urlscan.io logo urlscan.io
SecurityTrails logo

videoadblockerpro.com Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://titawinala.com/pevatgasmoney.php?sub=Boleehh
Effective URL: https://videoadblockerpro.com/lp.php?gl=buprw5Smkr&_z=3&gs=4_3052727-3428360760-0&go=646e46ebc5c3ad0001992984&gn=pr
Submission Tags: falconsandbox
Submission: On May 24 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 10 domains to perform 19 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is videoadblockerpro.com. The Cisco Umbrella rank of the primary domain is 295530.
TLS certificate: Issued by GTS CA 2P2 on May 15th 2023. Valid for: 3 months.
This is the only time videoadblockerpro.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2a02:4780:1:5... 47583 (AS-HOSTINGER)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 149.56.240.129 16276 (OVH)
1 1 34.96.122.41 396982 (GOOGLE-CL...)
2 3 35.201.70.46 396982 (GOOGLE-CL...)
1 1 34.90.81.51 396982 (GOOGLE-CL...)
4 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 2a03:90c0:41:... 199524 (GCORE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
19 9
2    2a02:4780:1:549:0:f1c:1c85:2 (Asheville, United States)

ASN47583 (AS-HOSTINGER, CY)
titawinala.com
3    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    2606:4700:10::ac43:d8c (United States)

ASN13335 (CLOUDFLARENET, US)
s10.histats.com
1    149.56.240.129 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534297.ip-149-56-240.net
s4.histats.com
1    34.96.122.41 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 41.122.96.34.bc.googleusercontent.com
www.n5rthy.com
3    35.201.70.46 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 46.70.201.35.bc.googleusercontent.com
directdexchange.com
1    34.90.81.51 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.81.90.34.bc.googleusercontent.com
tracking.prtrackings.com
4    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
videoadblockerpro.com
3    2a03:90c0:41:2801::62 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
cdn.jsdelivr.net
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
4 videoadblockerpro.com
videoadblockerpro.com — Cisco Umbrella Rank: 295530
15 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 344
67 KB
3 directdexchange.com
directdexchange.com
3 KB
3 histats.com
s10.histats.com — Cisco Umbrella Rank: 17397
s4.histats.com — Cisco Umbrella Rank: 15071
11 KB
3 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 817
28 KB
2 gstatic.com
fonts.gstatic.com
64 KB
2 titawinala.com
titawinala.com
31 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
1 prtrackings.com
tracking.prtrackings.com — Cisco Umbrella Rank: 158389
346 B
1 n5rthy.com
www.n5rthy.com
370 B
19 10
Domain Requested by
4 videoadblockerpro.com directdexchange.com
videoadblockerpro.com
3 cdn.jsdelivr.net videoadblockerpro.com
3 directdexchange.com 2 redirects
3 maxcdn.bootstrapcdn.com titawinala.com
2 fonts.gstatic.com fonts.googleapis.com
2 s10.histats.com titawinala.com
s10.histats.com
2 titawinala.com titawinala.com
1 fonts.googleapis.com videoadblockerpro.com
1 tracking.prtrackings.com 1 redirects
1 www.n5rthy.com 1 redirects
1 s4.histats.com s10.histats.com
19 11

This site contains no links.

Subject Issuer Validity Valid
titawinala.com
R3		 2023-05-23 -
2023-08-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
histats.com
R3		 2023-03-15 -
2023-06-13		 3 months crt.sh
directdexchange.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-25 -
2024-01-25		 a year crt.sh
videoadblockerpro.com
GTS CA 2P2		 2023-05-15 -
2023-08-13		 3 months crt.sh
cdn.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2022-10-01 -
2023-10-20		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://videoadblockerpro.com/lp.php?gl=buprw5Smkr&_z=3&gs=4_3052727-3428360760-0&go=646e46ebc5c3ad0001992984&gn=pr
Frame ID: 47F9A8299EC4CC82A13DEF579666E892
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ad Block EverythingPrivacy Policy

