videoadblocker.pro Open in urlscan Pro
172.67.137.232 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://wee.so/CamNBC1
Effective URL:
https://videoadblocker.pro/lp.php?gl=butrYwy1bhAppi&_z=13&gs=17120312&go=3611f3c7e8b959f0546f75ad9d6b85c8&gn=tr&gq=924523
Submission Tags: @phish_report
Submission: On March 09 via api (March 9th 2024, 7:13:10 pm UTC) from FI — Scanned from FI

Summary HTTP 29 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 20 IPs in 5 countries across 24 domains to perform 29 HTTP transactions. The main IP is 172.67.137.232, located in United States and belongs to CLOUDFLARENET, US. The main domain is videoadblocker.pro.
TLS certificate: Issued by GTS CA 1P5 on February 27th 2024. Valid for: 3 months.

This is the only time videoadblocker.pro was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious — 1 votes Show Verdicts

Domain & IP information

	IP Address	AS Autonomous System
2 2	192.124.249.11 192.124.249.11	30148 (SUCURI-SEC) (SUCURI-SEC)
1 1	104.21.8.119 104.21.8.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.185.179 142.250.185.179	15169 (GOOGLE) (GOOGLE)
1	104.20.67.115 104.20.67.115	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.243.59.20 192.243.59.20	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.181.233 142.250.181.233	15169 (GOOGLE) (GOOGLE)
1	54.39.128.117 54.39.128.117	16276 (OVH) (OVH)
1	104.21.234.33 104.21.234.33	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.64.37.204 3.64.37.204	16509 (AMAZON-02) (AMAZON-02)
2	172.240.108.84 172.240.108.84	7979 (SERVERS-COM) (SERVERS-COM)
1	192.243.61.225 192.243.61.225	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE)
1 3	172.240.108.68 172.240.108.68	7979 (SERVERS-COM) (SERVERS-COM)
1 3	172.240.127.234 172.240.127.234	7979 (SERVERS-COM) (SERVERS-COM)
1	45.133.44.10 45.133.44.10	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	162.19.58.161 162.19.58.161	16276 (OVH) (OVH)
1	172.67.137.232 172.67.137.232	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.88.20 104.16.88.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.61.96 104.21.61.96	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.93.138 104.21.93.138	13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	20

2 192.124.249.11 (Menifee, United States) 2 redirects

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10011.sucuri.net

wee.so	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.8.119 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

d07b99d.altsportscenter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.179 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f19.1e100.net

top.crashnewstoday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.67.115 (None, )

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

difficultywithhold.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.181.233 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f9.1e100.net

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.39.128.117 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns561935.ip-54-39-128.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.234.33 (None, )

ASN13335 (CLOUDFLARENET, US)

friendshipmale.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.64.37.204 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-37-204.eu-central-1.compute.amazonaws.com

proftrafficcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.240.108.84 (United States)

ASN7979 (SERVERS-COM, US)

stopperlovingplough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
greenhousecape.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.61.225 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

pollingramblefunctions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.240.108.68 (United States) 1 redirects

ASN7979 (SERVERS-COM, US)

weeprobbery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.240.127.234 (United States) 1 redirects

ASN7979 (SERVERS-COM, US)

unemploymentinstinctiverite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
distantbelly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.133.44.10 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

cdn.cloudimagesb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.58.161 (France)

ASN16276 (OVH, FR)
PTR: ns3096669.ip-162-19-58.eu

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.137.232 (United States)

ASN13335 (CLOUDFLARENET, US)

videoadblocker.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.88.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.61.96 (None, )

ASN13335 (CLOUDFLARENET, US)

vittullo.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.93.138 (None, )

ASN13335 (CLOUDFLARENET, US)

adblockology.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	weeprobbery.com 1 redirects weeprobbery.com	34 KB
3	blogger.com www.blogger.com — Cisco Umbrella Rank: 11028	51 KB
2	distantbelly.com 1 redirects distantbelly.com	4 KB
2	gstatic.com fonts.gstatic.com	31 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 228	82 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 15159 s4.histats.com — Cisco Umbrella Rank: 14684	5 KB
2	crashnewstoday.com top.crashnewstoday.com	30 KB
2	wee.so 2 redirects wee.so	1 KB
1	adblockology.com adblockology.com — Cisco Umbrella Rank: 448713	521 B
1	vittullo.info vittullo.info — Cisco Umbrella Rank: 576179	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 310	29 KB
1	videoadblocker.pro videoadblocker.pro	3 KB
1	ibb.co i.ibb.co — Cisco Umbrella Rank: 11855	33 KB
1	cloudimagesb.com cdn.cloudimagesb.com — Cisco Umbrella Rank: 29467	45 KB
1	unemploymentinstinctiverite.com unemploymentinstinctiverite.com	469 B
1	greenhousecape.com greenhousecape.com	12 KB
1	pollingramblefunctions.com pollingramblefunctions.com	12 KB
1	stopperlovingplough.com stopperlovingplough.com	469 B
1	proftrafficcounter.com proftrafficcounter.com — Cisco Umbrella Rank: 13255	304 B
1	friendshipmale.com friendshipmale.com — Cisco Umbrella Rank: 17614	27 KB
1	difficultywithhold.com difficultywithhold.com	28 KB
1	altsportscenter.com 1 redirects d07b99d.altsportscenter.com	701 B
0	Failed function sub() { [native code] }. Failed
0	italianbeepimpediment.com Failed italianbeepimpediment.com Failed
29	24

	Domain	Requested by
3	weeprobbery.com	1 redirects top.crashnewstoday.com pollingramblefunctions.com
3	www.blogger.com	top.crashnewstoday.com
2	distantbelly.com	1 redirects top.crashnewstoday.com
2	fonts.gstatic.com	top.crashnewstoday.com
2	cdnjs.cloudflare.com	top.crashnewstoday.com cdnjs.cloudflare.com
2	top.crashnewstoday.com	top.crashnewstoday.com
2	wee.so	2 redirects
1	adblockology.com	videoadblocker.pro
1	vittullo.info	videoadblocker.pro
1	cdn.jsdelivr.net	videoadblocker.pro
1	videoadblocker.pro	top.crashnewstoday.com
1	i.ibb.co	top.crashnewstoday.com
1	cdn.cloudimagesb.com	top.crashnewstoday.com
1	unemploymentinstinctiverite.com	top.crashnewstoday.com
1	greenhousecape.com	top.crashnewstoday.com
1	pollingramblefunctions.com	top.crashnewstoday.com
1	stopperlovingplough.com	top.crashnewstoday.com
1	proftrafficcounter.com	difficultywithhold.com
1	friendshipmale.com	difficultywithhold.com
1	s4.histats.com	s10.histats.com
1	difficultywithhold.com	top.crashnewstoday.com
1	s10.histats.com	top.crashnewstoday.com
1	d07b99d.altsportscenter.com	1 redirects
0	gcjpbmhldpkkabppgaljnohpelojbcak Failed	videoadblocker.pro
0	italianbeepimpediment.com Failed	top.crashnewstoday.com
29	25

This site contains links to these domains. Also see Links.

