videoadblocker-pro.net Open in urlscan Pro
2606:4700:3033::6815:4a2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://w.impatienceventilaion.top/X7wdASSSpmrxg?ojhv1698248075844
Effective URL:
https://videoadblocker-pro.net/lp.php?gl=buoge89S6Y92blt&_z=1&gs=31790_&go=v2o800oscg00gscg&gn=og&gq=
Submission: On October 25 via manual (October 25th 2023, 9:58:13 pm UTC) from AL — Scanned from NL

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 11 domains to perform 13 HTTP transactions. The main IP is 2606:4700:3033::6815:4a2, located in United States and belongs to CLOUDFLARENET, US. The main domain is videoadblocker-pro.net.
TLS certificate: Issued by GTS CA 1P5 on September 23rd 2023. Valid for: 3 months.

This is the only time videoadblocker-pro.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	108.178.23.114 108.178.23.114	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	2606:4700:303... 2606:4700:3037::6815:11c1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	88.208.46.156 88.208.46.156	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	2606:4700:303... 2606:4700:3033::6815:4a2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::6815:49dd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:e6:... 2606:4700:e6::ac40:c126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	7

3 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

w.impatienceventilaion.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.admo.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.178.23.114 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi

prize.youarelucky.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:11c1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.trikota.store	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.208.46.156 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

offergate-other8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3033::6815:4a2 (United States)

ASN13335 (CLOUDFLARENET, US)

videoadblocker-pro.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:49dd (United States)

ASN13335 (CLOUDFLARENET, US)

tbm09.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e6::ac40:c126 (United States)

ASN13335 (CLOUDFLARENET, US)

videoadblockerpro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	videoadblocker-pro.net videoadblocker-pro.net	68 KB
2	youarelucky.click prize.youarelucky.click	4 KB
2	impatienceventilaion.top w.impatienceventilaion.top	2 KB
1	videoadblockerpro.com videoadblockerpro.com — Cisco Umbrella Rank: 171735	549 B
1	tbm09.com tbm09.com — Cisco Umbrella Rank: 940695	1 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3030	22 KB
1	offergate-other8.com 1 redirects offergate-other8.com	627 B
1	trikota.store 1 redirects www.trikota.store	1 KB
1	admo.buzz ad.admo.buzz	611 B
0	Failed function sub() { [native code] }. Failed
0	baidu.com Failed hm.baidu.com Failed
13	11

	Domain	Requested by
3	videoadblocker-pro.net	prize.youarelucky.click videoadblocker-pro.net
2	prize.youarelucky.click	ad.admo.buzz prize.youarelucky.click
2	w.impatienceventilaion.top	w.impatienceventilaion.top
1	videoadblockerpro.com	videoadblocker-pro.net
1	tbm09.com	videoadblocker-pro.net
1	stackpath.bootstrapcdn.com	videoadblocker-pro.net
1	offergate-other8.com	1 redirects
1	www.trikota.store	1 redirects
1	ad.admo.buzz	w.impatienceventilaion.top
0	bjeejieamikgomobcpgdnepmiodidpkl Failed	videoadblocker-pro.net
0	hm.baidu.com Failed	w.impatienceventilaion.top
13	11

This site contains no links.

Subject Issuer	Validity	Valid
impatienceventilaion.top GTS CA 1P5	`2023-10-17` - `2024-01-15`	3 months	crt.sh
admo.buzz E1	`2023-10-18` - `2024-01-16`	3 months	crt.sh
prize.youarelucky.click R3	`2023-10-11` - `2024-01-09`	3 months	crt.sh
videoadblocker-pro.net GTS CA 1P5	`2023-09-23` - `2023-12-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
videoadblockerpro.com GTS CA 1P5	`2023-09-11` - `2023-12-10`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://videoadblocker-pro.net/lp.php?gl=buoge89S6Y92blt&_z=1&gs=31790_&go=v2o800oscg00gscg&gn=og&gq=
Frame ID: C3B85644AE88556C15D2334AFB4FF84F
Requests: 11 HTTP requests in this frame

