![](/screenshots/663d7611-b927-42e3-84db-483ffb8e7c4f.png)
kingadblocker.com
Open in
urlscan Pro
188.114.96.3
Public Scan
Effective URL: https://kingadblocker.com/extension.php?jn=cjprZNLyLmo&_d=3&ju=4_&jq=662d2ea30e8b98000127e1c3&jp=pr
Submission Tags: @phish_report
Submission: On April 27 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by E1 on February 29th 2024. Valid for: 3 months.
This is the only time kingadblocker.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 12 | 2a04:4e42:600... 2a04:4e42:600::775 | 54113 (FASTLY) (FASTLY) | |
2 | 104.16.87.20 104.16.87.20 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 91.148.141.242 91.148.141.242 | 203380 (DAINTERNA...) (DAINTERNATIONALGROUP) | |
1 1 | 64.227.23.114 64.227.23.114 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
2 3 | 172.67.164.155 172.67.164.155 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 34.90.81.51 34.90.81.51 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 | 188.114.96.3 188.114.96.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 104.16.89.20 104.16.89.20 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 188.114.97.3 188.114.97.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 172.67.175.161 172.67.175.161 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a06:98c1:312... 2a06:98c1:3121::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
23 | 10 |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.81.90.34.bc.googleusercontent.com
tracking.pretrackings.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
ghost.io
1 redirects
appusss.ghost.io |
81 KB |
4 |
kingadblock.com
kingadblock.com — Cisco Umbrella Rank: 479359 |
9 KB |
3 |
buzzonclick.com
2 redirects
buzzonclick.com |
5 KB |
3 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 320 |
358 KB |
1 |
tururu.info
tururu.info — Cisco Umbrella Rank: 572270 |
|
1 |
kingadblocker.com
kingadblocker.com |
3 KB |
1 |
pretrackings.com
1 redirects
tracking.pretrackings.com — Cisco Umbrella Rank: 264669 |
254 B |
1 |
cchcontent.com
1 redirects
cchcontent.com |
288 B |
1 |
2fu.us
2fu.us |
314 B |
0 |
Failed
function sub() { [native code] }. Failed |
|
23 | 10 |
Domain | Requested by | |
---|---|---|
12 | appusss.ghost.io |
1 redirects
appusss.ghost.io
cdn.jsdelivr.net |
4 | kingadblock.com |
kingadblocker.com
|
3 | buzzonclick.com |
2 redirects
2fu.us
|
3 | cdn.jsdelivr.net |
appusss.ghost.io
kingadblocker.com |
1 | tururu.info |
kingadblocker.com
|
1 | kingadblocker.com |
buzzonclick.com
|
1 | tracking.pretrackings.com | 1 redirects |
1 | cchcontent.com | 1 redirects |
1 | 2fu.us |
appusss.ghost.io
|
0 | invalid Failed |
kingadblocker.com
|
23 | 10 |
This site contains links to these domains. Also see Links.
Domain |
---|
kingadblock.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
ghost.io R3 |
2024-04-18 - 2024-07-17 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-02 - 2024-05-01 |
a year | crt.sh |
*.2fu.us R3 |
2024-03-01 - 2024-05-30 |
3 months | crt.sh |
buzzonclick.com GTS CA 1P5 |
2024-04-17 - 2024-07-16 |
3 months | crt.sh |
kingadblocker.com E1 |
2024-02-29 - 2024-05-29 |
3 months | crt.sh |
kingadblock.com GTS CA 1P5 |
2024-04-10 - 2024-07-09 |
3 months | crt.sh |
tururu.info GTS CA 1P5 |
2024-03-17 - 2024-06-15 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://kingadblocker.com/extension.php?jn=cjprZNLyLmo&_d=3&ju=4_&jq=662d2ea30e8b98000127e1c3&jp=pr
Frame ID: E25EE68E32080D896177C7AEE43AB9DB
Requests: 21 HTTP requests in this frame
Frame:
https://tururu.info/a.php?id=0083&e=VPGCNBK0FG&c=cjprZNLyLmo&r=pr&cid=662d2ea30e8b98000127e1c3&z=4_&v=12&dr=&inw=1600&inh=1200
Frame ID: 02D7D85340A4EA6C90A49571FD45B088
Requests: 1 HTTP requests in this frame
Frame:
https://kingadblock.com/clear.php
Frame ID: E02BB07B7295B6A74073AD65782C86E2
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/663d7611-b927-42e3-84db-483ffb8e7c4f.png)
Page Title
Ylös - Mainosten estoPage URL History Show full URLs
-
https://appusss.ghost.io/newss022
HTTP 301
https://appusss.ghost.io/newss022/ Page URL
-
https://cchcontent.com/?k=d779c440edb57bd974c500d65f843657&type=mainstream&subtype=global&data1=pc
HTTP 302
https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=e12e00fd80e0e87a7ecddd1c9381e207&sub1=15965 Page URL
-
https://buzzonclick.com/jump/next.php?stamat=m%257CJmoiO-IhaQdHkAH0dEdHP3xP.dc4%252C7H0PozvLiGV-YkDx...
