dist.adblocker-primary.com Open in urlscan Pro
2606:4700:3031::6815:32f1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ngfgbdfgvsfs.pages.dev/
Effective URL:
https://dist.adblocker-primary.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId...
Submission: On July 13 via api (July 13th 2024, 11:03:43 am UTC) from US — Scanned from US

Summary HTTP 80 Redirects Behaviour Indicators

Summary

This website contacted 30 IPs in 4 countries across 32 domains to perform 80 HTTP transactions. The main IP is 2606:4700:3031::6815:32f1, located in United States and belongs to CLOUDFLARENET, US. The main domain is dist.adblocker-primary.com.
TLS certificate: Issued by WE1 on July 10th 2024. Valid for: 3 months.

This is the only time dist.adblocker-primary.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:310... 2606:4700:310c::ac42:2edc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3037::ac43:ad5f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:400d:c03::84	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	192.243.59.12 192.243.59.12	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	34.197.85.220 34.197.85.220	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4004:c06::71	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:33:1... 2620:1ec:33:1::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	172.240.108.84 172.240.108.84	7979 (SERVERS-COM) (SERVERS-COM)
1 2	192.243.59.13 192.243.59.13	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2606:4700:303... 2606:4700:3033::ac43:d0d9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.240.108.76 172.240.108.76	7979 (SERVERS-COM) (SERVERS-COM)
1	2606:4700:10:... 2606:4700:10::6814:1247	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.204.193.90 35.204.193.90	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	52.58.28.63 52.58.28.63	16509 (AMAZON-02) (AMAZON-02)
18	2606:4700:303... 2606:4700:3031::6815:32f1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.240.127.234 172.240.127.234	7979 (SERVERS-COM) (SERVERS-COM)
3	45.133.44.9 45.133.44.9	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	149.56.240.128 149.56.240.128	16276 (OVH) (OVH)
3	2606:4700:21:... 2606:4700:21::8d65:780a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.205.106.68 23.205.106.68	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	3.140.62.139 3.140.62.139	16509 (AMAZON-02) (AMAZON-02)
1	172.64.153.173 172.64.153.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:b48:8300::3 2a02:b48:8300::3	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	23.205.106.83 23.205.106.83	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	67.202.105.31 67.202.105.31	32748 (STEADFAST) (STEADFAST)
2	108.138.128.46 108.138.128.46	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::ac43:4aba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:303... 2606:4700:3032::ac43:8d18	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:400d:c04::5f	15169 (GOOGLE) (GOOGLE)
1	67.202.105.33 67.202.105.33	32748 (STEADFAST) (STEADFAST)
80	30

1 2606:4700:310c::ac42:2edc (United States)

ASN13335 (CLOUDFLARENET, US)

ngfgbdfgvsfs.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3037::ac43:ad5f (United States)

ASN13335 (CLOUDFLARENET, US)

iklanku.my.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c03::84 (Morganton, United States)

ASN15169 (GOOGLE, US)

3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

termcolonialhedwig.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
visitedquarrelsomemeant.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.197.85.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-85-220.compute-1.amazonaws.com

proftrafficcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::71 (Washington, United States)

ASN15169 (GOOGLE, US)

suggestqueries.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

tse1.mm.bing.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.240.108.84 (United States) 1 redirects

ASN7979 (SERVERS-COM, US)

criticizewiggle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.243.59.13 (Ashburn, United States) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

legitimatepowers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:d0d9 (United States)

ASN13335 (CLOUDFLARENET, US)

recordedthereby.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.240.108.76 (United States)

ASN7979 (SERVERS-COM, US)

hysteriaethicalsewer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:1247 (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.193.90 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.193.204.35.bc.googleusercontent.com

tracking.trackingshub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.28.63 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-28-63.eu-central-1.compute.amazonaws.com

excellingvista.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:3031::6815:32f1 (United States)

ASN13335 (CLOUDFLARENET, US)

dist.adblocker-primary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.240.127.234 (United States)

ASN7979 (SERVERS-COM, US)

capaciousdrewreligion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.133.44.9 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

cdn.cloudimagesb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.56.240.128 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534296.ip-149-56-240.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:21::8d65:780a (United States)

ASN13335 (CLOUDFLARENET, US)

e.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.205.106.68 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-205-106-68.deploy.static.akamaitechnologies.com

pxdrop.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.140.62.139 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-140-62-139.us-east-2.compute.amazonaws.com

pd.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.153.173 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:b48:8300::3 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

cdn.barscreative1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.205.106.83 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-205-106-83.deploy.static.akamaitechnologies.com

pxdrop.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.31 (United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.128.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-46.jfk50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4aba (United States)

ASN13335 (CLOUDFLARENET, US)

t.dtscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3032::ac43:8d18 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.creative-bars1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c04::5f (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.33 (United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	adblocker-primary.com dist.adblocker-primary.com	202 KB
7	visitedquarrelsomemeant.com visitedquarrelsomemeant.com — Cisco Umbrella Rank: 90468	11 KB
5	creative-bars1.com cdn.creative-bars1.com — Cisco Umbrella Rank: 24195	39 KB
4	termcolonialhedwig.com termcolonialhedwig.com	74 KB
4	iklanku.my.id iklanku.my.id	3 KB
3	tynt.com cdn.tynt.com — Cisco Umbrella Rank: 16289 ic.tynt.com — Cisco Umbrella Rank: 14150 de.tynt.com — Cisco Umbrella Rank: 1606	9 KB
3	dtscout.com e.dtscout.com — Cisco Umbrella Rank: 13468 t.dtscout.com — Cisco Umbrella Rank: 11337	4 KB
3	cloudimagesb.com cdn.cloudimagesb.com — Cisco Umbrella Rank: 24033	183 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1075 bcp.crwdcntrl.net Failed	20 KB
2	lijit.com pxdrop.lijit.com — Cisco Umbrella Rank: 4336	2 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 11784 s4.histats.com — Cisco Umbrella Rank: 11781	5 KB
2	legitimatepowers.com 1 redirects legitimatepowers.com — Cisco Umbrella Rank: 91889	6 KB
2	criticizewiggle.com 1 redirects criticizewiggle.com — Cisco Umbrella Rank: 90646	4 KB
2	proftrafficcounter.com proftrafficcounter.com — Cisco Umbrella Rank: 14569	610 B
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 240	26 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 74	1 KB
1	dtscdn.com t.dtscdn.com — Cisco Umbrella Rank: 11966	597 B
1	barscreative1.com cdn.barscreative1.com — Cisco Umbrella Rank: 27357	745 B
1	sharethis.com pd.sharethis.com — Cisco Umbrella Rank: 25693	197 B
1	capaciousdrewreligion.com capaciousdrewreligion.com — Cisco Umbrella Rank: 22622	392 B
1	excellingvista.com 1 redirects excellingvista.com — Cisco Umbrella Rank: 556871	450 B
1	trackingshub.com 1 redirects tracking.trackingshub.com — Cisco Umbrella Rank: 519409	343 B
1	hysteriaethicalsewer.com hysteriaethicalsewer.com — Cisco Umbrella Rank: 94484	469 B
1	recordedthereby.com recordedthereby.com — Cisco Umbrella Rank: 15168	28 KB
1	bing.net tse1.mm.bing.net — Cisco Umbrella Rank: 3175	1 KB
1	google.com suggestqueries.google.com — Cisco Umbrella Rank: 1571	805 B
1	blogspot.com 3.bp.blogspot.com — Cisco Umbrella Rank: 19031	664 B
1	pages.dev ngfgbdfgvsfs.pages.dev	7 KB
0	gstatic.com Failed fonts.gstatic.com Failed
0	simpli.fi Failed i.simpli.fi Failed
0	33across.com Failed cdn-tc.33across.com Failed lex.33across.com Failed
0	eyeota.net Failed ps.eyeota.net Failed
80	32

	Domain	Requested by
18	dist.adblocker-primary.com	ngfgbdfgvsfs.pages.dev dist.adblocker-primary.com
7	visitedquarrelsomemeant.com	termcolonialhedwig.com
5	cdn.creative-bars1.com	termcolonialhedwig.com
4	termcolonialhedwig.com	iklanku.my.id
4	iklanku.my.id	ngfgbdfgvsfs.pages.dev
3	cdn.cloudimagesb.com
2	tags.crwdcntrl.net	e.dtscout.com tags.crwdcntrl.net
2	pxdrop.lijit.com	e.dtscout.com pxdrop.lijit.com
2	t.dtscout.com	e.dtscout.com
2	legitimatepowers.com	1 redirects ngfgbdfgvsfs.pages.dev
2	criticizewiggle.com	1 redirects ngfgbdfgvsfs.pages.dev
2	proftrafficcounter.com	termcolonialhedwig.com
2	cdnjs.cloudflare.com	ngfgbdfgvsfs.pages.dev
1	de.tynt.com	cdn.tynt.com
1	fonts.googleapis.com	termcolonialhedwig.com
1	t.dtscdn.com	e.dtscout.com
1	ic.tynt.com
1	cdn.barscreative1.com	termcolonialhedwig.com
1	cdn.tynt.com	e.dtscout.com
1	pd.sharethis.com	e.dtscout.com
1	e.dtscout.com	s4.histats.com
1	s4.histats.com	s10.histats.com
1	capaciousdrewreligion.com	termcolonialhedwig.com
1	excellingvista.com	1 redirects dist.adblocker-primary.com
1	tracking.trackingshub.com	1 redirects
1	s10.histats.com	ngfgbdfgvsfs.pages.dev
1	hysteriaethicalsewer.com	ngfgbdfgvsfs.pages.dev
1	recordedthereby.com	termcolonialhedwig.com
1	tse1.mm.bing.net	ngfgbdfgvsfs.pages.dev
1	suggestqueries.google.com	ngfgbdfgvsfs.pages.dev
1	3.bp.blogspot.com	ngfgbdfgvsfs.pages.dev
1	ngfgbdfgvsfs.pages.dev
0	bcp.crwdcntrl.net Failed	tags.crwdcntrl.net
0	fonts.gstatic.com Failed	fonts.googleapis.com
0	i.simpli.fi Failed
0	lex.33across.com Failed
0	cdn-tc.33across.com Failed	de.tynt.com
0	ps.eyeota.net Failed
80	38

This site contains no links.

Subject Issuer	Validity	Valid
ngfgbdfgvsfs.pages.dev WE1	`2024-07-10` - `2024-10-08`	3 months	crt.sh
iklanku.my.id GTS CA 1P5	`2024-05-23` - `2024-08-21`	3 months	crt.sh
misc-sni.blogspot.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
termcolonialhedwig.com R11	`2024-06-07` - `2024-09-05`	3 months	crt.sh
proftrafficcounter.com Amazon RSA 2048 M02	`2023-11-21` - `2024-12-19`	a year	crt.sh
*.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.mm.bing.net Microsoft Azure RSA TLS Issuing CA 03	`2024-05-02` - `2024-10-29`	6 months	crt.sh
recordedthereby.com WE1	`2024-07-06` - `2024-10-04`	3 months	crt.sh
hysteriaethicalsewer.com R10	`2024-06-29` - `2024-09-27`	3 months	crt.sh
s10.histats.com E5	`2024-06-09` - `2024-09-07`	3 months	crt.sh
adblocker-primary.com WE1	`2024-07-10` - `2024-10-08`	3 months	crt.sh
capaciousdrewreligion.com R10	`2024-07-05` - `2024-10-03`	3 months	crt.sh
cdn.cloudimagesb.com R3	`2024-05-21` - `2024-08-19`	3 months	crt.sh
histats.com R3	`2024-05-13` - `2024-08-11`	3 months	crt.sh
visitedquarrelsomemeant.com R10	`2024-06-30` - `2024-09-28`	3 months	crt.sh
dtscout.com GTS CA 1P5	`2024-05-15` - `2024-08-13`	3 months	crt.sh
cert2-prod.aut.a24365.net R11	`2024-06-24` - `2024-09-22`	3 months	crt.sh
sharethis.com Amazon RSA 2048 M03	`2024-04-21` - `2025-05-20`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-05` - `2024-09-30`	a year	crt.sh
cdn.barscreative1.com R10	`2024-07-08` - `2024-10-06`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
dtscdn.com WE1	`2024-07-09` - `2024-10-07`	3 months	crt.sh
creative-bars1.com WE1	`2024-06-13` - `2024-09-11`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://dist.adblocker-primary.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=7_23647541&cid=cq95u2b2r96s73flf570&lpkey=17208f6c61580cfaa6ebf6925ae979c3c101b68917&isV2=true
Frame ID: 4071EB2A44539129C451A03448CEF3F3
Requests: 70 HTTP requests in this frame

Frame: https://cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
Frame ID: 193E1190826E19AABBDB65E355C432C2
Requests: 1 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=4C301720868616A93018973B47BDC91B
Frame ID: 120A1ADD6AF5041222A83A7C239AA655
Requests: 1 HTTP requests in this frame

Frame: https://pxdrop.lijit.com/a/t_.htm?ver=1.1453.769&cid=c026&cls=sync
Frame ID: C719BB13700EC078BC43E05F65DAE69C
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
Frame ID: 877DFF0BB3287A767DBE93FC64EBCA7B
Requests: 7 HTTP requests in this frame

Frame: https://cdn-tc.33across.com/lotame-sync.html
Frame ID: DB57F619DA18746FB7C1EE841F802A20
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Primary AdBlock

