urlscan.io logo urlscan.io
SecurityTrails logo

videoadblocker-pro.net Open in urlscan Pro
2606:4700:3033::ac43:8440  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://m.mbuncha.com/click?pid=701&offer_id=80469&sub1=1230471365&sub5=1637082
Effective URL: https://videoadblocker-pro.net/lp.php?gl=buoge89S6Y92blt&_z=1&gs=31790_Do8VM7XCryA3qcco6KYdQD&go=xog448k0c84kc0ow&gn=og&gq=Do8V...
Submission: On October 19 via manual from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 10 domains to perform 9 HTTP transactions. The main IP is 2606:4700:3033::ac43:8440, located in United States and belongs to CLOUDFLARENET, US. The main domain is videoadblocker-pro.net.
TLS certificate: Issued by GTS CA 1P5 on September 23rd 2023. Valid for: 3 months.
This is the only time videoadblocker-pro.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.90.81.51 396982 (GOOGLE-CL...)
1 1 35.204.59.16 396982 (GOOGLE-CL...)
2 67.212.173.78 32475 (SINGLEHOP...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 88.208.46.156 39572 (ADVANCEDH...)
3 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
9 6
1    34.90.81.51 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.81.90.34.bc.googleusercontent.com
m.mbuncha.com
1    35.204.59.16 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 16.59.204.35.bc.googleusercontent.com
yes.weletmim.com
2    67.212.173.78 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
run.letpim.com
1    2606:4700:3033::ac43:b233 (United States)

ASN13335 (CLOUDFLARENET, US)
www.trikota.store
1    88.208.46.156 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
offergate-other8.com
3    2606:4700:3033::ac43:8440 (United States)

ASN13335 (CLOUDFLARENET, US)
videoadblocker-pro.net
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    2606:4700:3037::ac43:9657 (United States)

ASN13335 (CLOUDFLARENET, US)
tbm09.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
videoadblockerpro.com
Apex Domain
Subdomains		 Transfer
3 videoadblocker-pro.net
videoadblocker-pro.net
68 KB
2 letpim.com
run.letpim.com
4 KB
1 videoadblockerpro.com
videoadblockerpro.com — Cisco Umbrella Rank: 171735
554 B
1 tbm09.com
tbm09.com — Cisco Umbrella Rank: 940695
1 KB
1 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3030
22 KB
1 offergate-other8.com
offergate-other8.com
697 B
1 trikota.store
www.trikota.store
1 KB
1 weletmim.com
yes.weletmim.com
362 B
1 mbuncha.com
m.mbuncha.com
237 B
0 Failed
function sub() { [native code] }. Failed
9 10
Domain Requested by
3 videoadblocker-pro.net run.letpim.com
videoadblocker-pro.net
2 run.letpim.com run.letpim.com
1 videoadblockerpro.com videoadblocker-pro.net
1 tbm09.com videoadblocker-pro.net
1 stackpath.bootstrapcdn.com videoadblocker-pro.net
1 offergate-other8.com 1 redirects
1 www.trikota.store 1 redirects
1 yes.weletmim.com 1 redirects
1 m.mbuncha.com 1 redirects
0 bjeejieamikgomobcpgdnepmiodidpkl Failed videoadblocker-pro.net
9 10

This site contains no links.

Subject Issuer Validity Valid
run.letpim.com
R3		 2023-08-14 -
2023-11-12		 3 months crt.sh
videoadblocker-pro.net
GTS CA 1P5		 2023-09-23 -
2023-12-22		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
videoadblockerpro.com
GTS CA 1P5		 2023-09-11 -
2023-12-10		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://videoadblocker-pro.net/lp.php?gl=buoge89S6Y92blt&_z=1&gs=31790_Do8VM7XCryA3qcco6KYdQD&go=xog448k0c84kc0ow&gn=og&gq=Do8VM7XCryA3qcco6KYdQD
Frame ID: E366B1CC6C5B46DDB9C8E9E6B352D628
Requests: 7 HTTP requests in this frame

