adblockultra.com
Open in
urlscan Pro
2606:4700:3032::ac43:8402
Public Scan
Effective URL: https://adblockultra.com/download.php?camp=AWbjhkewq54bhj&zo=100_3fcdbe2b-3fa7-44d2-86b5-aa8f5167c6b8&cid=624fa97eb9b33c0...
Submission: On April 08 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 15th 2021. Valid for: a year.
This is the only time adblockultra.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 23.82.12.34 23.82.12.34 | 30633 (LEASEWEB-...) (LEASEWEB-USA-WDC) | |
1 2 | 209.15.13.136 209.15.13.136 | 13768 (COGECO-PEER1) (COGECO-PEER1) | |
1 2 | 108.168.193.189 108.168.193.189 | 36351 (SOFTLAYER) (SOFTLAYER) | |
1 1 | 18.195.123.247 18.195.123.247 | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 107.20.106.95 107.20.106.95 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 1 | 3.226.146.143 3.226.146.143 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 1 | 213.227.132.155 213.227.132.155 | 60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands) | |
5 | 2606:4700:303... 2606:4700:3032::ac43:8402 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700::68... 2606:4700::6810:5914 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:810::200a | 15169 (GOOGLE) (GOOGLE) | |
11 | 6 |
ASN36351 (SOFTLAYER, US)
PTR: bd.c1.a86c.ip4.static.sl-reverse.com
beta.mybetterck.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-123-247.eu-central-1.compute.amazonaws.com
dimessing-parker.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-106-95.compute-1.amazonaws.com
brko.admobe.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-146-143.compute-1.amazonaws.com
syncintenselydevelopedthefile.vip |
ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
tracking.prtrackings.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
adblockultra.com
adblockultra.com — Cisco Umbrella Rank: 321150 |
19 KB |
2 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 436 |
34 KB |
2 |
mybetterck.com
1 redirects
beta.mybetterck.com — Cisco Umbrella Rank: 212612 |
2 KB |
2 |
btpnative.com
1 redirects
btpnative.com — Cisco Umbrella Rank: 125648 |
5 KB |
2 |
capitalonae.com
1 redirects
capitalonae.com |
1 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46 |
1 KB |
1 |
prtrackings.com
1 redirects
tracking.prtrackings.com — Cisco Umbrella Rank: 153109 |
330 B |
1 |
syncintenselydevelopedthefile.vip
1 redirects
syncintenselydevelopedthefile.vip |
394 B |
1 |
admobe.com
1 redirects
brko.admobe.com |
355 B |
1 |
dimessing-parker.com
1 redirects
dimessing-parker.com — Cisco Umbrella Rank: 236642 |
658 B |
11 | 10 |
Domain | Requested by | |
---|---|---|
5 | adblockultra.com |
beta.mybetterck.com
adblockultra.com |
2 | cdn.jsdelivr.net |
adblockultra.com
|
2 | beta.mybetterck.com | 1 redirects |
2 | btpnative.com |
1 redirects
capitalonae.com
|
2 | capitalonae.com | 1 redirects |
1 | fonts.googleapis.com |
adblockultra.com
|
1 | tracking.prtrackings.com | 1 redirects |
1 | syncintenselydevelopedthefile.vip | 1 redirects |
1 | brko.admobe.com | 1 redirects |
1 | dimessing-parker.com | 1 redirects |
11 | 10 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.allaboutcookies.org |
www.aboutads.info |
www.networkadvertising.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.mybetterck.com Sectigo RSA Domain Validation Secure Server CA |
2022-02-06 - 2023-02-06 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-12-15 - 2022-12-14 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-03-21 - 2022-06-13 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://adblockultra.com/download.php?camp=AWbjhkewq54bhj&zo=100_3fcdbe2b-3fa7-44d2-86b5-aa8f5167c6b8&cid=624fa97eb9b33c0001cca1da&adn=pr
Frame ID: 5252FCF33731CAE214E7400551B152BF
Requests: 11 HTTP requests in this frame
Screenshot
Page Title
Adblocker UltraPage URL History Show full URLs
- http://capitalonae.com/ Page URL
-
http://capitalonae.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY0OTM...
