ad-blocker-sentinel.com Open in urlscan Pro
172.67.214.200 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://antionelozowski40q36.pages.dev/
Effective URL:
https://ad-blocker-sentinel.com/sentinel.php?fh=brtrnRXx2yv13&v=13&fo=15030833&fk=3993bd7ccddef3486e5fe53281636c71&fj=tr&fm=920304
Submission Tags: @phish_report
Submission: On May 04 via api (May 4th 2024, 10:47:27 pm UTC) from FI — Scanned from FI

Summary HTTP 24 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 16 domains to perform 24 HTTP transactions. The main IP is 172.67.214.200, located in United States and belongs to CLOUDFLARENET, US. The main domain is ad-blocker-sentinel.com.
TLS certificate: Issued by GTS CA 1P5 on March 24th 2024. Valid for: 3 months.

This is the only time ad-blocker-sentinel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	172.66.47.41 172.66.47.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.67.214.128 172.67.214.128	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.161 142.250.186.161	15169 (GOOGLE) (GOOGLE)
2	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.243.59.12 192.243.59.12	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	52.29.105.35 52.29.105.35	16509 (AMAZON-02) (AMAZON-02)
2 5	192.243.61.227 192.243.61.227	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	204.79.197.200 204.79.197.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	172.67.214.200 172.67.214.200	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.129.229 151.101.129.229	54113 (FASTLY) (FASTLY)
3	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.175.161 172.67.175.161	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	13

1 172.66.47.41 (United States)

ASN13335 (CLOUDFLARENET, US)

antionelozowski40q36.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.214.128 (United States)

ASN13335 (CLOUDFLARENET, US)

ads.bisniskini.biz.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f1.1e100.net

3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

cockysnailleather.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.105.35 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-105-35.eu-central-1.compute.amazonaws.com

proftrafficcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.243.61.227 (Ashburn, United States) 2 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

www.topcreativeformat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.profitabledisplaycontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net

tse1.mm.bing.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.214.200 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-blocker-sentinel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.229 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

kingadblock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.175.161 (United States)

ASN13335 (CLOUDFLARENET, US)

tururu.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	profitabledisplaycontent.com 2 redirects www.profitabledisplaycontent.com — Cisco Umbrella Rank: 207520	9 KB
3	kingadblock.com kingadblock.com — Cisco Umbrella Rank: 491293	5 KB
3	bisniskini.biz.id ads.bisniskini.biz.id	2 KB
2	proftrafficcounter.com proftrafficcounter.com — Cisco Umbrella Rank: 15128	623 B
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	26 KB
1	tururu.info tururu.info — Cisco Umbrella Rank: 677398
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 310	30 KB
1	ad-blocker-sentinel.com ad-blocker-sentinel.com Failed	3 KB
1	bing.net tse1.mm.bing.net — Cisco Umbrella Rank: 3219	1 KB
1	topcreativeformat.com www.topcreativeformat.com — Cisco Umbrella Rank: 73875	12 KB
1	cockysnailleather.com cockysnailleather.com	12 KB
1	blogspot.com 3.bp.blogspot.com — Cisco Umbrella Rank: 17489	664 B
1	pages.dev antionelozowski40q36.pages.dev	7 KB
0	Failed function sub() { [native code] }. Failed
0	google.com Failed suggestqueries.google.com Failed
0	validinstruct.com Failed validinstruct.com Failed
24	16

	Domain	Requested by
4	www.profitabledisplaycontent.com	2 redirects antionelozowski40q36.pages.dev
3	kingadblock.com	ad-blocker-sentinel.com
3	ads.bisniskini.biz.id	antionelozowski40q36.pages.dev
2	proftrafficcounter.com	cockysnailleather.com
2	cdnjs.cloudflare.com	antionelozowski40q36.pages.dev
1	tururu.info	ad-blocker-sentinel.com
1	cdn.jsdelivr.net	ad-blocker-sentinel.com
1	ad-blocker-sentinel.com	antionelozowski40q36.pages.dev
1	tse1.mm.bing.net	antionelozowski40q36.pages.dev
1	www.topcreativeformat.com	ads.bisniskini.biz.id
1	cockysnailleather.com	ads.bisniskini.biz.id
1	3.bp.blogspot.com	antionelozowski40q36.pages.dev
1	antionelozowski40q36.pages.dev
0	invalid Failed	ad-blocker-sentinel.com
0	suggestqueries.google.com Failed	antionelozowski40q36.pages.dev
0	validinstruct.com Failed
24	16

This site contains links to these domains. Also see Links.

Domain
kingadblock.com

Subject Issuer	Validity	Valid
antionelozowski40q36.pages.dev GTS CA 1P5	`2024-05-04` - `2024-08-02`	3 months	crt.sh
bisniskini.biz.id GTS CA 1P5	`2024-04-14` - `2024-07-13`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
cockysnailleather.com R3	`2024-03-21` - `2024-06-19`	3 months	crt.sh
proftrafficcounter.com Amazon RSA 2048 M03	`2023-11-21` - `2024-12-19`	a year	crt.sh
topcreativeformat.com R3	`2024-03-20` - `2024-06-18`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-05-01` - `2024-06-27`	2 months	crt.sh
ad-blocker-sentinel.com GTS CA 1P5	`2024-03-24` - `2024-06-22`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
kingadblock.com GTS CA 1P5	`2024-04-10` - `2024-07-09`	3 months	crt.sh
tururu.info GTS CA 1P5	`2024-03-17` - `2024-06-15`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://ad-blocker-sentinel.com/sentinel.php?fh=brtrnRXx2yv13&v=13&fo=15030833&fk=3993bd7ccddef3486e5fe53281636c71&fj=tr&fm=920304
Frame ID: 8B228702ADE443F2E44D6A2FD7629C97
Requests: 22 HTTP requests in this frame

