![](/screenshots/021b8f4b-3f9f-4be5-9315-d4f5aed4ea3a.png)
adblock-one-protection.com
Open in
urlscan Pro
2606:4700:3036::6815:4be1
Public Scan
Effective URL: https://adblock-one-protection.com/notification.html?an=ac&cid=168211334210000TDETV4890885624V5ccf&sid=3052727-689437888-0
Submission Tags: falconsandbox
Submission: On April 21 via api from US — Scanned from NL
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 27th 2023. Valid for: a year.
This is the only time adblock-one-protection.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 2606:4700:303... 2606:4700:3030::ac43:ca25 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 2606:4700:303... 2606:4700:3031::ac43:c38a | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 3 | 35.201.70.46 35.201.70.46 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
4 | 2606:4700:303... 2606:4700:3036::6815:4be1 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2a00:1450:400... 2a00:1450:4001:812::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:82f::2003 | 15169 (GOOGLE) (GOOGLE) | |
12 | 5 |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 46.70.201.35.bc.googleusercontent.com
directdexchange.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
adblock-one-protection.com
adblock-one-protection.com — Cisco Umbrella Rank: 122496 |
25 KB |
3 |
directdexchange.com
2 redirects
directdexchange.com |
3 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 119 |
2 KB |
1 |
gstatic.com
fonts.gstatic.com |
44 KB |
1 |
tffkroute.com
1 redirects
go.tffkroute.com — Cisco Umbrella Rank: 437557 |
535 B |
1 |
331hwh.com
1 redirects
331hwh.com — Cisco Umbrella Rank: 388329 |
746 B |
1 |
2ue82.com
1 redirects
www.2ue82.com — Cisco Umbrella Rank: 536106 |
822 B |
1 |
filegot.site
1 redirects
filegot.site |
644 B |
0 |
Failed
function sub() { [native code] }. Failed |
|
12 | 9 |
Domain | Requested by | |
---|---|---|
4 | adblock-one-protection.com |
directdexchange.com
adblock-one-protection.com |
3 | directdexchange.com | 2 redirects |
2 | fonts.googleapis.com |
adblock-one-protection.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | go.tffkroute.com | 1 redirects |
1 | 331hwh.com | 1 redirects |
1 | www.2ue82.com | 1 redirects |
1 | filegot.site | 1 redirects |
0 | fihgokmkngdlhbfhkcfpddknldflggpc Failed |
adblock-one-protection.com
|
12 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
adblock-guru.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
directdexchange.com Sectigo RSA Domain Validation Secure Server CA |
2023-01-25 - 2024-01-25 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-02-27 - 2024-02-26 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-04-03 - 2023-06-26 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-04-03 - 2023-06-26 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://adblock-one-protection.com/notification.html?an=ac&cid=168211334210000TDETV4890885624V5ccf&sid=3052727-689437888-0
Frame ID: 2153F255E3B91DA291F7A259937A4FCC
Requests: 13 HTTP requests in this frame
Screenshot
![](/screenshots/021b8f4b-3f9f-4be5-9315-d4f5aed4ea3a.png)
Page Title
Chrome NotificationPage URL History Show full URLs
-
https://filegot.site/all_ebook/EL%20D%C3%8DA%20QUE%20MI%20VIDA%20CAY%C3%93%20-%20CALL%C3%93%20de%...
HTTP 302
https://www.2ue82.com/scripts/un981c6l?a_aid=45102607&a_bid=e97084f5&data1=EL+D%C3%8DA+QUE+MI+VIDA... HTTP 301
https://331hwh.com/g?visitorid=e58fef1dc89b103a9ffedbbd94nRfA6Z&refid=45102607&bannerid=e97084f... HTTP 302
https://go.tffkroute.com/click?pid=6&offer_id=618&ref_id=e58fef1dc89b103a9ffedbbd94nRfA6Z_45102607_e9... HTTP 302
https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-645102607-618-5f0f018d2bdea5690c593f07 Page URL
-
https://directdexchange.com/jump/next.php?stamat=m%257CanNiPyo2aQdH8AH0dEdHP3xP.e91%252CS0kXXHXf2ck-DOZ9...