Page URL History Show full URLs

  1. https://titawinala.com/pevatgasmoney.php?sub=Boleehh Page URL
  2. https://www.n5rthy.com/2TCZZKN6/42NMJQ5/&?sub2=Boleehh HTTP 302
    https://directdexchange.com//jump/next.php?r=3052727&sub1=pcpa2-32313-1728-66&__pcd=9 Page URL
  3. https://directdexchange.com/jump/next.php?stamat=m%257C%252C0IhMyYhNqB1dAN0dEdHP3xP.fef%252CS0kXXHXf2ck-... HTTP 302
    https://directdexchange.com/script/i.php?t=1&stamat=m%257C%252C%252CwjavY3ZroGU3BJ-GH0dEdHP3xP.934%252Co... HTTP 302
    https://tracking.prtrackings.com/click?pid=4&offer_id=3419&sub1=168494871410000TDETV436448888414V6e&sub2=3052... HTTP 302
    https://videoadblockerpro.com/lp.php?gl=buprw5Smkr&_z=3&gs=4_3052727-3428360760-0&go=646e46ebc5c3ad0001992... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

19
Requests

100 %
HTTPS

64 %
IPv6

10
Domains

11
Subdomains

9
IPs

4
Countries

219 kB
Transfer

741 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://titawinala.com/pevatgasmoney.php?sub=Boleehh Page URL
  2. https://www.n5rthy.com/2TCZZKN6/42NMJQ5/&?sub2=Boleehh HTTP 302
    https://directdexchange.com//jump/next.php?r=3052727&sub1=pcpa2-32313-1728-66&__pcd=9 Page URL
  3. https://directdexchange.com/jump/next.php?stamat=m%257C%252C0IhMyYhNqB1dAN0dEdHP3xP.fef%252CS0kXXHXf2ck-DOZ9HRvwuB0QovJKnyfJ7DQVBGM6T8m9aslbJVrMKl7pitvxL3f-2mHcpP5XJh-JknSG3-cdWoUB1XDYWZUGaSXCATIE4_A%252C&cbpage=https://directdexchange.com//jump/next.php?r=3052727&sub1=pcpa2-32313-1728-66&__pcd=9&cbur=0.6202068538610623&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=https%3A%2F%2Ftitawinala.com%2F HTTP 302
    https://directdexchange.com/script/i.php?t=1&stamat=m%257C%252C%252CwjavY3ZroGU3BJ-GH0dEdHP3xP.934%252Co7_HxNHBC2gAr3ohGTcmaxzBXd80nNRP92JECJ7lb2Udvd2gqnXF5hoZlhEKhbwbeUly8wmIUtK151gOiRp41RQ8z5ThDsjQyZOE0oOuiKCj7PAyQtpU_Am7Bje3BGn578qF6R2LVtAa66owhTH7iFu_3ZIfyObNQMM2XquM6evZo-zRDztvQ9X6LB_Q8HOltmxsTB__J6pK9gGUAYA4uwzvkRLUE2s_3OMkdo1p563BYPIhODW97Xbf6020NUpxo6ZH01Q8wiTYsH5LyGvhUtke-UhhbKcANYeZvAd9IDlJb4e64e_aUvFY--Ycesvo32r-jcQizm-sKcMKlrgsQG2TQNUltFpHpXcYyPEs6if6INTLDKeQazuevAH65xHRf6T_9He2vGXZQDdah0TMyKzbE_7J1c9lMbG_O_nw62sFqVqcS5FMmmNhhzCAPRrX991KfZhc9hF2A3u4RFH7XhaIbqYauzaNJ5aLHzC96aCIGFH72RH4z5NCcJpWkU4IhiyOm70BympCDGEOQExP0nsjJdxBPoE_pgNRL_qkQ45StZP8qKLO14SNVbGpYs_OInYWd0tmoIE1vQVVz3LRbVDQ3Smig4g63COO2-YL05pibbqpdhcjScBl5owsjY5CJ5cUHgUVt5rVoT7bklpAHg%252C%252C HTTP 302
    https://tracking.prtrackings.com/click?pid=4&offer_id=3419&sub1=168494871410000TDETV436448888414V6e&sub2=3052727-3428360760-0 HTTP 302
    https://videoadblockerpro.com/lp.php?gl=buprw5Smkr&_z=3&gs=4_3052727-3428360760-0&go=646e46ebc5c3ad0001992984&gn=pr Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://www.n5rthy.com/2TCZZKN6/42NMJQ5/&?sub2=Boleehh HTTP 302
  • https://directdexchange.com//jump/next.php?r=3052727&sub1=pcpa2-32313-1728-66&__pcd=9

