urlscan.io logo urlscan.io
SecurityTrails logo

ologyadblock.pro Open in urlscan Pro
188.114.96.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://rb.gy/hl440x
Effective URL: https://ologyadblock.pro/extension.php?ij=cfprvf7UJN&jj=3&iq=4_&im=6606c406c100d40001904edf&il=pr
Submission: On March 29 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 9 domains to perform 4 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is ologyadblock.pro.
TLS certificate: Issued by GTS CA 1P5 on February 19th 2024. Valid for: 3 months.
This is the only time ologyadblock.pro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.2.255.190 14618 (AMAZON-AES)
2 2 188.114.97.3 13335 (CLOUDFLAR...)
1 2 188.114.96.3 13335 (CLOUDFLAR...)
2 3 172.67.206.138 13335 (CLOUDFLAR...)
1 1 34.147.21.42 396982 (GOOGLE-CL...)
1 104.16.86.20 13335 (CLOUDFLAR...)
1 172.67.210.219 13335 (CLOUDFLAR...)
4 4
1    52.2.255.190 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-255-190.compute-1.amazonaws.com
rb.gy
2    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
www.dkor33.com
x.s788n.com
2    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
46j3w.com
ologyadblock.pro
3    172.67.206.138 (United States)

ASN13335 (CLOUDFLARENET, US)
predictionds.com
1    34.147.21.42 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 42.21.147.34.bc.googleusercontent.com
tracking.pretrackings.com
1    104.16.86.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    172.67.210.219 (United States)

ASN13335 (CLOUDFLARENET, US)
adblockology.com
Apex Domain
Subdomains		 Transfer
3 predictionds.com
predictionds.com
5 KB
1 adblockology.com
adblockology.com — Cisco Umbrella Rank: 527056
5 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 310
29 KB
1 ologyadblock.pro
ologyadblock.pro
2 KB
1 pretrackings.com
tracking.pretrackings.com — Cisco Umbrella Rank: 205500
252 B
1 s788n.com
x.s788n.com
511 B
1 46j3w.com
46j3w.com
687 B
1 dkor33.com
www.dkor33.com
747 B
1 rb.gy
rb.gy — Cisco Umbrella Rank: 104007
192 B
4 9
Domain Requested by
3 predictionds.com 2 redirects
1 adblockology.com
1 cdn.jsdelivr.net ologyadblock.pro
1 ologyadblock.pro predictionds.com
1 tracking.pretrackings.com 1 redirects
1 x.s788n.com 1 redirects
1 46j3w.com 1 redirects
1 www.dkor33.com 1 redirects
1 rb.gy 1 redirects
4 9

This site contains links to these domains. Also see Links.

Domain
adblockology.com
Subject Issuer Validity Valid
predictionds.com
GTS CA 1P5		 2024-01-30 -
2024-04-29		 3 months crt.sh
ologyadblock.pro
GTS CA 1P5		 2024-02-19 -
2024-05-19		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
adblockology.com
E1		 2024-02-15 -
2024-05-15		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ologyadblock.pro/extension.php?ij=cfprvf7UJN&jj=3&iq=4_&im=6606c406c100d40001904edf&il=pr
Frame ID: 12A7589EFA8051E5B549A4E87CCA6B64
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ad Blocker for Google & Youtube

Page URL History Show full URLs

  1. http://rb.gy/hl440x HTTP 307
    https://rb.gy/hl440x HTTP 301
    https://www.dkor33.com/scripts/un981c6l?a_aid=19d01f4d&a_bid=1aea1ad5 HTTP 301
    https://46j3w.com/g?visitorid=5c6ec029db44beacffdPhdP1s5mnYRJ6&refid=19d01f4d&bannerid=1aea1ad... HTTP 302
    https://x.s788n.com/click?pid=6&offer_id=620&ref_id=5c6ec029db44beacffdPhdP1s5mnYRJ6_19d01f4d_1a... HTTP 302
    https://predictionds.com/jump/next.php?r=3052727&sub1=pcpa1-619d01f4d-620-5f0f018d2bdea5690c593f07 Page URL
  2. https://predictionds.com/jump/next.php?stamat=m%257CZ_o3ent2aQdH8AH0dEdHP3xP.749%252CS0kXXHXf2ck-DOZ9... HTTP 302
    https://predictionds.com/script/i.php?t=1&c=23791352&stamat=m%257C%252C%252CAiZnd2IioGU3BE-GH0dEdHP3x... HTTP 302
    https://tracking.pretrackings.com/sl?id=65f332174393ddc149f00f99&pid=4&sub1=171171942910000TDETV413651817384Va... HTTP 302
    https://ologyadblock.pro/extension.php?ij=cfprvf7UJN&jj=3&iq=4_&im=6606c406c100d40001904edf&il=pr Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

