urlscan.io logo urlscan.io
SecurityTrails logo

adblockultra.com Open in urlscan Pro
2606:4700:3032::ac43:8402  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://capitalonae.com/
Effective URL: https://adblockultra.com/download.php?camp=AWbjhkewq54bhj&zo=100_3fcdbe2b-3fa7-44d2-86b5-aa8f5167c6b8&cid=624fa97eb9b33c0...
Submission: On April 08 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 10 domains to perform 11 HTTP transactions. The main IP is 2606:4700:3032::ac43:8402, located in United States and belongs to CLOUDFLARENET, US. The main domain is adblockultra.com. The Cisco Umbrella rank of the primary domain is 321150.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 15th 2021. Valid for: a year.
This is the only time adblockultra.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 23.82.12.34 30633 (LEASEWEB-...)
1 2 209.15.13.136 13768 (COGECO-PEER1)
1 2 108.168.193.189 36351 (SOFTLAYER)
1 1 18.195.123.247 16509 (AMAZON-02)
1 1 107.20.106.95 14618 (AMAZON-AES)
1 1 3.226.146.143 14618 (AMAZON-AES)
1 1 213.227.132.155 60781 (LEASEWEB-...)
5 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
11 6
2    23.82.12.34 (Alexandria, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
capitalonae.com
2    209.15.13.136 (Toronto, Canada)

ASN13768 (COGECO-PEER1, CA)
btpnative.com
2    108.168.193.189 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: bd.c1.a86c.ip4.static.sl-reverse.com
beta.mybetterck.com
1    18.195.123.247 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-123-247.eu-central-1.compute.amazonaws.com
dimessing-parker.com
1    107.20.106.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-106-95.compute-1.amazonaws.com
brko.admobe.com
1    3.226.146.143 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-146-143.compute-1.amazonaws.com
syncintenselydevelopedthefile.vip
1    213.227.132.155 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
tracking.prtrackings.com
5    2606:4700:3032::ac43:8402 (United States)

ASN13335 (CLOUDFLARENET, US)
adblockultra.com
2    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
Apex Domain
Subdomains		 Transfer
5 adblockultra.com
adblockultra.com — Cisco Umbrella Rank: 321150
19 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 436
34 KB
2 mybetterck.com
beta.mybetterck.com — Cisco Umbrella Rank: 212612
2 KB
2 btpnative.com
btpnative.com — Cisco Umbrella Rank: 125648
5 KB
2 capitalonae.com
capitalonae.com
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
1 KB
1 prtrackings.com
tracking.prtrackings.com — Cisco Umbrella Rank: 153109
330 B
1 syncintenselydevelopedthefile.vip
syncintenselydevelopedthefile.vip
394 B
1 admobe.com
brko.admobe.com
355 B
1 dimessing-parker.com
dimessing-parker.com — Cisco Umbrella Rank: 236642
658 B
11 10
Domain Requested by
5 adblockultra.com beta.mybetterck.com
adblockultra.com
2 cdn.jsdelivr.net adblockultra.com
2 beta.mybetterck.com 1 redirects
2 btpnative.com 1 redirects capitalonae.com
2 capitalonae.com 1 redirects
1 fonts.googleapis.com adblockultra.com
1 tracking.prtrackings.com 1 redirects
1 syncintenselydevelopedthefile.vip 1 redirects
1 brko.admobe.com 1 redirects
1 dimessing-parker.com 1 redirects
11 10

This site contains links to these domains. Also see Links.

Domain
www.allaboutcookies.org
www.aboutads.info
www.networkadvertising.org
Subject Issuer Validity Valid
*.mybetterck.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-06 -
2023-02-06		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-12-15 -
2022-12-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://adblockultra.com/download.php?camp=AWbjhkewq54bhj&zo=100_3fcdbe2b-3fa7-44d2-86b5-aa8f5167c6b8&cid=624fa97eb9b33c0001cca1da&adn=pr
Frame ID: 5252FCF33731CAE214E7400551B152BF
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Adblocker Ultra

Page URL History Show full URLs

  1. http://capitalonae.com/ Page URL
  2. http://capitalonae.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY0OTM... HTTP 302
    http://btpnative.com/click?data=cWZmRnFwVUFwRkE5UUEzZVF5WWJ6ZlJhX0RRUDVpWERqb1p1bWJiakw5VVVQOTBhd... Page URL
  3. http://btpnative.com/Redirect/ HTTP 302
    https://beta.mybetterck.com/aS/feedclick?s=9XmSB6CFggS6IfcT-kj6ScjqPpYD9LTmZgEmKxZ3C-u6pmY-WhJtQILUfaDR_... HTTP 302
    https://beta.mybetterck.com/adServe/domainClick?ai=kWFaCUptNn4MPgXsAes-b9KId4yj9-6urhPP6rwnoiVixC59MK2LT... Page URL
  4. https://dimessing-parker.com/3fcdbe2b-3fa7-44d2-86b5-aa8f5167c6b8?source=420041393&keyword=capitalonae.co... HTTP 302
    https://brko.admobe.com/fsadfsda/fsdagsdag/?utm_source=1764&utm_campaign=9146574&cid=wrki1gnco38483a... HTTP 302
    https://syncintenselydevelopedthefile.vip/HXuTk4eRvpmGdSa85xwhoBWfrmRZoaQjbpuvMnS6PQ8?cid=wrki1gnco38483afiaii0qfk&sid... HTTP 302
    https://tracking.prtrackings.com/click?pid=100&offer_id=2252&sub1=HndKDbAYdvA2Hz3mDK4p5sbjPTleK7Lb&sub2=3fcdb... HTTP 302
    https://adblockultra.com/download.php?camp=AWbjhkewq54bhj&zo=100_3fcdbe2b-3fa7-44d2-86b5-aa8f5167c6b8... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