HTTP 302
http://btpnative.com/click?data=cWZmRnFwVUFwRkE5UUEzZVF5WWJ6ZlJhX0RRUDVpWERqb1p1bWJiakw5VVVQOTBhd... Page URL
-
http://btpnative.com/Redirect/
HTTP 302
https://beta.mybetterck.com/aS/feedclick?s=9XmSB6CFggS6IfcT-kj6ScjqPpYD9LTmZgEmKxZ3C-u6pmY-WhJtQILUfaDR_... HTTP 302
https://beta.mybetterck.com/adServe/domainClick?ai=kWFaCUptNn4MPgXsAes-b9KId4yj9-6urhPP6rwnoiVixC59MK2LT... Page URL
-
https://dimessing-parker.com/3fcdbe2b-3fa7-44d2-86b5-aa8f5167c6b8?source=420041393&keyword=capitalonae.co...
HTTP 302
https://brko.admobe.com/fsadfsda/fsdagsdag/?utm_source=1764&utm_campaign=9146574&cid=wrki1gnco38483a... HTTP 302
https://syncintenselydevelopedthefile.vip/HXuTk4eRvpmGdSa85xwhoBWfrmRZoaQjbpuvMnS6PQ8?cid=wrki1gnco38483afiaii0qfk&sid... HTTP 302
https://tracking.prtrackings.com/click?pid=100&offer_id=2252&sub1=HndKDbAYdvA2Hz3mDK4p5sbjPTleK7Lb&sub2=3fcdb... HTTP 302
https://adblockultra.com/download.php?camp=AWbjhkewq54bhj&zo=100_3fcdbe2b-3fa7-44d2-86b5-aa8f5167c6b8... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Bootstrap (Web Frameworks) Expand
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jsDelivr (CDN) Expand
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: http://www.allaboutcookies.org
Search URL Search Domain Scan URL
Title: http://www.aboutads.info
Search URL Search Domain Scan URL
Title: http://www.aboutads.info/choices
Search URL Search Domain Scan URL
Title: Network Advertising Initiative (NAI)
Search URL Search Domain Scan URL
Title: Digital Advertising Alliance's Self-Regulatory Principles for Online Behavioral Advertising
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://capitalonae.com/ Page URL
-
http://capitalonae.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY0OTM5NTA5OSwiaWF0IjoxNjQ5Mzg3ODk5LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycmhzcjNodTQ1ZmJ2ZzUwaXMyMTE2azgiLCJuYmYiOjE2NDkzODc4OTksInRzIjoxNjQ5Mzg3ODk5MzU5MDQ2fQ.rLGwzhoT8j1O-xdK4830g1Pc2aBQtQwNNbJnDz-w_do&sid=89e0c20c-b6ea-11ec-85fc-b29389d0a6e7
HTTP 302
http://btpnative.com/click?data=cWZmRnFwVUFwRkE5UUEzZVF5WWJ6ZlJhX0RRUDVpWERqb1p1bWJiakw5VVVQOTBhd09nbTd5THBHazhYRy1rd3FEcWNZM3NPQ2k3M3E5TnZHNjg2WlRCLWFWSmh3aGwtVWFvX3JhUUMyZEtaQzJ4UUFZWVNVV3c0dlo3amtfNGZ6VUVBLTBfaG9XTHJPWnNVTTVIdTdBMg2&id=3844cc8e-d46f-4274-92c9-27682d88e432 Page URL
-
http://btpnative.com/Redirect/
HTTP 302
