download-adblock-zen.com
Open in
urlscan Pro
104.21.73.232
Public Scan
Effective URL: https://download-adblock-zen.com/step.html?an=ac&cid=169044294710000TAUTV411206289024V10&sid=3052727-1455916328-0
Submission: On July 27 via manual from AU — Scanned from AU
Summary
TLS certificate: Issued by E1 on July 11th 2023. Valid for: 3 months.
This is the only time download-adblock-zen.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 104.20.138.65 104.20.138.65 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 172.67.220.40 172.67.220.40 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 104.21.30.11 104.21.30.11 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 104.21.70.32 104.21.70.32 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 3 | 35.201.70.46 35.201.70.46 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
5 | 104.21.73.232 104.21.73.232 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
10 | 3 |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 46.70.201.35.bc.googleusercontent.com
directdexchange.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
download-adblock-zen.com
download-adblock-zen.com — Cisco Umbrella Rank: 356655 |
53 KB |
3 |
directdexchange.com
2 redirects
directdexchange.com |
4 KB |
1 |
u1pmt.com
1 redirects
t.u1pmt.com — Cisco Umbrella Rank: 848646 |
499 B |
1 |
44tdfa.com
1 redirects
44tdfa.com — Cisco Umbrella Rank: 709593 |
734 B |
1 |
56srts.com
1 redirects
www.56srts.com |
738 B |
1 |
tinyurl.com
1 redirects
tinyurl.com — Cisco Umbrella Rank: 17698 |
561 B |
0 |
Failed
function sub() { [native code] }. Failed |
|
10 | 7 |
Domain | Requested by | |
---|---|---|
5 | download-adblock-zen.com |
directdexchange.com
download-adblock-zen.com |
3 | directdexchange.com | 2 redirects |
1 | t.u1pmt.com | 1 redirects |
1 | 44tdfa.com | 1 redirects |
1 | www.56srts.com | 1 redirects |
1 | tinyurl.com | 1 redirects |
0 | inlagmoihfomigcaklkfljlgjmomijji Failed |
download-adblock-zen.com
|
10 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
adblock-zen.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
directdexchange.com Sectigo RSA Domain Validation Secure Server CA |
2023-01-25 - 2024-01-25 |
a year | crt.sh |
download-adblock-zen.com E1 |
2023-07-11 - 2023-10-09 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://download-adblock-zen.com/step.html?an=ac&cid=169044294710000TAUTV411206289024V10&sid=3052727-1455916328-0
Frame ID: BC05811D09C3F1AA28898DB6E111E26A
Requests: 10 HTTP requests in this frame
Screenshot
Page Title
Download readyPage URL History Show full URLs
-
https://tinyurl.com/w5658wfa
HTTP 301
https://www.56srts.com/scripts/un981c6l?a_aid=5bc3eb59&a_bid=ed819bbf&chan=code5 HTTP 301
https://44tdfa.com/g?visitorid=c5284641314ae1347282c4e4WaHV6rvM&refid=5bc3eb59&bannerid=ed819bb... HTTP 302
https://t.u1pmt.com/click?pid=6&offer_id=620&ref_id=c5284641314ae1347282c4e4WaHV6rvM_5bc3eb59_ed... HTTP 302
https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-65bc3eb59-620-5f0f018d2bdea5690c593f07 Page URL
-
https://directdexchange.com/jump/next.php?stamat=m%257CZ7YhF-N2aQdH8AH0dEdHP3xP.24c%252CS0kXXHXf2ck-DOZ9...
HTTP 302
https://directdexchange.com/script/i.php?t=1&stamat=m%257C%252C%252CQjFuY2FqtGU3BJ-GH0dEdHP3xP.e38%252C1... HTTP 302
https://download-adblock-zen.com/step.html?an=ac&cid=169044294710000TAUTV411206289024V10&sid=3052727-14559163... Page URL
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: Terms
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Uninstall
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://tinyurl.com/w5658wfa
HTTP 301
https://www.56srts.com/scripts/un981c6l?a_aid=5bc3eb59&a_bid=ed819bbf&chan=code5 HTTP 301
https://44tdfa.com/g?visitorid=c5284641314ae1347282c4e4WaHV6rvM&refid=5bc3eb59&bannerid=ed819bbf&extra_data1=&extra_data2= HTTP 302
https://t.u1pmt.com/click?pid=6&offer_id=620&ref_id=c5284641314ae1347282c4e4WaHV6rvM_5bc3eb59_ed819bbf&sub1=5bc3eb59&sub8=2023+FIFA+WOMEN+WORLD+CUP HTTP 302
https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-65bc3eb59-620-5f0f018d2bdea5690c593f07 Page URL
-
