urlscan.io logo urlscan.io
SecurityTrails logo

block-ads-now.com Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.373je.com/scripts/un981c6l?a_aid=4f608c61&a_bid=ed819bbf
Effective URL: https://block-ads-now.com/movie2LP.html?an=ac&cid=167018590110000TUKTV436497501254Vba&sid=3052727-1021009776-0
Submission: On December 04 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 8 domains to perform 12 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is block-ads-now.com. The Cisco Umbrella rank of the primary domain is 99145.
TLS certificate: Issued by GTS CA 1P5 on November 25th 2022. Valid for: 3 months.
This is the only time block-ads-now.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 3 35.201.70.46 15169 (GOOGLE)
5 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
12 5
1    2606:4700:3034::6815:5cbe (United States)

ASN13335 (CLOUDFLARENET, US)
www.373je.com
1    2606:4700:3037::6815:4ce0 (United States)

ASN13335 (CLOUDFLARENET, US)
mcmo22.com
1    2606:4700:3031::ac43:c38a (United States)

ASN13335 (CLOUDFLARENET, US)
go.tffkroute.com
3    35.201.70.46 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 46.70.201.35.bc.googleusercontent.com
directdexchange.com
5    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
block-ads-now.com
2    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
5 block-ads-now.com
block-ads-now.com — Cisco Umbrella Rank: 99145
214 KB
3 directdexchange.com
directdexchange.com
3 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 51
2 KB
1 gstatic.com
fonts.gstatic.com
44 KB
1 tffkroute.com
go.tffkroute.com — Cisco Umbrella Rank: 267790
530 B
1 mcmo22.com
mcmo22.com — Cisco Umbrella Rank: 247543
782 B
1 373je.com
www.373je.com — Cisco Umbrella Rank: 380213
876 B
0 Failed
function sub() { [native code] }. Failed
12 8
Domain Requested by
5 block-ads-now.com directdexchange.com
block-ads-now.com
3 directdexchange.com 2 redirects
2 fonts.googleapis.com block-ads-now.com
1 fonts.gstatic.com fonts.googleapis.com
1 go.tffkroute.com 1 redirects
1 mcmo22.com 1 redirects
1 www.373je.com 1 redirects
0 ifidkgmkpihooaknfaapgkejcgcbniek Failed block-ads-now.com
12 8

This site contains links to these domains. Also see Links.

Domain
adblock-pro.org
Subject Issuer Validity Valid
directdexchange.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-16 -
2023-02-16		 a year crt.sh
*.block-ads-now.com
GTS CA 1P5		 2022-11-25 -
2023-02-23		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://block-ads-now.com/movie2LP.html?an=ac&cid=167018590110000TUKTV436497501254Vba&sid=3052727-1021009776-0
Frame ID: 13BE81B044E88A46B8213FAC3B60A625
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

AdBlock Pro Browser Extension

Page URL History Show full URLs

  1. https://www.373je.com/scripts/un981c6l?a_aid=4f608c61&a_bid=ed819bbf HTTP 301
    https://mcmo22.com/g?visitorid=872b15ccc3e114fc9e438fc267er8pNf&refid=4f608c61&bannerid=ed819bb... HTTP 302
    https://go.tffkroute.com/click?pid=6&offer_id=620&ref_id=872b15ccc3e114fc9e438fc267er8pNf_4f608c61_ed... HTTP 302
    https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-64f608c61-620-5f0f018d2bdea5690c593f07 Page URL
  2. https://directdexchange.com/jump/next.php?stamat=m%257CY7ojfXYhaQdH8AH0dEdHP3xP.7ba%252CS0kXXHXf2ck-DOZ9... HTTP 302
    https://directdexchange.com/script/i.php?stamat=m%257C%252C%252Cg2MyYjYjtGU3BP-GH0dEdHP3xP.0a1%252CBEvy-... HTTP 302
    https://block-ads-now.com/movie2LP.html?an=ac&cid=167018590110000TUKTV436497501254Vba&sid=3052727-1021... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

