problogger.xyz Open in urlscan Pro
64.190.63.222 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://problogger.xyz/
Submission Tags: phishingrod
Submission: On March 03 via api (March 3rd 2024, 12:52:13 am UTC) from DE — Scanned from DE

Summary HTTP 15 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 15 HTTP transactions. The main IP is 64.190.63.222, located in Germany and belongs to SEDO-AS, DE. The main domain is problogger.xyz.

This is the only time problogger.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	64.190.63.222 64.190.63.222	47846 (SEDO-AS) (SEDO-AS)
1	205.234.175.175 205.234.175.175	30081 (CACHENETW...) (CACHENETWORKS)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
15	6

2 64.190.63.222 (Germany)

ASN47846 (SEDO-AS, DE)

problogger.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net

img.sedoparking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.adsensecustomsearchads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

afs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	adsensecustomsearchads.com www.adsensecustomsearchads.com — Cisco Umbrella Rank: 2527	58 KB
2	googleusercontent.com afs.googleusercontent.com — Cisco Umbrella Rank: 9742	1 KB
2	problogger.xyz problogger.xyz	9 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 5045	595 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	52 KB
1	sedoparking.com img.sedoparking.com — Cisco Umbrella Rank: 67337	3 KB
15	6

	Domain	Requested by
8	www.adsensecustomsearchads.com	www.google.com problogger.xyz www.adsensecustomsearchads.com
2	afs.googleusercontent.com
2	problogger.xyz	problogger.xyz
1	partner.googleadservices.com	www.google.com
1	www.google.com	problogger.xyz
1	img.sedoparking.com	problogger.xyz
15	6

This site contains links to these domains. Also see Links.

Domain
sedo.com
www.sedoparking.com
www.sedo.com

Subject Issuer	Validity	Valid
*.googleadservices.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh

This page contains 3 frames:

Primary Page: http://problogger.xyz/
Frame ID: DB17DB340D04FC1E648934AB31532184
Requests: 10 HTTP requests in this frame

Frame: https://www.adsensecustomsearchads.com/afs/ads/i/iframe.html
Frame ID: BCA4D831A832EB267357E87635D9A364
Requests: 1 HTTP requests in this frame

Frame: https://www.adsensecustomsearchads.com/afs/ads?adsafe=low&adtest=off&psid=2250459117&channel=%2Cexp-0051%2Cauxa-control-1%2C49550092&client=dp-sedo85_3ph&r=m&hl=de&ivt=0&rpbu=http%3A%2F%2Fproblogger.xyz%2Fcaf%2F%3Fses%3DY3JlPTE3MDk0MjcxMjgmdGNpZD1wcm9ibG9nZ2VyLnh5ejY1ZTNjOWI4ZjE1ZWI5Ljg2MDI4ODU1JnRhc2s9c2VhcmNoJmRvbWFpbj1wcm9ibG9nZ2VyLnh5eiZhX2lkPTMmc2Vzc2lvbj1rUk1SWS1GM0tkWEM2aThTOHljaw%3D%3D&type=3&uiopt=false&swp=as-drid-2920744318977611&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301383%2C17301421%2C17301431%2C17301433%2C17301436%2C71847096&client_gdprApplies=1&format=r10%7Cs&nocache=3171709427129052&num=0&output=afd_ads&domain_name=problogger.xyz&v=3&bsl=8&pac=2&u_his=2&u_tz=60&dt=1709427129060&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=651&frm=0&uio=--&cont=rb-default&drt=0&jsid=caf&jsv=610814804&rurl=http%3A%2F%2Fproblogger.xyz%2F
Frame ID: FEE273337F69160D4CF2839097D0CC5C
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

problogger.xyz - Diese Website steht zum Verkauf! - Informationen zum Thema problogger.

