s.openclicks.info Open in urlscan Pro
2a04:3542:1000:910:80c8:eeff:fe8b:487b  Public Scan

Submitted URL: https://4370.2477april2024.com/hiFBCIE5OA_iZtczvVjGKSFMl9kRvoHRdvwGOc2VE8wTN8-X99wCoc6HW9RmfIeSkY5QIKV4jqm6euuzHOKnYRyKmKalubyK...
Effective URL: https://s.openclicks.info/iq_test2?flow=sms&tid=641t9teyx9rn3sgtz9n8ccwwg,17815871,5,3829&ctrack=1724406289.2444245488&p=3...
Submission: On August 23 via api from US — Scanned from NL

Summary

This website contacted 8 IPs in 6 countries across 11 domains to perform 20 HTTP transactions. The main IP is 2a04:3542:1000:910:80c8:eeff:fe8b:487b, located in Madrid, Spain and belongs to UPCLOUD, FI. The main domain is s.openclicks.info.
TLS certificate: Issued by E6 on July 29th 2024. Valid for: 3 months.
This is the only time s.openclicks.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
10 s.openclicks.info t.krampenpampe.com
s.openclicks.info
3 t.krampenpampe.com www.fencsingspade.autos
3 www.fencsingspade.autos 2 redirects
2 tencheckit.xyz
1 region1.google-analytics.com www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com s.openclicks.info
1 www.googletagmanager.com s.openclicks.info
1 1d6ceb3b060.terrifictc.net 1 redirects
1 cddtsecure.com 1 redirects
1 4370.2477april2024.com 1 redirects
20 11

This site contains no links.

Subject Issuer Validity Valid
tencheckit.xyz
R11
2024-08-22 -
2024-11-20
3 months crt.sh
www.fencsingspade.autos
R10
2024-07-30 -
2024-10-28
3 months crt.sh
krampenpampe.com
WE1
2024-07-13 -
2024-10-11
3 months crt.sh
*.openclicks.info
E6
2024-07-29 -
2024-10-27
3 months crt.sh
*.google-analytics.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
upload.video.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.gstatic.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh

This page contains 1 frames:

Primary Page: https://s.openclicks.info/iq_test2?flow=sms&tid=641t9teyx9rn3sgtz9n8ccwwg,17815871,5,3829&ctrack=1724406289.2444245488&p=3829&pi=17412&click_id=964f53913a0c499587175da9f55780d41653b&media_type=mainstream
Frame ID: 56AC9391F55CA68132D03341253EE5B7
Requests: 20 HTTP requests in this frame

Screenshot

Page Title

Gefeliciteerd!

Page URL History Show full URLs

  1. https://4370.2477april2024.com/hiFBCIE5OA_iZtczvVjGKSFMl9kRvoHRdvwGOc2VE8wTN8-X99wCoc6HW9RmfIeSkY5QIKV4jqm6... HTTP 307
    https://tencheckit.xyz/go/8286/3?subid2={hostId} Page URL
  2. https://www.fencsingspade.autos/?sl=5836314-07e4d&pub_click_id=148uc1sv000o4&site=8286&pub_sub_id=%7BhostId%7D Page URL
  3. https://www.fencsingspade.autos/?sl=5836314-07e4d&pub_click_id=148uc1sv000o4&site=8286&pub_sub_id=%7BhostId%... HTTP 302
    https://www.fencsingspade.autos/?sl=5836314-07e4d&pub_click_id=148uc1sv000o4&site=8286&pub_sub_id=%7BhostId%... HTTP 302
    https://t.krampenpampe.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=3475917196948279440 Page URL
  4. https://cddtsecure.com/?a=17412&c=238825&s1=24589&s3=371812&s2=24082311_01_371812_bcb7164914edb HTTP 302
    https://1d6ceb3b060.terrifictc.net/?p=3829&media_type=mainstream&click_id=964f53913a0c499587175da9f55780d41653b... HTTP 302
    https://s.openclicks.info/iq_test2?flow=sms&tid=641t9teyx9rn3sgtz9n8ccwwg,17815871,5,3829&ctrack=17244... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

20
Requests

100 %
HTTPS

64 %
IPv6

11
Domains

11
Subdomains

8
IPs

6
Countries

485 kB
Transfer

874 kB
Size

30
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://4370.2477april2024.com/hiFBCIE5OA_iZtczvVjGKSFMl9kRvoHRdvwGOc2VE8wTN8-X99wCoc6HW9RmfIeSkY5QIKV4jqm6euuzHOKnYRyKmKalubyKcgMfT75OLKBKjH2QS9tXs30E0dqKHQ?kws=embed&abl=0&fsb=0&pageUri=https%3A%2F%2Fhdporn92.com&referer=&bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Wi...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1 HTTP 307
    https://tencheckit.xyz/go/8286/3?subid2={hostId} Page URL
  2. https://www.fencsingspade.autos/?sl=5836314-07e4d&pub_click_id=148uc1sv000o4&site=8286&pub_sub_id=%7BhostId%7D Page URL
  3. https://www.fencsingspade.autos/?sl=5836314-07e4d&pub_click_id=148uc1sv000o4&site=8286&pub_sub_id=%7BhostId%7D&eyeg=245fc23c3f288a396a469bb72abc1c1f&eyer=0.7888380080268302&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef= HTTP 302
    https://www.fencsingspade.autos/?sl=5836314-07e4d&pub_click_id=148uc1sv000o4&site=8286&pub_sub_id=%7BhostId%7D&eyeg=3&eyer=0.7888380080268302&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef= HTTP 302
    https://t.krampenpampe.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=3475917196948279440 Page URL
  4. https://cddtsecure.com/?a=17412&c=238825&s1=24589&s3=371812&s2=24082311_01_371812_bcb7164914edb HTTP 302
    https://1d6ceb3b060.terrifictc.net/?p=3829&media_type=mainstream&click_id=964f53913a0c499587175da9f55780d41653b&pi=17412 HTTP 302
    https://s.openclicks.info/iq_test2?flow=sms&tid=641t9teyx9rn3sgtz9n8ccwwg,17815871,5,3829&ctrack=1724406289.2444245488&p=3829&pi=17412&click_id=964f53913a0c499587175da9f55780d41653b&media_type=mainstream Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://4370.2477april2024.com/hiFBCIE5OA_iZtczvVjGKSFMl9kRvoHRdvwGOc2VE8wTN8-X99wCoc6HW9RmfIeSkY5QIKV4jqm6euuzHOKnYRyKmKalubyKcgMfT75OLKBKjH2QS9tXs30E0dqKHQ?kws=embed&abl=0&fsb=0&pageUri=https%3A%2F%2Fhdporn92.com&referer=&bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Wi...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1 HTTP 307
  • https://tencheckit.xyz/go/8286/3?subid2={hostId}
Request Chain 3
  • https://www.fencsingspade.autos/?sl=5836314-07e4d&pub_click_id=148uc1sv000o4&site=8286&pub_sub_id=%7BhostId%7D&eyeg=245fc23c3f288a396a469bb72abc1c1f&eyer=0.7888380080268302&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef= HTTP 302
  • https://www.fencsingspade.autos/?sl=5836314-07e4d&pub_click_id=148uc1sv000o4&site=8286&pub_sub_id=%7BhostId%7D&eyeg=3&eyer=0.7888380080268302&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef= HTTP 302
  • https://t.krampenpampe.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=3475917196948279440