12
Requests

75 %
HTTPS

86 %
IPv6

8
Domains

8
Subdomains

5
IPs

2
Countries

263 kB
Transfer

279 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.373je.com/scripts/un981c6l?a_aid=4f608c61&a_bid=ed819bbf HTTP 301
    https://mcmo22.com/g?visitorid=872b15ccc3e114fc9e438fc267er8pNf&refid=4f608c61&bannerid=ed819bbf&extra_data1=&extra_data2= HTTP 302
    https://go.tffkroute.com/click?pid=6&offer_id=620&ref_id=872b15ccc3e114fc9e438fc267er8pNf_4f608c61_ed819bbf&sub1=4f608c61&sub8=2022+QATAR+WORLD+CUP+GAMES+LIVE HTTP 302
    https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-64f608c61-620-5f0f018d2bdea5690c593f07 Page URL
  2. https://directdexchange.com/jump/next.php?stamat=m%257CY7ojfXYhaQdH8AH0dEdHP3xP.7ba%252CS0kXXHXf2ck-DOZ9HRvwuM9aL_G46JdZU-2oa3bmXM-jNynSUdHe-QzhcsxloyCGLComM6QV6Sbi_ir10K6Aocpqk8ppKMV7l_izETzCmYgpiyUfyMPHYGa45uMKMji2&cbpage=https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-64f608c61-620-5f0f018d2bdea5690c593f07&cbur=0.7751478784804033&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref= HTTP 302
    https://directdexchange.com/script/i.php?stamat=m%257C%252C%252Cg2MyYjYjtGU3BP-GH0dEdHP3xP.0a1%252CBEvy-Eim6z55fUfCbk9bDc8qM81tXnZJ_wK84R9oXRz4BXqDADgFQthPdEVe1tCQGtwezx0z8jFE9FdiqanFy6es_SqIs0Vd1ryJUYtLS0dDvcxknH1WPAxl76dUqt8Aznh4sywqCMpHECarHVgJO4SdU-N-Eu6bH-n_WUo6t9mr3IoVDkPtWsZnqPheZG9gRsK_bom0ox97hkOigS9QCuybKqaSIzUQNfAkwFE11NT0fKWLVFT2uNu7sMDUTp7TH8CHp4EXBrAjS3jt5apQvbCtOD4iqHKWIfowxD0Hc0Otr2UCFOMn4wmnq30mg7ePsdn9NxmVBmI7lKus6dN3z0jL0vY9JAsk7jDBpcWCmDv4Mz9fIAftfXQRpCDT6vZ9ZDZUZD2ux7C9mdJ7F-k6BHVHDPs-DUKnfURi49w-apfPwRZfqq85rji1HSSwlHMOoXIw0iL1Bk_uABZcOLsAcnNm3wGh271kgE9s9Q_WvzP-Rgy4eZO7Vb_Keidyv297RWMPNfmmyWJvP7yfGSx-vIL53iuoU2NjWo1rEq-IItyFHfWyqnOPsEeOTQdeV_b1VaB7G54NGKMYRPp-AKcGtoFgAAUCC_lHJFR0094ECqqsnxu2y0kIxZsbic7NhF0E HTTP 302
    https://block-ads-now.com/movie2LP.html?an=ac&cid=167018590110000TUKTV436497501254Vba&sid=3052727-1021009776-0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.373je.com/scripts/un981c6l?a_aid=4f608c61&a_bid=ed819bbf HTTP 301
  • https://mcmo22.com/g?visitorid=872b15ccc3e114fc9e438fc267er8pNf&refid=4f608c61&bannerid=ed819bbf&extra_data1=&extra_data2= HTTP 302
  • https://go.tffkroute.com/click?pid=6&offer_id=620&ref_id=872b15ccc3e114fc9e438fc267er8pNf_4f608c61_ed819bbf&sub1=4f608c61&sub8=2022+QATAR+WORLD+CUP+GAMES+LIVE HTTP 302
  • https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-64f608c61-620-5f0f018d2bdea5690c593f07

