extension.advancedsearchlab.com
Open in
urlscan Pro
64.227.53.158
Public Scan
Effective URL: https://extension.advancedsearchlab.com/index.php?clid=f17eesc8p1nxsbb8&wo=1&fa=1&domain=click.find-more.xyz&uc=sc8p1nxs
Submission: On April 07 via api from CH
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on March 18th 2020. Valid for: 3 months.
This is the only time extension.advancedsearchlab.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 5.149.248.110 5.149.248.110 | 59711 (HZ-NL-AS) (HZ-NL-AS) | |
1 1 | 5.149.248.70 5.149.248.70 | 59711 (HZ-NL-AS) (HZ-NL-AS) | |
1 | 78.140.165.10 78.140.165.10 | 35415 (WEBZILLA) (WEBZILLA) | |
2 2 | 104.16.107.201 104.16.107.201 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 104.16.107.129 104.16.107.129 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2a00:1450:400... 2a00:1450:4001:808::200a | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 198.134.116.30 198.134.116.30 | 27257 (WEBAIR-IN...) (WEBAIR-INTERNET) | |
1 1 | 34.230.174.59 34.230.174.59 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 1 | 157.245.252.178 157.245.252.178 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
1 5 | 64.227.53.158 64.227.53.158 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
2 | 2a00:1450:400... 2a00:1450:4001:814::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2606:4700::68... 2606:4700::6810:84e5 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
13 | 6 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-174-59.compute-1.amazonaws.com
ps.popcash.net |
ASN14061 (DIGITALOCEAN-ASN, US)
extension.advancedsearchlab.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
advancedsearchlab.com
1 redirects
extension.advancedsearchlab.com |
57 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com |
7 KB |
2 |
gstatic.com
fonts.gstatic.com |
22 KB |
2 |
googleapis.com
fonts.googleapis.com |
1 KB |
2 |
saturalcorre.info
saturalcorre.info |
31 KB |
2 |
reroplittrewheck.pro
2 redirects
reroplittrewheck.pro |
2 KB |
1 |
find-more.xyz
1 redirects
click.find-more.xyz |
258 B |
1 |
popcash.net
1 redirects
ps.popcash.net |
396 B |
1 |
realtime-bid.com
1 redirects
xml.realtime-bid.com |
230 B |
1 |
g3nerat3dn3w.best
g3nerat3dn3w.best |
6 KB |
1 |
xtraserp.com
1 redirects
xtraserp.com |
614 B |
1 |
imgfil.com
1 redirects
imgfil.com |
484 B |
13 | 12 |
Domain | Requested by | |
---|---|---|
5 | extension.advancedsearchlab.com |
1 redirects
saturalcorre.info
extension.advancedsearchlab.com |
2 | cdnjs.cloudflare.com |
extension.advancedsearchlab.com
|
2 | fonts.gstatic.com |
extension.advancedsearchlab.com
|
2 | fonts.googleapis.com |
saturalcorre.info
extension.advancedsearchlab.com |
2 | saturalcorre.info |
g3nerat3dn3w.best
saturalcorre.info |
2 | reroplittrewheck.pro | 2 redirects |
1 | click.find-more.xyz | 1 redirects |
1 | ps.popcash.net | 1 redirects |
1 | xml.realtime-bid.com | 1 redirects |
1 | g3nerat3dn3w.best | |
1 | xtraserp.com | 1 redirects |
1 | imgfil.com | 1 redirects |
13 | 12 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.advancedsearchlab.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
g3nerat3dn3w.best Let's Encrypt Authority X3 |
2020-04-01 - 2020-06-30 |
3 months | crt.sh |
saturalcorre.info CloudFlare Inc ECC CA-2 |
2020-04-07 - 2020-10-09 |
6 months | crt.sh |
*.storage.googleapis.com GTS CA 1O1 |
2020-03-03 - 2020-05-26 |
3 months | crt.sh |
extension.advancedsearchlab.com Let's Encrypt Authority X3 |
2020-03-18 - 2020-06-16 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2020-03-03 - 2020-05-26 |
3 months | crt.sh |
cloudflare.com CloudFlare Inc ECC CA-2 |
2020-01-07 - 2020-10-09 |
9 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://extension.advancedsearchlab.com/index.php?clid=f17eesc8p1nxsbb8&wo=1&fa=1&domain=click.find-more.xyz&uc=sc8p1nxs
Frame ID: 34D67BB2EFD75A2D581C83E946A1A072
Requests: 13 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://imgfil.com/1b5pbw
HTTP 302
http://xtraserp.com/isoptin/ammonium/astringents.ZG93bmxvYWR8enA1TXpOamMySXdmSHd4TlRnMU1UWTRNRGc... HTTP 302
https://g3nerat3dn3w.best/r/?token=9d0745f9c8757824933c881516f6b51678e7f13f&q=UBS%3A+Apple+looks+stron... Page URL
-
https://reroplittrewheck.pro/redirect?tid=754576&subid=f294692c00ac34b8&puid=AGLkjF7giAAAV-cBAE5MNAASAELo...