Domain
adblockology.com

Subject Issuer	Validity	Valid
top.crashnewstoday.com GTS CA 1D4	`2024-03-03` - `2024-06-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-13` - `2024-05-11`	a year	crt.sh
difficultywithhold.com R3	`2024-03-01` - `2024-05-30`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
histats.com R3	`2024-02-16` - `2024-05-16`	3 months	crt.sh
friendshipmale.com Cloudflare Inc ECC CA-3	`2024-01-18` - `2024-12-31`	a year	crt.sh
proftrafficcounter.com Amazon RSA 2048 M03	`2023-11-21` - `2024-12-19`	a year	crt.sh
stopperlovingplough.com R3	`2024-03-09` - `2024-06-07`	3 months	crt.sh
pollingramblefunctions.com R3	`2024-02-24` - `2024-05-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
weeprobbery.com R3	`2024-03-09` - `2024-06-07`	3 months	crt.sh
*.greenhousecape.com R3	`2024-02-02` - `2024-05-02`	3 months	crt.sh
unemploymentinstinctiverite.com R3	`2024-03-07` - `2024-06-05`	3 months	crt.sh
cdn.cloudimagesb.com R3	`2024-01-22` - `2024-04-21`	3 months	crt.sh
ibb.co R3	`2024-02-07` - `2024-05-07`	3 months	crt.sh
videoadblocker.pro GTS CA 1P5	`2024-02-27` - `2024-05-27`	3 months	crt.sh
vittullo.info GTS CA 1P5	`2024-02-15` - `2024-05-15`	3 months	crt.sh
adblockology.com E1	`2024-02-15` - `2024-05-15`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://videoadblocker.pro/lp.php?gl=butrYwy1bhAppi&_z=13&gs=17120312&go=3611f3c7e8b959f0546f75ad9d6b85c8&gn=tr&gq=924523
Frame ID: 430E7C5D133B703752C9A841D2A86FE2
Requests: 26 HTTP requests in this frame

Frame: https://cdn.cloudimagesb.com/bi/3f/e9/f1/3fe9f197dcd144a51fef01167dc5b714/1682677370.jpg
Frame ID: 90F26483E674488B72CB2EF072B407E4
Requests: 1 HTTP requests in this frame

Frame: https://vittullo.info/a.php?id=0079&e=VPGCNBK0FG&c=butrYwy1bhAppi&r=tr&cid=3611f3c7e8b959f0546f75ad9d6b85c8&z=17120312&m=924523&v=13&dr=https%3A%2F%2Ftop.crashnewstoday.com%2F&inw=1600&inh=1200
Frame ID: 268BFB22820690A42AC385D2C21BA2A5
Requests: 1 HTTP requests in this frame

Frame: https://adblockology.com/clear.php
Frame ID: 5E872013CF378ED39E899E39BD3837DF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ad Blocker for Google & Youtube

Page URL History Show full URLs

http://wee.so/CamNBC1 HTTP 301
https://wee.so/CamNBC1 HTTP 301
https://d07b99d.altsportscenter.com/9d30c411ae6e HTTP 302
https://top.crashnewstoday.com/p/warning-graphic-content-video.html Page URL
https://videoadblocker.pro/lp.php?gl=butrYwy1bhAppi&_z=13&gs=17120312&go=3611f3c7e8b959f0546f75ad9d6b85... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

29
Requests

86 %
HTTPS

0 %
IPv6

24
Domains

25
Subdomains

20
IPs

5
Countries

426 kB
Transfer

982 kB
Size

37
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://adblockology.com/
Title: Jatka

Search URL Search Domain Scan URL

URL: https://adblockology.com/privacy-policy.php
Title: Tietosuoja

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://wee.so/CamNBC1 HTTP 301
https://wee.so/CamNBC1 HTTP 301
https://d07b99d.altsportscenter.com/9d30c411ae6e HTTP 302
https://top.crashnewstoday.com/p/warning-graphic-content-video.html Page URL
https://videoadblocker.pro/lp.php?gl=butrYwy1bhAppi&_z=13&gs=17120312&go=3611f3c7e8b959f0546f75ad9d6b85c8&gn=tr&gq=924523 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://wee.so/CamNBC1 HTTP 301
https://wee.so/CamNBC1 HTTP 301
https://d07b99d.altsportscenter.com/9d30c411ae6e HTTP 302
https://top.crashnewstoday.com/p/warning-graphic-content-video.html

Request Chain 15

https://weeprobbery.com/watch.1396649640826.js?key=98c10e6effda849f32aa66b9c58514eb&kw=%5B%22warning%22%2C%22graphic%22%2C%22content%22%2C%22video%EF%B8%8F%22%2C%22-%22%2C%22youtube%22%5D&refer=https%3A%2F%2Ftop.crashnewstoday.com%2Fp%2Fwarning-graphic-content-video.html&tz=2&dev=r&res=14.31&uuid=640643fa-1509-4f5d-8c17-921ad6c0a9a1%3A2%3A1 HTTP 307
https://weeprobbery.com/watch.1396649640826.js?dev=r&key=98c10e6effda849f32aa66b9c58514eb&kw=%5B%22warning%22%2C%22graphic%22%2C%22content%22%2C%22video%EF%B8%8F%22%2C%22-%22%2C%22youtube%22%5D&pst=1710011642&refer=https%3A%2F%2Ftop.crashnewstoday.com%2Fp%2Fwarning-graphic-content-video.html&res=14.31&rmtc=t&shu=e88513a4815e5d057bd56639b9916af021371e039104c082210c2f3907020cf802c5e7aa3722b4c1d1e7c8a0798a7ff24c75b98d52d9ae77030c580aab90d16d271ebda4cc5b61ac1412b3365df8253fe1f91bfdeeb3ecc0fcf70b37d30f512bdfbb90&tz=2&uuid=640643fa-1509-4f5d-8c17-921ad6c0a9a1%3A2%3A1

Request Chain 20

https://distantbelly.com/watch.1715386784.js?key=936f6834ed3a379b1118e3ed44194f03&kw=%5B%22warning%22%2C%22graphic%22%2C%22content%22%2C%22video%EF%B8%8F%22%2C%22-%22%2C%22youtube%22%5D&refer=https%3A%2F%2Ftop.crashnewstoday.com%2Fp%2Fwarning-graphic-content-video.html&tz=2&dev=r&res=14.31&uuid=640643fa-1509-4f5d-8c17-921ad6c0a9a1%3A2%3A1 HTTP 307
https://distantbelly.com/watch.1715386784.js?dev=r&key=936f6834ed3a379b1118e3ed44194f03&kw=%5B%22warning%22%2C%22graphic%22%2C%22content%22%2C%22video%EF%B8%8F%22%2C%22-%22%2C%22youtube%22%5D&pst=1710011644&refer=https%3A%2F%2Ftop.crashnewstoday.com%2Fp%2Fwarning-graphic-content-video.html&res=14.31&rmtc=t&shu=8b9e0810bd516b390654b45e9fe20e1759335615a9da08fff34953217f0555b06aa1fbde7ee680ac98eb671b041b835397c6881f954433b6ba0376c7f087ef660f2ae6ae5d32112e85acb3b430a6bc676a8ffdcda883ea3eb703cca22622602b60e95e&tz=2&uuid=640643fa-1509-4f5d-8c17-921ad6c0a9a1%3A2%3A1

