urlscan.io logo urlscan.io
SecurityTrails logo

adblock-pro-download.com Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://photo.i74k.pics/z8hPB1Cc
Effective URL: https://adblock-pro-download.com/step1.html?an=ac&cid=167704270810000TDETV416077146964Vd1&sid=5660982-2077249293-0
Submission: On February 22 via manual from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 16 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is adblock-pro-download.com. The Cisco Umbrella rank of the primary domain is 108673.
TLS certificate: Issued by GTS CA 1P5 on December 30th 2022. Valid for: 3 months.
This is the only time adblock-pro-download.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 45.87.43.157 62068 (SPECTRAIP...)
1 2a02:4780:b:9... 47583 (AS-HOSTINGER)
1 1 64.227.23.114 14061 (DIGITALOC...)
2 3 35.186.243.67 15169 (GOOGLE)
11 2a06:98c1:312... 13335 (CLOUDFLAR...)
16 5
1    45.87.43.157 (Amsterdam, Netherlands)

ASN62068 (SPECTRAIP SpectraIP B.V., NL)
PTR: 45-87-43-157.static.pwxs.net
photo.i74k.pics
1    2a02:4780:b:926:0:2ce5:58cd:1 (Phoenix, United States)

ASN47583 (AS-HOSTINGER, CY)
iuft2.com
1    64.227.23.114 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
polo.thegadgetguru.club
3    35.186.243.67 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 67.243.186.35.bc.googleusercontent.com
buzzonclick.com
11    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
adblock-pro-download.com
Apex Domain
Subdomains		 Transfer
11 adblock-pro-download.com
adblock-pro-download.com — Cisco Umbrella Rank: 108673
92 KB
3 buzzonclick.com
buzzonclick.com — Cisco Umbrella Rank: 534814
3 KB
1 thegadgetguru.club
polo.thegadgetguru.club — Cisco Umbrella Rank: 760248
327 B
1 iuft2.com
iuft2.com
549 B
1 i74k.pics
photo.i74k.pics
931 B
0 Failed
function sub() { [native code] }. Failed
16 6
Domain Requested by
11 adblock-pro-download.com buzzonclick.com
adblock-pro-download.com
photo.i74k.pics
3 buzzonclick.com 2 redirects iuft2.com
1 polo.thegadgetguru.club 1 redirects
1 iuft2.com photo.i74k.pics
1 photo.i74k.pics
0 ifidkgmkpihooaknfaapgkejcgcbniek Failed photo.i74k.pics
16 6

This site contains links to these domains. Also see Links.

Domain
adblock-pro.org
Subject Issuer Validity Valid
photo.i74k.pics
R3		 2023-02-21 -
2023-05-22		 3 months crt.sh
iuft2.com
ZeroSSL RSA Domain Secure Site CA		 2022-12-21 -
2023-03-21		 3 months crt.sh
buzzonclick.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-30 -
2023-06-30		 a year crt.sh
*.adblock-pro-download.com
GTS CA 1P5		 2022-12-30 -
2023-03-30		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://adblock-pro-download.com/step1.html?an=ac&cid=167704270810000TDETV416077146964Vd1&sid=5660982-2077249293-0
Frame ID: EC4FC6017D750FD20583EA42569E2673
Requests: 11 HTTP requests in this frame

Frame: https://adblock-pro-download.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1677038400
Frame ID: 9B564FC0E01DEB8A23617B2C8F0FE33F
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Download ready

Page URL History Show full URLs

  1. https://photo.i74k.pics/z8hPB1Cc Page URL
  2. https://polo.thegadgetguru.club/?k=5281866661e5a69c5775cc78ffb58b71&type=mainstream&subtype=global HTTP 302
    https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=6efde8c44b0c38875ffa8dc108fb09eb&sub1=73... Page URL
  3. https://buzzonclick.com/jump/next.php?stamat=m%257CNyY2F6t3aQdHkAH0dEdHP3xP.e83%252C7H0PozvLiGV-YkDx... HTTP 302
    https://buzzonclick.com/script/i.php?t=1&stamat=m%257C%252C%252CAhEqIjf_tGU3BP-GH0dEdHP3xP.494%252C6... HTTP 302
    https://adblock-pro-download.com/step1.html?an=ac&cid=167704270810000TDETV416077146964Vd1&sid=5660982-2077249... Page URL

