youtwitblocker.com
Open in
urlscan Pro
172.67.146.156
Public Scan
Effective URL: https://youtwitblocker.com/extension.php?it=chpr6cTB88&_d=3&ja=21_6118780&iw=667f07e10658d70001244d0b&iv=pr
Submission: On June 28 via manual from RO — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on June 4th 2024. Valid for: 3 months.
This is the only time youtwitblocker.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 172.67.170.251 172.67.170.251 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 188.114.97.3 188.114.97.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 67.212.184.146 67.212.184.146 | 32475 (SINGLEHOP...) (SINGLEHOP-LLC) | |
2 3 | 51.68.85.158 51.68.85.158 | 16276 (OVH) (OVH) | |
2 | 91.209.226.54 91.209.226.54 | 204601 (ON-LINE-D...) (ON-LINE-DATA Server location - Netherlands) | |
2 12 | 139.45.197.244 139.45.197.244 | 9002 (RETN-AS) (RETN-AS) | |
2 | 139.45.195.8 139.45.195.8 | 9002 (RETN-AS) (RETN-AS) | |
1 1 | 34.147.21.42 34.147.21.42 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 | 172.67.146.156 172.67.146.156 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a04:4e42:200... 2a04:4e42:200::485 | 54113 (FASTLY) (FASTLY) | |
4 | 188.114.96.3 188.114.96.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
28 | 11 |
ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
go.kelpboat.com |
ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL)
PTR: vm4923262.25ssd.had.wf
click2kikc.xyz |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 42.21.147.34.bc.googleusercontent.com
tracking.pretrackings.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
dotranquilla.com
2 redirects
dotranquilla.com — Cisco Umbrella Rank: 404008 |
30 KB |
4 |
adblocker2.com
adblocker2.com — Cisco Umbrella Rank: 547668 |
13 KB |
3 |
remarsempre.foundation
2 redirects
www.remarsempre.foundation |
5 KB |
3 |
kelpboat.com
go.kelpboat.com |
5 KB |
2 |
rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 8833 |
997 B |
2 |
click2kikc.xyz
click2kikc.xyz |
929 B |
2 |
sayingculminate.top
sayingculminate.top |
2 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381 |
30 KB |
1 |
youtwitblocker.com
youtwitblocker.com |
3 KB |
1 |
pretrackings.com
1 redirects
tracking.pretrackings.com — Cisco Umbrella Rank: 304099 |
338 B |
1 |
yidiandian.xyz
yidiandian.xyz |
596 B |
0 |
baidu.com
Failed
hm.baidu.com Failed |
|
28 | 12 |
Domain | Requested by | |
---|---|---|
12 | dotranquilla.com |
2 redirects
dotranquilla.com
|
4 | adblocker2.com |
youtwitblocker.com
|
3 | www.remarsempre.foundation |
2 redirects
go.kelpboat.com
|
3 | go.kelpboat.com |
yidiandian.xyz
|
2 | my.rtmark.net |
dotranquilla.com
|
2 | click2kikc.xyz |
www.remarsempre.foundation
|
2 | sayingculminate.top |
sayingculminate.top
|
1 | cdn.jsdelivr.net |
youtwitblocker.com
|
1 | youtwitblocker.com | |
1 | tracking.pretrackings.com | 1 redirects |
1 | yidiandian.xyz |
sayingculminate.top
|
0 | hm.baidu.com Failed |
sayingculminate.top
|
28 | 12 |
This site contains links to these domains. Also see Links.
Domain |
---|
adblocker2.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sayingculminate.top GTS CA 1P5 |
2024-05-17 - 2024-08-15 |
3 months | crt.sh |
yidiandian.xyz GTS CA 1P5 |
2024-05-29 - 2024-08-27 |
3 months | crt.sh |
go.kelpboat.com E5 |
2024-06-22 - 2024-09-20 |
3 months | crt.sh |
www.remarsempre.foundation R11 |
2024-06-26 - 2024-09-24 |
3 months | crt.sh |
click2kikc.xyz R11 |
2024-06-15 - 2024-09-13 |
3 months | crt.sh |
dotranquilla.com R3 |
2024-05-10 - 2024-08-08 |
3 months | crt.sh |
rtmark.net R3 |
2024-05-11 - 2024-08-09 |
3 months | crt.sh |
youtwitblocker.com GTS CA 1P5 |
2024-06-04 - 2024-09-02 |
3 months | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3 |
2023-09-27 - 2024-10-28 |
a year | crt.sh |
adblocker2.com WE1 |
2024-06-16 - 2024-09-14 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://youtwitblocker.com/extension.php?it=chpr6cTB88&_d=3&ja=21_6118780&iw=667f07e10658d70001244d0b&iv=pr
Frame ID: 14D4BE7D68F9E0DDDEFD27D07A77B7CF
Requests: 28 HTTP requests in this frame
Screenshot
Page Title
Werbeblocker für Twitter/YoutubePage URL History Show full URLs
- https://sayingculminate.top/uTnwURRAAhqv?ffpu1702285072425 Page URL
- https://sayingculminate.top/404/nfp.html Page URL
- https://yidiandian.xyz/ Page URL
- https://go.kelpboat.com/?utm_medium=c7069e939b860228ac9c4f5b0798b92843c0aa3c&utm_campaign=op24 Page URL
- https://www.remarsempre.foundation/?sl=5816354-62543&pub_click_id=M7385630568286781462&site=25426-06aaba3z&pub_... Page URL
-
https://www.remarsempre.foundation/?sl=5816354-62543&pub_click_id=M7385630568286781462&site=25426-06aaba3z&pub_...
