 2024 06:45:18 GMT
Last-Modified
Thu, 11 May 2023 05:42:54 GMT
ETag
W/"gEDUIDB4OERCNTFFMjkxMUMwRTY0"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
MS-CV
Cache-Control
public, max-age=7776000, s-maxage=7776000
Connection
keep-alive
Accept-Ranges
none
MS-CV
UeXeFjqpUkiBLvVA.0
Content-Length
134475
rum
newtabthemebuilder.com/cdn-cgi/ 		0
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://newtabthemebuilder.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.209.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://newtabthemebuilder.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Mon, 08 Apr 2024 06:45:18 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://newtabthemebuilder.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
87104b383964d6f2-CDG
gid.js
my.rtmark.net/ 		65 B
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=008038270f6f4e92e7943ebc15d2fefd
Requested by
Host: augailou.com
URL: https://augailou.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
1a5413d6b2bd530bae9a209a7906137afe8f613743b811cda6c6454884c0d4ea
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newtabthemebuilder.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 06:45:18 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://newtabthemebuilder.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 9052 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-122.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newtabthemebuilder.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2140
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 08 Apr 2024 06:10:55 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 29 Mar 2024 21:24:14 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
x-amz-cf-id
xeFkMHAA-OBmiSaimPn7XGR2jkYN-ejgfh7s9dz0P4ewU8VNtjMGhw==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
controller-with-preconnect-d93f8329bb25d07840c8372140aebe20.html
js.stripe.com/v3/ Frame A47F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-with-preconnect-d93f8329bb25d07840c8372140aebe20.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-122.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newtabthemebuilder.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
8
cache-control
max-age=60, stale-while-revalidate=900
content-length
391
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 08 Apr 2024 06:45:17 GMT
etag
"d93f8329bb25d07840c8372140aebe20"
last-modified
Fri, 05 Apr 2024 20:11:32 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
x-amz-cf-id
206pHQRhL_0ZVJMnyxpx5ZLQPLE-VPo7vqUyGJZIzpWPS24S2pTWIQ==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
6397913
outsliggooa.com/400/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://outsliggooa.com/400/6397913?oo=1&oaid=008038270f6f4e92e7943ebc15d2fefd&sw_version=v1.333.0
Requested by
Host: outsliggooa.com
URL: https://outsliggooa.com/400/6397913
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
8aa9f52057d332ed8279d51aaa25954de8ade44b38a329530d15a2b981e30b6d
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newtabthemebuilder.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 06:45:19 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
ed8172dde8d14f5587e736c1183084dc
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
vary
Origin
content-type
application/json
access-control-allow-origin
https://newtabthemebuilder.com
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
/
augailou.com/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://augailou.com/?rb=TJ334Q1j3yDgxbyYylqD5hPptZtdL2r0ABt1yMbiG5ZUPI2JAUTYsGfsxAVSy0LuWt7Bz4KTqHbhB36Tp1B3V1FaMiELYdatvhzF7ERsNB2IfyXbV7ATXGXnBucYMy4O7pA2RWEytr0CG95CPV6mGqjiEEKQ_71VUE9rY0vODPgnTlLFB0MGizlkPcHqMPhY1UjJsQc3xgOQ5dxltLHJovQYyfXkBR2Od3yJOyZ7wlHfxjJhcEf6Qim2pQEGdc2BR1aKJVyxPWX2-cuIZ2alzi7ES_Lp8eo-DSeUdlF9zyYEc8agooEgOKBpM7nCFZ4yfU-jTET9UU2grkot&request_ab2=0&zoneid=6397897&js_build=iclick-v1.762.5-auto&jsp=1&fs=0&cf=0&sw=800&sh=600&wih=1113&wiw=1600&ww=1600&wh=1200&sah=600&wx=770&wy=570&cw=1600&wfc=2&pl=https%3A%2F%2Fnewtabthemebuilder.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&btz=Europe%2FBerlin&bto=-120&wgl=Intel%20Iris%20OpenGL%20Engine&js_build=iclick-v1.762.5-auto&navlng=en-US&pnt=0&pnrc=0&wasm=-1&bs=d3a05b95-7610-4506-aeac-e9f10fe45a6d&userId=008038270f6f4e92e7943ebc15d2fefd&os=win32&os_version=10.0.0&is_mobile=false&browser_version=123.0.6312.105&m=link
Requested by
Host: augailou.com
URL: https://augailou.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
b025c5cf30ec913c2c1b9c4290562ee3542f1b40806d62162c5933140a259052