Frame: https://tbm09.com/a.php?id=0069&e=VPGCNBK0FG&c=buoge89S6Y92blt&r=og&cid=xog448k0c84kc0ow&z=31790_Do8VM7XCryA3qcco6KYdQD&m=Do8VM7XCryA3qcco6KYdQD&v=1&dr=https%3A%2F%2Frun.letpim.com%2F&inw=1600&inh=1200
Frame ID: 06FDC59F5AA77E8C6C109F82269A6761
Requests: 1 HTTP requests in this frame

Frame: https://videoadblockerpro.com/gv.php
Frame ID: 149E68FE588B02CA08FA02498C7941EA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://m.mbuncha.com/click?pid=701&offer_id=80469&sub1=1230471365&sub5=1637082 HTTP 302
    https://yes.weletmim.com/click?pid=1373&offer_id=78348&sub5=701_1637082&sub3=80469&sub4=%5BSOI-Financ... HTTP 302
    https://run.letpim.com/?utm_medium=04a36d53033249cb443c0269cf7ee2c9c2143472&utm_campaign=Main&1=137... Page URL
  2. https://run.letpim.com/proc.php?287ea7ede2f8fa632275b7d8bde0317df5dd2a12 Page URL
  3. https://www.trikota.store/go/bfb601e0-753f-4350-8725-6cb93c32da30?clickid=M7291664646719668405&pub=154... HTTP 302
    https://offergate-other8.com/7-1b8ppq-jys-hoj2-e3go?subid_1=Do8VM7XCryA3qcco6KYdQD&payout=%7Bpayout%7D&tx... HTTP 302
    https://videoadblocker-pro.net/lp.php?gl=buoge89S6Y92blt&_z=1&gs=31790_Do8VM7XCryA3qcco6KYdQD&go=xog448k0c8... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Page Statistics

9
Requests

89 %
HTTPS

56 %
IPv6

10
Domains

10
Subdomains

6
IPs

2
Countries

97 kB
Transfer

222 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://m.mbuncha.com/click?pid=701&offer_id=80469&sub1=1230471365&sub5=1637082 HTTP 302
    https://yes.weletmim.com/click?pid=1373&offer_id=78348&sub5=701_1637082&sub3=80469&sub4=%5BSOI-Finance%5D+US+-+NCV+-+Food+Stamp+Support HTTP 302
    https://run.letpim.com/?utm_medium=04a36d53033249cb443c0269cf7ee2c9c2143472&utm_campaign=Main&1=1373_701_1637082&cid=6531325de635ef00018dc964 Page URL
  2. https://run.letpim.com/proc.php?287ea7ede2f8fa632275b7d8bde0317df5dd2a12 Page URL
  3. https://www.trikota.store/go/bfb601e0-753f-4350-8725-6cb93c32da30?clickid=M7291664646719668405&pub=15494&pid=15494-f6796cc4 HTTP 302
    https://offergate-other8.com/7-1b8ppq-jys-hoj2-e3go?subid_1=Do8VM7XCryA3qcco6KYdQD&payout=%7Bpayout%7D&txid=Do8VM7XCryA3qcco6KYdQD HTTP 302
    https://videoadblocker-pro.net/lp.php?gl=buoge89S6Y92blt&_z=1&gs=31790_Do8VM7XCryA3qcco6KYdQD&go=xog448k0c84kc0ow&gn=og&gq=Do8VM7XCryA3qcco6KYdQD Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://m.mbuncha.com/click?pid=701&offer_id=80469&sub1=1230471365&sub5=1637082 HTTP 302
  • https://yes.weletmim.com/click?pid=1373&offer_id=78348&sub5=701_1637082&sub3=80469&sub4=%5BSOI-Finance%5D+US+-+NCV+-+Food+Stamp+Support HTTP 302
  • https://run.letpim.com/?utm_medium=04a36d53033249cb443c0269cf7ee2c9c2143472&utm_campaign=Main&1=1373_701_1637082&cid=6531325de635ef00018dc964