9
Domains

9
Subdomains

4
IPs

3
Countries

39 kB
Transfer

205 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://rb.gy/hl440x HTTP 307
    https://rb.gy/hl440x HTTP 301
    https://www.dkor33.com/scripts/un981c6l?a_aid=19d01f4d&a_bid=1aea1ad5 HTTP 301
    https://46j3w.com/g?visitorid=5c6ec029db44beacffdPhdP1s5mnYRJ6&refid=19d01f4d&bannerid=1aea1ad5&extra_data1=&extra_data2= HTTP 302
    https://x.s788n.com/click?pid=6&offer_id=620&ref_id=5c6ec029db44beacffdPhdP1s5mnYRJ6_19d01f4d_1aea1ad5&sub1=19d01f4d&sub8=2024+NCAA+MARCH+MADNESS+GAMES+LIVE HTTP 302
    https://predictionds.com/jump/next.php?r=3052727&sub1=pcpa1-619d01f4d-620-5f0f018d2bdea5690c593f07 Page URL
  2. https://predictionds.com/jump/next.php?stamat=m%257CZ_o3ent2aQdH8AH0dEdHP3xP.749%252CS0kXXHXf2ck-DOZ9HRvwuM9aL_G46JdZU-2oa3bmXM-jNynSUdHe-QzhcsxloyCG970MuY8_D0alXAqGPVgVnchtbdLArCauteupz7QHBbd7XYLblpAPgKUTC0yzqqEi&cbpage=https://predictionds.com/jump/next.php?r=3052727&sub1=pcpa1-619d01f4d-620-5f0f018d2bdea5690c593f07&cbur=0.5789147483780688&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1113&cbdescription=&cbkeywords=&cbref= HTTP 302
    https://predictionds.com/script/i.php?t=1&c=23791352&stamat=m%257C%252C%252CAiZnd2IioGU3BE-GH0dEdHP3xP.843%252C-5PMP_2wh92Yl8oFCryoszTAjkySEpGdmvhFl_P2aOpUygxhWtMfDwG_DR9Qr4ivLWkNJ58XAtd4gZIs0OEEwF5R56cdiL2kPVQ2gcnG8KEJghQ2toVrE77OkQklYxVWYBxILWgGKMN_1VSmj3Eb4j1Cj8TZN2fL2ohMJzVnwYac5jMJl1ZTgvdxwsqRp7c0a6mfHiiWOiPcvPVOIuou8ls2ruZ28q0QcKVfawMgLCCKVVJiRx8craqNjDitapI4ZMlsusRnH7D5M8Kc3ieVS48J0AVSEdInFoVkBFdUsQzaJFrquDW9Xh0efk2Cz9fiyZa0tlxNJg07gyq9LhFIHKYsD_YvP0fmhpXJg09pIsswpyuv03jxAwCXUUi-v21dH-1gS2zltyPNDm2k3XjRczdwazHcu1hrbZS75iwEZZEkHQKpkUHxvXu9r_3NmTzSY3EnkYrAn7XgM5lllE8ReGv7r-Qj6zVu9Ys3bq-BX62odcTeSxa1d2keOWmqBiSj6OVsF1gmD1JjgCyYGVuSsyIFUQPlsCwBcA08EmIKu6wuX7jJpvNAREuMMTSPnYGNuH06wZRTxX7qnwrAo3I2eN8tTg5VFifvW9NKEZMZ9ROjmshlQrl-4qcQn9GuE1sng9pJWpQod3PxPgdmMZ1F05uzM6tejCuC8WeLLMaAr88%252C HTTP 302
    https://tracking.pretrackings.com/sl?id=65f332174393ddc149f00f99&pid=4&sub1=171171942910000TDETV413651817384Va8&SUB2=3052727-2712103845-0 HTTP 302
    https://ologyadblock.pro/extension.php?ij=cfprvf7UJN&jj=3&iq=4_&im=6606c406c100d40001904edf&il=pr Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://rb.gy/hl440x HTTP 307
  • https://rb.gy/hl440x HTTP 301
  • https://www.dkor33.com/scripts/un981c6l?a_aid=19d01f4d&a_bid=1aea1ad5 HTTP 301
  • https://46j3w.com/g?visitorid=5c6ec029db44beacffdPhdP1s5mnYRJ6&refid=19d01f4d&bannerid=1aea1ad5&extra_data1=&extra_data2= HTTP 302
  • https://x.s788n.com/click?pid=6&offer_id=620&ref_id=5c6ec029db44beacffdPhdP1s5mnYRJ6_19d01f4d_1aea1ad5&sub1=19d01f4d&sub8=2024+NCAA+MARCH+MADNESS+GAMES+LIVE HTTP 302
  • https://predictionds.com/jump/next.php?r=3052727&sub1=pcpa1-619d01f4d-620-5f0f018d2bdea5690c593f07