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newtabthemebuilder.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 06:45:19 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
939ae52d1c2c73bcfcbab27f160ec4a7
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newtabthemebuilder.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires
Tue, 11 Jan 1994 10:00:00 GMT
stattag.js
tzegilo.com/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tzegilo.com/stattag.js
Requested by
Host: outsliggooa.com
URL: https://outsliggooa.com/400/6397913
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newtabthemebuilder.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 06:45:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 07 Feb 2024 12:51:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1984
etag
W/"65c37cc1-4ac0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F1kgXO73zr%2FTgZHVLWsiYUV4kTAh%2BsLXxDyrdgLan7dbFpKVS9qa7TRDkyznuposhV6fi96oxSgoFNiWH2UcIwcDNEnzFxB5%2FrN%2BxYXa7SB19Mdmb%2Fd3vHu87h2%2F8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
87104b3b5d2603dc-FRA
link
<https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
alt-svc
h3=":443"; ma=86400
apps.9471.18aa2d5f-56f5-4da4-b4e0-612ab9a88468.08bcceb6-1405-4ec1-a953-bcddf74b5598.c490a2b4-badf-4447-a6e4-1d6da4f2beea
store-images.s-microsoft.com/image/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://store-images.s-microsoft.com/image/apps.9471.18aa2d5f-56f5-4da4-b4e0-612ab9a88468.08bcceb6-1405-4ec1-a953-bcddf74b5598.c490a2b4-badf-4447-a6e4-1d6da4f2beea
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300:286::3114 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ff24bb7666f40141a400e9b24a8bafbafa67c8e90e71308df5d2dfb510c5b2a4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newtabthemebuilder.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 08 Apr 2024 06:45:19 GMT
Last-Modified
Fri, 25 Aug 2023 17:30:18 GMT
ETag
W/"gEDUIDB4OERCQTU5MEYzREUxMkVD"
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
MS-CV
Cache-Control
public, max-age=7776000, s-maxage=7776000
Connection
keep-alive
Accept-Ranges
none
MS-CV
svRZyDOFE0S9hOHF.0
Content-Length
3887
apps.30738.7a96f62d-872d-4843-b48a-8c123dcfc6e9.f7ab54b1-3af8-4d82-ab6b-f058c7467861.b0757763-1caa-413e-b0af-8e8bcb7918e4
store-images.s-microsoft.com/image/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://store-images.s-microsoft.com/image/apps.30738.7a96f62d-872d-4843-b48a-8c123dcfc6e9.f7ab54b1-3af8-4d82-ab6b-f058c7467861.b0757763-1caa-413e-b0af-8e8bcb7918e4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300:286::3114 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
12788c92bd13c5c890539bfdcadc789c4b10350590ae7cab5035e666c636b62f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newtabthemebuilder.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 08 Apr 2024 06:45:19 GMT
Last-Modified
Mon, 05 Jun 2023 04:22:24 GMT
ETag
W/"gEDUIDB4OERCNjU3Qzc2QkI4QTEz"
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
MS-CV
Cache-Control
public, max-age=7776000, s-maxage=7776000
Connection
keep-alive
Accept-Ranges
none
MS-CV
0lEHMZ/xaEWKHGd/.0
Content-Length
21496
apps.21843.66db5d9a-dfa7-4cf7-8a02-bef2b4ebf6cf.da2f3989-5d37-40d5-a5c4-86137b753d63.df193f11-d847-4ef5-991e-6853efc8b77a
store-images.s-microsoft.com/image/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://store-images.s-microsoft.com/image/apps.21843.66db5d9a-dfa7-4cf7-8a02-bef2b4ebf6cf.da2f3989-5d37-40d5-a5c4-86137b753d63.df193f11-d847-4ef5-991e-6853efc8b77a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300:286::3114 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
535579f9133bee5a8676e40bcf22c2115d7fbb70bb4eb7c8f032c57161c4ea1c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newtabthemebuilder.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 08 Apr 2024 06:45:19 GMT
Last-Modified
Tue, 18 Jul 2023 08:59:41 GMT
ETag
W/"gEDUIDB4OERCODc2RDUyRUNDQjVF"
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
MS-CV
Cache-Control
public, max-age=7776000, s-maxage=7776000
Connection
keep-alive
Accept-Ranges
none
MS-CV
AP1V4s+P1EeFFRxI.0
Content-Length
32589
apps.26323.ae6c46bc-993c-4a66-a0ad-27ea2adf527f.b5479b48-da4c-428e-91a9-7737f6c30acc.78fcc825-5da8-4677-b4d3-4837f2c121f1
store-images.s-microsoft.com/image/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://store-images.s-microsoft.com/image/apps.26323.ae6c46bc-993c-4a66-a0ad-27ea2adf527f.b5479b48-da4c-428e-91a9-7737f6c30acc.78fcc825-5da8-4677-b4d3-4837f2c121f1?mode=scale&h=100&q=90&w=100
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300:286::3114 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
626ce2cc4c5ab9c82f320277ea477e5cd86b50104db5490ce938b32adc3ee1bc