Page Statistics

15
Requests

73 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

123 kB
Transfer

353 kB
Size

1
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://sedo.com/search/details/?partnerid=14457&language=d&domain=problogger.xyz&origin=parking&utm_medium=Parking&utm_campaign=template&utm_source=3000
Title: Domain erwerben

Search URL Search Domain Scan URL

URL: http://www.sedoparking.com/

Search URL Search Domain Scan URL

URL: https://www.sedo.com/services/parking.php3
Title: Domain Parking Programm

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
problogger.xyz/ 33 KB
9 KB 92ms
45ms Document
text/html 64.190.63.222
SEDO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://problogger.xyz/
Protocol: HTTP/1.1
Server: 64.190.63.222 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software: NginX / PHP/8.1.17
Resource Hash: 3129c9e4dc85a78f14e9b3999c6683d39acf84bd0de23ac5700c6a85e99e53d1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 03 Mar 2024 00:52:09 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 03 Mar 2024 00:52:08 GMT
pragma: no-cache
server: NginX
transfer-encoding: chunked
vary: Accept-Encoding
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_hSw8e2bc/Ca6hn58rInWZBEECru8XuZ694W9rh/+4EQ6dN17SaC6KvdG0k9tSvMVyCROW/OPB3ydmmpfG2uTcA==
x-cache-miss-from: parking-5747c769c4-xqvgp
x-powered-by: PHP/8.1.17

GET
H/1.1 200
OK logo_2016_bbbbbb.svg
img.sedoparking.com/templates/brick_gfx/common/ 4 KB
3 KB 93ms
24ms Image
image/svg+xml 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.sedoparking.com/templates/brick_gfx/common/logo_2016_bbbbbb.svg
Requested by: Host: problogger.xyz
URL: http://problogger.xyz/
Protocol: HTTP/1.1
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: 52f5919c4897d366761c7f7ae51bfb06e517a082153196fe0375482da57e441b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://problogger.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sun, 03 Mar 2024 00:52:09 GMT
x-cf-tsc: 1708606916
Content-Encoding: gzip
X-CF3: H
CF4ttl: 31535370.000
X-CF1: 11696:fA.waw1:cf:cacheN.waw1-01:M
X-CF-ReqID: 107bc4a26ff5363b4a0e5ce6343c58b8
Connection: keep-alive
Content-Length: 2072
X-CF2: H
Last-Modified: Thu, 05 Sep 2019 07:18:32 GMT
Server: CFS 1124
X-CFF: B
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-CFHash: "adc1ae99a6c288fdf2e52bbf62e06aed"
Cache-Control: max-age=604800
CF4Age: 629
Accept-Ranges: bytes
Expires: Sun, 10 Mar 2024 00:52:09 GMT

GET
H/1.1 200
OK caf.js Show response
www.google.com/adsense/domains/ 141 KB
52 KB 21ms
15ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.google.com/adsense/domains/caf.js

Requested by

Host: problogger.xyz
URL: http://problogger.xyz/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3086fa992a8c1acb4f41c3d8322a6044917c10fcb21617f6561e7b9da8b1719d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://problogger.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sun, 03 Mar 2024 00:52:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
ETag: "7238558965739783970"
Vary: Accept-Encoding
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Accept-Ranges: bytes
Link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
Expires: Sun, 03 Mar 2024 00:52:09 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 382 B
595 B 109ms
50ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=problogger.xyz&client=dp-sedo85_3ph&product=SAS&callback=__sasCookie

Requested by

Host: www.google.com
URL: http://www.google.com/adsense/domains/caf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9bdb004bd3dbb71f5fec881a0b65a60bc981db4a7d6e4760b3868fa448e1fb5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://problogger.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 00:52:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 243
x-xss-protection: 0

GET
H2 200 iframe.html Show response
www.adsensecustomsearchads.com/afs/ads/i/ Frame BCA4 2 KB
1 KB 81ms
61ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.adsensecustomsearchads.com/afs/ads/i/iframe.html

Requested by

Host: www.google.com
URL: http://www.google.com/adsense/domains/caf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad9e8209d45df44f815239727cab067eb43e38a471dbbc6b30902f407e45e31b

