urlscan.io logo urlscan.io
SecurityTrails logo

ublockpop.com Open in urlscan Pro
2a06:98c1:3120::7  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://feed-6009.coderformylife.info/api/message/click?id=f1351618871074&time=1647613633&sig=e1eb3cbe5219f8bd21c6faa1413dff&u=aHR0cHM...
Effective URL: https://ublockpop.com/rect.php?a=ATCH13&c=ac&d=16479624903239775754220517091553538&h=2848467
Submission Tags: falconsandbox
Submission: On March 22 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 9 domains to perform 11 HTTP transactions. The main IP is 2a06:98c1:3120::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is ublockpop.com. The Cisco Umbrella rank of the primary domain is 606922.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 9th 2022. Valid for: a year.
This is the only time ublockpop.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 3 35.190.38.40 15169 (GOOGLE)
3 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
11 6
1    2606:4700:10::ac43:14f8 (United States)

ASN13335 (CLOUDFLARENET, US)
feed-6009.coderformylife.info
2    2606:4700:3037::ac43:ddd8 (United States)

ASN13335 (CLOUDFLARENET, US)
wait4min.com
1    2606:4700:3032::6815:446e (United States)

ASN13335 (CLOUDFLARENET, US)
onetouch7.info
3    35.190.38.40 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 40.38.190.35.bc.googleusercontent.com
www.adspredictiv.com
3    2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)
ublockpop.com
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
2    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
3 gstatic.com
fonts.gstatic.com
78 KB
3 ublockpop.com
ublockpop.com — Cisco Umbrella Rank: 606922
286 KB
3 adspredictiv.com
www.adspredictiv.com — Cisco Umbrella Rank: 219396
3 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
2 KB
2 wait4min.com
wait4min.com — Cisco Umbrella Rank: 274388
2 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 828
427 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 403
24 KB
1 onetouch7.info
onetouch7.info
923 B
1 coderformylife.info
feed-6009.coderformylife.info — Cisco Umbrella Rank: 44205
461 B
11 9
Domain Requested by
3 fonts.gstatic.com fonts.googleapis.com
3 ublockpop.com www.adspredictiv.com
ublockpop.com
3 www.adspredictiv.com 2 redirects
2 fonts.googleapis.com ublockpop.com
2 wait4min.com 2 redirects
1 use.fontawesome.com ublockpop.com
1 cdn.jsdelivr.net ublockpop.com
1 onetouch7.info 1 redirects
1 feed-6009.coderformylife.info 1 redirects
11 9

This site contains no links.

Subject Issuer Validity Valid
adspredictiv.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-15 -
2022-07-04		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-03-09 -
2023-03-09		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ublockpop.com/rect.php?a=ATCH13&c=ac&d=16479624903239775754220517091553538&h=2848467
Frame ID: A353DC89F9FFAF593D4F9D6327FEC7C9
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Pop up BlockerPop up Blocker

Page URL History Show full URLs

  1. http://feed-6009.coderformylife.info/api/message/click?id=f1351618871074&time=1647613633&sig=e1eb3cbe5219f8bd21c6... HTTP 302
    https://wait4min.com/dvzMy91L?source={source_id} HTTP 302
    http://onetouch7.info/pop-go/37291?sub1=3g29dh59s1dsc&sub2=%7Bsource_id%7D HTTP 302
    https://wait4min.com/dvzMy91L HTTP 302
    https://www.adspredictiv.com/jump/next.php?r=2848467 Page URL
  2. https://www.adspredictiv.com/jump/next.php?stamat=m%257C%252CU4iF6t3frB1dwP0dEdHP3xP.3dd%252C2t5FkDDYpjxJ... HTTP 302
    https://www.adspredictiv.com/script/i.php?stamat=m%257C%252C%252CwjdnNjKqoGU3B0-GH0dEdHP3xP.3ec%252CA55Bf... HTTP 302
    https://ublockpop.com/rect.php?a=ATCH13&c=ac&d=16479624903239775754220517091553538&h=2848467 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