HTTP 302
https://www.remarsempre.foundation/?sl=5816354-62543&pub_click_id=M7385630568286781462&site=25426-06aaba3z&pub_... HTTP 302
https://click2kikc.xyz/go/4995/3?subid2=902&subid1=330005ffc02f8e3d1d12104881761a85d31030628-202406... Page URL
- https://dotranquilla.com/4/7482447?var=4995&ymid=13mjps4d000g2 Page URL
-
https://dotranquilla.com/?z=7482447&syncedCookie=true&rhd=false
HTTP 302
https://dotranquilla.com/4/6118780/?var=7482447&btz=Europe/Berlin&bto=-120&bar=x Page URL
-
https://dotranquilla.com/?z=6118780&syncedCookie=false&rhd=false
HTTP 302
https://tracking.pretrackings.com/click?pid=21&offer_id=4388&sub1=830629907607593988&sub2=6118780 HTTP 302
https://youtwitblocker.com/extension.php?it=chpr6cTB88&_d=3&ja=21_6118780&iw=667f07e10658d70001244d0b&i... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Bootstrap (Web Frameworks) Expand
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
jsDelivr (CDN) Expand
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: Werbeblocker für Twitter/Youtube
Search URL Search Domain Scan URL
Title: Akzeptieren und fortfahren
Search URL Search Domain Scan URL
Title: Mit der Installation der Erweiterung stimmen Sie unseren Datenschutzbestimmungen zu.
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://sayingculminate.top/uTnwURRAAhqv?ffpu1702285072425 Page URL
- https://sayingculminate.top/404/nfp.html Page URL
- https://yidiandian.xyz/ Page URL
- https://go.kelpboat.com/?utm_medium=c7069e939b860228ac9c4f5b0798b92843c0aa3c&utm_campaign=op24 Page URL
- https://www.remarsempre.foundation/?sl=5816354-62543&pub_click_id=M7385630568286781462&site=25426-06aaba3z&pub_sub_id=25426 Page URL
-
https://www.remarsempre.foundation/?sl=5816354-62543&pub_click_id=M7385630568286781462&site=25426-06aaba3z&pub_sub_id=25426&eyeg=e729b720c2cf81ce3acb18f159655e2b&eyer=0.8381926734431695&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=go.kelpboat.com
HTTP 302
https://www.remarsempre.foundation/?sl=5816354-62543&pub_click_id=M7385630568286781462&site=25426-06aaba3z&pub_sub_id=25426&eyeg=3&eyer=0.8381926734431695&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=go.kelpboat.com HTTP 302
https://click2kikc.xyz/go/4995/3?subid2=902&subid1=330005ffc02f8e3d1d12104881761a85d31030628-202406-flb*5816354-62543**sl_5816354-62543*da80d3f48619436ba2f45e7c3abbd90a8a54072b** Page URL
- https://dotranquilla.com/4/7482447?var=4995&ymid=13mjps4d000g2 Page URL
-
https://dotranquilla.com/?z=7482447&syncedCookie=true&rhd=false
HTTP 302
https://dotranquilla.com/4/6118780/?var=7482447&btz=Europe/Berlin&bto=-120&bar=x Page URL
-
https://dotranquilla.com/?z=6118780&syncedCookie=false&rhd=false
HTTP 302
https://tracking.pretrackings.com/click?pid=21&offer_id=4388&sub1=830629907607593988&sub2=6118780 HTTP 302
https://youtwitblocker.com/extension.php?it=chpr6cTB88&_d=3&ja=21_6118780&iw=667f07e10658d70001244d0b&iv=pr Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 8- https://www.remarsempre.foundation/?sl=5816354-62543&pub_click_id=M7385630568286781462&site=25426-06aaba3z&pub_sub_id=25426&eyeg=e729b720c2cf81ce3acb18f159655e2b&eyer=0.8381926734431695&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=go.kelpboat.com HTTP 302
- https://www.remarsempre.foundation/?sl=5816354-62543&pub_click_id=M7385630568286781462&site=25426-06aaba3z&pub_sub_id=25426&eyeg=3&eyer=0.8381926734431695&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=go.kelpboat.com HTTP 302
- https://click2kikc.xyz/go/4995/3?subid2=902&subid1=330005ffc02f8e3d1d12104881761a85d31030628-202406-flb*5816354-62543**sl_5816354-62543*da80d3f48619436ba2f45e7c3abbd90a8a54072b**
- https://dotranquilla.com/?z=7482447&syncedCookie=true&rhd=false HTTP 302
- https://dotranquilla.com/4/6118780/?var=7482447&btz=Europe/Berlin&bto=-120&bar=x
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
uTnwURRAAhqv
sayingculminate.top/ |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
nfp.html
sayingculminate.top/404/ |
827 B 823 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
hm.js
