![](/screenshots/0216839b-078e-4d3b-8be9-6e2471c440d8.png)
pro-windows-replacement-ca.xyz
Open in
urlscan Pro
64.190.62.22
Public Scan
Submission Tags: @phishunt_io
Submission: On March 01 via api from DE — Scanned from CA
Summary
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G2 on March 1st 2024. Valid for: a year.
This is the only time pro-windows-replacement-ca.xyz was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 64.190.62.22 64.190.62.22 | 47846 (SEDO-AS) (SEDO-AS) | |
3 | 64.190.63.136 64.190.63.136 | 47846 (SEDO-AS) (SEDO-AS) | |
1 | 142.250.12.155 142.250.12.155 | 15169 (GOOGLE) (GOOGLE) | |
2 | 142.250.96.147 142.250.96.147 | 15169 (GOOGLE) (GOOGLE) | |
1 | 205.234.175.175 205.234.175.175 | 23352 (SERVERCEN...) (SERVERCENTRAL) | |
6 | 173.194.77.102 173.194.77.102 | 15169 (GOOGLE) (GOOGLE) | |
2 | 142.250.96.132 142.250.96.132 | 15169 (GOOGLE) (GOOGLE) | |
16 | 7 |
ASN15169 (GOOGLE, US)
PTR: ge-in-f155.1e100.net
pagead2.googlesyndication.com |
ASN15169 (GOOGLE, US)
PTR: gg-in-f147.1e100.net
www.google.com |
ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net
img.sedoparking.com |
ASN15169 (GOOGLE, US)
PTR: gc-in-f102.1e100.net
www.adsensecustomsearchads.com |
ASN15169 (GOOGLE, US)
PTR: gg-in-f132.1e100.net
afs.googleusercontent.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
adsensecustomsearchads.com
www.adsensecustomsearchads.com — Cisco Umbrella Rank: 2527 |
57 KB |
4 |
sedoparking.com
sedoparking.com — Cisco Umbrella Rank: 55301 img.sedoparking.com — Cisco Umbrella Rank: 67337 |
89 KB |
2 |
googleusercontent.com
afs.googleusercontent.com — Cisco Umbrella Rank: 9742 |
1 KB |
2 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
53 KB |
1 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 |
2 KB |
1 |
pro-windows-replacement-ca.xyz
pro-windows-replacement-ca.xyz |
780 B |
16 | 6 |
Domain | Requested by | |
---|---|---|
6 | www.adsensecustomsearchads.com |
www.google.com
www.adsensecustomsearchads.com |
3 | sedoparking.com |
pro-windows-replacement-ca.xyz
sedoparking.com |
2 | afs.googleusercontent.com | |
2 | www.google.com |
pagead2.googlesyndication.com
sedoparking.com |
1 | img.sedoparking.com |
sedoparking.com
|
1 | pagead2.googlesyndication.com |
sedoparking.com
|
1 | pro-windows-replacement-ca.xyz | |
16 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
pro-windows-replacement-ca.xyz Encryption Everywhere DV TLS CA - G2 |
2024-03-01 - 2025-03-02 |
a year | crt.sh |
sedoparking.com Encryption Everywhere DV TLS CA - G2 |
2024-01-05 - 2025-01-05 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
*.cachefly.net GlobalSign RSA OV SSL CA 2018 |
2023-11-13 - 2024-12-14 |
a year | crt.sh |
misc-sni.google.com GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
*.googleusercontent.com GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
This page contains 4 frames:
Primary Page:
https://pro-windows-replacement-ca.xyz/
Frame ID: E28F94E64C1C8236EA225650BAF264E6
Requests: 4 HTTP requests in this frame
Frame:
https://sedoparking.com/search/registrar.php?domain=pro-windows-replacement-ca.xyz&rpv=2®istrar=sedopark&gst=ChMIjsTJz6XThAMVUZiJBB26JAaREmABlLqpj7_o6BZ9CO8j1buYr_hjCbZdkEZKEg2Snj9w_OQ8hAOEkxi0RWu0UfH9ISzgoaoOJWSHMMi5E0Jm_6TUe3326T9-nayv1_f6uJjJD6j4gqulM68Twx8RBZ3jMJY&ref=
Frame ID: 315F150B9A73F5076237A28C310AF8EA
Requests: 7 HTTP requests in this frame
Frame:
https://www.adsensecustomsearchads.com/afs/ads/i/iframe.html
Frame ID: EA264C909F6D42DB203CC716246E03E2
Requests: 1 HTTP requests in this frame
Frame:
https://www.adsensecustomsearchads.com/afs/ads?adsafe=high&adtest=off&psid=8041558417&channel=cl-021%2Cexp-0051%2Cauxa-control-1&domain_name=pro-windows-replacement-ca.xyz&client=dp-sedo89_3ph&r=m&sc_status=0&hl=da&ivt=0&rpbu=https%3A%2F%2Fsedoparking.com%2Fcaf%2F%3Fses%3DY3JlPTE3MDkzMDQwMDMmdGNpZD1zZWRvcGFya2luZy5jb202NWUxZThjM2M2MGI0OS44Nzc4ODE4OSZ0YXNrPXNlYXJjaCZkb21haW49cHJvLXdpbmRvd3MtcmVwbGFjZW1lbnQtY2EueHl6JnJlZ2lzdHJhcj1zZWRvcGFyayZhX2lkPTMmc2Vzc2lvbj1kM1l0ZUJNdW9UWXM4XzZUYUhEYw%3D%3D%26domain%3Dpro-windows-replacement-ca.xyz&type=3&uiopt=false&swp=as-drid-2529860006851696&afdt=ChMIjsTJz6XThAMVUZiJBB26JAaREmABlLqpj7_o6BZ9CO8j1buYr_hjCbZdkEZKEg2Snj9w_OQ8hAOEkxi0RWu0UfH9ISzgoaoOJWSHMMi5E0Jm_6TUe3326T9-nayv1_f6uJjJD6j4gqulM68Twx8RBZ3jMJY&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