11
Requests

100 %
HTTPS

89 %
IPv6

9
Domains

9
Subdomains

6
IPs

2
Countries

819 kB
Transfer

1876 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://feed-6009.coderformylife.info/api/message/click?id=f1351618871074&time=1647613633&sig=e1eb3cbe5219f8bd21c6faa1413dff&u=aHR0cHM6Ly9ldS5wdXNobWV1cC5hcnQvY2xrL0ZwX0I5VS0zcERjVldHQUJTQ29ObllycnJmeF80OVJNaGk3cnh2ZDNaQ1V3a0ttQ29JQUcwOHp6Z0JnRnBNX3hwd3lkbEdFQzFkcDBSeERubFpkWUtELXp4c25LUVE5R01FazVTdUlza01WZndMZHRsQTVtOVJwenUtUFRacG5LZ251MEgyWW9SYW9WcG5nSE1NXy15SHBXemc3TjE4S2dVSnNoU1NxVUtBRXlObVpLZWFnbk9BbThSSDhVc0ZWRlRySk80Q095RTVmeHQyMEExOWZrR0Y1c0pDelJVaWpUSkdqZmdtTGVYdEU2emFNZ2hQbnRCS05CdHVNeEpnY01HaGxWeEYyaVotb0xrWUhuV3JqYXRnZGVtaFF2UHhrUG9ySWZaR3BBZFdNSDYtaGNqQmpjeDNsUWVyaFVQNWd3Q1MyMkJ1VnpON0xSSFJHNTZyck1Za3NneGtjOWhWZ3gtU0pWU1JFZmhHQXJxWVhLSy03SG55NXJGcWZuSmtvbGpDWkJoTjIycWtHTWtFQUZ2dWZNOVlXU0VVVkpFZWVQOTRSM1hMdjVHYkU0OEhEalg1Y3JnX2RBa01RMFhmam12UEplSENFSzBmRzBGZU5XbkVmVlQxQXU5d3ZfdzlnelBCMFNJd1Z1ZjBaSWUwbDRkRzBoYlFxd0VUQ1o4WWVUd3RMbnpLdVNkRE9vMTdjS0VVSjlUQnFNQVBIQlE2bE9OTnB4VDJ5eW02alI0OE9ZQ1pfdzNxWnRkdmZUTU56T2c2NGowRTVnXzBLbUNfRDdhQ090X3pGTG52TDN0amJ3WFlScUZqOHd6QUQ0RW9JZnR0M2ZMcXFkNy1aU3hyNUxQNDJWZU8xbzN2SG1LNXlTckx4czlOV2dSaWJNbmMzWlloSXo1YWdRZXhXQWlCOEpfOFh1WUJSTHo5SUFSQjFaazdoSWdB&srv=1&bhi=gYUChSMG8NITTZMOeTlqWkc0odWNtOXNiSEq5sY25abGNpNTXRlWG92WTNKbFlYTUnBkbVZ6THpFMU1pLODFNalV2TXpZd1h6Qm9ZNVFl6TkRBME1qRXhOamJsyTkM1d2JtYz0%3D HTTP 302
    https://wait4min.com/dvzMy91L?source={source_id} HTTP 302
    http://onetouch7.info/pop-go/37291?sub1=3g29dh59s1dsc&sub2=%7Bsource_id%7D HTTP 302
    https://wait4min.com/dvzMy91L HTTP 302
    https://www.adspredictiv.com/jump/next.php?r=2848467 Page URL
  2. https://www.adspredictiv.com/jump/next.php?stamat=m%257C%252CU4iF6t3frB1dwP0dEdHP3xP.3dd%252C2t5FkDDYpjxJXsMWHSh7wKsTFo_9DWdVnHcBDLzDvAV1rtcjJRh7XKgcungnm-a2&cbpage=https://www.adspredictiv.com/jump/next.php?r=2848467&cbur=0.3875382040382218&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref= HTTP 302
