www.onclicksuper.com

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 3 HTTP transactions. The main IP is 35.190.8.27, located in Mountain View, United States and belongs to GOOGLE, US. The main domain is www.onclicksuper.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 24th 2020. Valid for: a year.

This is the only time www.onclicksuper.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3031::681c:a5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	35.190.8.27 35.190.8.27	15169 (GOOGLE) (GOOGLE)
3	2

1 2606:4700:3031::681c:a5 (United States)

ASN13335 (CLOUDFLARENET, US)

1.1265331.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.8.27 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 27.8.190.35.bc.googleusercontent.com

www.onclicksuper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	onclicksuper.com 1 redirects www.onclicksuper.com	3 KB
1	1265331.com 1.1265331.com	735 B
3	2

	Domain	Requested by
3	www.onclicksuper.com	1 redirects 1.1265331.com www.onclicksuper.com
1	1.1265331.com
3	2

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-09-27` - `2021-09-27`	a year	crt.sh
onclicksuper.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-24` - `2021-09-24`	a year	crt.sh

This page contains 1 frames:

Frame: https://www.onclicksuper.com/script/i.php?stamat=m%7C%2C%2CQiEqNjJioGU3BZ9GH0dEdHP3xP.b72%2CHoGFdB1kNtdVU3x88p4UW1t5PU_GYEh6fJ-727bQ0nK7lLmrJuprGvG1SyNvZOapjZQyoah-z871UkNZK2CsRqC6xMcpzW4tj8p4RfokqGziegYx-4NYB7NWSwG4Tq_QvnP95taAWpTu3qou_DcV0uEswqGZXko-fszbHvHeENDL4QQ8IsGlcyj-tdpdPJ8ouIu_5V2anZAv_Qi47cRMZBrxlA9tdisYQP3J9XVWvCEDBvg0yieyFhVjwVm0atVb4iRrlGXmY5d3Cdn5w-2m6NuRC1HbHLyBYOl-sac4umkaZH75fiRkRozSNauM0XSNf4jy_asmfD-PtoihIIXFquFP7ZE2tSTJ59r6BvMSWBRcuwXjx-i2BlkFAyqwYB9lvHXJ-ayEXtpwU9ZIwTkThG6fONWoNoFVT3SCWsXTbzYhvn0pcktOuv9Ea5O6tAf54OwLKYtYYQGv5x5LjKlHLQ%2C%2C
Frame ID: 91D4A339525A914350F86F871942ADE5
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://1.1265331.com/click?pid=347&offer_id=430&ref_id=f2d500d398fe49d19304271ad82ed158&sub1=2147... Page URL
https://www.onclicksuper.com/jump/next.php?r=3052727&pub_clickid=&sub1=pcpa1-347-2147254647-430-5e99c95d8... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

3
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

3 kB
Transfer

7 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://1.1265331.com/click?pid=347&offer_id=430&ref_id=f2d500d398fe49d19304271ad82ed158&sub1=2147254647 Page URL
https://www.onclicksuper.com/jump/next.php?r=3052727&pub_clickid=&sub1=pcpa1-347-2147254647-430-5e99c95d8fd9b7b4b7254a58 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://www.onclicksuper.com/jump/next.php?stamat=m%7CEio2Kq9jaQdH8AH0dEdHP3xP.610%2CS0kXXHXf2ck-DOZ9HRvwuM9aL_G46JdZU-2oa3bmXM-nTl5LwwnnE3nZwhaxLk8prijWsm0jcAFvZ8x_vHSEDZDuYn4Np6hidli2njvh2Rxkcnr5XVUyBZjSrFL21i4_&cbrandom=0.38528660463048503&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref= HTTP 302
https://www.onclicksuper.com/script/i.php?stamat=m%7C%2C%2CQiEqNjJioGU3BZ9GH0dEdHP3xP.b72%2CHoGFdB1kNtdVU3x88p4UW1t5PU_GYEh6fJ-727bQ0nK7lLmrJuprGvG1SyNvZOapjZQyoah-z871UkNZK2CsRqC6xMcpzW4tj8p4RfokqGziegYx-4NYB7NWSwG4Tq_QvnP95taAWpTu3qou_DcV0uEswqGZXko-fszbHvHeENDL4QQ8IsGlcyj-tdpdPJ8ouIu_5V2anZAv_Qi47cRMZBrxlA9tdisYQP3J9XVWvCEDBvg0yieyFhVjwVm0atVb4iRrlGXmY5d3Cdn5w-2m6NuRC1HbHLyBYOl-sac4umkaZH75fiRkRozSNauM0XSNf4jy_asmfD-PtoihIIXFquFP7ZE2tSTJ59r6BvMSWBRcuwXjx-i2BlkFAyqwYB9lvHXJ-ayEXtpwU9ZIwTkThG6fONWoNoFVT3SCWsXTbzYhvn0pcktOuv9Ea5O6tAf54OwLKYtYYQGv5x5LjKlHLQ%2C%2C

