videoadblocker.pro
Open in
urlscan Pro
172.67.137.232
Malicious Activity!
Public Scan
Effective URL: https://videoadblocker.pro/lp.php?gl=butrYwy1bhAppi&_z=13&gs=17120312&go=3611f3c7e8b959f0546f75ad9d6b85c8&gn=tr&gq=924523
Submission Tags: @phish_report
Submission: On March 09 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by GTS CA 1P5 on February 27th 2024. Valid for: 3 months.
This is the only time videoadblocker.pro was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Community Verdicts: Malicious — 1 votes Show Verdicts
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 192.124.249.11 192.124.249.11 | 30148 (SUCURI-SEC) (SUCURI-SEC) | |
1 1 | 104.21.8.119 104.21.8.119 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 142.250.185.179 142.250.185.179 | 15169 (GOOGLE) (GOOGLE) | |
1 | 104.20.67.115 104.20.67.115 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 192.243.59.20 192.243.59.20 | 39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS) | |
2 | 104.17.25.14 104.17.25.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 142.250.181.233 142.250.181.233 | 15169 (GOOGLE) (GOOGLE) | |
1 | 54.39.128.117 54.39.128.117 | 16276 (OVH) (OVH) | |
1 | 104.21.234.33 104.21.234.33 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 3.64.37.204 3.64.37.204 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 172.240.108.84 172.240.108.84 | 7979 (SERVERS-COM) (SERVERS-COM) | |
1 | 192.243.61.225 192.243.61.225 | 39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS) | |
2 | 172.217.18.3 172.217.18.3 | 15169 (GOOGLE) (GOOGLE) | |
1 3 | 172.240.108.68 172.240.108.68 | 7979 (SERVERS-COM) (SERVERS-COM) | |
1 3 | 172.240.127.234 172.240.127.234 | 7979 (SERVERS-COM) (SERVERS-COM) | |
1 | 45.133.44.10 45.133.44.10 | 39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS) | |
1 | 162.19.58.161 162.19.58.161 | 16276 (OVH) (OVH) | |
1 | 172.67.137.232 172.67.137.232 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 104.16.88.20 104.16.88.20 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 104.21.61.96 104.21.61.96 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 104.21.93.138 104.21.93.138 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
29 | 20 |
ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10011.sucuri.net
wee.so |
ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f19.1e100.net
top.crashnewstoday.com |
ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f9.1e100.net
www.blogger.com |
ASN16276 (OVH, FR)
PTR: ns561935.ip-54-39-128.net
s4.histats.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-37-204.eu-central-1.compute.amazonaws.com
proftrafficcounter.com |
ASN7979 (SERVERS-COM, US)
stopperlovingplough.com | |
greenhousecape.com |
ASN39572 (ADVANCEDHOSTERS-AS, NL)
pollingramblefunctions.com |
ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f3.1e100.net
fonts.gstatic.com |
ASN7979 (SERVERS-COM, US)
unemploymentinstinctiverite.com | |
distantbelly.com |
Domain | Requested by | |
---|---|---|
3 | weeprobbery.com |
1 redirects
top.crashnewstoday.com
pollingramblefunctions.com |
3 | www.blogger.com |
top.crashnewstoday.com
|
2 | distantbelly.com |
1 redirects
top.crashnewstoday.com
|
2 | fonts.gstatic.com |
top.crashnewstoday.com
|
2 | cdnjs.cloudflare.com |
top.crashnewstoday.com
cdnjs.cloudflare.com |
2 | top.crashnewstoday.com |
top.crashnewstoday.com
|
2 | wee.so | 2 redirects |
1 | adblockology.com |
videoadblocker.pro
|
1 | vittullo.info |
videoadblocker.pro
|
1 | cdn.jsdelivr.net |
videoadblocker.pro
|
1 | videoadblocker.pro |
top.crashnewstoday.com
|
1 | i.ibb.co |
top.crashnewstoday.com
|
1 | cdn.cloudimagesb.com |
top.crashnewstoday.com
|
1 | unemploymentinstinctiverite.com |
top.crashnewstoday.com
|
1 | greenhousecape.com |
top.crashnewstoday.com
|
1 | pollingramblefunctions.com |
top.crashnewstoday.com
|
1 | stopperlovingplough.com |
top.crashnewstoday.com
|
1 | proftrafficcounter.com |
difficultywithhold.com
|
1 | friendshipmale.com |
difficultywithhold.com
|
1 | s4.histats.com |
s10.histats.com
|
1 | difficultywithhold.com |
top.crashnewstoday.com
|
1 | s10.histats.com |
top.crashnewstoday.com
|
1 | d07b99d.altsportscenter.com | 1 redirects |
0 | gcjpbmhldpkkabppgaljnohpelojbcak Failed |
videoadblocker.pro
|
0 | italianbeepimpediment.com Failed |
top.crashnewstoday.com
|
29 | 25 |
This site contains links to these domains. Also see Links.
