urlscan.io logo urlscan.io
SecurityTrails logo

videoadblockerpro.com Open in urlscan Pro
188.114.96.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://money-x17.casino/
Effective URL: https://videoadblockerpro.com/lp.php?gl=bupasYde7k&_z=3&gs=4138880&go=674067491491951224&gn=pa&rdk=rk3
Submission: On April 23 via automatic, source certstream-suspicious — Scanned from NO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 9 domains to perform 18 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is videoadblockerpro.com. The Cisco Umbrella rank of the primary domain is 205141.
TLS certificate: Issued by GTS CA 1P5 on March 17th 2023. Valid for: 3 months.
This is the only time videoadblockerpro.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 172.67.194.182 13335 (CLOUDFLAR...)
2 216.58.212.170 15169 (GOOGLE)
1 2 139.45.197.238 9002 (RETN-AS)
1 139.45.195.8 9002 (RETN-AS)
1 37.48.68.71 60781 (LEASEWEB-...)
5 188.114.96.3 13335 (CLOUDFLAR...)
3 151.101.65.229 54113 (FASTLY)
1 104.21.73.221 13335 (CLOUDFLAR...)
18 9
3    172.67.194.182 (United States)

ASN13335 (CLOUDFLARENET, US)
money-x17.casino
2    216.58.212.170 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f170.1e100.net
fonts.googleapis.com
2    139.45.197.238 (United Kingdom)

ASN9002 (RETN-AS, GB)
whairtoa.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    37.48.68.71 (Amsterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
datatechone.com
5    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
videoadblockerpro.com
3    151.101.65.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    104.21.73.221 (None, )

ASN13335 (CLOUDFLARENET, US)
tbm09.com
Apex Domain
Subdomains		 Transfer
5 videoadblockerpro.com
videoadblockerpro.com — Cisco Umbrella Rank: 205141
16 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 474
80 KB
3 money-x17.casino
money-x17.casino
11 KB
2 whairtoa.com
whairtoa.com — Cisco Umbrella Rank: 135591
13 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 119
2 KB
1 tbm09.com
tbm09.com — Cisco Umbrella Rank: 318614
1 KB
1 datatechone.com
datatechone.com — Cisco Umbrella Rank: 19949
465 B
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 7421
492 B
0 Failed
function sub() { [native code] }. Failed
18 9
Domain Requested by
5 videoadblockerpro.com videoadblockerpro.com
3 cdn.jsdelivr.net videoadblockerpro.com
3 money-x17.casino money-x17.casino
2 whairtoa.com 1 redirects money-x17.casino
2 fonts.googleapis.com money-x17.casino
videoadblockerpro.com
1 tbm09.com videoadblockerpro.com
1 datatechone.com whairtoa.com
1 my.rtmark.net whairtoa.com
0 bjeejieamikgomobcpgdnepmiodidpkl Failed videoadblockerpro.com
18 9

This site contains no links.

Subject Issuer Validity Valid
money-x17.casino
GTS CA 1P5		 2023-04-23 -
2023-07-22		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
whairtoa.com
R3		 2023-02-06 -
2023-05-07		 3 months crt.sh
rtmark.net
R3		 2023-02-15 -
2023-05-16		 3 months crt.sh
datatechone.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-18 -
2023-12-24		 a year crt.sh
*.videoadblockerpro.com
GTS CA 1P5		 2023-03-17 -
2023-06-15		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-04 -
2024-02-04		 a year crt.sh

This page contains 3 frames:

Primary Page: https://videoadblockerpro.com/lp.php?gl=bupasYde7k&_z=3&gs=4138880&go=674067491491951224&gn=pa&rdk=rk3
Frame ID: 4EE152E78AEB23B5661D25DDB73CD6D6
Requests: 16 HTTP requests in this frame

Frame: https://tbm09.com/a.php?id=0069&e=VPGCNBK0FG&c=bupasYde7k&r=pa&cid=674067491491951224&z=4138880&v=3&dr=&inw=1600&inh=1200
Frame ID: 1DCC6742CA9F9A4C0A5848092F5B5C47
Requests: 1 HTTP requests in this frame