HTTP 302
https://directdexchange.com/script/i.php?t=1&stamat=m%257C%252C%252Cg3Y_oiF-tGU3B0-GH0dEdHP3xP.542%252CR... HTTP 302
https://adblock-one-protection.com/notification.html?an=ac&cid=168211334210000TDETV4890885624V5ccf&sid=3052727-... Page URL
Detected technologies
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Privacy Policy.
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://filegot.site/all_ebook/EL%20D%C3%8DA%20QUE%20MI%20VIDA%20CAY%C3%93%20-%20CALL%C3%93%20de%20Milagros%20Rodr%C3%ADguez
HTTP 302
https://www.2ue82.com/scripts/un981c6l?a_aid=45102607&a_bid=e97084f5&data1=EL+D%C3%8DA+QUE+MI+VIDA+CAY%C3%93+-+CALL%C3%93+de+Milagros+Rodr%C3%ADguez HTTP 301
https://331hwh.com/g?visitorid=e58fef1dc89b103a9ffedbbd94nRfA6Z&refid=45102607&bannerid=e97084f5&extra_data1=EL%20D%C3%8DA%20QUE%20MI%20VIDA%20CAY%C3%93%20-%20CALL%C3%93%20de%20Milagros%20Rodr%C3%ADguez&extra_data2= HTTP 302
https://go.tffkroute.com/click?pid=6&offer_id=618&ref_id=e58fef1dc89b103a9ffedbbd94nRfA6Z_45102607_e97084f5&sub1=45102607 HTTP 302
https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-645102607-618-5f0f018d2bdea5690c593f07 Page URL
-
https://directdexchange.com/jump/next.php?stamat=m%257CanNiPyo2aQdH8AH0dEdHP3xP.e91%252CS0kXXHXf2ck-DOZ9HRvwuM9aL_G46JdZU-2oa3bmXM-jNynSUdHe-QzhcsxloyCGmcVKhZZznLrEMUxctuUupjAfmzX1cNWDPl323PyIb2-09y0nlQU-FME0vTE1PCaI&cbpage=https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-645102607-618-5f0f018d2bdea5690c593f07&cbur=0.47819866507854103&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=
HTTP 302
https://directdexchange.com/script/i.php?t=1&stamat=m%257C%252C%252Cg3Y_oiF-tGU3B0-GH0dEdHP3xP.542%252CRZjXDVxBEL86XeD6sDkIUfH7BujyzEtKnFFZFo-evgiiUTE1pc1O2ygFo50o2eFAwGWkThIAPfclBM5CjmW3shsOA56EHDNEevqICvTWAvy9GB743_U87i_OFsX-LxBIEW6wFIB8NkzQsC9sRTCUUbO3dfOQF-AksjRvgqqTrPWw6XVDxVT9xVfQbbpLn86CDRKlNrAj2H7iw85dNbzG-ezugnkOaLY69B5nuvLHIwj7EWOFVOUN40e2axItLfwUhaEIy3q80tD86LN3ffLqtpsY6IVNgPhSNR3IQU-BXEFw2o4--mF7ynKBjKJfJeP01qg_GoYDBLDxK4IVd_jbK4XtpuUFig9ErJ4hrykGDrPAHkY7qSW73WZjY1kt0jnnwmXg05uu6_jQyndXSTUg_wi5U_PvW-35gWZyW7WP9f6Zn3sUOeG7p8yGjVRdjWdgECR56IbO62OUkjAPe4xCxiOBfCeZQ3_xgejhXHLCqFzUP539ReWPmFG55_YUd4VoEV2GQGAvGtBdi0p7HZqS6zk4CytFlQ-0y0PRToE-vcuKrOPwyEpybseXYu9JYAq9LmHoceQ_AltRYZkFFzgyAd4XqE9jlid5NZwGG1iRJkU%252C HTTP 302
https://adblock-one-protection.com/notification.html?an=ac&cid=168211334210000TDETV4890885624V5ccf&sid=3052727-689437888-0 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://filegot.site/all_ebook/EL%20D%C3%8DA%20QUE%20MI%20VIDA%20CAY%C3%93%20-%20CALL%C3%93%20de%20Milagros%20Rodr%C3%ADguez HTTP 302
- https://www.2ue82.com/scripts/un981c6l?a_aid=45102607&a_bid=e97084f5&data1=EL+D%C3%8DA+QUE+MI+VIDA+CAY%C3%93+-+CALL%C3%93+de+Milagros+Rodr%C3%ADguez HTTP 301
- https://331hwh.com/g?visitorid=e58fef1dc89b103a9ffedbbd94nRfA6Z&refid=45102607&bannerid=e97084f5&extra_data1=EL%20D%C3%8DA%20QUE%20MI%20VIDA%20CAY%C3%93%20-%20CALL%C3%93%20de%20Milagros%20Rodr%C3%ADguez&extra_data2= HTTP 302
- https://go.tffkroute.com/click?pid=6&offer_id=618&ref_id=e58fef1dc89b103a9ffedbbd94nRfA6Z_45102607_e97084f5&sub1=45102607 HTTP 302