Page URL History Show full URLs

https://ngfgbdfgvsfs.pages.dev/ Page URL
https://tracking.trackingshub.com/click?pid=7&offer_id=2435225&sub1=3dfb65622aa083c30116e3804e4e135f&sub2=2364... HTTP 302
https://excellingvista.com/click?key=x0nnnbi4dcpu0z79pqlh&externalid=66925f08c065450001c860ec&source=7_... HTTP 307
https://dist.adblocker-primary.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&f... Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

80
Requests

85 %
HTTPS

45 %
IPv6

32
Domains

38
Subdomains

30
IPs

4
Countries

625 kB
Transfer

1348 kB
Size

64
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ngfgbdfgvsfs.pages.dev/ Page URL
https://tracking.trackingshub.com/click?pid=7&offer_id=2435225&sub1=3dfb65622aa083c30116e3804e4e135f&sub2=23647541 HTTP 302
https://excellingvista.com/click?key=x0nnnbi4dcpu0z79pqlh&externalid=66925f08c065450001c860ec&source=7_23647541 HTTP 307
https://dist.adblocker-primary.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=7_23647541&cid=cq95u2b2r96s73flf570&lpkey=17208f6c61580cfaa6ebf6925ae979c3c101b68917&isV2=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://criticizewiggle.com/watch.288597350635.js?key=1852fa8b71e3358cc8ea6dc076ed6121&kw=%5B%5D&refer=https%3A%2F%2Fngfgbdfgvsfs.pages.dev%2F&tz=-10&dev=r&res=14.31&uuid=5f20d3ea-026e-4eb3-8ce0-a4e2f45f5121%3A1%3A1 HTTP 307
https://criticizewiggle.com/watch.288597350635.js?dev=r&key=1852fa8b71e3358cc8ea6dc076ed6121&kw=%5B%5D&pst=1720868674&refer=https%3A%2F%2Fngfgbdfgvsfs.pages.dev%2F&res=14.31&rmtc=t&shu=aaf90fb10a1cfa61bda48042476c8b0309dbf38065ff5064d903a69f0e10e63deac63153692ef544e101a9532bce99ab5542da23d08d44c71c98e6a5e92bda5b18b7ef316a376ef59e14efd9745029997bef0fdce7522775b287f6&tz=-10&uuid=5f20d3ea-026e-4eb3-8ce0-a4e2f45f5121%3A1%3A1

Request Chain 16

https://legitimatepowers.com/watch.752823604258.js?key=6b7b1783887887fdfb29449c2b5bc0c5&kw=%5B%5D&refer=https%3A%2F%2Fngfgbdfgvsfs.pages.dev%2F&tz=-10&dev=r&res=14.31&uuid=2d07749f-d9bf-408f-9361-c8aeb2de5e16%3A1%3A1 HTTP 307
https://legitimatepowers.com/watch.752823604258.js?dev=r&key=6b7b1783887887fdfb29449c2b5bc0c5&kw=%5B%5D&pst=1720868674&refer=https%3A%2F%2Fngfgbdfgvsfs.pages.dev%2F&res=14.31&rmtc=t&shu=8f82e30118171053404be374593f652a6231be8311385aaddad4d8dab18154d62faed2ade64a1f02e90c628b4b9394484b5e32f92547eef807ddeda0860ff0e84b7851f280930e4205e28685d10d0d8c394d4025ae70f807c290ff7d118461&tz=-10&uuid=2d07749f-d9bf-408f-9361-c8aeb2de5e16%3A1%3A1

Request Chain 38

https://pixel.onaudience.com/?partner=137085098&mapped=4C301720868616A93018973B47BDC91B HTTP 302
https://pixel.onaudience.com/?partner=236&icm&cver&gdpr=0&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D0%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m HTTP 302
https://ps.eyeota.net/pixel?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=a5de4b9b282fb4be

80 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 / Show response
ngfgbdfgvsfs.pages.dev/ 17 KB
7 KB 697ms
291ms Document
text/html 2606:4700:310c::ac42:2edc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ngfgbdfgvsfs.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2edc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca14be9c275d6c0f8bb82f794af438d5e9521429978b7fbace90fd399b7b512f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 8a28c9748a0f4cb2-PHL
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 13 Jul 2024 11:03:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kvwAgeh5khZsqmvCPhmLZFa3tXULXx99%2FxGCmU1QoOxHucefhS3Pd%2BVhs0VKfmfiDaTl0hWTO3G8d9srp8iRK0QoNEuTNTvjRSFqo80MPvEzwnwyKHG1yLJqU5Vtj6bKNo8KevKIo%2Fk1xOJRc74ZyMbwhaZG"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 5ca982ecc2ff5fe457ce43b19269eb47 Show response
iklanku.my.id/get/site/js/ 288 B
728 B 902ms
584ms Script
application/javascript 2606:4700:3037::ac43:ad5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iklanku.my.id/get/site/js/5ca982ecc2ff5fe457ce43b19269eb47

Requested by

Host: ngfgbdfgvsfs.pages.dev
URL: https://ngfgbdfgvsfs.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:ad5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb1daa1d3e1e9887ec87efddc046718447aae2a663878fedbe4083f3d3c2a01a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 11:03:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p1Wd%2BBUSDhlmqDE7vK6ZRckBsJyLQiJwIj1pazgJYnSadSgZ2wOeecVbJk9BnC9bt4OYc7sLv4RMDofnqzpiXQd8T1kc%2FSxPuj97bQVaOk%2BVdgVkgoisCo9ff6DZirD8qpp1Y2LGg%2FYQmAjB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8a28c97a99961821-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 btn_close.gif
3.bp.blogspot.com/-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/ 362 B
664 B 591ms
171ms Image
image/gif 2607:f8b0:400d:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/btn_close.gif

Requested by

Host: ngfgbdfgvsfs.pages.dev
URL: https://ngfgbdfgvsfs.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 10:14:50 GMT
x-content-type-options: nosniff
age: 2922
content-disposition: inline;filename="btn_close.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 362
x-xss-protection: 0
server: fife
etag: "v1764"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 14 Jul 2024 10:14:50 GMT

GET
H3 200 0f01decb1a3167f40bc38be4e1fcb5d2 Show response
iklanku.my.id/get/site/js/ 289 B
766 B 880ms
565ms Script
application/javascript 2606:4700:3037::ac43:ad5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iklanku.my.id/get/site/js/0f01decb1a3167f40bc38be4e1fcb5d2

Requested by

Host: ngfgbdfgvsfs.pages.dev
URL: https://ngfgbdfgvsfs.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:ad5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31f2d9cc410edfc160dd1c2786fed7f5ea7a9e184f91579b16fcd76e95dbd17d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 11:03:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tanhkEqAD%2BNkXKq7zUbuEyWvOFlZ8xywj92wf8hCSxK9kGzoyQPFEC0bvXjikjuKtJm%2BcG3h9I%2BgV89FXR3eIUgN5Hy6DTAkeSYON7SXi8l0aX1BYC6tohD%2Btp3sU6qReYqSHy52J5Gou%2Fhv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8a28c97a99971821-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 jquery.slim.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 71 KB
22 KB 385ms
98ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.slim.min.js

Requested by

Host: ngfgbdfgvsfs.pages.dev
URL: https://ngfgbdfgvsfs.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
Origin: https://ngfgbdfgvsfs.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 11:03:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 79024
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 22329
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "603e8adc-11ab4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LbRK%2B7xseKtwIHKkr74Jr9GWcaxOCA5RxpSDaVZgY7aJtSnS3y4pHTTouuUA7dCfQpiDnuPU%2BFThDVhNQU7gsC8MM1BW2Md4IYonhYefeDe9XcAFPKN8PItQ2tAY7q6AWvgtzRJdMWJ3v%2Fgqku9uKTvr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a28c97a69ef1871-EWR
expires: Thu, 03 Jul 2025 11:03:32 GMT

GET
H3 200 lazysizes.min.js Show response
cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.0/ 8 KB
4 KB 466ms
181ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.0/lazysizes.min.js

Requested by

Host: ngfgbdfgvsfs.pages.dev
URL: https://ngfgbdfgvsfs.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46112dbceed738f759d03f04b115d5256a7d73660b7795acb382192ad84d9f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
Origin: https://ngfgbdfgvsfs.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 11:03:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 160772
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3150
last-modified: Sat, 02 Jan 2021 18:12:41 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5ff0b799-1ed1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wv3ff%2FRWzLAWbSEQXwkWZonT0fUav%2FCYS1MTuydHYxlXOtktMo%2BH0a8GQNoLH42ze8XMCO5W7YZ2myDP0ueXqDk3ejoK4FcRmIZAQ9UpKc%2FcAU1ToE2NtE0eSH%2B%2Bo7rW%2B07nigPHSDGZgp9lvzgQzFoy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a28c97a69f01871-EWR
expires: Thu, 03 Jul 2025 11:03:32 GMT

GET
H3 200 969ad501421096b7240bc54c6fdda1de Show response
iklanku.my.id/get/site/js/ 135 B
649 B 907ms
604ms Script
application/javascript 2606:4700:3037::ac43:ad5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iklanku.my.id/get/site/js/969ad501421096b7240bc54c6fdda1de

Requested by

Host: ngfgbdfgvsfs.pages.dev
URL: https://ngfgbdfgvsfs.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:ad5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

220167dce7a98360a59680034f9d479d757394a8684a42da8f035478c625acee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 11:03:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lfx99YolBw3cSNCu%2BcqMHXzkKyIQziIC5lY08tn%2F2km%2BQ%2BvUjIyVrudGzpLWg9y2BoLk87fsim2R2vPqwhzXe0azRznNJCl5SfVAoJz5UA4afF9PEQHEljJL%2BP%2F51rDzRwYDwG3F5A9vofeH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8a28c97a99941821-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 55d2b2a58bea47e5053fb181d3a85e81 Show response
iklanku.my.id/get/site/js/ 135 B
651 B 890ms
587ms Script
application/javascript 2606:4700:3037::ac43:ad5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iklanku.my.id/get/site/js/55d2b2a58bea47e5053fb181d3a85e81

Requested by

Host: ngfgbdfgvsfs.pages.dev
URL: https://ngfgbdfgvsfs.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:ad5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

216ffe9f77dd0e5da2b0275bbf2a6c0b9cc620f06cc25f1cbfcfb6af7ce1f67b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 11:03:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LI3Uc1ZSQhPQsiH9MGt4QjRa4JjPqhL5aPWahcQbZb3BzHYtKeFAgzw%2ByG8M%2FXMtsTv48OcYM190%2FOHhRXIf%2BgQdlvKgXOM2%2B8WPp7CGUdATs1h4FLOIuNEO4MIs9ajk%2BvSn1lHdEvuDeJvT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8a28c97a99981821-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK invoke.js Show response
termcolonialhedwig.com/1852fa8b71e3358cc8ea6dc076ed6121/ 31 KB
12 KB 709ms
113ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://termcolonialhedwig.com/1852fa8b71e3358cc8ea6dc076ed6121/invoke.js

Requested by

Host: iklanku.my.id
URL: https://iklanku.my.id/get/site/js/5ca982ecc2ff5fe457ce43b19269eb47

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.5 /

Resource Hash

392d6395b1332aff4f3c88a0bbaf7cbb91c14e88d0703e826c973d4f82f5af16

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Sat, 13 Jul 2024 11:03:33 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Cache-Control: no-cache, max-age=0, private, no-cache
Connection: keep-alive
X-Request-ID: 8a8c24bb1d64dffea3f954d0e8292e65
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 stats Show response
proftrafficcounter.com/ 40 B
305 B 576ms
128ms XHR
text/html 34.197.85.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://proftrafficcounter.com/stats
Requested by: Host: termcolonialhedwig.com
URL: https://termcolonialhedwig.com/1852fa8b71e3358cc8ea6dc076ed6121/invoke.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.85.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-85-220.compute-1.amazonaws.com
Software: fasthttp /
Resource Hash: eef8b3c25145cb163870fb31156501e043b7733b83c64c2458d5244b200de290

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://ngfgbdfgvsfs.pages.dev
date: Sat, 13 Jul 2024 11:03:34 GMT
access-control-allow-credentials: true
server: fasthttp
content-length: 40
vary: Origin
content-type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK invoke.js Show response
termcolonialhedwig.com/6b7b1783887887fdfb29449c2b5bc0c5/ 31 KB
12 KB 101ms
101ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://termcolonialhedwig.com/6b7b1783887887fdfb29449c2b5bc0c5/invoke.js

Requested by

Host: iklanku.my.id
URL: https://iklanku.my.id/get/site/js/0f01decb1a3167f40bc38be4e1fcb5d2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.5 /

Resource Hash

9f1640e7c059a282a789beb08e58f264fbd25e238000ec8b0bed400f89ad297a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Sat, 13 Jul 2024 11:03:33 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Cache-Control: no-cache, max-age=0, private, no-cache
Connection: keep-alive
X-Request-ID: 0bdf7da3d7a3ed9efd8545bf1a12cd54
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 stats Show response
proftrafficcounter.com/ 40 B
305 B 461ms
90ms XHR
text/html 34.197.85.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://proftrafficcounter.com/stats
Requested by: Host: termcolonialhedwig.com
URL: https://termcolonialhedwig.com/6b7b1783887887fdfb29449c2b5bc0c5/invoke.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.85.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-85-220.compute-1.amazonaws.com
Software: fasthttp /
Resource Hash: c9c42695f9137b4c0169d8f87d78ba5329d12e5f22f0deb7355e2af87ff5b765

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://ngfgbdfgvsfs.pages.dev
date: Sat, 13 Jul 2024 11:03:34 GMT
access-control-allow-credentials: true
server: fasthttp
content-length: 40
vary: Origin
content-type: text/html; charset=UTF-8