Frame: https://tururu.info/a.php?id=0083&e=VPGCNBK0FG&c=brtrnRXx2yv13&r=tr&cid=3993bd7ccddef3486e5fe53281636c71&z=15030833&m=920304&v=13&dr=https%3A%2F%2Fantionelozowski40q36.pages.dev%2F&inw=1600&inh=1200
Frame ID: 183388BE8D04CED0764728A5EC5D2844
Requests: 1 HTTP requests in this frame

Frame: https://kingadblock.com/clear.php
Frame ID: 8DFC444314321DB79636FF4C21FA4FA5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ylös - Mainosten esto

Page URL History Show full URLs

http://antionelozowski40q36.pages.dev/ HTTP 307
https://antionelozowski40q36.pages.dev/ Page URL
https://ad-blocker-sentinel.com/sentinel.php?fh=brtrnRXx2yv13&v=13&fo=15030833&fk=3993bd7ccddef3486e5fe53281... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

24
Requests

75 %
HTTPS

0 %
IPv6

16
Domains

16
Subdomains

13
IPs

4
Countries

103 kB
Transfer

368 kB
Size

18
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://kingadblock.com/
Title: Jatka

Search URL Search Domain Scan URL

URL: https://kingadblock.com/privacy-policy.php
Title: Tietosuoja

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://antionelozowski40q36.pages.dev/ HTTP 307
https://antionelozowski40q36.pages.dev/ Page URL
https://ad-blocker-sentinel.com/sentinel.php?fh=brtrnRXx2yv13&v=13&fo=15030833&fk=3993bd7ccddef3486e5fe53281636c71&fj=tr&fm=920304 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://antionelozowski40q36.pages.dev/ HTTP 307
https://antionelozowski40q36.pages.dev/

Request Chain 11

https://www.profitabledisplaycontent.com/watch.1518233936978.js?key=2651fdded13dfbfdd8992310531eeaf9&kw=%5B%5D&refer=https%3A%2F%2Fantionelozowski40q36.pages.dev%2F&tz=3&dev=r&res=14.4127&uuid=b0786ee3-793d-4b2f-8358-91e8957d55bb%3A1%3A1 HTTP 307
https://www.profitabledisplaycontent.com/watch.1518233936978.js?dev=r&key=2651fdded13dfbfdd8992310531eeaf9&kw=%5B%5D&pst=1714862900&refer=https%3A%2F%2Fantionelozowski40q36.pages.dev%2F&res=14.4127&rmtc=t&shu=ce61b8b06e3e29c7960008685389cbbeb6d08a00c9d818fe21d5f1faebbf4c6611b8efb929b5c2ec22f1730da671845336db148515aee00379793be163506434f7a7624f4cad099e19cea6ec12ef0e7946335fc21b1ce9acbae455298b0f4c&tz=3&uuid=b0786ee3-793d-4b2f-8358-91e8957d55bb%3A1%3A1

Request Chain 12

https://www.profitabledisplaycontent.com/watch.1281516065866.js?key=2651fdded13dfbfdd8992310531eeaf9&kw=%5B%5D&refer=https%3A%2F%2Fantionelozowski40q36.pages.dev%2F&tz=3&dev=r&res=14.4127&uuid=d5163884-e21e-48a7-b083-449a19526b85%3A1%3A1 HTTP 307
https://www.profitabledisplaycontent.com/watch.1281516065866.js?dev=r&key=2651fdded13dfbfdd8992310531eeaf9&kw=%5B%5D&pst=1714862900&refer=https%3A%2F%2Fantionelozowski40q36.pages.dev%2F&res=14.4127&rmtc=t&shu=75cc117fb935753fd6e3a673e3d9cc608a8a46ab83d31989ef927857c91ffc3ac5567156393170f2a8a3b40592a0a1194e57babda6175520c2c432ffbef8d61241c72e496dee75d83a5cb360c096c630c2fccfd066dc1be3ff58aa16e93b5d&tz=3&uuid=d5163884-e21e-48a7-b083-449a19526b85%3A1%3A1

Request Chain 13

https://validinstruct.com/watch.385428045700.js?key=e5076d5c87bbe005e418ec4cd70228a5&kw=%5B%5D&refer=https%3A%2F%2Fantionelozowski40q36.pages.dev%2F&tz=3&dev=r&res=14.4127&uuid=d5163884-e21e-48a7-b083-449a19526b85%3A1%3A1 HTTP 307
https://validinstruct.com/watch.385428045700.js?dev=r&key=e5076d5c87bbe005e418ec4cd70228a5&kw=%5B%5D&pst=1714862902&refer=https%3A%2F%2Fantionelozowski40q36.pages.dev%2F&res=14.4127&rmtc=t&shu=b6146bf93f3420126a3136ebed5777c90f0715b1442511c08cd79e23b38d44a12884646afdc58e93b74273e66437d9753eaeacb356ac1ea354717d4ccc2c546676684e813cc5dae3d3319302fac0ccbeff07ba&tz=3&uuid=d5163884-e21e-48a7-b083-449a19526b85%3A1%3A1

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
antionelozowski40q36.pages.dev/
Redirect Chain

http://antionelozowski40q36.pages.dev/
https://antionelozowski40q36.pages.dev/

17 KB
7 KB

658ms
104ms

Document
text/html

172.66.47.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://antionelozowski40q36.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.47.41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3de8ed3fa02b79ed68e82036fa2ea551f4e691440a23fccc16bb8ac5236cf5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 87ec0805f9a470f8-HEL
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 04 May 2024 22:47:13 GMT
etag: W/"8bb8511dac75d9f93ab925e76ba18cdf"
link: <https://i.pinimg.com>; rel="preconnect"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jKbqbstX170TxDxQhrJqlnFB8%2FrY7x1nZkjAONNphC6e%2BTbhtDUl3TeDw4vcSwXBNBPXt2MOPrAAxQcLcxmUaPvqQm3wluZcq0Pe41PS97Tpfq%2BteRnh5f%2BPIUViG%2Be67NfsRPRodkXL9Ke4sRYakKk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://antionelozowski40q36.pages.dev/
Non-Authoritative-Reason: HSTS

