urlscan.io logo urlscan.io
SecurityTrails logo

www.dclicks.site Open in urlscan Pro
172.67.201.197  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://dclicks.site/e213n/index.php
Effective URL: https://www.dclicks.site/e213n/index.php
Submission: On December 01 via api from US — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 16 HTTP transactions. The main IP is 172.67.201.197, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.dclicks.site.
TLS certificate: Issued by WE1 on November 4th 2024. Valid for: 3 months.
This is the only time www.dclicks.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 172.67.201.197 13335 (CLOUDFLAR...)
1 142.250.185.202 15169 (GOOGLE)
1 104.21.20.211 13335 (CLOUDFLAR...)
3 188.114.96.3 13335 (CLOUDFLAR...)
2 142.250.184.234 15169 (GOOGLE)
2 142.250.185.195 15169 (GOOGLE)
1 1 172.67.145.143 13335 (CLOUDFLAR...)
1 172.67.73.113 13335 (CLOUDFLAR...)
16 8
7    172.67.201.197 (United States)

ASN13335 (CLOUDFLARENET, US)
dclicks.site
www.dclicks.site
1    142.250.185.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f10.1e100.net
ajax.googleapis.com
1    104.21.20.211 (None, )

ASN13335 (CLOUDFLARENET, US)
qfqbk.nxt-psh.com
3    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
qfqbk.ajscdn.com
2    142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net
fonts.googleapis.com
2    142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net
fonts.gstatic.com
1    172.67.145.143 (United States)

ASN13335 (CLOUDFLARENET, US)
inpp-ssp-trk.trkless.com
1    172.67.73.113 (United States)

ASN13335 (CLOUDFLARENET, US)
static.imghst-de.com
Apex Domain
Subdomains		 Transfer
7 dclicks.site
dclicks.site
www.dclicks.site
156 KB
3 ajscdn.com
qfqbk.ajscdn.com
14 KB
3 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 415
fonts.googleapis.com — Cisco Umbrella Rank: 29
33 KB
2 gstatic.com
fonts.gstatic.com
37 KB
1 imghst-de.com
static.imghst-de.com — Cisco Umbrella Rank: 13122
4 KB
1 trkless.com
inpp-ssp-trk.trkless.com — Cisco Umbrella Rank: 212581
737 B
1 nxt-psh.com
qfqbk.nxt-psh.com
14 KB
16 7
Domain Requested by
6 www.dclicks.site www.dclicks.site
3 qfqbk.ajscdn.com www.dclicks.site
qfqbk.ajscdn.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com www.dclicks.site
client
1 static.imghst-de.com
1 inpp-ssp-trk.trkless.com 1 redirects
1 qfqbk.nxt-psh.com www.dclicks.site
1 ajax.googleapis.com www.dclicks.site
1 dclicks.site 1 redirects
16 9

This site contains links to these domains. Also see Links.

Domain
www.traffibox.com
Subject Issuer Validity Valid
dclicks.site
WE1		 2024-11-04 -
2025-02-02		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
nxt-psh.com
WE1		 2024-10-10 -
2025-01-08		 3 months crt.sh
ajscdn.com
WE1		 2024-11-23 -
2025-02-21		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.dclicks.site/e213n/index.php
Frame ID: 77ED93192FD0FE5BD76CAEF806B1D17F
Requests: 15 HTTP requests in this frame

Frame: https://static.imghst-de.com/4f3ca810-a28f-4b8b-8c2a-0d3d6f97ba67.png
Frame ID: 86BB1B09C695EDE2FFE44528CB678771
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

DatingNSFW

Page URL History Show full URLs

  1. https://dclicks.site/e213n/index.php HTTP 301
    https://www.dclicks.site/e213n/index.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

