video-adblocker.pro Open in urlscan Pro
2606:4700:3034::ac43:8091  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://wehrma.com/prod/ngo.html?lu=https://video-adblocker.pro/lp.php?gl=buacp1OclKrppi Page URL
2. https://video-adblocker.pro/lp.php?gl=buacp1OclKrppi Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	ngo.html wehrma.com/prod/	626 B 1 KB	127ms 36ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wehrma.com/prod/ngo.html?lu=https://video-adblocker.pro/lp.php?gl=buacp1OclKrppi Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-origin * age 765 alt-svc h3=":443"; ma=86400 cache-control public, max-age=3600 cf-cache-status DYNAMIC cf-ray 7d7d3d2d3c7b0bb5-AMS content-encoding br content-type text/html date Thu, 15 Jun 2023 19:32:25 GMT expires Thu, 15 Jun 2023 20:19:40 GMT last-modified Tue, 12 Apr 2022 06:45:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nY4WviRxoSKhttI7MPOwiHTVrPD7gGs6GTDfO2vbzx53OoyNvObn%2FbSI7bd3BlyhKG680lXMih4IauqpZk9gVmk5VrJHAGGViRMF4%2BFyMB6opnIkC8CSOrmnQwxXJ%2BtWY0HOalUWXb5u"}],"group":"cf-nel","max_age":604800} server cloudflare x-goog-generation 1649745940341770 x-goog-hash crc32c=+jeBsA== md5=dl7RxfSqF7bBsUuXyu69Eg== x-goog-metageneration 2 x-goog-storage-class MULTI_REGIONAL x-goog-stored-content-encoding identity x-goog-stored-content-length 626 x-guploader-uploadid ADPycdv8V0aGYaPRbjXgn4yyBNvsViCiJiYmKzlIAbqRhOb6TCXkyWDa4ebWaYlzqjePHFHY09fDHmLIlmwGszfnmFVncVSaBx1B
GET H2	200	Primary Request lp.php Show response video-adblocker.pro/	9 KB 3 KB	322ms 81ms	Document text/html	2606:4700:3034::ac43:8091 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://video-adblocker.pro/lp.php?gl=buacp1OclKrppi Requested by Host: wehrma.com URL: https://wehrma.com/prod/ngo.html?lu=https://video-adblocker.pro/lp.php?gl=buacp1OclKrppi Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:8091 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5c423e1db1d25588a7a718ac1616795835c0c53071bac79793263eb8f73ff49d Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7d7d3d2f1c301c0c-AMS content-encoding br content-type text/html; charset=UTF-8 date Thu, 15 Jun 2023 19:32:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uGGI0bVgkuxQ%2FY3OboPePA23QWwcdrsJv49%2BzIUVcf928cqr%2FZe2tVZmOLuNZVqTJetRcJKSMOR6xVp7L%2FfJflCPKTi0wanWOjEEt4vRnyoDJsnkwI0gsUXTn1XqOoYKHSfn9q%2BoomXlsz8xo%2Fcd1zZk"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	bootstrap.min.css stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/	138 KB 22 KB	106ms 36ms	Stylesheet text/css	2606:4700::6812:acf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css Requested by Host: video-adblocker.pro URL: https://video-adblocker.pro/lp.php?gl=buacp1OclKrppi Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://video-adblocker.pro/ Origin https://video-adblocker.pro accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 15 Jun 2023 19:32:26 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br cdn-edgestorageid 756 age 4249894 cdn-cachedat 11/21/2022 20:38:40 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:06 GMT cdn-proxyver 1.03 cdn-requestpullcode 200 server cloudflare etag W/"04aca1f4cd3ec3c05a75a879f3be75a3" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid 0c96856f8398c16a0f4cca280c5ac197 timing-allow-origin * cdn-requestcountrycode DE cdn-status 200 cf-ray 7d7d3d3009720b87-AMS cdn-requestpullsuccess True
GET H2	200	logo.png video-adblocker.pro/images/	3 KB 3 KB	36ms 36ms	Image image/png	2606:4700:3034::ac43:8091 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://video-adblocker.pro/images/logo.png Requested by Host: video-adblocker.pro URL: https://video-adblocker.pro/lp.php?gl=buacp1OclKrppi Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:8091 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 80bde9e1c59703c07d47edd7141ebbce6fb33729c4ef781c5be9839314a68ce1 Request headers accept-language nl-NL,nl;q=0.9 Referer https://video-adblocker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 15 Jun 2023 19:32:26 GMT cf-cache-status HIT last-modified Mon, 23 Jan 2023 10:00:16 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 7130 etag "63ce5ab0-c26" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nA0kuQuWYb3qJ9SFH%2BktYX3U8Q%2FZs4HRNKMAA56%2BNDUvdxRSiPcd0IG3eNRV0EGpuDcktGhq0W2XseMke3U%2BPAUoLH0PXZkWI4iin%2FWR10dIHtRPhLUJ6TJxgOjgFHVjtyM%2FXlmTCsTQdLA20FzYIfSQ"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=1200 accept-ranges bytes cf-ray 7d7d3d2f9cde1c0c-AMS alt-svc h3=":443"; ma=86400 content-length 3110
GET		h.js bjeejieamikgomobcpgdnepmiodidpkl/	0 0
GET H2	200	a.php Show response tbm09.com/ Frame 0DB2	96 B 985 B	152ms 76ms	Document text/html	2606:4700:3037::ac43:9657 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tbm09.com/a.php?id=0069&e=VPGCNBK0FG&c=buacp1OclKrppi&v=1&dr=&inw=1600&inh=1200 Requested by Host: video-adblocker.pro URL: https://video-adblocker.pro/lp.php?gl=buacp1OclKrppi Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:9657 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8d5f7d977f9b96d4f7abe30653ea52b3406938d5175ebb743bf839beab7f59f6 Request headers Referer https://video-adblocker.pro/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7d7d3d30c826b918-AMS content-encoding br content-type text/html; charset=UTF-8 date Thu, 15 Jun 2023 19:32:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b7%2BJkxrL%2BMi8eWzczY%2F2dT3YAq5LtwDzBtkM04FzglM1PBq4dqzzZ3uxa1IN%2FCWJUrFEYQ6rB6eiRLc5EOdtan0BLVwpArQ6bB4yr%2BdJr6KLFIFWTNYvmAxx5FNkfDj7FDqRQ0nOwmY%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	gv.php Show response videoadblockerpro.com/ Frame E12C	0 554 B	113ms 46ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://videoadblockerpro.com/gv.php Requested by Host: video-adblocker.pro URL: https://video-adblocker.pro/lp.php?gl=buacp1OclKrppi Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://video-adblocker.pro/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7d7d3d30cf1a0c33-AMS content-encoding br content-type text/html; charset=UTF-8 date Thu, 15 Jun 2023 19:32:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A2mYP%2B%2Fm%2FqC7uEO1%2FbdiJ4QTMpIKRYdHrgPDQgn2N2TXqG7Xioi%2Ft2G8GvP4eb7kDasLyQI8piYMOn8KKAlt0CTFOGWTuGJ0EWtwJWISp5MJSYxVMLTKtyByzlIhUQjyHVtxQmDkhhvWr7mNRizOt0OlXUA%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H3	200	bg1.jpg video-adblocker.pro/img/	61 KB 62 KB	35ms 35ms	Image image/jpeg	2606:4700:3034::ac43:8091 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://video-adblocker.pro/img/bg1.jpg Requested by Host: video-adblocker.pro URL: https://video-adblocker.pro/lp.php?gl=buacp1OclKrppi Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:8091 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b0bdfe679ad7bc2d485db38dd00990c45d11445cf7097b3eed67e3b8a70e0a84 Request headers accept-language nl-NL,nl;q=0.9 Referer https://video-adblocker.pro/lp.php?gl=buacp1OclKrppi User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 15 Jun 2023 19:32:26 GMT cf-cache-status HIT last-modified Tue, 17 Jan 2023 17:01:33 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 181 etag "63c6d46d-f592" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DdF1JCtN5HnttR5%2BuUJEJqaODrN%2F3hSXu5h8ZYf7aeCCMIUR0lyyUOJLR5tb7fQlGpNooOHvBvVbE4fUOonwPmYPcXIzrfk3OqEId8FVvhtH%2FUAA9qA8Tfm5mZJ5jKKCDGcibYira3ZxfPJU7M3udyZ2"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=1200 accept-ranges bytes cf-ray 7d7d3d305f3bb8f6-AMS alt-svc h3=":443"; ma=86400 content-length 62866