HTTP 302
https://saturalcorre.info/YNS?tag_id=754576&sub_id1=f294692c00ac34b8&sub_id2=7470624193150165338&cooki... Page URL
-
https://reroplittrewheck.pro/?tid=801790&noocp=1&subid=f294692c00ac34b8
HTTP 302
https://xml.realtime-bid.com/click?i=ELARBEjGuNU_0 HTTP 302
http://ps.popcash.net/ad/ad?p=198473&w=546423&d=2609af0055a93f46cd87-1583247675546423&s=215319.801790 HTTP 303
https://click.find-more.xyz/c.php?cakey=hbokbcvva8xxmvid2vs3&clickid=79175109253&bid=0.00130&siteid=5464... HTTP 302
https://extension.advancedsearchlab.com/redirect.php?clid=f17eesc8p1nxsbb8&wo=1&fa=1&domain=click.find-more.xyz&uc=s... HTTP 302
https://extension.advancedsearchlab.com/index.php?clid=f17eesc8p1nxsbb8&wo=1&fa=1&domain=click.find-more.xyz&uc=sc8p... Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
animate.css (Web Frameworks) Expand
Detected patterns
- html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: EULA
Search URL Search Domain Scan URL
Title: GDPR
Search URL Search Domain Scan URL
Title: Security
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://imgfil.com/1b5pbw
HTTP 302
http://xtraserp.com/isoptin/ammonium/astringents.ZG93bmxvYWR8enA1TXpOamMySXdmSHd4TlRnMU1UWTRNRGcxZkh3eU16VTBmSHdvVFU5T1UxUkZVaWtnVDNabGNpMWliRzluTG1OdmJTQmJVRzl6ZEVkbGRGMA/daily&prefaced==uvulopalatoplasty.VUJTOiBBcHBsZSBsb29rcyBzdHJvbmcgaW4gQ2hpbmEgYWhlYWQgb2YgZWFybmluZ3MVUJ HTTP 302
https://g3nerat3dn3w.best/r/?token=9d0745f9c8757824933c881516f6b51678e7f13f&q=UBS%3A+Apple+looks+strong+in+China+ahead+of+earnings&s3=UBS%3A+Apple+looks+strong+in+China+ahead+of+earnings&s2=mmaa&s1=ufE1BQ19kYXRhMnw Page URL
-
https://reroplittrewheck.pro/redirect?tid=754576&subid=f294692c00ac34b8&puid=AGLkjF7giAAAV-cBAE5MNAASAELoVr8A
HTTP 302
https://saturalcorre.info/YNS?tag_id=754576&sub_id1=f294692c00ac34b8&sub_id2=7470624193150165338&cookie_id=eaa91633-8204-42fc-aaf3-2c346ec37c71&lp=stanley&convert=Your%20Video%20Is%20Ready%20To%20Stream&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freroplittrewheck.pro%2F%3Ftid%3D801790%26noocp%3D1%26subid%3Df294692c00ac34b8&hop=7&geo=NL Page URL
-
https://reroplittrewheck.pro/?tid=801790&noocp=1&subid=f294692c00ac34b8
HTTP 302
https://xml.realtime-bid.com/click?i=ELARBEjGuNU_0 HTTP 302
http://ps.popcash.net/ad/ad?p=198473&w=546423&d=2609af0055a93f46cd87-1583247675546423&s=215319.801790 HTTP 303
https://click.find-more.xyz/c.php?cakey=hbokbcvva8xxmvid2vs3&clickid=79175109253&bid=0.00130&siteid=546423&category=Adult&cc=NL&operatingsystem=OS%20X&campaignid=297039&connection=WiFi&device=desktop&browser=Chrome&carrier= HTTP 302
https://extension.advancedsearchlab.com/redirect.php?clid=f17eesc8p1nxsbb8&wo=1&fa=1&domain=click.find-more.xyz&uc=sc8p1nxs HTTP 302
https://extension.advancedsearchlab.com/index.php?clid=f17eesc8p1nxsbb8&wo=1&fa=1&domain=click.find-more.xyz&uc=sc8p1nxs Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://imgfil.com/1b5pbw HTTP 302
- http://xtraserp.com/isoptin/ammonium/astringents.ZG93bmxvYWR8enA1TXpOamMySXdmSHd4TlRnMU1UWTRNRGcxZkh3eU16VTBmSHdvVFU5T1UxUkZVaWtnVDNabGNpMWliRzluTG1OdmJTQmJVRzl6ZEVkbGRGMA/daily&prefaced==uvulopalatoplasty.VUJTOiBBcHBsZSBsb29rcyBzdHJvbmcgaW4gQ2hpbmEgYWhlYWQgb2YgZWFybmluZ3MVUJ HTTP 302