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
3
tencheckit.xyz/go/8286/
Redirect Chain
  • https://4370.2477april2024.com/hiFBCIE5OA_iZtczvVjGKSFMl9kRvoHRdvwGOc2VE8wTN8-X99wCoc6HW9RmfIeSkY5QIKV4jqm6euuzHOKnYRyKmKalubyKcgMfT75OLKBKjH2QS9tXs30E0dqKHQ?kws=embed&abl=0&fsb=0&pageUri=https%3A%...
  • https://tencheckit.xyz/go/8286/3?subid2={hostId}
335 B
872 B
Document
General
Full URL
https://tencheckit.xyz/go/8286/3?subid2={hostId}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.209.226.54 , Netherlands, ASN204601 (ON-LINE-DATA, NL),
Reverse DNS
vm4923262.25ssd.had.wf
Software
nginx/1.18.0 (Ubuntu) / PHP/7.2.34-8+ubuntu20.04.1+deb.sury.org+1
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Encoding
identity
Content-Length
335
Content-Type
text/html; charset=utf-8
Date
Fri, 23 Aug 2024 09:44:47 GMT
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified
Fri, 23 Aug 2024 09:44:47 GMT
Pragma
no-cache
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
PHP/7.2.34-8+ubuntu20.04.1+deb.sury.org+1

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime
31536000
access-control-allow-credentials
true
access-control-allow-origin
*
access-control-max-age
86400
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 23 Aug 2024 09:44:47 GMT
expires
Fri, 23 Aug 2024 09:44:47 UTC
last-modified
Fri, 23 Aug 2024 09:44:47 UTC
location
https://tencheckit.xyz/go/8286/3?subid2={hostId}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
pragma
no-cache
referrer-policy
no-referrer
server
nginx
/
www.fencsingspade.autos/
4 KB
4 KB
Document
General
Full URL
https://www.fencsingspade.autos/?sl=5836314-07e4d&pub_click_id=148uc1sv000o4&site=8286&pub_sub_id=%7BhostId%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.81.31 , United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
99b2da1591073a75821a797398078410c6cdcd4f8137ec62c9b0b888431c682e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Accept-CH
Sec-CH-UA-Platform-Version
Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Fri, 23 Aug 2024 09:44:47 GMT
Transfer-Encoding
chunked
favicon.ico
tencheckit.xyz/
0
170 B
Other
General
Full URL
https://tencheckit.xyz/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.209.226.54 , Netherlands, ASN204601 (ON-LINE-DATA, NL),
Reverse DNS
vm4923262.25ssd.had.wf
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 23 Aug 2024 09:44:47 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
/
t.krampenpampe.com/directclick/
Redirect Chain
  • https://www.fencsingspade.autos/?sl=5836314-07e4d&pub_click_id=148uc1sv000o4&site=8286&pub_sub_id=%7BhostId%7D&eyeg=245fc23c3f288a396a469bb72abc1c1f&eyer=0.7888380080268302&eyei=0&eyew=1600&eyeh=12...
  • https://www.fencsingspade.autos/?sl=5836314-07e4d&pub_click_id=148uc1sv000o4&site=8286&pub_sub_id=%7BhostId%7D&eyeg=3&eyer=0.7888380080268302&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=
  • https://t.krampenpampe.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=3475917196948279440
25 KB
9 KB
Document
General
Full URL
https://t.krampenpampe.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=3475917196948279440
Requested by
Host: www.fencsingspade.autos
URL: https://www.fencsingspade.autos/?sl=5836314-07e4d&pub_click_id=148uc1sv000o4&site=8286&pub_sub_id=%7BhostId%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa9b786830763f90435645cb9740d00cb6a8eb9f2ed2e6e3397497f9f7284b29

Request headers

Referer
https://www.fencsingspade.autos/?sl=5836314-07e4d&pub_click_id=148uc1sv000o4&site=8286&pub_sub_id=%7BhostId%7D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8b7a2a84acab5cb0-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 23 Aug 2024 09:44:48 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kRfqHKwe7QOM5metpChS1KFHblNGkvF8PtyEnjgcT1kENZd7KO6VU19C7rmsBllO1HQHy5QTpoy976YXoE12iQGjsdkQCH4An02%2BaP76SVWalRVi%2FhzlGlLCdjr2FakzpVzl7WE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