29 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

warning-graphic-content-video.html Show response
top.crashnewstoday.com/p/
Redirect Chain

http://wee.so/CamNBC1
https://wee.so/CamNBC1
https://d07b99d.altsportscenter.com/9d30c411ae6e
https://top.crashnewstoday.com/p/warning-graphic-content-video.html

113 KB
28 KB

918ms
355ms

Document
text/html

142.250.185.179
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://top.crashnewstoday.com/p/warning-graphic-content-video.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.179 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f19.1e100.net

Software

GSE /

Resource Hash

ffaa7afdc6d160a7ee5525918cbba4cd0baf5b354d7020b58e835caf4784a203

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-length: 28116
content-type: text/html; charset=UTF-8
date: Sat, 09 Mar 2024 19:12:58 GMT
etag: W/"01329a57e6047c9fd85d4cf28892b100ed5e1df136a37af19290578e3340bf72"
expires: Sat, 09 Mar 2024 19:12:58 GMT
last-modified: Thu, 29 Feb 2024 19:15:53 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 861d61213a4d0b59-OSL
content-type: text/html; charset=UTF-8
date: Sat, 09 Mar 2024 19:12:57 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://top.crashnewstoday.com/p/warning-graphic-content-video.html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pJedNgxwXDLIlzPD0N5QEX2kUCMrXRcu9VfM07ihrVJAEucDgKk2RIJhgqXjwVDIP3pTsm2SSbWrnKOb7dyL2X3YFuzlaX0hUS1gI7Hv4h7Bhn7oDICUigrzVUIY5NXcdCULIGNu5b8wS3J%2FhQk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 552ms
90ms Script
text/javascript 104.20.67.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: top.crashnewstoday.com
URL: https://top.crashnewstoday.com/p/warning-graphic-content-video.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.67.115 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://top.crashnewstoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 19:12:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 10891
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 861d612ffbd8d93b-HEL
content-length: 4547

GET
H/1.1 200
OK ed7c3604a0b0c5f3b8307a079fdafcf4.js Show response
difficultywithhold.com/ed/7c/36/ 75 KB
28 KB 1490ms
303ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://difficultywithhold.com/ed/7c/36/ed7c3604a0b0c5f3b8307a079fdafcf4.js

Requested by

Host: top.crashnewstoday.com
URL: https://top.crashnewstoday.com/p/warning-graphic-content-video.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.5 /

Resource Hash

051ad29cb6feedb21bdf40f33efca88090a0d5829bdcc7b4485cf54bcc97e9f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://top.crashnewstoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Sat, 09 Mar 2024 19:12:59 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Cache-Control: no-cache
Connection: keep-alive
X-Request-ID: 63e908b3812614d235b9e16fd8b8a499
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 524ms
79ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: top.crashnewstoday.com
URL: https://top.crashnewstoday.com/p/warning-graphic-content-video.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://top.crashnewstoday.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 19:12:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 73008
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qeKXfo5i9P%2BYmiT%2BKO03ItMDugf7J%2FGRiEmcal%2BnSFfpkD9i6uFsOgwKyQWA83Q1zEIyIA0cnRdbPtrUv8X1gfiuZZH%2BAK6kDFKj3l%2FiRNGn59IpXXfq0VUg1bAWgzgpWudJlT3p"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 861d612fea42c7de-TLL
expires: Thu, 27 Feb 2025 19:12:58 GMT

GET
H2 200 cookienotice.js Show response
top.crashnewstoday.com/js/ 6 KB
2 KB 108ms
108ms Script
text/javascript 142.250.185.179
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://top.crashnewstoday.com/js/cookienotice.js

Requested by

Host: top.crashnewstoday.com
URL: https://top.crashnewstoday.com/p/warning-graphic-content-video.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.179 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f19.1e100.net

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://top.crashnewstoday.com/p/warning-graphic-content-video.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 19:12:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 09 Mar 2024 18:57:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2026
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 16 Mar 2024 19:12:59 GMT

GET
H2 200 120656894-widgets.js Show response
www.blogger.com/static/v1/widgets/ 141 KB
51 KB 654ms
102ms Script
text/javascript 142.250.181.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/120656894-widgets.js

Requested by

Host: top.crashnewstoday.com
URL: https://top.crashnewstoday.com/p/warning-graphic-content-video.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.233 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f9.1e100.net

Software

sffe /

Resource Hash

278837f70571e9b787ed2ab26e76a179094ed768cdcfb8441d9035c312286ead

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://top.crashnewstoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 08:50:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 382969
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51446
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 21:57:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 05 Mar 2025 08:50:09 GMT

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 51 B
185 B 641ms
289ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4657141&@f16&@g1&@h1&@i1&@j1710011578937&@k0&@l1&@mWARNING%20GRAPHIC%20CONTENT%20VIDEO%EF%B8%8F%20-%20Youtube&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-170342864&@b3:1710011579&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Ftop.crashnewstoday.com%2Fp%2Fwarning-graphic-content-video.html&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: c8e6ec72b16eae42bf4b57698e0f9cd1d701187802a967b8303f36993b69ea8c

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://top.crashnewstoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Sat, 09 Mar 2024 19:12:51 GMT
Connection: close
Content-Length: 51
Content-Type: text/html;charset=UTF-8

GET
H2 200 sfp.js Show response
friendshipmale.com/ 83 KB
27 KB 698ms
215ms Script
application/javascript 104.21.234.33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://friendshipmale.com/sfp.js

Requested by

Host: difficultywithhold.com
URL: https://difficultywithhold.com/ed/7c/36/ed7c3604a0b0c5f3b8307a079fdafcf4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.234.33 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac84c2f8288b59f8e04ba77287ce696052bfeee0d462a566d94dc305df646c95

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://top.crashnewstoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 19:13:00 GMT
strict-transport-security: max-age=0; includeSubdomains
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
x-request-id: a7cf2f4a8312bc81b1fa45d87761e8dc
last-modified: Sat, 09 Mar 2024 19:13:00 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bXsPImcr5EDfb%2BiD6KiktwbQWNwh1c1oGwdW6erXsJzr23R83vaCL77a%2BHjghyJfL2Iv0kJe8rEZk1MpctxI97dHcXmnN%2Bc9TiRj5qIYZP17SXVGoRtEyUCg4NiuTI%2FXdmkNU5c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 861d613a9e80ca68-HAM
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 stats Show response
proftrafficcounter.com/ 40 B
304 B 286ms
95ms XHR
text/html 3.64.37.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://proftrafficcounter.com/stats
Requested by: Host: difficultywithhold.com
URL: https://difficultywithhold.com/ed/7c/36/ed7c3604a0b0c5f3b8307a079fdafcf4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.37.204 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-37-204.eu-central-1.compute.amazonaws.com
Software: fasthttp /
Resource Hash: 45c752a8b89d7cd7f165edba808fbadb4c26e4fa8d2d55827c671983d68164c1