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-exNe7EpltDI308zt_Qcdog' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://problogger.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 727
content-security-policy: script-src 'nonce-exNe7EpltDI308zt_Qcdog' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Mar 2024 00:52:09 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Tue, 14 Nov 2023 07:00:00 GMT
pragma: no-cache
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
www.adsensecustomsearchads.com/afs/ Frame FEE2 31 KB
4 KB 105ms
92ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.adsensecustomsearchads.com/afs/ads?adsafe=low&adtest=off&psid=2250459117&channel=%2Cexp-0051%2Cauxa-control-1%2C49550092&client=dp-sedo85_3ph&r=m&hl=de&ivt=0&rpbu=http%3A%2F%2Fproblogger.xyz%2Fcaf%2F%3Fses%3DY3JlPTE3MDk0MjcxMjgmdGNpZD1wcm9ibG9nZ2VyLnh5ejY1ZTNjOWI4ZjE1ZWI5Ljg2MDI4ODU1JnRhc2s9c2VhcmNoJmRvbWFpbj1wcm9ibG9nZ2VyLnh5eiZhX2lkPTMmc2Vzc2lvbj1rUk1SWS1GM0tkWEM2aThTOHljaw%3D%3D&type=3&uiopt=false&swp=as-drid-2920744318977611&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301383%2C17301421%2C17301431%2C17301433%2C17301436%2C71847096&client_gdprApplies=1&format=r10%7Cs&nocache=3171709427129052&num=0&output=afd_ads&domain_name=problogger.xyz&v=3&bsl=8&pac=2&u_his=2&u_tz=60&dt=1709427129060&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=651&frm=0&uio=--&cont=rb-default&drt=0&jsid=caf&jsv=610814804&rurl=http%3A%2F%2Fproblogger.xyz%2F

Requested by

Host: www.google.com
URL: http://www.google.com/adsense/domains/caf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

4a935812e3794bffacdebc2d5e6467715e19a961a017a7e4fb2174cfcbfac3ef

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-vq1Wwh1pM4AVT9cyHq-NPw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection	0

Request headers

Referer: http://problogger.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-disposition: inline
content-encoding: br
content-length: 3850
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-vq1Wwh1pM4AVT9cyHq-NPw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
date: Sun, 03 Mar 2024 00:52:09 GMT
expires: Sun, 03 Mar 2024 00:52:09 GMT
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server: gws
x-xss-protection: 0

GET
H/1.1 200
OK tsc.php Show response
problogger.xyz/search/ 0
201 B 17ms
17ms XHR
text/html 64.190.63.222
SEDO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://problogger.xyz/search/tsc.php?200=NTczODQ4NTcw&21=NDUuMTQxLjE1Mi43Ng==&681=MTcwOTQyNzEyOGU5ZGU5MGIyMjY4Y2E4NWI3MjU4ZTVlYzY3YmYxM2Jj&crc=d01150065ea06f781def00be99ba8feb329ebb3f&cv=1
Requested by: Host: problogger.xyz
URL: http://problogger.xyz/
Protocol: HTTP/1.1
Server: 64.190.63.222 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software: NginX / PHP/8.1.17
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://problogger.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 00:52:09 GMT
x-cache-miss-from: parking-5747c769c4-tctkp
server: NginX
x-powered-by: PHP/8.1.17
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 204 gen_204
www.adsensecustomsearchads.com/afs/ 0
908 B 36ms
26ms Image
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.adsensecustomsearchads.com/afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=blwvvz4pn9uz&pbt=rd&ivt=false&dA=true&msg=client-side%20changes%20applied.

Requested by

Host: problogger.xyz
URL: http://problogger.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-5Pxp8dqVBVX-WwEKZXSVNQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://problogger.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-5Pxp8dqVBVX-WwEKZXSVNQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Sun, 03 Mar 2024 00:52:09 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 caf.js Show response
www.adsensecustomsearchads.com/adsense/domains/ Frame FEE2 141 KB
51 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.adsensecustomsearchads.com/adsense/domains/caf.js?pac=2

Requested by

Host: www.adsensecustomsearchads.com
URL: https://www.adsensecustomsearchads.com/afs/ads?adsafe=low&adtest=off&psid=2250459117&channel=%2Cexp-0051%2Cauxa-control-1%2C49550092&client=dp-sedo85_3ph&r=m&hl=de&ivt=0&rpbu=http%3A%2F%2Fproblogger.xyz%2Fcaf%2F%3Fses%3DY3JlPTE3MDk0MjcxMjgmdGNpZD1wcm9ibG9nZ2VyLnh5ejY1ZTNjOWI4ZjE1ZWI5Ljg2MDI4ODU1JnRhc2s9c2VhcmNoJmRvbWFpbj1wcm9ibG9nZ2VyLnh5eiZhX2lkPTMmc2Vzc2lvbj1rUk1SWS1GM0tkWEM2aThTOHljaw%3D%3D&type=3&uiopt=false&swp=as-drid-2920744318977611&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301383%2C17301421%2C17301431%2C17301433%2C17301436%2C71847096&client_gdprApplies=1&format=r10%7Cs&nocache=3171709427129052&num=0&output=afd_ads&domain_name=problogger.xyz&v=3&bsl=8&pac=2&u_his=2&u_tz=60&dt=1709427129060&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=651&frm=0&uio=--&cont=rb-default&drt=0&jsid=caf&jsv=610814804&rurl=http%3A%2F%2Fproblogger.xyz%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e0fc0562e80f7be205b363b861eade6eb1017851e6b6afaa84558db039f5595