Cache-Control
no-transform
Connection
keep-alive
Content-Length
0
Date
Fri, 23 Aug 2024 09:44:48 GMT
Location
https://t.krampenpampe.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=3475917196948279440
Primary Request iq_test2
s.openclicks.info/
Redirect Chain
  • https://cddtsecure.com/?a=17412&c=238825&s1=24589&s3=371812&s2=24082311_01_371812_bcb7164914edb
  • https://1d6ceb3b060.terrifictc.net/?p=3829&media_type=mainstream&click_id=964f53913a0c499587175da9f55780d41653b&pi=17412
  • https://s.openclicks.info/iq_test2?flow=sms&tid=641t9teyx9rn3sgtz9n8ccwwg,17815871,5,3829&ctrack=1724406289.2444245488&p=3829&pi=17412&click_id=964f53913a0c499587175da9f55780d41653b&media_type=main...
14 KB
8 KB
Document
General
Full URL
https://s.openclicks.info/iq_test2?flow=sms&tid=641t9teyx9rn3sgtz9n8ccwwg,17815871,5,3829&ctrack=1724406289.2444245488&p=3829&pi=17412&click_id=964f53913a0c499587175da9f55780d41653b&media_type=mainstream
Requested by
Host: t.krampenpampe.com
URL: https://t.krampenpampe.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=3475917196948279440
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a04:3542:1000:910:80c8:eeff:fe8b:487b Madrid, Spain, ASN202053 (UPCLOUD, FI),
Reverse DNS
Software
/
Resource Hash
0431326b2b35bdf07102267aa4ecd86eae79bd7817067834541d516be35e16e0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 23 Aug 2024 09:44:49 GMT
log-id
5c25453e-9ec7-46e4-af1e-4557086cebf5
vary
Accept-Encoding

Redirect headers

content-type
text/html; charset=UTF-8
date
Fri, 23 Aug 2024 09:44:49 GMT
location
https://s.openclicks.info/iq_test2?flow=sms&tid=641t9teyx9rn3sgtz9n8ccwwg,17815871,5,3829&ctrack=1724406289.2444245488&p=3829&pi=17412&click_id=964f53913a0c499587175da9f55780d41653b&media_type=mainstream
favicon.ico
t.krampenpampe.com/
108 B
520 B
Other
General
Full URL
https://t.krampenpampe.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 09:44:48 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7gSlyWigwqZxRAp7gC8%2BDICy%2BrAHHHIpzBDJ2Rx1mHn%2BgZWHXOaHyseq85wJZj55xQHa9OaQL2F85A2g%2BzRvGGeUi1Qvm6NgpxQno3QcmB9v4kVXrUzFt0h6iLc%2FcH6VcuIhwLQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
8b7a2a89495b5cb0-FRA
alt-svc
h3=":443"; ma=86400
favicon.ico
t.krampenpampe.com/
108 B
0
Other
General
Full URL
https://t.krampenpampe.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 09:44:48 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7gSlyWigwqZxRAp7gC8%2BDICy%2BrAHHHIpzBDJ2Rx1mHn%2BgZWHXOaHyseq85wJZj55xQHa9OaQL2F85A2g%2BzRvGGeUi1Qvm6NgpxQno3QcmB9v4kVXrUzFt0h6iLc%2FcH6VcuIhwLQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
8b7a2a89495b5cb0-FRA
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/
273 KB
94 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2V6DGFRPKP
Requested by
Host: s.openclicks.info
URL: https://s.openclicks.info/iq_test2?flow=sms&tid=641t9teyx9rn3sgtz9n8ccwwg,17815871,5,3829&ctrack=1724406289.2444245488&p=3829&pi=17412&click_id=964f53913a0c499587175da9f55780d41653b&media_type=mainstream
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f834236fe6152ba114d1f6f66ae1774991b6392ea0705d08dd22f2a18d87a83e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://s.openclicks.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 09:44:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96339
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 23 Aug 2024 09:44:49 GMT
css2
fonts.googleapis.com/
1 KB
903 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Archivo:wght@100..900&display=swap
Requested by
Host: s.openclicks.info
URL: https://s.openclicks.info/iq_test2?flow=sms&tid=641t9teyx9rn3sgtz9n8ccwwg,17815871,5,3829&ctrack=1724406289.2444245488&p=3829&pi=17412&click_id=964f53913a0c499587175da9f55780d41653b&media_type=mainstream
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0273f2e75d5e4a9c51e6cfb82861a3b966c512a8da68e95099f26c6ec97dd10c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://s.openclicks.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 23 Aug 2024 09:44:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 23 Aug 2024 09:44:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 23 Aug 2024 09:44:49 GMT
app.css
s.openclicks.info/css/offers/iq_test2/
3 KB
1 KB
Stylesheet
General
Full URL
https://s.openclicks.info/css/offers/iq_test2/app.css?id=d3f0203d5f5be414d14e5f6219a7867b
Requested by
Host: s.openclicks.info
URL: https://s.openclicks.info/iq_test2?flow=sms&tid=641t9teyx9rn3sgtz9n8ccwwg,17815871,5,3829&ctrack=1724406289.2444245488&p=3829&pi=17412&click_id=964f53913a0c499587175da9f55780d41653b&media_type=mainstream
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a04:3542:1000:910:80c8:eeff:fe8b:487b Madrid, Spain, ASN202053 (UPCLOUD, FI),
Reverse DNS
Software
/
Resource Hash
858a78925f062b495a27eaa02f3b6588828d854af5a7acf78e7cdc1bfcc42e3a

Request headers

Referer
https://s.openclicks.info/iq_test2?flow=sms&tid=641t9teyx9rn3sgtz9n8ccwwg,17815871,5,3829&ctrack=1724406289.2444245488&p=3829&pi=17412&click_id=964f53913a0c499587175da9f55780d41653b&media_type=mainstream
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Fri, 23 Aug 2024 09:44:49 GMT
content-encoding
gzip
last-modified
Tue, 20 Aug 2024 08:29:38 GMT
etag
W/"66c453f2-ddf"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
expires
Sat, 23 Aug 2025 09:44:49 GMT
puzzle.png
s.openclicks.info/img/offers/iq_test2/
5 KB
5 KB
Image
General
Full URL
https://s.openclicks.info/img/offers/iq_test2/puzzle.png
Requested by
Host: s.openclicks.info
URL: https://s.openclicks.info/iq_test2?flow=sms&tid=641t9teyx9rn3sgtz9n8ccwwg,17815871,5,3829&ctrack=1724406289.2444245488&p=3829&pi=17412&click_id=964f53913a0c499587175da9f55780d41653b&media_type=mainstream
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a04:3542:1000:910:80c8:eeff:fe8b:487b Madrid, Spain, ASN202053 (UPCLOUD, FI),
Reverse DNS
Software
/
Resource Hash
d646bd618a65a9e488e2d30ae799d10447bb3ba7a3c4a969ff09de06d2c280ce