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

bjeejieamikgomobcpgdnepmiodidpkl

URL

chrome-extension://bjeejieamikgomobcpgdnepmiodidpkl/h.js

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| onbeforetoggle object| onscrollend object| req_existing_user object| landing_iframe function| openNewWindow function| openNewTab function| openSameTab function| listenInstallCompleted function| openInstructions object| windowObjectReference

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.tbm09.com/	1970-01-20 22:10:17	Name: c0069 Value: buacp1OclKrppi
			.tbm09.com/	1970-01-20 22:10:17	Name: v0069buacp1OclKrppi Value: %7B%221%22%3A1%7D
			.tbm09.com/	1970-01-20 22:10:17	Name: e0069 Value: VPGCNBK0FG
			.tbm09.com/	1970-01-20 21:19:53	Name: _asd Value: 16868575461051821

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://video-adblocker.pro/lp.php?gl=buacp1OclKrppi(Line 42) Message: Access to XMLHttpRequest at 'chrome-extension://bjeejieamikgomobcpgdnepmiodidpkl/h.js' from origin 'https://video-adblocker.pro' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: chrome-extension://bjeejieamikgomobcpgdnepmiodidpkl/h.js Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bjeejieamikgomobcpgdnepmiodidpkl
stackpath.bootstrapcdn.com
tbm09.com
video-adblocker.pro
videoadblockerpro.com
wehrma.com
bjeejieamikgomobcpgdnepmiodidpkl
2606:4700:3034::ac43:8091
2606:4700:3037::ac43:9657
2606:4700::6812:acf
2a06:98c1:3120::3
5c423e1db1d25588a7a718ac1616795835c0c53071bac79793263eb8f73ff49d
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
80bde9e1c59703c07d47edd7141ebbce6fb33729c4ef781c5be9839314a68ce1
8d5f7d977f9b96d4f7abe30653ea52b3406938d5175ebb743bf839beab7f59f6
b0bdfe679ad7bc2d485db38dd00990c45d11445cf7097b3eed67e3b8a70e0a84
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855