Frame: https://videoadblockerpro.com/gv.php
Frame ID: 09BF7325D5A41CB84422DFE344F0609D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ad Block EverythingPrivacy Policy

Page URL History Show full URLs

  1. https://money-x17.casino/ Page URL
  2. https://whairtoa.com/4/4138880 Page URL
  3. https://whairtoa.com/?z=4138880&syncedCookie=true&rhd=false HTTP 302
    https://videoadblockerpro.com/lp.php?gl=bupasYde7k&_z=3&gs=4138880&go=674067491491951224&gn=pa&rdk=rk3 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

18
Requests

94 %
HTTPS

0 %
IPv6

9
Domains

9
Subdomains

9
IPs

4
Countries

123 kB
Transfer

516 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://money-x17.casino/ Page URL
  2. https://whairtoa.com/4/4138880 Page URL
  3. https://whairtoa.com/?z=4138880&syncedCookie=true&rhd=false HTTP 302
    https://videoadblockerpro.com/lp.php?gl=bupasYde7k&_z=3&gs=4138880&go=674067491491951224&gn=pa&rdk=rk3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
money-x17.casino/ 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://money-x17.casino/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.194.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e25ed6d56fcb1ab1537b0c1d0fffc3f096afd86bac1b2615d30ee19ba225bea3
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7bc817a41ef51bfa-OSL
content-encoding
br
content-language
hu-HU
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'
content-type
text/html;charset=UTF-8
date
Sun, 23 Apr 2023 18:15:31 GMT
last-modified
Sun, 23 Apr 2023 10:05:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FS4BdpVAnUK4pNE2Zd5H5TwMxoZGxtfFFZ7n%2BOU%2BlOtRudY5t7EUHAjAaSOvhowABJOUuMioEkWbr%2FRKxBFxW9LPumLGzSPiiQHWp8Zx7Z7lnU6q3OgCvHK4wYtsG4ZR1nLN"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-cache
HIT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		4 KB
989 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:400,700&display=swap
Requested by
Host: money-x17.casino
URL: https://money-x17.casino/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f170.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 23 Apr 2023 18:15:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 23 Apr 2023 17:39:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 23 Apr 2023 18:15:31 GMT
ajax.min.js
money-x17.casino/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://money-x17.casino/ajax.min.js
Requested by
Host: money-x17.casino
URL: https://money-x17.casino/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.194.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ed3715ae976138021848eab4af50a3736f16771eab4fdb79446b1cdd952a429
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://money-x17.casino/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 18:15:31 GMT
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gdQcX%2Fo37fmgl6RmRAwsC7QuRPZ5nRARTH83YAVrOrlA6fJiAyAXGzgMke5LiXQYktVUgLl9pMpqkXoOSblo3oD11akzL3hmIlABsA9fIARUocvmeBPgo0BACo1R7mW%2FEfIT"}],"group":"cf-nel","max_age":604800}
cache-control
private
cf-ray
7bc817a518271bfa-OSL
ajax.min.js
money-x17.casino/ 		204 B
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://money-x17.casino/ajax.min.js?8233967566571935
Requested by
Host: money-x17.casino
URL: https://money-x17.casino/ajax.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.194.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://money-x17.casino/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 23 Apr 2023 18:15:31 GMT
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z1hX0K%2FdMZo3LwzyVVGIRJ9QyjWA3ul59MCW74nAlRKFwmdv6%2BDBW7DNLNpcXnEcxtDgJAXos45ttrJYqqHov3%2FT6RzpbTdqaCTiJrWF1PHU5lgCgfZEX6gAEhyeL0pJ3aOj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
private
cf-ray
7bc817a5f8ff1bfa-OSL
4138880
whairtoa.com/4/ 		27 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://whairtoa.com/4/4138880
Requested by
Host: money-x17.casino
URL: https://money-x17.casino/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
862bb18d60aabdf403df31cca8a6bbbfdf98b2f45791c7163b86040e553c3035

