globaladblocker.com
Open in
urlscan Pro
2606:4700:3036::6815:2f69
Public Scan
Effective URL: https://globaladblocker.com/addon.php?gb=btogi51HAZppi&_c=12&gi=25679_148441&ge=80gwsccco8kw0g4g&gd=og&gg=148441
Submission: On July 01 via api from US — Scanned from NL
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 18th 2024. Valid for: a year.
This is the only time globaladblocker.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 188.114.97.3 188.114.97.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 2a05:d018:483... 2a05:d018:483:6130:e172:b78b:5302:f85c | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 88.208.46.156 88.208.46.156 | 39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS) | |
4 | 2606:4700:303... 2606:4700:3036::6815:2f69 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6812:ba1f | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 188.114.96.3 188.114.96.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
8 | 4 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
globaladblocker.com
globaladblocker.com |
12 KB |
1 |
globaladblock.pro
globaladblock.pro |
|
1 |
jurato.info
jurato.info |
|
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381 |
30 KB |
1 |
offergate-other8.com
1 redirects
offergate-other8.com |
586 B |
1 |
eastrk-dn.com
1 redirects
eastrk-dn.com |
3 KB |
1 |
safedevices.xyz
1 redirects
safedevices.xyz |
688 B |
0 |
Failed
function sub() { [native code] }. Failed |
|
8 | 8 |
Domain | Requested by | |
---|---|---|
4 | globaladblocker.com |
globaladblocker.com
|
1 | globaladblock.pro |
globaladblocker.com
|
1 | jurato.info |
globaladblocker.com
|
1 | cdn.jsdelivr.net |
globaladblocker.com
|
1 | offergate-other8.com | 1 redirects |
1 | eastrk-dn.com | 1 redirects |
1 | safedevices.xyz | 1 redirects |
0 | invalid Failed |
globaladblocker.com
|
8 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
globaladblocker.com Cloudflare Inc ECC CA-3 |
2024-01-18 - 2024-12-31 |
a year | crt.sh |
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA |
2024-05-04 - 2025-05-04 |
a year | crt.sh |
jurato.info GTS CA 1P5 |
2024-05-11 - 2024-08-09 |
3 months | crt.sh |
globaladblock.pro GTS CA 1P5 |
2024-05-09 - 2024-08-07 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://globaladblocker.com/addon.php?gb=btogi51HAZppi&_c=12&gi=25679_148441&ge=80gwsccco8kw0g4g&gd=og&gg=148441
Frame ID: CF7AEF9D354033C979F37BCE219E6BA1
Requests: 6 HTTP requests in this frame
Frame:
https://jurato.info/a.php?id=0068&e=VPGCNBK0FG&c=btogi51HAZppi&r=og&cid=80gwsccco8kw0g4g&z=25679_148441&m=148441&v=12&dr=&inw=1600&inh=1200
Frame ID: EBA60B06D781691544AF2F5D0DF04DF2
Requests: 1 HTTP requests in this frame
Frame:
https://globaladblock.pro/gc.php
Frame ID: 3D34BF12C45D25D53CC71EBE140E81DB
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Global Ad BlockerPage URL History Show full URLs
-
http://safedevices.xyz/click?key=6272b4d6a73dcfd43478&subid=$%7Bsubid%7D&cost=%7Bcost%7D&zoneid=%7B...