https://beta.mybetterck.com/aS/feedclick?s=9XmSB6CFggS6IfcT-kj6ScjqPpYD9LTmZgEmKxZ3C-u6pmY-WhJtQILUfaDR__NeVVH-ImtJpPaG_Nh80WMmwqfTqqBykvhw6dH2_md3Y9YZj4kSw3nVPovsevMZH__lphn_x0BlwTgwt6QWV9axOl8GNGGraCkoUgEP24PaLEKKxsudmYD7lTgzEWel5Vxbhkv6VMAeJFR5qdAIxBzvDrocT0l0ePTg_G_eDdb0G2nHJM-VHfkzUeA6qYXfIcjl-Q654xiIU_DUUQUNUi2TXJSyIWaxBjEXx8VKEGSHsNeNlJO2KMXfE4_C7TLzGzvT4GQjEI5pVXwNn2QHnJ1339xkFFfhvQSmIM3nmreCuyAHgW_Ua3eG7bsYlJDLVoqCQ2vIBmsapSbDaW_jDxPfhJ_9NSCu-Ykx6shXi4dmIYEqhZx54Gt4T7w-37S15LgRHgqL5SwJldysjOF07A7p40onyPnXD0dX5IBovVg4uH4umxE0Y2vz1iSLUcpUNne8EG0x86Xx_lOZsVNZTRqyHEigVbNmf9oQKDcD-JAfTjn2oTVSDbiVk1xfuhRDQKtLhrPGrZ77cdRKN6_bwbPP570Vtk3gWsqUP0JGmYMIU7om97LaL2IWO3NbV92FuQe6riyaRpLURKTBNqVUWStiinuSooVkpsDYNC9RlkKQnibzS8a2rxYU_cmLK3P3UZz9D_crAoGtTf5AmujzirSTv3z6OOyAktQImnfDPmHa8uogXEbfQydnhSypAMUIHqP1Gk_jFtB_p0tWmjHexJnEh_cXLbAUCXEBcxL7QF81-CWBnfXAzoV0pDR1JwvBfANyXiXEG1NZg7PtrcEAQXgD037B7TL4eJP42ISf_qyLHoboXxY5AyfyhdZ8nGZtIj6mAxt7lPz8l_BZsaxPQ9q4OQjaEzRMZjuauRFUIHJ8jhaXSYh4IGWmguloyjdNEoDx_DQ5xZkWDmEspgJ0yLM4TgCvhwrvVxQqMOFQ4va8w3KS_OQWnIsU959q_fhlpWaZsPVedJRQ3ucN6i0kDcaJrm_tkyvMVqCGvMybucTwPAETYguSEfbNoFzoj7-OyozEhdbKOvwuga_fAqOSVHKI6agejVIrehRGC0Wy4qwZ9KUUarbi3qQuL9DedTprsyOTOCztFukD6b0S6LRM7rx3XfNyRGSUEUZ4TitYoDNk6TNHRWcvY6XRDQcs1axHZgpJE9X3AYQsCpAEn3pdnGSoQpHTA7Kz9fo94mKnTULy2teQgTesP9hhxGDRHWG4uWWICXGwoH8sHHIMxYMRwisSyW4UKVXLIUgDq2oIlaUhe4-JeKaP7K1ewgmFxxcjfl2jWjRlBavzIZ9OeYGVfsA2k0CB6YDvGJB4JfAa-p_Um50Lu4ZMhasMgTWxta8M5_ibNh81Y0uHt2Iufy-cCLZPhmGKtkyD3Tx4PIkSBCwJ96Z1pTGPU7n1Ys-Lug8fbpLTGczI9-knlp0NIB92c2RLoWaim1aa612Pel8lJZsgqfESE3OkGlechF4IzNp5rkQSlQ3QVB7PAitingtw_af89mDMu7x4X6MyVDhRgIfDinM26NmFjFLzcpX4XhCVxVeFRCDAXsstUWSxcghy2qvPLwjaDjIT-nu1eDMHX_1x9ZETeZqsdkf4PVeG9TBpu_AHhp24Tq_s9V1kqCxK2RiJ7bHM1d-bPhRxvEHVlFeLrlDfbquoPQJw77HM1d-bPhRxef1ra1KbHrXoHfu69sQQiwXB51tqT9-yhCcIiriXVPlws6mAbFqURt0Azp-j8QGh HTTP 302
https://beta.mybetterck.com/adServe/domainClick?ai=kWFaCUptNn4MPgXsAes-b9KId4yj9-6urhPP6rwnoiVixC59MK2LTm9T4Z5WoqIT935Ad60oVqknDum8tXoLph8C6ONe2RpkqLuPp3A4n7zi-c2vFtO8qZ8a1SHWvwV0Jnzr6D87TI5LKRKhRkq4GsjPOHSGnqiAr1ulfGZWosFW0pQB_xRArwL9XpY9JaUgBbYQ9feXOWE4_hj3LKCP219vkVB5mXvk22Ydr6xcDoFc_qf-lol1R5gMybe9JQZwSRjufKR1ppGgjLwj7N4YhmU-IJPnlV1fCW3sEAs7Z1lq-s3fgKU0oS5_L5wItk-GlJxRbMtshDYFnPUGlYiJPb5An83H3WM-XgjM2nmuRBJRZ2zfpC2eeL7AdIrib2gOJf4yBNRlqxdPnEhIaw2zsRJHJzdDv6O5-zfUS8nVU04fFcxJ0StShp2s0_34CATUuHZzeSQTgkyFv_aZQC5A4r4FDOdw858tImbOeXz24ZVRY0XLI-w26tWjri88Beg6ZonWe_Vtl9GtFLC8pMLsUA5RUDuR6cw8U3Ic3SqvsOtDSNILAwdLO3H7_a5KV3xE&ui=9XmSB6CFggTENzPKQVSHVYBVNmK1S2tVTaK5KHYcXM5O8s6Is6Zs2-GiABJiAJgSPedT7FyIK6NXckWTrI6Grzz7yH3VnsXTm7tjJ6h-JVHVIxLadICqWw&si=1&oref=80f69c4a6ead2556f1a3a3943332bb5d&optunit=o3PohfWRZSRQcf6yP-TKbg&rb=ntzDoPN7Tjk&rr=1&abtg=0 Page URL