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://top.crashnewstoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-origin: https://top.crashnewstoday.com
date: Sat, 09 Mar 2024 19:13:00 GMT
access-control-allow-credentials: true
server: fasthttp
content-length: 40
vary: Origin
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK purst
stopperlovingplough.com/pixel/ 0
469 B 602ms
272ms Image
text/plain 172.240.108.84
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stopperlovingplough.com/pixel/purst?dl=0&th=0&sc=0&rs=5887.399997711182&rd=5887.399997711182&fd=1614.7999992370605&bv=24.2.2196&tmpl=70
Requested by: Host: top.crashnewstoday.com
URL: https://top.crashnewstoday.com/p/warning-graphic-content-video.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.240.108.84 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://top.crashnewstoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Sat, 09 Mar 2024 19:13:00 GMT
Server: nginx/1.21.6
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
684 B 206ms
206ms Stylesheet
text/css 142.250.181.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=1613502938091371969&zx=5db27ac3-4e22-44f9-abd9-a8b1307c2484

Requested by

Host: top.crashnewstoday.com
URL: https://top.crashnewstoday.com/p/warning-graphic-content-video.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.233 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f9.1e100.net

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://top.crashnewstoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Sat, 09 Mar 2024 19:13:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 09 Mar 2024 19:13:00 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK invoke.js Show response
pollingramblefunctions.com/98c10e6effda849f32aa66b9c58514eb/ 31 KB
12 KB 1729ms
325ms Script
application/javascript 192.243.61.225
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pollingramblefunctions.com/98c10e6effda849f32aa66b9c58514eb/invoke.js

Requested by

Host: top.crashnewstoday.com
URL: https://top.crashnewstoday.com/p/warning-graphic-content-video.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

5e15b9ef1ae6ba85f5269f609d964a42b2da1b061116906aa05240e2c73d9928

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://top.crashnewstoday.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sat, 09 Mar 2024 19:13:01 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Cache-Control: no-cache
Connection: keep-alive
X-Request-ID: 4c8e51cd4291604d60766209bf9c2957
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ 15 KB
16 KB 664ms
151ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: top.crashnewstoday.com
URL: https://top.crashnewstoday.com/p/warning-graphic-content-video.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.crashnewstoday.com/
Origin: https://top.crashnewstoday.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 08:58:11 GMT
x-content-type-options: nosniff
age: 382489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15736
x-xss-protection: 0
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Mar 2025 08:58:11 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ 15 KB
16 KB 677ms
166ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: top.crashnewstoday.com
URL: https://top.crashnewstoday.com/p/warning-graphic-content-video.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.crashnewstoday.com/
Origin: https://top.crashnewstoday.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 22:19:45 GMT
x-content-type-options: nosniff
age: 420795
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15816
x-xss-protection: 0
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Mar 2025 22:19:45 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
88 B 506ms
506ms Stylesheet
text/css 142.250.181.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=1613502938091371969&zx=5db27ac3-4e22-44f9-abd9-a8b1307c2484

Requested by

Host: top.crashnewstoday.com
URL: https://top.crashnewstoday.com/p/warning-graphic-content-video.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.233 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f9.1e100.net

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://top.crashnewstoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Sat, 09 Mar 2024 19:13:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 09 Mar 2024 19:13:00 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

watch.1396649640826.js Show response
weeprobbery.com/
Redirect Chain

https://weeprobbery.com/watch.1396649640826.js?key=98c10e6effda849f32aa66b9c58514eb&kw=%5B%22warning%22%2C%22graphic%22%2C%22content%22%2C%22video%EF%B8%8F%22%2C%22-%22%2C%22youtube%22%5D&refer=htt...
https://weeprobbery.com/watch.1396649640826.js?dev=r&key=98c10e6effda849f32aa66b9c58514eb&kw=%5B%22warning%22%2C%22graphic%22%2C%22content%22%2C%22video%EF%B8%8F%22%2C%22-%22%2C%22youtube%22%5D&pst...

3 KB
3 KB

190ms
190ms

XHR
text/html

172.240.108.68
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://weeprobbery.com/watch.1396649640826.js?dev=r&key=98c10e6effda849f32aa66b9c58514eb&kw=%5B%22warning%22%2C%22graphic%22%2C%22content%22%2C%22video%EF%B8%8F%22%2C%22-%22%2C%22youtube%22%5D&pst=1710011642&refer=https%3A%2F%2Ftop.crashnewstoday.com%2Fp%2Fwarning-graphic-content-video.html&res=14.31&rmtc=t&shu=e88513a4815e5d057bd56639b9916af021371e039104c082210c2f3907020cf802c5e7aa3722b4c1d1e7c8a0798a7ff24c75b98d52d9ae77030c580aab90d16d271ebda4cc5b61ac1412b3365df8253fe1f91bfdeeb3ecc0fcf70b37d30f512bdfbb90&tz=2&uuid=640643fa-1509-4f5d-8c17-921ad6c0a9a1%3A2%3A1

Requested by

Host: top.crashnewstoday.com
URL: https://top.crashnewstoday.com/p/warning-graphic-content-video.html

Protocol

HTTP/1.1

Server

172.240.108.68 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

fa6691a1785b1d227096c6e14bcb5f25c61887fa10ee14838e34d7b663cb8d7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://top.crashnewstoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Sat, 09 Mar 2024 19:13:02 GMT
Custom-Referer: https://top.crashnewstoday.com
Content-Encoding: gzip
Strict-Transport-Security: max-age=0; includeSubdomains
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: text/html
Access-Control-Allow-Origin: https://top.crashnewstoday.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Request-ID: a956e8334b0e88d4d61eb8459720040c
Expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Date: Sat, 09 Mar 2024 19:13:02 GMT
Custom-Referer: https://top.crashnewstoday.com
Strict-Transport-Security: max-age=0; includeSubdomains
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: text/html
Access-Control-Allow-Origin: https://top.crashnewstoday.com
Location: https://weeprobbery.com/watch.1396649640826.js?dev=r&key=98c10e6effda849f32aa66b9c58514eb&kw=%5B%22warning%22%2C%22graphic%22%2C%22content%22%2C%22video%EF%B8%8F%22%2C%22-%22%2C%22youtube%22%5D&pst=1710011642&refer=https%3A%2F%2Ftop.crashnewstoday.com%2Fp%2Fwarning-graphic-content-video.html&res=14.31&rmtc=t&shu=e88513a4815e5d057bd56639b9916af021371e039104c082210c2f3907020cf802c5e7aa3722b4c1d1e7c8a0798a7ff24c75b98d52d9ae77030c580aab90d16d271ebda4cc5b61ac1412b3365df8253fe1f91bfdeeb3ecc0fcf70b37d30f512bdfbb90&tz=2&uuid=640643fa-1509-4f5d-8c17-921ad6c0a9a1%3A2%3A1
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
X-Request-ID: 3167c10a9354569ffd1a7f24bad8ca62
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK 1145ebfd7ae2896af59dcf66d2d247a7.js Show response
weeprobbery.com/11/45/eb/ 74 KB
28 KB 605ms
279ms Script
application/javascript 172.240.108.68
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://weeprobbery.com/11/45/eb/1145ebfd7ae2896af59dcf66d2d247a7.js