HTTP 302
https://buzzonclick.com/script/i.php?t=1&c=23791358&stamat=m%257C%252C%252CQiK-Y3d3tGU3Bf-GH0dEdHP3x... HTTP 302
https://tracking.pretrackings.com/sl?id=65f3322f81c1e9a1bc0578a4&pid=4&sub1=171423709110000TFITV431171547434V5... HTTP 302
https://kingadblocker.com/extension.php?jn=cjprZNLyLmo&_d=3&ju=4_&jq=662d2ea30e8b98000127e1c3&jp=pr Page URL
Detected technologies
Detected patterns
- \.php(?:$|\?)
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: tietosuojakäytäntömme
Search URL Search Domain Scan URL
Title: Hyväksy ja jatka
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://appusss.ghost.io/newss022
HTTP 301
https://appusss.ghost.io/newss022/ Page URL
-
https://cchcontent.com/?k=d779c440edb57bd974c500d65f843657&type=mainstream&subtype=global&data1=pc
HTTP 302
https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=e12e00fd80e0e87a7ecddd1c9381e207&sub1=15965 Page URL
-
https://buzzonclick.com/jump/next.php?stamat=m%257CJmoiO-IhaQdHkAH0dEdHP3xP.dc4%252C7H0PozvLiGV-YkDx825CHvFqCTwtj69cLAMa6B_ixZluqnVADw_ZUGwm9V9TwiwtKdhP1P5ny7Kkthi1INPlhh-ZYIafmlGBCVxjhLPnIt9i_CADpUAIq-GSYSo2aqIwQuFn8ly81J-D1nQWPrpIFA%252C%252C&cbpage=https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=e12e00fd80e0e87a7ecddd1c9381e207&sub1=15965&cbur=0.9522730632798659&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=https%3A%2F%2Fappusss.ghost.io%2Fnewss022%2F&ufp=Win32%2FMozilla%2FNetscape%2Ftrue%2Ffalse1600x1200-180fi-FI81724%20bits
HTTP 302
https://buzzonclick.com/script/i.php?t=1&c=23791358&stamat=m%257C%252C%252CQiK-Y3d3tGU3Bf-GH0dEdHP3xP.188%252CSU0aC4BHqgMBp6SsgDzXB9byKfZlBIUw7Hh5HiVYE-YNCx9EeT6QM7ltsw578xfUIfPHuLyUNBS3kTBK1BlyNWS-9I-HouBz9dBOKalVArlPC5dOfFTkStqfJkfMVujJL5JnJ2RfjaPjzxIO9XrnkhiZ7dI1ozC1G8aP-Gr-eczO-ZO6zH13iL_32Oll9qL5Q4wjzP9Ar9gbvRZ_ItgU5MgO5fplAjWv1qDvCuG1IuKLvwldQgUxbdr2NvFDjT8TK76ix2LDITIrwFUTZ30KPyohqoD_17NWMA8jfQA2aMcJjOjfxNciXYL66JmAo3StarEEE1UEFbP7MIlPaHYLVcK1Rz1wLx8FyAIOyM7VlhAbYNh96AsjfHqMAkHNxx4k1GMELEX2b365Lo34tKmFISKCwAvFYMmi-PhogKqoqwRYCGIod9gnFK3QJ_w7oYcipadSYLp3WdCfUSZgKXyLaO7bfe1kB24rNF_VMvtkZxovUFqE3tWpLHQQJlFbzGcvr3Qvid1kDX0niMNyrOqebjE8fHzo8pGY6jgN95M9MfJ6nsCr3K1j1tq49G_w0_igcM4rqntSnw58auHIx7SKRe4qDpRFO2hnKei_-FrFTZQWZCkuj_2EpLhyZC8Dm-BKu0w1gZZgoJ2hMOLgaif-YEzDkW58MZTrtG2dzvl-bW7OlFxEkvc4gbMubvmbgC77 HTTP 302
https://tracking.pretrackings.com/sl?id=65f3322f81c1e9a1bc0578a4&pid=4&sub1=171423709110000TFITV431171547434V51&SUB2=5660982-1770251761-0 HTTP 302
https://kingadblocker.com/extension.php?jn=cjprZNLyLmo&_d=3&ju=4_&jq=662d2ea30e8b98000127e1c3&jp=pr Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://appusss.ghost.io/newss022 HTTP 301
- https://appusss.ghost.io/newss022/
- https://cchcontent.com/?k=d779c440edb57bd974c500d65f843657&type=mainstream&subtype=global&data1=pc HTTP 302
- https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=e12e00fd80e0e87a7ecddd1c9381e207&sub1=15965
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
appusss.ghost.io/newss022/ Redirect Chain
|
14 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
screen.css
appusss.ghost.io/assets/built/ |
50 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
source.js
appusss.ghost.io/assets/built/ |
51 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
portal.min.js
cdn.jsdelivr.net/ghost/portal@~2.37/umd/ |
1 MB 263 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodo-search.min.js
cdn.jsdelivr.net/ghost/sodo-search@~1.1/umd/ |
197 KB 66 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cards.min.js
appusss.ghost.io/public/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cards.min.css