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newtabthemebuilder.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 08 Apr 2024 06:45:19 GMT
Last-Modified
Fri, 11 Aug 2023 08:14:31 GMT
ETag
W/"AEDtkTaSXr0f6XqZ3tv8DSD6LaXe7tQgMHg4REI5QTQyRkQ3RjVCMDk"
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
MS-CV
Cache-Control
public, max-age=7776000, s-maxage=7776000
Connection
keep-alive
Accept-Ranges
none
MS-CV
NDdRz+WwlUqqS1af.0
Content-Length
19730
apps.22808.aeec00dc-93b6-4916-be42-81f337c67ebd.28c10907-a7c5-40af-bd21-abad66cbef5d.602b80e2-6df7-4fb3-b6e4-a32a54ed1fac
store-images.s-microsoft.com/image/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://store-images.s-microsoft.com/image/apps.22808.aeec00dc-93b6-4916-be42-81f337c67ebd.28c10907-a7c5-40af-bd21-abad66cbef5d.602b80e2-6df7-4fb3-b6e4-a32a54ed1fac
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300:286::3114 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1859fbf8affb54af4a80e28fd2dfdb88e42cac5cf97b4dd09189d8cdf511f575

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newtabthemebuilder.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 08 Apr 2024 06:45:19 GMT
Last-Modified
Tue, 01 Aug 2023 08:54:04 GMT
ETag
W/"gEDUIDB4OERCOTI2Q0RCQTBDNTJD"
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
MS-CV
Cache-Control
public, max-age=7776000, s-maxage=7776000
Connection
keep-alive
Accept-Ranges
none
MS-CV
pT2ZJK19U0aSUyY6.0
Content-Length
35992
apps.14064.df49b209-e411-4278-bc87-179212f33427.82ba191f-9f6f-4751-a8dd-758253c75cea.a683b709-97b8-4786-a5b3-5c9d0422b2f9
store-images.s-microsoft.com/image/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://store-images.s-microsoft.com/image/apps.14064.df49b209-e411-4278-bc87-179212f33427.82ba191f-9f6f-4751-a8dd-758253c75cea.a683b709-97b8-4786-a5b3-5c9d0422b2f9?mode=scale&h=100&q=90&w=100
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300:286::3114 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
206ac5b42cfb3076d55fd01baa959ef8f69b9f69e4eb212cb71805673870f1a1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newtabthemebuilder.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 08 Apr 2024 06:45:19 GMT
Last-Modified
Fri, 07 Jul 2023 08:19:58 GMT
ETag
W/"AEDtkTaSXr0f6XqZ3tv8DSD6LaXe7tQgMHg4REI3RUMyRjNCMEU0MzU"
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
MS-CV
Cache-Control
public, max-age=7776000, s-maxage=7776000
Connection
keep-alive
Accept-Ranges
none
MS-CV
t2WzcYJ390a3tOsa.0
Content-Length
23357
apps.189.09554968-e3bd-4737-8799-7b54f869e26d.b10a066a-b7f9-41a1-9a53-7861f9672b61.87072227-4eac-42a6-8cae-59d562c78f27
store-images.s-microsoft.com/image/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://store-images.s-microsoft.com/image/apps.189.09554968-e3bd-4737-8799-7b54f869e26d.b10a066a-b7f9-41a1-9a53-7861f9672b61.87072227-4eac-42a6-8cae-59d562c78f27
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300:286::3114 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
bd00cca688239f2eb8f6e95863b6042f192f3987dc6ba11e1f46023f2b669fba