-
https://dimessing-parker.com/3fcdbe2b-3fa7-44d2-86b5-aa8f5167c6b8?source=420041393&keyword=capitalonae.com+RO+Loans+Credit+Lending+Finance+Credit+Reporting+%26+Monitoring+Credit+Cards&geo=DE&cmpgnnme=WW-MS-ALL-ALL-RAD-CRM_EXT-DSKTP-D-090222&device=Desktop&os=Windows+10&browser=Chrome+100&carrier=UNKNOWN&lang=@@LANGUAGE@@&creative=@@CREATIVE-ID@@&bid=0.0008&clickid=88538464928
HTTP 302
https://brko.admobe.com/fsadfsda/fsdagsdag/?utm_source=1764&utm_campaign=9146574&cid=wrki1gnco38483afiaii0qfk&sid=3fcdbe2b-3fa7-44d2-86b5-aa8f5167c6b8 HTTP 302
https://syncintenselydevelopedthefile.vip/HXuTk4eRvpmGdSa85xwhoBWfrmRZoaQjbpuvMnS6PQ8?cid=wrki1gnco38483afiaii0qfk&sid=3fcdbe2b-3fa7-44d2-86b5-aa8f5167c6b8 HTTP 302
https://tracking.prtrackings.com/click?pid=100&offer_id=2252&sub1=HndKDbAYdvA2Hz3mDK4p5sbjPTleK7Lb&sub2=3fcdbe2b-3fa7-44d2-86b5-aa8f5167c6b8 HTTP 302
https://adblockultra.com/download.php?camp=AWbjhkewq54bhj&zo=100_3fcdbe2b-3fa7-44d2-86b5-aa8f5167c6b8&cid=624fa97eb9b33c0001cca1da&adn=pr Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- http://capitalonae.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY0OTM5NTA5OSwiaWF0IjoxNjQ5Mzg3ODk5LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycmhzcjNodTQ1ZmJ2ZzUwaXMyMTE2azgiLCJuYmYiOjE2NDkzODc4OTksInRzIjoxNjQ5Mzg3ODk5MzU5MDQ2fQ.rLGwzhoT8j1O-xdK4830g1Pc2aBQtQwNNbJnDz-w_do&sid=89e0c20c-b6ea-11ec-85fc-b29389d0a6e7 HTTP 302
- http://btpnative.com/click?data=cWZmRnFwVUFwRkE5UUEzZVF5WWJ6ZlJhX0RRUDVpWERqb1p1bWJiakw5VVVQOTBhd09nbTd5THBHazhYRy1rd3FEcWNZM3NPQ2k3M3E5TnZHNjg2WlRCLWFWSmh3aGwtVWFvX3JhUUMyZEtaQzJ4UUFZWVNVV3c0dlo3amtfNGZ6VUVBLTBfaG9XTHJPWnNVTTVIdTdBMg2&id=3844cc8e-d46f-4274-92c9-27682d88e432
- http://btpnative.com/Redirect/ HTTP 302
- https://beta.mybetterck.com/aS/feedclick?s=9XmSB6CFggS6IfcT-kj6ScjqPpYD9LTmZgEmKxZ3C-u6pmY-WhJtQILUfaDR__NeVVH-ImtJpPaG_Nh80WMmwqfTqqBykvhw6dH2_md3Y9YZj4kSw3nVPovsevMZH__lphn_x0BlwTgwt6QWV9axOl8GNGGraCkoUgEP24PaLEKKxsudmYD7lTgzEWel5Vxbhkv6VMAeJFR5qdAIxBzvDrocT0l0ePTg_G_eDdb0G2nHJM-VHfkzUeA6qYXfIcjl-Q654xiIU_DUUQUNUi2TXJSyIWaxBjEXx8VKEGSHsNeNlJO2KMXfE4_C7TLzGzvT4GQjEI5pVXwNn2QHnJ1339xkFFfhvQSmIM3nmreCuyAHgW_Ua3eG7bsYlJDLVoqCQ2vIBmsapSbDaW_jDxPfhJ_9NSCu-Ykx6shXi4dmIYEqhZx54Gt4T7w-37S15LgRHgqL5SwJldysjOF07A7p40onyPnXD0dX5IBovVg4uH4umxE0Y2vz1iSLUcpUNne8