Requested by

Host: pollingramblefunctions.com
URL: https://pollingramblefunctions.com/98c10e6effda849f32aa66b9c58514eb/invoke.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.240.108.68 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

5e5de2c6875ced0f4b6ab48c8d4998bd6557db56efda64449db61db9bb89b834

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://top.crashnewstoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Sat, 09 Mar 2024 19:13:02 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Cache-Control: no-cache
Connection: keep-alive
X-Request-ID: d929c705c8a638787eb6badbc25ed28f
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK invoke.js Show response
greenhousecape.com/936f6834ed3a379b1118e3ed44194f03/ 31 KB
12 KB 1985ms
276ms Script
application/javascript 172.240.108.84
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://greenhousecape.com/936f6834ed3a379b1118e3ed44194f03/invoke.js

Requested by

Host: top.crashnewstoday.com
URL: https://top.crashnewstoday.com/p/warning-graphic-content-video.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.240.108.84 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

efc71f1ee9c0b9d20767ab59a1ec554de935bb1c2f6eda513e7b6596f385d0af

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://top.crashnewstoday.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sat, 09 Mar 2024 19:13:03 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Cache-Control: no-cache
Connection: keep-alive
X-Request-ID: 820cee816f0994617ae7c7bf11e74672
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK purst
unemploymentinstinctiverite.com/pixel/ 0
469 B 500ms
161ms Image
text/plain 172.240.127.234
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://unemploymentinstinctiverite.com/pixel/purst?dl=0&th=0&sc=0&rs=8381.79999923706&rd=8381.79999923706&fd=717.9000015258789&bv=24.2.2196&tmpl=136
Requested by: Host: top.crashnewstoday.com
URL: https://top.crashnewstoday.com/p/warning-graphic-content-video.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.240.127.234 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://top.crashnewstoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Sat, 09 Mar 2024 19:13:02 GMT
Server: nginx/1.21.6
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 1682677370.jpg
cdn.cloudimagesb.com/bi/3f/e9/f1/3fe9f197dcd144a51fef01167dc5b714/ Frame 90F2 45 KB
45 KB 344ms
133ms Image
image/jpeg 45.133.44.10
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cloudimagesb.com/bi/3f/e9/f1/3fe9f197dcd144a51fef01167dc5b714/1682677370.jpg
Requested by: Host: top.crashnewstoday.com
URL: https://top.crashnewstoday.com/p/warning-graphic-content-video.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.10 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: 2b33bbaaa811fa085e8b73cf11896d5a496fd0ab221067cf8a7d3eb735eecd43

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: Mon, 11 Mar 2024 19:13:02 GMT
date: Sat, 09 Mar 2024 19:13:02 GMT
last-modified: Fri, 28 Apr 2023 10:22:58 GMT
server: nginx/1.21.6
etag: "644b9e82-b452"
content-type: image/jpeg
cache-control: max-age=172800
accept-ranges: bytes
content-length: 46162
x-proxy-cache: HIT

GET
H/1.1

200
OK

watch.1715386784.js
distantbelly.com/
Redirect Chain

https://distantbelly.com/watch.1715386784.js?key=936f6834ed3a379b1118e3ed44194f03&kw=%5B%22warning%22%2C%22graphic%22%2C%22content%22%2C%22video%EF%B8%8F%22%2C%22-%22%2C%22youtube%22%5D&refer=https...
https://distantbelly.com/watch.1715386784.js?dev=r&key=936f6834ed3a379b1118e3ed44194f03&kw=%5B%22warning%22%2C%22graphic%22%2C%22content%22%2C%22video%EF%B8%8F%22%2C%22-%22%2C%22youtube%22%5D&pst=1...

1 KB
2 KB

176ms
176ms

XHR
text/html

172.240.127.234
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://distantbelly.com/watch.1715386784.js?dev=r&key=936f6834ed3a379b1118e3ed44194f03&kw=%5B%22warning%22%2C%22graphic%22%2C%22content%22%2C%22video%EF%B8%8F%22%2C%22-%22%2C%22youtube%22%5D&pst=1710011644&refer=https%3A%2F%2Ftop.crashnewstoday.com%2Fp%2Fwarning-graphic-content-video.html&res=14.31&rmtc=t&shu=8b9e0810bd516b390654b45e9fe20e1759335615a9da08fff34953217f0555b06aa1fbde7ee680ac98eb671b041b835397c6881f954433b6ba0376c7f087ef660f2ae6ae5d32112e85acb3b430a6bc676a8ffdcda883ea3eb703cca22622602b60e95e&tz=2&uuid=640643fa-1509-4f5d-8c17-921ad6c0a9a1%3A2%3A1

Requested by

Host: top.crashnewstoday.com
URL: https://top.crashnewstoday.com/p/warning-graphic-content-video.html

Protocol

HTTP/1.1

Server

172.240.127.234 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://top.crashnewstoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Sat, 09 Mar 2024 19:13:04 GMT
Custom-Referer: https://top.crashnewstoday.com
Content-Encoding: gzip
Strict-Transport-Security: max-age=0; includeSubdomains
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: text/html
Access-Control-Allow-Origin: https://top.crashnewstoday.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Request-ID: 8bf82cef076e82350dcd05b1946b742c
Expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Date: Sat, 09 Mar 2024 19:13:04 GMT
Custom-Referer: https://top.crashnewstoday.com
Strict-Transport-Security: max-age=0; includeSubdomains
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: text/html
Access-Control-Allow-Origin: https://top.crashnewstoday.com
Location: https://distantbelly.com/watch.1715386784.js?dev=r&key=936f6834ed3a379b1118e3ed44194f03&kw=%5B%22warning%22%2C%22graphic%22%2C%22content%22%2C%22video%EF%B8%8F%22%2C%22-%22%2C%22youtube%22%5D&pst=1710011644&refer=https%3A%2F%2Ftop.crashnewstoday.com%2Fp%2Fwarning-graphic-content-video.html&res=14.31&rmtc=t&shu=8b9e0810bd516b390654b45e9fe20e1759335615a9da08fff34953217f0555b06aa1fbde7ee680ac98eb671b041b835397c6881f954433b6ba0376c7f087ef660f2ae6ae5d32112e85acb3b430a6bc676a8ffdcda883ea3eb703cca22622602b60e95e&tz=2&uuid=640643fa-1509-4f5d-8c17-921ad6c0a9a1%3A2%3A1
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
X-Request-ID: 71cde3dada90b8e5817cb322b7aeaebc
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET invoke.js
italianbeepimpediment.com/c31b4cd4a9f4c0918ccafbc41beae27a/ 0
0

GET
H2 200 ace1b0c0-fa4a-4c3d-ae39-b7fbdc7cb6ac-large-Scale-police-Getty-Images899711132.jpg
i.ibb.co/vDCc7Bn/ 32 KB
33 KB 486ms
151ms Image
image/jpeg 162.19.58.161
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/vDCc7Bn/ace1b0c0-fa4a-4c3d-ae39-b7fbdc7cb6ac-large-Scale-police-Getty-Images899711132.jpg
Requested by: Host: top.crashnewstoday.com
URL: https://top.crashnewstoday.com/p/warning-graphic-content-video.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096669.ip-162-19-58.eu
Software: nginx /
Resource Hash: 3f6f5239b61da0d72a0a344eb6f7be4f6907d66bf2a0963ed65747f664189216

