kingadblocker.com
Open in
urlscan Pro
2a06:98c1:3121::3
Public Scan
Effective URL: https://kingadblocker.com/extension.php?jn=cjpa3mkS14z&_d=2&ju=6118780&jq=792803712455418566&jp=pa
Submission: On March 16 via api from IN — Scanned from DE
Summary
TLS certificate: Issued by E1 on February 29th 2024. Valid for: 3 months.
This is the only time kingadblocker.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 9 | 2a02:4780:11:... 2a02:4780:11:785:0:2ff5:6ad3:8 | 47583 (AS-HOSTINGER) (AS-HOSTINGER) | |
1 | 139.45.197.252 139.45.197.252 | 9002 (RETN-AS) (RETN-AS) | |
3 | 139.45.197.250 139.45.197.250 | 9002 (RETN-AS) (RETN-AS) | |
9 | 139.45.197.251 139.45.197.251 | 9002 (RETN-AS) (RETN-AS) | |
3 | 139.45.195.8 139.45.195.8 | 9002 (RETN-AS) (RETN-AS) | |
1 3 | 139.45.197.244 139.45.197.244 | 9002 (RETN-AS) (RETN-AS) | |
1 | 37.48.68.71 37.48.68.71 | 60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands) | |
1 | 23.219.78.204 23.219.78.204 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
3 | 2a06:98c1:312... 2a06:98c1:3121::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6810:5614 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:303... 2606:4700:3032::6815:3b73 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
35 | 12 |
ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
datatechone.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-219-78-204.deploy.static.akamaitechnologies.com
ak.ocoaksib.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
jouteetu.net
jouteetu.net — Cisco Umbrella Rank: 35620 |
|
9 |
ambanioffers.online
1 redirects
ambanioffers.online |
35 KB |
3 |
inrotomr.com
1 redirects
inrotomr.com — Cisco Umbrella Rank: 664873 |
16 KB |
3 |
rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 14304 |
2 KB |
3 |
beevakum.net
beevakum.net — Cisco Umbrella Rank: 243683 |
15 KB |
2 |
kingadblock.com
kingadblock.com |
5 KB |
1 |
tururu.info
tururu.info |
1 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 346 |
29 KB |
1 |
kingadblocker.com
kingadblocker.com |
3 KB |
1 |
ocoaksib.com
ak.ocoaksib.com — Cisco Umbrella Rank: 157174 |
2 KB |
1 |
datatechone.com
datatechone.com — Cisco Umbrella Rank: 41356 |
465 B |
1 |
desenteir.com
desenteir.com — Cisco Umbrella Rank: 719046 |
|
0 |
Failed
function sub() { [native code] }. Failed |
|
0 |
tdsjsext3.com
Failed
tdsjsext3.com Failed |
|
35 | 14 |
Domain | Requested by | |
---|---|---|
9 | jouteetu.net |
beevakum.net
|
9 | ambanioffers.online |
1 redirects
beevakum.net
ambanioffers.online |
3 | inrotomr.com |
1 redirects
ambanioffers.online
inrotomr.com |
3 | my.rtmark.net |
beevakum.net
inrotomr.com ak.ocoaksib.com |
3 | beevakum.net |
ambanioffers.online
beevakum.net |
2 | kingadblock.com |
kingadblocker.com
|
1 | tururu.info |
kingadblocker.com
|
1 | cdn.jsdelivr.net |
kingadblocker.com
|
1 | kingadblocker.com |
ak.ocoaksib.com
|
1 | ak.ocoaksib.com | |
1 | datatechone.com |
inrotomr.com
|
1 | desenteir.com |
ambanioffers.online
|
0 | flcjnflecolckmhfcmhhkichjhajjnlb Failed |
kingadblocker.com
|
0 | tdsjsext3.com Failed |
ambanioffers.online
|
35 | 14 |
This site contains links to these domains. Also see Links.