Domain |
---|
adblockology.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
top.crashnewstoday.com GTS CA 1D4 |
2024-03-03 - 2024-06-01 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-13 - 2024-05-11 |
a year | crt.sh |
difficultywithhold.com R3 |
2024-03-01 - 2024-05-30 |
3 months | crt.sh |
*.blogger.com GTS CA 1C3 |
2024-02-19 - 2024-05-13 |
3 months | crt.sh |
histats.com R3 |
2024-02-16 - 2024-05-16 |
3 months | crt.sh |
friendshipmale.com Cloudflare Inc ECC CA-3 |
2024-01-18 - 2024-12-31 |
a year | crt.sh |
proftrafficcounter.com Amazon RSA 2048 M03 |
2023-11-21 - 2024-12-19 |
a year | crt.sh |
stopperlovingplough.com R3 |
2024-03-09 - 2024-06-07 |
3 months | crt.sh |
pollingramblefunctions.com R3 |
2024-02-24 - 2024-05-24 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-02-19 - 2024-05-13 |
3 months | crt.sh |
weeprobbery.com R3 |
2024-03-09 - 2024-06-07 |
3 months | crt.sh |
*.greenhousecape.com R3 |
2024-02-02 - 2024-05-02 |
3 months | crt.sh |
unemploymentinstinctiverite.com R3 |
2024-03-07 - 2024-06-05 |
3 months | crt.sh |
cdn.cloudimagesb.com R3 |
2024-01-22 - 2024-04-21 |
3 months | crt.sh |
ibb.co R3 |
2024-02-07 - 2024-05-07 |
3 months | crt.sh |
videoadblocker.pro GTS CA 1P5 |
2024-02-27 - 2024-05-27 |
3 months | crt.sh |
vittullo.info GTS CA 1P5 |
2024-02-15 - 2024-05-15 |
3 months | crt.sh |
adblockology.com E1 |
2024-02-15 - 2024-05-15 |
3 months | crt.sh |
This page contains 4 frames:
Primary Page:
https://videoadblocker.pro/lp.php?gl=butrYwy1bhAppi&_z=13&gs=17120312&go=3611f3c7e8b959f0546f75ad9d6b85c8&gn=tr&gq=924523
Frame ID: 430E7C5D133B703752C9A841D2A86FE2
Requests: 26 HTTP requests in this frame
Frame:
https://cdn.cloudimagesb.com/bi/3f/e9/f1/3fe9f197dcd144a51fef01167dc5b714/1682677370.jpg
Frame ID: 90F26483E674488B72CB2EF072B407E4
Requests: 1 HTTP requests in this frame
Frame:
https://vittullo.info/a.php?id=0079&e=VPGCNBK0FG&c=butrYwy1bhAppi&r=tr&cid=3611f3c7e8b959f0546f75ad9d6b85c8&z=17120312&m=924523&v=13&dr=https%3A%2F%2Ftop.crashnewstoday.com%2F&inw=1600&inh=1200
Frame ID: 268BFB22820690A42AC385D2C21BA2A5
Requests: 1 HTTP requests in this frame
Frame:
https://adblockology.com/clear.php
Frame ID: 5E872013CF378ED39E899E39BD3837DF
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Ad Blocker for Google & YoutubePage URL History Show full URLs
-
http://wee.so/CamNBC1
HTTP 301
https://wee.so/CamNBC1 HTTP 301
https://d07b99d.altsportscenter.com/9d30c411ae6e HTTP 302
https://top.crashnewstoday.com/p/warning-graphic-content-video.html Page URL
- https://videoadblocker.pro/lp.php?gl=butrYwy1bhAppi&_z=13&gs=17120312&go=3611f3c7e8b959f0546f75ad9d6b85... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Bootstrap (Web Frameworks) Expand
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jsDelivr (CDN) Expand
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Jatka
Search URL Search Domain Scan URL
Title: Tietosuoja
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://wee.so/CamNBC1
HTTP 301
https://wee.so/CamNBC1 HTTP 301
https://d07b99d.altsportscenter.com/9d30c411ae6e HTTP 302
https://top.crashnewstoday.com/p/warning-graphic-content-video.html Page URL