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
* *
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf8
date
Sun, 23 Apr 2023 18:15:31 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
link
<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache no-cache
server
nginx
timing-allow-origin
*
x-trace-id
c3535d457fd91a17b8077bd295d382e3
img.gif
my.rtmark.net/ 		43 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=9348db008493425d9a2054ed32bb3a34
Requested by
Host: whairtoa.com
URL: https://whairtoa.com/4/4138880
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://whairtoa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 18:15:32 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
add
datatechone.com/log/ 		2 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
Requested by
Host: whairtoa.com
URL: https://whairtoa.com/4/4138880
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://whairtoa.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 23 Apr 2023 18:15:32 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://whairtoa.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
2
Primary Request lp.php
videoadblockerpro.com/
Redirect Chain
  • https://whairtoa.com/?z=4138880&syncedCookie=true&rhd=false
  • https://videoadblockerpro.com/lp.php?gl=bupasYde7k&_z=3&gs=4138880&go=674067491491951224&gn=pa&rdk=rk3
21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://videoadblockerpro.com/lp.php?gl=bupasYde7k&_z=3&gs=4138880&go=674067491491951224&gn=pa&rdk=rk3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30354f41de934905468bb00199c562630082bab1407cf0f0499087386d4a1bb1

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://whairtoa.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7bc817ae2e4fb509-OSL
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 23 Apr 2023 18:15:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NHzHHn%2FXA1Mf%2FuEXPsjplmv12UWKWNJr22Arh%2FSq%2B1%2BeuJO0OZyZ%2B1gX8xhH8lgXJWcTPEyhMCnMjHpv6caKz8hvCZrl%2FxdqyAzh5oc3bX8QvdL1WOwFjyOWukRuLNAneDtrvX6byb4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://whairtoa.com
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length
0
date
Sun, 23 Apr 2023 18:15:32 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://videoadblockerpro.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
location
https://videoadblockerpro.com/lp.php?gl=bupasYde7k&_z=3&gs=4138880&go=674067491491951224&gn=pa&rdk=rk3
pragma
no-cache
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
b7bb1b8998da6de99b3051549a5f4b8e
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/ 		190 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css
Requested by
Host: videoadblockerpro.com
URL: https://videoadblockerpro.com/lp.php?gl=bupasYde7k&_z=3&gs=4138880&go=674067491491951224&gn=pa&rdk=rk3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://videoadblockerpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 23 Apr 2023 18:15:33 GMT
x-content-type-options
nosniff
content-encoding
br
age
3852748
x-jsd-version
5.2.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
30336
x-served-by
cache-fra-eddf8230122-FRA, cache-bma1645-BMA
x-jsd-version-type
version
etag
W/"2f955-d5HdHzFzoNYsw5wh0q1x/I2tDnI"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
logo.png
videoadblockerpro.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://videoadblockerpro.com/images/logo.png
Requested by
Host: videoadblockerpro.com
URL: https://videoadblockerpro.com/lp.php?gl=bupasYde7k&_z=3&gs=4138880&go=674067491491951224&gn=pa&rdk=rk3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80bde9e1c59703c07d47edd7141ebbce6fb33729c4ef781c5be9839314a68ce1

