stop-adblocker.info
Open in
urlscan Pro
2a06:98c1:3120::c
Public Scan
Effective URL: https://stop-adblocker.info/addon.php?ex=bqoggoyXDFdelay&v=2&fe=29328_382399_3580_338447&fa=e8k0s8w8w404w48k&ez=og&fc=382399...
Submission: On January 24 via manual from US — Scanned from NL
Summary
TLS certificate: Issued by GTS CA 1P5 on December 1st 2022. Valid for: 3 months.
This is the only time stop-adblocker.info was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 188.72.236.34 188.72.236.34 | 35415 (WEBZILLA) (WEBZILLA) | |
1 2 | 34.141.179.97 34.141.179.97 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 1 | 2606:4700:10:... 2606:4700:10::6816:6bf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 88.208.46.156 88.208.46.156 | 39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS) | |
1 | 2a06:98c1:312... 2a06:98c1:3120::c | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a04:4e42:400... 2a04:4e42:400::485 | 54113 (FASTLY) (FASTLY) | |
1 | 2606:4700:303... 2606:4700:3030::ac43:af3c | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:303... 2606:4700:3033::6815:4ce8 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
8 | 7 |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 97.179.141.34.bc.googleusercontent.com
aditmedia.g2afse.com |
ASN13335 (CLOUDFLARENET, US)
twotreymedia10001697.o18.click |
ASN39572 (ADVANCEDHOSTERS-AS, NL)
offergate-software-0512.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
g2afse.com
1 redirects
aditmedia.g2afse.com — Cisco Umbrella Rank: 203167 |
877 B |
1 |
stopadblocker.com
stopadblocker.com — Cisco Umbrella Rank: 563381 |
568 B |
1 |
anida.info
anida.info — Cisco Umbrella Rank: 794025 |
1 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 357 |
27 KB |
1 |
stop-adblocker.info
stop-adblocker.info |
3 KB |
1 |
offergate-software-0512.com
1 redirects
offergate-software-0512.com — Cisco Umbrella Rank: 591303 |
446 B |
1 |
o18.click
1 redirects
twotreymedia10001697.o18.click |
566 B |
1 |
startd0wnload22x.com
startd0wnload22x.com — Cisco Umbrella Rank: 355278 |
6 KB |
1 |
9shndkfjsdf99.monster
9shndkfjsdf99.monster |
6 KB |
0 |
Failed
function sub() { [native code] }. Failed |
|
8 | 10 |
Domain | Requested by | |
---|---|---|
2 | aditmedia.g2afse.com |
1 redirects
9shndkfjsdf99.monster
|
1 | stopadblocker.com |
stop-adblocker.info
|
1 | anida.info |
stop-adblocker.info
|
1 | cdn.jsdelivr.net |
stop-adblocker.info
|
1 | stop-adblocker.info |
startd0wnload22x.com
|
1 | offergate-software-0512.com | 1 redirects |
1 | twotreymedia10001697.o18.click | 1 redirects |
1 | startd0wnload22x.com | |
1 | 9shndkfjsdf99.monster | |
0 | gjahpflpgafifhkomjcafmdloplepple Failed |
stop-adblocker.info
|
8 | 10 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
9shndkfjsdf99.monster R3 |
2023-01-04 - 2023-04-04 |
3 months | crt.sh |
*.g2afse.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-08-04 - 2023-09-04 |
a year | crt.sh |
startd0wnload22x.com R3 |
2023-01-17 - 2023-04-17 |
3 months | crt.sh |
*.stop-adblocker.info GTS CA 1P5 |
2022-12-01 - 2023-03-01 |
3 months | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4 |
2022-12-23 - 2024-01-24 |
a year | crt.sh |
*.anida.info GTS CA 1P5 |
2022-11-21 - 2023-02-19 |
3 months | crt.sh |
*.stopadblocker.com E1 |