GET
H2 200 search Show response
suggestqueries.google.com/complete/ 20 B
805 B 482ms
165ms Script
text/javascript 2607:f8b0:4004:c06::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://suggestqueries.google.com/complete/search?jsonp=autoRelated&hl=en&client=firefox&q=

Requested by

Host: ngfgbdfgvsfs.pages.dev
URL: https://ngfgbdfgvsfs.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

5ffae3c0e627b6a2083d67639bfa32ecfe695671ee25f8e1315d2067a4e28df4

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-AwioX59PC1erImj30w8wRA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sat, 13 Jul 2024 11:03:34 GMT
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-AwioX59PC1erImj30w8wRA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
content-encoding: br
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-DPR, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
permissions-policy: unload=()
expires: -1

GET
H2 404 th
tse1.mm.bing.net/ 727 B
1 KB 662ms
156ms Image
image/jpeg 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tse1.mm.bing.net/th?q=
Requested by: Host: ngfgbdfgvsfs.pages.dev
URL: https://ngfgbdfgvsfs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7edda2585f580c167fd4e3a6c162534548cda437f8bef67c544f3aa9c162a17c

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 11:03:34 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EDE8FE4125B34FD58B26D1046977C1F6 Ref B: PHL30EDGE0406 Ref C: 2024-07-13T11:03:34Z
access-control-allow-methods: GET, POST, OPTIONS
x-cache: TCP_MISS
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
cache-control: no-cache
timing-allow-origin: *
access-control-allow-headers: *
content-length: 727
expires: -1

GET
H/1.1

200
OK

watch.288597350635.js
criticizewiggle.com/
Redirect Chain

https://criticizewiggle.com/watch.288597350635.js?key=1852fa8b71e3358cc8ea6dc076ed6121&kw=%5B%5D&refer=https%3A%2F%2Fngfgbdfgvsfs.pages.dev%2F&tz=-10&dev=r&res=14.31&uuid=5f20d3ea-026e-4eb3-8ce0-a4...
https://criticizewiggle.com/watch.288597350635.js?dev=r&key=1852fa8b71e3358cc8ea6dc076ed6121&kw=%5B%5D&pst=1720868674&refer=https%3A%2F%2Fngfgbdfgvsfs.pages.dev%2F&res=14.31&rmtc=t&shu=aaf90fb10a1c...

1 KB
2 KB

126ms
125ms

XHR
text/html

172.240.108.84
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://criticizewiggle.com/watch.288597350635.js?dev=r&key=1852fa8b71e3358cc8ea6dc076ed6121&kw=%5B%5D&pst=1720868674&refer=https%3A%2F%2Fngfgbdfgvsfs.pages.dev%2F&res=14.31&rmtc=t&shu=aaf90fb10a1cfa61bda48042476c8b0309dbf38065ff5064d903a69f0e10e63deac63153692ef544e101a9532bce99ab5542da23d08d44c71c98e6a5e92bda5b18b7ef316a376ef59e14efd9745029997bef0fdce7522775b287f6&tz=-10&uuid=5f20d3ea-026e-4eb3-8ce0-a4e2f45f5121%3A1%3A1

Requested by

Host: ngfgbdfgvsfs.pages.dev
URL: https://ngfgbdfgvsfs.pages.dev/

Protocol

HTTP/1.1

Server

172.240.108.84 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 13 Jul 2024 11:03:34 GMT
Custom-Referer: https://ngfgbdfgvsfs.pages.dev
Content-Encoding: gzip
Strict-Transport-Security: max-age=0; includeSubdomains
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
X-Request-ID: 5fd369d4296568527587a731ea9bc654
Pragma: no-cache
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type: text/html
Access-Control-Allow-Origin: https://ngfgbdfgvsfs.pages.dev
Cache-Control: no-cache, max-age=0, private, no-cache
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Date: Sat, 13 Jul 2024 11:03:34 GMT
Custom-Referer: https://ngfgbdfgvsfs.pages.dev
Strict-Transport-Security: max-age=0; includeSubdomains
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
Content-Length: 0
X-Request-ID: fccb4ff730759a31d9e7445e2411ec52
Pragma: no-cache
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type: text/html
Access-Control-Allow-Origin: https://ngfgbdfgvsfs.pages.dev
Location: https://criticizewiggle.com/watch.288597350635.js?dev=r&key=1852fa8b71e3358cc8ea6dc076ed6121&kw=%5B%5D&pst=1720868674&refer=https%3A%2F%2Fngfgbdfgvsfs.pages.dev%2F&res=14.31&rmtc=t&shu=aaf90fb10a1cfa61bda48042476c8b0309dbf38065ff5064d903a69f0e10e63deac63153692ef544e101a9532bce99ab5542da23d08d44c71c98e6a5e92bda5b18b7ef316a376ef59e14efd9745029997bef0fdce7522775b287f6&tz=-10&uuid=5f20d3ea-026e-4eb3-8ce0-a4e2f45f5121%3A1%3A1
Cache-Control: no-cache, max-age=0, private, no-cache
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1

200
OK

watch.752823604258.js
legitimatepowers.com/
Redirect Chain

https://legitimatepowers.com/watch.752823604258.js?key=6b7b1783887887fdfb29449c2b5bc0c5&kw=%5B%5D&refer=https%3A%2F%2Fngfgbdfgvsfs.pages.dev%2F&tz=-10&dev=r&res=14.31&uuid=2d07749f-d9bf-408f-9361-c...
https://legitimatepowers.com/watch.752823604258.js?dev=r&key=6b7b1783887887fdfb29449c2b5bc0c5&kw=%5B%5D&pst=1720868674&refer=https%3A%2F%2Fngfgbdfgvsfs.pages.dev%2F&res=14.31&rmtc=t&shu=8f82e301181...

4 KB
4 KB

248ms
248ms

XHR
text/html

192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://legitimatepowers.com/watch.752823604258.js?dev=r&key=6b7b1783887887fdfb29449c2b5bc0c5&kw=%5B%5D&pst=1720868674&refer=https%3A%2F%2Fngfgbdfgvsfs.pages.dev%2F&res=14.31&rmtc=t&shu=8f82e30118171053404be374593f652a6231be8311385aaddad4d8dab18154d62faed2ade64a1f02e90c628b4b9394484b5e32f92547eef807ddeda0860ff0e84b7851f280930e4205e28685d10d0d8c394d4025ae70f807c290ff7d118461&tz=-10&uuid=2d07749f-d9bf-408f-9361-c8aeb2de5e16%3A1%3A1

Requested by

Host: ngfgbdfgvsfs.pages.dev
URL: https://ngfgbdfgvsfs.pages.dev/

Protocol

HTTP/1.1

Server

192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.5 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 13 Jul 2024 11:03:35 GMT
Custom-Referer: https://ngfgbdfgvsfs.pages.dev
Content-Encoding: gzip
Strict-Transport-Security: max-age=0; includeSubdomains
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
X-Request-ID: b2833280fda63c4e43aca4bdc5371aee
Pragma: no-cache
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type: text/html
Access-Control-Allow-Origin: https://ngfgbdfgvsfs.pages.dev
Cache-Control: no-cache, max-age=0, private, no-cache
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Date: Sat, 13 Jul 2024 11:03:34 GMT
Custom-Referer: https://ngfgbdfgvsfs.pages.dev
Strict-Transport-Security: max-age=0; includeSubdomains
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
Content-Length: 0
X-Request-ID: 29f10417e49b6ace9e30e460c35c4a43
Pragma: no-cache
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type: text/html
Access-Control-Allow-Origin: https://ngfgbdfgvsfs.pages.dev
Location: https://legitimatepowers.com/watch.752823604258.js?dev=r&key=6b7b1783887887fdfb29449c2b5bc0c5&kw=%5B%5D&pst=1720868674&refer=https%3A%2F%2Fngfgbdfgvsfs.pages.dev%2F&res=14.31&rmtc=t&shu=8f82e30118171053404be374593f652a6231be8311385aaddad4d8dab18154d62faed2ade64a1f02e90c628b4b9394484b5e32f92547eef807ddeda0860ff0e84b7851f280930e4205e28685d10d0d8c394d4025ae70f807c290ff7d118461&tz=-10&uuid=2d07749f-d9bf-408f-9361-c8aeb2de5e16%3A1%3A1
Cache-Control: no-cache, max-age=0, private, no-cache
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK e3eeb3164556171217d7ee7bd57a1b90.js Show response
termcolonialhedwig.com/e3/ee/b3/ 90 KB
33 KB 119ms
119ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://termcolonialhedwig.com/e3/ee/b3/e3eeb3164556171217d7ee7bd57a1b90.js

Requested by

Host: iklanku.my.id
URL: https://iklanku.my.id/get/site/js/969ad501421096b7240bc54c6fdda1de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.5 /

Resource Hash

275745104677297a63ad9f4f4ddb18d38d0a36c7023ce6dd25fea97223d462b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Sat, 13 Jul 2024 11:03:34 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Cache-Control: no-cache, max-age=0, private, no-cache
Connection: keep-alive
X-Request-ID: c4e7bb1e542f7d2d4f323dafa56e72d6
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 sfp.js
recordedthereby.com/ 83 KB
28 KB 441ms
110ms Script
application/javascript 2606:4700:3033::ac43:d0d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://recordedthereby.com/sfp.js

Requested by

Host: termcolonialhedwig.com
URL: https://termcolonialhedwig.com/e3/ee/b3/e3eeb3164556171217d7ee7bd57a1b90.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d0d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 11:03:34 GMT
strict-transport-security: max-age=0; includeSubdomains
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
x-request-id: cc953e7abe09f1b15961e00a4de82528
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IF1ytkXTefla4wqgbbkq7jA8JvVTMLUvnCvmkd9lj%2FqVslokdPUbY2eOG%2BWnoLXFeHhv4apcg3sU6C7nuywN04KpWw3AqZnpVb88lfenwNSnAQsCn6uuPPa4aQUQXPAjopKsrVoOy4GKhbLB8zi3UPWq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, max-age=0, private, no-cache
cf-ray: 8a28c98a5e528c27-EWR
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK purst
hysteriaethicalsewer.com/pixel/ 0
469 B 507ms
171ms Image
text/plain 172.240.108.76
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hysteriaethicalsewer.com/pixel/purst?dl=0&th=0&sc=0&rs=3546.7999992370605&rd=3546.7999992370605&fd=138&bv=24.7.2537&tmpl=70
Requested by: Host: ngfgbdfgvsfs.pages.dev
URL: https://ngfgbdfgvsfs.pages.dev/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.240.108.76 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 13 Jul 2024 11:03:34 GMT
Server: nginx/1.21.6
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK 4ff16b445d23bff894e2951ae3f9172d.js Show response
termcolonialhedwig.com/4f/f1/6b/ 44 KB
16 KB 101ms
100ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://termcolonialhedwig.com/4f/f1/6b/4ff16b445d23bff894e2951ae3f9172d.js

Requested by

Host: iklanku.my.id
URL: https://iklanku.my.id/get/site/js/55d2b2a58bea47e5053fb181d3a85e81

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.5 /

Resource Hash

6fa28900b054c51f057c051545dbee6fbcd8a810ff2d532c0a9324f48cab1fc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Sat, 13 Jul 2024 11:03:34 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Cache-Control: no-cache, max-age=0, private, no-cache
Connection: keep-alive
X-Request-ID: c10f0c8caf8704e0ac6075d78af74536
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 js15_as.js
s10.histats.com/ 11 KB
5 KB 406ms
103ms Script
text/javascript 2606:4700:10::6814:1247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: ngfgbdfgvsfs.pages.dev
URL: https://ngfgbdfgvsfs.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 11:03:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 58011
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8a28c98cbbf30f4a-EWR
content-length: 4547

GET
H3

200

Primary Request / Show response
dist.adblocker-primary.com/
Redirect Chain

https://tracking.trackingshub.com/click?pid=7&offer_id=2435225&sub1=3dfb65622aa083c30116e3804e4e135f&sub2=23647541
https://excellingvista.com/click?key=x0nnnbi4dcpu0z79pqlh&externalid=66925f08c065450001c860ec&source=7_23647541
https://dist.adblocker-primary.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=7_23647541&cid=cq95u2b2r96s73flf570&lp...