Frame: https://tbm09.com/a.php?id=0069&e=VPGCNBK0FG&c=buoge89S6Y92blt&r=og&cid=v2o800oscg00gscg&z=31790_&v=1&dr=https%3A%2F%2Fprize.youarelucky.click%2F&inw=1600&inh=1200
Frame ID: 3BAAC25FDE996F73D8AE2711AA2469F2
Requests: 1 HTTP requests in this frame

Frame: https://videoadblockerpro.com/gv.php
Frame ID: 667A82AC8C4EDCAB9F2989AC2A90DA88
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://w.impatienceventilaion.top/X7wdASSSpmrxg?ojhv1698248075844 Page URL
https://w.impatienceventilaion.top/404/nfp.html Page URL
https://ad.admo.buzz/mt/?pn=nfp Page URL
https://prize.youarelucky.click/?utm_medium=c7069e939b860228ac9c4f5b0798b92843c0aa3c&utm_campaign=nfpf&4=22 Page URL
https://prize.youarelucky.click/proc.php?3994bfe5c0557b11ae1b3c1a04a276cae64ee971 Page URL
https://www.trikota.store/go/bfb601e0-753f-4350-8725-6cb93c32da30?clickid=M7294018787014082680&pub=254... HTTP 302
https://offergate-other8.com/7-1b8ppq-jys-hoj2-e3go?subid_7=KZDnm155B6FuRWmWPQ7bFM&subid_2=29a25962 HTTP 302
https://videoadblocker-pro.net/lp.php?gl=buoge89S6Y92blt&_z=1&gs=31790_&go=v2o800oscg00gscg&gn=og&gq= Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Page Statistics

13
Requests

85 %
HTTPS

75 %
IPv6

11
Domains

11
Subdomains

7
IPs

2
Countries

99 kB
Transfer

224 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://w.impatienceventilaion.top/X7wdASSSpmrxg?ojhv1698248075844 Page URL
https://w.impatienceventilaion.top/404/nfp.html Page URL
https://ad.admo.buzz/mt/?pn=nfp Page URL
https://prize.youarelucky.click/?utm_medium=c7069e939b860228ac9c4f5b0798b92843c0aa3c&utm_campaign=nfpf&4=22 Page URL
https://prize.youarelucky.click/proc.php?3994bfe5c0557b11ae1b3c1a04a276cae64ee971 Page URL
https://www.trikota.store/go/bfb601e0-753f-4350-8725-6cb93c32da30?clickid=M7294018787014082680&pub=25426&pid=25426-5a4e140z HTTP 302
https://offergate-other8.com/7-1b8ppq-jys-hoj2-e3go?subid_7=KZDnm155B6FuRWmWPQ7bFM&subid_2=29a25962 HTTP 302
https://videoadblocker-pro.net/lp.php?gl=buoge89S6Y92blt&_z=1&gs=31790_&go=v2o800oscg00gscg&gn=og&gq= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 X7wdASSSpmrxg
w.impatienceventilaion.top/ 1 KB
1 KB 1133ms
312ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w.impatienceventilaion.top/X7wdASSSpmrxg?ojhv1698248075844
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-headers: X-Requested-With,X_Requested_With,X-PINGOTHER,Content-Type
access-control-allow-methods: POST,GET,OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81bdb81f7d30b92d-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 25 Oct 2023 21:58:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=68wYCKHBrD2fBJc%2Fw1qWIe%2BlBXz5xH2sAb95vxdTWk6fQWZEqj80A5XHb4Ttt38olrnbed3YZ2hEuSA1femjZirOIOqpdBWE%2B06RxuHprVfobWB1j57sTkpTGCXJpxwWj5IegOdJSnk7jT3zwRJvW%2FhHDNmrM4vLMg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 nfp.html Show response
w.impatienceventilaion.top/404/ 836 B
760 B 166ms
165ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w.impatienceventilaion.top/404/nfp.html
Requested by: Host: w.impatienceventilaion.top
URL: https://w.impatienceventilaion.top/X7wdASSSpmrxg?ojhv1698248075844
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0064a000ef0d940b9d2c023352409a0372d804a41954b5e5ff582fba19e2cb78