2022-12-23 - 2023-03-23 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://stop-adblocker.info/addon.php?ex=bqoggoyXDFdelay&v=2&fe=29328_382399_3580_338447&fa=e8k0s8w8w404w48k&ez=og&fc=382399_3580_338447
Frame ID: FF6F76F0AD07056B99EFB3F862D7905D
Requests: 6 HTTP requests in this frame
Frame:
https://anida.info/a.php?id=0065&e=VPGCNBK0FG&c=bqoggoyXDFdelay&r=og&cid=e8k0s8w8w404w48k&z=29328_382399_3580_338447&m=382399_3580_338447&v=2&dr=https%3A%2F%2Fstartd0wnload22x.com%2F&inw=1600&inh=1200
Frame ID: 1EDC3A0DA401D4AA31C822F8E76149D8
Requests: 1 HTTP requests in this frame
Frame:
https://stopadblocker.com/rm.php
Frame ID: 0786445209AFC401666308ECAB88AC7E
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Stop AdBlockerPage URL History Show full URLs
- https://9shndkfjsdf99.monster/ixr3Kf72d376ea256ac70c46efa9b7d1525c0fc433843?q=%3C?php%20echo%20substr(md5(... Page URL
- https://aditmedia.g2afse.com/click?pid=3580&offer_id=17211&sub2=343146&sub1=AH4q0GNqPAUApE8CAE5MFwASAHV9-DAA Page URL
- https://startd0wnload22x.com/GcrKe5df719a4160df814a97c81d2d8cf908b45f4a921?q=&s1=3580_343146&s3=63d02a7eb... Page URL
-
https://aditmedia.g2afse.com/click?pid=3580&offer_id=19394&sub2=338447&sub1=AH8q0GMPKgUA6VgCAE5MFwASAEzVdaMA
HTTP 302
https://twotreymedia10001697.o18.click/c?o=19918054&m=12094&a=382399&aff_click_id=63d02a7f4676e7000140c8d4&sub_aff_... HTTP 302
https://offergate-software-0512.com/2-hk03d-jef-cmmo-i2c6?subid_1=382399_3580_338447&subid_7=D-19918054-16745867... HTTP 302
https://stop-adblocker.info/addon.php?ex=bqoggoyXDFdelay&v=2&fe=29328_382399_3580_338447&fa=e8k0s8w8w404... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Bootstrap (Web Frameworks) Expand
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
jsDelivr (CDN) Expand
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://9shndkfjsdf99.monster/ixr3Kf72d376ea256ac70c46efa9b7d1525c0fc433843?q=%3C?php%20echo%20substr(md5(microtime()),0,rand(7,27));?%3E&p=AlDente%20Pro%20App%20for%20Mac%201.19.2%20Best%20Battery%20Charging%20Manager%20App%20for%20mac%20OS Page URL
- https://aditmedia.g2afse.com/click?pid=3580&offer_id=17211&sub2=343146&sub1=AH4q0GNqPAUApE8CAE5MFwASAHV9-DAA Page URL
- https://startd0wnload22x.com/GcrKe5df719a4160df814a97c81d2d8cf908b45f4a921?q=&s1=3580_343146&s3=63d02a7eb10ff500019e21d5 Page URL
-
https://aditmedia.g2afse.com/click?pid=3580&offer_id=19394&sub2=338447&sub1=AH8q0GMPKgUA6VgCAE5MFwASAEzVdaMA
HTTP 302
https://twotreymedia10001697.o18.click/c?o=19918054&m=12094&a=382399&aff_click_id=63d02a7f4676e7000140c8d4&sub_aff_id=3580_338447 HTTP 302
https://offergate-software-0512.com/2-hk03d-jef-cmmo-i2c6?subid_1=382399_3580_338447&subid_7=D-19918054-1674586751-34G27G109G43-ARQMC1752 HTTP 302
https://stop-adblocker.info/addon.php?ex=bqoggoyXDFdelay&v=2&fe=29328_382399_3580_338447&fa=e8k0s8w8w404w48k&ez=og&fc=382399_3580_338447 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
ixr3Kf72d376ea256ac70c46efa9b7d1525c0fc433843
9shndkfjsdf99.monster/ |
5 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
click
aditmedia.g2afse.com/ |
258 B 509 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GcrKe5df719a4160df814a97c81d2d8cf908b45f4a921
startd0wnload22x.com/ |
6 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
addon.php
stop-adblocker.info/ Redirect Chain
|
8 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/css/ |
190 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
