oneclick2her.com Open in urlscan Pro
2606:4700:3034::ac43:c7ea Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://oneclick2her.com/12-939483-2
Effective URL:
https://oneclick2her.com/12-939483-2/
Submission: On February 24 via api (February 24th 2024, 9:34:39 pm UTC) from US — Scanned from US

Summary HTTP 25 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 7 IPs in 1 countries across 6 domains to perform 25 HTTP transactions. The main IP is 2606:4700:3034::ac43:c7ea, located in United States and belongs to CLOUDFLARENET, US. The main domain is oneclick2her.com.
TLS certificate: Issued by E1 on January 20th 2024. Valid for: 3 months.

This is the only time oneclick2her.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2606:4700:303... 2606:4700:3037::6815:4a3e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 17	2606:4700:303... 2606:4700:3034::ac43:c7ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:80b::200a	15169 (GOOGLE) (GOOGLE)
1	209.95.52.178 209.95.52.178	32780 (HOSTINGSE...) (HOSTINGSERVICES-INC)
3	54.230.163.37 54.230.163.37	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3033::ac43:cc70	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:80a::2003	15169 (GOOGLE) (GOOGLE)
2	3.21.78.51 3.21.78.51	16509 (AMAZON-02) (AMAZON-02)
25	7

2 2606:4700:3037::6815:4a3e (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

oneclick2her.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700:3034::ac43:c7ea (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

oneclick2her.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.95.52.178 (New York, United States)

ASN32780 (HOSTINGSERVICES-INC, US)
PTR: mail.traviskot45.tribeoftwo.com

zeniocloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.230.163.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-163-37.ewr53.r.cloudfront.net

static.production.push-sender.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:cc70 (United States)

ASN13335 (CLOUDFLARENET, US)

alexatracker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80a::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.21.78.51 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-21-78-51.us-east-2.compute.amazonaws.com

manager.production.push-sender.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	oneclick2her.com 3 redirects oneclick2her.com	5 MB
5	push-sender.com static.production.push-sender.com — Cisco Umbrella Rank: 259857 manager.production.push-sender.com — Cisco Umbrella Rank: 454852	14 KB
1	gstatic.com fonts.gstatic.com	35 KB
1	alexatracker.com alexatracker.com — Cisco Umbrella Rank: 218108	676 B
1	zeniocloud.com zeniocloud.com — Cisco Umbrella Rank: 240754	581 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 32	926 B
25	6

	Domain	Requested by
19	oneclick2her.com	3 redirects oneclick2her.com
3	static.production.push-sender.com	oneclick2her.com
2	manager.production.push-sender.com	static.production.push-sender.com
1	fonts.gstatic.com	fonts.googleapis.com
1	alexatracker.com	zeniocloud.com
1	zeniocloud.com	oneclick2her.com
1	fonts.googleapis.com	oneclick2her.com
25	7

This site contains links to these domains. Also see Links.

Domain
ads.trkgovo.com

Subject Issuer	Validity	Valid
oneclick2her.com E1	`2024-01-20` - `2024-04-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
zeniocloud.com R3	`2024-01-29` - `2024-04-28`	3 months	crt.sh
production.push-sender.com Amazon RSA 2048 M01	`2023-04-17` - `2024-05-16`	a year	crt.sh
alexatracker.com GTS CA 1P5	`2024-01-22` - `2024-04-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://oneclick2her.com/12-939483-2/
Frame ID: 42412E3B5E24E2494C80B22D6DDC4210
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Live Shows - Free Memberships

Page URL History Show full URLs

http://oneclick2her.com/12-939483-2 HTTP 301
https://oneclick2her.com/12-939483-2 HTTP 301
http://oneclick2her.com/12-939483-2/ HTTP 301
https://oneclick2her.com/12-939483-2/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

100 %
HTTPS

63 %
IPv6

6
Domains

7
Subdomains

7
IPs

1
Countries

4746 kB
Transfer

4989 kB
Size

1
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://ads.trkgovo.com/56d68193-0162-459a-999e-1f99cd71b0f7?campaign=&banner=

Search URL Search Domain Scan URL

URL: https://ads.trkgovo.com/480d3dda-b294-4f83-bc1a-59f031274a4f?campaign=&banner=