Domain |
---|
kingadblock.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
ambanioffers.online R3 |
2024-03-16 - 2024-06-14 |
3 months | crt.sh |
desenteir.com R3 |
2024-02-11 - 2024-05-11 |
3 months | crt.sh |
beevakum.net R3 |
2024-03-13 - 2024-06-11 |
3 months | crt.sh |
jouteetu.net R3 |
2024-03-13 - 2024-06-11 |
3 months | crt.sh |
rtmark.net R3 |
2024-03-02 - 2024-05-31 |
3 months | crt.sh |
inrotomr.com R3 |
2024-03-01 - 2024-05-30 |
3 months | crt.sh |
datatechone.com Sectigo RSA Domain Validation Secure Server CA |
2023-12-10 - 2024-12-23 |
a year | crt.sh |
ak.hetaruwg.com R3 |
2024-03-13 - 2024-06-11 |
3 months | crt.sh |
kingadblocker.com E1 |
2024-02-29 - 2024-05-29 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-02 - 2024-05-01 |
a year | crt.sh |
kingadblock.com GTS CA 1P5 |
2024-02-11 - 2024-05-11 |
3 months | crt.sh |
tururu.info GTS CA 1P5 |
2024-01-18 - 2024-04-17 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://kingadblocker.com/extension.php?jn=cjpa3mkS14z&_d=2&ju=6118780&jq=792803712455418566&jp=pa
Frame ID: CFD790C36C4812EEB5CF22D2DEF6E5A5
Requests: 33 HTTP requests in this frame
Frame:
https://tururu.info/a.php?id=0083&e=VPGCNBK0FG&c=cjpa3mkS14z&r=pa&cid=792803712455418566&z=6118780&v=13&dr=&inw=1600&inh=1200
Frame ID: 67B780B56DC3FC6CCDF5574B1426D75E
Requests: 1 HTTP requests in this frame
Frame:
https://kingadblock.com/clear.php
Frame ID: 1DA86E4377613DF4BAB020F5C8A66E7B
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Up - Ad BlockerPage URL History Show full URLs
-
http://ambanioffers.online/
HTTP 301
https://ambanioffers.online/ Page URL
- https://inrotomr.com/4/6903777 Page URL
-
https://inrotomr.com/?z=6903777&syncedCookie=true&rhd=false
HTTP 302
https://ak.ocoaksib.com/4/6118780/?var=6903777&btz=Europe/Berlin&bto=-60 Page URL
- https://kingadblocker.com/extension.php?jn=cjpa3mkS14z&_d=2&ju=6118780&jq=792803712455418566&jp=pa Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Bootstrap (Web Frameworks) Expand
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
jsDelivr (CDN) Expand
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Fortfahren
Search URL Search Domain Scan URL
Title: Privatsphäre
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://ambanioffers.online/
HTTP 301
https://ambanioffers.online/ Page URL
- https://inrotomr.com/4/6903777 Page URL
-
https://inrotomr.com/?z=6903777&syncedCookie=true&rhd=false
HTTP 302
https://ak.ocoaksib.com/4/6118780/?var=6903777&btz=Europe/Berlin&bto=-60 Page URL
- https://kingadblocker.com/extension.php?jn=cjpa3mkS14z&_d=2&ju=6118780&jq=792803712455418566&jp=pa Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://ambanioffers.online/ HTTP 301
- https://ambanioffers.online/
- https://inrotomr.com/?z=6903777&syncedCookie=true&rhd=false HTTP 302
- https://ak.ocoaksib.com/4/6118780/?var=6903777&btz=Europe/Berlin&bto=-60
35 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
ambanioffers.online/ Redirect Chain
|
64 KB 21 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
reverse.min.js
desenteir.com/tb1/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
micro.tag.min.js
beevakum.net/pfe/current/ |
35 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
custom
jouteetu.net/ |
0 0 |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sw-check-permissions-07c73.js
ambanioffers.online/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
custom
jouteetu.net/ |
0 0 |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
zone
beevakum.net/ |
0 260 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
custom
jouteetu.net/ |
0 0 |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
custom
jouteetu.net/ |
0 0 |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gid.js
my.rtmark.net/ |
65 B 546 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
custom
jouteetu.net/ |
0 0 |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
custom
jouteetu.net/ |
0 0 |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
custom
jouteetu.net/ |
0 0 |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zone
beevakum.net/ |
803 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mivscsk.jpg
ambanioffers.online/img/ |
922 B 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ny1.jpg