- https://videoadblocker.pro/lp.php?gl=butrYwy1bhAppi&_z=13&gs=17120312&go=3611f3c7e8b959f0546f75ad9d6b85c8&gn=tr&gq=924523 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://wee.so/CamNBC1 HTTP 301
- https://wee.so/CamNBC1 HTTP 301
- https://d07b99d.altsportscenter.com/9d30c411ae6e HTTP 302
- https://top.crashnewstoday.com/p/warning-graphic-content-video.html
- https://weeprobbery.com/watch.1396649640826.js?key=98c10e6effda849f32aa66b9c58514eb&kw=%5B%22warning%22%2C%22graphic%22%2C%22content%22%2C%22video%EF%B8%8F%22%2C%22-%22%2C%22youtube%22%5D&refer=https%3A%2F%2Ftop.crashnewstoday.com%2Fp%2Fwarning-graphic-content-video.html&tz=2&dev=r&res=14.31&uuid=640643fa-1509-4f5d-8c17-921ad6c0a9a1%3A2%3A1 HTTP 307
- https://weeprobbery.com/watch.1396649640826.js?dev=r&key=98c10e6effda849f32aa66b9c58514eb&kw=%5B%22warning%22%2C%22graphic%22%2C%22content%22%2C%22video%EF%B8%8F%22%2C%22-%22%2C%22youtube%22%5D&pst=1710011642&refer=https%3A%2F%2Ftop.crashnewstoday.com%2Fp%2Fwarning-graphic-content-video.html&res=14.31&rmtc=t&shu=e88513a4815e5d057bd56639b9916af021371e039104c082210c2f3907020cf802c5e7aa3722b4c1d1e7c8a0798a7ff24c75b98d52d9ae77030c580aab90d16d271ebda4cc5b61ac1412b3365df8253fe1f91bfdeeb3ecc0fcf70b37d30f512bdfbb90&tz=2&uuid=640643fa-1509-4f5d-8c17-921ad6c0a9a1%3A2%3A1
- https://distantbelly.com/watch.1715386784.js?key=936f6834ed3a379b1118e3ed44194f03&kw=%5B%22warning%22%2C%22graphic%22%2C%22content%22%2C%22video%EF%B8%8F%22%2C%22-%22%2C%22youtube%22%5D&refer=https%3A%2F%2Ftop.crashnewstoday.com%2Fp%2Fwarning-graphic-content-video.html&tz=2&dev=r&res=14.31&uuid=640643fa-1509-4f5d-8c17-921ad6c0a9a1%3A2%3A1 HTTP 307
- https://distantbelly.com/watch.1715386784.js?dev=r&key=936f6834ed3a379b1118e3ed44194f03&kw=%5B%22warning%22%2C%22graphic%22%2C%22content%22%2C%22video%EF%B8%8F%22%2C%22-%22%2C%22youtube%22%5D&pst=1710011644&refer=https%3A%2F%2Ftop.crashnewstoday.com%2Fp%2Fwarning-graphic-content-video.html&res=14.31&rmtc=t&shu=8b9e0810bd516b390654b45e9fe20e1759335615a9da08fff34953217f0555b06aa1fbde7ee680ac98eb671b041b835397c6881f954433b6ba0376c7f087ef660f2ae6ae5d32112e85acb3b430a6bc676a8ffdcda883ea3eb703cca22622602b60e95e&tz=2&uuid=640643fa-1509-4f5d-8c17-921ad6c0a9a1%3A2%3A1
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
warning-graphic-content-video.html
top.crashnewstoday.com/p/ Redirect Chain
|
113 KB 28 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js15_as.js
s10.histats.com/ |
11 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ed7c3604a0b0c5f3b8307a079fdafcf4.js
difficultywithhold.com/ed/7c/36/ |
75 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ |
30 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookienotice.js
top.crashnewstoday.com/js/ |
6 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
120656894-widgets.js
www.blogger.com/static/v1/widgets/ |
141 KB 51 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0.php
s4.histats.com/stats/ |
51 B 185 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sfp.js
friendshipmale.com/ |
83 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stats
proftrafficcounter.com/ |
40 B 304 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
purst
stopperlovingplough.com/pixel/ |