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
next.php
predictionds.com/jump/
Redirect Chain
  • http://rb.gy/hl440x
  • https://rb.gy/hl440x
  • https://www.dkor33.com/scripts/un981c6l?a_aid=19d01f4d&a_bid=1aea1ad5
  • https://46j3w.com/g?visitorid=5c6ec029db44beacffdPhdP1s5mnYRJ6&refid=19d01f4d&bannerid=1aea1ad5&extra_data1=&extra_data2=
  • https://x.s788n.com/click?pid=6&offer_id=620&ref_id=5c6ec029db44beacffdPhdP1s5mnYRJ6_19d01f4d_1aea1ad5&sub1=19d01f4d&sub8=2024+NCAA+MARCH+MADNESS+GAMES+LIVE
  • https://predictionds.com/jump/next.php?r=3052727&sub1=pcpa1-619d01f4d-620-5f0f018d2bdea5690c593f07
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://predictionds.com/jump/next.php?r=3052727&sub1=pcpa1-619d01f4d-620-5f0f018d2bdea5690c593f07
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.138 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86c040c35e745d69-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 29 Mar 2024 13:37:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TFlHPYG0pOmBgv8ISXYkKT4urDTKrxdVDg1zKt%2BIK8KZKdF%2F3w%2B9ZpBofreXuvvsY0zafynZHkRdzgI2CYvkbfQWblswoGh9Y0GKFA0t7IQuSyhyNkIcbAnyY8skmB5VAY67"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86c040c2bc7818d5-FRA
content-length
0
date
Fri, 29 Mar 2024 13:37:09 GMT
location
https://predictionds.com/jump/next.php?r=3052727&sub1=pcpa1-619d01f4d-620-5f0f018d2bdea5690c593f07
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cL%2B05g6fUzQTVqpveqlOKLFzOo%2Bi6u8QwM2zlqYyfaE2HRSrK1iMj09x5epcjmz8skZDDouRi%2FlDjBIuvF502YV7qPM44m1mca0m8IXNdR7KcUkPpTbmcgTZKwKvBg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-adjust-use-original-forwarded-for
1
Primary Request extension.php
ologyadblock.pro/
Redirect Chain
  • https://predictionds.com/jump/next.php?stamat=m%257CZ_o3ent2aQdH8AH0dEdHP3xP.749%252CS0kXXHXf2ck-DOZ9HRvwuM9aL_G46JdZU-2oa3bmXM-jNynSUdHe-QzhcsxloyCG970MuY8_D0alXAqGPVgVnchtbdLArCauteupz7QHBbd7XYLb...
  • https://predictionds.com/script/i.php?t=1&c=23791352&stamat=m%257C%252C%252CAiZnd2IioGU3BE-GH0dEdHP3xP.843%252C-5PMP_2wh92Yl8oFCryoszTAjkySEpGdmvhFl_P2aOpUygxhWtMfDwG_DR9Qr4ivLWkNJ58XAtd4gZIs0OEEwF...
  • https://tracking.pretrackings.com/sl?id=65f332174393ddc149f00f99&pid=4&sub1=171171942910000TDETV413651817384Va8&SUB2=3052727-2712103845-0
  • https://ologyadblock.pro/extension.php?ij=cfprvf7UJN&jj=3&iq=4_&im=6606c406c100d40001904edf&il=pr
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ologyadblock.pro/extension.php?ij=cfprvf7UJN&jj=3&iq=4_&im=6606c406c100d40001904edf&il=pr
Requested by
Host: predictionds.com
URL: https://predictionds.com/jump/next.php?r=3052727&sub1=pcpa1-619d01f4d-620-5f0f018d2bdea5690c593f07
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48bcb7ecb8bca40e505b32b051060cca8cab7188b05675ae65b084b0110c202a