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
next.php
directdexchange.com/jump/
Redirect Chain
  • https://www.373je.com/scripts/un981c6l?a_aid=4f608c61&a_bid=ed819bbf
  • https://mcmo22.com/g?visitorid=872b15ccc3e114fc9e438fc267er8pNf&refid=4f608c61&bannerid=ed819bbf&extra_data1=&extra_data2=
  • https://go.tffkroute.com/click?pid=6&offer_id=620&ref_id=872b15ccc3e114fc9e438fc267er8pNf_4f608c61_ed819bbf&sub1=4f608c61&sub8=2022+QATAR+WORLD+CUP+GAMES+LIVE
  • https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-64f608c61-620-5f0f018d2bdea5690c593f07
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-64f608c61-620-5f0f018d2bdea5690c593f07
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.70.46 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
46.70.201.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 04 Dec 2022 20:31:41 GMT
server
openresty
via
1.1 google

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
77474e938fd372ae-LHR
content-length
0
date
Sun, 04 Dec 2022 20:31:41 GMT
location
https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-64f608c61-620-5f0f018d2bdea5690c593f07
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hg451bdESyJMF0NqLHrAz9RhIGZzQGd9cdSGHHwTWI0zyjZJr1u1Oi%2Blw4%2F6YBFAGDUQ4dFXG5sA%2FkOA8JjEJpIDYYYHq2vRRla1F5HXXTeSPee3dPmJn7aEvE454O4Ud6zRiksz8vzFy5s2WX2I"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-adjust-use-original-forwarded-for
1
Primary Request movie2LP.html
block-ads-now.com/
Redirect Chain
  • https://directdexchange.com/jump/next.php?stamat=m%257CY7ojfXYhaQdH8AH0dEdHP3xP.7ba%252CS0kXXHXf2ck-DOZ9HRvwuM9aL_G46JdZU-2oa3bmXM-jNynSUdHe-QzhcsxloyCGLComM6QV6Sbi_ir10K6Aocpqk8ppKMV7l_izETzCmYgpi...
  • https://directdexchange.com/script/i.php?stamat=m%257C%252C%252Cg2MyYjYjtGU3BP-GH0dEdHP3xP.0a1%252CBEvy-Eim6z55fUfCbk9bDc8qM81tXnZJ_wK84R9oXRz4BXqDADgFQthPdEVe1tCQGtwezx0z8jFE9FdiqanFy6es_SqIs0Vd1r...
  • https://block-ads-now.com/movie2LP.html?an=ac&cid=167018590110000TUKTV436497501254Vba&sid=3052727-1021009776-0
9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://block-ads-now.com/movie2LP.html?an=ac&cid=167018590110000TUKTV436497501254Vba&sid=3052727-1021009776-0
Requested by
Host: directdexchange.com
URL: https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-64f608c61-620-5f0f018d2bdea5690c593f07
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7415237a46ab84ba24cc2a35b01c2615e46b07111e18310300b52c4e69fa602
Security Headers
Name Value
Strict-Transport-Security max-age=16000000