Request headers

Referer
https://s.openclicks.info/iq_test2?flow=sms&tid=641t9teyx9rn3sgtz9n8ccwwg,17815871,5,3829&ctrack=1724406289.2444245488&p=3829&pi=17412&click_id=964f53913a0c499587175da9f55780d41653b&media_type=mainstream
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Fri, 23 Aug 2024 09:44:49 GMT
last-modified
Tue, 20 Aug 2024 08:29:38 GMT
etag
"66c453f2-1268"
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
4712
expires
Sat, 23 Aug 2025 09:44:49 GMT
laptop.webp
s.openclicks.info/img/offers/iq_test2/
220 KB
220 KB
Image
General
Full URL
https://s.openclicks.info/img/offers/iq_test2/laptop.webp
Requested by
Host: s.openclicks.info
URL: https://s.openclicks.info/iq_test2?flow=sms&tid=641t9teyx9rn3sgtz9n8ccwwg,17815871,5,3829&ctrack=1724406289.2444245488&p=3829&pi=17412&click_id=964f53913a0c499587175da9f55780d41653b&media_type=mainstream
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a04:3542:1000:910:80c8:eeff:fe8b:487b Madrid, Spain, ASN202053 (UPCLOUD, FI),
Reverse DNS
Software
/
Resource Hash
dd31fbf72786f5e458f69bde6d6c1a02697ab7e682e90b8d620faa44fbdcb517

Request headers

Referer
https://s.openclicks.info/iq_test2?flow=sms&tid=641t9teyx9rn3sgtz9n8ccwwg,17815871,5,3829&ctrack=1724406289.2444245488&p=3829&pi=17412&click_id=964f53913a0c499587175da9f55780d41653b&media_type=mainstream
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 09:44:49 GMT
last-modified
Tue, 20 Aug 2024 08:29:38 GMT
accept-ranges
bytes
etag
"66c453f2-37086"
content-length
225414
content-type
image/webp
brains.png
s.openclicks.info/img/offers/iq_test2/
4 KB
5 KB
Image
General
Full URL
https://s.openclicks.info/img/offers/iq_test2/brains.png
Requested by
Host: s.openclicks.info
URL: https://s.openclicks.info/iq_test2?flow=sms&tid=641t9teyx9rn3sgtz9n8ccwwg,17815871,5,3829&ctrack=1724406289.2444245488&p=3829&pi=17412&click_id=964f53913a0c499587175da9f55780d41653b&media_type=mainstream
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a04:3542:1000:910:80c8:eeff:fe8b:487b Madrid, Spain, ASN202053 (UPCLOUD, FI),
Reverse DNS
Software
/
Resource Hash
f643af623e28368725ef7d618d980e052ce9201e4399fd72f9353ba32ab4286f

Request headers

Referer
https://s.openclicks.info/iq_test2?flow=sms&tid=641t9teyx9rn3sgtz9n8ccwwg,17815871,5,3829&ctrack=1724406289.2444245488&p=3829&pi=17412&click_id=964f53913a0c499587175da9f55780d41653b&media_type=mainstream
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Fri, 23 Aug 2024 09:44:49 GMT
last-modified
Tue, 20 Aug 2024 08:29:38 GMT
etag
"66c453f2-1146"
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
4422
expires
Sat, 23 Aug 2025 09:44:49 GMT
cash.png
s.openclicks.info/img/offers/iq_test2/
3 KB
3 KB
Image
General
Full URL
https://s.openclicks.info/img/offers/iq_test2/cash.png
Requested by
Host: s.openclicks.info
URL: https://s.openclicks.info/iq_test2?flow=sms&tid=641t9teyx9rn3sgtz9n8ccwwg,17815871,5,3829&ctrack=1724406289.2444245488&p=3829&pi=17412&click_id=964f53913a0c499587175da9f55780d41653b&media_type=mainstream
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a04:3542:1000:910:80c8:eeff:fe8b:487b Madrid, Spain, ASN202053 (UPCLOUD, FI),
Reverse DNS
Software
/
Resource Hash
594067042cdbd19b4be737bbf547f2bab5aabf92e60592c7a17271ff0517672f

Request headers

Referer
https://s.openclicks.info/iq_test2?flow=sms&tid=641t9teyx9rn3sgtz9n8ccwwg,17815871,5,3829&ctrack=1724406289.2444245488&p=3829&pi=17412&click_id=964f53913a0c499587175da9f55780d41653b&media_type=mainstream
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Fri, 23 Aug 2024 09:44:49 GMT
last-modified
Tue, 20 Aug 2024 08:29:38 GMT
etag
"66c453f2-abb"
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
2747
expires
Sat, 23 Aug 2025 09:44:49 GMT
growth.png
s.openclicks.info/img/offers/iq_test2/
2 KB
2 KB
Image
General
Full URL
https://s.openclicks.info/img/offers/iq_test2/growth.png
Requested by
Host: s.openclicks.info
URL: https://s.openclicks.info/iq_test2?flow=sms&tid=641t9teyx9rn3sgtz9n8ccwwg,17815871,5,3829&ctrack=1724406289.2444245488&p=3829&pi=17412&click_id=964f53913a0c499587175da9f55780d41653b&media_type=mainstream
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a04:3542:1000:910:80c8:eeff:fe8b:487b Madrid, Spain, ASN202053 (UPCLOUD, FI),
Reverse DNS
Software
/
Resource Hash
cc0bd9f92cd2353fead82a4b502c72cb1ef370ceba8921355e4c219f56fd3b37