Search URL Search Domain Scan URL

URL: https://ads.trkgovo.com/click
Title: CONTINUE

Search URL Search Domain Scan URL

URL: https://ads.trkgovo.com/a675366d-eaa0-4189-b064-e3ffda0b288e?campaign=
Title: CREATE ACCOUNT

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://oneclick2her.com/12-939483-2 HTTP 301
https://oneclick2her.com/12-939483-2 HTTP 301
http://oneclick2her.com/12-939483-2/ HTTP 301
https://oneclick2her.com/12-939483-2/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
oneclick2her.com/12-939483-2/
Redirect Chain

http://oneclick2her.com/12-939483-2
https://oneclick2her.com/12-939483-2
http://oneclick2her.com/12-939483-2/
https://oneclick2her.com/12-939483-2/

8 KB
3 KB

236ms
235ms

Document
text/html

2606:4700:3034::ac43:c7ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://oneclick2her.com/12-939483-2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:c7ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd21855d6706a902cf7d6549277038ddb5acf969eb4c62bf5ee6943e16beff36

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85aad51979ce4bbd-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 24 Feb 2024 21:34:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bT7shN8UScBkYxIQKDMRSOhrg0sKhQ7%2Fx6SG3AkgcLw1sKDbBzKCmsI467dryx4o%2BxKrsFFEgmTgDSTP0onSy4vdD057lP4LfQ0ekrhlZxy1uTeVZOzmzRG%2FKKVEI0tPUUaIOoiZPDj%2FqnruucEU"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

CF-RAY: 85aad51939414bd3-BUF
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sat, 24 Feb 2024 21:34:24 GMT
Expires: Sat, 24 Feb 2024 22:34:24 GMT
Location: https://oneclick2her.com/12-939483-2/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B5aZE1ihOBAkW4xfBP5b9TtogcVTdzD81t83BONN1fHjUYNP7E5gvc%2FS5BkTHOi9lIrvRItOuHyGxcBZe4wdmcpQFT7leoN35dLHbhg2Z34arEqQ6RJh1V6bBQ0oMneCCypBcpHo1qZx4AJ%2BkWtH"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 3 KB
926 B 120ms
41ms Stylesheet
text/css 2607:f8b0:4006:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Archivo:400,600&display=swap

Requested by

Host: oneclick2her.com
URL: https://oneclick2her.com/12-939483-2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

361a92d6ce1dd2ec5b37747e35b240c34a76bc27a1ae59e23127542c929bcb0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://oneclick2her.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 24 Feb 2024 21:34:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 24 Feb 2024 21:34:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 24 Feb 2024 21:34:24 GMT

GET
H3 200 bootstrap.min.css
oneclick2her.com/12-939483-2/css/ 130 KB
21 KB 373ms
368ms Stylesheet
text/css 2606:4700:3034::ac43:c7ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://oneclick2her.com/12-939483-2/css/bootstrap.min.css?m=ec3bb52a00e176a7181d454dffaea219
Requested by: Host: oneclick2her.com
URL: https://oneclick2her.com/12-939483-2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:c7ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fee17c75536a340cb10ce48b700c22f3ee3e82be6367e851e375e9138e757fa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://oneclick2her.com/12-939483-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 21:34:24 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 21 Jun 2023 13:42:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bNRCoGHpFHFFV4OnAvnI4JwWb0%2FleKUcO%2BZpz2CSOVVRqUlnWvXpAqy2o5wiM8LpEv%2BL0mGe8zpD3Nt86pQTlsFAsa5%2BbDsdrkwQ4PiIxoD4xz7rO6Ni0P9v9JadXRZhyss2Bd6%2FQoKYBuFbsenJ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 85aad51b0c424bbd-BUF
alt-svc: h3=":443"; ma=86400
expires: Mon, 25 Mar 2024 21:34:24 GMT

GET
H3 200 styles.css
oneclick2her.com/12-939483-2/css/ 12 KB
3 KB 276ms
270ms Stylesheet
text/css 2606:4700:3034::ac43:c7ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://oneclick2her.com/12-939483-2/css/styles.css?m=2
Requested by: Host: oneclick2her.com
URL: https://oneclick2her.com/12-939483-2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:c7ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3b552f506fb5810045a11e8cb25411617203c7b2d0b645d1795326dc7df46cc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://oneclick2her.com/12-939483-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 21:34:24 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 21 Jun 2023 13:42:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fhgkb8qGdt2rlch9Rr%2BdIytC5RxccXMLn9ytywyQyoxOy2%2BblBgvmaJxM2OuQXp3ZJGdbOaDuj0WEdxAU0konmQ7iJ1DHj%2FHsl1Ocm5JBw41IFjUpfVupWjipAZ2f2htvPjeudrcEgiMjhBWnoQe"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 85aad51b0c434bbd-BUF
alt-svc: h3=":443"; ma=86400
expires: Mon, 25 Mar 2024 21:34:24 GMT