11
Requests

82 %
HTTPS

30 %
IPv6

10
Domains

10
Subdomains

6
IPs

4
Countries

58 kB
Transfer

264 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://capitalonae.com/ Page URL
  2. http://capitalonae.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY0OTM5NTA5OSwiaWF0IjoxNjQ5Mzg3ODk5LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycmhzcjNodTQ1ZmJ2ZzUwaXMyMTE2azgiLCJuYmYiOjE2NDkzODc4OTksInRzIjoxNjQ5Mzg3ODk5MzU5MDQ2fQ.rLGwzhoT8j1O-xdK4830g1Pc2aBQtQwNNbJnDz-w_do&sid=89e0c20c-b6ea-11ec-85fc-b29389d0a6e7 HTTP 302
    http://btpnative.com/click?data=cWZmRnFwVUFwRkE5UUEzZVF5WWJ6ZlJhX0RRUDVpWERqb1p1bWJiakw5VVVQOTBhd09nbTd5THBHazhYRy1rd3FEcWNZM3NPQ2k3M3E5TnZHNjg2WlRCLWFWSmh3aGwtVWFvX3JhUUMyZEtaQzJ4UUFZWVNVV3c0dlo3amtfNGZ6VUVBLTBfaG9XTHJPWnNVTTVIdTdBMg2&id=3844cc8e-d46f-4274-92c9-27682d88e432 Page URL
  3. http://btpnative.com/Redirect/ HTTP 302
    https://beta.mybetterck.com/aS/feedclick?s=9XmSB6CFggS6IfcT-kj6ScjqPpYD9LTmZgEmKxZ3C-u6pmY-WhJtQILUfaDR__NeVVH-ImtJpPaG_Nh80WMmwqfTqqBykvhw6dH2_md3Y9YZj4kSw3nVPovsevMZH__lphn_x0BlwTgwt6QWV9axOl8GNGGraCkoUgEP24PaLEKKxsudmYD7lTgzEWel5Vxbhkv6VMAeJFR5qdAIxBzvDrocT0l0ePTg_G_eDdb0G2nHJM-VHfkzUeA6qYXfIcjl-Q654xiIU_DUUQUNUi2TXJSyIWaxBjEXx8VKEGSHsNeNlJO2KMXfE4_C7TLzGzvT4GQjEI5pVXwNn2QHnJ1339xkFFfhvQSmIM3nmreCuyAHgW_Ua3eG7bsYlJDLVoqCQ2vIBmsapSbDaW_jDxPfhJ_9NSCu-Ykx6shXi4dmIYEqhZx54Gt4T7w-37S15LgRHgqL5SwJldysjOF07A7p40onyPnXD0dX5IBovVg4uH4umxE0Y2vz1iSLUcpUNne8EG0x86Xx_lOZsVNZTRqyHEigVbNmf9oQKDcD-JAfTjn2oTVSDbiVk1xfuhRDQKtLhrPGrZ77cdRKN6_bwbPP570Vtk3gWsqUP0JGmYMIU7om97LaL2IWO3NbV92FuQe6riyaRpLURKTBNqVUWStiinuSooVkpsDYNC9RlkKQnibzS8a2rxYU_cmLK3P3UZz9D_crAoGtTf5AmujzirSTv3z6OOyAktQImnfDPmHa8uogXEbfQydnhSypAMUIHqP1Gk_jFtB_p0tWmjHexJnEh_cXLbAUCXEBcxL7QF81-CWBnfXAzoV0pDR1JwvBfANyXiXEG1NZg7PtrcEAQXgD037B7TL4eJP42ISf_qyLHoboXxY5AyfyhdZ8nGZtIj6mAxt7lPz8l_BZsaxPQ9q4OQjaEzRMZjuauRFUIHJ8jhaXSYh4IGWmguloyjdNEoDx_DQ5xZkWDmEspgJ0yLM4TgCvhwrvVxQqMOFQ4va8w3KS_OQWnIsU959q_fhlpWaZsPVedJRQ3ucN6i0kDcaJrm_tkyvMVqCGvMybucTwPAETYguSEfbNoFzoj7-OyozEhdbKOvwuga_fAqOSVHKI6agejVIrehRGC0Wy4qwZ9KUUarbi3qQuL9DedTprsyOTOCztFukD6b0S6LRM7rx3XfNyRGSUEUZ4TitYoDNk6TNHRWcvY6XRDQcs1axHZgpJE9X3AYQsCpAEn3pdnGSoQpHTA7Kz9fo94mKnTULy2teQgTesP9hhxGDRHWG4uWWICXGwoH8sHHIMxYMRwisSyW4UKVXLIUgDq2oIlaUhe4-JeKaP7K1ewgmFxxcjfl2jWjRlBavzIZ9OeYGVfsA2k0CB6YDvGJB4JfAa-p_Um50Lu4ZMhasMgTWxta8M5_ibNh81Y0uHt2Iufy-cCLZPhmGKtkyD3Tx4PIkSBCwJ96Z1pTGPU7n1Ys-Lug8fbpLTGczI9-knlp0NIB92c2RLoWaim1aa612Pel8lJZsgqfESE3OkGlechF4IzNp5rkQSlQ3QVB7PAitingtw_af89mDMu7x4X6MyVDhRgIfDinM26NmFjFLzcpX4XhCVxVeFRCDAXsstUWSxcghy2qvPLwjaDjIT-nu1eDMHX_1x9ZETeZqsdkf4PVeG9TBpu_AHhp24Tq_s9V1kqCxK2RiJ7bHM1d-bPhRxvEHVlFeLrlDfbquoPQJw77HM1d-bPhRxef1ra1KbHrXoHfu69sQQiwXB51tqT9-yhCcIiriXVPlws6mAbFqURt0Azp-j8QGh HTTP 302