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://top.crashnewstoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 19:13:04 GMT
last-modified: Tue, 16 May 2023 11:59:43 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33053
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 66ms
65ms Font
application/octet-stream 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://top.crashnewstoday.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 19:13:03 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2123612
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JVQWrUoCH4zhapVD46UpRUA1u6nDlIJDHp1Dp0EPhld3lEdfcCohUBze8UpCGS0LqeoLxv47X26ahhDWad3ZVCuoxYFGNgg40r87s5vPwm7qLGd9dQpynxDN2STCoNIaPfUXw%2BM2"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 861d614ecfc7c7de-TLL
expires: Thu, 27 Feb 2025 19:13:03 GMT

GET
H2 200 Primary Request lp.php Show response
videoadblocker.pro/ 8 KB
3 KB 791ms
310ms Document
text/html 172.67.137.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://videoadblocker.pro/lp.php?gl=butrYwy1bhAppi&_z=13&gs=17120312&go=3611f3c7e8b959f0546f75ad9d6b85c8&gn=tr&gq=924523
Requested by: Host: top.crashnewstoday.com
URL: https://top.crashnewstoday.com/p/warning-graphic-content-video.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.137.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 100f5b7a0133b596a29bc8814a047f376c1d674bd2b12fc466058d35a5cdf4ce

Request headers

Referer: https://top.crashnewstoday.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 861d6156ea6856a4-OSL
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 09 Mar 2024 19:13:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rpqv178ojGH698iBHVp3yIQbreEU6lIfRw2fw4mJYlPbVnfpwqhmPt15BYqnnctFMd3j45kBT%2FilvBF7O%2F2FSEhMtyhUGYt4e%2FBjM8NL4jemFjdSPjXlkvhP2vFFHm9MSCPXnuE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/ 190 KB
29 KB 539ms
98ms Stylesheet
text/css 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css

Requested by

Host: videoadblocker.pro
URL: https://videoadblocker.pro/lp.php?gl=butrYwy1bhAppi&_z=13&gs=17120312&go=3611f3c7e8b959f0546f75ad9d6b85c8&gn=tr&gq=924523

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://videoadblocker.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 19:13:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9227417
x-jsd-version: 5.2.3
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230122-FRA, cache-bma1621-BMA
x-jsd-version-type: version
server: cloudflare
etag: W/"2f955-d5HdHzFzoNYsw5wh0q1x/I2tDnI"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EjBLIp9tjq3pRqmDzZZbTKkJY3C7Ej6oiup1LrSMvtxS6HNdK9o9pjjTYlNagixGelOK%2FeF8ZdZnI%2FtONnRmO723PQroVwWRpHtxNAGJeAOlt1t2phoiJrtWwtbl0UFl6yA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 861d615b7d4170fe-HEL

GET icon.png
gcjpbmhldpkkabppgaljnohpelojbcak/ 0
0

GET
H2 200 a.php Show response
vittullo.info/ Frame 268B 96 B
1 KB 607ms
130ms Document
text/html 104.21.61.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vittullo.info/a.php?id=0079&e=VPGCNBK0FG&c=butrYwy1bhAppi&r=tr&cid=3611f3c7e8b959f0546f75ad9d6b85c8&z=17120312&m=924523&v=13&dr=https%3A%2F%2Ftop.crashnewstoday.com%2F&inw=1600&inh=1200
Requested by: Host: videoadblocker.pro
URL: https://videoadblocker.pro/lp.php?gl=butrYwy1bhAppi&_z=13&gs=17120312&go=3611f3c7e8b959f0546f75ad9d6b85c8&gn=tr&gq=924523
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.61.96 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d5f7d977f9b96d4f7abe30653ea52b3406938d5175ebb743bf839beab7f59f6

Request headers

Referer: https://videoadblocker.pro/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 861d615f3d275690-OSL
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 09 Mar 2024 19:13:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yQ7Nvof3LtmCCkWO8RT4uvhgLsQQAvqLPv2u4kItVYoIyGg%2B2SUoa5%2BtSmOc7I5z%2BFKMZtDWuRqGHkVe%2B2kusimMyD%2BL2%2BNoR7adrkg7UlfCKju5wDxeNmzaNIwQdxML"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 clear.php Show response
adblockology.com/ Frame 5E87 0
521 B 590ms
126ms Document
text/html 104.21.93.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adblockology.com/clear.php
Requested by: Host: videoadblocker.pro
URL: https://videoadblocker.pro/lp.php?gl=butrYwy1bhAppi&_z=13&gs=17120312&go=3611f3c7e8b959f0546f75ad9d6b85c8&gn=tr&gq=924523
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.93.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://videoadblocker.pro/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 861d615f3fb156ae-OSL
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 09 Mar 2024 19:13:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SHS70zxojgcT1Ji8IecD1NtiLuiKsAistPcc%2FW8KNzQVPUioflZUQq2w44slIfA3Mi6OTTWpojodyB%2FfhsMP2iRaFyzFsp06UDxNsTceIVytzD6HqJPklbq28qGEKhfC3JIc"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: italianbeepimpediment.com
URL: https://italianbeepimpediment.com/c31b4cd4a9f4c0918ccafbc41beae27a/invoke.js

Domain: gcjpbmhldpkkabppgaljnohpelojbcak
URL: chrome-extension://gcjpbmhldpkkabppgaljnohpelojbcak/icon.png

Verdicts & Comments Add Verdict or Comment

Malicious task.url
Submitted on March 9th 2024, 7:17:40 pm UTC — From United States

Threats: Phishing Brand Impersonation Social Engineering
Comment: Scam site redirects to a McAfee phishing site