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adsensecustomsearchads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 00:52:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "15467280794081942438"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
expires: Sun, 03 Mar 2024 00:52:09 GMT

GET
H2 200 search.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame FEE2 391 B
384 B 41ms
7ms Image
image/svg+xml 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17c7a89bf169c2ee400e31b042cea68513f06b9cd7d1e8990dbec800f0d771c7

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adsensecustomsearchads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 02 Mar 2024 15:04:18 GMT
age: 35271
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 270
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
vary: Accept-Encoding
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type: image/svg+xml
cache-control: public, max-age=82800
accept-ranges: bytes
expires: Sun, 03 Mar 2024 14:04:18 GMT

GET
H2 200 chevron.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame FEE2 200 B
700 B 40ms
7ms Image
image/svg+xml 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adsensecustomsearchads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 02 Mar 2024 12:39:21 GMT
age: 43968
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 174
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
vary: Accept-Encoding
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type: image/svg+xml
cache-control: public, max-age=82800
accept-ranges: bytes
expires: Sun, 03 Mar 2024 11:39:21 GMT

GET
H3 204 gen_204
www.adsensecustomsearchads.com/afs/ 0
19 B 27ms
26ms Image
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.adsensecustomsearchads.com/afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=1v5sqazgyfnz&aqid=ucnjZf3zBoCWjuwPq8m-oAY&psid=2250459117&pbt=bs&adbx=224&adby=147&adbh=1711&adbw=880&adbah=168%2C168%2C168%2C168%2C168%2C168%2C168%2C168%2C168%2C168&adbn=master-1&eawp=partner-dp-sedo85_3ph&errv=610814804&csala=10%7C0%7C111%7C56%7C6&lle=0&ifv=1&hpt=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-zS0AWB0ut2Ft9Qcuwruk-w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://problogger.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-zS0AWB0ut2Ft9Qcuwruk-w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Sun, 03 Mar 2024 00:52:10 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
www.adsensecustomsearchads.com/afs/ 0
19 B 27ms
27ms Image
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.adsensecustomsearchads.com/afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=jl877gujdyam&aqid=ucnjZf3zBoCWjuwPq8m-oAY&pbt=bs&adbx=1320&adby=44&adbh=16&adbw=200&adbn=slave-1-1&eawp=partner-dp-sedo85_3ph&errv=610814804&csala=2%7C0%7C119%7C56%7C6&lle=0&ifv=1&hpt=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-qw1tY4D-9XwCpJeq4v0-vg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://problogger.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-qw1tY4D-9XwCpJeq4v0-vg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Sun, 03 Mar 2024 00:52:10 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
www.adsensecustomsearchads.com/afs/ 0
19 B 26ms
25ms Image
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.adsensecustomsearchads.com/afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=n61vxw3dvdhi&aqid=ucnjZf3zBoCWjuwPq8m-oAY&psid=2250459117&pbt=bv&adbx=224&adby=147&adbh=1711&adbw=880&adbah=168%2C168%2C168%2C168%2C168%2C168%2C168%2C168%2C168%2C168&adbn=master-1&eawp=partner-dp-sedo85_3ph&errv=610814804&csala=10%7C0%7C111%7C56%7C6&lle=0&ifv=1&hpt=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-3jAlcrpuHrH24xyJSGSAzw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://problogger.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-3jAlcrpuHrH24xyJSGSAzw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Sun, 03 Mar 2024 00:52:11 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
www.adsensecustomsearchads.com/afs/ 0
19 B 27ms
27ms Image
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.adsensecustomsearchads.com/afs/gen_204?client=dp-sedo85_3ph&output=uds_ads_only&zx=gvycp0a41mx9&aqid=ucnjZf3zBoCWjuwPq8m-oAY&pbt=bv&adbx=1320&adby=44&adbh=16&adbw=200&adbn=slave-1-1&eawp=partner-dp-sedo85_3ph&errv=610814804&csala=2%7C0%7C119%7C56%7C6&lle=0&ifv=1&hpt=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-wovxI5wx8ETyZV5TuBafqw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://problogger.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-wovxI5wx8ETyZV5TuBafqw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Sun, 03 Mar 2024 00:52:11 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.problogger.xyz/	1970-01-21 04:12:03	Name: __gsas Value: ID=ea8a4d3fadf7c4c0:T=1709427129:RT=1709427129:S=ALNI_MZtlbklYUx0YvvGW3JQJXiwr-xyEg