    https://beta.mybetterck.com/adServe/domainClick?ai=kWFaCUptNn4MPgXsAes-b9KId4yj9-6urhPP6rwnoiVixC59MK2LTm9T4Z5WoqIT935Ad60oVqknDum8tXoLph8C6ONe2RpkqLuPp3A4n7zi-c2vFtO8qZ8a1SHWvwV0Jnzr6D87TI5LKRKhRkq4GsjPOHSGnqiAr1ulfGZWosFW0pQB_xRArwL9XpY9JaUgBbYQ9feXOWE4_hj3LKCP219vkVB5mXvk22Ydr6xcDoFc_qf-lol1R5gMybe9JQZwSRjufKR1ppGgjLwj7N4YhmU-IJPnlV1fCW3sEAs7Z1lq-s3fgKU0oS5_L5wItk-GlJxRbMtshDYFnPUGlYiJPb5An83H3WM-XgjM2nmuRBJRZ2zfpC2eeL7AdIrib2gOJf4yBNRlqxdPnEhIaw2zsRJHJzdDv6O5-zfUS8nVU04fFcxJ0StShp2s0_34CATUuHZzeSQTgkyFv_aZQC5A4r4FDOdw858tImbOeXz24ZVRY0XLI-w26tWjri88Beg6ZonWe_Vtl9GtFLC8pMLsUA5RUDuR6cw8U3Ic3SqvsOtDSNILAwdLO3H7_a5KV3xE&ui=9XmSB6CFggTENzPKQVSHVYBVNmK1S2tVTaK5KHYcXM5O8s6Is6Zs2-GiABJiAJgSPedT7FyIK6NXckWTrI6Grzz7yH3VnsXTm7tjJ6h-JVHVIxLadICqWw&si=1&oref=80f69c4a6ead2556f1a3a3943332bb5d&optunit=o3PohfWRZSRQcf6yP-TKbg&rb=ntzDoPN7Tjk&rr=1&abtg=0 Page URL
  4. https://dimessing-parker.com/3fcdbe2b-3fa7-44d2-86b5-aa8f5167c6b8?source=420041393&keyword=capitalonae.com+RO+Loans+Credit+Lending+Finance+Credit+Reporting+%26+Monitoring+Credit+Cards&geo=DE&cmpgnnme=WW-MS-ALL-ALL-RAD-CRM_EXT-DSKTP-D-090222&device=Desktop&os=Windows+10&browser=Chrome+100&carrier=UNKNOWN&lang=@@LANGUAGE@@&creative=@@CREATIVE-ID@@&bid=0.0008&clickid=88538464928 HTTP 302
    https://brko.admobe.com/fsadfsda/fsdagsdag/?utm_source=1764&utm_campaign=9146574&cid=wrki1gnco38483afiaii0qfk&sid=3fcdbe2b-3fa7-44d2-86b5-aa8f5167c6b8 HTTP 302
    https://syncintenselydevelopedthefile.vip/HXuTk4eRvpmGdSa85xwhoBWfrmRZoaQjbpuvMnS6PQ8?cid=wrki1gnco38483afiaii0qfk&sid=3fcdbe2b-3fa7-44d2-86b5-aa8f5167c6b8 HTTP 302
    https://tracking.prtrackings.com/click?pid=100&offer_id=2252&sub1=HndKDbAYdvA2Hz3mDK4p5sbjPTleK7Lb&sub2=3fcdbe2b-3fa7-44d2-86b5-aa8f5167c6b8 HTTP 302
    https://adblockultra.com/download.php?camp=AWbjhkewq54bhj&zo=100_3fcdbe2b-3fa7-44d2-86b5-aa8f5167c6b8&cid=624fa97eb9b33c0001cca1da&adn=pr Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://capitalonae.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY0OTM5NTA5OSwiaWF0IjoxNjQ5Mzg3ODk5LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycmhzcjNodTQ1ZmJ2ZzUwaXMyMTE2azgiLCJuYmYiOjE2NDkzODc4OTksInRzIjoxNjQ5Mzg3ODk5MzU5MDQ2fQ.rLGwzhoT8j1O-xdK4830g1Pc2aBQtQwNNbJnDz-w_do&sid=89e0c20c-b6ea-11ec-85fc-b29389d0a6e7 HTTP 302
  • http://btpnative.com/click?data=cWZmRnFwVUFwRkE5UUEzZVF5WWJ6ZlJhX0RRUDVpWERqb1p1bWJiakw5VVVQOTBhd09nbTd5THBHazhYRy1rd3FEcWNZM3NPQ2k3M3E5TnZHNjg2WlRCLWFWSmh3aGwtVWFvX3JhUUMyZEtaQzJ4UUFZWVNVV3c0dlo3amtfNGZ6VUVBLTBfaG9XTHJPWnNVTTVIdTdBMg2&id=3844cc8e-d46f-4274-92c9-27682d88e432
Request Chain 2
  • http://btpnative.com/Redirect/ HTTP 302