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newtabthemebuilder.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 08 Apr 2024 06:45:19 GMT
Last-Modified
Wed, 16 Aug 2023 11:08:19 GMT
ETag
W/"gEDUIDB4OERCOUU0OTE4RkZCMzlD"
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
MS-CV
Cache-Control
public, max-age=7776000, s-maxage=7776000
Connection
keep-alive
Accept-Ranges
none
MS-CV
LFPIiZsqM0muOJCE.0
Content-Length
32778
add
fleraprt.com/log/ 		12 B
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=d1575c13-f794-4300-9d3b-cf0f9c2c6b9d
Requested by
Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://newtabthemebuilder.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 08 Apr 2024 06:45:19 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://newtabthemebuilder.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
6397913
outsliggooa.com/500/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://outsliggooa.com/500/6397913?excludes=&oaid=008038270f6f4e92e7943ebc15d2fefd&fs=0&cf=0&sw=800&sh=600&sah=600&wx=770&wy=570&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1113&wfc=4&pl=https%3A%2F%2Fnewtabthemebuilder.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=120&btz=Europe%2FBerlin&bto=-120&os=win32&os_version=10.0.0&browser_version=123.0.6312.105&js_build=8&sw_version=v1.333.0
Requested by
Host: outsliggooa.com
URL: https://outsliggooa.com/400/6397913
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
640b42e7e12e72f2413edd8c26bb0984b22cdeab05cc19a081c3d235ca28f5cf
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://newtabthemebuilder.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 08 Apr 2024 06:45:19 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
505e025500852ecd2c5900aa648d918a
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://newtabthemebuilder.com
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
6397913
outsliggooa.com/500/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://outsliggooa.com/500/6397913?excludes=&oaid=008038270f6f4e92e7943ebc15d2fefd&fs=0&cf=0&sw=800&sh=600&sah=600&wx=770&wy=570&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1113&wfc=4&pl=https%3A%2F%2Fnewtabthemebuilder.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=120&btz=Europe%2FBerlin&bto=-120&os=win32&os_version=10.0.0&browser_version=123.0.6312.105&js_build=8&sw_version=v1.333.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://newtabthemebuilder.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://newtabthemebuilder.com
access-control-max-age
600
allow
GET, OPTIONS
content-length
0
date
Mon, 08 Apr 2024 06:45:19 GMT
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
*
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
ec6e12b6dd5f1f5f04ce9ada40319856.png
offerimage.com/www/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offerimage.com/www/images/ec6e12b6dd5f1f5f04ce9ada40319856.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:21ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b46abddff3fd4ee4376d4699a8ba94a4104b26d436b5ef6d16f783491aa4ede1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newtabthemebuilder.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 06:45:19 GMT
cf-cache-status
HIT
last-modified
Wed, 26 Oct 2022 00:08:29 GMT
server
cloudflare
age
43719
etag
"63587a7d-6e28"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cf-ray
87104b3e6d399b37-FRA
content-length
28200
expires
Mon, 08 Apr 2024 18:36:40 GMT

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 string| k object| _lnh3ggm0vlk object| pkns92ad4fa object| zfgformats function| setImmediate function| clearImmediate function| _aiuvd function| _kphwg object| _6eu8fxtznqn function| _smfak function| _eblxtet object| __cfQR object| __cfBeacon function| gtag object| dataLayer boolean| __cfRLUnblockHandlers object| google_tag_manager object| google_tag_data object| gaGlobal object| zfgstorage function| onClickTrigger function| kkp4a5x5tv boolean| zfgloadedpopup boolean| zfgonclickfirst object| syncCallbacks object| webpushlogs object| webpackChunkStripeJSouter function| noop function| Stripe boolean| __lwkemfd9q__ object| __ds3dcV__ number| __qwe33wweq__

11 Cookies

Domain/Path Name / Value
.newtabthemebuilder.com/ Name: _ga_18YX80RBHB
Value: GS1.1.1712558718.1.0.1712558718.0.0.0
.newtabthemebuilder.com/ Name: _ga
Value: GA1.1.447611952.1712558718
augailou.com/ Name: OAID
Value: 008038270f6f4e92e7943ebc15d2fefd
my.rtmark.net/ Name: ID
Value: 008038270f6f4e92e7943ebc15d2fefd
newtabthemebuilder.com/ Name: prefetchAd_6397897
Value: true
outsliggooa.com/ Name: OAID
Value: 008038270f6f4e92e7943ebc15d2fefd
augailou.com/ Name: oaidts
Value: 1712558719
augailou.com/ Name: syncedCookie
Value: true
m.stripe.com/ Name: m
Value: 05b31cc6-744a-4e87-ab94-ae43c4640d4410e47c
.newtabthemebuilder.com/ Name: __stripe_mid
Value: 9188691f-d5b7-4593-afed-be2f6c0b9bb76c1ead
.newtabthemebuilder.com/ Name: __stripe_sid
Value: 8954e5f0-ecc0-4196-b4d6-2c084798497fb7168d