GET
H2 200 d6f51a1ed1d2f145512197f7cd7be46d Show response
ads.bisniskini.biz.id/get/site/js/ 289 B
742 B 3160ms
735ms Script
application/javascript 172.67.214.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.bisniskini.biz.id/get/site/js/d6f51a1ed1d2f145512197f7cd7be46d
Requested by: Host: antionelozowski40q36.pages.dev
URL: https://antionelozowski40q36.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.214.128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 881ee1147b2da2170ba4d8ae3b6cd32d5ba79a0997f83f7e4de3740f3c8fcf16

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://antionelozowski40q36.pages.dev/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 04 May 2024 22:47:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VAlBFl%2FPzqi%2FrKHK479oEZ4H7EYG2QjLfaXJeG4816Mx%2Bzv%2BXpP6BaN0PDAt4525nJ6fyCWJnHED%2BG2PIDJjfqy4oGjmXVS5OAJzJ2KfgSEGnucmVPkPbHBU%2FF8eJr%2FeFqYrHT%2BvkHE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate
cf-ray: 87ec0815f852929e-CPH
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 btn_close.gif
3.bp.blogspot.com/-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/ 362 B
664 B 2247ms
763ms Image
image/gif 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/btn_close.gif

Requested by

Host: antionelozowski40q36.pages.dev
URL: https://antionelozowski40q36.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

fife /

Resource Hash

0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://antionelozowski40q36.pages.dev/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 20:25:30 GMT
x-content-type-options: nosniff
age: 8505
content-disposition: inline;filename="btn_close.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 362
x-xss-protection: 0
server: fife
etag: "v1764"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 05 May 2024 20:25:30 GMT

GET
H2 200 9049b3a33fc36afe5806bf92a1b0bc1f Show response
ads.bisniskini.biz.id/get/site/js/ 292 B
492 B 3254ms
830ms Script
application/javascript 172.67.214.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.bisniskini.biz.id/get/site/js/9049b3a33fc36afe5806bf92a1b0bc1f
Requested by: Host: antionelozowski40q36.pages.dev
URL: https://antionelozowski40q36.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.214.128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46db3ce6cc92c88fd84b0ab4961fc00135ea56c3ad2455a88cdc9caa85a1f7d1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://antionelozowski40q36.pages.dev/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 04 May 2024 22:47:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bvXDwFqvUw11FxfiMRleG0shcqYRqDgbxCl6GaWw5vLBkDWG7hVXgVxCg8UScj9mYCYMOxc1xMAByaOXrupsiMFq%2FGbOdt5Kwjm5ErZZfFXfR9do1N31xucYnN92WpLFpyonjX8iA1w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate
cf-ray: 87ec0815f855929e-CPH
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 jquery.slim.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 71 KB
22 KB 2230ms
762ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.slim.min.js

Requested by

Host: antionelozowski40q36.pages.dev
URL: https://antionelozowski40q36.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://antionelozowski40q36.pages.dev/
Origin: https://antionelozowski40q36.pages.dev
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 22:47:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 284248
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 22329
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "603e8adc-11ab4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u67T81OGBsvdFBP5eKNDxw6qmpsr9Pvq1Yv0AN5DULLinOIBocS77hJZzrfN1PZzv6OdE2ZJz0QnmNlygtACUc589Wgg8lVIqKXgoe8Ckbc5y2ZZdTA2SCUKGkjupfmi00d40yci"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 87ec08116f878d5b-HEL
expires: Thu, 24 Apr 2025 22:47:15 GMT

GET
H2 200 lazysizes.min.js Show response
cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.0/ 8 KB
4 KB 2229ms
761ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.0/lazysizes.min.js

Requested by

Host: antionelozowski40q36.pages.dev
URL: https://antionelozowski40q36.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46112dbceed738f759d03f04b115d5256a7d73660b7795acb382192ad84d9f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://antionelozowski40q36.pages.dev/
Origin: https://antionelozowski40q36.pages.dev
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 22:47:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 278530
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3150
last-modified: Sat, 02 Jan 2021 18:12:41 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5ff0b799-1ed1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VGcEbedMGk%2Br6ueNhC4m3ktxSA5CywC1rc1WVcuYYA2I6of0dgbwuGd26y6ETCHFnSjyMdtkG15OOC05zuYSwKJuNFJq3SvUmgQTZyjXI3qb10bUxGHnGwnfIveQ0z%2BxD8BKfGsc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 87ec08116f898d5b-HEL
expires: Thu, 24 Apr 2025 22:47:15 GMT

GET
H/1.1 200
OK invoke.js Show response
cockysnailleather.com/2651fdded13dfbfdd8992310531eeaf9/ 31 KB
12 KB 1691ms
300ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cockysnailleather.com/2651fdded13dfbfdd8992310531eeaf9/invoke.js

Requested by

Host: ads.bisniskini.biz.id
URL: https://ads.bisniskini.biz.id/get/site/js/d6f51a1ed1d2f145512197f7cd7be46d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.5 /