EG0x86Xx_lOZsVNZTRqyHEigVbNmf9oQKDcD-JAfTjn2oTVSDbiVk1xfuhRDQKtLhrPGrZ77cdRKN6_bwbPP570Vtk3gWsqUP0JGmYMIU7om97LaL2IWO3NbV92FuQe6riyaRpLURKTBNqVUWStiinuSooVkpsDYNC9RlkKQnibzS8a2rxYU_cmLK3P3UZz9D_crAoGtTf5AmujzirSTv3z6OOyAktQImnfDPmHa8uogXEbfQydnhSypAMUIHqP1Gk_jFtB_p0tWmjHexJnEh_cXLbAUCXEBcxL7QF81-CWBnfXAzoV0pDR1JwvBfANyXiXEG1NZg7PtrcEAQXgD037B7TL4eJP42ISf_qyLHoboXxY5AyfyhdZ8nGZtIj6mAxt7lPz8l_BZsaxPQ9q4OQjaEzRMZjuauRFUIHJ8jhaXSYh4IGWmguloyjdNEoDx_DQ5xZkWDmEspgJ0yLM4TgCvhwrvVxQqMOFQ4va8w3KS_OQWnIsU959q_fhlpWaZsPVedJRQ3ucN6i0kDcaJrm_tkyvMVqCGvMybucTwPAETYguSEfbNoFzoj7-OyozEhdbKOvwuga_fAqOSVHKI6agejVIrehRGC0Wy4qwZ9KUUarbi3qQuL9DedTprsyOTOCztFukD6b0S6LRM7rx3XfNyRGSUEUZ4TitYoDNk6TNHRWcvY6XRDQcs1axHZgpJE9X3AYQsCpAEn3pdnGSoQpHTA7Kz9fo94mKnTULy2teQgTesP9hhxGDRHWG4uWWICXGwoH8sHHIMxYMRwisSyW4UKVXLIUgDq2oIlaUhe4-JeKaP7K1ewgmFxxcjfl2jWjRlBavzIZ9OeYGVfsA2k0CB6YDvGJB4JfAa-p_Um50Lu4ZMhasMgTWxta8M5_ibNh81Y0uHt2Iufy-cCLZPhmGKtkyD3Tx4PIkSBCwJ96Z1pTGPU7n1Ys-Lug8fbpLTGczI9-knlp0NIB92c2RLoWaim1aa612Pel8lJZsgqfESE3OkGlechF4IzNp5rkQSlQ3QVB7PAitingtw_af89mDMu7x4X6MyVDhRgIfDinM26NmFjFLzcpX4XhCVxVeFRCDAXsstUWSxcghy2qvPLwjaDjIT-nu1eDMHX_1x9ZETeZqsdkf4PVeG9TBpu_AHhp24Tq_s9V1kqCxK2RiJ7bHM1d-bPhRxvEHVlFeLrlDfbquoPQJw77HM1d-bPhRxef1ra1KbHrXoHfu69sQQiwXB51tqT9-yhCcIiriXVPlws6mAbFqURt0Azp-j8QGh HTTP 302
- https://beta.mybetterck.com/adServe/domainClick?ai=kWFaCUptNn4MPgXsAes-b9KId4yj9-6urhPP6rwnoiVixC59MK2LTm9T4Z5WoqIT935Ad60oVqknDum8tXoLph8C6ONe2RpkqLuPp3A4n7zi-c2vFtO8qZ8a1SHWvwV0Jnzr6D87TI5LKRKhRkq4GsjPOHSGnqiAr1ulfGZWosFW0pQB_xRArwL9XpY9JaUgBbYQ9feXOWE4_hj3LKCP219vkVB5mXvk22Ydr6xcDoFc_qf-lol1R5gMybe9JQZwSRjufKR1ppGgjLwj7N4YhmU-IJPnlV1fCW3sEAs7Z1lq-s3fgKU0oS5_L5wItk-GlJxRbMtshDYFnPUGlYiJPb5An83H3WM-XgjM2nmuRBJRZ2zfpC2eeL7AdIrib2gOJf4yBNRlqxdPnEhIaw2zsRJHJzdDv6O5-zfUS8nVU04fFcxJ0StShp2s0_34CATUuHZzeSQTgkyFv_aZQC5A4r4FDOdw858tImbOeXz24ZVRY0XLI-w26tWjri88Beg6ZonWe_Vtl9GtFLC8pMLsUA5RUDuR6cw8U3Ic3SqvsOtDSNILAwdLO3H7_a5KV3xE&ui=9XmSB6CFggTENzPKQVSHVYBVNmK1S2tVTaK5KHYcXM5O8s6Is6Zs2-GiABJiAJgSPedT7FyIK6NXckWTrI6Grzz7yH3VnsXTm7tjJ6h-JVHVIxLadICqWw&si=1&oref=80f69c4a6ead2556f1a3a3943332bb5d&optunit=o3PohfWRZSRQcf6yP-TKbg&rb=ntzDoPN7Tjk&rr=1&abtg=0
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
capitalonae.com/ |
471 B 830 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
click
btpnative.com/ Redirect Chain
|
5 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
domainClick
beta.mybetterck.com/adServe/ Redirect Chain
|