HTTP 307
https://safedevices.xyz/click?key=6272b4d6a73dcfd43478&subid=$%7Bsubid%7D&cost=%7Bcost%7D&zoneid=%7B... HTTP 307
https://eastrk-dn.com/?a=148441&c=375117&co=196470&mt=24&s2=cq14tptkg6vs73crmehg HTTP 302
https://offergate-other8.com/1-8kbqt-eys-bjtb-i45m?subid_1=148441&subid_7=696a535877964f4f8312611ed41d6d6... HTTP 302
https://globaladblocker.com/addon.php?gb=btogi51HAZppi&_c=12&gi=25679_148441&ge=80gwsccco8kw0g4g&gd=og&g... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Bootstrap (Web Frameworks) Expand
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
jsDelivr (CDN) Expand
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://safedevices.xyz/click?key=6272b4d6a73dcfd43478&subid=$%7Bsubid%7D&cost=%7Bcost%7D&zoneid=%7Bzoneid%7D&os=%7Bos%7D&device=%7Bdevice%7D&browser=%7Bbrowser%7D&browser_lang=%7Bbrowser_lang%7D&connection_type=%7Bconnection_type%7D&carrier=%7Bcarrier%7D&bannerid=%7Bbannerid%7D&cohort=%7Bcohort%7D&geo=%7Bgeo%7D
HTTP 307
https://safedevices.xyz/click?key=6272b4d6a73dcfd43478&subid=$%7Bsubid%7D&cost=%7Bcost%7D&zoneid=%7Bzoneid%7D&os=%7Bos%7D&device=%7Bdevice%7D&browser=%7Bbrowser%7D&browser_lang=%7Bbrowser_lang%7D&connection_type=%7Bconnection_type%7D&carrier=%7Bcarrier%7D&bannerid=%7Bbannerid%7D&cohort=%7Bcohort%7D&geo=%7Bgeo%7D HTTP 307
https://eastrk-dn.com/?a=148441&c=375117&co=196470&mt=24&s2=cq14tptkg6vs73crmehg HTTP 302
https://offergate-other8.com/1-8kbqt-eys-bjtb-i45m?subid_1=148441&subid_7=696a535877964f4f8312611ed41d6d6e2493c&subid_2= HTTP 302
https://globaladblocker.com/addon.php?gb=btogi51HAZppi&_c=12&gi=25679_148441&ge=80gwsccco8kw0g4g&gd=og&gg=148441 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
addon.php
globaladblocker.com/ Redirect Chain
|
8 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/ |
190 KB 30 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon.png
globaladblocker.com/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cws.png
globaladblocker.com/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
invalid/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
a.php
jurato.info/ Frame EBA6 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gc.php
globaladblock.pro/ Frame 3D34 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon.png
globaladblocker.com/ |
5 KB 0 |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- invalid
- URL
- chrome-extension://invalid/