301383%2C17301418%2C17301437%2C17301439%2C17301442%2C71847096&client_gdprApplies=0&format=r6%7Cs&nocache=7161709304004075&num=0&output=afd_ads&v=3&bsl=8&pac=2&u_his=2&u_tz=-480&dt=1709304004093&u_w=1600&u_h=1200&biw=-12245933&bih=-12245933&isw=1600&ish=1200&psw=1600&psh=1065&frm=2&uio=--&cont=rb-default&drt=0&jsid=caf&jsv=610814804&rurl=https%3A%2F%2Fsedoparking.com%2Fsearch%2Fregistrar.php%3Fdomain%3Dpro-windows-replacement-ca.xyz%26rpv%3D2%26registrar%3Dsedopark%26gst%3DChMIjsTJz6XThAMVUZiJBB26JAaREmABlLqpj7_o6BZ9CO8j1buYr_hjCbZdkEZKEg2Snj9w_OQ8hAOEkxi0RWu0UfH9ISzgoaoOJWSHMMi5E0Jm_6TUe3326T9-nayv1_f6uJjJD6j4gqulM68Twx8RBZ3jMJY%26ref%3D&referer=https%3A%2F%2Fpro-windows-replacement-ca.xyz%2F&lao=https%3A%2F%2Fpro-windows-replacement-ca.xyz
Frame ID: 181919B997E9669D3F64A3584819284F
Requests: 4 HTTP requests in this frame
Screenshot
![](/screenshots/0216839b-078e-4d3b-8be9-6e2471c440d8.png)
Page Title
pro-windows-replacement-ca.xyzDetected technologies
Detected patterns
- googlesyndication\.com/
Detected patterns
- [^a-z]mtc.*\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
pro-windows-replacement-ca.xyz/ |
1 KB 780 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
park.js
sedoparking.com/frmpark/pro-windows-replacement-ca.xyz/sedopark/ |
1 KB 795 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
show_afd_ads.js
pagead2.googlesyndication.com/apps/domainpark/ |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
www.google.com/dp/ |
179 B 695 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
registrar.php
sedoparking.com/search/ Frame 315F |
22 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
caf.js
www.google.com/adsense/domains/ Frame 315F |
141 KB 52 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arrows-1-colors-3.png
img.sedoparking.com/templates/bg/ Frame 315F |
80 KB 81 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe.html
www.adsensecustomsearchads.com/afs/ads/i/ Frame EA26 |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
www.adsensecustomsearchads.com/afs/ Frame 1819 |
22 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tsc.php
sedoparking.com/search/ Frame 315F |
0 61 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
caf.js
www.adsensecustomsearchads.com/adsense/domains/ Frame 1819 |
141 KB 51 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
search.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 1819 |
391 B 795 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chevron.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 1819 |
200 B 289 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gen_204
www.adsensecustomsearchads.com/afs/ Frame 315F |
0 19 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gen_204
www.adsensecustomsearchads.com/afs/ Frame 315F |
0 19 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gen_204
www.adsensecustomsearchads.com/afs/ Frame 315F |
0 19 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| google_afd_request object| setup object| contentContainer function| insertScript function| google_afd_ad_request_done function| loadGoogleToken function| loadContentFrame number| googleNDT_ number| googleAltLoader0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
afs.googleusercontent.com
img.sedoparking.com
pagead2.googlesyndication.com
pro-windows-replacement-ca.xyz
sedoparking.com
www.adsensecustomsearchads.com
www.google.com
142.250.12.155
142.250.96.132
142.250.96.147
173.194.77.102
205.234.175.175
64.190.62.22
64.190.63.136
17c7a89bf169c2ee400e31b042cea68513f06b9cd7d1e8990dbec800f0d771c7
3183ece214baebc626d6fbdccd393cb08ba7e6ef390077e0ed11a72575a1a0b0
3d0811a0b82d9eb1dc04827b109d12e3265e0eb119f33bacecf64d16d98ec923
6a5946ce45107cdc3bb8707394ab458f62456435df665d3072241243065ab216
809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1
8376e91176e4353e4050275a6cc1e22b354dac6a0f20f00da44885e8b5b3927f
bd1cfaf14c0acacbcca1f118f2338265896857c6d12ec2c3ed28883f647daf6a
bfd6eb2798b736a9c4f900eb7a0042f39c5f703204bfb06cbf6a6785448317fc
d98a86bd6c5122a798a849c5c173a5082e7224e2db7d4c79b84c89f39f9483b3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70c09d182294c8cc14976de6b30c52db6e53f9f10ec33bae3c595e6d7e2843b
e7ff091c85669b175de49d629d7d77bd20cd08d2c16ae74deef2ab06aec5854d
fe3e3a5e1331fa18c22314cbb2bc9c7e5eb7ddb5e01659d9e0d07f0ef97f3282