7f1bec3e-8c3b-42d6-b17b-805906843bfd.png
gjahpflpgafifhkomjcafmdloplepple/static/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a.php
anida.info/ Frame 1EDC |
96 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rm.php
stopadblocker.com/ Frame 0786 |
0 568 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- gjahpflpgafifhkomjcafmdloplepple
- URL
- chrome-extension://gjahpflpgafifhkomjcafmdloplepple/static/7f1bec3e-8c3b-42d6-b17b-805906843bfd.png
Verdicts & Comments Add Verdict or Comment
11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| oncontentvisibilityautostatechange object| req_existing_user object| landing_iframe function| openNewWindow function| openNewTab function| openSameTab function| listenInstallCompleted function| openInstructions object| windowObjectReference15 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
9shndkfjsdf99.monster/ | Name: bd_context Value: Kp6QR9/Pz3DfrMrTrZpVf1UUOzfg6gJzGy2PJFrYkh0lTzN8fkX0X/BKwTDBqmkFSkM3GehWAVdQCEKiSXVQ2IivqUFEZRV6l+8XWreXb7IqL6MIgghNOyUpbZSU1R1IkUjXP5vo5LV+OghMAZFXuAfz5JhS6hzbi4w+03jSUw6lxwLXT3Yu6nXAmxrryVPMDOKyWLXnreiH+uLH2cKjhFt9vjN1KlFk9NsdDNWeTsQTYBGOoqbwmHiw5x1h9E1pSws5x1xY2yvNWrBMOFKzMM/TGd7fv7qA/eYR5k7cHw7mGuopAEH89oLXfFXSrjMw1OGwsAHu7o3fZVWgA4in9MQ3pl0= |
|
startd0wnload22x.com/ | Name: bd_context Value: q0stE3fCqIICvE3CgGSosFVStWZEv9sWWYfRuhJnGyGryi2b4knjzNu2orPUJpEEB7O3rrEj2Ony9Wu8GLfaHh/21m4dtHQ7QfoBtBBN/3TcACyhwALNilxbl5mbf27oHmqYxozjjqdNFNaOn7lMc9ZXgMDVCpCqM9c7meP53SpOII+PhCL6HBRGia4AYoFyI6cm69IAnu6lbS98NbQCTXOYKCxO7SVoMjZvBkj5DGKOEYTt1Od9PqWRdm/fb0PaGk7Nf1q89z8hW9oAkxjvBXZX2R60VtLAMK6AvGKVpFeYyXr+XZy9ILp+TUIVpfimpScBXtyonK7XRhs15pXcv8rad8M= |
|
aditmedia.g2afse.com/ | Name: afclick Value: 63d02a7f4676e7000140c8d4 |
|
aditmedia.g2afse.com/ | Name: afoffers Value: {"17211":1674586750,"19394":1674586751} |
|
twotreymedia10001697.o18.click/ | Name: MTK5MTGWNTR8MJAWMTOXYWY4OJQWMJA6YTAZNDOXMDAWOJOXMW Value: 1674586751.5562 |
|
twotreymedia10001697.o18.click/ | Name: 19918054 Value: D-19918054-1674586751-34G27G109G43-ARQMC1752 |
|
twotreymedia10001697.o18.click/ | Name: ____global_tid Value: D-19918054-1674586751-34G27G109G43-ARQMC1752 |
|
offergate-software-0512.com/ | Name: visitId Value: e8k0s8w8w404w48k |
|
.anida.info/ | Name: c0065 Value: bqoggoyXDFdelay |
|
.anida.info/ | Name: r0065 Value: og |
|
.anida.info/ | Name: cid0065 Value: e8k0s8w8w404w48k |
|
.anida.info/ | Name: z0065 Value: 29328_382399_3580_338447 |
|
.anida.info/ | Name: v0065bqoggoyXDFdelay Value: %7B%222%22%3A1%7D |
|
.anida.info/ | Name: e0065 Value: VPGCNBK0FG |
|
.anida.info/ | Name: _asd Value: 16745867524585715 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
9shndkfjsdf99.monster
aditmedia.g2afse.com
anida.info
cdn.jsdelivr.net
gjahpflpgafifhkomjcafmdloplepple
offergate-software-0512.com
startd0wnload22x.com
stop-adblocker.info
stopadblocker.com
twotreymedia10001697.o18.click
gjahpflpgafifhkomjcafmdloplepple
188.72.236.34
2606:4700:10::6816:6bf
2606:4700:3030::ac43:af3c
2606:4700:3033::6815:4ce8
2a04:4e42:400::485
2a06:98c1:3120::c
34.141.179.97
88.208.46.156
2143941c03dacda8b4f1016ced6e0c6f34e5c04585a3bcffe33c3c626c448a4a
3aec9855d15182a60f944f96792b695b7c6f6d91674abe192e1a0d5c83a330d0
8d5f7d977f9b96d4f7abe30653ea52b3406938d5175ebb743bf839beab7f59f6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855