  • https://beta.mybetterck.com/aS/feedclick?s=9XmSB6CFggS6IfcT-kj6ScjqPpYD9LTmZgEmKxZ3C-u6pmY-WhJtQILUfaDR__NeVVH-ImtJpPaG_Nh80WMmwqfTqqBykvhw6dH2_md3Y9YZj4kSw3nVPovsevMZH__lphn_x0BlwTgwt6QWV9axOl8GNGGraCkoUgEP24PaLEKKxsudmYD7lTgzEWel5Vxbhkv6VMAeJFR5qdAIxBzvDrocT0l0ePTg_G_eDdb0G2nHJM-VHfkzUeA6qYXfIcjl-Q654xiIU_DUUQUNUi2TXJSyIWaxBjEXx8VKEGSHsNeNlJO2KMXfE4_C7TLzGzvT4GQjEI5pVXwNn2QHnJ1339xkFFfhvQSmIM3nmreCuyAHgW_Ua3eG7bsYlJDLVoqCQ2vIBmsapSbDaW_jDxPfhJ_9NSCu-Ykx6shXi4dmIYEqhZx54Gt4T7w-37S15LgRHgqL5SwJldysjOF07A7p40onyPnXD0dX5IBovVg4uH4umxE0Y2vz1iSLUcpUNne8EG0x86Xx_lOZsVNZTRqyHEigVbNmf9oQKDcD-JAfTjn2oTVSDbiVk1xfuhRDQKtLhrPGrZ77cdRKN6_bwbPP570Vtk3gWsqUP0JGmYMIU7om97LaL2IWO3NbV92FuQe6riyaRpLURKTBNqVUWStiinuSooVkpsDYNC9RlkKQnibzS8a2rxYU_cmLK3P3UZz9D_crAoGtTf5AmujzirSTv3z6OOyAktQImnfDPmHa8uogXEbfQydnhSypAMUIHqP1Gk_jFtB_p0tWmjHexJnEh_cXLbAUCXEBcxL7QF81-CWBnfXAzoV0pDR1JwvBfANyXiXEG1NZg7PtrcEAQXgD037B7TL4eJP42ISf_qyLHoboXxY5AyfyhdZ8nGZtIj6mAxt7lPz8l_BZsaxPQ9q4OQjaEzRMZjuauRFUIHJ8jhaXSYh4IGWmguloyjdNEoDx_DQ5xZkWDmEspgJ0yLM4TgCvhwrvVxQqMOFQ4va8w3KS_OQWnIsU959q_fhlpWaZsPVedJRQ3ucN6i0kDcaJrm_tkyvMVqCGvMybucTwPAETYguSEfbNoFzoj7-OyozEhdbKOvwuga_fAqOSVHKI6agejVIrehRGC0Wy4qwZ9KUUarbi3qQuL9DedTprsyOTOCztFukD6b0S6LRM7rx3XfNyRGSUEUZ4TitYoDNk6TNHRWcvY6XRDQcs1axHZgpJE9X3AYQsCpAEn3pdnGSoQpHTA7Kz9fo94mKnTULy2teQgTesP9hhxGDRHWG4uWWICXGwoH8sHHIMxYMRwisSyW4UKVXLIUgDq2oIlaUhe4-JeKaP7K1ewgmFxxcjfl2jWjRlBavzIZ9OeYGVfsA2k0CB6YDvGJB4JfAa-p_Um50Lu4ZMhasMgTWxta8M5_ibNh81Y0uHt2Iufy-cCLZPhmGKtkyD3Tx4PIkSBCwJ96Z1pTGPU7n1Ys-Lug8fbpLTGczI9-knlp0NIB92c2RLoWaim1aa612Pel8lJZsgqfESE3OkGlechF4IzNp5rkQSlQ3QVB7PAitingtw_af89mDMu7x4X6MyVDhRgIfDinM26NmFjFLzcpX4XhCVxVeFRCDAXsstUWSxcghy2qvPLwjaDjIT-nu1eDMHX_1x9ZETeZqsdkf4PVeG9TBpu_AHhp24Tq_s9V1kqCxK2RiJ7bHM1d-bPhRxvEHVlFeLrlDfbquoPQJw77HM1d-bPhRxef1ra1KbHrXoHfu69sQQiwXB51tqT9-yhCcIiriXVPlws6mAbFqURt0Azp-j8QGh HTTP 302
  • https://beta.mybetterck.com/adServe/domainClick?ai=kWFaCUptNn4MPgXsAes-b9KId4yj9-6urhPP6rwnoiVixC59MK2LTm9T4Z5WoqIT935Ad60oVqknDum8tXoLph8C6ONe2RpkqLuPp3A4n7zi-c2vFtO8qZ8a1SHWvwV0Jnzr6D87TI5LKRKhRkq4GsjPOHSGnqiAr1ulfGZWosFW0pQB_xRArwL9XpY9JaUgBbYQ9feXOWE4_hj3LKCP219vkVB5mXvk22Ydr6xcDoFc_qf-lol1R5gMybe9JQZwSRjufKR1ppGgjLwj7N4YhmU-IJPnlV1fCW3sEAs7Z1lq-s3fgKU0oS5_L5wItk-GlJxRbMtshDYFnPUGlYiJPb5An83H3WM-XgjM2nmuRBJRZ2zfpC2eeL7AdIrib2gOJf4yBNRlqxdPnEhIaw2zsRJHJzdDv6O5-zfUS8nVU04fFcxJ0StShp2s0_34CATUuHZzeSQTgkyFv_aZQC5A4r4FDOdw858tImbOeXz24ZVRY0XLI-w26tWjri88Beg6ZonWe_Vtl9GtFLC8pMLsUA5RUDuR6cw8U3Ic3SqvsOtDSNILAwdLO3H7_a5KV3xE&ui=9XmSB6CFggTENzPKQVSHVYBVNmK1S2tVTaK5KHYcXM5O8s6Is6Zs2-GiABJiAJgSPedT7FyIK6NXckWTrI6Grzz7yH3VnsXTm7tjJ6h-JVHVIxLadICqWw&si=1&oref=80f69c4a6ead2556f1a3a3943332bb5d&optunit=o3PohfWRZSRQcf6yP-TKbg&rb=ntzDoPN7Tjk&rr=1&abtg=0