5 KB
3 KB

703ms
299ms

Document
text/html

2606:4700:3031::6815:32f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dist.adblocker-primary.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=7_23647541&cid=cq95u2b2r96s73flf570&lpkey=17208f6c61580cfaa6ebf6925ae979c3c101b68917&isV2=true

Requested by

Host: ngfgbdfgvsfs.pages.dev
URL: https://ngfgbdfgvsfs.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:32f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

57e3fa267066fc1e6e465122811c8a090c832dd06d408714508e64614a05c9f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8a28c99c8ec97cf9-EWR
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 13 Jul 2024 11:03:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c8kTO%2Fn%2BnN25ace5ZV0b91PXPyGpgQDaYzf6uCNu%2FIGGt3c6HvCw45Xu8u1M5CPfxobHRPqlGJoCs%2FFg9X1qdEXwXsX1ndrajG%2F8PlDE2trG7UGvE8xEOJVlyQRrf5%2FMtpWG%2FwIRPiJ1yJDn4CbS1zPBQpzgvi46DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-powered-by: Next.js

Redirect headers

content-length: 0
date: Sat, 13 Jul 2024 11:03:37 GMT
location: https://dist.adblocker-primary.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=7_23647541&cid=cq95u2b2r96s73flf570&lpkey=17208f6c61580cfaa6ebf6925ae979c3c101b68917&isV2=true
server: Caddy
x-request-id: 4625e448-ce4d-462f-9078-6b262eaa94e4

GET
H/1.1 200
OK advertisers.js
capaciousdrewreligion.com/ 0
392 B 518ms
175ms Script
application/javascript 172.240.127.234
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://capaciousdrewreligion.com/advertisers.js

Requested by

Host: termcolonialhedwig.com
URL: https://termcolonialhedwig.com/e3/ee/b3/e3eeb3164556171217d7ee7bd57a1b90.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.240.127.234 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Jul 2024 11:03:35 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Server: nginx/1.21.6
Content-Type: application/javascript
Cache-Control: no-cache, max-age=0, private, no-cache
Connection: keep-alive
Content-Length: 0
X-Request-ID: 4ce84768fa680b2ce538cdae6ec22542
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 1658920033.png
cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/ Frame 193E 141 KB
141 KB 544ms
127ms Image
image/png 45.133.44.9
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.9 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Mon, 15 Jul 2024 11:03:35 GMT
date: Sat, 13 Jul 2024 11:03:35 GMT
last-modified: Wed, 27 Jul 2022 11:07:21 GMT
server: nginx/1.21.6
etag: "62e11c69-233fb"
content-type: image/png
cache-control: max-age=172800
accept-ranges: bytes
content-length: 144379
x-proxy-cache: HIT

GET
H/1.1 200
OK 0.php
s4.histats.com/stats/ 379 B
514 B 462ms
109ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4880801&@f16&@g1&@h1&@i1&@j1720868615214&@k0&@l1&@m&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-199168049&@b3:1720868615&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fngfgbdfgvsfs.pages.dev%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 13 Jul 2024 11:03:35 GMT
Connection: close
Content-Length: 379
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK sbar.json
visitedquarrelsomemeant.com/ 13 KB
8 KB 901ms
346ms XHR
text/plain 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://visitedquarrelsomemeant.com/sbar.json?key=4ff16b445d23bff894e2951ae3f9172d&uuid=2d07749f-d9bf-408f-9361-c8aeb2de5e16%3A1%3A1

Requested by

Host: termcolonialhedwig.com
URL: https://termcolonialhedwig.com/4f/f1/6b/4ff16b445d23bff894e2951ae3f9172d.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.5 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 13 Jul 2024 11:03:36 GMT
Custom-Referer: https://ngfgbdfgvsfs.pages.dev
Content-Encoding: gzip
Strict-Transport-Security: max-age=0; includeSubdomains
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
X-Request-ID: 6879cd99437e9cb0bb405797cb34ce56
Pragma: no-cache
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://ngfgbdfgvsfs.pages.dev
Cache-Control: no-cache, max-age=0, private, no-cache
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 /
e.dtscout.com/e/ 8 KB
4 KB 503ms
133ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fngfgbdfgvsfs.pages.dev%2F&j=
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?4880801&@f16&@g1&@h1&@i1&@j1720868615214&@k0&@l1&@m&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-199168049&@b3:1720868615&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fngfgbdfgvsfs.pages.dev%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 11:03:36 GMT
x-t: 0.21
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TVECjJWeObqTH2m0%2FNGqmiqKGWN3dFeCAtQtF9Ik31GqwfKXrAu8fqqoSpDET1fT8%2B7fGXl4mmmJlzCudLZfjijZkloQszLbUFdM%2FO3N5gihUSOEgXz9agN5AD7RrbTXWZp%2FEnnnAicDH9s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl3
cf-ray: 8a28c992a8ce1971-EWR
expires: Sat, 13 Jul 2024 11:03:35 GMT

GET
H2 200 /
t.dtscout.com/idg/ Frame 120A 0
0 470ms
163ms Document
text/html 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=4C301720868616A93018973B47BDC91B
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fngfgbdfgvsfs.pages.dev%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8a28c995d8f87cf0-EWR
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 13 Jul 2024 11:03:36 GMT
expires: Sat, 13 Jul 2024 11:03:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N1%2F0SOkZnADq0T6ja8vS0CZVD4wX5TKjLmpwGluwAf5jJT3r89j9ZA04PqFK2QMjSWe2E%2BBGF%2B6XmZZFhKB6kHpS1olXuUpTjdDGH5yK4gM3nCfrQ3tugq8HJbq%2FL4%2FxTVyn4iRCj5FXuMw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H/1.1 200
OK t.dhj
pxdrop.lijit.com/1/d/ 2 KB
2 KB 455ms
98ms Script
application/javascript 23.205.106.68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://pxdrop.lijit.com/1/d/t.dhj?cls=sync&dmn=ngfgbdfgvsfs.pages.dev&GDPR_v2=&us_privacy=&pubid=dt_scout&gpp=&gpp_sid=

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fngfgbdfgvsfs.pages.dev%2F&j=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.68 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-68.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 13 Jul 2024 11:03:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1398
Expires: Sat, 13 Jul 2024 12:03:36 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ 0
197 B 594ms
105ms Script
text/plain 3.140.62.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fngfgbdfgvsfs.pages.dev%2F&j=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.140.62.139 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-140-62-139.us-east-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 13 Jul 2024 11:03:36 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 0

GET
H2 200 afwu.js
cdn.tynt.com/ 19 KB
6 KB 405ms
99ms Script
application/javascript 172.64.153.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/afwu.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fngfgbdfgvsfs.pages.dev%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.153.173 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 11:03:36 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 Oct 2023 15:08:56 GMT
server: cloudflare
age: 235489
etag: W/"651ed188-4c00"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 8a28c9959d836992-PHL
expires: Tue, 16 Jul 2024 11:03:36 GMT

GET
H2 200 /
t.dtscout.com/pv/ 51 B
346 B 125ms
119ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=ngfgbdfgvsfs.pages.dev&_ss=2wh3dl58sb&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=6nju&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fngfgbdfgvsfs.pages.dev%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 11:03:36 GMT
x-t: 0.144
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vSKLQ5%2Fa9CHtkCHzPNVze4iw8fzKRFb%2FyCZysMyqD8CwA5ipxgk6yc3ZCtWbp6GMmArLixAIxPNEZICU3uKTEIVfNJ8PU1LBZiSH1anxKlUr%2BEBw7adY4DjzLNjUVJCo7gi%2Fl4Ce%2BVaTjv0%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 8a28c993b95f1971-EWR
expires: Sat, 13 Jul 2024 11:03:35 GMT

GET
H2 200 1648542421.html
cdn.barscreative1.com/sb/au/48/48/eb/4848ebd6f7295875a5d388ec2488aba3/ 2 KB
745 B 575ms
178ms XHR
text/html 2a02:b48:8300::3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.barscreative1.com/sb/au/48/48/eb/4848ebd6f7295875a5d388ec2488aba3/1648542421.html
Requested by: Host: termcolonialhedwig.com
URL: https://termcolonialhedwig.com/4f/f1/6b/4ff16b445d23bff894e2951ae3f9172d.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:b48:8300::3 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 12:03:36 GMT
date: Sat, 13 Jul 2024 11:03:36 GMT
content-encoding: gzip
last-modified: Tue, 29 Mar 2022 08:27:10 GMT
server: nginx/1.21.6
etag: W/"6242c2de-602"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Date
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H/1.1 200
OK ren.gif
visitedquarrelsomemeant.com/ 7 B
733 B 145ms
144ms Image
image/gif 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitedquarrelsomemeant.com/ren.gif?sid=H4sIAAAAAAAC%2F1xSz4scxRevmeTwDV%2BQ6EElIvTBQwLZSXdPd88MBswvo0s2cd3NmghCrOqqni2nu7qp6p7ezGkxGHIccvXS%2B5ls4m8iePFglFkDwoKSEQ97WQ%2F%2BA6IHLx5kZhcXfEXVe%2FXe50F9PvVubxS7xEVBd8TldCDjmJ7yG7Z1%2FLrjvGwtSFWsWWvt4EbgnbDOZlksrgl2Sean%2FGar0Qys45dev3p54aQVy56wXhNhLz1hnV%2FVaSJOOW7QsKfLWqYR1XK%2FBTL7wrXbDdd3G2274bg21vR%2FM6aowdAaeH%2BXPAPJJ089fvwuZDiGSh5eEKaXp9nJV5Mipnmq0ecPVlRPpaVCchBGuoZIPdhHIzVPLj5CqjZnnJD2%2FwUyOSH1I%2B%2BAqft7Twfrjxw3AIshFBj%2FP8r%2BGCIeQ9IxwvQWJH9CfkXIsbIMlXy%2BomQuuLWc01yYPRCdgiakLnzIcs%2Br5Ou3hJaDVFnzKhdaidxaFrovQ2GwFlWQa2PI7hhZsYV88DdkuYUwfx%2BS%2F0iunP0AKvnoiiitt1Pdg%2BQ7L7ncbrW8TjTHOyya8%2Bx2NNdpBs5c2KaCuVz4wglmokk5hozGiMUQ1NRQTLesoYjqKLI6Er5jBdQOqM28lk9d2%2BWBHzRdm0Ztz28Ju%2BO3UIRTSkPk2RBhPESo15HpdfTkELr4Dma1guF1mHxCam%2Buo88rlIKgNAQlJSglQZkTlP1qk8fGNdV9HpuCOfve3ffNapTm3Q26meZdoQioHkLzaiPbJU9PNa2t%2FrKIntixvChyAuZ5PnebLIraHU%2B4Hd%2Bhohl1nJbLYWQFaeozygM5Ic0Lx5DJCXn22GkwugUTbyGUh0CLF0HLCnS1wkA9NLRLjRKlaTA5aEgOnlbI8sPIb9Y24l3ywuxnl04%2FDxFunzny4eZvy3%2F9hFBXyHSF9%2BT3BN34zmgpLcm9pbQ05Ms3slwmckBzmarZkBz%2B5JK4Waaaz18ww4%2FPhtPCNPzsqjD5AlVcqq4hn56TnAt9MdWhIN%2FMm2uCLRZm9VyhVZEtLJ6%2FOJ9kWhgjUzUGlRNCRn8ilBNyNLs9m%2Bq5Px5B6jF0USEptsm%2BQaZbCLN1mGz7DPnhq871owwmJdDxAYZlNZRFNdIuO0jGkiAWB3fKKhhxIAIT29%2F%2BvlcbaTrtprLaMHfQ1XXQ%2FBZUUqGvK%2FTjCjQewhSHRnmmt1%2F5uTkzsLg%2BYrGu32Oxju%2FOZJ4ez8HIHavltJxW07EDL%2FLD0Is6gRd4zLPbYct1Q89DbibR3Rv%2F%2BwcAAP%2F%2FAQAA%2F%2F%2B4QFI%2F1AQAAA%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.5 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Jul 2024 11:03:36 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: image/gif
Cache-Control: no-cache, max-age=0, private, no-cache
Connection: keep-alive
Content-Length: 7
X-Request-ID: f97cf2f7a90c0e97c64d5906cbe3d9be
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK t_.htm
pxdrop.lijit.com/a/ Frame C719 0
0 772ms
193ms Document
text/html 23.205.106.83
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pxdrop.lijit.com/a/t_.htm?ver=1.1453.769&cid=c026&cls=sync
Requested by: Host: pxdrop.lijit.com
URL: https://pxdrop.lijit.com/1/d/t.dhj?cls=sync&dmn=ngfgbdfgvsfs.pages.dev&GDPR_v2=&us_privacy=&pubid=dt_scout&gpp=&gpp_sid=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.106.83 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-205-106-83.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1174
Content-Type: text/html
Date: Sat, 13 Jul 2024 11:03:37 GMT
Expires: Sat, 20 Jul 2024 11:03:37 GMT
X-Robots-Tag: noindex, nofollow

GET
H2 200 p
ic.tynt.com/b/ 35 B
648 B 782ms
179ms Image
image/gif 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1720868616685&dn=AFWU&iso=0&pu=https%3A%2F%2Fngfgbdfgvsfs.pages.dev%2F&t=ngfgbdfgvsfs.pages.dev&chmob=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 11:03:37 GMT
last-modified: Fri, 16 Apr 2010 15:38:20 GMT
server: nginx/1.16.1
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
etag: "4bc8846c-23"
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges: bytes
content-length: 35
expires: "Sat, 26 Jul 1997 05:00:00 GMT"

GET
H2 200 lt.min.js
tags.crwdcntrl.net/lt/c/3825/ 61 KB
19 KB 645ms
101ms Script
text/javascript 108.138.128.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fngfgbdfgvsfs.pages.dev%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-46.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 06:07:01 GMT
content-encoding: gzip
via: 1.1 eabcac050cde7358c94fc7ecf124ea4a.cloudfront.net (CloudFront)
last-modified: Tue, 09 Jul 2024 17:34:28 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 17797
x-amz-server-side-encryption: AES256
etag: W/"2b1260137f293c776e94562402d04f42"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 7Tu24K0uO4GPBQR2s7aKnrhoMJ7tw9LKfmVFhrylvFHduOtt-Bq-nw==

GET
H2 200 /
t.dtscdn.com/widget/ 0
597 B 701ms
158ms Script
application/javascript 2606:4700:20::ac43:4aba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=4C301720868616A93018973B47BDC91B&nid=300&p=2114454483&t=600&s=1600x1200x24&u=https%3A%2F%2Fngfgbdfgvsfs.pages.dev%2F&r=
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fngfgbdfgvsfs.pages.dev%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 11:03:37 GMT
x-t: 1.4
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NLrMTh9h0h%2BJhQdRSdO5xkbP0LLNWu4vmuKlVMdEIrcsdG%2FKPKw7c651QC%2FWSA6KYkRPSt8nnJpajbaPtZRElVGA6pFCrEVM56zn7QZfbsq9Icct78xSf0o7RPN6SBh1n55LIkpJE9xhEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web13.ny1.dtscdn.com
cf-ray: 8a28c99a5e388ce6-EWR
expires: Sat, 13 Jul 2024 10:19:02 GMT