GET
H3 200 jquery.min.js Show response
oneclick2her.com/12-939483-2/js/ 85 KB
31 KB 402ms
396ms Script
text/javascript 2606:4700:3034::ac43:c7ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://oneclick2her.com/12-939483-2/js/jquery.min.js?m=c9f5aeeca3ad37bf2aa006139b935f0a
Requested by: Host: oneclick2her.com
URL: https://oneclick2her.com/12-939483-2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:c7ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language: en-US,en;q=0.9
Referer: https://oneclick2her.com/12-939483-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 21:34:24 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Wed, 21 Jun 2023 13:42:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h71Gz2TSiO41aUBX68s7T1X%2BhN4K%2BwN7Of9zsWgkXEQvcLpE8llkKidUw4Raj77Pcpx1N8nOkt9sFHZFrspzNR9TzGMzstaNr1qiufNSGHuIxYCpDw4h0UmErFgirSqMmUM7qgxl1RUgeP4nMkzj"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=2592000, private
cf-ray: 85aad51b0c454bbd-BUF
alt-svc: h3=":443"; ma=86400
expires: Mon, 25 Mar 2024 21:34:24 GMT

GET
H3 404 atlaslib.min.js
oneclick2her.com/12-939483-2/js/ 0
0 277ms
272ms Script
text/html 2606:4700:3034::ac43:c7ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://oneclick2her.com/12-939483-2/js/atlaslib.min.js
Requested by: Host: oneclick2her.com
URL: https://oneclick2her.com/12-939483-2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:c7ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://oneclick2her.com/12-939483-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 21:34:24 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XWS7I%2FdBT6CE%2BxB6eiYcmWbM5f8aelygQ6SNGcL6X327cU8SL0Fn%2BlGz9q1Z%2BTF3GoCkaUOdOm73FF%2BLuVG5kg8mGkTqYR9BXxSwN9ZByp5VjPdasRbdjcR9iX%2FSPetUbwbpQ1vzmWfVxHjWiCpL"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 85aad51b0c464bbd-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 404 vortex.modern.min.js
oneclick2her.com/12-939483-2/js/ 0
0 277ms
273ms Script
text/html 2606:4700:3034::ac43:c7ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://oneclick2her.com/12-939483-2/js/vortex.modern.min.js
Requested by: Host: oneclick2her.com
URL: https://oneclick2her.com/12-939483-2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:c7ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://oneclick2her.com/12-939483-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 21:34:24 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aYx0TXIxbWF8JE48ojkdzglaNnVyakEWEoY9bP3mXyHEg2sW7qxhk0LUDWnTSOG%2FLk6hKKW%2BgNROsWCCSnVI3t94Dk563vDbMDxCRzH%2FHjL3%2Fq3QPczNIrD3RCzTsbf1CA4OvFwJ%2FKGBLhVanonb"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 85aad51b0c494bbd-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 404 jsmpg.js
oneclick2her.com/12-939483-2/js/ 0
0 284ms
279ms Script
text/html 2606:4700:3034::ac43:c7ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://oneclick2her.com/12-939483-2/js/jsmpg.js?m=35bdfc73eda382f7319b2e44454066aa
Requested by: Host: oneclick2her.com
URL: https://oneclick2her.com/12-939483-2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:c7ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://oneclick2her.com/12-939483-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 21:34:24 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YcqHfru9GMDp%2BgO3jB%2B1PVGa7d1Vmr5DFeXyL83y2gA2fOTqaRtY37KV34ybJ2mnGbb7RAUUo5mKzu%2BN%2Btg8XFotHJ8ANFFKrtvenBx2QoV8VI0MBBF7lPZJr6w5K7TVKU7YLCqoD03rvw1w0DZU"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 85aad51b0c4b4bbd-BUF
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK JAIA.js Show response
zeniocloud.com/ 601 B
581 B 281ms
206ms Script
text/html 209.95.52.178
HOSTINGSERVICES-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://zeniocloud.com/JAIA.js?sub1=oneclick2her.com
Requested by: Host: oneclick2her.com
URL: https://oneclick2her.com/12-939483-2/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.95.52.178 New York, United States, ASN32780 (HOSTINGSERVICES-INC, US),
Reverse DNS: mail.traviskot45.tribeoftwo.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3e562df20faf402858023f72e71aa99d065391ae10ced1120bbd9912936ef334

