popupblocker-gold.com
Open in
urlscan Pro
104.21.52.58
Public Scan
Effective URL: https://popupblocker-gold.com/discover.php?fr=bstrPJz2mg97blt&_d=12&fy=17683209&fu=2f6cea1436a26032dd91608297f646f6&ft=tr&fw=9...
Submission: On November 23 via api from BY — Scanned from IT
Summary
TLS certificate: Issued by GTS CA 1P5 on October 7th 2023. Valid for: 3 months.
This is the only time popupblocker-gold.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 172.67.187.185 172.67.187.185 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 2 | 192.243.59.13 192.243.59.13 | 39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS) | |
2 | 104.21.52.58 104.21.52.58 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 104.16.89.20 104.16.89.20 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 104.21.75.219 104.21.75.219 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 172.67.204.233 172.67.204.233 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
8 | 6 |
ASN39572 (ADVANCEDHOSTERS-AS, NL)
injuredripplegentleman.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
popupblocker-gold.com
popupblocker-gold.com |
7 KB |
2 |
injuredripplegentleman.com
1 redirects
injuredripplegentleman.com |
4 KB |
1 |
popupblockergold.com
popupblockergold.com |
541 B |
1 |
otora.info
otora.info |
1 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335 |
29 KB |
1 |
italiatournaments.it
1 redirects
www.italiatournaments.it |
804 B |
0 |
Failed
function sub() { [native code] }. Failed |
|
0 |
professionalswebcheck.com
Failed
professionalswebcheck.com Failed |
|
8 | 8 |
Domain | Requested by | |
---|---|---|
2 | popupblocker-gold.com |
popupblocker-gold.com
|
2 | injuredripplegentleman.com | 1 redirects |
1 | popupblockergold.com |
popupblocker-gold.com
|
1 | otora.info |
popupblocker-gold.com
|
1 | cdn.jsdelivr.net |
popupblocker-gold.com
|
1 | www.italiatournaments.it | 1 redirects |
0 | mlojegjchciohillknfbpiemdcloeemd Failed |
popupblocker-gold.com
|
0 | professionalswebcheck.com Failed |
injuredripplegentleman.com
|
8 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.injuredripplegentleman.com R3 |
2023-10-10 - 2024-01-08 |
3 months | crt.sh |
popupblocker-gold.com GTS CA 1P5 |
2023-10-07 - 2024-01-05 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-02 - 2024-05-01 |
a year | crt.sh |
otora.info GTS CA 1P5 |
2023-11-17 - 2024-02-15 |
3 months | crt.sh |
popupblockergold.com GTS CA 1P5 |
2023-09-27 - 2023-12-26 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://popupblocker-gold.com/discover.php?fr=bstrPJz2mg97blt&_d=12&fy=17683209&fu=2f6cea1436a26032dd91608297f646f6&ft=tr&fw=912022
Frame ID: 5683954F3929B5133526786920822186
Requests: 6 HTTP requests in this frame
Frame:
https://otora.info/a.php?id=0067&e=VPGCNBK0FG&c=bstrPJz2mg97blt&r=tr&cid=2f6cea1436a26032dd91608297f646f6&z=17683209&m=912022&v=12&dr=https%3A%2F%2Finjuredripplegentleman.com%2F&inw=1600&inh=1200
Frame ID: 8A39DDD252D351CE7FEC81614BA06CF3
Requests: 1 HTTP requests in this frame
Frame:
https://popupblockergold.com/cl.php
Frame ID: 6755CF71043A26FE2DAD5EB0F581E2EC
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Blocco popup OroPage URL History Show full URLs
-
http://www.italiatournaments.it/
HTTP 302
https://injuredripplegentleman.com/e51xmfb9?key=6cf0bf53774e52ec9e3ca94803f48b06 Page URL
-
https://injuredripplegentleman.com/api/users?token=L2U1MXhtZmI5P2tleT02Y2YwYmY1Mzc3NGU1MmVjOWUzY2E5NDgwM2Y0OGIw...