Request headers

Referer
https://s.openclicks.info/iq_test2?flow=sms&tid=641t9teyx9rn3sgtz9n8ccwwg,17815871,5,3829&ctrack=1724406289.2444245488&p=3829&pi=17412&click_id=964f53913a0c499587175da9f55780d41653b&media_type=mainstream
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Fri, 23 Aug 2024 09:44:49 GMT
last-modified
Tue, 20 Aug 2024 08:29:38 GMT
etag
"66c453f2-72a"
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
1834
expires
Sat, 23 Aug 2025 09:44:49 GMT
verified.png
s.openclicks.info/img/offers/iq_test2/
4 KB
4 KB
Image
General
Full URL
https://s.openclicks.info/img/offers/iq_test2/verified.png
Requested by
Host: s.openclicks.info
URL: https://s.openclicks.info/iq_test2?flow=sms&tid=641t9teyx9rn3sgtz9n8ccwwg,17815871,5,3829&ctrack=1724406289.2444245488&p=3829&pi=17412&click_id=964f53913a0c499587175da9f55780d41653b&media_type=mainstream
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a04:3542:1000:910:80c8:eeff:fe8b:487b Madrid, Spain, ASN202053 (UPCLOUD, FI),
Reverse DNS
Software
/
Resource Hash
39f9a4fdb28c198c413c7b09016508f23fc82d9790f48c586daed29065db9bb8

Request headers

Referer
https://s.openclicks.info/iq_test2?flow=sms&tid=641t9teyx9rn3sgtz9n8ccwwg,17815871,5,3829&ctrack=1724406289.2444245488&p=3829&pi=17412&click_id=964f53913a0c499587175da9f55780d41653b&media_type=mainstream
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Fri, 23 Aug 2024 09:44:49 GMT
last-modified
Tue, 20 Aug 2024 08:29:38 GMT
etag
"66c453f2-e49"
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3657
expires
Sat, 23 Aug 2025 09:44:49 GMT
app.js
s.openclicks.info/js/
0
207 B
Script
General
Full URL
https://s.openclicks.info/js/app.js?id=d41d8cd98f00b204e9800998ecf8427e
Requested by
Host: s.openclicks.info
URL: https://s.openclicks.info/iq_test2?flow=sms&tid=641t9teyx9rn3sgtz9n8ccwwg,17815871,5,3829&ctrack=1724406289.2444245488&p=3829&pi=17412&click_id=964f53913a0c499587175da9f55780d41653b&media_type=mainstream
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a04:3542:1000:910:80c8:eeff:fe8b:487b Madrid, Spain, ASN202053 (UPCLOUD, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.openclicks.info/iq_test2?flow=sms&tid=641t9teyx9rn3sgtz9n8ccwwg,17815871,5,3829&ctrack=1724406289.2444245488&p=3829&pi=17412&click_id=964f53913a0c499587175da9f55780d41653b&media_type=mainstream
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Fri, 23 Aug 2024 09:44:49 GMT
last-modified
Tue, 20 Aug 2024 08:29:38 GMT
etag
"66c453f2-0"
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
0
expires
Sat, 23 Aug 2025 09:44:49 GMT
app.js
s.openclicks.info/js/offers/iq_test2/
281 KB
92 KB
Script
General
Full URL
https://s.openclicks.info/js/offers/iq_test2/app.js?id=3e8203ac6bbdd684f8fab2899976353a
Requested by
Host: s.openclicks.info
URL: https://s.openclicks.info/iq_test2?flow=sms&tid=641t9teyx9rn3sgtz9n8ccwwg,17815871,5,3829&ctrack=1724406289.2444245488&p=3829&pi=17412&click_id=964f53913a0c499587175da9f55780d41653b&media_type=mainstream
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a04:3542:1000:910:80c8:eeff:fe8b:487b Madrid, Spain, ASN202053 (UPCLOUD, FI),
Reverse DNS
Software
/
Resource Hash
78e296ceffd0bee903d7cc6ef0dc5a69c6ec8d99eba70984f801ad4ea1691aab

Request headers

Referer
https://s.openclicks.info/iq_test2?flow=sms&tid=641t9teyx9rn3sgtz9n8ccwwg,17815871,5,3829&ctrack=1724406289.2444245488&p=3829&pi=17412&click_id=964f53913a0c499587175da9f55780d41653b&media_type=mainstream
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Fri, 23 Aug 2024 09:44:49 GMT
content-encoding
gzip
last-modified
Tue, 20 Aug 2024 08:29:38 GMT
etag
W/"66c453f2-46432"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
expires
Sat, 23 Aug 2025 09:44:49 GMT
k3kPo8UDI-1M0wlSV9XAw6lQkqWY8Q82sLydOxI.woff2
fonts.gstatic.com/s/archivo/v19/
34 KB
35 KB
Font
General
Full URL
https://fonts.gstatic.com/s/archivo/v19/k3kPo8UDI-1M0wlSV9XAw6lQkqWY8Q82sLydOxI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Archivo:wght@100..900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c59b09511f172d20fbf5feaf7aff9e844460cdb286d8930a1f546b39ed1a5e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s.openclicks.info
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 13:58:18 GMT
x-content-type-options
nosniff
age
243991
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35272
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:41:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Aug 2025 13:58:18 GMT
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-2V6DGFRPKP&gtm=45je48l0v880168263za200&_p=1724406289466&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=521444609.1724406290&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1724406289&sct=1&seg=0&dl=https%3A%2F%2Fs.openclicks.info%2Fiq_test2%3Fflow%3Dsms%26tid%3D641t9teyx9rn3sgtz9n8ccwwg%2C17815871%2C5%2C3829%26ctrack%3D1724406289.2444245488%26p%3D3829%26pi%3D17412%26click_id%3D964f53913a0c499587175da9f55780d41653b%26media_type%3Dmainstream&dt=Gefeliciteerd!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.ab=a&ep.flow=sms&ep.offer=iq_test2&ep.prize=iphone-15-pro&ep.category=sms_win&ep.p=3829&tfd=1037
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2V6DGFRPKP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://s.openclicks.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Aug 2024 09:44:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://s.openclicks.info
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer object| pd_options object| view object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