Request headers

accept-language: en-US,en;q=0.9
Referer: https://oneclick2her.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 24 Feb 2024 21:34:24 GMT
Content-Encoding: gzip
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 subs_window.js Show response
static.production.push-sender.com/mng/ 19 KB
5 KB 157ms
27ms Script
application/javascript 54.230.163.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.production.push-sender.com/mng/subs_window.js?ver=1676635161
Requested by: Host: oneclick2her.com
URL: https://oneclick2her.com/12-939483-2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-37.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 19ae427423f173c2919b25f1b287e2cbbfae4c0c8f4c45c23ba2f916ab465fb8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://oneclick2her.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 08:13:06 GMT
content-encoding: gzip
via: 1.1 345e58b151dd5a8ce47c17921388574a.cloudfront.net (CloudFront)
last-modified: Thu, 08 Feb 2024 14:25:55 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C3
age: 48079
x-amz-server-side-encryption: AES256
etag: W/"2b3010e6d2440c83b9cfff48def5f0c1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 0rxJ_HeMy2X6t_tCoPA3EQLI0awa0eOwD_uNtG0Ew95F-W56WMsZyg==

GET
H2 200 subs_window.css
static.production.push-sender.com/mng/ 7 KB
2 KB 153ms
24ms Stylesheet
text/css 54.230.163.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.production.push-sender.com/mng/subs_window.css?ver=1676635161
Requested by: Host: oneclick2her.com
URL: https://oneclick2her.com/12-939483-2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-37.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b5afe8e6975d7c5970d6a7fb37bff4d0162e35baddbd37c8149c40a549e49d0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://oneclick2her.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 14:21:18 GMT
content-encoding: gzip
via: 1.1 345e58b151dd5a8ce47c17921388574a.cloudfront.net (CloudFront)
last-modified: Thu, 08 Feb 2024 14:25:55 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C3
age: 25987
x-amz-server-side-encryption: AES256
etag: W/"adb85744f96b502ad68d63ede0adcd4e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: hTScum5orSqBQQqy-66Xoee_ofAxWPCyA-dqiZ88wA0KB-LjUcNYpQ==

GET
H2 200 init.min.js Show response
static.production.push-sender.com/mng/channels/ 27 KB
5 KB 155ms
26ms Script
application/javascript 54.230.163.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.production.push-sender.com/mng/channels/init.min.js?ver=1676635161
Requested by: Host: oneclick2her.com
URL: https://oneclick2her.com/12-939483-2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-37.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 09c57ca60b3ff9fc47a5cf1b9c5eb52017bb130a3347af01be1d05ab1f7f91a0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://oneclick2her.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 09:49:23 GMT
content-encoding: gzip
via: 1.1 345e58b151dd5a8ce47c17921388574a.cloudfront.net (CloudFront)
last-modified: Thu, 08 Feb 2024 14:25:55 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C3
age: 42303
x-amz-server-side-encryption: AES256
etag: W/"8853549c3d94b135cff7696e087dc08f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: gLBUsKPf-yf34BZ8kbXtJCdQCvUgYdBT4vF2NKvBESW1I788r_lzYA==

GET
H3 200 5.png
oneclick2her.com/12-939483-2/images/ 2 KB
3 KB 40ms
37ms Image
image/png 2606:4700:3034::ac43:c7ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oneclick2her.com/12-939483-2/images/5.png
Requested by: Host: oneclick2her.com
URL: https://oneclick2her.com/12-939483-2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:c7ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4795fd3c56f253296fd8bb9234ab383c27bd7804cd661fa21eb84ea51017f1bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://oneclick2her.com/12-939483-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 21:34:24 GMT
cf-cache-status: HIT
last-modified: Wed, 21 Jun 2023 13:42:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1005476
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=36MbO736vcR4%2Bc0atMViHOR4dWmAny13zlRzHMgalZhzIFNCF4gFqhqoSHh4cwGMCh1lm2Ut96HsGq7PuryBdmzzkewDUrhqdC4qFFyrthGL3Wdb9ezFSm4o9emn2jEtjwJOt%2FRJBAe1gd2curHZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 85aad51b0c4d4bbd-BUF
alt-svc: h3=":443"; ma=86400
content-length: 2488
expires: Wed, 12 Feb 2025 06:16:28 GMT