HTTP 302
https://popupblocker-gold.com/discover.php?fr=bstrPJz2mg97blt&_d=12&fy=17683209&fu=2f6cea1436a26032dd91608... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Bootstrap (Web Frameworks) Expand
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
jsDelivr (CDN) Expand
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.italiatournaments.it/
HTTP 302
https://injuredripplegentleman.com/e51xmfb9?key=6cf0bf53774e52ec9e3ca94803f48b06 Page URL
-
https://injuredripplegentleman.com/api/users?token=L2U1MXhtZmI5P2tleT02Y2YwYmY1Mzc3NGU1MmVjOWUzY2E5NDgwM2Y0OGIwNiZwc3Q9MTcwMDcwMTQ5MiZybXRjPXQmc2h1PWEyZjU1ZDUwMDgzODcyMzkzMTE1MmM5MjQ0YTUzNmRjNWViYjI1NGQ3ODhhNTU4YjEwY2Y3NDQyYTEzNjQ2ZjdmMzViY2MwNWQwYmQ5NDBjY2RjMmM5ZGU4MTQ5NDA4OWU5MjZjNzk3ZDM5YjE3NGJjNDBlMzY5YTVjY2U2YjZjZTViNGU5ZDIyNjk0MDJiNzhiZmViZDFkMTkwZTlhODU2ZDBiM2Y%3D&uuid=&pii=&in=false
HTTP 302
https://popupblocker-gold.com/discover.php?fr=bstrPJz2mg97blt&_d=12&fy=17683209&fu=2f6cea1436a26032dd91608297f646f6&ft=tr&fw=912022 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://www.italiatournaments.it/ HTTP 302
- https://injuredripplegentleman.com/e51xmfb9?key=6cf0bf53774e52ec9e3ca94803f48b06
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
e51xmfb9
injuredripplegentleman.com/ Redirect Chain
|
3 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
stats
professionalswebcheck.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
discover.php
popupblocker-gold.com/ Redirect Chain
|
8 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/ |
190 KB 29 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chromewebstore.png
popupblocker-gold.com/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
index.html
mlojegjchciohillknfbpiemdcloeemd/iframe/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a.php
otora.info/ Frame 8A39 |
96 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cl.php
popupblockergold.com/ Frame 6755 |
0 541 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- professionalswebcheck.com
- URL
- https://professionalswebcheck.com/stats
- Domain
- mlojegjchciohillknfbpiemdcloeemd
- URL
- chrome-extension://mlojegjchciohillknfbpiemdcloeemd/iframe/index.html
Verdicts & Comments Add Verdict or Comment
11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| documentPictureInPicture object| req_existing_user object| landing_iframe function| openNewWindow function| openNewTab function| openSameTab function| listenInstallCompleted function| openInstructions object| windowObjectReference15 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
injuredripplegentleman.com/api | Name: iprccfa15ee84f1bc9427257a79acd21acc5 Value: 4762834 |
|
injuredripplegentleman.com/api | Name: pdhtkv Value: true |
|
injuredripplegentleman.com/api | Name: uncs Value: 1 |
|
injuredripplegentleman.com/api | Name: pdhtkv28 Value: true |
|
injuredripplegentleman.com/api | Name: uncs28 Value: 1 |
|
injuredripplegentleman.com/ | Name: u_pl Value: 17683209 |
|
injuredripplegentleman.com/ | Name: ain Value: eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY4MzIwOSwiayI6IjZjZjBiZjUzNzc0ZTUyZWM5ZTNjYTk0ODAzZjQ4YjA2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTg2NTY1LCJwaWQiOjU0MjY1MCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJlNTF4bWZiOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyMDk2ODQ2ODMsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjk2MTksImJuIjoiQ2hyb21lIiwiYnYiOiIxMTkiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxMDgsImMiOiJJVCIsIm4iOiJJdGFseSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6Ikdsb2JhbCBSb3V0ZXIifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiIifX0.4Nd2sO_4YOFkss2rb_16AMHqoUdUq8dwL2DEoDSF_L4 |
|
injuredripplegentleman.com/ | Name: cjs Value: t |
|
.otora.info/ | Name: c0067 Value: bstrPJz2mg97blt |
|
.otora.info/ | Name: r0067 Value: tr |
|
.otora.info/ | Name: cid0067 Value: 2f6cea1436a26032dd91608297f646f6 |
|
.otora.info/ | Name: z0067 Value: 17683209 |
|
.otora.info/ | Name: v0067bstrPJz2mg97blt Value: %7B%2212%22%3A1%7D |
|
.otora.info/ | Name: e0067 Value: VPGCNBK0FG |
|
.otora.info/ | Name: _asd Value: 17007014344224660 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=0; includeSubdomains |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
injuredripplegentleman.com
mlojegjchciohillknfbpiemdcloeemd
otora.info
popupblocker-gold.com
popupblockergold.com
professionalswebcheck.com
www.italiatournaments.it
mlojegjchciohillknfbpiemdcloeemd
professionalswebcheck.com
104.16.89.20
104.21.52.58
104.21.75.219
172.67.187.185
172.67.204.233
192.243.59.13
2b74fcd6c38eb603d9c86cd1c8cb97ba423d200d7e3e555cbc5a704ac456e00f
844b4a0e79a8459bf9539205a6819a337f83e7b94cc9be67206c117f8841985a
8d5f7d977f9b96d4f7abe30653ea52b3406938d5175ebb743bf839beab7f59f6
b660f16fabe2f13e3d0fc327fc9492e319f4a05fb95de736180fc08e43ca4f97
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855