Page Statistics

16
Requests

88 %
HTTPS

40 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

97 kB
Transfer

157 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://photo.i74k.pics/z8hPB1Cc Page URL
  2. https://polo.thegadgetguru.club/?k=5281866661e5a69c5775cc78ffb58b71&type=mainstream&subtype=global HTTP 302
    https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=6efde8c44b0c38875ffa8dc108fb09eb&sub1=731&clickid=6efde8c44b0c38875ffa8dc108fb09eb Page URL
  3. https://buzzonclick.com/jump/next.php?stamat=m%257CNyY2F6t3aQdHkAH0dEdHP3xP.e83%252C7H0PozvLiGV-YkDx825CHoc7hmmLqUo0XX0KS4JMwsOoBP4bWJAesHFVwLk-IcvSIRbxGH21b-Z77Ub8rzpx23fhGumo9vTvU81aPEaWN_HEHUhIPd7sAfcagFIjMg6eeEUH6fp9zBuHDcanvETAdw%252C%252C&cbpage=https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=6efde8c44b0c38875ffa8dc108fb09eb&sub1=731&clickid=6efde8c44b0c38875ffa8dc108fb09eb&cbur=0.7327887735736063&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=https%3A%2F%2Fphoto.i74k.pics%2F HTTP 302
    https://buzzonclick.com/script/i.php?t=1&stamat=m%257C%252C%252CAhEqIjf_tGU3BP-GH0dEdHP3xP.494%252C6MZS2fLcVx2cBK2UuXHHHfhpwUnzbwV2LMBsHOOqQDWr48XL45eX9Wqb597xMc4_iPhntHHjiyPoXy0vn3rIx9CAN1w_vRS2LoBTIJBDBQyZxQ-fC1ewVntq9PzXSOw0O4IadksbUlmZsoHr1pyYjetbNVF3d0RC8vdGrkw0QenWugitK8ImjmAhBY4bWrWsvsAPU8bud9YlCniTo5G7Ol-MiDFl-yBFtraV0htIaU3rGYLEW_PI_Xh5E8oq6vwJAV14va8wkdA7Bw-Mk4td8gvhN5prnsX_Ik3JCXkxGEvxXCAlLhjkg0E3mDki50PkcJeL3rq6b5rdH2sDg5iU1tfG3qD7tYowjufu3SRiYVkMlscIv5kQJF7yYgvmj-gJbD0RLhQXUhc1IYL2VbK8afgEtaUUno-jWYwxb_4GvQlKqiJq3BnBFvCMct3VGupHuhYgYj2Dh8k64Y84Y1u1LKZXzWAjxxTGPAMxD16kZbZgjsOVR9w4-Cg1PJKH9Ynxvd9mfiiyTlU0DrIZfTw7mRGmLAKIDcpx4g9kAzwhCp3cjMyM7c0CTR8aouQyx9ObMia7pOc_r2RSPzChS2G2kSo8xtGrkzJG_b8z_vFz13HD_XElHk2G2AIS7A9s1R7T HTTP 302
    https://adblock-pro-download.com/step1.html?an=ac&cid=167704270810000TDETV416077146964Vd1&sid=5660982-2077249293-0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://polo.thegadgetguru.club/?k=5281866661e5a69c5775cc78ffb58b71&type=mainstream&subtype=global HTTP 302
  • https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=6efde8c44b0c38875ffa8dc108fb09eb&sub1=731&clickid=6efde8c44b0c38875ffa8dc108fb09eb