GET
H3 200 29030183.webp
oneclick2her.com/12-939483-2/images/ 107 KB
107 KB 427ms
426ms Image
image/webp 2606:4700:3034::ac43:c7ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oneclick2her.com/12-939483-2/images/29030183.webp
Requested by: Host: oneclick2her.com
URL: https://oneclick2her.com/12-939483-2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:c7ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c8e9ee3380bce3b8477bef9f6ea2189ac476bd44e423f48ee703348f40cf3ac

Request headers

accept-language: en-US,en;q=0.9
Referer: https://oneclick2her.com/12-939483-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 21:34:24 GMT
cf-cache-status: MISS
last-modified: Wed, 21 Jun 2023 13:42:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vLNGkDiR8xGP5RtirjaggtpVwXi5dZ5pSSd22TO1UArIbyf5DKChQ9wHwkdngCwQsRboBWzz5Gf4NHaKgTQFJDjIj2hGFJ6FxbqnsIkhzmKw3Oj%2B7YBdGUjMZFkpWhAI8OxAAApE%2BRnRBYnEjqfM"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
cf-ray: 85aad51b0c4e4bbd-BUF
alt-svc: h3=":443"; ma=86400
expires: Sun, 23 Feb 2025 21:34:24 GMT

GET
H3 200 4_0.gif
oneclick2her.com/12-939483-2/images/ 4 MB
4 MB 497ms
497ms Image
image/gif 2606:4700:3034::ac43:c7ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oneclick2her.com/12-939483-2/images/4_0.gif
Requested by: Host: oneclick2her.com
URL: https://oneclick2her.com/12-939483-2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:c7ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e46dcf27c963f106a056c342320103b57b71b5ca057d8e2acbb1d62d61e866bd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://oneclick2her.com/12-939483-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 21:34:25 GMT
cf-cache-status: MISS
last-modified: Wed, 21 Jun 2023 13:42:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RQb5fsG1oyKBTjIcfxuk%2Bdzt18IMU3yMZQYBg0URhmVDO186k7xmCMLHbhpwcxNLYgT2%2Faaq3jx4ous3C8MVUZc2gv0paQe4GoRt910qRyJNpINl3uKiJPB7cKJxNsNpxJ8Ap3c3KjTsFktKhCRv"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 85aad51b5c9c4bbd-BUF
alt-svc: h3=":443"; ma=86400
content-length: 3813043
expires: Sun, 23 Feb 2025 21:34:24 GMT

GET
H3 200 bootstrap.min.js Show response
oneclick2her.com/12-939483-2/js/ 36 KB
11 KB 284ms
280ms Script
text/javascript 2606:4700:3034::ac43:c7ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://oneclick2her.com/12-939483-2/js/bootstrap.min.js?m=5869c96cc8f19086aee625d670d741f9
Requested by: Host: oneclick2her.com
URL: https://oneclick2her.com/12-939483-2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:c7ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://oneclick2her.com/12-939483-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 21:34:25 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Wed, 21 Jun 2023 13:42:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pGiFmIGn037KrTzCnuYEVPuKRdHDDbDqSh54uxzsDU7BccYA0kRfe5GGF7jNn8QNwFuSBPX6qG26yUzAZFSvcJFX5S1%2FsVFdhfFHgphqM88o3DeclLsALH9yBGg9LouZtNx%2BI1Fnvb%2BW%2BRbNY2Q6"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=2592000, private
cf-ray: 85aad51df8cd4bbd-BUF
alt-svc: h3=":443"; ma=86400
expires: Mon, 25 Mar 2024 21:34:25 GMT