GET

pixel
ps.eyeota.net/
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=4C301720868616A93018973B47BDC91B
https://pixel.onaudience.com/?partner=236&icm&cver&gdpr=0&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D0%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m
https://ps.eyeota.net/pixel?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=a5de4b9b282fb4be

0
0

GET
H3 200 animate.css
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/css/ 77 KB
5 KB 589ms
114ms XHR
text/css 2606:4700:3032::ac43:8d18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/css/animate.css
Requested by: Host: termcolonialhedwig.com
URL: https://termcolonialhedwig.com/4f/f1/6b/4ff16b445d23bff894e2951ae3f9172d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8d18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 11:03:37 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
server: cloudflare
etag: W/"65aa84fe-13365"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FtLKUL4ya5dLiN39fpK3En5TZ9u7CHAzfZxaxWZ5uD%2B7ptpKl20As7xzXXt7gwLNHBCm3TO9EvLDTiy%2FaB%2BDdUd1T34SjNtBNYBMtpEvGi%2FGvGxbJ%2FhgLfA8EQQgS%2Bft6tHgjjw9EbH4FOGnk0CsIzwOmLrB"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Date
cache-control: public, max-age=315360000
cf-ray: 8a28c99a58a441d3-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 style.css
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/css/ 4 KB
2 KB 588ms
114ms XHR
text/css 2606:4700:3032::ac43:8d18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/css/style.css
Requested by: Host: termcolonialhedwig.com
URL: https://termcolonialhedwig.com/4f/f1/6b/4ff16b445d23bff894e2951ae3f9172d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8d18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 11:03:37 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
server: cloudflare
etag: W/"65aa84fe-102f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jOW984IDnKK3HBkbbaTUP1lot7nOTAfbtcr%2FahuFxCCO5lm8VZWanmH7lZalB1qcy7f9syJkQi2Ucgc15VGlNq%2F6Y34ZI8y5oIAByg32slT0iCmx5HnvFPSkqYdi6s0hT5bDQdkPidsaFHztO0LTTrxuRyQ%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Date
cache-control: public, max-age=315360000
cf-ray: 8a28c99a58a341d3-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK sbls
visitedquarrelsomemeant.com/pixel/ 0
469 B 93ms
92ms Image
text/plain 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visitedquarrelsomemeant.com/pixel/sbls?bv=24.22.2032&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F48%2F48%2Feb%2F4848ebd6f7295875a5d388ec2488aba3%2F1648542421.html&l=1538&fd=577.2999992370605
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 13 Jul 2024 11:03:36 GMT
Server: nginx/1.19.5
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 877D 7 KB
1 KB 509ms
127ms Stylesheet
text/css 2607:f8b0:400d:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

Requested by

Host: termcolonialhedwig.com
URL: https://termcolonialhedwig.com/4f/f1/6b/4ff16b445d23bff894e2951ae3f9172d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 Jul 2024 11:03:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 Jul 2024 09:49:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Jul 2024 11:03:37 GMT

GET
H2 200 20fb13be6b0352fd6ab012c05bfec623e816e786f163357651d6123f4def8018.png
cdn.cloudimagesb.com/si/ Frame 877D 15 KB
15 KB 129ms
127ms Image
image/png 45.133.44.9
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cloudimagesb.com/si/20fb13be6b0352fd6ab012c05bfec623e816e786f163357651d6123f4def8018.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.9 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Mon, 15 Jul 2024 11:03:36 GMT
date: Sat, 13 Jul 2024 11:03:36 GMT
last-modified: Fri, 12 Jul 2024 09:53:32 GMT
server: nginx/1.21.6
etag: "6690fd1c-3d1f"
content-type: image/png
cache-control: max-age=172800
accept-ranges: bytes
content-length: 15647
x-proxy-cache: HIT

GET
H3 200 close.png
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/img/ Frame 877D 591 B
1 KB 469ms
99ms Image
image/png 2606:4700:3032::ac43:8d18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/img/close.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8d18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 11:03:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 328984
alt-svc: h3=":443"; ma=86400
content-length: 591
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
server: cloudflare
etag: "65aa84fe-24f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7XRnRq0zJRGzGbNAPIh3PyIqvrKnWFqQVt6ElbTwHZvUu0GYDEnDCAK3ghjfW%2B0%2B5Fiwx%2FVslt%2BMmtKfcoYBP8EkrVvwQpyRw97mftfmfEiDQ78VTsmDTri%2BdyAatg21ZkvStEwP73ugSelIv6zt%2B%2FybIqMf"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Date
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8a28c99a5947c337-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 e463071c3c0d754cffdc88cdbd17ded303672eaccc9467011c6b387399e8cc29.png
cdn.cloudimagesb.com/si/ Frame 877D 26 KB
26 KB 131ms
129ms Image
image/png 45.133.44.9
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cloudimagesb.com/si/e463071c3c0d754cffdc88cdbd17ded303672eaccc9467011c6b387399e8cc29.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.9 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Mon, 15 Jul 2024 11:03:36 GMT
date: Sat, 13 Jul 2024 11:03:36 GMT
last-modified: Fri, 12 Jul 2024 09:49:50 GMT
server: nginx/1.21.6
etag: "6690fc3e-66e7"
content-type: image/png
cache-control: max-age=172800
accept-ranges: bytes
content-length: 26343
x-proxy-cache: HIT

GET
H3 200 jquery.min.js
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/js/ Frame 877D 82 KB
30 KB 472ms
103ms Script
application/javascript 2606:4700:3032::ac43:8d18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/js/jquery.min.js
Requested by: Host: termcolonialhedwig.com
URL: https://termcolonialhedwig.com/4f/f1/6b/4ff16b445d23bff894e2951ae3f9172d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8d18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 11:03:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10510947
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
server: cloudflare
etag: W/"65aa84fe-1499c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6rli28EScdWmtuR9UTzxuXzI5CkHNntlRcBwfi17PRg0kZ0wvue3qVK5LnvQlOGW51ac9Qnq%2FJ5pJWLIEJBuOHPrgkzoS3yxt9gJ%2F4ecQvilTYSMnQ5KFe5MHl1hv%2FL2lIdHsr4H%2FZblJ2rtf8cJcHDMpq%2Fh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Date
cache-control: public, max-age=315360000
cf-ray: 8a28c99a5945c337-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 v2
de.tynt.com/deb/ 1 KB
2 KB 501ms
129ms Script
application/javascript 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&chmob=0&r=&pu=https%3A%2F%2Fngfgbdfgvsfs.pages.dev%2F
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: /
Resource Hash

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date: Sat, 13 Jul 2024 11:03:36 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type: application/javascript
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length: 1096
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 optimus_rules.json
tags.crwdcntrl.net/lt/c/3825/ 4 KB
1 KB 471ms
171ms XHR
application/json 108.138.128.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-46.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 13 Jul 2024 11:03:38 GMT
content-encoding: gzip
via: 1.1 609b92127df3778f333c9eba7213368e.cloudfront.net (CloudFront)
last-modified: Tue, 09 Jul 2024 17:34:28 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
etag: W/"f16e89fd08a708a6bd2e69be50fd30ab"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: public, max-age=86400
x-amz-cf-id: VjTruUVAC3tMPO4BBSALkDbRY6JlTpL2zGgna5Meiwe88H8DqvP04g==

GET
H/1.1 200
OK sbls
visitedquarrelsomemeant.com/pixel/ 0
469 B 90ms
90ms Image
text/plain 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visitedquarrelsomemeant.com/pixel/sbls?bv=24.22.2032&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fbig1%2Fcss%2Fstyle.css&l=4143&fd=588.2999992370605
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 13 Jul 2024 11:03:37 GMT
Server: nginx/1.19.5
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK sbls
visitedquarrelsomemeant.com/pixel/ 0
469 B 177ms
90ms Image
text/plain 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visitedquarrelsomemeant.com/pixel/sbls?bv=24.22.2032&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fbig1%2Fcss%2Fanimate.css&l=78693&fd=591.7000007629395
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 13 Jul 2024 11:03:37 GMT
Server: nginx/1.19.5
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET lotame-sync.html
cdn-tc.33across.com/ Frame DB57 0
0

GET /
lex.33across.com/ps/v1/pubtoken/ 0
0

GET dpx
i.simpli.fi/ 0
0

GET
H3 200 script.js
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/js/ 958 B
842 B 114ms
113ms XHR
application/javascript 2606:4700:3032::ac43:8d18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/js/script.js
Requested by: Host: termcolonialhedwig.com
URL: https://termcolonialhedwig.com/4f/f1/6b/4ff16b445d23bff894e2951ae3f9172d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8d18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 11:03:37 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
server: cloudflare
etag: W/"65aa84fe-3be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gMTbXLH858EyUAbi6NfDiabbR4t56hFVZTRO0%2B22HxhMgWYuaMG5h8YcnEtp35I4gpsvZInIIxmD%2BGPGicc41XQQeX0IgJrnSVKv0WJGJQdr6b6JxSknhPg32aB8Ji4K0B0CCvwKpjfulbhiUjllZ1KvLJQP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Date
cache-control: public, max-age=315360000
cf-ray: 8a28c99c1a0541d3-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK sbls
visitedquarrelsomemeant.com/pixel/ 0
469 B 90ms
89ms Image
text/plain 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visitedquarrelsomemeant.com/pixel/sbls?bv=24.22.2032&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fbig1%2Fjs%2Fscript.js&l=958&fd=114.5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 13 Jul 2024 11:03:37 GMT
Server: nginx/1.19.5
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET impr.gif
visitedquarrelsomemeant.com/ 0
0

GET
H/1.1 200
OK sbs
visitedquarrelsomemeant.com/pixel/ 0
469 B 91ms
90ms Image
text/plain 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visitedquarrelsomemeant.com/pixel/sbs?c=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: https://ngfgbdfgvsfs.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 13 Jul 2024 11:03:37 GMT
Server: nginx/1.19.5
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 877D 0
0

GET KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 877D 0
0

POST data
bcp.crwdcntrl.net/6/ 0
0

GET
H3 200 9d92a176c9608aa4.css
dist.adblocker-primary.com/_next/static/css/ 102 B
637 B 98ms
96ms Stylesheet
text/css 2606:4700:3031::6815:32f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dist.adblocker-primary.com/_next/static/css/9d92a176c9608aa4.css

Requested by

Host: dist.adblocker-primary.com
URL: https://dist.adblocker-primary.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=7_23647541&cid=cq95u2b2r96s73flf570&lpkey=17208f6c61580cfaa6ebf6925ae979c3c101b68917&isV2=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:32f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b5d584b6200dfb2ea17d372ceb88c61ee68bf6e7ae5cabed28d31952b048a10

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://dist.adblocker-primary.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=7_23647541&cid=cq95u2b2r96s73flf570&lpkey=17208f6c61580cfaa6ebf6925ae979c3c101b68917&isV2=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 11:03:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 277605
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 09 Jul 2024 22:48:43 GMT
server: cloudflare
etag: W/"66-19099af56a2"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5LQP5UhJVfPiyGXCCJaTiXVUqqYpwOV9wBb%2BPq7zrcgOqqWMw%2Fx5hQulTRILDRLaIExyddaGlBC24NL5aMiClUAeCDtdOWr4yQaI8VLa%2BTIpEm8qd53GfDCnP8MGUBOR3KJAuSrNOs05K731JG2%2FpCoIZ60Kqg9kXA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8a28c99e78077cf9-EWR

GET
H3 200 1a887580d34d99d0.css
dist.adblocker-primary.com/_next/static/css/ 40 KB
27 KB 101ms
99ms Stylesheet
text/css 2606:4700:3031::6815:32f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dist.adblocker-primary.com/_next/static/css/1a887580d34d99d0.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:32f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc7cf03ced4b5beffc775ec8d43bfc6cce84fa11eaf7685cfb41db9f92380f37

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://dist.adblocker-primary.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=7_23647541&cid=cq95u2b2r96s73flf570&lpkey=17208f6c61580cfaa6ebf6925ae979c3c101b68917&isV2=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 11:03:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 44034
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 12 Jul 2024 22:48:43 GMT
server: cloudflare
etag: W/"a133-190a9226ac0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=44vm5Fa0cmgqHvPyUv8o4O0P9V76yJO9Ylz%2FOuQH5oB0XsEMBGiZHjsVsj5BpLUgVyV9OCNz3Rz6TiUbvReteyAuQVGlUWRlPIDS3Beeg%2BkKSLDPdiBVTpvsY0xfQiqpzsQdbG0uSADjUcFHdPH2lTSyL7LQ4GLyMA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8a28c99e78097cf9-EWR

GET
H3 200 ad8990386dfe0070.css
dist.adblocker-primary.com/_next/static/css/ 7 KB
2 KB 96ms
95ms Stylesheet
text/css 2606:4700:3031::6815:32f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dist.adblocker-primary.com/_next/static/css/ad8990386dfe0070.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:32f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b77e8e9fe7d91a496cc1e814f0fa212b6cef4644f3d71710c25177e8beaa4ebd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://dist.adblocker-primary.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=7_23647541&cid=cq95u2b2r96s73flf570&lpkey=17208f6c61580cfaa6ebf6925ae979c3c101b68917&isV2=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 11:03:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 44034
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 12 Jul 2024 22:48:43 GMT
server: cloudflare
etag: W/"1bff-190a9226abc"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CRPWMsl4M%2BH5wm4lBgXddhxLiK5Lgmu8H1c1UkTGNTc3%2FF0W0fNLrT9a5LT655W4swJFXsuAPzjKUICkQmyr%2BACo1C8KximRT%2BpHVi2sbaDgA10W8jYY2WEE4H0eJeoWCXdrZuVysLq8tPDfo0u9K4eXqxn03pihJA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8a28c99e780c7cf9-EWR