0 469 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
authorization.css
www.blogger.com/dyn-css/ |
1 B 684 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
invoke.js
pollingramblefunctions.com/98c10e6effda849f32aa66b9c58514eb/ |
31 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
authorization.css
www.blogger.com/dyn-css/ |
1 B 88 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
watch.1396649640826.js
weeprobbery.com/ Redirect Chain
|
3 KB 3 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1145ebfd7ae2896af59dcf66d2d247a7.js
weeprobbery.com/11/45/eb/ |
74 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
invoke.js
greenhousecape.com/936f6834ed3a379b1118e3ed44194f03/ |
31 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
purst
unemploymentinstinctiverite.com/pixel/ |
0 469 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1682677370.jpg
cdn.cloudimagesb.com/bi/3f/e9/f1/3fe9f197dcd144a51fef01167dc5b714/ Frame 90F2 |
45 KB 45 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
watch.1715386784.js
distantbelly.com/ Redirect Chain
|
1 KB 2 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
invoke.js
italianbeepimpediment.com/c31b4cd4a9f4c0918ccafbc41beae27a/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ace1b0c0-fa4a-4c3d-ae39-b7fbdc7cb6ac-large-Scale-police-Getty-Images899711132.jpg
i.ibb.co/vDCc7Bn/ |
32 KB 33 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ |
75 KB 76 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
lp.php
videoadblocker.pro/ |
8 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/ |
190 KB 29 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
icon.png
gcjpbmhldpkkabppgaljnohpelojbcak/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a.php
vittullo.info/ Frame 268B |
96 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clear.php
adblockology.com/ Frame 5E87 |
0 521 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- italianbeepimpediment.com
- URL
- https://italianbeepimpediment.com/c31b4cd4a9f4c0918ccafbc41beae27a/invoke.js
- Domain
- gcjpbmhldpkkabppgaljnohpelojbcak
- URL
- chrome-extension://gcjpbmhldpkkabppgaljnohpelojbcak/icon.png
Verdicts & Comments Add Verdict or Comment
Malicious
task.url
Submitted on
March 9th 2024, 7:17:40 pm
UTC —
From United States
Threats:
Phishing
Brand Impersonation
Social Engineering
Comment: Scam site redirects to a McAfee phishing site
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| req_existing_user object| landing_iframe function| openNewWindow function| openNewTab function| openSameTab function| listenInstallCompleted function| openInstructions object| windowObjectReference37 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
wee.so/ | Name: XSRF-TOKEN Value: eyJpdiI6InZCOXY4S0xEZWhDeWxOWUlCMFRUM2c9PSIsInZhbHVlIjoiMFpjdTRYQW9tUjdYRFhSNWY3Tnh1NHptNWVmTUFEeHY5d3hvVmh2SGtPcXYrNSt1Ym91TnhYeXJhZ3dnRXZBbmxqMm8zcWhvNnp2TDNzUFJzTHFiVFJrNmZuODFKQTlsMVkwWVJiMEora3k2eHBCWk5rck1kVGppbjB1RkhtNWkiLCJtYWMiOiI2ZjhlY2IwZmQxMjdiY2M2MDRiODI0NDRhYjdjYjc2YzcwOWVhMWJlZDE5NDU0NmVkMGI0MDNhNjkwM2U5YmY5In0%3D |
|