94 %
HTTPS

0 %
IPv6

7
Domains

9
Subdomains

8
IPs

3
Countries

258 kB
Transfer

487 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://dclicks.site/e213n/index.php HTTP 301
    https://www.dclicks.site/e213n/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://inpp-ssp-trk.trkless.com/trk?s1=QgmRxgdVtwnpndqnSBOTP2USrV77qAuJkp48lKDmGLuTFNewcaLbuFmeDgBxacLZAhI%2FjIqZifayrmTv0QX7gATDDb7MD5SYL6qMcKOBN%2F8003owcNlmbyN2mIeAWk%2FvmmQflZz0z0%2BFSK54tBx6MkvP6%2BhgCViIQcGrhDDXEmQjvhGcGbk3kfp%2FbuAsNag4BIEGv4Id7ZAXAekpT5qGaL%2BJt%2Bmf3SO96vwb3U4LgmDGsYZdul9zWINA6oGfQIPI%2FN73QQ1EGEPefWaCW6aAyJsszRahewcUChgfyvVY1HXSPhreVeSGXVl9Xh1AslpoLoZnWIUCKxvmfwnMyoinna7wkzmIQCE98V%2FrBbqimeuiT2fgy4vZkaKl5%2FgalUhsJpKgLBuYV8BPYSN7F1sCFAN1%2Bvxfm9rve13YCPr5Tqk1nm6fpYbSDaShrKw3sEI1Yj7VVAGncD5hGiPLzt2vLcQZdoXfgtDS%2BN%2FP5ZcwikE%2BJntfmBRTUbh36etWHph497DN0uYUXq%2B%2BZ633zBYm6V29qZlpLZWJQ1Gt0EyFemETVfMed9AzhXxcNaOhsAV3StDqOU%2BN92E8eP7xoAHZCVNXF3wOvLh5PgsHnfKvKfwXJqJbSnZMABpV876Kr17UUGpHOQfX9wD%2BdByFl%2BuKZwxRZhgmUg1yPKAIjEgmT1FSgOMivf%2BCjr68zcxp3xvham8Cy5xtIFisJ6Ybk1skyoSPleGlSWLu%2Bm06pR5USj%2Fjrye1puJWcJPJ&type=1&brid=PB06-0HN7TH63TRHIH0DQ7&nrid=87b20269f58a82d76b1be7028e1e5e85 HTTP 302
  • https://static.imghst-de.com/4f3ca810-a28f-4b8b-8c2a-0d3d6f97ba67.png

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
www.dclicks.site/e213n/
Redirect Chain
  • https://dclicks.site/e213n/index.php
  • https://www.dclicks.site/e213n/index.php
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dclicks.site/e213n/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.201.197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8060bb0d88184a326850e5a756f2306885da6aa0eefdb12524c881bcc38cfd84
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8eb1613c9ada5caa-FRA
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Sun, 01 Dec 2024 07:31:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3kCM3O1nGV7gl0mmZ5Qj0tZQ1I%2Fnh8u7FkSTPiwq36Gorh7P9HLcYHDCMDq%2Bdv8eFLUKVQvLKiZC8fvKmwgDH9EJi9iNSP7iv4inRcdKADeLH8360oBQuIH%2F66bCE5IPEPyq"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=28715&min_rtt=21357&rtt_var=14190&sent=10&recv=12&lost=0&retrans=0&sent_bytes=4875&recv_bytes=2410&delivery_rate=117032&cwnd=256&unsent_bytes=0&cid=6fee47ec1c6cd82b&ts=325&x=0"
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-permitted-cross-domain-policies
master-only master-only
x-xss-protection
1; mode=block 1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8eb1613baa595caa-FRA
content-type
text/html
date
Sun, 01 Dec 2024 07:31:49 GMT
location
https://www.dclicks.site/e213n/index.php
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BbOlnRxVBrqjn%2BLf237OmQzxxkG%2BT%2FxY5dHwiYelqDoCNRfWeZZTxE2uHluYwyUF78BY%2FOVnSAtMqyBMRCArmdwxKkeJhIxBbt427Gt0p85iiMFq0T8SO3LRjR8oRww%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=25264&min_rtt=21357&rtt_var=10424&sent=6&recv=8&lost=0&retrans=0&sent_bytes=3912&recv_bytes=2268&delivery_rate=102848&cwnd=253&unsent_bytes=0&cid=6fee47ec1c6cd82b&ts=170&x=0"
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
master-only
x-xss-protection
1; mode=block
styles.css
www.dclicks.site/e213n/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dclicks.site/e213n/css/styles.css
Requested by
Host: www.dclicks.site
URL: https://www.dclicks.site/e213n/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.201.197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e74bcc05c436d6d3534dd4193fa1f29e3f109d328034e9bce6011a14731ec35