Verdicts & Comments Add Verdict or Comment
13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 undefined| event object| fence object| sharedStorage object| req_existing_user object| landing_iframe function| openNewWindow function| openNewTab function| openSameTab function| listenInstallCompleted function| openInstructions object| windowObjectReference20 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
safedevices.xyz/ | Name: uclick Value: yeuNxw1VPNg107X0OmCYsR5Tciue7TaGpQ0ozCvsa29j78HeRrJAPtSuXRt+uas0wPrAkQ== |
|
safedevices.xyz/ | Name: bcid Value: cq14tptkg6vs73crmehg |
|
safedevices.xyz/ | Name: cid Value: cq14tptkg6vs73crmehg |
|
.eastrk-dn.com/ | Name: gdm_uid_v2_1_001 Value: tVWM1OIv/cL1HVS7YAHe8mh9bsAoP5SsU9BIAdIYV79iOxcL/WgdJvsAFVlkSTbF |
|
.eastrk-dn.com/ | Name: gdm_click_freq_v2_1_001 Value: 3u1s7lz8G0OhRC+o2Vj7AfXJHtO1H+7L+LomoaW+//fbueMdRcQG7dZxsJPUHHLp |
|
.eastrk-dn.com/ | Name: gdm_suid_v1_1_001 Value: HPfHs3OFxkaNOwO68jCjbQ== |
|
.eastrk-dn.com/ | Name: gdm_click_freq_v1_1_001 Value: 3u1s7lz8G0OhRC+o2Vj7AfXJHtO1H+7L+LomoaW+//fbueMdRcQG7dZxsJPUHHLp |
|
.eastrk-dn.com/ | Name: gdm_click_adv_freq_v2_1_001 Value: vbfhUX61ZvaigI9ISJaAQN+ebkttqmM6Uku8z5KYMBoHDdgOZPAxujbl/exWIa8F |
|
.eastrk-dn.com/ | Name: gdm_click_adv_freq_v1_1_001 Value: vbfhUX61ZvaigI9ISJaAQN+ebkttqmM6Uku8z5KYMBoHDdgOZPAxujbl/exWIa8F |
|
.eastrk-dn.com/ | Name: gdm_sid_v1_3_001 Value: QpveJX3J+gb/jr5Ydepf6btql0ERhRZ7qOYLGKlYp5a5WPsBTPPCanvb3M2M7QCyCFfCi1ydRbewXU4wFPpMNXDmykZtoECh4SoFqGmgk6+LKSnhDTBBrGtnCjhmdbaNFj5HOKU2qT6377HLyBXG9tc8HY8hq3Xc0VRXok2EK6qU0I0twtn/B7m87maml/ILDmu+8d3ht7I1QyrDRLwlU/fXBfk/4xEpgG+fKNQYBDoj3B5y1zHaIkNVpeCvP2yo+M0EeoJfGEf44vu9rn2DUDGR5g7huHTyGrb2tTn1fqqjUVs2Fz7kMnJfjsHXnSx4R9rIQb2mzMvGeMtn+EUqmd43mGe47jOcr1RTy4gDMqoy8qH/7K0XDUviLvdS/tehviTsRx2h2tjk9VmoaCS6Q3vvVKK0rmTivZAbHCgGLNF6STLeTC3Dhn6PKZl8lkC78UCCHE9fCjjst/x/KYO0/EMnNZ/NT0K6/YAlHCxiksN4Qd3/HOdbccV/vBMQ2XuIWdeDBfkxQbtOAZnvDgNpNUFXze3vPRteBf8oC1FEH6q86RBTbXoRZgNwez9M1yGCRdcvQDM1PPvRC+ZeTuHYc8eFMOOkkHHg06/C2Ew6jrepyR4xcvMBOZpu1ygtZe6h5JCaQ8M8BGyQA9kHR5tDxd2uemF5oMrPfkdNz1KfgbNfs8UeS7LNJaAoRtzFaIzI8kxy51VXjmQLYvekdGbcJj8M2gjNE6CI4UzOlA3Mn+JfT10S1ykEGZSDiigRLY8SOo/7nRuaLmBWsI+ydcRtL3ZULvc4g1hNGYscy3GftmDEUlslviqumthcr3Sery26FtXE5BL1DFx5HGJ1mc5dP4LOZmf+kIMkqfBvx2TuCvvkn6sgijGr2TEOPcI1cA+r8NldColbQZ/vltbErO3cKwI26c6CJi+hUlWROibksfhAsFEkzwa4ogYnAGuDOx9foDUHLTjq0cuwboJVT8ni+MGSuHWA002qfkoWZc39nLjxMtlKFZZc94KQ8Yg+k5Ge+8Wm/BLZ2wtTgxbVNQCxcL4Bqp061vN1/vSWggXpFbbPHET9e6DxMCDazXxLK8+F7gIqBArRwZTN2PGzTbXG2w== |