wee.so/ | Name: wee_session Value: eyJpdiI6IitiNnBEXC9yRk1waHJJOHRhVkYrazdnPT0iLCJ2YWx1ZSI6IjFKekFEWWYzVFVtc2VJQTkzYUNvT0pjbGZVXC80dWFoNDlpSTdTTDlKUXc0ZXRoTExER0owcXpCTHRoVUVsTGU1ckFuSFY1WVk5WldVU00yU2FJaFpja0xhbzV0cDVqa2txVWVZd1wvWDRpWGYrUjliaG1mNU0yNGFaZmtUTVN2Q3MiLCJtYWMiOiIwZDc5ZjMxM2Q2MDhlZDM2NmNkMDYyYzI4NDIxMzg0MTkyYThhY2I0OTdkOTBhMWFiNjQxMDk4NmE2ZjMzODAyIn0%3D |
|
wee.so/ | Name: dark_mode Value: 0 |
|
d07b99d.altsportscenter.com/ | Name: GNX-KHI8394qhfi Value: 73pd6ae1rs4suqfrn38003nhdt |
|
top.crashnewstoday.com/ | Name: HstCfa4657141 Value: 1710011578937 |
|
top.crashnewstoday.com/ | Name: HstCla4657141 Value: 1710011578937 |
|
top.crashnewstoday.com/ | Name: HstCmu4657141 Value: 1710011578937 |
|
top.crashnewstoday.com/ | Name: HstPn4657141 Value: 1 |
|
top.crashnewstoday.com/ | Name: HstPt4657141 Value: 1 |
|
top.crashnewstoday.com/ | Name: HstCnv4657141 Value: 1 |
|
top.crashnewstoday.com/ | Name: HstCns4657141 Value: 1 |
|
proftrafficcounter.com/ | Name: uid_id2 Value: 640643fa-1509-4f5d-8c17-921ad6c0a9a1:2:1 |
|
top.crashnewstoday.com/ | Name: dom3ic8zudi28v8lr6fgphwffqoz0j6c Value: 640643fa-1509-4f5d-8c17-921ad6c0a9a1%3A2%3A1 |
|
top.crashnewstoday.com/ | Name: pp_main_ed7c3604a0b0c5f3b8307a079fdafcf4 Value: 1 |
|
weeprobbery.com/ | Name: u_pl Value: 19057199 |
|
weeprobbery.com/ | Name: ain Value: eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTA1NzE5OSwiayI6Ijk4YzEwZTZlZmZkYTg0OWYzMmFhNjZiOWM1ODUxNGViIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDk1MjQwLCJwaWQiOjQ1MzMzMCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjoyMywicHQiOjQsInBrIjoidDBjY2Y0aTUiLCJjcGtzIjp7IjI4IjoiMTE0NWViZmQ3YWUyODk2YWY1OWRjZjY2ZDJkMjQ3YTcifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjIyNjc2NzQyMSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzMTM4NCwiYm4iOiJDaHJvbWUiLCJidiI6IjEyMiIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjcwLCJjIjoiRkkiLCJuIjoiRmlubGFuZCJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IlRlbGlhIEZpbmxhbmQifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3RvcC5jcmFzaG5ld3N0b2RheS5jb20vcC93YXJuaW5nLWdyYXBoaWMtY29udGVudC12aWRlby5odG1sIiwiYXIiOltdfX0.T8FfgzUQpdYjwYStE_29qtXgpcP5NGj_oCLi8DmQS9k |
|
weeprobbery.com/ | Name: uid_id2 Value: 640643fa-1509-4f5d-8c17-921ad6c0a9a1:2:1 |
|
weeprobbery.com/ | Name: pdhtkv Value: true |
|
weeprobbery.com/ | Name: uncs Value: 1 |
|
weeprobbery.com/ | Name: pdhtkv23 Value: true |
|
weeprobbery.com/ | Name: uncs23 Value: 1 |
|
top.crashnewstoday.com/ | Name: pp_main_1145ebfd7ae2896af59dcf66d2d247a7 Value: 1 |
|
top.crashnewstoday.com/ | Name: pp_idelay_1145ebfd7ae2896af59dcf66d2d247a7 Value: 1 |
|
distantbelly.com/ | Name: u_pl Value: 17120312 |
|
distantbelly.com/ | Name: ain Value: eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzEyMDMxMiwiayI6IjkzNmY2ODM0ZWQzYTM3OWIxMTE4ZTNlZDQ0MTk0ZjAzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzMwNjI4LCJwaWQiOjM2MjM2OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyMywicHQiOjQsInBrIjoieWp1YXQ0N3kiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjI2NzY3NDIxLCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTMxMzg0LCJibiI6IkNocm9tZSIsImJ2IjoiMTIyIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6NzAsImMiOiJGSSIsIm4iOiJGaW5sYW5kIn0sImEiOmZhbHNlLCJjciI6eyJuIjoiVGVsaWEgRmlubGFuZCJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vdG9wLmNyYXNobmV3c3RvZGF5LmNvbS9wL3dhcm5pbmctZ3JhcGhpYy1jb250ZW50LXZpZGVvLmh0bWwiLCJhciI6W119fQ.Xh7P4ljr1A2Z8jXwH3-FuGQ0sonZAkxxvcHVtmKwXgg |