GET
H3 200 main.js Show response
oneclick2her.com/12-939483-2/js/ 6 KB
4 KB 279ms
275ms Script
text/javascript 2606:4700:3034::ac43:c7ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://oneclick2her.com/12-939483-2/js/main.js?m=8e8b23dc29837ae8849f543734fb1809
Requested by: Host: oneclick2her.com
URL: https://oneclick2her.com/12-939483-2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:c7ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4309dac34f560152665f63965380a420dfa66682263395fa8d4c538e71ee18c9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://oneclick2her.com/12-939483-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 21:34:25 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Wed, 21 Jun 2023 13:42:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eDOV9qKKMKF%2BWV5Q3AqEKT5VLF01HHbyvqKdRh0nXI%2FPOOC2aC03tmq86E2LUf%2Ff3tPSgAaIMHoBJyYg7%2FvsYnp7JCd%2Fo8wnd8c37q3CzyZcZRCPxv8dPnPRxnXC%2FvlOogJMazmI7GrzRm1JKPAV"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=2592000, private
cf-ray: 85aad51df8ce4bbd-BUF
alt-svc: h3=":443"; ma=86400
expires: Mon, 25 Mar 2024 21:34:25 GMT

GET
H3 200 custom.js Show response
oneclick2her.com/12-939483-2/js/ 2 KB
1 KB 252ms
249ms Script
text/javascript 2606:4700:3034::ac43:c7ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://oneclick2her.com/12-939483-2/js/custom.js?m=2
Requested by: Host: oneclick2her.com
URL: https://oneclick2her.com/12-939483-2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:c7ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d1231042ba537716a832c49a7e0fa961416fd9ba7580599fbbd038aa6e71f07

Request headers

accept-language: en-US,en;q=0.9
Referer: https://oneclick2her.com/12-939483-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 21:34:25 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Wed, 21 Jun 2023 13:42:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ficwRLNh5Sb9C8pn5K0nhkjThq0Oj%2FA%2BBtZSBlyi6bD9hyx%2F%2Bu4LnvG%2FE9TVfR3oboIYvxBJX5Nv6G5Xga5KfvddQknaJUXXdZoazmBbUg8DOHEeVOnPkYrzlw0Cfat2wweGjudOIjutS66QZcw"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=2592000, private
cf-ray: 85aad51df8d14bbd-BUF
alt-svc: h3=":443"; ma=86400
expires: Mon, 25 Mar 2024 21:34:25 GMT

GET
H3 200 backoffer.js Show response
oneclick2her.com/12-939483-2/js/ 430 B
696 B 254ms
250ms Script
text/javascript 2606:4700:3034::ac43:c7ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://oneclick2her.com/12-939483-2/js/backoffer.js
Requested by: Host: oneclick2her.com
URL: https://oneclick2her.com/12-939483-2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:c7ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89266112a6c823b9c03dd5a32d8f1c5e9f4cbf4cf876b56c825781ea389d0800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://oneclick2her.com/12-939483-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 21:34:25 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Wed, 21 Jun 2023 13:42:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SHsXQ8t%2BkV25b03hx5CCuTvFB7cY5o4jUPQo7FxPNriXCA2CYEbf3qVxanaVjANQBU9RiS6YAxf3F9YO65sWior33kVDspY%2Fv9iArEjSUbg3HbEwsmogeJYUChKz8u54jGZyIUj5%2Fz6FkIK3OdH5"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=2592000, private
cf-ray: 85aad51df8d34bbd-BUF
alt-svc: h3=":443"; ma=86400
expires: Mon, 25 Mar 2024 21:34:25 GMT

GET
H2 200 JAIA.js Show response
alexatracker.com/jscode/ 0
676 B 641ms
280ms Script
application/json 2606:4700:3033::ac43:cc70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://alexatracker.com/jscode/JAIA.js?sub1=oneclick2her.com&sub2=&sub3=&sub4=&sub5=&prid=
Requested by: Host: zeniocloud.com
URL: https://zeniocloud.com/JAIA.js?sub1=oneclick2her.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:cc70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://oneclick2her.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Feb 2024 21:34:25 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2FY4t6TbQuM3x1df2xvlvMKW4NKnDamuCLbsTdIBA%2FmBjKqZlEd%2BZbWLa0tl2m5LFfGGuRXf473P5gu1IH2orTgSOkH6BeryIgaJL%2Be%2F75efyG2EEH8y2dz9R%2Bw1R7u7Cn0dynYefYsg70KF1Kg0"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 85aad5202e514bc7-BUF
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 k3kPo8UDI-1M0wlSV9XAw6lQkqWY8Q82sLydOxI.woff2
fonts.gstatic.com/s/archivo/v19/ 34 KB
35 KB 357ms
31ms Font
font/woff2 2607:f8b0:4006:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/archivo/v19/k3kPo8UDI-1M0wlSV9XAw6lQkqWY8Q82sLydOxI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo:400,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c59b09511f172d20fbf5feaf7aff9e844460cdb286d8930a1f546b39ed1a5e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://oneclick2her.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 07:48:39 GMT
x-content-type-options: nosniff
age: 222346
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35272
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:41:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Feb 2025 07:48:39 GMT