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: http://www.google.com/adsense/domains/caf.js(Line 200) Message: Unrecognized feature: 'attribution-reporting'.
security	warning	URL: https://www.adsensecustomsearchads.com/adsense/domains/caf.js?pac=2(Line 88) Message: Mixed Content: The page at 'https://www.adsensecustomsearchads.com/afs/ads?adsafe=low&adtest=off&psid=2250459117&channel=%2Cexp-0051%2Cauxa-control-1%2C49550092&client=dp-sedo85_3ph&r=m&hl=de&ivt=0&rpbu=http%3A%2F%2Fproblogger.xyz%2Fcaf%2F%3Fses%3DY3JlPTE3MDk0MjcxMjgmdGNpZD1wcm9ibG9nZ2VyLnh5ejY1ZTNjOWI4ZjE1ZWI5Ljg2MDI4ODU1JnRhc2s9c2VhcmNoJmRvbWFpbj1wcm9ibG9nZ2VyLnh5eiZhX2lkPTMmc2Vzc2lvbj1rUk1SWS1GM0tkWEM2aThTOHljaw%3D%3D&type=3&uiopt=false&swp=as-drid-2920744318977611&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301383%2C17301421%2C17301431%2C17301433%2C17301436%2C71847096&client_gdprApplies=1&format=r10%7Cs&nocache=3171709427129052&num=0&output=afd_ads&domain_name=problogger.xyz&v=3&bsl=8&pac=2&u_his=2&u_tz=60&dt=1709427129060&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=651&frm=0&uio=--&cont=rb-default&drt=0&jsid=caf&jsv=610814804&rurl=http%3A%2F%2Fproblogger.xyz%2F' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://problogger.xyz/caf/?ses=Y3JlPTE3MDk0MjcxMjgmdGNpZD1wcm9ibG9nZ2VyLnh5ejY1ZTNjOWI4ZjE1ZWI5Ljg2MDI4ODU1JnRhc2s9c2VhcmNoJmRvbWFpbj1wcm9ibG9nZ2VyLnh5eiZhX2lkPTMmc2Vzc2lvbj1rUk1SWS1GM0tkWEM2aThTOHljaw=='. This endpoint should be made available over a secure connection.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

afs.googleusercontent.com
img.sedoparking.com
partner.googleadservices.com
problogger.xyz
www.adsensecustomsearchads.com
www.google.com
205.234.175.175
2a00:1450:4001:811::200e
2a00:1450:4001:81c::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2004
64.190.63.222
17c7a89bf169c2ee400e31b042cea68513f06b9cd7d1e8990dbec800f0d771c7
3086fa992a8c1acb4f41c3d8322a6044917c10fcb21617f6561e7b9da8b1719d
3129c9e4dc85a78f14e9b3999c6683d39acf84bd0de23ac5700c6a85e99e53d1
4a935812e3794bffacdebc2d5e6467715e19a961a017a7e4fb2174cfcbfac3ef
52f5919c4897d366761c7f7ae51bfb06e517a082153196fe0375482da57e441b
809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1
8e0fc0562e80f7be205b363b861eade6eb1017851e6b6afaa84558db039f5595
9bdb004bd3dbb71f5fec881a0b65a60bc981db4a7d6e4760b3868fa448e1fb5f
ad9e8209d45df44f815239727cab067eb43e38a471dbbc6b30902f407e45e31b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

problogger.xyz Open in urlscan Pro 64.190.63.222 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

15 Requests

73 %HTTPS

67 %IPv6

6 Domains

6 Subdomains

6 IPs

2 Countries

123 kBTransfer

353 kBSize

1 Cookies

3 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

1 Cookies

2 Console Messages

Indicators

problogger.xyz Open in urlscan Pro
64.190.63.222 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

73 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

123 kB
Transfer

353 kB
Size

1
Cookies

15 HTTP transactions
0 data transactions