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.dclicks.site/e213n/index.php

Response headers

content-encoding
zstd
cf-cache-status
MISS
etag
W/"64e0d319-1c89"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5dM%2BiKW70SiWkAu7yaM8eRDgpSiXzxFmtAWOIHHFHydlnfKwwaVhr3rLHQMaox87mpVMVNnRU%2B2bwSz1KvoRHYoDCKTfkmfZE%2FlTkj0KQhBv75KJlnKVSkrkViWkg4nm%2BjU0"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=38617&min_rtt=21357&rtt_var=26477&sent=18&recv=15&lost=0&retrans=0&sent_bytes=8267&recv_bytes=2695&delivery_rate=117032&cwnd=256&unsent_bytes=0&cid=6fee47ec1c6cd82b&ts=479&x=0"
date
Sun, 01 Dec 2024 07:31:50 GMT
content-type
text/css
last-modified
Sat, 19 Aug 2023 14:35:05 GMT
vary
Accept-Encoding
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8eb1613d6b2c5caa-FRA
access-control-allow-origin
*
server
cloudflare
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.7.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js
Requested by
Host: www.dclicks.site
URL: https://www.dclicks.site/e213n/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
sffe /
Resource Hash
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
age
158368
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Sat, 29 Nov 2025 11:32:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 11:32:22 GMT
last-modified
Tue, 12 Sep 2023 02:38:22 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
30462
x-xss-protection
0
server
sffe
notifications.js
www.dclicks.site/e213n/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dclicks.site/e213n/js/notifications.js
Requested by
Host: www.dclicks.site
URL: https://www.dclicks.site/e213n/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.201.197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9c7de620de17d3edd06df7ad292c4317359dcef409be2b3c965dc62966c0a50

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.dclicks.site/e213n/index.php