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://videoadblockerpro.com/lp.php?gl=bupasYde7k&_z=3&gs=4138880&go=674067491491951224&gn=pa&rdk=rk3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 18:15:32 GMT
cf-cache-status
HIT
last-modified
Mon, 23 Jan 2023 10:00:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4604
etag
"63ce5ab0-c26"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nP09fGghtKKg0SkRk9%2Fx3k043mn4Y4Lswupct1FwEGjAUI4W3q19nqgSPRRZz57PdHx97YTI5ow0UhPA7GuO3Q%2Fw19mcsjJMoiBA%2FRuPxHv%2BR1RmfiJF48Noe3Xw9RDXViw0FU7fVKA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1200
accept-ranges
bytes
cf-ray
7bc817aedf62b509-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3110
css2
fonts.googleapis.com/ 		6 KB
728 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Ubuntu:wght@300;400;500&display=swap
Requested by
Host: videoadblockerpro.com
URL: https://videoadblockerpro.com/lp.php?gl=bupasYde7k&_z=3&gs=4138880&go=674067491491951224&gn=pa&rdk=rk3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f170.1e100.net
Software
ESF /
Resource Hash
f41324d34849339a04eeb28ca025d4f2f1ac16fd64e98beacc6e31dde235e5f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://videoadblockerpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 23 Apr 2023 18:15:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 23 Apr 2023 17:50:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 23 Apr 2023 18:15:32 GMT
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/ 		160 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css
Requested by
Host: videoadblockerpro.com
URL: https://videoadblockerpro.com/lp.php?gl=bupasYde7k&_z=3&gs=4138880&go=674067491491951224&gn=pa&rdk=rk3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://videoadblockerpro.com/
Origin
https://videoadblockerpro.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 23 Apr 2023 18:15:33 GMT
x-content-type-options
nosniff
content-encoding
br
age
3388548
x-jsd-version
5.1.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
26333
x-served-by
cache-fra-eddf8230037-FRA, cache-bma1653-BMA
x-jsd-version-type
version
etag
W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/ 		76 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js
Requested by
Host: videoadblockerpro.com
URL: https://videoadblockerpro.com/lp.php?gl=bupasYde7k&_z=3&gs=4138880&go=674067491491951224&gn=pa&rdk=rk3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://videoadblockerpro.com/
Origin
https://videoadblockerpro.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 23 Apr 2023 18:15:33 GMT
x-content-type-options
nosniff
content-encoding
br
age
3388548
x-jsd-version
5.1.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
24376
x-served-by
cache-fra-eddf8230075-FRA, cache-bma1653-BMA
x-jsd-version-type
version
etag
W/"13131-qF5oFiTJGhBqUUwx6s+A3oF7LMM"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
email-decode.min.js
videoadblockerpro.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://videoadblockerpro.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: videoadblockerpro.com
URL: https://videoadblockerpro.com/lp.php?gl=bupasYde7k&_z=3&gs=4138880&go=674067491491951224&gn=pa&rdk=rk3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://videoadblockerpro.com/lp.php?gl=bupasYde7k&_z=3&gs=4138880&go=674067491491951224&gn=pa&rdk=rk3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 18:15:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 18 Apr 2023 16:29:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"643ec584-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=COqvggqjpPDcMHAf%2BzpduSJUL4eZMqeOFObY%2FcEAa62KLMg5THz0O9LxMe9dwE%2FNBDJe3txIpT43EqQ7fwkc%2FlSgxTZ11FTPdqgUYyX5md5pxohdGHK8OaO2kMp8l7SEN0YOaNk%2BncI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7bc817aeef89b509-OSL
expires
Tue, 25 Apr 2023 18:15:32 GMT
cws.png
videoadblockerpro.com/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://videoadblockerpro.com/images/cws.png
Requested by
Host: videoadblockerpro.com
URL: https://videoadblockerpro.com/lp.php?gl=bupasYde7k&_z=3&gs=4138880&go=674067491491951224&gn=pa&rdk=rk3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b74fcd6c38eb603d9c86cd1c8cb97ba423d200d7e3e555cbc5a704ac456e00f

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://videoadblockerpro.com/lp.php?gl=bupasYde7k&_z=3&gs=4138880&go=674067491491951224&gn=pa&rdk=rk3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 18:15:32 GMT
cf-cache-status
HIT
last-modified
Thu, 26 Jan 2023 12:08:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5408
etag
"63d26d5a-d6b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XAiQyHOo4cNI4GlZgOJsHGcfRUz%2FLI7rYmVDmvQgDYM%2BRrHHirCZWtrJRhSh0TVb7jKT1h4fz1Gfg631a0rhteMsQXaoOfV093MoOQ%2FYUeoOYQ8Y6On8Qq8IcZiqqRlJBrkzdmQu5Ps%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1200
accept-ranges
bytes
cf-ray
7bc817aeef8db509-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3435
h.js
bjeejieamikgomobcpgdnepmiodidpkl/ 		0
0
a.php
tbm09.com/ Frame 1DCC 		96 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tbm09.com/a.php?id=0069&e=VPGCNBK0FG&c=bupasYde7k&r=pa&cid=674067491491951224&z=4138880&v=3&dr=&inw=1600&inh=1200
Requested by
Host: videoadblockerpro.com
URL: https://videoadblockerpro.com/lp.php?gl=bupasYde7k&_z=3&gs=4138880&go=674067491491951224&gn=pa&rdk=rk3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.73.221 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d5f7d977f9b96d4f7abe30653ea52b3406938d5175ebb743bf839beab7f59f6