hm.baidu.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
yidiandian.xyz/ |
166 B 596 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
go.kelpboat.com/ |
9 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
go.kelpboat.com/ |
1 KB 1 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
go.kelpboat.com/ |
1 KB 0 |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
www.remarsempre.foundation/ |
4 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3
click2kikc.xyz/go/4995/ Redirect Chain
|
279 B 759 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7482447
dotranquilla.com/4/ |
30 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
click2kikc.xyz/ |
0 170 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
sftouch
dotranquilla.com/ |
2 B 605 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img.gif
my.rtmark.net/ |
43 B 491 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
add
dotranquilla.com/log/ |
12 B 385 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
dotranquilla.com/ |
0 150 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
dotranquilla.com/4/6118780/ Redirect Chain
|
30 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
dotranquilla.com/ |
0 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
sftouch
dotranquilla.com/ |
2 B 605 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
img.gif
my.rtmark.net/ |
43 B 506 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
add
dotranquilla.com/log/ |
12 B 385 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
dotranquilla.com/ |
0 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
extension.php
youtwitblocker.com/ Redirect Chain
|
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
dotranquilla.com/ |
0 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/ |
190 KB 30 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon.png
adblocker2.com/images/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
chromewebstore.png
adblocker2.com/images/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
email-decode.min.js
adblocker2.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon.png
adblocker2.com/images/ |
8 KB 0 |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- hm.baidu.com
- URL
- https://hm.baidu.com/hm.js?e6d5c1513b650adee00ba52513a6c25c
Verdicts & Comments Add Verdict or Comment
3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
click2kikc.xyz/ | Name: mobitck Value: 1 |
|
dotranquilla.com/ | Name: OAID Value: 008089b3af2846fdf5e04a21e8f64ad4 |
|
dotranquilla.com/ | Name: oaidts Value: 1719601121 |
|
my.rtmark.net/ | Name: ID Value: 008089b3af2846fdf5e04a21e8f64ad4 |
|
dotranquilla.com/ | Name: syncedCookie Value: true |
|
tracking.pretrackings.com/ | Name: afclick Value: 667f07e10658d70001244d0b |
|
tracking.pretrackings.com/ | Name: afoffers Value: {"4388":1719601121} |
|
.youtwitblocker.com/ | Name: _asd Value: 17196011219093241 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adblocker2.com
cdn.jsdelivr.net
click2kikc.xyz
dotranquilla.com
go.kelpboat.com
hm.baidu.com
my.rtmark.net
sayingculminate.top
tracking.pretrackings.com
www.remarsempre.foundation
yidiandian.xyz
youtwitblocker.com
hm.baidu.com
139.45.195.8
139.45.197.244
172.67.146.156
172.67.170.251
188.114.96.3
188.114.97.3
2a04:4e42:200::485
34.147.21.42
51.68.85.158
67.212.184.146
91.209.226.54
09aa5e79b76f6c5f58341ad39622b4886cfb898579f91afd668085253ed94f62
123639d60e09ebb20ada15f599c05dcb4e18beb829ee63c375189954d15a8800
1ebb27f3bee8af1807baa971f0401980ed347030f6ee7409aeaf66fa65cf2771
200cad84844c713047fb7cc4f0bddae0b6a153d346bb815adab45acba73fad4b
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2a78059e3b4ae712da8b6c7d37826a18cf2f21e706853a3104a98782f71cc944
2b74fcd6c38eb603d9c86cd1c8cb97ba423d200d7e3e555cbc5a704ac456e00f
34126d41f6e2ad7b3523bab82e3ce16c3ec34c9898db1684c200d4dd268300f6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
c6fb2c9ab5947705cf748e56942d6bb0d02cb5d6f0289904e4184139a829a750
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7