Request headers

Referer
https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-64f608c61-620-5f0f018d2bdea5690c593f07
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
77474ea34bc21757-IAD
content-encoding
br
content-type
text/html
date
Sun, 04 Dec 2022 20:31:42 GMT
last-modified
Fri, 25 Nov 2022 13:48:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yGRZTzqoee09Z0S%2BsqooZfdhMuOcsO5lb7%2FcXHoi%2FqUNE2d4kiwTRew8NFr7fA8JGAP4Uqhx2zSHpXbvdSij%2FtlCSb%2BwvDMO%2B3UbNrM89DPDxwJca7G34ZMAnEja8LF73oUJYVv1rcdbxgEsUhQBmw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=16000000
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=utf-8
date
Sun, 04 Dec 2022 20:31:42 GMT
location
https://block-ads-now.com/movie2LP.html?an=ac&cid=167018590110000TUKTV436497501254Vba&sid=3052727-1021009776-0
server
openresty
via
1.1 google
movie2LP.css
block-ads-now.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://block-ads-now.com/movie2LP.css
Requested by
Host: block-ads-now.com
URL: https://block-ads-now.com/movie2LP.html?an=ac&cid=167018590110000TUKTV436497501254Vba&sid=3052727-1021009776-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e05d9744261d330c1d63d52041c228dcc1628a9be1a48b9097c3d1c9ea33ddc0
Security Headers
Name Value
Strict-Transport-Security max-age=16000000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://block-ads-now.com/movie2LP.html?an=ac&cid=167018590110000TUKTV436497501254Vba&sid=3052727-1021009776-0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 20:31:43 GMT
strict-transport-security
max-age=16000000
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 25 Nov 2022 13:48:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3691
etag
W/"620-5ee4bc81abb4a-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FKsxjG14GqNabuJLfFKoo4IUbOVCKEynlqUCad2e%2FTt5nfnOzLk4b4DLUO90Ijl9PsVo8VdyaHCQeRM7QMcXlXOW6ClBZTYHYX9lrjjonYCpGu34SN9ftOzJibnLb9Ag3kSuY6jxCBCR02VEQJ0pwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
77474ea65d06dd86-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700,800&display=swap
Requested by
Host: block-ads-now.com
URL: https://block-ads-now.com/movie2LP.html?an=ac&cid=167018590110000TUKTV436497501254Vba&sid=3052727-1021009776-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1dab49c7e7f030b2673f47a20ce13a30211a6c8c3699456d233453fe94e751a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://block-ads-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 04 Dec 2022 20:31:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 04 Dec 2022 19:04:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 04 Dec 2022 20:31:43 GMT
css
fonts.googleapis.com/ 		1 KB
563 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Varela+Round&display=swap
Requested by
Host: block-ads-now.com
URL: https://block-ads-now.com/movie2LP.html?an=ac&cid=167018590110000TUKTV436497501254Vba&sid=3052727-1021009776-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
caa761f345bab156984d7a0a5c51062cbc19dbecf61dc28a7972756bda9dc914
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://block-ads-now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 04 Dec 2022 20:31:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 04 Dec 2022 19:01:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 04 Dec 2022 20:31:43 GMT
download-arrow.png
block-ads-now.com/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://block-ads-now.com/img/download-arrow.png
Requested by
Host: block-ads-now.com
URL: https://block-ads-now.com/movie2LP.html?an=ac&cid=167018590110000TUKTV436497501254Vba&sid=3052727-1021009776-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d053614956638ce503a3d00a8bbf97758631442fcfde1cb34d5807effbcbe48
Security Headers
Name Value
Strict-Transport-Security max-age=16000000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://block-ads-now.com/movie2LP.html?an=ac&cid=167018590110000TUKTV436497501254Vba&sid=3052727-1021009776-0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 20:31:43 GMT
strict-transport-security
max-age=16000000
cf-cache-status
HIT
last-modified
Fri, 25 Nov 2022 13:49:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3926
etag
W/"510-5ee4bc9773e0a-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RxtPgNSMfcyFnJz2b5jZizhbOebPOUoNzIomCtSjEorzp5byTqMhOch5GITDtcs1LfIzJw%2FoJH6%2BlfTvBjYcMEXyPL7s1VSptZX0RTSpp8tcUKxexQcO5ue9GW1LB81lNAZsaW%2FyFRxVT8Y02SxenQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
cf-ray
77474ea65d0add86-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
chrome-web-store.png
block-ads-now.com/img/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://block-ads-now.com/img/chrome-web-store.png
Requested by
Host: block-ads-now.com
URL: https://block-ads-now.com/movie2LP.html?an=ac&cid=167018590110000TUKTV436497501254Vba&sid=3052727-1021009776-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1eca30864906bc5c17079db96c533bd03806b58e501f4ebc7b9b67d88fca175e
Security Headers
Name Value
Strict-Transport-Security max-age=16000000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://block-ads-now.com/movie2LP.html?an=ac&cid=167018590110000TUKTV436497501254Vba&sid=3052727-1021009776-0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 20:31:43 GMT
strict-transport-security
max-age=16000000
cf-cache-status
HIT
last-modified
Fri, 25 Nov 2022 13:49:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3926
etag
W/"2364-5ee4bcaa2602a-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e3Ulv2genxRhskKPgwZeGihpgWo3JgLP6tU0n7Ij282TzG3E0EP2hfitJPvax52DNJDGFfUH6uFWW9kf5nfx6wsgcr4Sy9N3UKvBeP2bQ5F2VaLNEHfX7VroAqE7pdvfhaEkno99VPODjTvL3ikGng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
cf-ray
77474ea65d0ddd86-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
m2bg-repeated.jpg
block-ads-now.com/img/ 		198 KB
198 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://block-ads-now.com/img/m2bg-repeated.jpg
Requested by
Host: block-ads-now.com
URL: https://block-ads-now.com/movie2LP.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ed37ee687743e28e54409cd64f90a6ad641aa220c8f0ffd3a50c77f8437219a
Security Headers
Name Value
Strict-Transport-Security max-age=16000000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://block-ads-now.com/movie2LP.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 20:31:43 GMT
strict-transport-security
max-age=16000000
cf-cache-status
HIT
last-modified
Fri, 25 Nov 2022 13:49:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5172
etag
W/"3166f-5ee4bc95a402a-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hoEIxiVRXjXia0ruJUxMTnxxXCo1116CWv7yQcFBi47m4yNGCCZZl1xS4Cvn1nRIKdKpNJdlePFIym21hQG9dBpqw86q6CCaSM6bHdHiv9rP7yVQ%2FdNW1GXbXYAsOZA9fU8X94e2fTRqfbbAPg%2Bv9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=86400
cf-ray
77474ea78fb2dd86-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://block-ads-now.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 18:50:24 GMT
x-content-type-options
nosniff
age
524479
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Nov 2023 18:50:24 GMT
128.png
ifidkgmkpihooaknfaapgkejcgcbniek/ 		0
0
128.png
ifidkgmkpihooaknfaapgkejcgcbniek/ 		0
0
128.png
ifidkgmkpihooaknfaapgkejcgcbniek/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ifidkgmkpihooaknfaapgkejcgcbniek
URL
chrome-extension://ifidkgmkpihooaknfaapgkejcgcbniek/128.png
Domain
ifidkgmkpihooaknfaapgkejcgcbniek
URL
chrome-extension://ifidkgmkpihooaknfaapgkejcgcbniek/128.png
Domain
ifidkgmkpihooaknfaapgkejcgcbniek
URL
chrome-extension://ifidkgmkpihooaknfaapgkejcgcbniek/128.png