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81bdb8218e6bb92d-AMS
content-encoding: br
content-type: text/html
date: Wed, 25 Oct 2023 21:58:09 GMT
last-modified: Sat, 21 Oct 2023 05:35:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z9nyCk%2BwFoq%2BneXdw7IOlv3bdvUwSvnamwP5IBccvGarxfhAFfen%2BOsjDuAGCS6Xf5m1bsKuoMvsFFjTG15c1MtQ7NDzOlicfL7JGHyGunhBgbAD%2BYXb00dXESciKFxVUc9ABgOnMT8rDQ%2FwkyVfmF9ge7RON3jJkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET hm.js
hm.baidu.com/ 0
0

GET
H2 200 /
ad.admo.buzz/mt/ 179 B
611 B 408ms
309ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.admo.buzz/mt/?pn=nfp
Requested by: Host: w.impatienceventilaion.top
URL: https://w.impatienceventilaion.top/404/nfp.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://w.impatienceventilaion.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81bdb8240c0865fd-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 25 Oct 2023 21:58:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oNPpRHqUKGjV%2Bu9urf%2FcWTQF97JCWF4JUjwQ9pTi32%2BIt2FSCD9x4az%2FVpIOY7iNAOGUftPfxOdPmkJnVdus0cMyyeaLQCej300VpEuqF5hh2dKEa2V%2B2ubLq%2Fu6usjXHd87p5HkE%2BZguGQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 / Show response
prize.youarelucky.click/ 8 KB
3 KB 418ms
123ms Document
text/html 108.178.23.114
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://prize.youarelucky.click/?utm_medium=c7069e939b860228ac9c4f5b0798b92843c0aa3c&utm_campaign=nfpf&4=22
Requested by: Host: ad.admo.buzz
URL: https://ad.admo.buzz/mt/?pn=nfp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.178.23.114 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: server04.com-2.mobi
Software: nginx / PHP/8.2.0
Resource Hash: c0fee7e7960af6c08b9f58d8fc63634de46358d10ed719b7743a076f024885b9

Request headers

Referer: https://ad.admo.buzz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 25 Oct 2023 21:58:09 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.2.0

GET
H2 200 proc.php
prize.youarelucky.click/ 1 KB
1 KB 122ms
122ms Document
text/html 108.178.23.114
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://prize.youarelucky.click/proc.php?3994bfe5c0557b11ae1b3c1a04a276cae64ee971
Requested by: Host: prize.youarelucky.click
URL: https://prize.youarelucky.click/?utm_medium=c7069e939b860228ac9c4f5b0798b92843c0aa3c&utm_campaign=nfpf&4=22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.178.23.114 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: server04.com-2.mobi
Software: nginx / PHP/8.2.0
Resource Hash

Request headers

Referer: https://prize.youarelucky.click/?utm_medium=c7069e939b860228ac9c4f5b0798b92843c0aa3c&utm_campaign=nfpf&4=22
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 25 Oct 2023 21:58:10 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://www.trikota.store/go/bfb601e0-753f-4350-8725-6cb93c32da30?clickid=M7294018787014082680&pub=25426&pid=25426-5a4e140z
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.2.0

GET
H2

200

Primary Request lp.php Show response
videoadblocker-pro.net/
Redirect Chain

https://www.trikota.store/go/bfb601e0-753f-4350-8725-6cb93c32da30?clickid=M7294018787014082680&pub=25426&pid=25426-5a4e140z
https://offergate-other8.com/7-1b8ppq-jys-hoj2-e3go?subid_7=KZDnm155B6FuRWmWPQ7bFM&subid_2=29a25962
https://videoadblocker-pro.net/lp.php?gl=buoge89S6Y92blt&_z=1&gs=31790_&go=v2o800oscg00gscg&gn=og&gq=