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
capitalonae.com/ 		471 B
830 B 		Document
General
Check archive.org
Download Go to
Full URL
http://capitalonae.com/
Protocol
HTTP/1.1
Server
23.82.12.34 Alexandria, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
471
content-type
text/html; charset=utf-8
date
Fri, 08 Apr 2022 03:18:19 GMT
server
nginx
click
btpnative.com/
Redirect Chain
  • http://capitalonae.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY0OTM5NTA5OSwiaWF0IjoxNjQ5Mzg3ODk5LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycmhzcjNodTQ1ZmJ2ZzUwaXMyMTE2a...
  • http://btpnative.com/click?data=cWZmRnFwVUFwRkE5UUEzZVF5WWJ6ZlJhX0RRUDVpWERqb1p1bWJiakw5VVVQOTBhd09nbTd5THBHazhYRy1rd3FEcWNZM3NPQ2k3M3E5TnZHNjg2WlRCLWFWSmh3aGwtVWFvX3JhUUMyZEtaQzJ4UUFZWVNVV3c0dlo3a...
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://btpnative.com/click?data=cWZmRnFwVUFwRkE5UUEzZVF5WWJ6ZlJhX0RRUDVpWERqb1p1bWJiakw5VVVQOTBhd09nbTd5THBHazhYRy1rd3FEcWNZM3NPQ2k3M3E5TnZHNjg2WlRCLWFWSmh3aGwtVWFvX3JhUUMyZEtaQzJ4UUFZWVNVV3c0dlo3amtfNGZ6VUVBLTBfaG9XTHJPWnNVTTVIdTdBMg2&id=3844cc8e-d46f-4274-92c9-27682d88e432
Requested by
Host: capitalonae.com
URL: http://capitalonae.com/
Protocol
HTTP/1.1
Server
209.15.13.136 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash

Request headers

Referer
http://capitalonae.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
*
Cache-Control
private
Content-Encoding
gzip
Content-Length
2189
Content-Type
text/html; charset=utf-8
Date
Fri, 08 Apr 2022 03:18:20 GMT
Server
Microsoft-IIS/8.5
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Server
web01

Redirect headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
11
date
Fri, 08 Apr 2022 03:18:20 GMT
location
http://btpnative.com/click?data=cWZmRnFwVUFwRkE5UUEzZVF5WWJ6ZlJhX0RRUDVpWERqb1p1bWJiakw5VVVQOTBhd09nbTd5THBHazhYRy1rd3FEcWNZM3NPQ2k3M3E5TnZHNjg2WlRCLWFWSmh3aGwtVWFvX3JhUUMyZEtaQzJ4UUFZWVNVV3c0dlo3amtfNGZ6VUVBLTBfaG9XTHJPWnNVTTVIdTdBMg2&id=3844cc8e-d46f-4274-92c9-27682d88e432
server
nginx
domainClick
beta.mybetterck.com/adServe/
Redirect Chain
  • http://btpnative.com/Redirect/
  • https://beta.mybetterck.com/aS/feedclick?s=9XmSB6CFggS6IfcT-kj6ScjqPpYD9LTmZgEmKxZ3C-u6pmY-WhJtQILUfaDR__NeVVH-ImtJpPaG_Nh80WMmwqfTqqBykvhw6dH2_md3Y9YZj4kSw3nVPovsevMZH__lphn_x0BlwTgwt6QWV9axOl8GNG...
  • https://beta.mybetterck.com/adServe/domainClick?ai=kWFaCUptNn4MPgXsAes-b9KId4yj9-6urhPP6rwnoiVixC59MK2LTm9T4Z5WoqIT935Ad60oVqknDum8tXoLph8C6ONe2RpkqLuPp3A4n7zi-c2vFtO8qZ8a1SHWvwV0Jnzr6D87TI5LKRKhRk...
574 B
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beta.mybetterck.com/adServe/domainClick?ai=kWFaCUptNn4MPgXsAes-b9KId4yj9-6urhPP6rwnoiVixC59MK2LTm9T4Z5WoqIT935Ad60oVqknDum8tXoLph8C6ONe2RpkqLuPp3A4n7zi-c2vFtO8qZ8a1SHWvwV0Jnzr6D87TI5LKRKhRkq4GsjPOHSGnqiAr1ulfGZWosFW0pQB_xRArwL9XpY9JaUgBbYQ9feXOWE4_hj3LKCP219vkVB5mXvk22Ydr6xcDoFc_qf-lol1R5gMybe9JQZwSRjufKR1ppGgjLwj7N4YhmU-IJPnlV1fCW3sEAs7Z1lq-s3fgKU0oS5_L5wItk-GlJxRbMtshDYFnPUGlYiJPb5An83H3WM-XgjM2nmuRBJRZ2zfpC2eeL7AdIrib2gOJf4yBNRlqxdPnEhIaw2zsRJHJzdDv6O5-zfUS8nVU04fFcxJ0StShp2s0_34CATUuHZzeSQTgkyFv_aZQC5A4r4FDOdw858tImbOeXz24ZVRY0XLI-w26tWjri88Beg6ZonWe_Vtl9GtFLC8pMLsUA5RUDuR6cw8U3Ic3SqvsOtDSNILAwdLO3H7_a5KV3xE&ui=9XmSB6CFggTENzPKQVSHVYBVNmK1S2tVTaK5KHYcXM5O8s6Is6Zs2-GiABJiAJgSPedT7FyIK6NXckWTrI6Grzz7yH3VnsXTm7tjJ6h-JVHVIxLadICqWw&si=1&oref=80f69c4a6ead2556f1a3a3943332bb5d&optunit=o3PohfWRZSRQcf6yP-TKbg&rb=ntzDoPN7Tjk&rr=1&abtg=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.168.193.189 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
bd.c1.a86c.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
http://btpnative.com
Referer
http://btpnative.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Fri, 08 Apr 2022 03:18:21 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