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
z8hPB1Cc
photo.i74k.pics/ 		164 B
931 B 		Document
General
Check archive.org
Download Go to
Full URL
https://photo.i74k.pics/z8hPB1Cc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.87.43.157 Amsterdam, Netherlands, ASN62068 (SPECTRAIP SpectraIP B.V., NL),
Reverse DNS
45-87-43-157.static.pwxs.net
Software
nginx /
Resource Hash
35ae18e49e571baa674f1bc138f3716f61ac81268133b4d7bd9313277c1069b1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
164
Content-Type
text/html
Date
Wed, 22 Feb 2023 05:11:47 GMT
Expires
0
Pragma
no-cache
Server
nginx
Vary
Accept-Encoding
/
iuft2.com/hmoises/ 		117 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://iuft2.com/hmoises/?api=1&lan=directo&ht=2
Requested by
Host: photo.i74k.pics
URL: https://photo.i74k.pics/z8hPB1Cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:926:0:2ce5:58cd:1 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/7.4.33
Resource Hash
be4d0538c0e91ef9cb81ac628b21eb5b6b9cc4472f02aa700cea825e4008a79b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://photo.i74k.pics/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 05:11:47 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
server
LiteSpeed
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
platform
hostinger
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
122
expires
Thu, 19 Nov 1981 08:52:00 GMT
next.php
buzzonclick.com/jump/
Redirect Chain
  • https://polo.thegadgetguru.club/?k=5281866661e5a69c5775cc78ffb58b71&type=mainstream&subtype=global
  • https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=6efde8c44b0c38875ffa8dc108fb09eb&sub1=731&clickid=6efde8c44b0c38875ffa8dc108fb09eb
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=6efde8c44b0c38875ffa8dc108fb09eb&sub1=731&clickid=6efde8c44b0c38875ffa8dc108fb09eb
Requested by
Host: iuft2.com
URL: https://iuft2.com/hmoises/?api=1&lan=directo&ht=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.243.67 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
67.243.186.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Referer
https://photo.i74k.pics/z8hPB1Cc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 22 Feb 2023 05:11:48 GMT
server
openresty
via
1.1 google

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Wed, 22 Feb 2023 05:11:48 GMT
Location
https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=6efde8c44b0c38875ffa8dc108fb09eb&sub1=731&clickid=6efde8c44b0c38875ffa8dc108fb09eb
Server
nginx/1.16.1 (Ubuntu)
Primary Request step1.html
adblock-pro-download.com/
Redirect Chain
  • https://buzzonclick.com/jump/next.php?stamat=m%257CNyY2F6t3aQdHkAH0dEdHP3xP.e83%252C7H0PozvLiGV-YkDx825CHoc7hmmLqUo0XX0KS4JMwsOoBP4bWJAesHFVwLk-IcvSIRbxGH21b-Z77Ub8rzpx23fhGumo9vTvU81aPEaWN_HEHUhIP...
  • https://buzzonclick.com/script/i.php?t=1&stamat=m%257C%252C%252CAhEqIjf_tGU3BP-GH0dEdHP3xP.494%252C6MZS2fLcVx2cBK2UuXHHHfhpwUnzbwV2LMBsHOOqQDWr48XL45eX9Wqb597xMc4_iPhntHHjiyPoXy0vn3rIx9CAN1w_vRS2Lo...
  • https://adblock-pro-download.com/step1.html?an=ac&cid=167704270810000TDETV416077146964Vd1&sid=5660982-2077249293-0
11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adblock-pro-download.com/step1.html?an=ac&cid=167704270810000TDETV416077146964Vd1&sid=5660982-2077249293-0
Requested by
Host: buzzonclick.com
URL: https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=6efde8c44b0c38875ffa8dc108fb09eb&sub1=731&clickid=6efde8c44b0c38875ffa8dc108fb09eb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca6a759a66d16a29c06085aba2b9a0c15d04655f556eb3212cd4961fa361fdbf
Security Headers
Name Value
Strict-Transport-Security max-age=16000000