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
run.letpim.com/
Redirect Chain
  • https://m.mbuncha.com/click?pid=701&offer_id=80469&sub1=1230471365&sub5=1637082
  • https://yes.weletmim.com/click?pid=1373&offer_id=78348&sub5=701_1637082&sub3=80469&sub4=%5BSOI-Finance%5D+US+-+NCV+-+Food+Stamp+Support
  • https://run.letpim.com/?utm_medium=04a36d53033249cb443c0269cf7ee2c9c2143472&utm_campaign=Main&1=1373_701_1637082&cid=6531325de635ef00018dc964
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://run.letpim.com/?utm_medium=04a36d53033249cb443c0269cf7ee2c9c2143472&utm_campaign=Main&1=1373_701_1637082&cid=6531325de635ef00018dc964
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.173.78 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash
ce8de11b76be2c220fb7431eb1c70e5788c1a115f2e90698e35b37cf4f946ff8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 19 Oct 2023 13:42:53 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.0

Redirect headers

access-control-allow-origin
*
content-length
0
date
Thu, 19 Oct 2023 13:42:53 GMT
location
https://run.letpim.com/?utm_medium=04a36d53033249cb443c0269cf7ee2c9c2143472&utm_campaign=Main&1=1373_701_1637082&cid=6531325de635ef00018dc964
server
nginx
x-adjust-use-original-forwarded-for
1
proc.php
run.letpim.com/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://run.letpim.com/proc.php?287ea7ede2f8fa632275b7d8bde0317df5dd2a12
Requested by
Host: run.letpim.com
URL: https://run.letpim.com/?utm_medium=04a36d53033249cb443c0269cf7ee2c9c2143472&utm_campaign=Main&1=1373_701_1637082&cid=6531325de635ef00018dc964
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.173.78 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash

Request headers

Referer
https://run.letpim.com/?utm_medium=04a36d53033249cb443c0269cf7ee2c9c2143472&utm_campaign=Main&1=1373_701_1637082&cid=6531325de635ef00018dc964
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 19 Oct 2023 13:42:54 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://www.trikota.store/go/bfb601e0-753f-4350-8725-6cb93c32da30?clickid=M7291664646719668405&pub=15494&pid=15494-f6796cc4
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
Primary Request lp.php
videoadblocker-pro.net/
Redirect Chain
  • https://www.trikota.store/go/bfb601e0-753f-4350-8725-6cb93c32da30?clickid=M7291664646719668405&pub=15494&pid=15494-f6796cc4
  • https://offergate-other8.com/7-1b8ppq-jys-hoj2-e3go?subid_1=Do8VM7XCryA3qcco6KYdQD&payout=%7Bpayout%7D&txid=Do8VM7XCryA3qcco6KYdQD
  • https://videoadblocker-pro.net/lp.php?gl=buoge89S6Y92blt&_z=1&gs=31790_Do8VM7XCryA3qcco6KYdQD&go=xog448k0c84kc0ow&gn=og&gq=Do8VM7XCryA3qcco6KYdQD
10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://videoadblocker-pro.net/lp.php?gl=buoge89S6Y92blt&_z=1&gs=31790_Do8VM7XCryA3qcco6KYdQD&go=xog448k0c84kc0ow&gn=og&gq=Do8VM7XCryA3qcco6KYdQD
Requested by
Host: run.letpim.com
URL: https://run.letpim.com/proc.php?287ea7ede2f8fa632275b7d8bde0317df5dd2a12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d855a8052d8404bfd8960f4f9c7ad2bf2b0d57d95acfc31cdc8f1e3ad586b39d

Request headers

Referer
https://run.letpim.com/proc.php?287ea7ede2f8fa632275b7d8bde0317df5dd2a12
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8189726eaefb5b86-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 19 Oct 2023 13:42:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A3Jg90sLrt19CFEqRqmHkqc0dN0SPdoX1VyJ4MRcFf4b1YwXZ%2F2NQ0zMpq3kPLAtKvSq5spozuS%2Bd76KxNvHWghgJkZXNkZgi1KM54VXLU4Bmtu8nl6k8iHZBY6ZNpT99pcQLU5MpC3wphTE9jcwy5L0WuZ3"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