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
pevatgasmoney.php
titawinala.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://titawinala.com/pevatgasmoney.php?sub=Boleehh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:1:549:0:f1c:1c85:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/7.4.33
Resource Hash
eecf0af5da4cd7a87decfd7f8eb7ffe37def61eb086cef991ca035c53d0210f1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
895
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Wed, 24 May 2023 17:18:33 GMT
platform
hostinger
refresh
0; url=https://www.n5rthy.com/2TCZZKN6/42NMJQ5/&?sub2=Boleehh
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Requested by
Host: titawinala.com
URL: https://titawinala.com/pevatgasmoney.php?sub=Boleehh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://titawinala.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 17:18:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
632, 617, 617
age
9727696
cdn-cachedat
2021-06-08 21:08:57
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
e6a55b08fe5091f45c9e99ce9e9f98c2
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7cc732d51b8a377c-FRA
cdn-requestpullsuccess
True
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/ 		115 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css
Requested by
Host: titawinala.com
URL: https://titawinala.com/pevatgasmoney.php?sub=Boleehh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://titawinala.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 17:18:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
632, 617, 617
age
9727658
cdn-cachedat
2021-06-08 17:56:49
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:58 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
4bd704688cb08bed1c10c8f26826e421
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7cc732d51b8c377c-FRA
cdn-requestpullsuccess
True
bootstrap-theme.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/ 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap-theme.min.css
Requested by
Host: titawinala.com
URL: https://titawinala.com/pevatgasmoney.php?sub=Boleehh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2453e31f9c5e0dbee528d11f97a85edf897ed93406954ce8e475f0244abf249a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://titawinala.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 17:18:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
864
age
9726509
cdn-cachedat
02/23/2022 12:20:58
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:58 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"89b29714ad4aaaa3953ef3b51cf9c43a"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
d44e0f6cd983f05ee58da1527472a462
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7cc732d51b8f377c-FRA
cdn-requestpullsuccess
True
load.gif
titawinala.com/include/images/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://titawinala.com/include/images/load.gif
Requested by
Host: titawinala.com
URL: https://titawinala.com/pevatgasmoney.php?sub=Boleehh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:1:549:0:f1c:1c85:2 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
9eb442caf593ea96298bcb44a7fb79f24c414ceeece61aea0357e44008889602
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://titawinala.com/pevatgasmoney.php?sub=Boleehh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 17:18:33 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Fri, 25 Nov 2022 09:08:23 GMT
server
LiteSpeed
etag
"7507-63808607-1bb0c876558e508;;;"
content-type
image/gif
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
29959
expires
Wed, 31 May 2023 17:18:33 GMT
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: titawinala.com
URL: https://titawinala.com/pevatgasmoney.php?sub=Boleehh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:d8c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://titawinala.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 17:18:33 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
1232
etag
W/"5e983700-2cb0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=28800
cf-ray
7cc732d5a8462bb5-FRA
0.php
s4.histats.com/stats/ 		47 B
181 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4704631&@f16&@g1&@h1&@i1&@j1684948713892&@k0&@l1&@mNEK-LED&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1600&@b1:-17049540&@b3:1684948714&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Ftitawinala.com%2Fpevatgasmoney.php%3Fsub%3DBoleehh&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.129 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534297.ip-149-56-240.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://titawinala.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 24 May 2023 17:18:34 GMT
Connection
close
Content-Length
47
Content-Type
text/html;charset=UTF-8
cc_511.js
s10.histats.com/counters/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/counters/cc_511.js
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:d8c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
056c49d5e33c04e80cc64e849f28b2d64398c56a86650788fe73207fa4c6823c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://titawinala.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 17:18:33 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:45:32 GMT
server
cloudflare
age
28625
etag
"1364484781"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
7cc732d5f8b52bb5-FRA
content-length
6278
next.php
directdexchange.com//jump/
Redirect Chain
  • https://www.n5rthy.com/2TCZZKN6/42NMJQ5/&?sub2=Boleehh
  • https://directdexchange.com//jump/next.php?r=3052727&sub1=pcpa2-32313-1728-66&__pcd=9
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://directdexchange.com//jump/next.php?r=3052727&sub1=pcpa2-32313-1728-66&__pcd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.70.46 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
46.70.201.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Referer
https://titawinala.com/pevatgasmoney.php?sub=Boleehh
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 24 May 2023 17:18:34 GMT
server
openresty
via
1.1 google