ambanioffers.online/img/b/R29vZ2xl/ |
6 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uT2As9Sb.jpg
ambanioffers.online/img/b/R29vZ2xl/ |
0 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nc13hrwb.jpg
ambanioffers.online/img/b/R29vZ2xl/ |
0 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IMG_20230518_082156.jpg
ambanioffers.online/img/b/R29vZ2xl/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
images%20%287%29.jpeg
ambanioffers.online/img/b/R29vZ2xl/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
getextparams
tdsjsext3.com/ExtService.svc/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
custom
jouteetu.net/ |
0 0 |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
custom
jouteetu.net/ |
0 0 |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6903777
inrotomr.com/4/ |
33 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
sftouch
inrotomr.com/ |
2 B 608 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img.gif
my.rtmark.net/ |
43 B 490 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
add
datatechone.com/log/ |
2 B 465 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ak.ocoaksib.com/4/6118780/ Redirect Chain
|
1 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
img.gif
my.rtmark.net/ |
43 B 506 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
extension.php
kingadblocker.com/ |
8 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/ |
190 KB 29 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon.png
kingadblock.com/images/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
icon.png
flcjnflecolckmhfcmhhkichjhajjnlb/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a.php
tururu.info/ Frame 67B7 |
96 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clear.php
kingadblock.com/ Frame 1DA8 |
0 398 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- tdsjsext3.com
- URL
- https://tdsjsext3.com/ExtService.svc/getextparams
- Domain
- flcjnflecolckmhfcmhhkichjhajjnlb
- URL
- chrome-extension://flcjnflecolckmhfcmhhkichjhajjnlb/icon.png
Verdicts & Comments Add Verdict or Comment
10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| req_existing_user object| landing_iframe function| openNewWindow function| openNewTab function| openSameTab function| listenInstallCompleted function| openInstructions object| windowObjectReference12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
my.rtmark.net/ | Name: ID Value: 82251d21cac041de9a2298fea2fe28b4 |
|
inrotomr.com/ | Name: oaidts Value: 1710582652 |
|
inrotomr.com/ | Name: OAID Value: 82251d21cac041de9a2298fea2fe28b4 |
|
inrotomr.com/ | Name: syncedCookie Value: true |
|
ak.ocoaksib.com/ | Name: OAID Value: 008021ea7ad44f0fe420ab60947fa823 |
|
ak.ocoaksib.com/ | Name: oaidts Value: 1710582653 |
|
.tururu.info/ | Name: c0083 Value: cjpa3mkS14z |
|
.tururu.info/ | Name: r0083 Value: pa |
|
.tururu.info/ | Name: cid0083 Value: 792803712455418566 |
|
.tururu.info/ | Name: z0083 Value: 6118780 |
|
.tururu.info/ | Name: e0083 Value: VPGCNBK0FG |
|
.tururu.info/ | Name: _asd Value: 17105826548650658 |
18 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ak.ocoaksib.com
ambanioffers.online
beevakum.net
cdn.jsdelivr.net
datatechone.com
desenteir.com
flcjnflecolckmhfcmhhkichjhajjnlb
inrotomr.com
jouteetu.net
kingadblock.com
kingadblocker.com
my.rtmark.net
tdsjsext3.com
tururu.info
flcjnflecolckmhfcmhhkichjhajjnlb
tdsjsext3.com
139.45.195.8
139.45.197.244
139.45.197.250
139.45.197.251
139.45.197.252
23.219.78.204
2606:4700:3032::6815:3b73
2606:4700::6810:5614
2a02:4780:11:785:0:2ff5:6ad3:8
2a06:98c1:3121::3
37.48.68.71
091483d5419eb9e98f0edd49563409fad2eb24f1d10bc161b9716e0f0ee86b35
0f62f747318a5e8d46d99f8a73d7bae6f06ce4e78beba5ff15acdf7563025613
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
86e3f73481ad46c4a45700d7748de3d3f91905c704bb6bee706a0751cd70aa7a
8d5f7d977f9b96d4f7abe30653ea52b3406938d5175ebb743bf839beab7f59f6
ac659687f647d5e86d31f6d9e4be3cd6a5534d01532d1310e8ced114919e0afb
b408c7cce4fb831f68e2e7ad292a5b4f5d6cc79cc441ef8bc6b72517a0d35595
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5bc70d7014dde2e59dcb85ac69c814511bdb38f9cbb2a76c2541124423e97d5
f82cb0dc44ea988256e1c996785211da06e6b1d49ef855936df57c4733bd5507