10 KB
3 KB

131ms
53ms

Document
text/html

2606:4700:3033::6815:4a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://videoadblocker-pro.net/lp.php?gl=buoge89S6Y92blt&_z=1&gs=31790_&go=v2o800oscg00gscg&gn=og&gq=
Requested by: Host: prize.youarelucky.click
URL: https://prize.youarelucky.click/proc.php?3994bfe5c0557b11ae1b3c1a04a276cae64ee971
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:4a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c814a0e82e9a39599cd03d5e3ee212313f749fff876e6bee7a1c4f29a90f44d

Request headers

Referer: https://prize.youarelucky.click/proc.php?3994bfe5c0557b11ae1b3c1a04a276cae64ee971
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81bdb82dba7865f6-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 25 Oct 2023 21:58:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MGNMG5Gy2Cul7yZTr2gntNcw3OFY2FiVU8vL0iY49EHl3%2FyUAuhigcd4AjwB1c0jRURrWpbEMALHbNks9a9Sv7SW7qhRruBGJGU%2Be%2F1pMp3sNPvb2aViIsZCjEy5XL3euJhyQUa3SFL1EkJCzwNb%2F52vrGjI"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

Cache-Control: max-age=0, private, must-revalidate private, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 25 Oct 2023 21:58:10 GMT
Server: openresty
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: DENY
X-Request-Id: cad9cfce04459b3b166e56fc4a61fe56
expires: -1
location: https://videoadblocker-pro.net/lp.php?gl=buoge89S6Y92blt&_z=1&gs=31790_&go=v2o800oscg00gscg&gn=og&gq=
pragma: no-cache

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/ 138 KB
22 KB 108ms
37ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css

Requested by

Host: videoadblocker-pro.net
URL: https://videoadblocker-pro.net/lp.php?gl=buoge89S6Y92blt&_z=1&gs=31790_&go=v2o800oscg00gscg&gn=og&gq=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://videoadblocker-pro.net/
Origin: https://videoadblocker-pro.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:58:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 756
age: 1934275
cdn-cachedat: 08/11/2023 08:35:19
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"04aca1f4cd3ec3c05a75a879f3be75a3"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 1dfdb976a70053ab92004458265dc96c
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 81bdb82e8ea6b706-AMS
cdn-requestpullsuccess: True

GET
H2 200 logo.png
videoadblocker-pro.net/images/ 3 KB
3 KB 36ms
36ms Image
image/png 2606:4700:3033::6815:4a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://videoadblocker-pro.net/images/logo.png
Requested by: Host: videoadblocker-pro.net
URL: https://videoadblocker-pro.net/lp.php?gl=buoge89S6Y92blt&_z=1&gs=31790_&go=v2o800oscg00gscg&gn=og&gq=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:4a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80bde9e1c59703c07d47edd7141ebbce6fb33729c4ef781c5be9839314a68ce1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://videoadblocker-pro.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:58:10 GMT
cf-cache-status: HIT
last-modified: Mon, 23 Jan 2023 10:00:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2099
etag: "63ce5ab0-c26"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ngZZiQUE487SyfeIT3zELiWMPKOSIBQWldtWSz5ZPDredXha6%2BC8NTbNhX%2BKy2VHczM8nOFeImIAEBBNiA3rPzqdLn64e0g6jKlEfaRNutv%2F%2FKJOEQxjaPLuQMAWSbpSiIRjVZol3YMWPAm6pPOgHjrUF4c4"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=1200
accept-ranges: bytes
cf-ray: 81bdb82e1ae665f6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 3110