appusss.ghost.io/public/ |
39 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
member-attribution.min.js
appusss.ghost.io/public/ |
2 KB 904 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.php
2fu.us/ |
119 B 314 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inter-roman.woff2
appusss.ghost.io/assets/fonts/ |
37 KB 37 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
appusss.ghost.io/members/api/member/ |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
next.php
buzzonclick.com/jump/ Redirect Chain
|
8 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
appusss.ghost.io/ghost/api/content/settings/ |
1 KB 871 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
appusss.ghost.io/ghost/api/content/tiers/ |
697 B 521 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
appusss.ghost.io/ghost/api/content/newsletters/ |
417 B 551 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
extension.php
kingadblocker.com/ Redirect Chain
|
8 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/ |
190 KB 29 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon.png
kingadblock.com/images/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cws.png
kingadblock.com/images/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
invalid/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
a.php
tururu.info/ Frame 02D7 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clear.php
kingadblock.com/ Frame E02B |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon.png
kingadblock.com/images/ |
4 KB 0 |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- invalid
- URL
- chrome-extension://invalid/
Verdicts & Comments Add Verdict or Comment
10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| req_existing_user object| landing_iframe function| openNewWindow function| openNewTab function| openSameTab function| listenInstallCompleted function| openInstructions object| windowObjectReference7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
tracking.pretrackings.com/ | Name: afclick Value: 662d2ea30e8b98000127e1c3 |
|
.tururu.info/ | Name: c0083 Value: cjprZNLyLmo |
|
.tururu.info/ | Name: r0083 Value: pr |
|
.tururu.info/ | Name: cid0083 Value: 662d2ea30e8b98000127e1c3 |
|
.tururu.info/ | Name: z0083 Value: 4_ |
|
.tururu.info/ | Name: e0083 Value: VPGCNBK0FG |
|
.tururu.info/ | Name: _asd Value: 17142370937464650 |
8 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
2fu.us
appusss.ghost.io
buzzonclick.com
cchcontent.com
cdn.jsdelivr.net
invalid
kingadblock.com
kingadblocker.com
tracking.pretrackings.com
tururu.info
invalid
104.16.87.20
104.16.89.20
172.67.164.155
172.67.175.161
188.114.96.3
188.114.97.3
2a04:4e42:600::775
2a06:98c1:3121::3
34.90.81.51
64.227.23.114
91.148.141.242
091483d5419eb9e98f0edd49563409fad2eb24f1d10bc161b9716e0f0ee86b35
0b144beb896e0d7612e0eeab489e4e682adac07cbc139924ce892bde3ccd3605
18cb2b4dccdc4fc8f6bb8f4f7fcd3899043234a4c946e620efa7effd7310388b
22a8aef44eb15fd81ffdf9f13231012adab3fe65bc268746cf56601005c58f26
24535c67dbe1b65bde77fc3ea0a6ff4f3c3342c93296b692c4b72ca9cb6739df
2b74fcd6c38eb603d9c86cd1c8cb97ba423d200d7e3e555cbc5a704ac456e00f
39e72c0794c12f2dbb14a0f61ca946b535f795b1478fcf795bd26e5cb52ded34
43dfb9fcb22a8926b7bc7ff7bf5f702e7480a332d46c61c7d103eea0cafd80a3
7b9c762be52fed9737a319df953c29ad448a7713a31a4ba0f76ab15013512ee6
a1754595c9d1da09df663619d80e32ce13a55b3709b85752662c0bb08ee43d92
bbb5fad81eb93d4f4c9acd239d60092e2ddb1016346f683850ef982bd564ed2c
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a