Resource Hash

6db5c0a22c57ea6ee7f18f4104f349f3e4ce977abe8fa09233e4c8292753f42b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://antionelozowski40q36.pages.dev/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 04 May 2024 22:47:18 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Cache-Control: no-cache
Connection: keep-alive
X-Request-ID: 121ff695721636123f5cc0a078d72e00
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 stats Show response
proftrafficcounter.com/ 40 B
312 B 474ms
132ms XHR
text/html 52.29.105.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://proftrafficcounter.com/stats
Requested by: Host: cockysnailleather.com
URL: https://cockysnailleather.com/2651fdded13dfbfdd8992310531eeaf9/invoke.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.105.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-105-35.eu-central-1.compute.amazonaws.com
Software: fasthttp /
Resource Hash: 10bdedd9fd70149444a8eb96aa1391ed6b2f86c3f50b4ebd82682724d13f7197

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://antionelozowski40q36.pages.dev/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://antionelozowski40q36.pages.dev
date: Sat, 04 May 2024 22:47:18 GMT
access-control-allow-credentials: true
server: fasthttp
content-length: 40
vary: Origin
content-type: text/html; charset=UTF-8

GET
H2 200 d6f51a1ed1d2f145512197f7cd7be46d Show response
ads.bisniskini.biz.id/get/site/js/ 289 B
523 B 390ms
389ms Script
application/javascript 172.67.214.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.bisniskini.biz.id/get/site/js/d6f51a1ed1d2f145512197f7cd7be46d
Requested by: Host: antionelozowski40q36.pages.dev
URL: https://antionelozowski40q36.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.214.128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 881ee1147b2da2170ba4d8ae3b6cd32d5ba79a0997f83f7e4de3740f3c8fcf16

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://antionelozowski40q36.pages.dev/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 04 May 2024 22:47:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FH6FWhyi%2Fw7qsMreOPdvEuMG%2BYduRNcQVeWHrs%2BY96pBoYJKt20i%2BtRrMz4HABW8Wt2p8E14N1YxB7zRDb2hdlF3HHNlYJhOZGcnmlomo4kR4AJ%2B5JBg4diiTJOxRGwlNps6JTiC2bk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate
cf-ray: 87ec08251a31929e-CPH
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 stats Show response
proftrafficcounter.com/ 40 B
311 B 306ms
227ms XHR
text/html 52.29.105.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://proftrafficcounter.com/stats
Requested by: Host: cockysnailleather.com
URL: https://cockysnailleather.com/2651fdded13dfbfdd8992310531eeaf9/invoke.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.105.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-105-35.eu-central-1.compute.amazonaws.com
Software: fasthttp /
Resource Hash: 129fc73fdad81cd0e2b558ea1936ba4440c512a3d3b3eb9066be2fff4ea46919

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://antionelozowski40q36.pages.dev/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://antionelozowski40q36.pages.dev
date: Sat, 04 May 2024 22:47:19 GMT
access-control-allow-credentials: true
server: fasthttp
content-length: 40
vary: Origin
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK invoke.js Show response
www.topcreativeformat.com/e5076d5c87bbe005e418ec4cd70228a5/ 31 KB
12 KB 1952ms
887ms Script
application/javascript 192.243.61.227
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.topcreativeformat.com/e5076d5c87bbe005e418ec4cd70228a5/invoke.js

Requested by

Host: ads.bisniskini.biz.id
URL: https://ads.bisniskini.biz.id/get/site/js/9049b3a33fc36afe5806bf92a1b0bc1f

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

716e0c8adc8a9f7795876da7d520eb21403e82a0328da8a483547b0554ded900

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://antionelozowski40q36.pages.dev/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 04 May 2024 22:47:20 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Cache-Control: no-cache
Connection: keep-alive
X-Request-ID: 70831f20fbb1f2448a1b482ca7749dfe
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1

200
OK

watch.1518233936978.js Show response
www.profitabledisplaycontent.com/
Redirect Chain

https://www.profitabledisplaycontent.com/watch.1518233936978.js?key=2651fdded13dfbfdd8992310531eeaf9&kw=%5B%5D&refer=https%3A%2F%2Fantionelozowski40q36.pages.dev%2F&tz=3&dev=r&res=14.4127&uuid=b078...
https://www.profitabledisplaycontent.com/watch.1518233936978.js?dev=r&key=2651fdded13dfbfdd8992310531eeaf9&kw=%5B%5D&pst=1714862900&refer=https%3A%2F%2Fantionelozowski40q36.pages.dev%2F&res=14.4127...

2 KB
2 KB

352ms
352ms

XHR
text/html

192.243.61.227
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.profitabledisplaycontent.com/watch.1518233936978.js?dev=r&key=2651fdded13dfbfdd8992310531eeaf9&kw=%5B%5D&pst=1714862900&refer=https%3A%2F%2Fantionelozowski40q36.pages.dev%2F&res=14.4127&rmtc=t&shu=ce61b8b06e3e29c7960008685389cbbeb6d08a00c9d818fe21d5f1faebbf4c6611b8efb929b5c2ec22f1730da671845336db148515aee00379793be163506434f7a7624f4cad099e19cea6ec12ef0e7946335fc21b1ce9acbae455298b0f4c&tz=3&uuid=b0786ee3-793d-4b2f-8358-91e8957d55bb%3A1%3A1

Requested by

Host: antionelozowski40q36.pages.dev
URL: https://antionelozowski40q36.pages.dev/