- https://g3nerat3dn3w.best/r/?token=9d0745f9c8757824933c881516f6b51678e7f13f&q=UBS%3A+Apple+looks+strong+in+China+ahead+of+earnings&s3=UBS%3A+Apple+looks+strong+in+China+ahead+of+earnings&s2=mmaa&s1=ufE1BQ19kYXRhMnw
- https://reroplittrewheck.pro/redirect?tid=754576&subid=f294692c00ac34b8&puid=AGLkjF7giAAAV-cBAE5MNAASAELoVr8A HTTP 302
- https://saturalcorre.info/YNS?tag_id=754576&sub_id1=f294692c00ac34b8&sub_id2=7470624193150165338&cookie_id=eaa91633-8204-42fc-aaf3-2c346ec37c71&lp=stanley&convert=Your%20Video%20Is%20Ready%20To%20Stream&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freroplittrewheck.pro%2F%3Ftid%3D801790%26noocp%3D1%26subid%3Df294692c00ac34b8&hop=7&geo=NL
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
/
g3nerat3dn3w.best/r/ Redirect Chain
|
5 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
YNS
saturalcorre.info/ Redirect Chain
|
12 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dlp
saturalcorre.info/ |
64 KB 26 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 660 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
index.php
extension.advancedsearchlab.com/ Redirect Chain
|
23 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.2/ |
57 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 672 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.css
extension.advancedsearchlab.com/css/ |
7 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bowser.min.js
cdnjs.cloudflare.com/ajax/libs/bowser/1.9.4/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chrome-install-en.mp3
extension.advancedsearchlab.com/audio/ |
24 KB 25 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
alert.mp3
extension.advancedsearchlab.com/audio/ |
16 KB 17 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| bowser2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.advancedsearchlab.com/ | Name: clid Value: f17eesc8p1nxsbb8 |
|
extension.advancedsearchlab.com/ | Name: PHPSESSID Value: eqraspdhr16f21nmk45mittrut |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
click.find-more.xyz
extension.advancedsearchlab.com
fonts.googleapis.com
fonts.gstatic.com
g3nerat3dn3w.best
imgfil.com
ps.popcash.net
reroplittrewheck.pro
saturalcorre.info
xml.realtime-bid.com
xtraserp.com
104.16.107.129
104.16.107.201
157.245.252.178
198.134.116.30
2606:4700::6810:84e5
2a00:1450:4001:808::200a
2a00:1450:4001:814::2003
34.230.174.59
5.149.248.110
5.149.248.70
64.227.53.158
78.140.165.10
00d4fbacbadc6ecbd73be323ec77febf3d856ce00dc5334d06462a315c7da8e7
1028581e56a1a4b4d799b816732c1d06e559a05a1e62add6900c8302ea491bf1
33c4dbad2053699f8332ce40e0edbba0d72563a981950fd574a8f04450b97a63
3c770e90f98eb21b0c042fafb49755af93306fbaf42e449524f94fae9fc83295
587df51b1d65723c0d3a566c745768ce0348c9457d2a58cbec6d7d1dc379fa3b
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
7e713609b4f3dbd0b06526231b09bcb3b02fd74c89e8655a439a692a6d31fe8b
ad5a90236cd4ab7c5e7089b4d14cbd490fa3ff629ba6e9861ed0f5a048a7177e
b52f6b6011741e76cefa2be41164bbc9b33bba334b9ad15b03abad37b609d983
bf8aa5ab5085d8d2defe0ba16d9ad5746190d297255a1c8e863ce4abca41a585
da02dcdadf05af29758c3eaf806e88d58c7392847af08892a94e0ea35ef77ac3