    https://www.adspredictiv.com/script/i.php?stamat=m%257C%252C%252CwjdnNjKqoGU3B0-GH0dEdHP3xP.3ec%252CA55BfgoI_bh0cEcT98BrhL32eXgdsEWLdXMr4VSWW4Zz6gtExaTvXTaA-tg-Ok7toGxDuFIj2mnGStmmHVkeUiBfAMobNRuwRzQnHiy2QKphbi3TPlK_bH0t1TG-YOsydwt7aqXysWi243trN8QftLtCVXnMDYu_oaJOP0gZiXyiQHv96TWJAqvae5LAIN1g30HvtdNg5UjexKuweUNDy7e9fTlAYyUDHrOALaOS9Vv0XnDrL_T_eQwm29PwMG2NrjpyK7l4VvleYl-Ng6Eopmgki1Ddeij8zoh2UkslTA4xf-asn1il4PJYmBcqOV48QVO9aS0KZu5G6KRObrtVgA6W_wMy3hgMTut8F0tSUoLpn2RQ0XhhrAP5cA-icWPCvkfX4tW8f6Hqlozhxn40RtD-dZu6lENiECn_g4ItxJc7XNhYCxNkEkhFSXg32OVK1neMq5zq5FVcAWrZppxRqKzxH6UQkRVbH6a7RonUImYGkac6px_vkRW-0mJp4-lSdgps0NSCMJvAweJeU1X-pCY_qUfKOham3aYj59JHJHkez7anC9Vd1c3s3je_4glr6hGLkFcKbrnJB1VoC7Ow8CYoB0LSy4xvEk3Vju0Nhdk%252C HTTP 302
    https://ublockpop.com/rect.php?a=ATCH13&c=ac&d=16479624903239775754220517091553538&h=2848467 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://feed-6009.coderformylife.info/api/message/click?id=f1351618871074&time=1647613633&sig=e1eb3cbe5219f8bd21c6faa1413dff&u=aHR0cHM6Ly9ldS5wdXNobWV1cC5hcnQvY2xrL0ZwX0I5VS0zcERjVldHQUJTQ29ObllycnJmeF80OVJNaGk3cnh2ZDNaQ1V3a0ttQ29JQUcwOHp6Z0JnRnBNX3hwd3lkbEdFQzFkcDBSeERubFpkWUtELXp4c25LUVE5R01FazVTdUlza01WZndMZHRsQTVtOVJwenUtUFRacG5LZ251MEgyWW9SYW9WcG5nSE1NXy15SHBXemc3TjE4S2dVSnNoU1NxVUtBRXlObVpLZWFnbk9BbThSSDhVc0ZWRlRySk80Q095RTVmeHQyMEExOWZrR0Y1c0pDelJVaWpUSkdqZmdtTGVYdEU2emFNZ2hQbnRCS05CdHVNeEpnY01HaGxWeEYyaVotb0xrWUhuV3JqYXRnZGVtaFF2UHhrUG9ySWZaR3BBZFdNSDYtaGNqQmpjeDNsUWVyaFVQNWd3Q1MyMkJ1VnpON0xSSFJHNTZyck1Za3NneGtjOWhWZ3gtU0pWU1JFZmhHQXJxWVhLSy03SG55NXJGcWZuSmtvbGpDWkJoTjIycWtHTWtFQUZ2dWZNOVlXU0VVVkpFZWVQOTRSM1hMdjVHYkU0OEhEalg1Y3JnX2RBa01RMFhmam12UEplSENFSzBmRzBGZU5XbkVmVlQxQXU5d3ZfdzlnelBCMFNJd1Z1ZjBaSWUwbDRkRzBoYlFxd0VUQ1o4WWVUd3RMbnpLdVNkRE9vMTdjS0VVSjlUQnFNQVBIQlE2bE9OTnB4VDJ5eW02alI0OE9ZQ1pfdzNxWnRkdmZUTU56T2c2NGowRTVnXzBLbUNfRDdhQ090X3pGTG52TDN0amJ3WFlScUZqOHd6QUQ0RW9JZnR0M2ZMcXFkNy1aU3hyNUxQNDJWZU8xbzN2SG1LNXlTckx4czlOV2dSaWJNbmMzWlloSXo1YWdRZXhXQWlCOEpfOFh1WUJSTHo5SUFSQjFaazdoSWdB&srv=1&bhi=gYUChSMG8NITTZMOeTlqWkc0odWNtOXNiSEq5sY25abGNpNTXRlWG92WTNKbFlYTUnBkbVZ6THpFMU1pLODFNalV2TXpZd1h6Qm9ZNVFl6TkRBME1qRXhOamJsyTkM1d2JtYz0%3D HTTP 302
  • https://wait4min.com/dvzMy91L?source={source_id} HTTP 302
  • http://onetouch7.info/pop-go/37291?sub1=3g29dh59s1dsc&sub2=%7Bsource_id%7D HTTP 302
  • https://wait4min.com/dvzMy91L HTTP 302
  • https://www.adspredictiv.com/jump/next.php?r=2848467