Redirect headers

accept-ch
Sec-Ch-Ua-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
116
content-type
text/html; charset=utf-8
date
Wed, 24 May 2023 17:18:34 GMT
location
https://directdexchange.com//jump/next.php?r=3052727&sub1=pcpa2-32313-1728-66&__pcd=9
server
nginx
vary
Origin
via
1.1 google
x-eflow-request-id
b2b48d7f-fd7f-4500-b222-4028451ff1e3
Primary Request lp.php
videoadblockerpro.com/
Redirect Chain
  • https://directdexchange.com/jump/next.php?stamat=m%257C%252C0IhMyYhNqB1dAN0dEdHP3xP.fef%252CS0kXXHXf2ck-DOZ9HRvwuB0QovJKnyfJ7DQVBGM6T8m9aslbJVrMKl7pitvxL3f-2mHcpP5XJh-JknSG3-cdWoUB1XDYWZUGaSXCATIE4...
  • https://directdexchange.com/script/i.php?t=1&stamat=m%257C%252C%252CwjavY3ZroGU3BJ-GH0dEdHP3xP.934%252Co7_HxNHBC2gAr3ohGTcmaxzBXd80nNRP92JECJ7lb2Udvd2gqnXF5hoZlhEKhbwbeUly8wmIUtK151gOiRp41RQ8z5ThDs...
  • https://tracking.prtrackings.com/click?pid=4&offer_id=3419&sub1=168494871410000TDETV436448888414V6e&sub2=3052727-3428360760-0
  • https://videoadblockerpro.com/lp.php?gl=buprw5Smkr&_z=3&gs=4_3052727-3428360760-0&go=646e46ebc5c3ad0001992984&gn=pr
16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://videoadblockerpro.com/lp.php?gl=buprw5Smkr&_z=3&gs=4_3052727-3428360760-0&go=646e46ebc5c3ad0001992984&gn=pr
Requested by
Host: directdexchange.com
URL: https://directdexchange.com//jump/next.php?r=3052727&sub1=pcpa2-32313-1728-66&__pcd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c412e058d4f43d7c56383d9e9c4dbe8d0fac725faf5c1e692ecb57418468e665

Request headers

Referer
https://directdexchange.com//jump/next.php?r=3052727&sub1=pcpa2-32313-1728-66&__pcd=9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7cc732ddbec6372e-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 24 May 2023 17:18:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KRNKJnLrF7ZVj9iqhstMVNREbvUp5jr2lT8JTyk1rfMccxz5CzW9VbGqKKVjD3eC5z1Eph%2FFsooa6qnnJ6bZzkMZ2wLeBRkJdfV%2B0bIVc7%2FEJ94FxyMsA4GDaEqZDF%2F0E%2F8bE4tGzlk44uffi3t8nxGpMDk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