30 Cookies

Domain/Path Name / Value
tencheckit.xyz/ Name: mobitck
Value: 1
.krampenpampe.com/ Name: checkkeks
Value: 1
.krampenpampe.com/ Name: eTag
Value: 99e6c0587ff09f7947da52dbb97a7d2a
.krampenpampe.com/ Name: ck_uniques
Value: 1724492687%3A24589-115227
.krampenpampe.com/ Name: ck_uniquesPa
Value: 1724492687%3A103655
.krampenpampe.com/ Name: ck_sys_uniques_3
Value: 1
.krampenpampe.com/ Name: u_current_ads_view
Value: 103655----
.cddtsecure.com/ Name: gdm_uid_v1_1_001
Value: 4Q3MZ6/i5aD4E3o97usAZw9U/Qywp1ZX5FUgnLvspbXCTgGZpqqAH4QjZo0No90V
.cddtsecure.com/ Name: gdm_click_adv_freq_v2_1_001
Value: Noe/5evDT0YYJOp2kg0BwVWUNSwBpzM5O2unsrVU6+lZ4dwQ1qJBJad2W/8kJqSw
.cddtsecure.com/ Name: gdm_click_freq_v1_1_001
Value: eYIN9Q4iC2bqWLzCP8g4H6hwadj6VBNK/I7zIPw3XUCTzUo/8Zxz7bA4CK2M6qm5
.cddtsecure.com/ Name: gdm_uid_v2_1_001
Value: 4Q3MZ6/i5aD4E3o97usAZw9U/Qywp1ZX5FUgnLvspbXCTgGZpqqAH4QjZo0No90V
.cddtsecure.com/ Name: gdm_sid_v1_3_001
Value: WPb10DndcngJJp3xm9FoIga196cmrdBrxd4YftJAwJC6EmjWR+pBuDgvM5dxtyHXAO+DvQ1faUASvTGgeylA9wX1s4hZDOms3SIeT93g4ExGZCvrPRLzo3kWgWc/Ktd1ZRfm130dL9GtsBFArFP0HbQPw3uBYfX+QGULy/bAwMmGddVLBUQkCNMB49hM3tZMfY3FwpAlPy38phHtuV29owWBVSEBQMfg7XONYXceXLwA5SHjahNWAZIszoHOm1YKjyCUouajoyQW/tSXGnQuEsHX4JDEAJN183xbtkSiwf8D2XIt9uD4WPRvXx3cX3s0z2DZ4vxxpWYXUq2xtKcxN3Gd4TwS9RjFryBp47ZkWO/txnDXT1qqC5aFP5INf9CJ+xFSb0GNt0W04NiiscnwbqyIRdh4rqe/AebcXVgP99WjQCa0kVrRmLTI132Vp9Q4e8SKkfgudxbO72mNfSE+Bc7vy0JMGyP0mWZF5gQ2xceyobEdeMXwCSnrBuVAMZzlhYIUneOGrC7U5UsekLCN07eFP8Vf5lR54gxFhZpoCoATK4AAz/kJawgKE1N9+EsP1NEovEjcLxKFKdf1kB/s4jIrmRLySVJUfGHqZIo7DVTPqn2nSZr89WWlWqP4PvqPSn2LUMYTLcnoFHZ9L262A7vDDETDEhHybV2hrH6AcW67gLpNDmhyFsMyq+ziRjNLV690tFdt3f09NZH3QEi19pwaWADiA65l1VVwRD9IBZHomWeDYLuvIvP48fx5AyR+9376isJiSlKYwz0+vckTqsc1vOTVRwQmree5/NdiIp8o6uWm3QD3YiJOKJT1HelzULjB1nBCTki/2wvPoPl2X7qx10ALaBhmaS0f3SNMin3Fdp3cq7nD5k4axSognwo4dUxGDyaMOrGtB0NsJ0rnQjDZJpB6+Ox9czf1N0ZhBa4w+K0LOwseJA6IMM66gPgimLrnR82R0HPV7b2nqFiWURYW6Qfa6E4vQZNhMVN3cYJseUxErYm+QCMhc0vyKwJZJgqJxJo2dONiMtyytt+2bLU0r8JC2+b2bm5+q2DR4caAZbYlmO/qjywok9L6S57aRDflXS2U53eTSs5MZGEAlPGI8satquXgUMocr8EWz/g=
.cddtsecure.com/ Name: gdm_suid_v2_1_001
Value: HPfHs3OFxkaNOwO68jCjbQ==
.cddtsecure.com/ Name: gdm_sid_v2_3_001
Value: WPb10DndcngJJp3xm9FoIga196cmrdBrxd4YftJAwJC6EmjWR+pBuDgvM5dxtyHXAO+DvQ1faUASvTGgeylA9wX1s4hZDOms3SIeT93g4ExGZCvrPRLzo3kWgWc/Ktd1ZRfm130dL9GtsBFArFP0HbQPw3uBYfX+QGULy/bAwMmGddVLBUQkCNMB49hM3tZMfY3FwpAlPy38phHtuV29owWBVSEBQMfg7XONYXceXLwA5SHjahNWAZIszoHOm1YKjyCUouajoyQW/tSXGnQuEsHX4JDEAJN183xbtkSiwf8D2XIt9uD4WPRvXx3cX3s0z2DZ4vxxpWYXUq2xtKcxN3Gd4TwS9RjFryBp47ZkWO/txnDXT1qqC5aFP5INf9CJ+xFSb0GNt0W04NiiscnwbqyIRdh4rqe/AebcXVgP99WjQCa0kVrRmLTI132Vp9Q4e8SKkfgudxbO72mNfSE+Bc7vy0JMGyP0mWZF5gQ2xceyobEdeMXwCSnrBuVAMZzlhYIUneOGrC7U5UsekLCN07eFP8Vf5lR54gxFhZpoCoATK4AAz/kJawgKE1N9+EsP1NEovEjcLxKFKdf1kB/s4jIrmRLySVJUfGHqZIo7DVTPqn2nSZr89WWlWqP4PvqPSn2LUMYTLcnoFHZ9L262A7vDDETDEhHybV2hrH6AcW67gLpNDmhyFsMyq+ziRjNLV690tFdt3f09NZH3QEi19pwaWADiA65l1VVwRD9IBZHomWeDYLuvIvP48fx5AyR+9376isJiSlKYwz0+vckTqsc1vOTVRwQmree5/NdiIp8o6uWm3QD3YiJOKJT1HelzULjB1nBCTki/2wvPoPl2X7qx10ALaBhmaS0f3SNMin3Fdp3cq7nD5k4axSognwo4dUxGDyaMOrGtB0NsJ0rnQjDZJpB6+Ox9czf1N0ZhBa4w+K0LOwseJA6IMM66gPgimLrnR82R0HPV7b2nqFiWURYW6Qfa6E4vQZNhMVN3cYJseUxErYm+QCMhc0vyKwJZJgqJxJo2dONiMtyytt+2bLU0r8JC2+b2bm5+q2DR4caAZbYlmO/qjywok9L6S57aRDflXS2U53eTSs5MZGEAlPGI8satquXgUMocr8EWz/g=
.cddtsecure.com/ Name: gdm_click_adv_freq_v1_1_001
Value: Noe/5evDT0YYJOp2kg0BwVWUNSwBpzM5O2unsrVU6+lZ4dwQ1qJBJad2W/8kJqSw
.cddtsecure.com/ Name: gdm_click_freq_v2_1_001
Value: eYIN9Q4iC2bqWLzCP8g4H6hwadj6VBNK/I7zIPw3XUCTzUo/8Zxz7bA4CK2M6qm5