Protocol

HTTP/1.1

Server

192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

a10b9f692060424f649bd806b0f11ab9c2d60362561c4cfd229a3a9029179903

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer: https://antionelozowski40q36.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Sat, 04 May 2024 22:47:21 GMT
Custom-Referer: https://antionelozowski40q36.pages.dev
Content-Encoding: gzip
Strict-Transport-Security: max-age=0; includeSubdomains
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: text/html
Access-Control-Allow-Origin: https://antionelozowski40q36.pages.dev
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Request-ID: c0060862cfc36d1cfc858250923c59b0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Date: Sat, 04 May 2024 22:47:20 GMT
Custom-Referer: https://antionelozowski40q36.pages.dev
Strict-Transport-Security: max-age=0; includeSubdomains
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: text/html
Access-Control-Allow-Origin: https://antionelozowski40q36.pages.dev
Location: https://www.profitabledisplaycontent.com/watch.1518233936978.js?dev=r&key=2651fdded13dfbfdd8992310531eeaf9&kw=%5B%5D&pst=1714862900&refer=https%3A%2F%2Fantionelozowski40q36.pages.dev%2F&res=14.4127&rmtc=t&shu=ce61b8b06e3e29c7960008685389cbbeb6d08a00c9d818fe21d5f1faebbf4c6611b8efb929b5c2ec22f1730da671845336db148515aee00379793be163506434f7a7624f4cad099e19cea6ec12ef0e7946335fc21b1ce9acbae455298b0f4c&tz=3&uuid=b0786ee3-793d-4b2f-8358-91e8957d55bb%3A1%3A1
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
X-Request-ID: 086b26e60e834984fe6f36624ac29919
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1

200
OK

watch.1281516065866.js
www.profitabledisplaycontent.com/
Redirect Chain

https://www.profitabledisplaycontent.com/watch.1281516065866.js?key=2651fdded13dfbfdd8992310531eeaf9&kw=%5B%5D&refer=https%3A%2F%2Fantionelozowski40q36.pages.dev%2F&tz=3&dev=r&res=14.4127&uuid=d516...
https://www.profitabledisplaycontent.com/watch.1281516065866.js?dev=r&key=2651fdded13dfbfdd8992310531eeaf9&kw=%5B%5D&pst=1714862900&refer=https%3A%2F%2Fantionelozowski40q36.pages.dev%2F&res=14.4127...

2 KB
2 KB

380ms
379ms

XHR
text/html

192.243.61.227
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.profitabledisplaycontent.com/watch.1281516065866.js?dev=r&key=2651fdded13dfbfdd8992310531eeaf9&kw=%5B%5D&pst=1714862900&refer=https%3A%2F%2Fantionelozowski40q36.pages.dev%2F&res=14.4127&rmtc=t&shu=75cc117fb935753fd6e3a673e3d9cc608a8a46ab83d31989ef927857c91ffc3ac5567156393170f2a8a3b40592a0a1194e57babda6175520c2c432ffbef8d61241c72e496dee75d83a5cb360c096c630c2fccfd066dc1be3ff58aa16e93b5d&tz=3&uuid=d5163884-e21e-48a7-b083-449a19526b85%3A1%3A1

Requested by

Host: antionelozowski40q36.pages.dev
URL: https://antionelozowski40q36.pages.dev/

Protocol

HTTP/1.1

Server

192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer: https://antionelozowski40q36.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Sat, 04 May 2024 22:47:21 GMT
Custom-Referer: https://antionelozowski40q36.pages.dev
Content-Encoding: gzip
Strict-Transport-Security: max-age=0; includeSubdomains
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: text/html
Access-Control-Allow-Origin: https://antionelozowski40q36.pages.dev
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Request-ID: cfea74211377ea8cc150fb9c459d26bf
Expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Date: Sat, 04 May 2024 22:47:20 GMT
Custom-Referer: https://antionelozowski40q36.pages.dev
Strict-Transport-Security: max-age=0; includeSubdomains
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: text/html
Access-Control-Allow-Origin: https://antionelozowski40q36.pages.dev
Location: https://www.profitabledisplaycontent.com/watch.1281516065866.js?dev=r&key=2651fdded13dfbfdd8992310531eeaf9&kw=%5B%5D&pst=1714862900&refer=https%3A%2F%2Fantionelozowski40q36.pages.dev%2F&res=14.4127&rmtc=t&shu=75cc117fb935753fd6e3a673e3d9cc608a8a46ab83d31989ef927857c91ffc3ac5567156393170f2a8a3b40592a0a1194e57babda6175520c2c432ffbef8d61241c72e496dee75d83a5cb360c096c630c2fccfd066dc1be3ff58aa16e93b5d&tz=3&uuid=d5163884-e21e-48a7-b083-449a19526b85%3A1%3A1
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
X-Request-ID: 0415adaa71f761e8940dd11328807dd9
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET

watch.385428045700.js
validinstruct.com/
Redirect Chain

https://validinstruct.com/watch.385428045700.js?key=e5076d5c87bbe005e418ec4cd70228a5&kw=%5B%5D&refer=https%3A%2F%2Fantionelozowski40q36.pages.dev%2F&tz=3&dev=r&res=14.4127&uuid=d5163884-e21e-48a7-b...
https://validinstruct.com/watch.385428045700.js?dev=r&key=e5076d5c87bbe005e418ec4cd70228a5&kw=%5B%5D&pst=1714862902&refer=https%3A%2F%2Fantionelozowski40q36.pages.dev%2F&res=14.4127&rmtc=t&shu=b614...