3 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	click Show response 1.1265331.com/	261 B 735 B	92ms 35ms	Document text/html	2606:4700:3031::681c:a5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://1.1265331.com/click?pid=347&offer_id=430&ref_id=f2d500d398fe49d19304271ad82ed158&sub1=2147254647 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681c:a5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7ffe2464ce2689c1f0ac953287a74a8abc1c93a8490ae9c784a281b27e9c8033` Request headers :method GET :authority 1.1265331.com :scheme https :path /click?pid=347&offer_id=430&ref_id=f2d500d398fe49d19304271ad82ed158&sub1=2147254647 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Sun, 15 Nov 2020 06:19:46 GMT content-type text/html; charset=utf-8 set-cookie __cfduid=d0e940cbb988d7043e406e6d2f2abbf351605421186; expires=Tue, 15-Dec-20 06:19:46 GMT; path=/; domain=.1265331.com; HttpOnly; SameSite=Lax cf-cache-status DYNAMIC cf-request-id 066c2854760000974eb3a6a000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZASfBLZy2Ivd57%2Fnz3WMBokfEQV7tcBdvZ2fcPv6CTKa4mYdX45WH7QwD2x%2B4X%2Fb5jUW7QCYXKG5de9lA5vNqhV09iiclrkaiwjJ1KibVJw%2FLyNv0iRiqoO7"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 5f26dccd8f02974e-FRA content-encoding br
GET H2	200	Primary Request next.php Show response www.onclicksuper.com/jump/	7 KB 3 KB	181ms 138ms	Document text/html	35.190.8.27 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.onclicksuper.com/jump/next.php?r=3052727&pub_clickid=&sub1=pcpa1-347-2147254647-430-5e99c95d8fd9b7b4b7254a58 Requested by Host: 1.1265331.com URL: https://1.1265331.com/click?pid=347&offer_id=430&ref_id=f2d500d398fe49d19304271ad82ed158&sub1=2147254647 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.8.27 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 27.8.190.35.bc.googleusercontent.com Software openresty / Resource Hash `e117b7e20f4b7c4b9a671392521dba7e07cbd1a8d21c5a8d6897831a9547f5b2` Request headers :method GET :authority www.onclicksuper.com :scheme https :path /jump/next.php?r=3052727&pub_clickid=&sub1=pcpa1-347-2147254647-430-5e99c95d8fd9b7b4b7254a58 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 server openresty date Sun, 15 Nov 2020 06:19:46 GMT content-type text/html; charset=utf-8 access-control-allow-origin * content-encoding gzip via 1.1 google alt-svc clear
GET H2	204	i.php www.onclicksuper.com/script/ Redirect Chain https://www.onclicksuper.com/jump/next.php?stamat=m%7CEio2Kq9jaQdH8AH0dEdHP3xP.610%2CS0kXXHXf2ck-DOZ9HRvwuM9aL_G46JdZU-2oa3bmXM-nTl5LwwnnE3nZwhaxLk8prijWsm0jcAFvZ8x_vHSEDZDuYn4Np6hidli2njvh2Rxkcnr5... https://www.onclicksuper.com/script/i.php?stamat=m%7C%2C%2CQiEqNjJioGU3BZ9GH0dEdHP3xP.b72%2CHoGFdB1kNtdVU3x88p4UW1t5PU_GYEh6fJ-727bQ0nK7lLmrJuprGvG1SyNvZOapjZQyoah-z871UkNZK2CsRqC6xMcpzW4tj8p4Rfokq...	