- https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-645102607-618-5f0f018d2bdea5690c593f07
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
next.php
directdexchange.com/jump/ Redirect Chain
|
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
notification.html
adblock-one-protection.com/ Redirect Chain
|
10 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chrome-notification-LP.css
adblock-one-protection.com/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
9 KB 824 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 1023 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gear.png
adblock-one-protection.com/img/ |
13 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ChromeWebStore_Badge_v2_340x96.png
adblock-one-protection.com/img/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
128.png
fihgokmkngdlhbfhkcfpddknldflggpc/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
128.png
fihgokmkngdlhbfhkcfpddknldflggpc/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
173 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ |
44 KB 44 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
128.png
fihgokmkngdlhbfhkcfpddknldflggpc/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
128.png
fihgokmkngdlhbfhkcfpddknldflggpc/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- fihgokmkngdlhbfhkcfpddknldflggpc
- URL
- chrome-extension://fihgokmkngdlhbfhkcfpddknldflggpc/128.png
- Domain
- fihgokmkngdlhbfhkcfpddknldflggpc
- URL
- chrome-extension://fihgokmkngdlhbfhkcfpddknldflggpc/128.png
- Domain
- fihgokmkngdlhbfhkcfpddknldflggpc
- URL
- chrome-extension://fihgokmkngdlhbfhkcfpddknldflggpc/128.png
- Domain
- fihgokmkngdlhbfhkcfpddknldflggpc
- URL
- chrome-extension://fihgokmkngdlhbfhkcfpddknldflggpc/128.png
Verdicts & Comments Add Verdict or Comment
7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless function| popupchrome undefined| source string| navlangue number| checker function| chromeinitcontrol function| g3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
filegot.site/ | Name: asdfgh_all_ebook Value: 0 |
|
www.2ue82.com/ | Name: PAPAffiliateId Value: 45102607 |
|
www.2ue82.com/ | Name: PAPVisitorId Value: e58fef1dc89b103a9ffedbbd94nRfA6Z |
10 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
331hwh.com
adblock-one-protection.com
directdexchange.com
fihgokmkngdlhbfhkcfpddknldflggpc
filegot.site
fonts.googleapis.com
fonts.gstatic.com
go.tffkroute.com
www.2ue82.com
fihgokmkngdlhbfhkcfpddknldflggpc
2606:4700:3030::ac43:ca25
2606:4700:3031::ac43:c38a
2606:4700:3036::6815:4be1
2a00:1450:4001:812::200a
2a00:1450:4001:82f::2003
2a06:98c1:3120::3
35.201.70.46
183dd3c151874d6f696b780a54e23ab7524fd73e0418c1fb81b6f78e47729c02
39fa995445040bd37f19d9231733b24e6f18318c992a80898e27bef4bc93f8d8
6004485d4591d0541dae0fcd5d1f0acd0f045a438319dc512553daececdfd420
645e41afbf4e7695701ba89aba51d02bb1ce50d507f420a87c49c118ff36ded4
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8e32d99e816a42958b9473f470a2600963602981007576d85220044e6137965b
b65b92da8ef150f21fca355bb79a852862ead18e54a8b675b708dc65caf5e5ad
f49e4bff319083c20b3386f23547315773631e155e389ed42550295e4913e12d