Cache-Control
max-age=0, private, must-revalidate private, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 19 Oct 2023 13:42:54 GMT
Server
openresty
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
DENY
X-Powered-By
PHP/8.0.28
X-Request-Id
bab28a0f1e45fc19d74cf4360aded001
expires
-1
location
https://videoadblocker-pro.net/lp.php?gl=buoge89S6Y92blt&_z=1&gs=31790_Do8VM7XCryA3qcco6KYdQD&go=xog448k0c84kc0ow&gn=og&gq=Do8VM7XCryA3qcco6KYdQD
pragma
no-cache
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/ 		138 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css
Requested by
Host: videoadblocker-pro.net
URL: https://videoadblocker-pro.net/lp.php?gl=buoge89S6Y92blt&_z=1&gs=31790_Do8VM7XCryA3qcco6KYdQD&go=xog448k0c84kc0ow&gn=og&gq=Do8VM7XCryA3qcco6KYdQD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://videoadblocker-pro.net/
Origin
https://videoadblocker-pro.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 13:42:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
756
age
2945204
cdn-cachedat
08/11/2023 08:35:19
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"04aca1f4cd3ec3c05a75a879f3be75a3"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
1dfdb976a70053ab92004458265dc96c
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8189726f99f20368-FRA
cdn-requestpullsuccess
True
logo.png
videoadblocker-pro.net/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://videoadblocker-pro.net/images/logo.png
Requested by
Host: videoadblocker-pro.net
URL: https://videoadblocker-pro.net/lp.php?gl=buoge89S6Y92blt&_z=1&gs=31790_Do8VM7XCryA3qcco6KYdQD&go=xog448k0c84kc0ow&gn=og&gq=Do8VM7XCryA3qcco6KYdQD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80bde9e1c59703c07d47edd7141ebbce6fb33729c4ef781c5be9839314a68ce1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://videoadblocker-pro.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 13:42:54 GMT
cf-cache-status
HIT
last-modified
Mon, 23 Jan 2023 10:00:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7124
etag
"63ce5ab0-c26"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VpkKAh8inTxZle2njTARAwsmo4gEBVEXG%2Bl5I4CmRCphXsW4RA847tcufNt7ImhTmpXY1ZP80RHylOTotwXf6zusQYWe7uuuopMUojqy23cG2sNK%2BJ7b5Bl9IHko9kh%2BjkcyIoDcaNxM32EKHEF4rsle085U"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1200
accept-ranges
bytes
cf-ray
8189726f3f565b86-FRA
alt-svc
h3=":443"; ma=86400
content-length
3110
h.js
bjeejieamikgomobcpgdnepmiodidpkl/ 		0
0
a.php
tbm09.com/ Frame 06FD 		96 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tbm09.com/a.php?id=0069&e=VPGCNBK0FG&c=buoge89S6Y92blt&r=og&cid=xog448k0c84kc0ow&z=31790_Do8VM7XCryA3qcco6KYdQD&m=Do8VM7XCryA3qcco6KYdQD&v=1&dr=https%3A%2F%2Frun.letpim.com%2F&inw=1600&inh=1200
Requested by
Host: videoadblocker-pro.net
URL: https://videoadblocker-pro.net/lp.php?gl=buoge89S6Y92blt&_z=1&gs=31790_Do8VM7XCryA3qcco6KYdQD&go=xog448k0c84kc0ow&gn=og&gq=Do8VM7XCryA3qcco6KYdQD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9657 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d5f7d977f9b96d4f7abe30653ea52b3406938d5175ebb743bf839beab7f59f6

Request headers

Referer
https://videoadblocker-pro.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
818972705a055d7e-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 19 Oct 2023 13:42:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y7sXf2ANr0oI0rXcTSk40pSioeUfIxV4fm0QntcrgOl4hYAxVys8w5MAUEidTqvjLReekJ8DNcJLX6w9SG82o4rGxsORNTGRRZ5UCRgtmGdkKxBTy5RL2g0G%2BZ6cHHMH%2BAOFk2SXyso%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
gv.php
videoadblockerpro.com/ Frame 149E 		0
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://videoadblockerpro.com/gv.php
Requested by
Host: videoadblocker-pro.net
URL: https://videoadblocker-pro.net/lp.php?gl=buoge89S6Y92blt&_z=1&gs=31790_Do8VM7XCryA3qcco6KYdQD&go=xog448k0c84kc0ow&gn=og&gq=Do8VM7XCryA3qcco6KYdQD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://videoadblocker-pro.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8189727049051e18-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 19 Oct 2023 13:42:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zCiejZNvBS8yKeFJ49yqIlkAi5XZr5f3UQ%2BOcvCMOHNYlzJKjWCnrC2%2BlhJWqZiJ0rrJDYXxNNCN%2FllRcDA0niVPQ30D6WmzKvXaSkayXJYrhzRTTP84zj82cps7WNutAkOBUJJgFXaEfbkzw%2F6WT4vR7yY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
bg1.jpg
videoadblocker-pro.net/img/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://videoadblocker-pro.net/img/bg1.jpg
Requested by
Host: videoadblocker-pro.net
URL: https://videoadblocker-pro.net/lp.php?gl=buoge89S6Y92blt&_z=1&gs=31790_Do8VM7XCryA3qcco6KYdQD&go=xog448k0c84kc0ow&gn=og&gq=Do8VM7XCryA3qcco6KYdQD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:8440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0bdfe679ad7bc2d485db38dd00990c45d11445cf7097b3eed67e3b8a70e0a84