Response headers

content-encoding
zstd
cf-cache-status
MISS
etag
W/"65b67350-629"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H3Aj4KooxJz9k2ecMV%2F31pZ%2FnQuiZPQp3F0%2B3b4EQn6ylZn%2BwkpxijgyFehaXpuT%2BC6agi8T2k91O1BbeFBA4qC1Ab0qLo8Am%2B%2FEDG36eOlv5g2fbOyIAH9uSHy7s3j71i3r"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=38617&min_rtt=21357&rtt_var=26477&sent=15&recv=15&lost=0&retrans=0&sent_bytes=6990&recv_bytes=2695&delivery_rate=117032&cwnd=256&unsent_bytes=0&cid=6fee47ec1c6cd82b&ts=479&x=0"
date
Sun, 01 Dec 2024 07:31:50 GMT
content-type
application/javascript
last-modified
Sun, 28 Jan 2024 15:31:28 GMT
vary
Accept-Encoding
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8eb1613d6b305caa-FRA
access-control-allow-origin
*
server
cloudflare
pp.js
qfqbk.nxt-psh.com/ps/ 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qfqbk.nxt-psh.com/ps/pp.js?id=0Yid_sX9ik-RuOQ0JAUTvw
Requested by
Host: www.dclicks.site
URL: https://www.dclicks.site/e213n/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.20.211 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
625ca093079ca79ba036402cd726c4865bc1d8d1225da4265f56a5153add7a7e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
accept-ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OerQA0odcSMlY8QNIXY7GzKPJulAHEojLVUntAoxMAwEIgcEI5tnUVPOELDh8GMvNLgokpt1t%2F8Z5xwL8uNpkLDbTVYNvg%2B2o6%2B9IR77HYnqrCLyyZaGVnaMeh7d2udN5r7MJA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eb16142b890022d-CDG
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=41134&min_rtt=38542&rtt_var=19638&sent=7&recv=7&lost=0&retrans=0&sent_bytes=4004&recv_bytes=2171&delivery_rate=65177&cwnd=133&unsent_bytes=0&cid=fa3582c482bc65bb&ts=199&x=0"
date
Sun, 01 Dec 2024 07:31:50 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
ipp.js
qfqbk.ajscdn.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qfqbk.ajscdn.com/ipp.js?id=v492Teb3Dk6zc6fjGgYW2w&sub_id=175nbr
Requested by
Host: www.dclicks.site
URL: https://www.dclicks.site/e213n/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a1ec98dc87fde130f81f39bad133f26d10bc7c34d51661b82a1079587871d2e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
accept-ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8K7sUBsZd2KPdJVy5oEH5zuHGa80Wkc9rdSyLoXLcp2YvGudis%2BW0No9xBu65La1Jfj3t2dLby4qScKhXYRCR2%2BVOyPPUr1DqK5lYXSCM9dwATJEc64o4EZrueUdK%2FbTRh2E"}],"group":"cf-nel","max_age":604800}
cf-ray
8eb1613f191a8efb-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=42358&min_rtt=27455&rtt_var=20524&sent=7&recv=8&lost=0&retrans=0&sent_bytes=3978&recv_bytes=2158&delivery_rate=129943&cwnd=253&unsent_bytes=0&cid=262b0e3a437ac836&ts=148&x=0"
date
Sun, 01 Dec 2024 07:31:50 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
script.js
www.dclicks.site/e213n/js/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dclicks.site/e213n/js/script.js
Requested by
Host: www.dclicks.site
URL: https://www.dclicks.site/e213n/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.201.197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c50c1a2f85f42fdb9a94187a348db9d8ae0b9b1de1d82afdf9140e79be51c8b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.dclicks.site/e213n/index.php

Response headers

content-encoding
zstd
cf-cache-status
MISS
etag
W/"64e0daf2-3ab1"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wvy8iK%2BX%2FcxeIp%2F%2BWXZA7ua99bxGEkQ7xravlRZe9AHGtNE0liqjgrq7L7PRDdBquPRmCeeJ%2BO4ehc2M%2FrT5mdRzEYnoA4Ne7CLbxn93joZH0UIppvCiuK0uv1sLIt15TXnA"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=38617&min_rtt=21357&rtt_var=26477&sent=23&recv=15&lost=0&retrans=0&sent_bytes=10846&recv_bytes=2695&delivery_rate=117032&cwnd=256&unsent_bytes=0&cid=6fee47ec1c6cd82b&ts=481&x=0"
date
Sun, 01 Dec 2024 07:31:50 GMT
content-type
application/javascript
last-modified
Sat, 19 Aug 2023 15:08:34 GMT
vary
Accept-Encoding
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8eb1613d6b325caa-FRA
access-control-allow-origin
*
server
cloudflare
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat&subset=latin-ext
Requested by
Host: www.dclicks.site
URL: https://www.dclicks.site/e213n/css/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
ESF /
Resource Hash
d2985f60e922d8796396c202ffcb9f6f6c2a57f510cb49f9babf16d025c6b058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 01 Dec 2024 07:31:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 01 Dec 2024 07:31:50 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 01 Dec 2024 07:29:28 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
x.avifs
www.dclicks.site/e213n/images/ 		139 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dclicks.site/e213n/images/x.avifs
Requested by
Host: www.dclicks.site
URL: https://www.dclicks.site/e213n/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.201.197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ef49fb849705ba97928a9eeefa25d246567278a74b85f053842179ed2c6918f
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.dclicks.site/e213n/index.php