Request headers

Referer
https://predictionds.com/jump/next.php?r=3052727&sub1=pcpa1-619d01f4d-620-5f0f018d2bdea5690c593f07
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86c040c78b432c77-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 29 Mar 2024 13:37:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CxEyucr9Yrf3dvs22obM4shYeb2w3DX%2BNHWIiNfpbszrlL7rPeNQfFcLM7THh6PyxSVUGRm%2Bg%2FPjj%2BeTIb86%2F4PKU18WIDJh9ViLTpgtUQYKOfzsMPudUDN3%2B82t3fxaj187"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

access-control-allow-origin
*
content-length
0
date
Fri, 29 Mar 2024 13:37:10 GMT
location
https://ologyadblock.pro/extension.php?ij=cfprvf7UJN&jj=3&iq=4_&im=6606c406c100d40001904edf&il=pr
server
nginx
x-adjust-use-original-forwarded-for
1
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/ 		190 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css
Requested by
Host: ologyadblock.pro
URL: https://ologyadblock.pro/extension.php?ij=cfprvf7UJN&jj=3&iq=4_&im=6606c406c100d40001904edf&il=pr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ologyadblock.pro/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 13:37:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1375453
x-jsd-version
5.2.3
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230122-FRA, cache-lga21962-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"2f955-d5HdHzFzoNYsw5wh0q1x/I2tDnI"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y0wY5m5ab2FIiC%2BpfUecIdqbmxagdFfU1Bsb6WgCb0Z9eBRwV8XZD5j65hcezezPBBAuUn8ozadGwyOc%2FHY9SdNYT%2FeqVoN8HB7exnzQy1oFkyC5LUMEKVtGM6KOtQzERCY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
86c040c86b6836dc-FRA
icon.png
adblockology.com/images/ 		5 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://adblockology.com/images/icon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.210.219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fd6add534d0a1d09d603ce90745cd23347b86ceb516a253932af9860d9a0c87

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ologyadblock.pro/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 13:37:10 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 21 Jun 2023 16:46:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6493295a-1391"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BEXptWu4jAcipk9pd10lAFHNxbnx1SBygSJTPOqrMsGpHL5vIYJkkCwrV7pF6O8zTGKbeVcVaPlyTdKY15vBJieZu%2FtIruRqGi%2F4uJbqOKE6yXKZaMZNz7z0UdK5uFbyQDY%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/png
accept-ranges
bytes
cf-ray
86c040c8d8268fec-FRA
alt-svc
h3=":443"; ma=86400
content-length
5009

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal

4 Cookies

Domain/Path Name / Value
www.dkor33.com/ Name: PAPAffiliateId
Value: 19d01f4d
www.dkor33.com/ Name: PAPVisitorId
Value: 5c6ec029db44beacffdPhdP1s5mnYRJ6
tracking.pretrackings.com/ Name: afclick
Value: 6606c406c100d40001904edf
.ologyadblock.pro/ Name: _asd
Value: 17117194308470523