.cddtsecure.com/ Name: gdm_suid_v1_1_001
Value: HPfHs3OFxkaNOwO68jCjbQ==
.1d6ceb3b060.terrifictc.net/ Name: rts-trck
Value: 1
.terrifictc.net/ Name: t-uuid
Value: 641t9tez0ajqffxjzcigcg40o
.terrifictc.net/ Name: ab
Value: B
.terrifictc.net/ Name: traffic-visited-domain
Value: openclicks.info
.terrifictc.net/ Name: traffic-back-ivr
Value: ok
s.openclicks.info/ Name: XSRF-TOKEN
Value: eyJpdiI6IkxpVGRtaVhhN1prZXcxM05RQTNUVXc9PSIsInZhbHVlIjoibm1sSWZBS3IxbFdXYUpZMjB6UmFGSFJaZDZnVStzQjVlTk5JVGI2OGFkUTgxbGl1L0kyVkVlQ2pnb1RYQnN6dzNHQm9Zbml3NVROREdjZ01wdDFoMjJFemI3ZkRYMGJlTUNSUzg3ay9BWSthOHZ1RVhnTDE3OUJPTlVJWjNMc0siLCJtYWMiOiI5OGExZGVhYjhjOWFjYTYzYTdjNGU3ZDA0NTFkNmJiMDYwNDFmMDYzNDI3ZmMxNDQ2MmVmZDc2MDQwOGM1ZDQ2IiwidGFnIjoiIn0%3D
s.openclicks.info/ Name: ivr_offers_session
Value: eyJpdiI6Im1IbHltb2xEYS9MRFBxYmZaWXRudVE9PSIsInZhbHVlIjoiejZxOTdBdVZaTHkzZFBjQ1JPclJ0Y09SMlpNK1l0TEN4K0RsU2NoNGZCS0Z1MVBWR05JRTdqUXE0bGtaeUgyTU45NG14VnR1ZG4zbUxVaU41RURSMStoUVJnM2VJY21Wc3ROZ1Mzb0Rmdnljd2FuV3Z3OXdGaUZFMHdMUjMyTEIiLCJtYWMiOiJhNDExOTU1MmJkNjQ2ZDM1NmVlZDk5YWVkZDE1ZjE4YTMzZTNhZGQxNGU5NjBiMGVkOTNlYWQ4Njk1YTI2ODk1IiwidGFnIjoiIn0%3D
s.openclicks.info/ Name: domain-trk
Value: eyJpdiI6ImZTWHFxWkVNUTM0S09qZS94L0hQWVE9PSIsInZhbHVlIjoiaFV0NUhkY3dVR2l4ME4vZHhWdExvZGpZRnZIYldXSmxpeVZBSGxUU0tpOTA5bEdTVnN6dTFjUi9DYTMvc1NqaiIsIm1hYyI6ImEyODIwMmQ0MTAyNDllNGY0OTI2ZTRmNDdlYzc4ZGIwZjNlNjcyNDZhYTRmMDNkMjcxN2ZiZmI0OGRiOGJlMzQiLCJ0YWciOiIifQ%3D%3D
s.openclicks.info/ Name: SESS_TRAF
Value: eyJpdiI6IkF4NTZXQVdWb1F2dDAxVkRmeEV1c2c9PSIsInZhbHVlIjoiTFVlb1hKQ3U0U2JIY3VIN09iODRlT1c1aDBObzlDUmhRaUd0SjIzbzIwSWRoVGt0RjExQ09GTXpZbmdYeVFDS3dhTnZScFFLWUJUcDBVZVlPL2YwUFRZT0Z3UkZrbS9SbEJMREJlMVk1YS9taXlLaEYycDB0cEh5N1lVd1VoWmZKdGhIR0c3OC9xVWJJY2llOThhSVdmSU14NVZiVS92bFBSbjdJSmdxbTlKNUR5ZStMUFlkMGlrWm13THBnaEhnSGsveDcwVTdtOEt1Z0g4NE5LVTZFaXdpQTBNRm1xQU9oTm1oSDBad0ljZGttT3ltWDQrVTg5WW1TL1hFM09XSlBURVFQZ2VHZnpTTExBY2JxTk9LRE5rZUJSejVXbGpjalVkQ1Mvcm5KMGNWdWlLZnZSMVB4UXE1WHh6OTdyUDIiLCJtYWMiOiIyZmEzZTA1Y2FmNGIxZDQ3ODZlOTZmZGZkNTVjZWFhZWQ3ZDdiYjQ4YWZmZmZhNmZjNWQ0MTFmMTY1NTg0ZDQ5IiwidGFnIjoiIn0%3D
s.openclicks.info/ Name: visit
Value: eyJpdiI6Ik5kUzZObUZ4b21lVDF5c3ZDZXU4UXc9PSIsInZhbHVlIjoibmExRUN2M3ZXWTRYUUxhOXpyKzBSSUo3WkE0a3VOZ095Z1JCRDNKLzF5bWp1NlZkbHdSVWgzb1daaGhENUlFKyIsIm1hYyI6IjdlMjJhYTY3ZDIyYzMzZDY3NmNiYTA2MWE4Njc5ZDI0ZmYxNzliZTk3NWE2YmUwOWRkYjdiYzYzNGYzNjJiMDAiLCJ0YWciOiIifQ%3D%3D
s.openclicks.info/ Name: HyGsvZCKBamFoMRVTZZ3lzBWFV7pY0f7R135K5sr
Value: eyJpdiI6IkgrVjJPVThFNGNXaGwvMk5DMTN6T2c9PSIsInZhbHVlIjoiWk5SaDdHUkRZMWh3V1dtWXcyUU1aaG5uTFgwZlEzeFhHRS9SUXE4MndPZnRHclYyamFScFd4VEJrcTduUkNlL0VtZHl0ZWVicGlKcjNOUDRISjZQT3VFZEFVS05hb0JoWTVkb2lYeFdNVTlkaVJLbFpRaVdqQ1p4ZktmeFpPUWFnTVlBVGVyWlRxRjNSQ1kwQVhPRCtSV2VUUnpzbFJlcUdHeVVaUzZJcGduS09BOGZWQVJGRGxGMjJTRDA1STRkMzRlZ0REM3orUjdMcW12a05ubTZoRFRlR2xTbklXWmhyMlllSStiYzdyRElnQXNOWWxxWDJpRGdmUWpJSFcySkVONVpMa29sOCtwbEY4UmNVTDNkOFE0TjBDL3RtUUtRaEpIVUFtUXpUbXFaYTN5MGEzOFAyRzJDeC9mRkdTVVZzMGtBZ0NmTStmOGQzNTlaZzR4bVEzTWxNUEZVbTlsLzJ1bFkyUWo1Y1l6TGNSRk4zWUx3MkoxODlzWm8rTFdTMTVhbnhKVGxtT2RsTElVLzJGalJHd3RFdWJxbjZlaERpZjZKRmZtemF5MUYzK1pJUHJSM2F5YXNFZG8ra29lWTRMNnZFU0toQmIzSU14M3ZnbERtQU9adWpSMWxVdWlrZVdjTzE5d0RNa2x2TENpQStnUExHN2s1ZFVHc21KVWd6clhHRExDejNHTFVPbWh4OGg5SDdHQktXdGl0RDh6S0pJS1crQXRTOG5HUCtKVlVTdytYQTl1Z0ZuRnlQaTU1cWVPRWVXWitQSzhUcG5hTGlkektwdFN2NGdWaVJQdHVORWNoSW1jZTdLRT0iLCJtYWMiOiJlZTU5ZjlhZjZkMjIwMzJlMjUwMGIzMmEyNmU3YTFkZmU2MWJlNDc3ZjI0ZTQxNTk2ZWJjNmYyNTc3NDgzNzcwIiwidGFnIjoiIn0%3D
.openclicks.info/ Name: _ga_2V6DGFRPKP
Value: GS1.1.1724406289.1.0.1724406289.0.0.0
.openclicks.info/ Name: _ga
Value: GA1.1.521444609.1724406290