Response headers

cf-cache-status
DYNAMIC
etag
"6722304a-22bc1"
x-permitted-cross-domain-policies
master-only, master-only
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aJgCS3ihdCK6vTuPslZUhAf%2BAXdd3z7gFXL9ysbsJkBlD7G1uB2D1H3t87DoVOnTCmf%2BHRpCOy%2FLqvsJFtdLuW4GVtMqWPoVrH6bbtwZOx%2BqYmpk%2FnHR19LpBd2fXHrygaeA"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff, nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=40043&min_rtt=21357&rtt_var=2130&sent=32&recv=27&lost=0&retrans=0&sent_bytes=15637&recv_bytes=2852&delivery_rate=470158&cwnd=256&unsent_bytes=0&cid=6fee47ec1c6cd82b&ts=1106&x=0"
date
Sun, 01 Dec 2024 07:31:50 GMT
content-type
application/octet-stream
last-modified
Wed, 30 Oct 2024 13:10:34 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin, same-origin
cf-ray
8eb161419cdf5caa-FRA
accept-ranges
bytes
content-length
142273
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v29/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v29/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
1c9c85d0b73b7321eb8ed22e0b6bcd577478dd5f99d1379a5d4cea10884033ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.dclicks.site
Referer
https://fonts.googleapis.com/

Response headers

age
472815
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 25 Nov 2025 20:11:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 20:11:36 GMT
last-modified
Wed, 06 Nov 2024 17:30:39 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18792
x-xss-protection
0
server
sffe
favicon.ico
www.dclicks.site/e213n/ 		99 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.dclicks.site/e213n/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.201.197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3421d5dc43d6e5a7737267736e7e392c40269714995bb60dc5556f19d43300e0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.dclicks.site/e213n/index.php

Response headers

content-encoding
zstd
cf-cache-status
MISS
etag
W/"63483631-18da3"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2CR3bXXzJuxy2xbs9ibWORethAbzsPe93BRNcHSnJl9a4I9w7xE%2BFabTlH9Eiohx%2B0KjToADbfzrtPhx%2Fw8HTPURFHlMrfnRSdLtavHsR1qR2PKb8uCNlVLJTQEJPdhRWOeU"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=45625&min_rtt=21357&rtt_var=1157&sent=158&recv=68&lost=0&retrans=0&sent_bytes=159876&recv_bytes=2922&delivery_rate=1840557&cwnd=256&unsent_bytes=0&cid=6fee47ec1c6cd82b&ts=1792&x=0"
date
Sun, 01 Dec 2024 07:31:51 GMT
content-type
image/x-icon
last-modified
Thu, 13 Oct 2022 16:00:49 GMT
vary
Accept-Encoding
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8eb16145be515caa-FRA
access-control-allow-origin
*
server
cloudflare
ippfeed2
qfqbk.ajscdn.com/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://qfqbk.ajscdn.com/ippfeed2?id=v492Teb3Dk6zc6fjGgYW2w&p=https%3A//www.dclicks.site/e213n/index.php&nrid=88fccd571e84e8333d3cacb883df33c0&sub_id=175nbr
Requested by
Host: qfqbk.ajscdn.com
URL: https://qfqbk.ajscdn.com/ipp.js?id=v492Teb3Dk6zc6fjGgYW2w&sub_id=175nbr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c350789870e765c96e341b893d8bd121cb2fcfe86110cece3020f35c05df200

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
inppu
211bbe35-a16f-4f42-9b11-21b52b9e0382
Referer