GET
H3 200 6596.d42b5336ecc1e563.js Show response
dist.adblocker-primary.com/_next/static/chunks/ 10 KB
5 KB 143ms
141ms Script
application/javascript 2606:4700:3031::6815:32f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dist.adblocker-primary.com/_next/static/chunks/6596.d42b5336ecc1e563.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:32f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2e8f60005090704ef341c7edf1538b737bb97078c84efa6213f24a5ea3bd2fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://dist.adblocker-primary.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=7_23647541&cid=cq95u2b2r96s73flf570&lpkey=17208f6c61580cfaa6ebf6925ae979c3c101b68917&isV2=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 11:03:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 44034
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 12 Jul 2024 22:48:43 GMT
server: cloudflare
etag: W/"27ca-190a9226ad0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s1r5scNggaNmrhEopwu%2BgIMbZy1AqXyRIE%2FDgSDRpPpEwmGf1xgsS71X6U25ZbWFVJd5nLWi9llS%2BsYpxCFKYuiZhfK88cLqiwxpUjtaHr8QBUTu1UX8E%2FLWW6SZiIUlwGLgpznJI1NnYlr5BjWo1uCcEVOQ4m2Jqg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8a28c99ec83c7cf9-EWR

GET
H3 200 webpack-31ac0e55645cbfef.js Show response
dist.adblocker-primary.com/_next/static/chunks/ 11 KB
6 KB 143ms
140ms Script
application/javascript 2606:4700:3031::6815:32f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dist.adblocker-primary.com/_next/static/chunks/webpack-31ac0e55645cbfef.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:32f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02352ade3ed429738e5736f4b74234809e0b9c2d428a1e4a490ad699d02aabfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://dist.adblocker-primary.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=7_23647541&cid=cq95u2b2r96s73flf570&lpkey=17208f6c61580cfaa6ebf6925ae979c3c101b68917&isV2=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 11:03:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 44034
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 12 Jul 2024 22:48:43 GMT
server: cloudflare
etag: W/"2c33-190a9226ac8"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Birpy1rVHWl8EvB0XTsKPfWJqCRkaq3gIIjl9ulW33jAAK95mgfyjE5iQhzb%2FnktF8jyGeHaREY%2FO9u6VybVYcGgcyw6kdv0ep6mU8WWCXILDQ6XzJVIhLNS2LWV%2FPD2BSkaWrPsHh8Fu0Y5YpD%2Bk%2BqAk538KoM06w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8a28c99ed83e7cf9-EWR

GET
H3 200 framework-3671d8951bf44e4e.js Show response
dist.adblocker-primary.com/_next/static/chunks/ 138 KB
45 KB 144ms
141ms Script
application/javascript 2606:4700:3031::6815:32f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dist.adblocker-primary.com/_next/static/chunks/framework-3671d8951bf44e4e.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:32f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1845c289c582dd2b58a3ab7f8eadb695ebabbfe7a2685e5f9012ae16e0541580

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://dist.adblocker-primary.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=7_23647541&cid=cq95u2b2r96s73flf570&lpkey=17208f6c61580cfaa6ebf6925ae979c3c101b68917&isV2=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 11:03:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 277603
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 09 Jul 2024 22:48:43 GMT
server: cloudflare
etag: W/"226fd-19099af56a6"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M%2FCaUqKBJD9HYFoq9pu5QebsO0TTiya9aG8ymP4AmlcZX4QqorHduf4%2BPmKGcXg%2BAirk8ggY48Uw83r1wRcr%2Bl67YcP70sNf7Xxmh9l3oFP5GiEW%2B1SHHnIzqJEqPcpARDSTefbBLcZ8H1iO4rVhzO2t87I7KLtUPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8a28c99ed8417cf9-EWR

GET
H3 200 main-403c8612371c9360.js Show response
dist.adblocker-primary.com/_next/static/chunks/ 87 KB
27 KB 144ms
142ms Script
application/javascript 2606:4700:3031::6815:32f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dist.adblocker-primary.com/_next/static/chunks/main-403c8612371c9360.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:32f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0514cea519259a90ef195e663ef8f544520a3b08a3e3986179e7e43a56cfba1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://dist.adblocker-primary.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=7_23647541&cid=cq95u2b2r96s73flf570&lpkey=17208f6c61580cfaa6ebf6925ae979c3c101b68917&isV2=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 11:03:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 277603
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 09 Jul 2024 22:48:43 GMT
server: cloudflare
etag: W/"15cff-19099af56a6"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n7AD%2BVtcUlBSm3fzO%2Fr5alOqm7WN%2FsuVBld8SLL42f3Lj4pMTipDNU%2BhSNsMAktEiy0I9r6meo4eMeVeQ786svYjdK5WAN6rbV1vIJoGFIzpAKSHqXafxrw5ptAySaIHuUvRwwJF8WrIzIkHetI5UC8wRdvad2FqLw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8a28c99ed8437cf9-EWR

GET
H3 200 _app-d3c75f491442b0e4.js Show response
dist.adblocker-primary.com/_next/static/chunks/pages/ 19 KB
9 KB 143ms
141ms Script
application/javascript 2606:4700:3031::6815:32f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dist.adblocker-primary.com/_next/static/chunks/pages/_app-d3c75f491442b0e4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:32f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

220d0bd05fc1091df3cc3395eb392f56bc3d13aa18e8b69a120099e125ccb7e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://dist.adblocker-primary.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=7_23647541&cid=cq95u2b2r96s73flf570&lpkey=17208f6c61580cfaa6ebf6925ae979c3c101b68917&isV2=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 11:03:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 277603
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 09 Jul 2024 22:48:43 GMT
server: cloudflare
etag: W/"4d46-19099af56a6"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LIZUepzpNN1F2%2BQkfFGfgVA2Ym8WCwnnQqiUj%2Fb7MrgSrFFzLkgGc0UieLKUDHA7ZMYEHdD7ZRMOgxNyFLBQyUdvQUazZdRN8QOmRbZkdeU5QM1R7W9s60ZYXK1EzkiiVuMzjyROdwt%2FHQIGmgTlSp%2BzU92453v%2F%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8a28c99ed8447cf9-EWR

GET
H3 200 7928-6e8183f4e95131e5.js Show response
dist.adblocker-primary.com/_next/static/chunks/ 99 KB
33 KB 321ms
319ms Script
application/javascript 2606:4700:3031::6815:32f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dist.adblocker-primary.com/_next/static/chunks/7928-6e8183f4e95131e5.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:32f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee5ca3e1f32600cc76ca445878fa949f8a076431eda8b3ba101b85b4936875d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://dist.adblocker-primary.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=7_23647541&cid=cq95u2b2r96s73flf570&lpkey=17208f6c61580cfaa6ebf6925ae979c3c101b68917&isV2=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 11:03:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 277603
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 09 Jul 2024 22:48:43 GMT
server: cloudflare
etag: W/"18c05-19099af56a6"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IoNtWHohzexfWViya0sJh6Zqkkv6pnVpNpx2o71gWc22%2Fh9FkMkXw2P1H0hLWiYkjz5brGqmLGYah5m9zAmO2SI3Li40BER52vHGNdnB40exsrtv4tTfgLjLwZPELKsE9Bx7eBP5s2hJqM7gDhWJGE%2Fy3YdZpyL99A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8a28c99ed8457cf9-EWR

GET
H3 200 index-1076a7daed155eb2.js Show response
dist.adblocker-primary.com/_next/static/chunks/pages/ 23 KB
10 KB 403ms
401ms Script
application/javascript 2606:4700:3031::6815:32f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dist.adblocker-primary.com/_next/static/chunks/pages/index-1076a7daed155eb2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:32f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d06e008798192b7a2237887b371ea473947fe0e17b4d119bf616e33c0260923

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://dist.adblocker-primary.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=7_23647541&cid=cq95u2b2r96s73flf570&lpkey=17208f6c61580cfaa6ebf6925ae979c3c101b68917&isV2=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 11:03:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 44034
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 12 Jul 2024 22:48:43 GMT
server: cloudflare
etag: W/"5d9b-190a9226ac8"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aMDmE%2FVnKoU89wJVlX0CFsHEhBxA6daDN3EMUW8jsYPJh8I6Xe2pU3ul%2F2n69Xc8d%2BULNyn%2F%2FeuBXYxbsEgkYjsXYbMoXXmu1z4dAe3Da%2FXZPvBIhrUur0mjvRb4PAzOrZZkgsY%2FAwIK3Es9iVNMsP2UaNwCynZ%2Btg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8a28c99ed8467cf9-EWR

GET
H3 200 _buildManifest.js Show response
dist.adblocker-primary.com/_next/static/V0V6nMBrrGxfmrbH_0gj6/ 1 KB
1 KB 403ms
402ms Script
application/javascript 2606:4700:3031::6815:32f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dist.adblocker-primary.com/_next/static/V0V6nMBrrGxfmrbH_0gj6/_buildManifest.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:32f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3319b89a72ed2a021836f483225059dba26d014c5c8521793b51a50eaa908d2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://dist.adblocker-primary.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=7_23647541&cid=cq95u2b2r96s73flf570&lpkey=17208f6c61580cfaa6ebf6925ae979c3c101b68917&isV2=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 11:03:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 44034
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 12 Jul 2024 22:48:43 GMT
server: cloudflare
etag: W/"40a-190a9226ad0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GSFegW5k1rnk6Z3QyLnkQgfD93%2BKoYMIbwT7HVh069rTJrUkOydBGdmYtm7kQ9OWpd88JeRTZlpjCyfjJW%2BKi%2FxtBlcYP%2BqNl6j2AUtZIL77xQ5j1AwoW7exgdohbVf%2B%2FDKSUnJIxIwoS2k82DKtWuzFA6H8f0RVTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8a28c99ed8477cf9-EWR

GET
H3 200 _ssgManifest.js Show response
dist.adblocker-primary.com/_next/static/V0V6nMBrrGxfmrbH_0gj6/ 77 B
612 B 404ms
403ms Script
application/javascript 2606:4700:3031::6815:32f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dist.adblocker-primary.com/_next/static/V0V6nMBrrGxfmrbH_0gj6/_ssgManifest.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:32f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://dist.adblocker-primary.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=7_23647541&cid=cq95u2b2r96s73flf570&lpkey=17208f6c61580cfaa6ebf6925ae979c3c101b68917&isV2=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 11:03:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 44034
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 12 Jul 2024 22:48:43 GMT
server: cloudflare
etag: W/"4d-190a9226ad0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9ajprrM2av28GT7xhJENSIMcRgZtdodHkuTDUBcA4sb%2FYQD9mW8gNXd4vW8Jwt0pGGfa1Vz4JWC5a4FYPl3nkmxgS10XTL9rSd2bKOh0MBOZ3BIOc2DRM3lIffadmypyi6xg6tV4uw6XPuBfNXhTkAP5nsGbqL6iUg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8a28c99ed8487cf9-EWR

GET
H3 200 icon.svg
dist.adblocker-primary.com/images/promo-images/salmon/ 3 KB
2 KB 186ms
184ms Image
image/svg+xml 2606:4700:3031::6815:32f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dist.adblocker-primary.com/images/promo-images/salmon/icon.svg

Requested by

Host: dist.adblocker-primary.com
URL: https://dist.adblocker-primary.com/_next/static/css/ad8990386dfe0070.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:32f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4abf215f3a2e97a09a6bbbcce397edebe274eb2f4d30017d51538db5d8ce8bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://dist.adblocker-primary.com/_next/static/css/ad8990386dfe0070.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 11:03:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 12 Jul 2024 22:48:28 GMT
server: cloudflare
etag: W/"a60-190a9222eb4"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LO%2B1N3vfQHhQctk24JfIUdy0pVRdASmyXSlhVWx%2BtMHfRXgyP4ylsc7m1%2BTtGn5JIAJPHeb%2FxyZGkEDpqNF%2FDH%2BH6OWNsz%2BsoR64GV4%2BATkcKgpbxTMVwxNibA7DqeKsXwF8%2FWWWXmHw8TNcvzqJss1C9X1DNkfrtw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
cf-ray: 8a28c9a0497f7cf9-EWR

GET
H3 200 available-in-chrome.svg
dist.adblocker-primary.com/images/browser-icons/ 12 KB
5 KB 189ms
187ms Image
image/svg+xml 2606:4700:3031::6815:32f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dist.adblocker-primary.com/images/browser-icons/available-in-chrome.svg

Requested by

Host: dist.adblocker-primary.com
URL: https://dist.adblocker-primary.com/_next/static/css/1a887580d34d99d0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:32f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed7d9565486a66ea74ca2944c02ba502f78fd8e56052a18c9407d61d7442460f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://dist.adblocker-primary.com/_next/static/css/1a887580d34d99d0.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 11:03:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 12 Jul 2024 22:48:28 GMT
server: cloudflare
etag: W/"309d-190a9222e94"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z7uBYgjjwNB8EgNNgUOus8XNd%2BsDAFlZoQ3Ht9WkwzvaswlIrktEoyMNRKfk3KyxiXn%2FHFfl8qb%2FY6kKx7phRUkkdDBmINz4NSLtwddgNfRVs5mzq91IcIR8tO6B7g60zbE8sA1G2D7KWEQmDWzGsIe%2FxYgJ7WJh3A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
cf-ray: 8a28c9a049807cf9-EWR