GET h.js
bjeejieamikgomobcpgdnepmiodidpkl/ 0
0

GET
H2 200 a.php Show response
tbm09.com/ Frame 3BAA 96 B
1 KB 153ms
77ms Document
text/html 2606:4700:3037::6815:49dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbm09.com/a.php?id=0069&e=VPGCNBK0FG&c=buoge89S6Y92blt&r=og&cid=v2o800oscg00gscg&z=31790_&v=1&dr=https%3A%2F%2Fprize.youarelucky.click%2F&inw=1600&inh=1200
Requested by: Host: videoadblocker-pro.net
URL: https://videoadblocker-pro.net/lp.php?gl=buoge89S6Y92blt&_z=1&gs=31790_&go=v2o800oscg00gscg&gn=og&gq=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:49dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d5f7d977f9b96d4f7abe30653ea52b3406938d5175ebb743bf839beab7f59f6

Request headers

Referer: https://videoadblocker-pro.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81bdb82f491ab7c7-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 25 Oct 2023 21:58:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9BvLREP2ZuWlmQjqfhteGcA0fTcE%2BS9JJGuAcUrUQALxBDzYgeIbJuMzGvfyA5%2BakV%2FmtDWZgmVxywvbtcAL2urq9WO8nJmNNwsZK7gcOhie7V8meCWphEtPpN8QI2dwfzf3JcXXQs8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 gv.php Show response
videoadblockerpro.com/ Frame 667A 0
549 B 134ms
58ms Document
text/html 2606:4700:e6::ac40:c126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://videoadblockerpro.com/gv.php
Requested by: Host: videoadblocker-pro.net
URL: https://videoadblocker-pro.net/lp.php?gl=buoge89S6Y92blt&_z=1&gs=31790_&go=v2o800oscg00gscg&gn=og&gq=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://videoadblocker-pro.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81bdb82f4b3b0b48-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 25 Oct 2023 21:58:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3U0ikC52HWb23k3ikg7%2FcjFLV6MEkqmbeQw3LSrSRee3VpwCF6HkNv8yfKeANMKb8nmBsftrjzhGyLDPXdgkjHkoPJ0ei2Z2dCJrOD%2BxfmXu8B48dAgLsGrS%2FNZrdhMXUaepFzvTJ1MVX1mSI0tDhaPEzGc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 bg1.jpg
videoadblocker-pro.net/img/ 61 KB
62 KB 33ms
33ms Image
image/jpeg 2606:4700:3033::6815:4a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://videoadblocker-pro.net/img/bg1.jpg
Requested by: Host: videoadblocker-pro.net
URL: https://videoadblocker-pro.net/lp.php?gl=buoge89S6Y92blt&_z=1&gs=31790_&go=v2o800oscg00gscg&gn=og&gq=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0bdfe679ad7bc2d485db38dd00990c45d11445cf7097b3eed67e3b8a70e0a84

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://videoadblocker-pro.net/lp.php?gl=buoge89S6Y92blt&_z=1&gs=31790_&go=v2o800oscg00gscg&gn=og&gq=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:58:11 GMT
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2023 17:01:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3651
etag: "63c6d45e-f592"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eqri3YHsEQOLsvBee1l3gfRV%2BgRoB7dFHqJ1udqhXgHdn7eGQO6Yv1RtJ3FZ5ijrsfpQVVICCZYYE8Zdv5hmjws%2F1hycTnBRh%2BI7TkwQMYeocGjDOOHerry0hELLRWfWOGSjK8XurmuWS%2FnytLwEe%2FTtlfks"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1200
accept-ranges: bytes
cf-ray: 81bdb82edaa06700-AMS
alt-svc: h3=":443"; ma=86400
content-length: 62866

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: hm.baidu.com
URL: https://hm.baidu.com/hm.js?e6d5c1513b650adee00ba52513a6c25c

Domain: bjeejieamikgomobcpgdnepmiodidpkl
URL: chrome-extension://bjeejieamikgomobcpgdnepmiodidpkl/h.js