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=49hTQStytKGakWszJS9lU5Zs2IUYCSevYjMAnczeBGmjnODF5fK6%2ByVR4Wjp1GpV%2FG5uSaIo3gUTH4Skze4nsHb2QBe02hlQqc4XseOI%2Ful4n7dWWLaDUdbcoMOMyAfA6Nea"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=41608&min_rtt=27455&rtt_var=19317&sent=21&recv=14&lost=0&retrans=0&sent_bytes=16494&recv_bytes=2446&delivery_rate=495194&cwnd=256&unsent_bytes=0&cid=262b0e3a437ac836&ts=3153&x=0"
date
Sun, 01 Dec 2024 07:31:53 GMT
content-type
application/json; charset=utf-8
vary
Origin
cache-control
max-age=0, no-cache, no-store, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
referrer-policy
no-referrer
cf-ray
8eb161512b978efb-FRA
access-control-allow-origin
https://www.dclicks.site
server
cloudflare
ippfeed2
qfqbk.ajscdn.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://qfqbk.ajscdn.com/ippfeed2?id=v492Teb3Dk6zc6fjGgYW2w&p=https%3A//www.dclicks.site/e213n/index.php&nrid=88fccd571e84e8333d3cacb883df33c0&sub_id=175nbr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
inppu
Access-Control-Request-Method
GET
Origin
https://www.dclicks.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
inppu
access-control-allow-methods
GET
access-control-allow-origin
https://www.dclicks.site
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8eb161508ec3dc99-FRA
date
Sun, 01 Dec 2024 07:31:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gVVTqtaGA3eEVpiXLVA5FaKTpeKcCR6DR4VKTAtGgYwHeyYtdOKBSFLn02oKKImKt%2BsdDIQ9dHWlDYfr8DcDXcXZX5co%2FgfYfUDkAL9wXLzmw8X2g3BA0tYZDeytsP%2FXlpcy"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=58811&min_rtt=53863&rtt_var=23733&sent=6&recv=6&lost=0&retrans=0&sent_bytes=3978&recv_bytes=2371&delivery_rate=71737&cwnd=237&unsent_bytes=0&cid=4b3ceab9620af967&ts=239&x=0"
x-nginx
filtered
css
fonts.googleapis.com/ 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700|Roboto:400,700&subset=cyrillic
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
ESF /
Resource Hash
c6710bd9e4f89f434d82297f4202f4e93b57df9049f016be41270ec171a0ced9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 01 Dec 2024 07:31:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 01 Dec 2024 07:31:53 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 01 Dec 2024 07:31:53 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
73787cd7d8d0f1954e12f7dff2d5e396b7cc930ed72a27ff15ebca30b72bd786

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
4f3ca810-a28f-4b8b-8c2a-0d3d6f97ba67.png
static.imghst-de.com/ Frame 86BB
Redirect Chain
  • https://inpp-ssp-trk.trkless.com/trk?s1=QgmRxgdVtwnpndqnSBOTP2USrV77qAuJkp48lKDmGLuTFNewcaLbuFmeDgBxacLZAhI%2FjIqZifayrmTv0QX7gATDDb7MD5SYL6qMcKOBN%2F8003owcNlmbyN2mIeAWk%2FvmmQflZz0z0%2BFSK54tBx6M...
  • https://static.imghst-de.com/4f3ca810-a28f-4b8b-8c2a-0d3d6f97ba67.png
3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.imghst-de.com/4f3ca810-a28f-4b8b-8c2a-0d3d6f97ba67.png
Protocol
H2
Server
172.67.73.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1ce7c50f04cd56f1717240e656a9a8901cbe8aec0b0416482dee3f44a855292

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status
HIT
etag
"66c88f9a-c9d"
age
837
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pq4hMwGqR763O1my09oMnRCsxIkrO3XvR8La%2BmSiaaLx1n1pM9qnT2udni028k8Z8dGROtXxmfiFH9XEfSLodhzFoBDdWgWn9jhtEScoOklz0cxHfNHKuobdAOOSJehOSmpMMTB%2F"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=24922&min_rtt=22826&rtt_var=8227&sent=7&recv=8&lost=0&retrans=0&sent_bytes=3975&recv_bytes=2301&delivery_rate=167766&cwnd=252&unsent_bytes=0&cid=56e147f7f03c70ad&ts=117&x=0"
date
Sun, 01 Dec 2024 07:31:54 GMT
content-type
image/png
last-modified
Fri, 23 Aug 2024 13:33:14 GMT
vary
Accept-Encoding
cache-control
max-age=691200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8eb1615678f2dbc3-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
3229
server
cloudflare