574 B 818 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
download.php
adblockultra.com/ Redirect Chain
|
30 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/ |
64 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ |
152 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
adblockultra.com/i/ |
2 KB 805 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
adblockultra.com/i/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
email-decode.min.js
adblockultra.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chromewebstore.png
adblockultra.com/i/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails9 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.capitalonae.com/ | Name: sid Value: 89e0c20c-b6ea-11ec-85fc-b29389d0a6e7 |
|
btpnative.com/ | Name: xVDfUztzOmFRTzy Value: xVDfUztzOmFRTzy |
|
.mybetterck.com/ | Name: rhid Value: 81047697019 |
|
.mybetterck.com/ | Name: loi Value: ad_1145242_off_589393_aff_16768_cid_274639-576382671-CAPITALONAE.COM_ts_1649387901 |
|
.dimessing-parker.com/ | Name: 3fcdbe2b-3fa7-44d2-86b5-aa8f5167c6b8-v4 Value: iucClQ7gz40dHTH0_dTU0y-BpzvBadburCQH7TbrApg |
|
.dimessing-parker.com/ | Name: cc-v4 Value: JuRGqBzUYbhkOKfNwMaxkcChi8nH2XwOvkb6FFrzAB25BdY5%2Futrzr4c0ZSRVwVPmx6P8sUxJk20TxoL8IdvKOXqBVtgZjpc2x%2FTO7Ct%2Fq5gp6afQgp82V8lF6QLej4lOl1F%2FYPfm6WvdiOP2NGkIw%3D%3D |
|
syncintenselydevelopedthefile.vip/ | Name: session Value: HndKDbAYdvA2Hz3mDK4p5sbjPTleK7Lb |
|
tracking.prtrackings.com/ | Name: afclick Value: 624fa97eb9b33c0001cca1da |
|
tracking.prtrackings.com/ | Name: afoffers Value: {"2252":1649387902} |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adblockultra.com
beta.mybetterck.com
brko.admobe.com
btpnative.com
capitalonae.com
cdn.jsdelivr.net
dimessing-parker.com
fonts.googleapis.com
syncintenselydevelopedthefile.vip
tracking.prtrackings.com
107.20.106.95
108.168.193.189
18.195.123.247
209.15.13.136
213.227.132.155
23.82.12.34
2606:4700:3032::ac43:8402
2606:4700::6810:5914
2a00:1450:4001:810::200a
3.226.146.143
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2b74fcd6c38eb603d9c86cd1c8cb97ba423d200d7e3e555cbc5a704ac456e00f
2fdc20935f1adcf47b9fe8f9455be27e1049200eee554444385c6845422b028c
3c325075337b768950583012228055ae392e384688d77ec5235e6ca88dcec6ef
71e8e4857bc6ef9faea375ba11f1f66ca23cca2adc4da4590939f26c58e28347
7625c690f85b83edf8b4ee169d6a4a1014dd9181cc33f6c5b68014ff8c682d36
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664