content-length
0
date
Fri, 08 Apr 2022 03:18:21 GMT
location
https://beta.mybetterck.com/adServe/domainClick?ai=kWFaCUptNn4MPgXsAes-b9KId4yj9-6urhPP6rwnoiVixC59MK2LTm9T4Z5WoqIT935Ad60oVqknDum8tXoLph8C6ONe2RpkqLuPp3A4n7zi-c2vFtO8qZ8a1SHWvwV0Jnzr6D87TI5LKRKhRkq4GsjPOHSGnqiAr1ulfGZWosFW0pQB_xRArwL9XpY9JaUgBbYQ9feXOWE4_hj3LKCP219vkVB5mXvk22Ydr6xcDoFc_qf-lol1R5gMybe9JQZwSRjufKR1ppGgjLwj7N4YhmU-IJPnlV1fCW3sEAs7Z1lq-s3fgKU0oS5_L5wItk-GlJxRbMtshDYFnPUGlYiJPb5An83H3WM-XgjM2nmuRBJRZ2zfpC2eeL7AdIrib2gOJf4yBNRlqxdPnEhIaw2zsRJHJzdDv6O5-zfUS8nVU04fFcxJ0StShp2s0_34CATUuHZzeSQTgkyFv_aZQC5A4r4FDOdw858tImbOeXz24ZVRY0XLI-w26tWjri88Beg6ZonWe_Vtl9GtFLC8pMLsUA5RUDuR6cw8U3Ic3SqvsOtDSNILAwdLO3H7_a5KV3xE&ui=9XmSB6CFggTENzPKQVSHVYBVNmK1S2tVTaK5KHYcXM5O8s6Is6Zs2-GiABJiAJgSPedT7FyIK6NXckWTrI6Grzz7yH3VnsXTm7tjJ6h-JVHVIxLadICqWw&si=1&oref=80f69c4a6ead2556f1a3a3943332bb5d&optunit=o3PohfWRZSRQcf6yP-TKbg&rb=ntzDoPN7Tjk&rr=1&abtg=0
server
nginx
Primary Request download.php
adblockultra.com/
Redirect Chain
  • https://dimessing-parker.com/3fcdbe2b-3fa7-44d2-86b5-aa8f5167c6b8?source=420041393&keyword=capitalonae.com+RO+Loans+Credit+Lending+Finance+Credit+Reporting+%26+Monitoring+Credit+Cards&geo=DE&cmpgnn...
  • https://brko.admobe.com/fsadfsda/fsdagsdag/?utm_source=1764&utm_campaign=9146574&cid=wrki1gnco38483afiaii0qfk&sid=3fcdbe2b-3fa7-44d2-86b5-aa8f5167c6b8
  • https://syncintenselydevelopedthefile.vip/HXuTk4eRvpmGdSa85xwhoBWfrmRZoaQjbpuvMnS6PQ8?cid=wrki1gnco38483afiaii0qfk&sid=3fcdbe2b-3fa7-44d2-86b5-aa8f5167c6b8
  • https://tracking.prtrackings.com/click?pid=100&offer_id=2252&sub1=HndKDbAYdvA2Hz3mDK4p5sbjPTleK7Lb&sub2=3fcdbe2b-3fa7-44d2-86b5-aa8f5167c6b8
  • https://adblockultra.com/download.php?camp=AWbjhkewq54bhj&zo=100_3fcdbe2b-3fa7-44d2-86b5-aa8f5167c6b8&cid=624fa97eb9b33c0001cca1da&adn=pr
30 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adblockultra.com/download.php?camp=AWbjhkewq54bhj&zo=100_3fcdbe2b-3fa7-44d2-86b5-aa8f5167c6b8&cid=624fa97eb9b33c0001cca1da&adn=pr
Requested by
Host: beta.mybetterck.com
URL: https://beta.mybetterck.com/adServe/domainClick?ai=kWFaCUptNn4MPgXsAes-b9KId4yj9-6urhPP6rwnoiVixC59MK2LTm9T4Z5WoqIT935Ad60oVqknDum8tXoLph8C6ONe2RpkqLuPp3A4n7zi-c2vFtO8qZ8a1SHWvwV0Jnzr6D87TI5LKRKhRkq4GsjPOHSGnqiAr1ulfGZWosFW0pQB_xRArwL9XpY9JaUgBbYQ9feXOWE4_hj3LKCP219vkVB5mXvk22Ydr6xcDoFc_qf-lol1R5gMybe9JQZwSRjufKR1ppGgjLwj7N4YhmU-IJPnlV1fCW3sEAs7Z1lq-s3fgKU0oS5_L5wItk-GlJxRbMtshDYFnPUGlYiJPb5An83H3WM-XgjM2nmuRBJRZ2zfpC2eeL7AdIrib2gOJf4yBNRlqxdPnEhIaw2zsRJHJzdDv6O5-zfUS8nVU04fFcxJ0StShp2s0_34CATUuHZzeSQTgkyFv_aZQC5A4r4FDOdw858tImbOeXz24ZVRY0XLI-w26tWjri88Beg6ZonWe_Vtl9GtFLC8pMLsUA5RUDuR6cw8U3Ic3SqvsOtDSNILAwdLO3H7_a5KV3xE&ui=9XmSB6CFggTENzPKQVSHVYBVNmK1S2tVTaK5KHYcXM5O8s6Is6Zs2-GiABJiAJgSPedT7FyIK6NXckWTrI6Grzz7yH3VnsXTm7tjJ6h-JVHVIxLadICqWw&si=1&oref=80f69c4a6ead2556f1a3a3943332bb5d&optunit=o3PohfWRZSRQcf6yP-TKbg&rb=ntzDoPN7Tjk&rr=1&abtg=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71e8e4857bc6ef9faea375ba11f1f66ca23cca2adc4da4590939f26c58e28347