0
0

GET search
suggestqueries.google.com/complete/ 0
0

GET
H2 404 th
tse1.mm.bing.net/ 727 B
1 KB 637ms
109ms Image
image/jpeg 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tse1.mm.bing.net/th?q=
Requested by: Host: antionelozowski40q36.pages.dev
URL: https://antionelozowski40q36.pages.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0001.a-msedge.net
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://antionelozowski40q36.pages.dev/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 04 May 2024 22:47:21 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 05A996F9E6154D2297EFE66A3CF232E7 Ref B: STOEDGE1020 Ref C: 2024-05-04T22:47:21Z
access-control-allow-methods: GET, POST, OPTIONS
x-cache: TCP_MISS
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}&ndcParam=QUZE
cache-control: no-cache
timing-allow-origin: *
access-control-allow-headers: *
content-length: 727
expires: -1

GET sentinel.php
ad-blocker-sentinel.com/ 0
0

GET
H2 200 Primary Request sentinel.php Show response
ad-blocker-sentinel.com/ 8 KB
3 KB 998ms
260ms Document
text/html 172.67.214.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-blocker-sentinel.com/sentinel.php?fh=brtrnRXx2yv13&v=13&fo=15030833&fk=3993bd7ccddef3486e5fe53281636c71&fj=tr&fm=920304
Requested by: Host: antionelozowski40q36.pages.dev
URL: https://antionelozowski40q36.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.214.200 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41127d657beb744b85a265b1e50e5454849358f10387d4f7fa99727aa111a882

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer: https://antionelozowski40q36.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 87ec083b5a0392a9-CPH
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 04 May 2024 22:47:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZwFAm4gO1zbY1mp2%2Be6Tgh6wzPby21HJcPNbvY1hMUej1V5Pz7Ef%2Bs4qsRS2jTrWfrWdfP0nmtmM7d1znTooKyMzSQ3eI%2BF99lhv0aXMaxdqEvq8FwRwfkQbFvhkL4xw0ucQpCRRmw1QfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/ 190 KB
30 KB 510ms
53ms Stylesheet
text/css 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css

Requested by

Host: ad-blocker-sentinel.com
URL: https://ad-blocker-sentinel.com/sentinel.php?fh=brtrnRXx2yv13&v=13&fo=15030833&fk=3993bd7ccddef3486e5fe53281636c71&fj=tr&fm=920304

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ad-blocker-sentinel.com/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 04 May 2024 22:47:22 GMT
x-content-type-options: nosniff
content-encoding: br
age: 16614516
x-jsd-version: 5.2.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30336
x-served-by: cache-fra-eddf8230122-FRA, cache-hel1410032-HEL
x-jsd-version-type: version
etag: W/"2f955-d5HdHzFzoNYsw5wh0q1x/I2tDnI"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 icon.png
kingadblock.com/images/ 4 KB
5 KB 609ms
101ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kingadblock.com/images/icon.png
Requested by: Host: ad-blocker-sentinel.com
URL: https://ad-blocker-sentinel.com/sentinel.php?fh=brtrnRXx2yv13&v=13&fo=15030833&fk=3993bd7ccddef3486e5fe53281636c71&fj=tr&fm=920304
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 091483d5419eb9e98f0edd49563409fad2eb24f1d10bc161b9716e0f0ee86b35

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ad-blocker-sentinel.com/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 22:47:22 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 16 Aug 2023 09:41:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64dc99af-1121"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KlsN%2F8A%2FroTzq8Ogsft0R8t5aDBf0Oco5sRqUzHJnjX57tBgW4P03JXmL%2FlBjImgj0tTWJZHNyRgoCRHYl8lnrGhwv9fCVCqKwQkYVRcm%2BOTJd8ujrlW4SdJ2Qdx9%2FnOeKo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 87ec083fba94abde-CPH
alt-svc: h3=":443"; ma=86400
content-length: 4385

GET /
invalid/ 0
0

GET
H2 200 a.php
tururu.info/ Frame 1833 0
0 704ms
126ms Document
text/html 172.67.175.161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tururu.info/a.php?id=0083&e=VPGCNBK0FG&c=brtrnRXx2yv13&r=tr&cid=3993bd7ccddef3486e5fe53281636c71&z=15030833&m=920304&v=13&dr=https%3A%2F%2Fantionelozowski40q36.pages.dev%2F&inw=1600&inh=1200
Requested by: Host: ad-blocker-sentinel.com
URL: https://ad-blocker-sentinel.com/sentinel.php?fh=brtrnRXx2yv13&v=13&fo=15030833&fk=3993bd7ccddef3486e5fe53281636c71&fj=tr&fm=920304
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.175.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer: https://ad-blocker-sentinel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 87ec0843ac66abc9-CPH
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 04 May 2024 22:47:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WEEV9%2FYxOvYM%2FrKgIFJBkN2I9Yeyx%2Bbj356A4uvdOxOPGEX3ecHbID35zLUj189lBwh386Jeq1bwArkehH53cHaDXRbXUVffuT1u2Rvh5rqoLI61B1h420RWoxFH9g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 clear.php
kingadblock.com/ Frame 8DFC 0
0 653ms
125ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kingadblock.com/clear.php
Requested by: Host: ad-blocker-sentinel.com
URL: https://ad-blocker-sentinel.com/sentinel.php?fh=brtrnRXx2yv13&v=13&fo=15030833&fk=3993bd7ccddef3486e5fe53281636c71&fj=tr&fm=920304
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer: https://ad-blocker-sentinel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 87ec08435dd4abda-CPH
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 04 May 2024 22:47:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2%2Bu2F7SsrmheYvLdMTomGYJOcXn4HKqpikhaJE62nfKfda2SDxm%2BLqXw2ir0YWv1TlE5smhEKnhMF5%2F54Gwx7F6%2BgCj6IHezRc3qbFP%2F5k4wIKdQiwC8ev1%2Fq2kg1WzSUso%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 icon.png
kingadblock.com/images/ 4 KB
0 0ms
0ms Other
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kingadblock.com/images/icon.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 091483d5419eb9e98f0edd49563409fad2eb24f1d10bc161b9716e0f0ee86b35

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ad-blocker-sentinel.com/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 22:47:22 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 16 Aug 2023 09:41:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64dc99af-1121"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KlsN%2F8A%2FroTzq8Ogsft0R8t5aDBf0Oco5sRqUzHJnjX57tBgW4P03JXmL%2FlBjImgj0tTWJZHNyRgoCRHYl8lnrGhwv9fCVCqKwQkYVRcm%2BOTJd8ujrlW4SdJ2Qdx9%2FnOeKo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 87ec083fba94abde-CPH
alt-svc: h3=":443"; ma=86400
content-length: 4385