access-control-allow-origin
*
content-length
0
date
Wed, 24 May 2023 17:18:35 GMT
location
https://videoadblockerpro.com/lp.php?gl=buprw5Smkr&_z=3&gs=4_3052727-3428360760-0&go=646e46ebc5c3ad0001992984&gn=pr
server
nginx
x-adjust-use-original-forwarded-for
1
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/ 		190 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css
Requested by
Host: videoadblockerpro.com
URL: https://videoadblockerpro.com/lp.php?gl=buprw5Smkr&_z=3&gs=4_3052727-3428360760-0&go=646e46ebc5c3ad0001992984&gn=pr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://videoadblockerpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-id
am3-up-gc89, fr5-hw-edge-gc8
date
Wed, 24 May 2023 17:18:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
age
2436622
x-jsd-version
5.2.3
x-cache
HIT, HIT
x-cached-since
2023-05-23T14:23:19+00:00, 2023-05-23T14:23:27+00:00
cross-origin-resource-policy
cross-origin
x-nginx
nginx-be, nginx-be
x-served-by
cache-fra-eddf8230126-FRA, cache-ams21059-AMS
x-jsd-version-type
version
server
nginx
etag
W/"2f955-d5HdHzFzoNYsw5wh0q1x/I2tDnI"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cache
HIT, HIT
timing-allow-origin
*
logo.png
videoadblockerpro.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://videoadblockerpro.com/images/logo.png
Requested by
Host: videoadblockerpro.com
URL: https://videoadblockerpro.com/lp.php?gl=buprw5Smkr&_z=3&gs=4_3052727-3428360760-0&go=646e46ebc5c3ad0001992984&gn=pr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80bde9e1c59703c07d47edd7141ebbce6fb33729c4ef781c5be9839314a68ce1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://videoadblockerpro.com/lp.php?gl=buprw5Smkr&_z=3&gs=4_3052727-3428360760-0&go=646e46ebc5c3ad0001992984&gn=pr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 17:18:35 GMT
cf-cache-status
HIT
last-modified
Mon, 23 Jan 2023 10:00:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5718
etag
"63ce5aa4-c26"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fLgcB1t4pb%2Fv6v4Eqanufx1JDFfGplFLC6o%2FcBECbXXODzHUtBJF8Eeszwu9qPDK34dWTCiwtmyyhU8uWZ0r75PZOpxJezF%2FLO4V1FCP2yRL0I323PhX4SVgNfDZF%2FcAaHEiE21tZLi42b3EtroG3INnzHk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1200
accept-ranges
bytes
cf-ray
7cc732de5f8c372e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3110
css2
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Ubuntu:wght@300;400;500&display=swap
Requested by
Host: videoadblockerpro.com
URL: https://videoadblockerpro.com/lp.php?gl=buprw5Smkr&_z=3&gs=4_3052727-3428360760-0&go=646e46ebc5c3ad0001992984&gn=pr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
84b401fecbb4d8f356618ccd62e6e96eecf0861684ab3cda5e0e458665355a33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://videoadblockerpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 24 May 2023 17:18:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 24 May 2023 16:01:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 May 2023 17:18:35 GMT
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/ 		160 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css
Requested by
Host: videoadblockerpro.com
URL: https://videoadblockerpro.com/lp.php?gl=buprw5Smkr&_z=3&gs=4_3052727-3428360760-0&go=646e46ebc5c3ad0001992984&gn=pr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://videoadblockerpro.com/
Origin
https://videoadblockerpro.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-id
am3-up-gc88, fr5-hw-edge-gc30
date
Wed, 24 May 2023 17:18:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
age
348125
x-jsd-version
5.1.3
x-cache
HIT, HIT
x-cached-since
2023-05-23T14:22:16+00:00, 2023-05-23T14:23:24+00:00
cross-origin-resource-policy
cross-origin
x-nginx
nginx-be, nginx-be
x-served-by
cache-fra-eddf8230037-FRA, cache-ams21072-AMS
x-jsd-version-type
version
server
nginx
etag
W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cache
HIT, HIT
timing-allow-origin
*
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/ 		76 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js
Requested by
Host: videoadblockerpro.com
URL: https://videoadblockerpro.com/lp.php?gl=buprw5Smkr&_z=3&gs=4_3052727-3428360760-0&go=646e46ebc5c3ad0001992984&gn=pr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://videoadblockerpro.com/
Origin
https://videoadblockerpro.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-id
am3-up-gc88, fr5-hw-edge-gc30
date
Wed, 24 May 2023 17:18:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
age
5382426
x-jsd-version
5.1.3
x-cache
HIT, HIT
x-cached-since
2023-05-23T14:23:19+00:00, 2023-05-23T14:23:22+00:00
cross-origin-resource-policy
cross-origin
x-nginx
nginx-be, nginx-be
x-served-by
cache-fra-eddf8230075-FRA, cache-ams21045-AMS
x-jsd-version-type
version
server
nginx
etag
W/"13131-qF5oFiTJGhBqUUwx6s+A3oF7LMM"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cache
HIT, HIT
timing-allow-origin
*
email-decode.min.js
videoadblockerpro.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://videoadblockerpro.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: videoadblockerpro.com
URL: https://videoadblockerpro.com/lp.php?gl=buprw5Smkr&_z=3&gs=4_3052727-3428360760-0&go=646e46ebc5c3ad0001992984&gn=pr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://videoadblockerpro.com/lp.php?gl=buprw5Smkr&_z=3&gs=4_3052727-3428360760-0&go=646e46ebc5c3ad0001992984&gn=pr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 17:18:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 May 2023 14:45:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64678b77-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wiuc8mmjMD7C5llQyGDCyW0CKD3kZmrL6fQF%2F61hne463gy8GD2n39djgFLI4X5xv3F%2FoHT7%2Fedja8iVMt2mVHuQaDMW6eWXWTJ32V%2FrIFMbmMvlR6gUGxxAuzzxsMd3qlOyE5zHvZnYtCeA39yY%2FTxqA00%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7cc732de8d545c20-FRA
expires
Fri, 26 May 2023 17:18:35 GMT
cws.png
videoadblockerpro.com/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://videoadblockerpro.com/images/cws.png
Requested by
Host: videoadblockerpro.com
URL: https://videoadblockerpro.com/lp.php?gl=buprw5Smkr&_z=3&gs=4_3052727-3428360760-0&go=646e46ebc5c3ad0001992984&gn=pr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b74fcd6c38eb603d9c86cd1c8cb97ba423d200d7e3e555cbc5a704ac456e00f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://videoadblockerpro.com/lp.php?gl=buprw5Smkr&_z=3&gs=4_3052727-3428360760-0&go=646e46ebc5c3ad0001992984&gn=pr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 17:18:35 GMT
cf-cache-status
HIT
last-modified
Thu, 26 Jan 2023 12:08:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5449
etag
"63d26d5a-d6b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VkdMyehARCexsbv%2BVzj99j3ED99K2n%2BOKu9bXgo6m9hO%2BEWag0N1J%2BuWjvaZ0Q%2BjyCrBaBwKurZ4wNzLzAGOcn%2B9jUQ1tvf35BmqryjR4UfM%2BhWNdB%2BmHc54t%2BDidg1SXRRqaX01sKdccGk9tzwVEPgNkc8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1200
accept-ranges
bytes
cf-ray
7cc732de8d575c20-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3435
4iCv6KVjbNBYlgoCjC3jsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Ubuntu:wght@300;400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://videoadblockerpro.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 17:06:53 GMT
x-content-type-options
nosniff
age
346302
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30480
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 May 2024 17:06:53 GMT
4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Ubuntu:wght@300;400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://videoadblockerpro.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 17:40:30 GMT
x-content-type-options
nosniff
age
344285
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34852
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:31:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 May 2024 17:40:30 GMT