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
wee.so/	1970-01-20 19:00:18	Name: XSRF-TOKEN Value: eyJpdiI6InZCOXY4S0xEZWhDeWxOWUlCMFRUM2c9PSIsInZhbHVlIjoiMFpjdTRYQW9tUjdYRFhSNWY3Tnh1NHptNWVmTUFEeHY5d3hvVmh2SGtPcXYrNSt1Ym91TnhYeXJhZ3dnRXZBbmxqMm8zcWhvNnp2TDNzUFJzTHFiVFJrNmZuODFKQTlsMVkwWVJiMEora3k2eHBCWk5rck1kVGppbjB1RkhtNWkiLCJtYWMiOiI2ZjhlY2IwZmQxMjdiY2M2MDRiODI0NDRhYjdjYjc2YzcwOWVhMWJlZDE5NDU0NmVkMGI0MDNhNjkwM2U5YmY5In0%3D
wee.so/	1970-01-20 19:00:18	Name: wee_session Value: eyJpdiI6IitiNnBEXC9yRk1waHJJOHRhVkYrazdnPT0iLCJ2YWx1ZSI6IjFKekFEWWYzVFVtc2VJQTkzYUNvT0pjbGZVXC80dWFoNDlpSTdTTDlKUXc0ZXRoTExER0owcXpCTHRoVUVsTGU1ckFuSFY1WVk5WldVU00yU2FJaFpja0xhbzV0cDVqa2txVWVZd1wvWDRpWGYrUjliaG1mNU0yNGFaZmtUTVN2Q3MiLCJtYWMiOiIwZDc5ZjMxM2Q2MDhlZDM2NmNkMDYyYzI4NDIxMzg0MTkyYThhY2I0OTdkOTBhMWFiNjQxMDk4NmE2ZjMzODAyIn0%3D
wee.so/	1970-01-21 04:36:11	Name: dark_mode Value: 0
d07b99d.altsportscenter.com/	1970-01-21 03:45:47	Name: GNX-KHI8394qhfi Value: 73pd6ae1rs4suqfrn38003nhdt
top.crashnewstoday.com/	1970-01-21 03:45:47	Name: HstCfa4657141 Value: 1710011578937
top.crashnewstoday.com/	1970-01-21 03:45:47	Name: HstCla4657141 Value: 1710011578937
top.crashnewstoday.com/	1970-01-21 03:45:47	Name: HstCmu4657141 Value: 1710011578937
top.crashnewstoday.com/	1970-01-21 03:45:47	Name: HstPn4657141 Value: 1
top.crashnewstoday.com/	1970-01-21 03:45:47	Name: HstPt4657141 Value: 1
top.crashnewstoday.com/	1970-01-21 03:45:47	Name: HstCnv4657141 Value: 1
top.crashnewstoday.com/	1970-01-21 03:45:47	Name: HstCns4657141 Value: 1
proftrafficcounter.com/	1970-01-21 04:36:11	Name: uid_id2 Value: 640643fa-1509-4f5d-8c17-921ad6c0a9a1:2:1
top.crashnewstoday.com/	1969-12-31 23:59:59	Name: dom3ic8zudi28v8lr6fgphwffqoz0j6c Value: 640643fa-1509-4f5d-8c17-921ad6c0a9a1%3A2%3A1
top.crashnewstoday.com/	1970-01-20 19:00:18	Name: pp_main_ed7c3604a0b0c5f3b8307a079fdafcf4 Value: 1
weeprobbery.com/	1970-01-20 19:01:37	Name: u_pl Value: 19057199
weeprobbery.com/	1970-01-20 19:00:11	Name: ain Value: eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTA1NzE5OSwiayI6Ijk4YzEwZTZlZmZkYTg0OWYzMmFhNjZiOWM1ODUxNGViIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDk1MjQwLCJwaWQiOjQ1MzMzMCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjoyMywicHQiOjQsInBrIjoidDBjY2Y0aTUiLCJjcGtzIjp7IjI4IjoiMTE0NWViZmQ3YWUyODk2YWY1OWRjZjY2ZDJkMjQ3YTcifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjIyNjc2NzQyMSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzMTM4NCwiYm4iOiJDaHJvbWUiLCJidiI6IjEyMiIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjcwLCJjIjoiRkkiLCJuIjoiRmlubGFuZCJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IlRlbGlhIEZpbmxhbmQifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3RvcC5jcmFzaG5ld3N0b2RheS5jb20vcC93YXJuaW5nLWdyYXBoaWMtY29udGVudC12aWRlby5odG1sIiwiYXIiOltdfX0.T8FfgzUQpdYjwYStE_29qtXgpcP5NGj_oCLi8DmQS9k
weeprobbery.com/	1970-01-20 19:10:16	Name: uid_id2 Value: 640643fa-1509-4f5d-8c17-921ad6c0a9a1:2:1
weeprobbery.com/	1970-01-20 19:01:37	Name: pdhtkv Value: true
weeprobbery.com/	1970-01-20 19:01:37	Name: uncs Value: 1
weeprobbery.com/	1970-01-20 19:01:37	Name: pdhtkv23 Value: true
weeprobbery.com/	1970-01-20 19:01:37	Name: uncs23 Value: 1
top.crashnewstoday.com/	1970-01-20 19:00:15	Name: pp_main_1145ebfd7ae2896af59dcf66d2d247a7 Value: 1
top.crashnewstoday.com/	1970-01-20 19:00:11	Name: pp_idelay_1145ebfd7ae2896af59dcf66d2d247a7 Value: 1
distantbelly.com/	1970-01-20 19:01:37	Name: u_pl Value: 17120312
distantbelly.com/	1970-01-20 19:00:11	Name: ain Value: eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzEyMDMxMiwiayI6IjkzNmY2ODM0ZWQzYTM3OWIxMTE4ZTNlZDQ0MTk0ZjAzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzMwNjI4LCJwaWQiOjM2MjM2OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyMywicHQiOjQsInBrIjoieWp1YXQ0N3kiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjI2NzY3NDIxLCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTMxMzg0LCJibiI6IkNocm9tZSIsImJ2IjoiMTIyIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6NzAsImMiOiJGSSIsIm4iOiJGaW5sYW5kIn0sImEiOmZhbHNlLCJjciI6eyJuIjoiVGVsaWEgRmlubGFuZCJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vdG9wLmNyYXNobmV3c3RvZGF5LmNvbS9wL3dhcm5pbmctZ3JhcGhpYy1jb250ZW50LXZpZGVvLmh0bWwiLCJhciI6W119fQ.Xh7P4ljr1A2Z8jXwH3-FuGQ0sonZAkxxvcHVtmKwXgg
distantbelly.com/	1970-01-20 19:10:16	Name: uid_id2 Value: 640643fa-1509-4f5d-8c17-921ad6c0a9a1:2:1
distantbelly.com/	1970-01-20 19:01:37	Name: iprcf2adaf2656eecc01eeefe81ac2731969 Value: 5044559
distantbelly.com/	1970-01-20 19:01:37	Name: pdhtkv Value: true
distantbelly.com/	1970-01-20 19:01:37	Name: uncs Value: 1
distantbelly.com/	1970-01-20 19:01:37	Name: pdhtkv23 Value: true
distantbelly.com/	1970-01-20 19:01:37	Name: uncs23 Value: 1
.vittullo.info/	1970-01-21 04:36:11	Name: c0079 Value: butrYwy1bhAppi
.vittullo.info/	1970-01-21 04:36:11	Name: r0079 Value: tr
.vittullo.info/	1970-01-21 04:36:11	Name: cid0079 Value: 3611f3c7e8b959f0546f75ad9d6b85c8
.vittullo.info/	1970-01-21 04:36:11	Name: z0079 Value: 17120312
.vittullo.info/	1970-01-21 04:36:11	Name: e0079 Value: VPGCNBK0FG
.vittullo.info/	1970-01-21 03:45:47	Name: _asd Value: 17100115861300315