GET
H3 200 627622453ef56b0d.p.woff2
dist.adblocker-primary.com/_next/static/media/ 11 KB
11 KB 158ms
158ms Font
font/woff2 2606:4700:3031::6815:32f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dist.adblocker-primary.com/_next/static/media/627622453ef56b0d.p.woff2

Requested by

Host: dist.adblocker-primary.com
URL: https://dist.adblocker-primary.com/_next/static/css/ad8990386dfe0070.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:32f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://dist.adblocker-primary.com/_next/static/css/ad8990386dfe0070.css
Origin: https://dist.adblocker-primary.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 11:03:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 277603
alt-svc: h3=":443"; ma=86400
content-length: 11072
last-modified: Tue, 09 Jul 2024 22:48:43 GMT
server: cloudflare
etag: W/"2b40-19099af56a2"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XcN3ZsobFpEjv3h00LgSG%2FXAFMBzlAfJkG9bPIkiyuaywIPelQOUk8UPbOQIOTQs32aah0cVnKUfY9wWmA%2Fe5o7Ug1awFavE3qmtAByTWPMZsWNNOmBjBgNr%2BqZ%2FlsNGrFX68AY2073IZBK5NbkqwdNkT%2BqNgF%2F55A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 8a28c9a0598b7cf9-EWR

GET
H3 200 934c4b7cb736f2a3.p.woff2
dist.adblocker-primary.com/_next/static/media/ 11 KB
11 KB 160ms
159ms Font
font/woff2 2606:4700:3031::6815:32f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dist.adblocker-primary.com/_next/static/media/934c4b7cb736f2a3.p.woff2

Requested by

Host: dist.adblocker-primary.com
URL: https://dist.adblocker-primary.com/_next/static/css/ad8990386dfe0070.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:32f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://dist.adblocker-primary.com/_next/static/css/ad8990386dfe0070.css
Origin: https://dist.adblocker-primary.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 11:03:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 214838
alt-svc: h3=":443"; ma=86400
content-length: 11028
last-modified: Wed, 10 Jul 2024 22:48:33 GMT
server: cloudflare
etag: W/"2b14-1909ed58a23"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=19W%2BMcg%2BoVgNzNVlFxSuQ%2FL9CAfxQUqE5ecXvdpkufMSCR89d1Zm62reY9ue%2FRJAp0aeADoDTINae73LKnITJbDYnDaPElJ9fILLi6DLoHrLVG5LdOhLmv0ua7vg2keWEziBVqJC%2BI1qwiku3QsHnxYtt6wwSpz0tw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 8a28c9a0598d7cf9-EWR

GET click
excellingvista.com/ 0
0

GET
H3 200 favicon.ico
dist.adblocker-primary.com/images/extension-icons/primary-adblock/ 15 KB
5 KB 184ms
184ms Other
image/x-icon 2606:4700:3031::6815:32f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dist.adblocker-primary.com/images/extension-icons/primary-adblock/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:32f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2dc86bcb63b4c5f30ab4a584acceca2f83aa7da547791e47e87e28f21f6675f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://dist.adblocker-primary.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=7_23647541&cid=cq95u2b2r96s73flf570&lpkey=17208f6c61580cfaa6ebf6925ae979c3c101b68917&isV2=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 11:03:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 12 Jul 2024 22:48:28 GMT
server: cloudflare
etag: W/"3c2e-190a9222ea0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/x-icon
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NgNOOh4G7i5Agp4vEYQQaVPPuWG%2Bs4GWBAPUtZ53fq9UptTJHIss1EyOCNYcWogYwhOi8DHSbNBLtLvTbSKyX9V%2FCOegj3jmFm6igB1%2BeOAiDs4i3ZY%2Fi53uy7b906%2FKGTT0HbDiZX5Ib7iPVAqHe0bSe%2F2A%2BnrHBw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
cf-ray: 8a28c9a1aa797cf9-EWR

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ps.eyeota.net
URL: https://ps.eyeota.net/pixel?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=a5de4b9b282fb4be

Domain: cdn-tc.33across.com
URL: https://cdn-tc.33across.com/lotame-sync.html

Domain: lex.33across.com
URL: https://lex.33across.com/ps/v1/pubtoken/?pid=128&us_privacy=&rnd=1720868617383.1&ru=https%3A%2F%2Flive.rezync.com%2Fsync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3Dcab5a4722e64fa65aba8e60b6da5d556%26pcat%3D%26pdev%3D%26pctry%3DUS%26referrer%3Dhttps%253A%252F%252Fngfgbdfgvsfs.pages.dev%252F%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cache_buster%3D%24%7BRANDOM%7D%26custom1%3D%24%7BPUBTOK%7D

Domain: i.simpli.fi
URL: https://i.simpli.fi/dpx?cid=11411&us_privacy=&33random=1720868617383.2&ref=

Domain: i.simpli.fi
URL: https://i.simpli.fi/dpx?cid=11411&us_privacy=&33random=1720868617383.4&ref=

Domain: visitedquarrelsomemeant.com
URL: https://visitedquarrelsomemeant.com/impr.gif?sid=H4sIAAAAAAAC%2F1xSz4scxRevmeTwDV%2BQ6EElIvTBQwLZSXdPd88MBswvo0s2cd3NmghCrOqqni2nu7qp6p7ezGkxGHIccvXS%2B5ls4m8iePFglFkDwoKSEQ97WQ%2F%2BA6IHLx5kZhcXfEXVe%2FXe50F9PvVubxS7xEVBd8TldCDjmJ7yG7Z1%2FLrjvGwtSFWsWWvt4EbgnbDOZlksrgl2Sean%2FGar0Qys45dev3p54aQVy56wXhNhLz1hnV%2FVaSJOOW7QsKfLWqYR1XK%2FBTL7wrXbDdd3G2274bg21vR%2FM6aowdAaeH%2BXPAPJJ089fvwuZDiGSh5eEKaXp9nJV5Mipnmq0ecPVlRPpaVCchBGuoZIPdhHIzVPLj5CqjZnnJD2%2FwUyOSH1I%2B%2BAqft7Twfrjxw3AIshFBj%2FP8r%2BGCIeQ9IxwvQWJH9CfkXIsbIMlXy%2BomQuuLWc01yYPRCdgiakLnzIcs%2Br5Ou3hJaDVFnzKhdaidxaFrovQ2GwFlWQa2PI7hhZsYV88DdkuYUwfx%2BS%2F0iunP0AKvnoiiitt1Pdg%2BQ7L7ncbrW8TjTHOyya8%2Bx2NNdpBs5c2KaCuVz4wglmokk5hozGiMUQ1NRQTLesoYjqKLI6Er5jBdQOqM28lk9d2%2BWBHzRdm0Ztz28Ju%2BO3UIRTSkPk2RBhPESo15HpdfTkELr4Dma1guF1mHxCam%2Buo88rlIKgNAQlJSglQZkTlP1qk8fGNdV9HpuCOfve3ffNapTm3Q26meZdoQioHkLzaiPbJU9PNa2t%2FrKIntixvChyAuZ5PnebLIraHU%2B4Hd%2Bhohl1nJbLYWQFaeozygM5Ic0Lx5DJCXn22GkwugUTbyGUh0CLF0HLCnS1wkA9NLRLjRKlaTA5aEgOnlbI8sPIb9Y24l3ywuxnl04%2FDxFunzny4eZvy3%2F9hFBXyHSF9%2BT3BN34zmgpLcm9pbQ05Ms3slwmckBzmarZkBz%2B5JK4Waaaz18ww4%2FPhtPCNPzsqjD5AlVcqq4hn56TnAt9MdWhIN%2FMm2uCLRZm9VyhVZEtLJ6%2FOJ9kWhgjUzUGlRNCRn8ilBNyNLs9m%2Bq5Px5B6jF0USEptsm%2BQaZbCLN1mGz7DPnhq871owwmJdDxAYZlNZRFNdIuO0jGkiAWB3fKKhhxIAIT29%2F%2BvlcbaTrtprLaMHfQ1XXQ%2FBZUUqGvK%2FTjCjQewhSHRnmmt1%2F5uTkzsLg%2BYrGu32Oxju%2FOZJ4ez8HIHSv0wqDptP1mxHmHUb9lu67d8sJO27OZy33kZhLdvfG%2FfwAAAP%2F%2FAQAA%2F%2F8Rb4wf1AQAAA%3D%3D

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Domain: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/6/data

Domain: excellingvista.com
URL: https://excellingvista.com/click?upd_clickid=cq95u2b2r96s73flf570&add_event6=1