14 Console Messages

Source Level URL
Text
other warning URL: https://newtabthemebuilder.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newtabthemebuilder.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newtabthemebuilder.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newtabthemebuilder.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newtabthemebuilder.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newtabthemebuilder.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newtabthemebuilder.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newtabthemebuilder.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newtabthemebuilder.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newtabthemebuilder.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newtabthemebuilder.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newtabthemebuilder.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newtabthemebuilder.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newtabthemebuilder.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

augailou.com
fleraprt.com
js.stripe.com
lh3.googleusercontent.com
my.rtmark.net
newtabthemebuilder.com
offerimage.com
outsliggooa.com
region1.google-analytics.com
static.cloudflareinsights.com
store-images.s-microsoft.com
tzegilo.com
www.googletagmanager.com
139.45.195.254
139.45.195.8
139.45.197.237
139.45.197.243
172.67.193.52
172.67.209.92
2001:4860:4802:34::36
2606:4700:10::6816:21ac
2606:4700:3036::ac43:d15c
2606:4700::6810:5049
2a00:1450:4001:806::2008
2a00:1450:4001:81c::2001
2a02:26f0:e300:286::3114
99.86.4.122
99.86.4.9
017ed2c5acf20cc31a26cd2679802c71e2ab302b4a35c1a4bc2d743494586296
0384aeb65d5780aac9949b9a86113b2192ba124366ee32a4a3953ecc80756d0c
064bab10d893f96a48430a2fb10e9243d475389fc06c02978cc5b768c5865770
08a291fb43f3f49c25b928dcea552e0f4e3a27fed58808b916cef19b3948c962
0949ee583224b20c78d9d5b71b4844bc8f12d87dd7b10a9bd906bcc518ec044c
12788c92bd13c5c890539bfdcadc789c4b10350590ae7cab5035e666c636b62f
15181fe4e31e60f52d39e6d6419a4d77c169ca0ab12752c5bbe759a4cd99704c
156ef6c6e3f2fed24299a7827f35289a23acd0a80201cab0b719ea4c4966a266
1859fbf8affb54af4a80e28fd2dfdb88e42cac5cf97b4dd09189d8cdf511f575
1a5413d6b2bd530bae9a209a7906137afe8f613743b811cda6c6454884c0d4ea
206ac5b42cfb3076d55fd01baa959ef8f69b9f69e4eb212cb71805673870f1a1
2eaf64a18a5a6576913bd572f8385e9ae615b4643a02e0fefe18a7f963365c18
3f9871a0d24a272e40b58b0230c9be1c6625882e90fb4279019665153d3a6d9f
535579f9133bee5a8676e40bcf22c2115d7fbb70bb4eb7c8f032c57161c4ea1c
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
626ce2cc4c5ab9c82f320277ea477e5cd86b50104db5490ce938b32adc3ee1bc
640b42e7e12e72f2413edd8c26bb0984b22cdeab05cc19a081c3d235ca28f5cf
7cdbefeb29f7165880cc90c120346c0c0be204fdf4292112ed758c22c5b43aae
8aa9f52057d332ed8279d51aaa25954de8ade44b38a329530d15a2b981e30b6d
8e1a892c7012a493186cd352e13018ebcf840b90685fcad0acb9334f2b753e76
b025c5cf30ec913c2c1b9c4290562ee3542f1b40806d62162c5933140a259052
b46abddff3fd4ee4376d4699a8ba94a4104b26d436b5ef6d16f783491aa4ede1
bd00cca688239f2eb8f6e95863b6042f192f3987dc6ba11e1f46023f2b669fba
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d71da11c93707a57ab249009b0b72f876a4bb7c9547d582b894facaf1cc3675d
d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f
d9949e94b907874317bf7ae6d0153ffb5d691bc5c585b7a3e024f43e11ef4a77
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7
ff24bb7666f40141a400e9b24a8bafbafa67c8e90e71308df5d2dfb510c5b2a4