Request headers

Referer
https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=6efde8c44b0c38875ffa8dc108fb09eb&sub1=731&clickid=6efde8c44b0c38875ffa8dc108fb09eb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
79d53923cbd13a73-FRA
content-encoding
br
content-type
text/html
date
Wed, 22 Feb 2023 05:11:49 GMT
last-modified
Fri, 30 Dec 2022 17:34:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x4JOGPKOV11fJWJDIRCNsLvRjfhugfVVrRGvNJNQH8stSG4SDZmwZsPiWbmyhCiQPgyC0J4ySqqcDZg00231k374l4C4NdcNQK5yW8Lm9ExukJWH08sU4ztxfPVqSVvrSdigpJacYsRNgEwregKvJRyOwFN6f1U%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=16000000
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=utf-8
date
Wed, 22 Feb 2023 05:11:48 GMT
location
https://adblock-pro-download.com/step1.html?an=ac&cid=167704270810000TDETV416077146964Vd1&sid=5660982-2077249293-0
server
openresty
via
1.1 google
step_1.png
adblock-pro-download.com/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adblock-pro-download.com/img/step_1.png
Requested by
Host: adblock-pro-download.com
URL: https://adblock-pro-download.com/step1.html?an=ac&cid=167704270810000TDETV416077146964Vd1&sid=5660982-2077249293-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0453a0a49a237c3a9ac4a6e79e084e88e8c0c58f8fda6b10d55d1c15ebdd6971
Security Headers
Name Value
Strict-Transport-Security max-age=16000000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:11:49 GMT
strict-transport-security
max-age=16000000
cf-cache-status
HIT
last-modified
Fri, 30 Dec 2022 17:35:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6759
etag
W/"147d-5f10f0583a9e0-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bk2uhaP54OGXSH93dxNErNDhpf8yktJnliUXwDYMWwM8tcBdfdexjXn1CzAA%2FUNHrAU7B%2FwlFOUy9%2FRZceDOYaPE2a7lmAUOs%2BSAhxNjnk5rm9H0xngYNIeiI3a4bMU94eL9sdqw6%2BHO%2F1UFt%2B2Sfpq3GmqJarM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
cf-ray
79d539242c383a73-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
step_2.png
adblock-pro-download.com/img/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adblock-pro-download.com/img/step_2.png
Requested by
Host: adblock-pro-download.com
URL: https://adblock-pro-download.com/step1.html?an=ac&cid=167704270810000TDETV416077146964Vd1&sid=5660982-2077249293-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b76fca3a9a76bc787cba62e2376ef320550e337684e1ca090136bf3675822f55
Security Headers
Name Value
Strict-Transport-Security max-age=16000000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:11:49 GMT
strict-transport-security
max-age=16000000
cf-cache-status
HIT
last-modified
Fri, 30 Dec 2022 17:35:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1465
etag
W/"52d2-5f10f05801000-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=14hVleSMiFML9G0SZH1GRG5ohxlRfpDrgrKyIF7YwHVHAX1tqeVbQMjNUaCnf5GvWCeKijkeY%2Bma%2BLzrA4KEkul0EED3Y0yyuX6IACKANJEY7W1DRZh5OPXz9RO%2Bw0ef4ZriDyQQvGTY2fj9XUHveCpk6CRESoI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
cf-ray
79d539242c3b3a73-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
step_3.png
adblock-pro-download.com/img/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adblock-pro-download.com/img/step_3.png
Requested by
Host: adblock-pro-download.com
URL: https://adblock-pro-download.com/step1.html?an=ac&cid=167704270810000TDETV416077146964Vd1&sid=5660982-2077249293-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f46d4349ef23c1ee864d67f597bbe9d9a83c6ffc86dc272d22bacad56121351
Security Headers
Name Value
Strict-Transport-Security max-age=16000000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:11:49 GMT
strict-transport-security
max-age=16000000
cf-cache-status
HIT
last-modified
Fri, 30 Dec 2022 17:35:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1465
etag
W/"4373-5f10f0580cb80-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GobcTEPbjL4ccWJMafxihQgFLTuxRk5ipR%2B6K6tms0lNmWL60vTa803WY1Bpv1CxxoCbgNWj7LyETkqw%2FcABEyFtTGcdnmsUbRhv2zTc9SFc3vsybxfrYyI%2FPR1gJFgIrpEB8ST7jZNTGlqDPLaOwCL1SzMO18E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
cf-ray
79d539243c433a73-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ChromeWebStore_Badge_v2_340x96.png
adblock-pro-download.com/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adblock-pro-download.com/img/ChromeWebStore_Badge_v2_340x96.png
Requested by
Host: adblock-pro-download.com
URL: https://adblock-pro-download.com/step1.html?an=ac&cid=167704270810000TDETV416077146964Vd1&sid=5660982-2077249293-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f49e4bff319083c20b3386f23547315773631e155e389ed42550295e4913e12d
Security Headers
Name Value
Strict-Transport-Security max-age=16000000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:11:49 GMT
strict-transport-security
max-age=16000000
cf-cache-status
HIT
last-modified
Fri, 30 Dec 2022 17:35:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5961
etag
W/"1608-5f10f0560dfa0-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9LTXh4YXp96STKbl6%2Four3TIOQu0zrMMnIqo24iZsDuMDN8%2Bk3PJCF7nA8%2BL1HiHJo22O3UEl1RYaFF9Ia%2FZ0XzobkHZOT1j8cu7LiBaS3PHTlv0tx0UYauT3cHr8vMSmnZKZOgKRdgR135k58i5xIRNyIocPxI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
cf-ray
79d539243c453a73-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rocket-loader.min.js
adblock-pro-download.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adblock-pro-download.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: adblock-pro-download.com
URL: https://adblock-pro-download.com/step1.html?an=ac&cid=167704270810000TDETV416077146964Vd1&sid=5660982-2077249293-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:11:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 15 Feb 2023 14:31:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63ececa5-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EE5Xd%2FqfdDVuus4OJhT9MxR72oLjIU1Uivzs09CRBRRmsclxFUjOPwkNmqimxeUebPB7KswdsChfyyLlQv3yMwH5f9biq8blsDWuZ%2BZBErEdCP%2B1OTZztfSV26X8i18TWDmviaRbzDpOsjZO2F5VoWsQgjbeSMw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
79d539243c463a73-FRA
expires
Fri, 24 Feb 2023 05:11:49 GMT
invisible.js
adblock-pro-download.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 9B56 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adblock-pro-download.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1677038400
Requested by
Host: photo.i74k.pics
URL: https://photo.i74k.pics/z8hPB1Cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c4ab2466a5e52e6ebc0e1c10b4c3ea9b1c8dc9f4453f623dc64f745ef1cf5f5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:11:49 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jN0zjyfgIdkyarmoqhFq%2BQKP4Wb4xGSVXeqtIp6s39DX8yog6DNJlzJ9YoTR6%2F4oNHKUxW0xOZVQEFI9Ed%2FPpg9USiHYIg191ROzMMVFIYtpaLq1IyXS38s2829Zhbmfgesjqjcp6cAzNToFHbbmvmZEveJ6Lv8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
79d539246c8e3a73-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
128.png
ifidkgmkpihooaknfaapgkejcgcbniek/ 		0
0
pica.js
adblock-pro-download.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 9B56 		21 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://adblock-pro-download.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f42f0ef9f8acce4f7f7a8567676f47c1f4e0abb2c2984d13222dfa8056c414cb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:11:49 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GXAl59etyBgn3vumPbrrZkM4dBGhFA7JswfrNpvSg1Mb1cZ5v3e7d6GbDnrUEFL%2B5xN7beH3B0LruVR4m1wT0JD57QDDTIAAKEFyQutK0IENnLk6RdXA2FKcPGTXJgrCFhUsELW2WsU87toZ62zRXYneEEDqu%2BM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
79d53924cc579164-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
adblock-pro-download.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 9B56 		20 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://adblock-pro-download.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12d3e588bfba219a3ed1021b5d463969bb02d2745d42dfabf779abf2780843ed