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

64 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
termcolonialhedwig.com/e3/ee/b3	1970-01-20 22:11:13	Name: 4b4e7ab587d59b22ad7bcd2439afc363_CP-107-70 Value: 1
proftrafficcounter.com/	1970-01-21 07:37:08	Name: uid_id2 Value: 2d07749f-d9bf-408f-9361-c8aeb2de5e16:1:1
ngfgbdfgvsfs.pages.dev/	1970-01-20 22:11:13	Name: dom3ic8zudi28v8lr6fgphwffqoz0j6c Value: 2d07749f-d9bf-408f-9361-c8aeb2de5e16%3A1%3A1
criticizewiggle.com/	1970-01-20 22:02:35	Name: u_pl Value: 23647541
criticizewiggle.com/	1970-01-20 22:01:08	Name: ain Value: eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMzY0NzU0MSwiayI6IjE4NTJmYThiNzFlMzM1OGNjOGVhNmRjMDc2ZWQ2MTIxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozMzU5NzcwLCJwaWQiOjE0NDg1MDgsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjoyMywicHQiOjQsInBrIjoidWN4Y2NyaW4iLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjQ3ODQyMTQ0LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjEzMzQ2OCwiYm4iOiJDaHJvbWUiLCJidiI6IjEyNiIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjIyMywiYyI6IlVTIiwibiI6IlVuaXRlZCBTdGF0ZXMifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJWZXJpem9uIEludGVybmV0IFNlcnZpY2VzIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9uZ2ZnYmRmZ3ZzZnMucGFnZXMuZGV2LyIsImFyIjpbXX19.JqU47m8EvTsWdC_EcBRpK285U0-FkXoUupzVt2SsoqY
legitimatepowers.com/	1970-01-20 22:02:35	Name: u_pl Value: 21772448
legitimatepowers.com/	1970-01-20 22:01:08	Name: ain Value: eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMTc3MjQ0OCwiayI6IjZiN2IxNzgzODg3ODg3ZmRmYjI5NDQ5YzJiNWJjMGM1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozMzU5NzcwLCJwaWQiOjE0NDg1MDgsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJkZThiMWN1MGoiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjQ3ODQyMTQ0LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjEzMzQ2OCwiYm4iOiJDaHJvbWUiLCJidiI6IjEyNiIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjIyMywiYyI6IlVTIiwibiI6IlVuaXRlZCBTdGF0ZXMifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJWZXJpem9uIEludGVybmV0IFNlcnZpY2VzIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9uZ2ZnYmRmZ3ZzZnMucGFnZXMuZGV2LyIsImFyIjpbXX19.s2k5toLzBflDIwfiBuLJ5JZhlECCJXp-pwuKMHv7OZc
ngfgbdfgvsfs.pages.dev/	1970-01-20 22:01:15	Name: pp_main_e3eeb3164556171217d7ee7bd57a1b90 Value: 1
criticizewiggle.com/	1970-01-20 22:11:13	Name: uid_id2 Value: 5f20d3ea-026e-4eb3-8ce0-a4e2f45f5121:1:1
criticizewiggle.com/	1970-01-20 22:02:35	Name: iprccdb57684523954dd9a2cc57c5d07ec81 Value: 4767887
criticizewiggle.com/	1970-01-20 22:02:35	Name: pdhtkv Value: true
criticizewiggle.com/	1970-01-20 22:02:35	Name: uncs Value: 1
criticizewiggle.com/	1970-01-20 22:02:35	Name: pdhtkv23 Value: true
criticizewiggle.com/	1970-01-20 22:02:35	Name: uncs23 Value: 1
legitimatepowers.com/	1970-01-20 22:11:13	Name: uid_id2 Value: 2d07749f-d9bf-408f-9361-c8aeb2de5e16:1:1
legitimatepowers.com/	1970-01-20 22:01:23	Name: iprc3003509fadfc9138b69203f1c6ca6ef8 Value: 3569806
legitimatepowers.com/	1970-01-20 22:02:35	Name: pdhtkv Value: true
legitimatepowers.com/	1970-01-20 22:02:35	Name: uncs Value: 1
legitimatepowers.com/	1970-01-20 22:02:35	Name: pdhtkv5 Value: true
legitimatepowers.com/	1970-01-20 22:02:35	Name: uncs5 Value: 1
ngfgbdfgvsfs.pages.dev/	1970-01-21 06:46:44	Name: HstCfa4880801 Value: 1720868615214
ngfgbdfgvsfs.pages.dev/	1970-01-21 06:46:44	Name: HstCla4880801 Value: 1720868615214
ngfgbdfgvsfs.pages.dev/	1970-01-21 06:46:44	Name: HstCmu4880801 Value: 1720868615214
ngfgbdfgvsfs.pages.dev/	1970-01-21 06:46:44	Name: HstPn4880801 Value: 1
ngfgbdfgvsfs.pages.dev/	1970-01-21 06:46:44	Name: HstPt4880801 Value: 1
ngfgbdfgvsfs.pages.dev/	1970-01-21 06:46:44	Name: HstCnv4880801 Value: 1
ngfgbdfgvsfs.pages.dev/	1970-01-21 06:46:44	Name: HstCns4880801 Value: 1
ngfgbdfgvsfs.pages.dev/	1970-01-20 22:01:15	Name: sb_main_4ff16b445d23bff894e2951ae3f9172d Value: 1
ngfgbdfgvsfs.pages.dev/	1970-01-20 22:01:15	Name: sb_count_4ff16b445d23bff894e2951ae3f9172d Value: 1
.dtscout.com/	1970-01-20 22:01:13	Name: m Value: 1
.dtscout.com/	1970-01-20 22:01:12	Name: st Value: 1
.dtscout.com/	1970-01-21 00:25:08	Name: df Value: 1720868616
.dtscout.com/	1970-01-21 00:09:18	Name: l Value: 4C301720868616A93018973B47BDC91B
visitedquarrelsomemeant.com/	1970-01-20 22:02:35	Name: u_pl Value: 23647568
visitedquarrelsomemeant.com/	1970-01-20 22:11:13	Name: uid_id2 Value: 2d07749f-d9bf-408f-9361-c8aeb2de5e16:1:1
visitedquarrelsomemeant.com/	1970-01-20 22:02:35	Name: pdhtkv Value: true
visitedquarrelsomemeant.com/	1970-01-20 22:02:35	Name: uncs Value: 1
visitedquarrelsomemeant.com/	1970-01-20 22:02:35	Name: pdhtkv29 Value: true
visitedquarrelsomemeant.com/	1970-01-20 22:02:35	Name: uncs29 Value: 1
ngfgbdfgvsfs.pages.dev/	1970-01-20 22:01:08	Name: pbpr0tpuw4isk85t8yg3jb2lj5vqf Value: visitedquarrelsomemeant.com
tracking.trackingshub.com/	1970-01-21 06:46:44	Name: afclick Value: 66925f08c065450001c860ec
tracking.trackingshub.com/	1970-01-21 06:46:44	Name: afoffers Value: {"2435225":1720868616}
.lijit.com/	1970-01-20 22:02:35	Name: lijitAcc3PC Value: 1
.ngfgbdfgvsfs.pages.dev/	1970-01-21 00:06:25	Name: __dtsu Value: 4C301720868616A93018973B47BDC91B
excellingvista.com/	1970-01-21 06:46:44	Name: uclick Value: zr6OlgxdMdg11+T9bWCYv6A6ePsIcaKjGrdBo1iRyAbqpMOGHg+q0RZ7xn/rIH7dCN9/Sdw=
excellingvista.com/	1970-01-21 06:46:44	Name: bcid Value: cq95u2b2r96s73flf570
excellingvista.com/	1970-01-21 06:46:44	Name: cid Value: cq95u2b2r96s73flf570
.tynt.com/	1970-01-21 00:10:44	Name: pids Value: %5B%7B%22p%22%3A%224bbb341d17%22%2C%22f%22%3A1%2C%22ts%22%3A1720868617383%7D%2C%7B%22p%22%3A%22b1b5df9b98%22%2C%22f%22%3A1%2C%22ts%22%3A1720868617383%7D%2C%7B%22p%22%3A%22e9b03986ff%22%2C%22f%22%3A2%2C%22ts%22%3A1720868617383%7D%5D
.dtscdn.com/	1970-01-21 02:18:54	Name: uid Value: 4C301720868616A93018973B47BDC91B
.onaudience.com/	1970-01-21 06:46:44	Name: cookie Value: 9ec74f0b59d8a9c7
.onaudience.com/	1970-01-20 22:02:35	Name: done_redirects236 Value: 1
.tynt.com/	1970-01-21 06:46:44	Name: uid Value: CoIKTGaSXwlpk4lrBtNYAg==
.ngfgbdfgvsfs.pages.dev/	1970-01-20 22:01:08	Name: lotame_domain_check Value: ngfgbdfgvsfs.pages.dev
.adblocker-primary.com/	1970-01-21 07:37:08	Name: extension Value: primary_adb
.adblocker-primary.com/	1970-01-21 07:37:08	Name: promo Value: salmon
.adblocker-primary.com/	1970-01-21 07:37:08	Name: big Value: none
.adblocker-primary.com/	1970-01-21 07:37:08	Name: clk_domain Value: excellingvista.com
.adblocker-primary.com/	1970-01-21 07:37:08	Name: flow Value: binom
.adblocker-primary.com/	1970-01-21 07:37:08	Name: campaignId Value: 10659
.adblocker-primary.com/	1970-01-21 07:37:08	Name: trafficsource Value: 29
.adblocker-primary.com/	1970-01-21 07:37:08	Name: src Value: 7_23647541
.adblocker-primary.com/	1970-01-21 07:37:08	Name: cid Value: cq95u2b2r96s73flf570
.adblocker-primary.com/	1970-01-21 07:37:08	Name: lpkey Value: 17208f6c61580cfaa6ebf6925ae979c3c101b68917
.adblocker-primary.com/	1970-01-21 07:37:08	Name: isV2 Value: true

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://iklanku.my.id/get/site/js/5ca982ecc2ff5fe457ce43b19269eb47(Line 7) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://termcolonialhedwig.com/1852fa8b71e3358cc8ea6dc076ed6121/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://iklanku.my.id/get/site/js/5ca982ecc2ff5fe457ce43b19269eb47(Line 7) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://termcolonialhedwig.com/1852fa8b71e3358cc8ea6dc076ed6121/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://iklanku.my.id/get/site/js/0f01decb1a3167f40bc38be4e1fcb5d2(Line 7) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://termcolonialhedwig.com/6b7b1783887887fdfb29449c2b5bc0c5/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://iklanku.my.id/get/site/js/0f01decb1a3167f40bc38be4e1fcb5d2(Line 7) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://termcolonialhedwig.com/6b7b1783887887fdfb29449c2b5bc0c5/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ngfgbdfgvsfs.pages.dev/(Line 146) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://suggestqueries.google.com/complete/search?jsonp=autoRelated&hl=en&client=firefox&q=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ngfgbdfgvsfs.pages.dev/(Line 146) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://suggestqueries.google.com/complete/search?jsonp=autoRelated&hl=en&client=firefox&q=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://iklanku.my.id/get/site/js/969ad501421096b7240bc54c6fdda1de Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://termcolonialhedwig.com/e3/ee/b3/e3eeb3164556171217d7ee7bd57a1b90.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://iklanku.my.id/get/site/js/969ad501421096b7240bc54c6fdda1de Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://termcolonialhedwig.com/e3/ee/b3/e3eeb3164556171217d7ee7bd57a1b90.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://tse1.mm.bing.net/th?q= Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://iklanku.my.id/get/site/js/55d2b2a58bea47e5053fb181d3a85e81 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://termcolonialhedwig.com/4f/f1/6b/4ff16b445d23bff894e2951ae3f9172d.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://iklanku.my.id/get/site/js/55d2b2a58bea47e5053fb181d3a85e81 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://termcolonialhedwig.com/4f/f1/6b/4ff16b445d23bff894e2951ae3f9172d.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	error	URL: https://dist.adblocker-primary.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=7_23647541&cid=cq95u2b2r96s73flf570&lpkey=17208f6c61580cfaa6ebf6925ae979c3c101b68917&isV2=true Message: Access to XMLHttpRequest at 'https://excellingvista.com/click?upd_clickid=cq95u2b2r96s73flf570&add_event6=1' from origin 'https://dist.adblocker-primary.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://excellingvista.com/click?upd_clickid=cq95u2b2r96s73flf570&add_event6=1 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3.bp.blogspot.com
bcp.crwdcntrl.net
capaciousdrewreligion.com
cdn-tc.33across.com
cdn.barscreative1.com
cdn.cloudimagesb.com
cdn.creative-bars1.com
cdn.tynt.com
cdnjs.cloudflare.com
criticizewiggle.com
de.tynt.com
dist.adblocker-primary.com
e.dtscout.com
excellingvista.com
fonts.googleapis.com
fonts.gstatic.com
hysteriaethicalsewer.com
i.simpli.fi
ic.tynt.com
iklanku.my.id
legitimatepowers.com
lex.33across.com
ngfgbdfgvsfs.pages.dev
pd.sharethis.com
proftrafficcounter.com
ps.eyeota.net
pxdrop.lijit.com
recordedthereby.com
s10.histats.com
s4.histats.com
suggestqueries.google.com
t.dtscdn.com
t.dtscout.com
tags.crwdcntrl.net
termcolonialhedwig.com
tracking.trackingshub.com
tse1.mm.bing.net
visitedquarrelsomemeant.com
bcp.crwdcntrl.net
cdn-tc.33across.com
excellingvista.com
fonts.gstatic.com
i.simpli.fi
lex.33across.com
ps.eyeota.net
visitedquarrelsomemeant.com
108.138.128.46
149.56.240.128
172.240.108.76
172.240.108.84
172.240.127.234
172.64.153.173
192.243.59.12
192.243.59.13
23.205.106.68
23.205.106.83
2606:4700:10::6814:1247
2606:4700:20::ac43:4aba
2606:4700:21::8d65:780a
2606:4700:3031::6815:32f1
2606:4700:3032::ac43:8d18
2606:4700:3033::ac43:d0d9
2606:4700:3037::ac43:ad5f
2606:4700:310c::ac42:2edc
2606:4700::6811:180e
2607:f8b0:4004:c06::71
2607:f8b0:400d:c03::84
2607:f8b0:400d:c04::5f
2620:1ec:33:1::10
2a02:b48:8300::3
3.140.62.139
34.197.85.220
35.204.193.90
45.133.44.9
52.58.28.63
67.202.105.31
67.202.105.33
02352ade3ed429738e5736f4b74234809e0b9c2d428a1e4a490ad699d02aabfb
0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4
0514cea519259a90ef195e663ef8f544520a3b08a3e3986179e7e43a56cfba1a
1845c289c582dd2b58a3ab7f8eadb695ebabbfe7a2685e5f9012ae16e0541580
216ffe9f77dd0e5da2b0275bbf2a6c0b9cc620f06cc25f1cbfcfb6af7ce1f67b
220167dce7a98360a59680034f9d479d757394a8684a42da8f035478c625acee
220d0bd05fc1091df3cc3395eb392f56bc3d13aa18e8b69a120099e125ccb7e0
275745104677297a63ad9f4f4ddb18d38d0a36c7023ce6dd25fea97223d462b2
2dc86bcb63b4c5f30ab4a584acceca2f83aa7da547791e47e87e28f21f6675f4
31f2d9cc410edfc160dd1c2786fed7f5ea7a9e184f91579b16fcd76e95dbd17d
3319b89a72ed2a021836f483225059dba26d014c5c8521793b51a50eaa908d2f
392d6395b1332aff4f3c88a0bbaf7cbb91c14e88d0703e826c973d4f82f5af16
46112dbceed738f759d03f04b115d5256a7d73660b7795acb382192ad84d9f98
57e3fa267066fc1e6e465122811c8a090c832dd06d408714508e64614a05c9f6
5d06e008798192b7a2237887b371ea473947fe0e17b4d119bf616e33c0260923
5ffae3c0e627b6a2083d67639bfa32ecfe695671ee25f8e1315d2067a4e28df4
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
6fa28900b054c51f057c051545dbee6fbcd8a810ff2d532c0a9324f48cab1fc7
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
7edda2585f580c167fd4e3a6c162534548cda437f8bef67c544f3aa9c162a17c
9b5d584b6200dfb2ea17d372ceb88c61ee68bf6e7ae5cabed28d31952b048a10
9f1640e7c059a282a789beb08e58f264fbd25e238000ec8b0bed400f89ad297a
a4abf215f3a2e97a09a6bbbcce397edebe274eb2f4d30017d51538db5d8ce8bb
b77e8e9fe7d91a496cc1e814f0fa212b6cef4644f3d71710c25177e8beaa4ebd
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875
c9c42695f9137b4c0169d8f87d78ba5329d12e5f22f0deb7355e2af87ff5b765
ca14be9c275d6c0f8bb82f794af438d5e9521429978b7fbace90fd399b7b512f
cc7cf03ced4b5beffc775ec8d43bfc6cce84fa11eaf7685cfb41db9f92380f37
eb1daa1d3e1e9887ec87efddc046718447aae2a663878fedbe4083f3d3c2a01a
ed7d9565486a66ea74ca2944c02ba502f78fd8e56052a18c9407d61d7442460f
ee5ca3e1f32600cc76ca445878fa949f8a076431eda8b3ba101b85b4936875d2
eef8b3c25145cb163870fb31156501e043b7733b83c64c2458d5244b200de290
f2e8f60005090704ef341c7edf1538b737bb97078c84efa6213f24a5ea3bd2fc

dist.adblocker-primary.com Open in urlscan Pro 2606:4700:3031::6815:32f1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

80 Requests

85 %HTTPS

45 %IPv6

32 Domains

38 Subdomains

30 IPs

4 Countries

625 kBTransfer

1348 kBSize

64 Cookies

0 Outgoing links

Page URL History

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

dist.adblocker-primary.com Open in urlscan Pro
2606:4700:3031::6815:32f1 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

85 %
HTTPS

45 %
IPv6

32
Domains

38
Subdomains

30
IPs

4
Countries

625 kB
Transfer

1348 kB
Size

64
Cookies

80 HTTP transactions
1 data transactions