GET
H3 404 questions.json Show response
oneclick2her.com/12-939483-2/data/ 315 B
639 B 658ms
656ms XHR
text/html 2606:4700:3034::ac43:c7ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://oneclick2her.com/12-939483-2/data/questions.json
Requested by: Host: oneclick2her.com
URL: https://oneclick2her.com/12-939483-2/js/jquery.min.js?m=c9f5aeeca3ad37bf2aa006139b935f0a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:c7ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://oneclick2her.com/12-939483-2/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 21:34:25 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hn20K2FgW1sLiSSMyNcYL0G4YlflC8S31jhWBCaL%2F%2BW784XYjhGOblffd7YmKyHxkx9sF4iY4RFgx%2FN7PzFunM%2BMznHXVd82BP8pgGxaSOUpYhv41JEjfOD3njM%2BPf%2BmVwbOBc6k6CEOswkCMik1"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cf-ray: 85aad5202b524bbd-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 dark_1.jpg
oneclick2her.com/12-939483-2/images/ 784 KB
785 KB 643ms
641ms Image
image/jpeg 2606:4700:3034::ac43:c7ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oneclick2her.com/12-939483-2/images/dark_1.jpg
Requested by: Host: oneclick2her.com
URL: https://oneclick2her.com/12-939483-2/css/styles.css?m=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:c7ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f8fafb538368843ed56657411cae56180ae53c8b46646340b6641a2568e061d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://oneclick2her.com/12-939483-2/css/styles.css?m=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 21:34:25 GMT
cf-cache-status: MISS
last-modified: Wed, 21 Jun 2023 13:42:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=swO85Eqi4LG95dqmRz8IxZfPQm%2Fv0aQQaCByWv%2FT%2FQfDDPVmzvHxWYXJl2t1FR%2B1Qxy%2BbqDRa%2Fp6McDdsCtHs7HTmhIhhm6URKwU6c7gwLnuKwSO5O7uZfE8LjbnubZpMEqSYsFAngSBoEjxOsyC"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 85aad5204b814bbd-BUF
alt-svc: h3=":443"; ma=86400
content-length: 803101
expires: Sun, 23 Feb 2025 21:34:25 GMT

GET
H2 200 / Show response
manager.production.push-sender.com/api/v1/code-snippet/ 1 KB
1 KB 536ms
47ms Fetch
application/json 3.21.78.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://manager.production.push-sender.com/api/v1/code-snippet/

Requested by

Host: static.production.push-sender.com
URL: https://static.production.push-sender.com/mng/channels/init.min.js?ver=1676635161

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.21.78.51 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-21-78-51.us-east-2.compute.amazonaws.com

Software

gunicorn/19.9.0 /

Resource Hash

d8ddf07dd1165f9d694328f85d29b69590f9ff8f62709bca1957cd320d566cdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://oneclick2her.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Channel-Token: YjFiYTgyYzY5ZDliZmRmNTJhNDFmYTZiMGYzNWE0NGI9MTU0ODQ9Lz0x

Response headers

date: Sat, 24 Feb 2024 21:34:26 GMT
x-content-type-options: nosniff
referrer-policy: same-origin
server: gunicorn/19.9.0
x-frame-options: DENY
vary: Accept, Origin
content-type: application/json
allow: GET, POST, HEAD, OPTIONS
access-control-allow-origin: https://oneclick2her.com
access-control-allow-credentials: true
content-length: 1257

OPTIONS
H2 200 /
manager.production.push-sender.com/api/v1/code-snippet/ 0
0 174ms
37ms Preflight
text/html 3.21.78.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://manager.production.push-sender.com/api/v1/code-snippet/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.21.78.51 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-21-78-51.us-east-2.compute.amazonaws.com