|
distantbelly.com/ | Name: uid_id2 Value: 640643fa-1509-4f5d-8c17-921ad6c0a9a1:2:1 |
|
distantbelly.com/ | Name: iprcf2adaf2656eecc01eeefe81ac2731969 Value: 5044559 |
|
distantbelly.com/ | Name: pdhtkv Value: true |
|
distantbelly.com/ | Name: uncs Value: 1 |
|
distantbelly.com/ | Name: pdhtkv23 Value: true |
|
distantbelly.com/ | Name: uncs23 Value: 1 |
|
.vittullo.info/ | Name: c0079 Value: butrYwy1bhAppi |
|
.vittullo.info/ | Name: r0079 Value: tr |
|
.vittullo.info/ | Name: cid0079 Value: 3611f3c7e8b959f0546f75ad9d6b85c8 |
|
.vittullo.info/ | Name: z0079 Value: 17120312 |
|
.vittullo.info/ | Name: e0079 Value: VPGCNBK0FG |
|
.vittullo.info/ | Name: _asd Value: 17100115861300315 |
35 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adblockology.com
cdn.cloudimagesb.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
d07b99d.altsportscenter.com
difficultywithhold.com
distantbelly.com
fonts.gstatic.com
friendshipmale.com
gcjpbmhldpkkabppgaljnohpelojbcak
greenhousecape.com
i.ibb.co
italianbeepimpediment.com
pollingramblefunctions.com
proftrafficcounter.com
s10.histats.com
s4.histats.com
stopperlovingplough.com
top.crashnewstoday.com
unemploymentinstinctiverite.com
videoadblocker.pro
vittullo.info
wee.so
weeprobbery.com
www.blogger.com
gcjpbmhldpkkabppgaljnohpelojbcak
italianbeepimpediment.com
104.16.88.20
104.17.25.14
104.20.67.115
104.21.234.33
104.21.61.96
104.21.8.119
104.21.93.138
142.250.181.233
142.250.185.179
162.19.58.161
172.217.18.3
172.240.108.68
172.240.108.84
172.240.127.234
172.67.137.232
192.124.249.11
192.243.59.20
192.243.61.225
3.64.37.204
45.133.44.10
54.39.128.117
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
051ad29cb6feedb21bdf40f33efca88090a0d5829bdcc7b4485cf54bcc97e9f8
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
100f5b7a0133b596a29bc8814a047f376c1d674bd2b12fc466058d35a5cdf4ce
278837f70571e9b787ed2ab26e76a179094ed768cdcfb8441d9035c312286ead
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b33bbaaa811fa085e8b73cf11896d5a496fd0ab221067cf8a7d3eb735eecd43
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3f6f5239b61da0d72a0a344eb6f7be4f6907d66bf2a0963ed65747f664189216
45c752a8b89d7cd7f165edba808fbadb4c26e4fa8d2d55827c671983d68164c1
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
5e15b9ef1ae6ba85f5269f609d964a42b2da1b061116906aa05240e2c73d9928
5e5de2c6875ced0f4b6ab48c8d4998bd6557db56efda64449db61db9bb89b834
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8d5f7d977f9b96d4f7abe30653ea52b3406938d5175ebb743bf839beab7f59f6
ac84c2f8288b59f8e04ba77287ce696052bfeee0d462a566d94dc305df646c95
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
c8e6ec72b16eae42bf4b57698e0f9cd1d701187802a967b8303f36993b69ea8c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efc71f1ee9c0b9d20767ab59a1ec554de935bb1c2f6eda513e7b6596f385d0af
fa6691a1785b1d227096c6e14bcb5f25c61887fa10ee14838e34d7b663cb8d7f
ffaa7afdc6d160a7ee5525918cbba4cd0baf5b354d7020b58e835caf4784a203