35 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://top.crashnewstoday.com/p/warning-graphic-content-video.html(Line 231) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pollingramblefunctions.com/98c10e6effda849f32aa66b9c58514eb/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://top.crashnewstoday.com/p/warning-graphic-content-video.html(Line 231) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pollingramblefunctions.com/98c10e6effda849f32aa66b9c58514eb/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://top.crashnewstoday.com/p/warning-graphic-content-video.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	warning	URL: https://top.crashnewstoday.com/p/warning-graphic-content-video.html(Line 244) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://greenhousecape.com/936f6834ed3a379b1118e3ed44194f03/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://top.crashnewstoday.com/p/warning-graphic-content-video.html(Line 244) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://greenhousecape.com/936f6834ed3a379b1118e3ed44194f03/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://top.crashnewstoday.com/p/warning-graphic-content-video.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://top.crashnewstoday.com/p/warning-graphic-content-video.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://top.crashnewstoday.com/p/warning-graphic-content-video.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://top.crashnewstoday.com/p/warning-graphic-content-video.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://top.crashnewstoday.com/p/warning-graphic-content-video.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://top.crashnewstoday.com/p/warning-graphic-content-video.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://top.crashnewstoday.com/p/warning-graphic-content-video.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://top.crashnewstoday.com/p/warning-graphic-content-video.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://top.crashnewstoday.com/p/warning-graphic-content-video.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	warning	URL: https://top.crashnewstoday.com/p/warning-graphic-content-video.html(Line 852) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://italianbeepimpediment.com/c31b4cd4a9f4c0918ccafbc41beae27a/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://top.crashnewstoday.com/p/warning-graphic-content-video.html(Line 852) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://italianbeepimpediment.com/c31b4cd4a9f4c0918ccafbc41beae27a/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://top.crashnewstoday.com/p/warning-graphic-content-video.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://top.crashnewstoday.com/p/warning-graphic-content-video.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://top.crashnewstoday.com/p/warning-graphic-content-video.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://top.crashnewstoday.com/p/warning-graphic-content-video.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://top.crashnewstoday.com/p/warning-graphic-content-video.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://top.crashnewstoday.com/p/warning-graphic-content-video.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://top.crashnewstoday.com/p/warning-graphic-content-video.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://top.crashnewstoday.com/p/warning-graphic-content-video.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://top.crashnewstoday.com/p/warning-graphic-content-video.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://top.crashnewstoday.com/p/warning-graphic-content-video.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: https://videoadblocker.pro/lp.php?gl=butrYwy1bhAppi&_z=13&gs=17120312&go=3611f3c7e8b959f0546f75ad9d6b85c8&gn=tr&gq=924523(Line 42) Message: Access to XMLHttpRequest at 'chrome-extension://gcjpbmhldpkkabppgaljnohpelojbcak/icon.png' from origin 'https://videoadblocker.pro' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: chrome-extension://gcjpbmhldpkkabppgaljnohpelojbcak/icon.png Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://videoadblocker.pro/lp.php?gl=butrYwy1bhAppi&_z=13&gs=17120312&go=3611f3c7e8b959f0546f75ad9d6b85c8&gn=tr&gq=924523 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://videoadblocker.pro/lp.php?gl=butrYwy1bhAppi&_z=13&gs=17120312&go=3611f3c7e8b959f0546f75ad9d6b85c8&gn=tr&gq=924523 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://videoadblocker.pro/lp.php?gl=butrYwy1bhAppi&_z=13&gs=17120312&go=3611f3c7e8b959f0546f75ad9d6b85c8&gn=tr&gq=924523 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://videoadblocker.pro/lp.php?gl=butrYwy1bhAppi&_z=13&gs=17120312&go=3611f3c7e8b959f0546f75ad9d6b85c8&gn=tr&gq=924523 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://videoadblocker.pro/lp.php?gl=butrYwy1bhAppi&_z=13&gs=17120312&go=3611f3c7e8b959f0546f75ad9d6b85c8&gn=tr&gq=924523 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://videoadblocker.pro/lp.php?gl=butrYwy1bhAppi&_z=13&gs=17120312&go=3611f3c7e8b959f0546f75ad9d6b85c8&gn=tr&gq=924523 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://videoadblocker.pro/lp.php?gl=butrYwy1bhAppi&_z=13&gs=17120312&go=3611f3c7e8b959f0546f75ad9d6b85c8&gn=tr&gq=924523 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adblockology.com
cdn.cloudimagesb.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
d07b99d.altsportscenter.com
difficultywithhold.com
distantbelly.com
fonts.gstatic.com
friendshipmale.com
gcjpbmhldpkkabppgaljnohpelojbcak
greenhousecape.com
i.ibb.co
italianbeepimpediment.com
pollingramblefunctions.com
proftrafficcounter.com
s10.histats.com
s4.histats.com
stopperlovingplough.com
top.crashnewstoday.com
unemploymentinstinctiverite.com
videoadblocker.pro
vittullo.info
wee.so
weeprobbery.com
www.blogger.com
gcjpbmhldpkkabppgaljnohpelojbcak
italianbeepimpediment.com
104.16.88.20
104.17.25.14
104.20.67.115
104.21.234.33
104.21.61.96
104.21.8.119
104.21.93.138
142.250.181.233
142.250.185.179
162.19.58.161
172.217.18.3
172.240.108.68
172.240.108.84
172.240.127.234
172.67.137.232
192.124.249.11
192.243.59.20
192.243.61.225
3.64.37.204
45.133.44.10
54.39.128.117
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
051ad29cb6feedb21bdf40f33efca88090a0d5829bdcc7b4485cf54bcc97e9f8
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
100f5b7a0133b596a29bc8814a047f376c1d674bd2b12fc466058d35a5cdf4ce
278837f70571e9b787ed2ab26e76a179094ed768cdcfb8441d9035c312286ead
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b33bbaaa811fa085e8b73cf11896d5a496fd0ab221067cf8a7d3eb735eecd43
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3f6f5239b61da0d72a0a344eb6f7be4f6907d66bf2a0963ed65747f664189216
45c752a8b89d7cd7f165edba808fbadb4c26e4fa8d2d55827c671983d68164c1
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
5e15b9ef1ae6ba85f5269f609d964a42b2da1b061116906aa05240e2c73d9928
5e5de2c6875ced0f4b6ab48c8d4998bd6557db56efda64449db61db9bb89b834
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8d5f7d977f9b96d4f7abe30653ea52b3406938d5175ebb743bf839beab7f59f6
ac84c2f8288b59f8e04ba77287ce696052bfeee0d462a566d94dc305df646c95
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
c8e6ec72b16eae42bf4b57698e0f9cd1d701187802a967b8303f36993b69ea8c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efc71f1ee9c0b9d20767ab59a1ec554de935bb1c2f6eda513e7b6596f385d0af
fa6691a1785b1d227096c6e14bcb5f25c61887fa10ee14838e34d7b663cb8d7f
ffaa7afdc6d160a7ee5525918cbba4cd0baf5b354d7020b58e835caf4784a203

videoadblocker.pro Open in urlscan Pro 172.67.137.232 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious — 1 votes Show Verdicts

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

29 Requests

86 %HTTPS

0 %IPv6

24 Domains

25 Subdomains

20 IPs

5 Countries

426 kBTransfer

982 kBSize

37 Cookies

2 Outgoing links

Page URL History

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

videoadblocker.pro Open in urlscan Pro
172.67.137.232 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

86 %
HTTPS

0 %
IPv6

24
Domains

25
Subdomains

20
IPs

5
Countries

426 kB
Transfer

982 kB
Size

37
Cookies

29 HTTP transactions
0 data transactions

Malicious task.url
Submitted on March 9th 2024, 7:17:40 pm UTC — From United States

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!