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: validinstruct.com
URL: https://validinstruct.com/watch.385428045700.js?dev=r&key=e5076d5c87bbe005e418ec4cd70228a5&kw=%5B%5D&pst=1714862902&refer=https%3A%2F%2Fantionelozowski40q36.pages.dev%2F&res=14.4127&rmtc=t&shu=b6146bf93f3420126a3136ebed5777c90f0715b1442511c08cd79e23b38d44a12884646afdc58e93b74273e66437d9753eaeacb356ac1ea354717d4ccc2c546676684e813cc5dae3d3319302fac0ccbeff07ba&tz=3&uuid=d5163884-e21e-48a7-b083-449a19526b85%3A1%3A1

Domain: suggestqueries.google.com
URL: https://suggestqueries.google.com/complete/search?jsonp=autoRelated&hl=en&client=firefox&q=

Domain: ad-blocker-sentinel.com
URL: https://ad-blocker-sentinel.com/sentinel.php?fh=brtrnRXx2yv13&v=13&fo=15030833&fk=399c953068a3bed4504524c010ce9ac2&fj=tr&fm=920304

Domain: invalid
URL: chrome-extension://invalid/

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
proftrafficcounter.com/	1970-01-21 05:57:02	Name: uid_id2 Value: d5163884-e21e-48a7-b083-449a19526b85:1:1
antionelozowski40q36.pages.dev/	1970-01-20 20:31:07	Name: dom3ic8zudi28v8lr6fgphwffqoz0j6c Value: d5163884-e21e-48a7-b083-449a19526b85%3A1%3A1
www.profitabledisplaycontent.com/	1970-01-20 20:22:29	Name: u_pl Value: 15030833
www.profitabledisplaycontent.com/	1970-01-20 20:21:02	Name: ain Value: eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTAzMDgzMywiayI6IjI2NTFmZGRlZDEzZGZiZmRkODk5MjMxMDUzMWVlYWY5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzk4MDUsInBpZCI6OTkyMDQsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJkbmJyam5zajgwIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjIzOTE2NjM4OCwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzMjUzNSwiYm4iOiJDaHJvbWUiLCJidiI6IjEyNCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjcwLCJjIjoiRkkiLCJuIjoiRmlubGFuZCJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkROQSBPeWoifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2FudGlvbmVsb3pvd3NraTQwcTM2LnBhZ2VzLmRldi8iLCJhciI6W119fQ.aiXRDS8lO1JvEcLDVJtKkUpwp9q2IrPwtsbTWgf56Dg
www.profitabledisplaycontent.com/	1970-01-20 20:22:29	Name: iprc7ff7a3842f137509bda8a01a4aae102a Value: 5080033
www.profitabledisplaycontent.com/	1970-01-20 20:22:29	Name: pdhtkv Value: true
www.profitabledisplaycontent.com/	1970-01-20 20:22:29	Name: uncs Value: 1
www.profitabledisplaycontent.com/	1970-01-20 20:22:29	Name: pdhtkv5 Value: true
www.profitabledisplaycontent.com/	1970-01-20 20:22:29	Name: uncs5 Value: 1
www.profitabledisplaycontent.com/	1970-01-20 20:31:07	Name: uid_id2 Value: d5163884-e21e-48a7-b083-449a19526b85:1:1
validinstruct.com/	1970-01-20 20:22:29	Name: u_pl Value: 17761927
validinstruct.com/	1970-01-20 20:21:02	Name: ain Value: eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzc2MTkyNywiayI6ImU1MDc2ZDVjODdiYmUwMDVlNDE4ZWM0Y2Q3MDIyOGE1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDExMDU5LCJwaWQiOjMzMjg2MSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InZoMHdmZXNpIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjIzOTE2NjM4OCwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzMjUzNSwiYm4iOiJDaHJvbWUiLCJidiI6IjEyNCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjcwLCJjIjoiRkkiLCJuIjoiRmlubGFuZCJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkROQSBPeWoifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2FudGlvbmVsb3pvd3NraTQwcTM2LnBhZ2VzLmRldi8iLCJhciI6W119fQ.13g0jpwRSHFfAorMZGxvgcg4nm4Vtm3M1gwT2R7729g
.tururu.info/	1970-01-21 05:57:02	Name: c0083 Value: brtrnRXx2yv13
.tururu.info/	1970-01-21 05:57:02	Name: r0083 Value: tr
.tururu.info/	1970-01-21 05:57:02	Name: cid0083 Value: 3993bd7ccddef3486e5fe53281636c71
.tururu.info/	1970-01-21 05:57:02	Name: z0083 Value: 15030833
.tururu.info/	1970-01-21 05:57:02	Name: e0083 Value: VPGCNBK0FG
.tururu.info/	1970-01-21 05:06:38	Name: _asd Value: 17148628435544040