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://videoadblocker-pro.net/lp.php?gl=buoge89S6Y92blt&_z=1&gs=31790_Do8VM7XCryA3qcco6KYdQD&go=xog448k0c84kc0ow&gn=og&gq=Do8VM7XCryA3qcco6KYdQD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 13:42:54 GMT
cf-cache-status
HIT
last-modified
Tue, 17 Jan 2023 17:01:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6352
etag
"63c6d45e-f592"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5bVxJlfPw405rZiNaB7isuLy7RNGPrIECctU%2FgRwqtu8OFK7lkK6QHpp39CLtws36dtTdVwkI9m%2FaXYuVUtcBKpN2e4UxAROpVsn8rsixEE16Uq9mxWL4Iu%2BzAlfiHw%2F%2Bv8jXsvqxACSHpFJHVF9OCSVzdXr"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1200
accept-ranges
bytes
cf-ray
8189726fec34361f-FRA
alt-svc
h3=":443"; ma=86400
content-length
62866

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bjeejieamikgomobcpgdnepmiodidpkl
URL
chrome-extension://bjeejieamikgomobcpgdnepmiodidpkl/h.js

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| req_existing_user object| landing_iframe function| openNewWindow function| openNewTab function| openSameTab function| listenInstallCompleted function| openInstructions object| windowObjectReference

13 Cookies

Domain/Path Name / Value
yes.weletmim.com/ Name: afclick
Value: 6531325de635ef00018dc964
yes.weletmim.com/ Name: afoffers
Value: {"78348":1697722973}
.www.trikota.store/ Name: bemob-uniq-visit:bfb601e0-753f-4350-8725-6cb93c32da30
Value: 1
.www.trikota.store/ Name: bemob-rotation:bfb601e0-753f-4350-8725-6cb93c32da30:random:dbf0f7617a0c983ba666f1f0b4874d6a
Value: 0-0-3
.www.trikota.store/ Name: bemob-click-id
Value: Do8VM7XCryA3qcco6KYdQD
offergate-other8.com/ Name: visitId
Value: xog448k0c84kc0ow
.tbm09.com/ Name: c0069
Value: buoge89S6Y92blt
.tbm09.com/ Name: r0069
Value: og
.tbm09.com/ Name: cid0069
Value: xog448k0c84kc0ow
.tbm09.com/ Name: z0069
Value: 31790_Do8VM7XCryA3qcco6KYdQD
.tbm09.com/ Name: v0069buoge89S6Y92blt
Value: %7B%221%22%3A1%7D
.tbm09.com/ Name: e0069
Value: VPGCNBK0FG
.tbm09.com/ Name: _asd
Value: 16977229746604871

2 Console Messages

Source Level URL
Text
javascript error URL: https://videoadblocker-pro.net/lp.php?gl=buoge89S6Y92blt&_z=1&gs=31790_Do8VM7XCryA3qcco6KYdQD&go=xog448k0c84kc0ow&gn=og&gq=Do8VM7XCryA3qcco6KYdQD(Line 42)
Message:
Access to XMLHttpRequest at 'chrome-extension://bjeejieamikgomobcpgdnepmiodidpkl/h.js' from origin 'https://videoadblocker-pro.net' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network error URL: chrome-extension://bjeejieamikgomobcpgdnepmiodidpkl/h.js
Message:
Failed to load resource: net::ERR_FAILED