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| popupchrome string| storeurl string| iconcheck string| navlangue number| checker function| chromeinitcontrol

3 Cookies

Domain/Path Name / Value
www.373je.com/ Name: PAPAffiliateId
Value: 4f608c61
www.373je.com/ Name: PAPVisitorId
Value: 872b15ccc3e114fc9e438fc267er8pNf
www.373je.com/ Name: AWSELB
Value: AD0DE1730C629600E4AD22BAB4A1AE2D4C233F78F7FF8C93BF2E68EF478B1B1960D70F2B5D847F0122937138628BC3868904421583727164E9ECE8F8CA82FCDBE34717CBC1

6 Console Messages

Source Level URL
Text
javascript error URL: https://block-ads-now.com/movie2LP.html?an=ac&cid=167018590110000TUKTV436497501254Vba&sid=3052727-1021009776-0(Line 128)
Message:
Access to XMLHttpRequest at 'chrome-extension://ifidkgmkpihooaknfaapgkejcgcbniek/128.png' from origin 'https://block-ads-now.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network error URL: chrome-extension://ifidkgmkpihooaknfaapgkejcgcbniek/128.png
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://block-ads-now.com/movie2LP.html?an=ac&cid=167018590110000TUKTV436497501254Vba&sid=3052727-1021009776-0
Message:
Access to XMLHttpRequest at 'chrome-extension://ifidkgmkpihooaknfaapgkejcgcbniek/128.png' from origin 'https://block-ads-now.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network error URL: chrome-extension://ifidkgmkpihooaknfaapgkejcgcbniek/128.png
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://block-ads-now.com/movie2LP.html?an=ac&cid=167018590110000TUKTV436497501254Vba&sid=3052727-1021009776-0
Message:
Access to XMLHttpRequest at 'chrome-extension://ifidkgmkpihooaknfaapgkejcgcbniek/128.png' from origin 'https://block-ads-now.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network error URL: chrome-extension://ifidkgmkpihooaknfaapgkejcgcbniek/128.png
Message:
Failed to load resource: net::ERR_FAILED