Request headers

Referer
https://videoadblockerpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7bc817b4ae06b4f7-OSL
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 23 Apr 2023 18:15:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MaX1%2B6%2Bd5nuaKH05zvme9RA7rK01B6for1U%2FLuus5RpjcwREk6vxeIYWyuq5Jq8HPt6Ch7VKWliwJxv0RaEJh6ILlCzyhA%2BE%2BznpJq0MlnPPyidJ31ZKsfPTYik%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
gv.php
videoadblockerpro.com/ Frame 09BF 		0
400 B 		Document
General
Check archive.org
Download Go to
Full URL
https://videoadblockerpro.com/gv.php
Requested by
Host: videoadblockerpro.com
URL: https://videoadblockerpro.com/lp.php?gl=bupasYde7k&_z=3&gs=4138880&go=674067491491951224&gn=pa&rdk=rk3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://videoadblockerpro.com/lp.php?gl=bupasYde7k&_z=3&gs=4138880&go=674067491491951224&gn=pa&rdk=rk3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7bc817b22d65b509-OSL
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 23 Apr 2023 18:15:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fyz%2BOLHKyMVbJK2a1IrbjJHAFBb8cRLkWdDX%2Bo6%2BiXnFUsamIlr7MotxLH1wqeF8OLM88K1RUy0nmYLKYFgvHpuBYFo%2FPq38y2gAw2n0Ldyfb8wM1ne%2Bamotbsp7%2FV2sBrrhjfQFqHA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bjeejieamikgomobcpgdnepmiodidpkl
URL
chrome-extension://bjeejieamikgomobcpgdnepmiodidpkl/h.js

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| req_existing_user object| landing_iframe function| openNewWindow function| openNewTab function| openSameTab function| listenInstallCompleted function| openInstructions object| windowObjectReference number| uidEvent object| bootstrap

12 Cookies

Domain/Path Name / Value
money-x17.casino/ Name: wws_gfpxx
Value: VGVybSVDMyVBOWt0ZXN6dCUzQSUyMEh5dW5kYWklMjBIeWQtNDAyJTIwRWxla3Ryb21vcyUyMCVDMyU5Q3R2ZWNzYXZhcm96JUMzJUIzJTIwLSUyMEF6JTIwQXV0JUMzJUIz
whairtoa.com/ Name: OAID
Value: 9348db008493425d9a2054ed32bb3a34
whairtoa.com/ Name: oaidts
Value: 1682273731
my.rtmark.net/ Name: ID
Value: 9348db008493425d9a2054ed32bb3a34
whairtoa.com/ Name: syncedCookie
Value: true
.tbm09.com/ Name: c0069
Value: bupasYde7k
.tbm09.com/ Name: r0069
Value: pa
.tbm09.com/ Name: cid0069
Value: 674067491491951224
.tbm09.com/ Name: z0069
Value: 4138880
.tbm09.com/ Name: v0069bupasYde7k
Value: %7B%223%22%3A1%7D
.tbm09.com/ Name: e0069
Value: VPGCNBK0FG
.tbm09.com/ Name: _asd
Value: 16822737331434437

2 Console Messages

Source Level URL
Text
javascript error URL: https://videoadblockerpro.com/lp.php?gl=bupasYde7k&_z=3&gs=4138880&go=674067491491951224&gn=pa&rdk=rk3(Line 55)
Message:
Access to XMLHttpRequest at 'chrome-extension://bjeejieamikgomobcpgdnepmiodidpkl/h.js' from origin 'https://videoadblockerpro.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network error URL: chrome-extension://bjeejieamikgomobcpgdnepmiodidpkl/h.js
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block