Redirect headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
location
https://static.imghst-de.com/4f3ca810-a28f-4b8b-8c2a-0d3d6f97ba67.png
cf-cache-status
DYNAMIC
accept-ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nG1kJ2vvmwyR8TF0t5ciClYf7AVPygPTAIk7q%2BpEf1TcVLO9dF5%2B03uRE8OSeeSxrfhLRx8pBRFvjo5c55CGHV7s2QlEDV8EkkZZea4n3Ue0BnKWgp%2Fz2NsgxClFTVlIB%2ByilqgmW8kKJaE%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy
no-referrer
cf-ray
8eb16154bf8b1c3c-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=37503&min_rtt=32187&rtt_var=12810&sent=7&recv=8&lost=0&retrans=0&sent_bytes=4008&recv_bytes=2919&delivery_rate=93545&cwnd=253&unsent_bytes=0&cid=8cc8f5b119dff2a6&ts=209&x=0"
content-length
0
date
Sun, 01 Dec 2024 07:31:53 GMT
server
cloudflare
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Roboto:400,700&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.dclicks.site
Referer
https://fonts.googleapis.com/

Response headers

age
411191
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 26 Nov 2025 13:18:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 13:18:42 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery function| getURLParameter function| replaceCustomParams function| __showPush function| __assign function| CountUp function| a0_0x5295

4 Cookies

Domain/Path Name / Value
qfqbk.ajscdn.com/ Name: __inppu
Value: 211bbe35-a16f-4f42-9b11-21b52b9e0382
www.dclicks.site/ Name: __inppu
Value: 211bbe35-a16f-4f42-9b11-21b52b9e0382
www.dclicks.site/ Name: inpp_TTN4_EXH2
Value: 1
www.dclicks.site/ Name: inpp_TTN4_EXH2_cap
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
dclicks.site
fonts.googleapis.com
fonts.gstatic.com
inpp-ssp-trk.trkless.com
qfqbk.ajscdn.com
qfqbk.nxt-psh.com
static.imghst-de.com
www.dclicks.site
104.21.20.211
142.250.184.234
142.250.185.195
142.250.185.202
172.67.145.143
172.67.201.197
172.67.73.113
188.114.96.3
0e74bcc05c436d6d3534dd4193fa1f29e3f109d328034e9bce6011a14731ec35
1c9c85d0b73b7321eb8ed22e0b6bcd577478dd5f99d1379a5d4cea10884033ac
2c350789870e765c96e341b893d8bd121cb2fcfe86110cece3020f35c05df200
3421d5dc43d6e5a7737267736e7e392c40269714995bb60dc5556f19d43300e0
3c50c1a2f85f42fdb9a94187a348db9d8ae0b9b1de1d82afdf9140e79be51c8b
5a1ec98dc87fde130f81f39bad133f26d10bc7c34d51661b82a1079587871d2e
5ef49fb849705ba97928a9eeefa25d246567278a74b85f053842179ed2c6918f
625ca093079ca79ba036402cd726c4865bc1d8d1225da4265f56a5153add7a7e
73787cd7d8d0f1954e12f7dff2d5e396b7cc930ed72a27ff15ebca30b72bd786
8060bb0d88184a326850e5a756f2306885da6aa0eefdb12524c881bcc38cfd84
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
a9c7de620de17d3edd06df7ad292c4317359dcef409be2b3c965dc62966c0a50
c6710bd9e4f89f434d82297f4202f4e93b57df9049f016be41270ec171a0ced9
d1ce7c50f04cd56f1717240e656a9a8901cbe8aec0b0416482dee3f44a855292
d2985f60e922d8796396c202ffcb9f6f6c2a57f510cb49f9babf16d025c6b058
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a