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:11:49 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cs32EM88rb7xO9b2vFs5h%2BFPbuGHdvLg%2F9dFxeYdSkISBX9JWni2QnB2iYDJUOOCU1Q1hG5OmLJGhUJxZ8kMIDbywDZ0Gx9QXConob0QqnyncEhJnkSBfahMEES3SUtpE5FItYOoYZ5yopiaI14Q4tIurxc5ngU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
79d53924cc599164-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
79d53923cbd13a73
adblock-pro-download.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 9B56 		2 B
698 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adblock-pro-download.com/cdn-cgi/challenge-platform/h/g/cv/result/79d53923cbd13a73
Requested by
Host: adblock-pro-download.com
URL: https://adblock-pro-download.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1677038400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 22 Feb 2023 05:11:49 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qFWj9tL9y5iLh%2BvHtDHWqG3Xpktb%2FqhDUcez0fvwKT5ddI07dZmNlPT%2B6fCep%2BswvYl19uZocbuZKzBqxzd%2F5CEvquXy%2BzCkKCXaoIMjl9dtF36AKprE1%2FumeH3azLqSKjnlNCNvkSF%2FMXhle3PCVthiJw5Lgpc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
79d539275eb09164-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
79d53923cbd13a73
adblock-pro-download.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 9B56 		2 B
695 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adblock-pro-download.com/cdn-cgi/challenge-platform/h/g/cv/result/79d53923cbd13a73
Requested by
Host: adblock-pro-download.com
URL: https://adblock-pro-download.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1677038400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 22 Feb 2023 05:11:49 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=meHybUBEa9AlohKJt%2BkyuGQCg1Lx05Osnw%2Bm032dtrPmQI6SJQ48gRG1kysDNTIuZPXkxhP%2BFh0h2WAzD9vaiIL2cvgyaxmlmPLft%2FJyIcddeZl%2FtXGr7oQD0bET4OA5dcQtF3fdjZuHBLhpVRTOy5ZKO3UbWAs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
79d539284f6e9164-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
128.png
ifidkgmkpihooaknfaapgkejcgcbniek/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ifidkgmkpihooaknfaapgkejcgcbniek
URL
chrome-extension://ifidkgmkpihooaknfaapgkejcgcbniek/128.png
Domain
ifidkgmkpihooaknfaapgkejcgcbniek
URL
chrome-extension://ifidkgmkpihooaknfaapgkejcgcbniek/128.png