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
next.php
www.adspredictiv.com/jump/
Redirect Chain
  • http://feed-6009.coderformylife.info/api/message/click?id=f1351618871074&time=1647613633&sig=e1eb3cbe5219f8bd21c6faa1413dff&u=aHR0cHM6Ly9ldS5wdXNobWV1cC5hcnQvY2xrL0ZwX0I5VS0zcERjVldHQUJTQ29ObllycnJ...
  • https://wait4min.com/dvzMy91L?source={source_id}
  • http://onetouch7.info/pop-go/37291?sub1=3g29dh59s1dsc&sub2=%7Bsource_id%7D
  • https://wait4min.com/dvzMy91L
  • https://www.adspredictiv.com/jump/next.php?r=2848467
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.adspredictiv.com/jump/next.php?r=2848467
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.38.40 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
40.38.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
openresty
date
Tue, 22 Mar 2022 15:21:30 GMT
content-type
text/html; charset=utf-8
access-control-allow-origin
*
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

date
Tue, 22 Mar 2022 15:21:29 GMT
content-type
text/html; charset=UTF-8
location
https://www.adspredictiv.com/jump/next.php?r=2848467
cache-control
no-cache, no-store, must-revalidate,post-check=0,pre-check=0
expires
0
last-modified
Tue, 22 Mar 2022 15:21:29 GMT
pragma
no-cache
vary
Accept-Encoding
access-control-allow-origin
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jYrB8o2QS0xC7%2Fk6bN537aESdSbK5liLWmIybbOlACSSPJtuLwj7cKCfc035Tw3beEOuTOEv%2Bl%2BCz2tg9hGJxo3J6mQR7rujGjTQ%2FDEVwo73XGzNbiQ7HaUewIyr%2FJdr3hEZQ4sp%2B0VtD%2BQ%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6effead99d9e1002-MRS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Primary Request rect.php
ublockpop.com/
Redirect Chain
  • https://www.adspredictiv.com/jump/next.php?stamat=m%257C%252CU4iF6t3frB1dwP0dEdHP3xP.3dd%252C2t5FkDDYpjxJXsMWHSh7wKsTFo_9DWdVnHcBDLzDvAV1rtcjJRh7XKgcungnm-a2&cbpage=https://www.adspredictiv.com/jum...
  • https://www.adspredictiv.com/script/i.php?stamat=m%257C%252C%252CwjdnNjKqoGU3B0-GH0dEdHP3xP.3ec%252CA55BfgoI_bh0cEcT98BrhL32eXgdsEWLdXMr4VSWW4Zz6gtExaTvXTaA-tg-Ok7toGxDuFIj2mnGStmmHVkeUiBfAMobNRuwR...
  • https://ublockpop.com/rect.php?a=ATCH13&c=ac&d=16479624903239775754220517091553538&h=2848467
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ublockpop.com/rect.php?a=ATCH13&c=ac&d=16479624903239775754220517091553538&h=2848467
Requested by
Host: www.adspredictiv.com
URL: https://www.adspredictiv.com/jump/next.php?r=2848467
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53e913bbb39bea019e622073e9396caf808e7119da638c9899b806e7d5a01794

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.adspredictiv.com/jump/next.php?r=2848467

Response headers

date
Tue, 22 Mar 2022 15:21:30 GMT
content-type
text/html; charset=UTF-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dHeUm0egdx5Sej0LP0bmMHbNd7UYelXJhIfnhqST%2B4HWmmVeQDeFyT3ZNy1mHkxdoXi5YLsL9drCXUQbJabUaIuqkcWgy0GZ6ThA6tJkH0yvIl1NFD139IDhpoimcJZ6cTkYRfxoZ0357znW"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6effeadd9c460fe6-MRS
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

server
openresty
date
Tue, 22 Mar 2022 15:21:30 GMT
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://ublockpop.com/rect.php?a=ATCH13&c=ac&d=16479624903239775754220517091553538&h=2848467
referrer-policy
no-referrer
via
1.1 google
alt-svc
clear
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ 		152 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css
Requested by
Host: ublockpop.com
URL: https://ublockpop.com/rect.php?a=ATCH13&c=ac&d=16479624903239775754220517091553538&h=2848467
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ublockpop.com/
Origin
https://ublockpop.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:21:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
107979
x-jsd-version
5.0.2
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19136-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6effeade497b01eb-ZRH
all.js
use.fontawesome.com/releases/v5.15.4/js/ 		1 MB
427 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.15.4/js/all.js
Requested by
Host: ublockpop.com
URL: https://ublockpop.com/rect.php?a=ATCH13&c=ac&d=16479624903239775754220517091553538&h=2848467
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf

Request headers

Referer
https://ublockpop.com/
Origin
https://ublockpop.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:21:30 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9408051
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
E7AWDCEAJ6G6D0AM
x-amz-id-2
yLeJoO5lI4sdHSWVzkMqgDgucM7Iz8Nobkc+h7QipzvCIuXROkEN6+hf7cY4/larS8Zkl6/1I+w=
last-modified
Wed, 04 Aug 2021 20:43:22 GMT
server
cloudflare
etag
W/"5e29440867fdb02a48dffded02338c31"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hJHYuLJhsuVjFkZxFG3YxFELlg7531EDocHaSVq%2BD0GeTFpB%2BzZb15%2B2gnvp1qE7SAZE1BoY0nmH0RIDbZAIT9gY5k2kyNHiUaIqUT4%2F9FxCAzR0%2BhA%2F1zkyPk30LrvAU1khWzC9L7GQCv8DzC3DIG%2Fd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6effeade79245fa1-MRS
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700
Requested by
Host: ublockpop.com
URL: https://ublockpop.com/rect.php?a=ATCH13&c=ac&d=16479624903239775754220517091553538&h=2848467
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4c0088d08089d4ecfd95333d9db3b56ac6a3b9af2374e083680b39391f7a75ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ublockpop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 14:18:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 22 Mar 2022 15:21:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 22 Mar 2022 15:21:30 GMT
css
fonts.googleapis.com/ 		3 KB
531 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic
Requested by
Host: ublockpop.com
URL: https://ublockpop.com/rect.php?a=ATCH13&c=ac&d=16479624903239775754220517091553538&h=2848467
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1fa6ee53c3ef19ace03102a1db4f117bb978ee63e116882903cc157caeff67a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ublockpop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 15:07:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 22 Mar 2022 15:21:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 22 Mar 2022 15:21:30 GMT
styles.css
ublockpop.com/b/ 		206 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ublockpop.com/b/styles.css
Requested by
Host: ublockpop.com
URL: https://ublockpop.com/rect.php?a=ATCH13&c=ac&d=16479624903239775754220517091553538&h=2848467
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
339d4c2c47f83ce282862a11d20340e2fca9d9b78ef2b544624184016a03f521

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ublockpop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:21:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 02 Dec 2021 11:24:50 GMT
server
cloudflare
age
6393
etag
W/"61a8ad02-33991"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8F6N8bYKVetJSXOKNBre%2BPctFJE55oHXh6RDZ30MDcajeseLAljK8VdxYV1e5knYe3rubmOn4KUDHT9nI2yry6lAk%2FLEAufaYGmqkXtnBBP218Z8yuV8DjIXzuu77fsDkS%2BU7%2Bm%2BVAefoYG7"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6effeade5a3783b8-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
1280.jpg
ublockpop.com/b/ 		255 KB
256 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ublockpop.com/b/1280.jpg
Requested by
Host: ublockpop.com
URL: https://ublockpop.com/rect.php?a=ATCH13&c=ac&d=16479624903239775754220517091553538&h=2848467
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0f82bbf8dbd7d8ce8c81dfe1d510a53f8cb8b16743415b8fc44e17007bab546

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ublockpop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:21:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6917
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
261173
last-modified
Thu, 02 Dec 2021 11:25:09 GMT
server
cloudflare
etag
"61a8ad15-3fc35"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0sIr0oTJIvedNm2t4%2Bf4wYmP%2BoQhAMYFVwzKJEPqMowm1UidHHhzQ0PxXKwQZjsKySGRJuVZ1F46sO8jzI6DoCXxEGBzObz8eTE7MjeGgOBQCK7CgjCfdeE6EtNW4mkQWpvgCECHu%2BSykmEi"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
6effeadedbb083b8-MXP
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v23/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v23/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ublockpop.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 11:55:47 GMT
x-content-type-options
nosniff
age
12343
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30876
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:11:59 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 22 Mar 2023 11:55:47 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ublockpop.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 19:30:30 GMT
x-content-type-options
nosniff
age
503460
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:14:03 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 19:30:30 GMT
S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v22/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v22/S6u8w4BMUTPHjxsAXC-q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ublockpop.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 19:34:14 GMT
x-content-type-options
nosniff
age
503236
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24408
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:13:08 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 19:34:14 GMT

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome

6 Cookies

Domain/Path Name / Value
onetouch7.info/ Name: pop-u-uni-d0b4f6
Value: ee707e49fc3dc9f8e4a84a2f023f27b0a%3A2%3A%7Bi%3A0%3Bs%3A16%3A%22pop-u-uni-d0b4f6%22%3Bi%3A1%3Bs%3A2%3A%22no%22%3B%7D
wait4min.com/ Name: _subid
Value: 3g29dh59s1dsd
wait4min.com/ Name: _token
Value: uuid_3g29dh59s1dsd_3g29dh59s1dsd6239e979db9d82.45908180
wait4min.com/ Name: bc730
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE3NDJcIjoxNjQ3OTYyNDg5LFwiMTg1MFwiOjE2NDc5NjI0ODl9LFwiY2FtcGFpZ25zXCI6e1wiNTExXCI6MTY0Nzk2MjQ4OX0sXCJ0aW1lXCI6MTY0Nzk2MjQ4OX0ifQ.clnYdnMb4LEeGsZD7A4DNwgrA1RH6J5pNY2n5Y1Lrnc
.ublockpop.com/ Name: c
Value: ac
.ublockpop.com/ Name: _asd
Value: 16479624903301531