Submitted URL: https://vzoj.omnicamp1.com/link/62e4159532d12a001cf2358d/62e3ec9b89c48e001a86a1c0/62bc27cfc00a20001c0ab6d9?signature=1187e6...
Effective URL: https://430aln1.com/clk.trk?CID=442138&AFID=490343&SID=paul.w.eastman@ampf.com&SID2=unitedforprofit.com&SID3=B&SID4=...
Submission: On July 29 via manual from US — Scanned from DE

Summary

This website contacted 1 IPs in 1 countries across 4 domains to perform 1 HTTP transactions. The main IP is 40.113.236.107, located in Des Moines, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is 430aln1.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 2nd 2022. Valid for: a year.
This is the only time 430aln1.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 50.97.244.203 36351 (SOFTLAYER)
1 40.113.236.107 8075 (MICROSOFT...)
1 1
Apex Domain
Subdomains
Transfer
1 430aln1.com
430aln1.com
500 B
1 clkmg.com
www.clkmg.com — Cisco Umbrella Rank: 107265
688 B
1 unitedforprofithf.com
www.unitedforprofithf.com
876 B
1 omnicamp1.com
vzoj.omnicamp1.com — Cisco Umbrella Rank: 773332
440 B
1 4
Domain Requested by
1 430aln1.com
1 www.clkmg.com 1 redirects
1 www.unitedforprofithf.com 1 redirects
1 vzoj.omnicamp1.com 1 redirects
1 4

This site contains no links.

Subject Issuer Validity Valid
430aln1.com
Go Daddy Secure Certificate Authority - G2
2022-05-02 -
2023-05-09
a year crt.sh

This page contains 1 frames:

Primary Page: https://430aln1.com/clk.trk?CID=442138&AFID=490343&SID=paul.w.eastman@ampf.com&SID2=unitedforprofit.com&SID3=B&SID4=TFBC2
Frame ID: 419278B986D9A977BAF517F30246731F
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Error

Page URL History Show full URLs

  1. https://vzoj.omnicamp1.com/link/62e4159532d12a001cf2358d/62e3ec9b89c48e001a86a1c0/62bc27cfc00a20001c0ab... HTTP 302
    https://www.unitedforprofithf.com/thfbbc/paul.w.eastman@ampf.com/unitedforprofit.com/B/TFBC2?omnisendContactID... HTTP 302
    http://www.clkmg.com/DaveMoneyBreacker/thfbbc/paul.w.eastman@ampf.com/unitedforprofit.com/B/TFBC2... HTTP 302
    https://430aln1.com/clk.trk?CID=442138&AFID=490343&SID=paul.w.eastman@ampf.com&SID2=unitedforpro... Page URL

Page Statistics

1
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

1
IPs

1
Countries

0 kB
Transfer

0 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://vzoj.omnicamp1.com/link/62e4159532d12a001cf2358d/62e3ec9b89c48e001a86a1c0/62bc27cfc00a20001c0ab6d9?signature=1187e6e046a56f761955bcf57d3163cb869816e14b285cc555004c3c5d04ab01 HTTP 302
    https://www.unitedforprofithf.com/thfbbc/paul.w.eastman@ampf.com/unitedforprofit.com/B/TFBC2?omnisendContactID=62bc27cfc00a20001c0ab6d9&utm_campaign=campaign%3A+TFBC2+29.07.2022+%2862e3eb28a89334001b86ff3b%29&utm_medium=email&utm_source=omnisend HTTP 302
    http://www.clkmg.com/DaveMoneyBreacker/thfbbc/paul.w.eastman@ampf.com/unitedforprofit.com/B/TFBC2?omnisendContactID=62bc27cfc00a20001c0ab6d9&utm_campaign=campaign%3A+TFBC2+29.07.2022+%2862e3eb28a89334001b86ff3b%29&utm_medium=email&utm_source=omnisend HTTP 302
    https://430aln1.com/clk.trk?CID=442138&AFID=490343&SID=paul.w.eastman@ampf.com&SID2=unitedforprofit.com&SID3=B&SID4=TFBC2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request clk.trk
430aln1.com/
Redirect Chain
  • https://vzoj.omnicamp1.com/link/62e4159532d12a001cf2358d/62e3ec9b89c48e001a86a1c0/62bc27cfc00a20001c0ab6d9?signature=1187e6e046a56f761955bcf57d3163cb869816e14b285cc555004c3c5d04ab01
  • https://www.unitedforprofithf.com/thfbbc/paul.w.eastman@ampf.com/unitedforprofit.com/B/TFBC2?omnisendContactID=62bc27cfc00a20001c0ab6d9&utm_campaign=campaign%3A+TFBC2+29.07.2022+%2862e3eb28a8933400...
  • http://www.clkmg.com/DaveMoneyBreacker/thfbbc/paul.w.eastman@ampf.com/unitedforprofit.com/B/TFBC2?omnisendContactID=62bc27cfc00a20001c0ab6d9&utm_campaign=campaign%3A+TFBC2+29.07.2022+%2862e3eb28a89...
  • https://430aln1.com/clk.trk?CID=442138&AFID=490343&SID=paul.w.eastman@ampf.com&SID2=unitedforprofit.com&SID3=B&SID4=TFBC2
98 B
500 B
Document
General
Full URL
https://430aln1.com/clk.trk?CID=442138&AFID=490343&SID=paul.w.eastman@ampf.com&SID2=unitedforprofit.com&SID3=B&SID4=TFBC2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.113.236.107 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
6079170491e83df4294bd9519e6352e214afb30968f290a681ddb5f3b2078de5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
private
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Fri, 29 Jul 2022 18:08:20 GMT
P3P
policyref="/p3p/P3P.430aln1.com.xml", CP="NOI DSP COR NID ADM DEV OUR STP OTC"
Server
nginx
Transfer-Encoding
chunked
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET

Redirect headers

Connection
keep-alive
Content-Length
325
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 29 Jul 2022 18:08:19 GMT
Location
https://430aln1.com/clk.trk?CID=442138&AFID=490343&SID=paul.w.eastman@ampf.com&SID2=unitedforprofit.com&SID3=B&SID4=TFBC2
P3P
CP="This is not a P3P policy! See https://www.clkmg.com for more info."
Server
nginx
X-CM-FE
httpfe-02.clickmagick.com
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

2 Cookies

Domain/Path Name / Value
.clkmg.com/ Name: alc
Value: 1
.clkmg.com/ Name: vid
Value: 762166529

1 Console Messages

Source Level URL
Text
network error URL: https://430aln1.com/clk.trk?CID=442138&AFID=490343&SID=paul.w.eastman@ampf.com&SID2=unitedforprofit.com&SID3=B&SID4=TFBC2
Message:
Failed to load resource: the server responded with a status of 403 (Invalid Country)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

430aln1.com
vzoj.omnicamp1.com
www.clkmg.com
www.unitedforprofithf.com
2606:4700:3035::6815:3b18
2606:4700::6812:13e3
40.113.236.107
50.97.244.203
6079170491e83df4294bd9519e6352e214afb30968f290a681ddb5f3b2078de5