|
.eastrk-dn.com/ | Name: gdm_sid_v2_3_001 Value: QpveJX3J+gb/jr5Ydepf6btql0ERhRZ7qOYLGKlYp5a5WPsBTPPCanvb3M2M7QCyCFfCi1ydRbewXU4wFPpMNXDmykZtoECh4SoFqGmgk6+LKSnhDTBBrGtnCjhmdbaNFj5HOKU2qT6377HLyBXG9tc8HY8hq3Xc0VRXok2EK6qU0I0twtn/B7m87maml/ILDmu+8d3ht7I1QyrDRLwlU/fXBfk/4xEpgG+fKNQYBDoj3B5y1zHaIkNVpeCvP2yo+M0EeoJfGEf44vu9rn2DUDGR5g7huHTyGrb2tTn1fqqjUVs2Fz7kMnJfjsHXnSx4R9rIQb2mzMvGeMtn+EUqmd43mGe47jOcr1RTy4gDMqoy8qH/7K0XDUviLvdS/tehviTsRx2h2tjk9VmoaCS6Q3vvVKK0rmTivZAbHCgGLNF6STLeTC3Dhn6PKZl8lkC78UCCHE9fCjjst/x/KYO0/EMnNZ/NT0K6/YAlHCxiksN4Qd3/HOdbccV/vBMQ2XuIWdeDBfkxQbtOAZnvDgNpNUFXze3vPRteBf8oC1FEH6q86RBTbXoRZgNwez9M1yGCRdcvQDM1PPvRC+ZeTuHYc8eFMOOkkHHg06/C2Ew6jrepyR4xcvMBOZpu1ygtZe6h5JCaQ8M8BGyQA9kHR5tDxd2uemF5oMrPfkdNz1KfgbNfs8UeS7LNJaAoRtzFaIzI8kxy51VXjmQLYvekdGbcJj8M2gjNE6CI4UzOlA3Mn+JfT10S1ykEGZSDiigRLY8SOo/7nRuaLmBWsI+ydcRtL3ZULvc4g1hNGYscy3GftmDEUlslviqumthcr3Sery26FtXE5BL1DFx5HGJ1mc5dP4LOZmf+kIMkqfBvx2TuCvvkn6sgijGr2TEOPcI1cA+r8NldColbQZ/vltbErO3cKwI26c6CJi+hUlWROibksfhAsFEkzwa4ogYnAGuDOx9foDUHLTjq0cuwboJVT8ni+MGSuHWA002qfkoWZc39nLjxMtlKFZZc94KQ8Yg+k5Ge+8Wm/BLZ2wtTgxbVNQCxcL4Bqp061vN1/vSWggXpFbbPHET9e6DxMCDazXxLK8+F7gIqBArRwZTN2PGzTbXG2w== |
|
.eastrk-dn.com/ | Name: gdm_suid_v2_1_001 Value: HPfHs3OFxkaNOwO68jCjbQ== |
|
.eastrk-dn.com/ | Name: gdm_uid_v1_1_001 Value: tVWM1OIv/cL1HVS7YAHe8mh9bsAoP5SsU9BIAdIYV79iOxcL/WgdJvsAFVlkSTbF |
|
offergate-other8.com/ | Name: visitId Value: 80gwsccco8kw0g4g |
|
.jurato.info/ | Name: c0068 Value: btogi51HAZppi |
|
.jurato.info/ | Name: r0068 Value: og |
|
.jurato.info/ | Name: cid0068 Value: 80gwsccco8kw0g4g |
|
.jurato.info/ | Name: z0068 Value: 25679_148441 |
|
.jurato.info/ | Name: e0068 Value: VPGCNBK0FG |
|
.jurato.info/ | Name: _asd Value: 17198159126423256 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
eastrk-dn.com
globaladblock.pro
globaladblocker.com
invalid
jurato.info
offergate-other8.com
safedevices.xyz
invalid
188.114.96.3
188.114.97.3
2606:4700:3036::6815:2f69
2606:4700::6812:ba1f
2a05:d018:483:6130:e172:b78b:5302:f85c
88.208.46.156
2b74fcd6c38eb603d9c86cd1c8cb97ba423d200d7e3e555cbc5a704ac456e00f
95029d9bc75b50e882b7bf8d2613265caddcaa3d53e23747ca7db385bb0bf6b9
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
cd7865925cd7cb9cad3960822a7603383a6502421146879f7842fc9ed7039186