2 Console Messages

Source Level URL
Text
network error URL: https://t.krampenpampe.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://t.krampenpampe.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1d6ceb3b060.terrifictc.net
4370.2477april2024.com
cddtsecure.com
fonts.googleapis.com
fonts.gstatic.com
region1.google-analytics.com
s.openclicks.info
t.krampenpampe.com
tencheckit.xyz
www.fencsingspade.autos
www.googletagmanager.com
188.114.97.3
2001:4860:4802:32::36
2a00:1450:4001:813::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2008
2a04:3542:1000:910:80c8:eeff:fe8b:487b
2a04:3542:1000:910:80c8:eeff:fe8b:6d38
2a05:d018:e36:3930:79ad:a8c2:ca10:5e73
51.68.81.31
88.208.22.3
91.209.226.54
0273f2e75d5e4a9c51e6cfb82861a3b966c512a8da68e95099f26c6ec97dd10c
0431326b2b35bdf07102267aa4ecd86eae79bd7817067834541d516be35e16e0
39f9a4fdb28c198c413c7b09016508f23fc82d9790f48c586daed29065db9bb8
594067042cdbd19b4be737bbf547f2bab5aabf92e60592c7a17271ff0517672f
78e296ceffd0bee903d7cc6ef0dc5a69c6ec8d99eba70984f801ad4ea1691aab
7c59b09511f172d20fbf5feaf7aff9e844460cdb286d8930a1f546b39ed1a5e1
858a78925f062b495a27eaa02f3b6588828d854af5a7acf78e7cdc1bfcc42e3a
99b2da1591073a75821a797398078410c6cdcd4f8137ec62c9b0b888431c682e
cc0bd9f92cd2353fead82a4b502c72cb1ef370ceba8921355e4c219f56fd3b37
d646bd618a65a9e488e2d30ae799d10447bb3ba7a3c4a969ff09de06d2c280ce
dd31fbf72786f5e458f69bde6d6c1a02697ab7e682e90b8d620faa44fbdcb517
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f643af623e28368725ef7d618d980e052ce9201e4399fd72f9353ba32ab4286f
f834236fe6152ba114d1f6f66ae1774991b6392ea0705d08dd22f2a18d87a83e
fa9b786830763f90435645cb9740d00cb6a8eb9f2ed2e6e3397497f9f7284b29