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.trikota.store/	1970-01-21 00:30:07	Name: bemob-viewer-id Value: f8ee7c67-21cf-4229-9d07-b74a7c7a22dd
.www.trikota.store/	1970-01-20 15:45:57	Name: bemob-uniq-visit:bfb601e0-753f-4350-8725-6cb93c32da30 Value: 1
.www.trikota.store/	1970-01-20 15:45:57	Name: bemob-rotation:bfb601e0-753f-4350-8725-6cb93c32da30:random:dbf0f7617a0c983ba666f1f0b4874d6a Value: 0-0-3
.www.trikota.store/	1970-01-20 15:45:57	Name: bemob-click-id Value: KZDnm155B6FuRWmWPQ7bFM
offergate-other8.com/	1970-01-20 16:06:07	Name: visitId Value: v2o800oscg00gscg
.tbm09.com/	1970-01-21 01:20:31	Name: c0069 Value: buoge89S6Y92blt
.tbm09.com/	1970-01-21 01:20:31	Name: r0069 Value: og
.tbm09.com/	1970-01-21 01:20:31	Name: cid0069 Value: v2o800oscg00gscg
.tbm09.com/	1970-01-21 01:20:31	Name: z0069 Value: 31790_
.tbm09.com/	1970-01-21 01:20:31	Name: v0069buoge89S6Y92blt Value: %7B%221%22%3A1%7D
.tbm09.com/	1970-01-21 01:20:31	Name: e0069 Value: VPGCNBK0FG
.tbm09.com/	1970-01-21 00:30:07	Name: _asd Value: 16982710911526475

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://videoadblocker-pro.net/lp.php?gl=buoge89S6Y92blt&_z=1&gs=31790_&go=v2o800oscg00gscg&gn=og&gq=(Line 42) Message: Access to XMLHttpRequest at 'chrome-extension://bjeejieamikgomobcpgdnepmiodidpkl/h.js' from origin 'https://videoadblocker-pro.net' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: chrome-extension://bjeejieamikgomobcpgdnepmiodidpkl/h.js Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.admo.buzz
bjeejieamikgomobcpgdnepmiodidpkl
hm.baidu.com
offergate-other8.com
prize.youarelucky.click
stackpath.bootstrapcdn.com
tbm09.com
videoadblocker-pro.net
videoadblockerpro.com
w.impatienceventilaion.top
www.trikota.store
bjeejieamikgomobcpgdnepmiodidpkl
hm.baidu.com
108.178.23.114
2606:4700:3033::6815:4a2
2606:4700:3037::6815:11c1
2606:4700:3037::6815:49dd
2606:4700::6812:bcf
2606:4700:e6::ac40:c126
2a06:98c1:3121::3
88.208.46.156
0064a000ef0d940b9d2c023352409a0372d804a41954b5e5ff582fba19e2cb78
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
7c814a0e82e9a39599cd03d5e3ee212313f749fff876e6bee7a1c4f29a90f44d
80bde9e1c59703c07d47edd7141ebbce6fb33729c4ef781c5be9839314a68ce1
8d5f7d977f9b96d4f7abe30653ea52b3406938d5175ebb743bf839beab7f59f6
b0bdfe679ad7bc2d485db38dd00990c45d11445cf7097b3eed67e3b8a70e0a84
c0fee7e7960af6c08b9f58d8fc63634de46358d10ed719b7743a076f024885b9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

videoadblocker-pro.net Open in urlscan Pro 2606:4700:3033::6815:4a2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

85 %HTTPS

75 %IPv6

11 Domains

11 Subdomains

7 IPs

2 Countries

99 kBTransfer

224 kBSize

12 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

12 Cookies

2 Console Messages

Indicators

videoadblocker-pro.net Open in urlscan Pro
2606:4700:3033::6815:4a2 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

85 %
HTTPS

75 %
IPv6

11
Domains

11
Subdomains

7
IPs

2
Countries

99 kB
Transfer

224 kB
Size

12
Cookies

13 HTTP transactions
0 data transactions