Request headers

Referer
https://beta.mybetterck.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
6f87daf4f81cc00c-MRS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 08 Apr 2022 03:18:22 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qMA6QUgcJkG4eS5de9Kk4X9UxgqzCcDOfwjmKtMp6ay0ptgVB1QyI%2B6waATtEhHo%2BR78aXEJMQKOGziAixui2NK2974JFKf7wlZW6kGPPDcVgT5RK2ZxbpewX4YIKcP2C393hUaRcq5IO0iMdUmX"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

access-control-allow-origin
*
content-length
0
date
Fri, 08 Apr 2022 03:18:22 GMT
location
https://adblockultra.com/download.php?camp=AWbjhkewq54bhj&zo=100_3fcdbe2b-3fa7-44d2-86b5-aa8f5167c6b8&cid=624fa97eb9b33c0001cca1da&adn=pr
server
nginx
bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/ 		64 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.css
Requested by
Host: adblockultra.com
URL: https://adblockultra.com/download.php?camp=AWbjhkewq54bhj&zo=100_3fcdbe2b-3fa7-44d2-86b5-aa8f5167c6b8&cid=624fa97eb9b33c0001cca1da&adn=pr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c325075337b768950583012228055ae392e384688d77ec5235e6ca88dcec6ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adblockultra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 03:18:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
90
x-jsd-version
1.5.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19182-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"100a0-GGXd3Lt7Z9zvQlDlkMyalXSrpnM"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QuDUGaZhVbRQbIBg0CT6emVpZ5DDLHIdYSQaPJnU29JoiBofSBMCsZGdqYHmyqEh%2BOBJ9r8qoYeF2jQYcV75iSeINL4qF2ab0pVsAMVs4RZDoC23BRNNdfe0PDDhRPQN865sPMamJJCtsee%2FEnE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6f87daf58c8a0211-ZRH
css2
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto&display=swap
Requested by
Host: adblockultra.com
URL: https://adblockultra.com/download.php?camp=AWbjhkewq54bhj&zo=100_3fcdbe2b-3fa7-44d2-86b5-aa8f5167c6b8&cid=624fa97eb9b33c0001cca1da&adn=pr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adblockultra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 08 Apr 2022 02:54:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 08 Apr 2022 03:18:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 08 Apr 2022 03:18:22 GMT
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ 		152 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css
Requested by
Host: adblockultra.com
URL: https://adblockultra.com/download.php?camp=AWbjhkewq54bhj&zo=100_3fcdbe2b-3fa7-44d2-86b5-aa8f5167c6b8&cid=624fa97eb9b33c0001cca1da&adn=pr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://adblockultra.com/
Origin
https://adblockultra.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 03:18:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1533391
x-jsd-version
5.0.2
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19136-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QFRE9Gt760Rm1AsxJqgNch4uqIS4hIejADdJ%2FC6o%2FK5YHU4KzrxpJGRoIucI7O47lyARqQ7mdAqT%2FgVAJDHvzN6tWwT%2BCwUbvc46iKMASn%2B%2Folgduw%2BxfksO3y6LStQ84sJXb5Zyzt5agepvur8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6f87daf58f13cc42-ZRH
styles.css
adblockultra.com/i/ 		2 KB
805 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://adblockultra.com/i/styles.css
Requested by
Host: adblockultra.com
URL: https://adblockultra.com/download.php?camp=AWbjhkewq54bhj&zo=100_3fcdbe2b-3fa7-44d2-86b5-aa8f5167c6b8&cid=624fa97eb9b33c0001cca1da&adn=pr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fdc20935f1adcf47b9fe8f9455be27e1049200eee554444385c6845422b028c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adblockultra.com/download.php?camp=AWbjhkewq54bhj&zo=100_3fcdbe2b-3fa7-44d2-86b5-aa8f5167c6b8&cid=624fa97eb9b33c0001cca1da&adn=pr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 03:18:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 18 Mar 2022 11:08:21 GMT
server
cloudflare
age
2991
etag
W/"62346825-7ef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ukLraqA2hir8PuGHAG0Kheh3bAVfUMogqmFa%2BwVVtNv6%2Bmo6ormh1N6W%2FJgkBifIgF8vGQATAKVTHvcvi7HUQniA6v%2FH8F6naCEek1SaRvHDm%2FH4wkcZOkRiosxIOF%2B%2Bt8Zs9XRTcL2AXmIcMdam"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f87daf5682bc00c-MRS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
logo.png
adblockultra.com/i/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adblockultra.com/i/logo.png
Requested by
Host: adblockultra.com
URL: https://adblockultra.com/download.php?camp=AWbjhkewq54bhj&zo=100_3fcdbe2b-3fa7-44d2-86b5-aa8f5167c6b8&cid=624fa97eb9b33c0001cca1da&adn=pr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7625c690f85b83edf8b4ee169d6a4a1014dd9181cc33f6c5b68014ff8c682d36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adblockultra.com/download.php?camp=AWbjhkewq54bhj&zo=100_3fcdbe2b-3fa7-44d2-86b5-aa8f5167c6b8&cid=624fa97eb9b33c0001cca1da&adn=pr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 03:18:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3086
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2877
last-modified
Fri, 17 Dec 2021 16:52:41 GMT
server
cloudflare
etag
"61bcc059-b3d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AKIWo4BI1IFdWoQLnHPRMr3T%2FDDSbbQD7l2CVb6nCc0NS5aaCF8gwe6WrZVVgU16hR9Au8I6f6DMkuitq2PJGPjC7k4JFYsLu0svTnoSB%2BwcHhGwaD6gbbUV6BSrt5eRuO0lwI%2BDNZUpZ3O61ivM"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
6f87daf5682cc00c-MRS
email-decode.min.js
adblockultra.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adblockultra.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: adblockultra.com
URL: https://adblockultra.com/download.php?camp=AWbjhkewq54bhj&zo=100_3fcdbe2b-3fa7-44d2-86b5-aa8f5167c6b8&cid=624fa97eb9b33c0001cca1da&adn=pr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adblockultra.com/download.php?camp=AWbjhkewq54bhj&zo=100_3fcdbe2b-3fa7-44d2-86b5-aa8f5167c6b8&cid=624fa97eb9b33c0001cca1da&adn=pr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 03:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 24 Mar 2022 11:29:35 GMT
server
cloudflare
etag
W/"623c561f-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mOTOB3qDvrXJqBITAuTgywLLMmGocZisYUbnm93DDOjbbaU7m9m5qXLgUYkGr6pX51hzem1U%2B0Y68vzgXpDuN45pj7PVqqbr9tDUfkhoN9tFmiY4zSO3XZmyrjn5pkUP2IuCmMfojXmoQsjMmXCU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f87daf58834c00c-MRS
vary
Accept-Encoding
expires
Sun, 10 Apr 2022 03:18:22 GMT
chromewebstore.png
adblockultra.com/i/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adblockultra.com/i/chromewebstore.png
Requested by
Host: adblockultra.com
URL: https://adblockultra.com/download.php?camp=AWbjhkewq54bhj&zo=100_3fcdbe2b-3fa7-44d2-86b5-aa8f5167c6b8&cid=624fa97eb9b33c0001cca1da&adn=pr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b74fcd6c38eb603d9c86cd1c8cb97ba423d200d7e3e555cbc5a704ac456e00f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adblockultra.com/download.php?camp=AWbjhkewq54bhj&zo=100_3fcdbe2b-3fa7-44d2-86b5-aa8f5167c6b8&cid=624fa97eb9b33c0001cca1da&adn=pr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 03:18:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2979
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3435
last-modified
Mon, 03 Jan 2022 15:33:53 GMT
server
cloudflare
etag
"61d31761-d6b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eRjhdwR8abyzLa9ice%2FqsmL6P4TtOOrfCO09nhXnjLMDxCcHVo3h%2BJaPEBtCblfCl5h8ZNUI3ZTRT9wApwWePWI70bRkL5GoEycwpftIY7mlSdCq7k%2FPaWI%2Ft5FTIGu3pJnK5MEpQJ7w3kkB7GHz"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
6f87daf58835c00c-MRS

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails

9 Cookies

Domain/Path Name / Value
.capitalonae.com/ Name: sid
Value: 89e0c20c-b6ea-11ec-85fc-b29389d0a6e7
btpnative.com/ Name: xVDfUztzOmFRTzy
Value: xVDfUztzOmFRTzy
.mybetterck.com/ Name: rhid
Value: 81047697019
.mybetterck.com/ Name: loi
Value: ad_1145242_off_589393_aff_16768_cid_274639-576382671-CAPITALONAE.COM_ts_1649387901
.dimessing-parker.com/ Name: 3fcdbe2b-3fa7-44d2-86b5-aa8f5167c6b8-v4
Value: iucClQ7gz40dHTH0_dTU0y-BpzvBadburCQH7TbrApg
.dimessing-parker.com/ Name: cc-v4
Value: JuRGqBzUYbhkOKfNwMaxkcChi8nH2XwOvkb6FFrzAB25BdY5%2Futrzr4c0ZSRVwVPmx6P8sUxJk20TxoL8IdvKOXqBVtgZjpc2x%2FTO7Ct%2Fq5gp6afQgp82V8lF6QLej4lOl1F%2FYPfm6WvdiOP2NGkIw%3D%3D
syncintenselydevelopedthefile.vip/ Name: session
Value: HndKDbAYdvA2Hz3mDK4p5sbjPTleK7Lb
tracking.prtrackings.com/ Name: afclick
Value: 624fa97eb9b33c0001cca1da
tracking.prtrackings.com/ Name: afoffers
Value: {"2252":1649387902}