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| oncontentvisibilityautostatechange object| __cfQR function| popupchrome function| f string| navlangue number| e string| id boolean| __cfRLUnblockHandlers

4 Cookies

Domain/Path Name / Value
photo.i74k.pics/ Name: _subid
Value: 111bc7e1gc7v
photo.i74k.pics/ Name: c44b5
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjI1MzIyMFwiOjE2NzcwNDI3MDd9LFwiY2FtcGFpZ25zXCI6e1wiNjMzMTNcIjoxNjc3MDQyNzA3fSxcInRpbWVcIjoxNjc3MDQyNzA3fSJ9.S4WT3sieEQjdYzfHNT07lMQXFJWuQ8ADw_hz_EmvkoA
photo.i74k.pics/ Name: _token
Value: uuid_111bc7e1gc7v_111bc7e1gc7v63f5a4132e2df3.36961116
.adblock-pro-download.com/ Name: __cf_bm
Value: RmteYWBsE5owbfguXn_UivJTqEPJrj7.o9n_ViiF6Q4-1677042709-0-AWTfZcnuQ650QHrQiTCgkQB9wBTAQXrllPYT0ZpXKkDKEuLlnlJZxcAXmXS7IZm+OBqmWX+tcsX7UCGA5RlvBsIOu1ZtX+d8X1eapQYh1VFVtGmdwRziFH9DwGTRRSAVky27HSf8Izk0aDns2di+YGM=

4 Console Messages

Source Level URL
Text
javascript error URL: https://adblock-pro-download.com/step1.html?an=ac&cid=167704270810000TDETV416077146964Vd1&sid=5660982-2077249293-0
Message:
Access to XMLHttpRequest at 'chrome-extension://ifidkgmkpihooaknfaapgkejcgcbniek/128.png' from origin 'https://adblock-pro-download.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network error URL: chrome-extension://ifidkgmkpihooaknfaapgkejcgcbniek/128.png
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://adblock-pro-download.com/step1.html?an=ac&cid=167704270810000TDETV416077146964Vd1&sid=5660982-2077249293-0
Message:
Access to XMLHttpRequest at 'chrome-extension://ifidkgmkpihooaknfaapgkejcgcbniek/128.png' from origin 'https://adblock-pro-download.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network error URL: chrome-extension://ifidkgmkpihooaknfaapgkejcgcbniek/128.png
Message:
Failed to load resource: net::ERR_FAILED