0 0	147ms 146ms	Document text/plain	35.190.8.27 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.onclicksuper.com/script/i.php?stamat=m%7C%2C%2CQiEqNjJioGU3BZ9GH0dEdHP3xP.b72%2CHoGFdB1kNtdVU3x88p4UW1t5PU_GYEh6fJ-727bQ0nK7lLmrJuprGvG1SyNvZOapjZQyoah-z871UkNZK2CsRqC6xMcpzW4tj8p4RfokqGziegYx-4NYB7NWSwG4Tq_QvnP95taAWpTu3qou_DcV0uEswqGZXko-fszbHvHeENDL4QQ8IsGlcyj-tdpdPJ8ouIu_5V2anZAv_Qi47cRMZBrxlA9tdisYQP3J9XVWvCEDBvg0yieyFhVjwVm0atVb4iRrlGXmY5d3Cdn5w-2m6NuRC1HbHLyBYOl-sac4umkaZH75fiRkRozSNauM0XSNf4jy_asmfD-PtoihIIXFquFP7ZE2tSTJ59r6BvMSWBRcuwXjx-i2BlkFAyqwYB9lvHXJ-ayEXtpwU9ZIwTkThG6fONWoNoFVT3SCWsXTbzYhvn0pcktOuv9Ea5O6tAf54OwLKYtYYQGv5x5LjKlHLQ%2C%2C Requested by Host: www.onclicksuper.com URL: https://www.onclicksuper.com/jump/next.php?r=3052727&pub_clickid=&sub1=pcpa1-347-2147254647-430-5e99c95d8fd9b7b4b7254a58 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.8.27 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 27.8.190.35.bc.googleusercontent.com Software openresty / Resource Hash Request headers :method GET :authority www.onclicksuper.com :scheme https :path /script/i.php?stamat=m%7C%2C%2CQiEqNjJioGU3BZ9GH0dEdHP3xP.b72%2CHoGFdB1kNtdVU3x88p4UW1t5PU_GYEh6fJ-727bQ0nK7lLmrJuprGvG1SyNvZOapjZQyoah-z871UkNZK2CsRqC6xMcpzW4tj8p4RfokqGziegYx-4NYB7NWSwG4Tq_QvnP95taAWpTu3qou_DcV0uEswqGZXko-fszbHvHeENDL4QQ8IsGlcyj-tdpdPJ8ouIu_5V2anZAv_Qi47cRMZBrxlA9tdisYQP3J9XVWvCEDBvg0yieyFhVjwVm0atVb4iRrlGXmY5d3Cdn5w-2m6NuRC1HbHLyBYOl-sac4umkaZH75fiRkRozSNauM0XSNf4jy_asmfD-PtoihIIXFquFP7ZE2tSTJ59r6BvMSWBRcuwXjx-i2BlkFAyqwYB9lvHXJ-ayEXtpwU9ZIwTkThG6fONWoNoFVT3SCWsXTbzYhvn0pcktOuv9Ea5O6tAf54OwLKYtYYQGv5x5LjKlHLQ%2C%2C pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.onclicksuper.com/jump/next.php?r=3052727&pub_clickid=&sub1=pcpa1-347-2147254647-430-5e99c95d8fd9b7b4b7254a58 Response headers status 204 server openresty date Sun, 15 Nov 2020 06:19:46 GMT access-control-allow-origin * referrer-policy no-referrer via 1.1 google alt-svc clear Redirect headers status 302 server openresty date Sun, 15 Nov 2020 06:19:46 GMT content-type text/html; charset=utf-8 access-control-allow-origin * location https://www.onclicksuper.com/script/i.php?stamat=m%7C%2C%2CQiEqNjJioGU3BZ9GH0dEdHP3xP.b72%2CHoGFdB1kNtdVU3x88p4UW1t5PU_GYEh6fJ-727bQ0nK7lLmrJuprGvG1SyNvZOapjZQyoah-z871UkNZK2CsRqC6xMcpzW4tj8p4RfokqGziegYx-4NYB7NWSwG4Tq_QvnP95taAWpTu3qou_DcV0uEswqGZXko-fszbHvHeENDL4QQ8IsGlcyj-tdpdPJ8ouIu_5V2anZAv_Qi47cRMZBrxlA9tdisYQP3J9XVWvCEDBvg0yieyFhVjwVm0atVb4iRrlGXmY5d3Cdn5w-2m6NuRC1HbHLyBYOl-sac4umkaZH75fiRkRozSNauM0XSNf4jy_asmfD-PtoihIIXFquFP7ZE2tSTJ59r6BvMSWBRcuwXjx-i2BlkFAyqwYB9lvHXJ-ayEXtpwU9ZIwTkThG6fONWoNoFVT3SCWsXTbzYhvn0pcktOuv9Ea5O6tAf54OwLKYtYYQGv5x5LjKlHLQ%2C%2C via 1.1 google alt-svc clear

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.1265331.com
www.onclicksuper.com
2606:4700:3031::681c:a5
35.190.8.27
7ffe2464ce2689c1f0ac953287a74a8abc1c93a8490ae9c784a281b27e9c8033
e117b7e20f4b7c4b9a671392521dba7e07cbd1a8d21c5a8d6897831a9547f5b2

www.onclicksuper.com Open in urlscan Pro 35.190.8.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

3 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

3 kBTransfer

7 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

0 Cookies

Indicators

www.onclicksuper.com Open in urlscan Pro
35.190.8.27 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

3 kB
Transfer

7 kB
Size

0
Cookies

3 HTTP transactions
0 data transactions