https://directdexchange.com/jump/next.php?stamat=m%257CZ7YhF-N2aQdH8AH0dEdHP3xP.24c%252CS0kXXHXf2ck-DOZ9HRvwuM9aL_G46JdZU-2oa3bmXM-jNynSUdHe-QzhcsxloyCGqRoRRneeU4kcHaqtVfZlCVe9xltQ6vrltsZrlkkWTdgMBoUwZ4FCx_tMDIDNwvog&cbpage=https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-65bc3eb59-620-5f0f018d2bdea5690c593f07&cbur=0.25165265449228613&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=
HTTP 302
https://directdexchange.com/script/i.php?t=1&stamat=m%257C%252C%252CQjFuY2FqtGU3BJ-GH0dEdHP3xP.e38%252C1bMzTU8uYrYqK1IilJYAycYfT473N5oi3KPBDa6XVTT18vLPIvEoMUm0l-2G-zWB3SHCMPMgw9cgM6A0EA3CF-A_4PN3pUJFyX5lsXFYoiq_b518l462SKC7e5TmtslCaa0Bu5uptVlNhSOg7Mt473iUfdP7kTpLbRzR6OK_6srfPXmQfcMVlQUffr1JDdAMEveLT1H6_BXi45KbeuI4d7tjF5v6sKQT9-FcWcciL2EN8rQLHoxYiBnRM4hJwiMhuYa376WoolxBS3d8ZYaLkQbUs0RHJnmZoW0ucOvIMRZCSGK5oPrAZTBfqaXpUuBl6JqtM3NRaXNX8RQyyOC-GfDbcro95LLGVcuNdBW2pBXuBq9-B6_fixXTn_J13P70mWAdlgtmfpQ4yovDODUVA7OHlRP4lA1o8b-PR84VzgxAOPppvdF3SPt724LbNHRHT6l2VVH8mxPovapVT7hO-WzBXGWksu7T4n1IdfEouJ4Wfr-aUFjjIy9P5sD0kMIcnZc11DlGAK4nYDO4ps8Oev-eXLOBGihkJBVaEjcKEWiNnX2W5-giucJARavsbuqWQCStQ5sIa_FkK-xto_-A2pRhMHg_H9M9Lkpvgzh-_W1v6IM-C6v7tAJlJe8qRJYdOWl0UgRzQ9RrD8_vO-w1Gg%252C%252C HTTP 302
https://download-adblock-zen.com/step.html?an=ac&cid=169044294710000TAUTV411206289024V10&sid=3052727-1455916328-0 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://tinyurl.com/w5658wfa HTTP 301
- https://www.56srts.com/scripts/un981c6l?a_aid=5bc3eb59&a_bid=ed819bbf&chan=code5 HTTP 301
- https://44tdfa.com/g?visitorid=c5284641314ae1347282c4e4WaHV6rvM&refid=5bc3eb59&bannerid=ed819bbf&extra_data1=&extra_data2= HTTP 302
- https://t.u1pmt.com/click?pid=6&offer_id=620&ref_id=c5284641314ae1347282c4e4WaHV6rvM_5bc3eb59_ed819bbf&sub1=5bc3eb59&sub8=2023+FIFA+WOMEN+WORLD+CUP HTTP 302
- https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-65bc3eb59-620-5f0f018d2bdea5690c593f07
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
next.php
directdexchange.com/jump/ Redirect Chain
|
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
step.html
download-adblock-zen.com/ Redirect Chain
|
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
step_1.png
download-adblock-zen.com/img/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
step_2.png
download-adblock-zen.com/img/ |
21 KB 21 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
step_3.png
download-adblock-zen.com/img/ |
17 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ChromeWebStore_Badge_v2_340x96.png
download-adblock-zen.com/img/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
128.png
inlagmoihfomigcaklkfljlgjmomijji/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
128.png
inlagmoihfomigcaklkfljlgjmomijji/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
128.png
inlagmoihfomigcaklkfljlgjmomijji/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
128.png
inlagmoihfomigcaklkfljlgjmomijji/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- inlagmoihfomigcaklkfljlgjmomijji
- URL
- chrome-extension://inlagmoihfomigcaklkfljlgjmomijji/128.png
- Domain
- inlagmoihfomigcaklkfljlgjmomijji
- URL
- chrome-extension://inlagmoihfomigcaklkfljlgjmomijji/128.png
- Domain
- inlagmoihfomigcaklkfljlgjmomijji
- URL
- chrome-extension://inlagmoihfomigcaklkfljlgjmomijji/128.png
- Domain
- inlagmoihfomigcaklkfljlgjmomijji
- URL
- chrome-extension://inlagmoihfomigcaklkfljlgjmomijji/128.png
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| popupchrome function| f string| navlangue number| e string| id2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.56srts.com/ | Name: PAPAffiliateId Value: 5bc3eb59 |
|
www.56srts.com/ | Name: PAPVisitorId Value: c5284641314ae1347282c4e4WaHV6rvM |
8 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
44tdfa.com
directdexchange.com
download-adblock-zen.com
inlagmoihfomigcaklkfljlgjmomijji
t.u1pmt.com
tinyurl.com
www.56srts.com
inlagmoihfomigcaklkfljlgjmomijji
104.20.138.65
104.21.30.11
104.21.70.32
104.21.73.232
172.67.220.40
35.201.70.46
0453a0a49a237c3a9ac4a6e79e084e88e8c0c58f8fda6b10d55d1c15ebdd6971
2f46d4349ef23c1ee864d67f597bbe9d9a83c6ffc86dc272d22bacad56121351
b76fca3a9a76bc787cba62e2376ef320550e337684e1ca090136bf3675822f55
e81c1674068574a69ed9bfa2d691a55b95b1140b3531157e1f25682a57b23784
f49e4bff319083c20b3386f23547315773631e155e389ed42550295e4913e12d