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless number| uidEvent object| bootstrap

11 Cookies

Domain/Path Name / Value
titawinala.com/ Name: HstCfa4704631
Value: 1684948713892
titawinala.com/ Name: HstCla4704631
Value: 1684948713892
titawinala.com/ Name: HstCmu4704631
Value: 1684948713892
titawinala.com/ Name: HstPn4704631
Value: 1
titawinala.com/ Name: HstPt4704631
Value: 1
titawinala.com/ Name: HstCnv4704631
Value: 1
titawinala.com/ Name: HstCns4704631
Value: 1
www.n5rthy.com/ Name: uniqueClick_42NMJQ5
Value: 472cdeb2-24a9-412c-8aea-866bcf64169a:1684948714
tracking.prtrackings.com/ Name: afclick
Value: 646e46ebc5c3ad0001992984
tracking.prtrackings.com/ Name: afoffers
Value: {"3419":1684948715}
.videoadblockerpro.com/ Name: _asd
Value: 16849487155744762

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
directdexchange.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
s10.histats.com
s4.histats.com
titawinala.com
tracking.prtrackings.com
videoadblockerpro.com
www.n5rthy.com
149.56.240.129
2606:4700:10::ac43:d8c
2606:4700::6812:acf
2a00:1450:4001:813::2003
2a00:1450:4001:827::200a
2a02:4780:1:549:0:f1c:1c85:2
2a03:90c0:41:2801::62
2a06:98c1:3120::3
34.90.81.51
34.96.122.41
35.201.70.46
056c49d5e33c04e80cc64e849f28b2d64398c56a86650788fe73207fa4c6823c
2453e31f9c5e0dbee528d11f97a85edf897ed93406954ce8e475f0244abf249a
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2b74fcd6c38eb603d9c86cd1c8cb97ba423d200d7e3e555cbc5a704ac456e00f
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
80bde9e1c59703c07d47edd7141ebbce6fb33729c4ef781c5be9839314a68ce1
84b401fecbb4d8f356618ccd62e6e96eecf0861684ab3cda5e0e458665355a33
9eb442caf593ea96298bcb44a7fb79f24c414ceeece61aea0357e44008889602
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
c412e058d4f43d7c56383d9e9c4dbe8d0fac725faf5c1e692ecb57418468e665
e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c
eecf0af5da4cd7a87decfd7f8eb7ffe37def61eb086cef991ca035c53d0210f1
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3