Software

gunicorn/19.9.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: channel-token
Access-Control-Request-Method: GET
Origin: https://oneclick2her.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: accept, accept-encoding, authorization, content-type, origin, x-csrftoken, x-requested-with, X-Push-Channel-Id, Channel-Token
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://oneclick2her.com
access-control-max-age: 86400
content-length: 0
content-type: text/html; charset=utf-8
date: Sat, 24 Feb 2024 21:34:25 GMT
referrer-policy: same-origin
server: gunicorn/19.9.0
vary: Origin
x-content-type-options: nosniff

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			alexatracker.com/	1970-01-21 04:16:10	Name: trbarid Value: 76e8892730705c689ebe988380383b49bc990f7137fc781da2d86793048ed0fca%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22trbarid%22%3Bi%3A1%3Bi%3A7639884804176634081%3B%7D

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://oneclick2her.com/12-939483-2/js/atlaslib.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://oneclick2her.com/12-939483-2/js/vortex.modern.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://oneclick2her.com/12-939483-2/js/jsmpg.js?m=35bdfc73eda382f7319b2e44454066aa Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://oneclick2her.com/12-939483-2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://oneclick2her.com/12-939483-2/data/questions.json Message: Failed to load resource: the server responded with a status of 404 ()
other	error	URL: https://oneclick2her.com/12-939483-2/ Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alexatracker.com
fonts.googleapis.com
fonts.gstatic.com
manager.production.push-sender.com
oneclick2her.com
static.production.push-sender.com
zeniocloud.com
209.95.52.178
2606:4700:3033::ac43:cc70
2606:4700:3034::ac43:c7ea
2606:4700:3037::6815:4a3e
2607:f8b0:4006:80a::2003
2607:f8b0:4006:80b::200a
3.21.78.51
54.230.163.37
09c57ca60b3ff9fc47a5cf1b9c5eb52017bb130a3347af01be1d05ab1f7f91a0
0fee17c75536a340cb10ce48b700c22f3ee3e82be6367e851e375e9138e757fa
19ae427423f173c2919b25f1b287e2cbbfae4c0c8f4c45c23ba2f916ab465fb8
1b5afe8e6975d7c5970d6a7fb37bff4d0162e35baddbd37c8149c40a549e49d0
2f8fafb538368843ed56657411cae56180ae53c8b46646340b6641a2568e061d
361a92d6ce1dd2ec5b37747e35b240c34a76bc27a1ae59e23127542c929bcb0e
3d1231042ba537716a832c49a7e0fa961416fd9ba7580599fbbd038aa6e71f07
3e562df20faf402858023f72e71aa99d065391ae10ced1120bbd9912936ef334
4309dac34f560152665f63965380a420dfa66682263395fa8d4c538e71ee18c9
4795fd3c56f253296fd8bb9234ab383c27bd7804cd661fa21eb84ea51017f1bb
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
7c59b09511f172d20fbf5feaf7aff9e844460cdb286d8930a1f546b39ed1a5e1
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
89266112a6c823b9c03dd5a32d8f1c5e9f4cbf4cf876b56c825781ea389d0800
9c8e9ee3380bce3b8477bef9f6ea2189ac476bd44e423f48ee703348f40cf3ac
d3b552f506fb5810045a11e8cb25411617203c7b2d0b645d1795326dc7df46cc
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d8ddf07dd1165f9d694328f85d29b69590f9ff8f62709bca1957cd320d566cdd
dd21855d6706a902cf7d6549277038ddb5acf969eb4c62bf5ee6943e16beff36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46dcf27c963f106a056c342320103b57b71b5ca057d8e2acbb1d62d61e866bd

oneclick2her.com Open in urlscan Pro 2606:4700:3034::ac43:c7ea Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

100 %HTTPS

63 %IPv6

6 Domains

7 Subdomains

7 IPs

1 Countries

4746 kBTransfer

4989 kBSize

1 Cookies

4 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

1 Cookies

6 Console Messages

Indicators

oneclick2her.com Open in urlscan Pro
2606:4700:3034::ac43:c7ea Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

100 %
HTTPS

63 %
IPv6

6
Domains

7
Subdomains

7
IPs

1
Countries

4746 kB
Transfer

4989 kB
Size

1
Cookies

25 HTTP transactions
0 data transactions