39 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://ads.bisniskini.biz.id/get/site/js/d6f51a1ed1d2f145512197f7cd7be46d(Line 7) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cockysnailleather.com/2651fdded13dfbfdd8992310531eeaf9/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ads.bisniskini.biz.id/get/site/js/d6f51a1ed1d2f145512197f7cd7be46d(Line 7) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cockysnailleather.com/2651fdded13dfbfdd8992310531eeaf9/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ads.bisniskini.biz.id/get/site/js/d6f51a1ed1d2f145512197f7cd7be46d(Line 7) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cockysnailleather.com/2651fdded13dfbfdd8992310531eeaf9/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ads.bisniskini.biz.id/get/site/js/d6f51a1ed1d2f145512197f7cd7be46d(Line 7) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cockysnailleather.com/2651fdded13dfbfdd8992310531eeaf9/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ads.bisniskini.biz.id/get/site/js/9049b3a33fc36afe5806bf92a1b0bc1f(Line 7) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.topcreativeformat.com/e5076d5c87bbe005e418ec4cd70228a5/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ads.bisniskini.biz.id/get/site/js/9049b3a33fc36afe5806bf92a1b0bc1f(Line 7) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.topcreativeformat.com/e5076d5c87bbe005e418ec4cd70228a5/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://antionelozowski40q36.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://antionelozowski40q36.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	warning	URL: https://antionelozowski40q36.pages.dev/(Line 133) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://suggestqueries.google.com/complete/search?jsonp=autoRelated&hl=en&client=firefox&q=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://antionelozowski40q36.pages.dev/(Line 133) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://suggestqueries.google.com/complete/search?jsonp=autoRelated&hl=en&client=firefox&q=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://antionelozowski40q36.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://antionelozowski40q36.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://antionelozowski40q36.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://antionelozowski40q36.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://antionelozowski40q36.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://antionelozowski40q36.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://antionelozowski40q36.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://antionelozowski40q36.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://antionelozowski40q36.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://antionelozowski40q36.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://antionelozowski40q36.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://antionelozowski40q36.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://antionelozowski40q36.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://antionelozowski40q36.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://antionelozowski40q36.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://antionelozowski40q36.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://antionelozowski40q36.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://antionelozowski40q36.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://antionelozowski40q36.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://antionelozowski40q36.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://tse1.mm.bing.net/th?q= Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
other	warning	URL: https://ad-blocker-sentinel.com/sentinel.php?fh=brtrnRXx2yv13&v=13&fo=15030833&fk=3993bd7ccddef3486e5fe53281636c71&fj=tr&fm=920304 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ad-blocker-sentinel.com/sentinel.php?fh=brtrnRXx2yv13&v=13&fo=15030833&fk=3993bd7ccddef3486e5fe53281636c71&fj=tr&fm=920304 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ad-blocker-sentinel.com/sentinel.php?fh=brtrnRXx2yv13&v=13&fo=15030833&fk=3993bd7ccddef3486e5fe53281636c71&fj=tr&fm=920304 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ad-blocker-sentinel.com/sentinel.php?fh=brtrnRXx2yv13&v=13&fo=15030833&fk=3993bd7ccddef3486e5fe53281636c71&fj=tr&fm=920304 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ad-blocker-sentinel.com/sentinel.php?fh=brtrnRXx2yv13&v=13&fo=15030833&fk=3993bd7ccddef3486e5fe53281636c71&fj=tr&fm=920304 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ad-blocker-sentinel.com/sentinel.php?fh=brtrnRXx2yv13&v=13&fo=15030833&fk=3993bd7ccddef3486e5fe53281636c71&fj=tr&fm=920304 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ad-blocker-sentinel.com/sentinel.php?fh=brtrnRXx2yv13&v=13&fo=15030833&fk=3993bd7ccddef3486e5fe53281636c71&fj=tr&fm=920304 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3.bp.blogspot.com
ad-blocker-sentinel.com
ads.bisniskini.biz.id
antionelozowski40q36.pages.dev
cdn.jsdelivr.net
cdnjs.cloudflare.com
cockysnailleather.com
invalid
kingadblock.com
proftrafficcounter.com
suggestqueries.google.com
tse1.mm.bing.net
tururu.info
validinstruct.com
www.profitabledisplaycontent.com
www.topcreativeformat.com
ad-blocker-sentinel.com
invalid
suggestqueries.google.com
validinstruct.com
104.17.25.14
142.250.186.161
151.101.129.229
172.66.47.41
172.67.175.161
172.67.214.128
172.67.214.200
188.114.97.3
192.243.59.12
192.243.61.227
204.79.197.200
52.29.105.35
0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4
091483d5419eb9e98f0edd49563409fad2eb24f1d10bc161b9716e0f0ee86b35
10bdedd9fd70149444a8eb96aa1391ed6b2f86c3f50b4ebd82682724d13f7197
129fc73fdad81cd0e2b558ea1936ba4440c512a3d3b3eb9066be2fff4ea46919
41127d657beb744b85a265b1e50e5454849358f10387d4f7fa99727aa111a882
46112dbceed738f759d03f04b115d5256a7d73660b7795acb382192ad84d9f98
46db3ce6cc92c88fd84b0ab4961fc00135ea56c3ad2455a88cdc9caa85a1f7d1
6db5c0a22c57ea6ee7f18f4104f349f3e4ce977abe8fa09233e4c8292753f42b
716e0c8adc8a9f7795876da7d520eb21403e82a0328da8a483547b0554ded900
881ee1147b2da2170ba4d8ae3b6cd32d5ba79a0997f83f7e4de3740f3c8fcf16
a10b9f692060424f649bd806b0f11ab9c2d60362561c4cfd229a3a9029179903
a3de8ed3fa02b79ed68e82036fa2ea551f4e691440a23fccc16bb8ac5236cf5e
bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a

ad-blocker-sentinel.com Open in urlscan Pro 172.67.214.200 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

75 %HTTPS

0 %IPv6

16 Domains

16 Subdomains

13 IPs

4 Countries

103 kBTransfer

368 kBSize

18 Cookies

2 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

18 Cookies

39 Console Messages

Security Headers

Indicators

ad-blocker-sentinel.com Open in urlscan Pro
172.67.214.200 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

75 %
HTTPS

0 %
IPv6

16
Domains

16
Subdomains

13
IPs

4
Countries

103 kB
Transfer

368 kB
Size

18
Cookies

24 HTTP transactions
0 data transactions