blockadstop.info
Open in
urlscan Pro
104.21.1.14
Public Scan
Effective URL: https://blockadstop.info/addon.php?ex=bqpa0zC4uF5xmas&v=123&fe=5117854&fa=760243922974028075&ez=pa
Submission: On December 17 via manual from IT — Scanned from IT
Summary
TLS certificate: Issued by E1 on November 15th 2023. Valid for: 3 months.
This is the only time blockadstop.info was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 2.16.2.27 2.16.2.27 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 139.45.195.8 139.45.195.8 | 9002 (RETN-AS) (RETN-AS) | |
2 | 104.21.1.14 104.21.1.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 104.16.85.20 104.16.85.20 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 104.21.48.208 104.21.48.208 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:303... 2606:4700:3037::6815:10e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 172.67.202.18 172.67.202.18 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
9 | 8 |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-2-27.deploy.static.akamaitechnologies.com
ak.glersooy.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
blockadstop.info
blockadstop.info |
73 KB |
1 |
stopadblocker.com
stopadblocker.com — Cisco Umbrella Rank: 915210 |
532 B |
1 |
potro.info
potro.info |
1 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313 |
29 KB |
1 |
rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 12331 |
507 B |
1 |
glersooy.net
ak.glersooy.net — Cisco Umbrella Rank: 190538 |
2 KB |
0 |
Failed
function sub() { [native code] }. Failed |
|
9 | 7 |
Domain | Requested by | |
---|---|---|
3 | blockadstop.info |
ak.glersooy.net
blockadstop.info |
1 | stopadblocker.com |
blockadstop.info
|
1 | potro.info |
blockadstop.info
|
1 | cdn.jsdelivr.net |
blockadstop.info
|
1 | my.rtmark.net |
ak.glersooy.net
|
1 | ak.glersooy.net | |
0 | gjahpflpgafifhkomjcafmdloplepple Failed |
blockadstop.info
|
9 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
ak.hetaruwg.com R3 |
2023-12-07 - 2024-03-06 |
3 months | crt.sh |
rtmark.net R3 |
2023-10-07 - 2024-01-05 |
3 months | crt.sh |
blockadstop.info E1 |
2023-11-15 - 2024-02-13 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-02 - 2024-05-01 |
a year | crt.sh |
potro.info E1 |
2023-10-19 - 2024-01-17 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://blockadstop.info/addon.php?ex=bqpa0zC4uF5xmas&v=123&fe=5117854&fa=760243922974028075&ez=pa
Frame ID: EF01B9BF3D231163FC8F4A7DF2507102
Requests: 7 HTTP requests in this frame
Frame:
https://potro.info/a.php?id=0065&e=VPGCNBK0FG&c=bqpa0zC4uF5xmas&r=pa&cid=760243922974028075&z=5117854&v=123&dr=&inw=1600&inh=1200
Frame ID: 17F3A99BB3B096331FEE4595B381964D
Requests: 1 HTTP requests in this frame
Frame:
https://stopadblocker.com/rm.php
Frame ID: 17C200469EB8C512E1E7AB5297E68268
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Stop AdBlockerPage URL History Show full URLs
- https://ak.glersooy.net/partitial/5117854/?var=5865938&ab2r=0&prfrev=false&rhd=false Page URL
- https://blockadstop.info/addon.php?ex=bqpa0zC4uF5xmas&v=123&fe=5117854&fa=760243922974028075&ez=pa Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Bootstrap (Web Frameworks) Expand
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
jsDelivr (CDN) Expand
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://ak.glersooy.net/partitial/5117854/?var=5865938&ab2r=0&prfrev=false&rhd=false Page URL
- https://blockadstop.info/addon.php?ex=bqpa0zC4uF5xmas&v=123&fe=5117854&fa=760243922974028075&ez=pa Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
ak.glersooy.net/partitial/5117854/ |
1 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
img.gif
my.rtmark.net/ |
43 B 507 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
addon.php
blockadstop.info/ |
8 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/css/ |
190 KB 29 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stop-xcm-2.svg
blockadstop.info/images/ |
40 KB 22 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
73f61288-6206-408a-b633-5e05e43b1e81.png
gjahpflpgafifhkomjcafmdloplepple/static/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a.php
potro.info/ Frame 17F3 |
96 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
123.svg
blockadstop.info/images/ |
134 KB 48 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rm.php
stopadblocker.com/ Frame 17C2 |
0 532 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- gjahpflpgafifhkomjcafmdloplepple
- URL
- chrome-extension://gjahpflpgafifhkomjcafmdloplepple/static/73f61288-6206-408a-b633-5e05e43b1e81.png
Verdicts & Comments Add Verdict or Comment
11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| documentPictureInPicture object| req_existing_user object| landing_iframe function| openNewWindow function| openNewTab function| openSameTab function| listenInstallCompleted function| openInstructions object| windowObjectReference9 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
ak.glersooy.net/ | Name: OAID Value: c1b488519a9c446399858c12fd3abce6 |
|
ak.glersooy.net/ | Name: oaidts Value: 1702819794 |
|
my.rtmark.net/ | Name: ID Value: c1b488519a9c446399858c12fd3abce6 |
|
.potro.info/ | Name: c0065 Value: bqpa0zC4uF5xmas |
|
.potro.info/ | Name: r0065 Value: pa |
|
.potro.info/ | Name: cid0065 Value: 760243922974028075 |
|
.potro.info/ | Name: z0065 Value: 5117854 |
|
.potro.info/ | Name: e0065 Value: VPGCNBK0FG |
|
.potro.info/ | Name: _asd Value: 17028197961371348 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ak.glersooy.net
blockadstop.info
cdn.jsdelivr.net
gjahpflpgafifhkomjcafmdloplepple
my.rtmark.net
potro.info
stopadblocker.com
gjahpflpgafifhkomjcafmdloplepple
104.16.85.20
104.21.1.14
104.21.48.208
139.45.195.8
172.67.202.18
2.16.2.27
2606:4700:3037::6815:10e
2143941c03dacda8b4f1016ced6e0c6f34e5c04585a3bcffe33c3c626c448a4a
80525996bccfad100ff1260768131527e4dadbfe193bf93a1238bb19093f220f
8d5f7d977f9b96d4f7abe30653ea52b3406938d5175ebb743bf839beab7f59f6
9bbfa905432ee5da5c2c1e0e50c8b4347b57257d57768460d6343ba9c35981af
b7042c062fc9b080a3ebf8a2c0bacec3bf9857823f05c0da231653c7999ddae9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855