urlscan.io logo urlscan.io
SecurityTrails logo

clickcrazenwp.club Open in urlscan Pro
188.114.97.9  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.directdexchange.com/jump/next.php?r=157387&sub1=56257
Effective URL: https://clickcrazenwp.club/VP_tU17wnvjSlncYUYhLBgn6_IfK-6zgHDCk8U5BY4Q/?cid=171765947910000TDETV436481828044Vcb&pubid=15738...
Submission: On June 06 via api from LU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 10 HTTP transactions. The main IP is 188.114.97.9, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is clickcrazenwp.club.
TLS certificate: Issued by GTS CA 1P5 on May 31st 2024. Valid for: 3 months.
This is the only time clickcrazenwp.club was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 3 172.67.207.202 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 188.114.97.9 13335 (CLOUDFLAR...)
2 172.67.184.145 13335 (CLOUDFLAR...)
4 172.67.72.9 13335 (CLOUDFLAR...)
1 188.114.97.3 13335 (CLOUDFLAR...)
10 6
3    172.67.207.202 (United States)

ASN13335 (CLOUDFLARENET, US)
www.directdexchange.com
1    2606:4700:3031::6815:a48 (United States)

ASN13335 (CLOUDFLARENET, US)
one.roundpush.com
2    188.114.97.9 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
clickcrazenwp.club
2    172.67.184.145 (United States)

ASN13335 (CLOUDFLARENET, US)
feed.rtbadshubmy.com
t.rtbadshubmy.com
4    172.67.72.9 (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.ocmhood.com
t.ocmhood.com
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
cdn.ocmtag.com
Apex Domain
Subdomains		 Transfer
4 ocmhood.com
sdk.ocmhood.com — Cisco Umbrella Rank: 45517
t.ocmhood.com — Cisco Umbrella Rank: 11758
14 KB
3 directdexchange.com
www.directdexchange.com
5 KB
2 rtbadshubmy.com
feed.rtbadshubmy.com — Cisco Umbrella Rank: 133083
t.rtbadshubmy.com — Cisco Umbrella Rank: 152453
1 KB
2 clickcrazenwp.club
clickcrazenwp.club
21 KB
1 ocmtag.com
cdn.ocmtag.com — Cisco Umbrella Rank: 48916
812 B
1 roundpush.com
one.roundpush.com
585 B
10 6
Domain Requested by
3 t.ocmhood.com sdk.ocmhood.com
3 www.directdexchange.com 2 redirects
2 clickcrazenwp.club www.directdexchange.com
clickcrazenwp.club
1 cdn.ocmtag.com sdk.ocmhood.com
1 t.rtbadshubmy.com clickcrazenwp.club
1 sdk.ocmhood.com clickcrazenwp.club
1 feed.rtbadshubmy.com clickcrazenwp.club
1 one.roundpush.com 1 redirects
10 8

This site contains no links.

Subject Issuer Validity Valid
directdexchange.com
E1		 2024-04-24 -
2024-07-23		 3 months crt.sh
clickcrazenwp.club
GTS CA 1P5		 2024-05-31 -
2024-08-29		 3 months crt.sh
rtbadshubmy.com
E1		 2024-04-19 -
2024-07-18		 3 months crt.sh
ocmhood.com
E1		 2024-05-01 -
2024-07-30		 3 months crt.sh
ocmtag.com
Cloudflare Inc ECC CA-3		 2023-12-25 -
2024-12-24		 a year crt.sh

This page contains 1 frames:

Primary Page: https://clickcrazenwp.club/VP_tU17wnvjSlncYUYhLBgn6_IfK-6zgHDCk8U5BY4Q/?cid=171765947910000TDETV436481828044Vcb&pubid=157387-3775522587-4269441498
Frame ID: 4682342CCACF911CA8D1112533EEC655
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Click Allow

Page URL History Show full URLs

  1. http://www.directdexchange.com/jump/next.php?r=157387&sub1=56257 HTTP 307
    https://www.directdexchange.com/jump/next.php?r=157387&sub1=56257 Page URL
  2. https://www.directdexchange.com/jump/next.php?stamat=m%257C%252CodieTY3drB1dwP0dEdHP3xP.958%252C2t5FkDDYpjxJ... HTTP 302
    https://www.directdexchange.com/script/i.php?t=1&c=23801164&stamat=m%257C%252C%252Cg2d3t3E-tGU3BE-GH0dEdHP3x... HTTP 302
    https://one.roundpush.com/JJUiDl/?utm_source=4608&utm_campaign=16257366&cid=171765947910000TDETV436481... HTTP 302
    https://clickcrazenwp.club/VP_tU17wnvjSlncYUYhLBgn6_IfK-6zgHDCk8U5BY4Q/?cid=171765947910000TDETV4364818... Page URL

Page Statistics

10
Requests

100 %
HTTPS

17 %
IPv6

6
Domains

8
Subdomains

6
IPs

2
Countries

41 kB
Transfer

88 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.directdexchange.com/jump/next.php?r=157387&sub1=56257 HTTP 307
    https://www.directdexchange.com/jump/next.php?r=157387&sub1=56257 Page URL
  2. https://www.directdexchange.com/jump/next.php?stamat=m%257C%252CodieTY3drB1dwP0dEdHP3xP.958%252C2t5FkDDYpjxJXsMWHSh7wKsTFo_9DWdVnHcBDLzDvAVD47fsyIIopvO6MbJ1VCrs&cbpage=https://www.directdexchange.com/jump/next.php?r=157387&sub1=56257&cbur=0.28698758472723407&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=&ufp=Win32%2FMozilla%2FNetscape%2Ftrue%2Ffalse1600x1200-120de-DE81124%20bits HTTP 302
    https://www.directdexchange.com/script/i.php?t=1&c=23801164&stamat=m%257C%252C%252Cg2d3t3E-tGU3BE-GH0dEdHP3xP.c03%252Cx6CwihnaYxidqQM3tY_jsM9Ed2PSAENWDoNMV0hupk3SRS0eiSADqPBRFM98Rr-bwS52uL9fB_nai8PQqUmktB-6WjHhzlL9iVsllSTFUw_b5j9DGyQGttZYu6nx1j-VDZEijjfrG5C7oQO2UYa3R6-M0tMIigYlNYcsF5ei8cNz20Pd1AjFZ3BVT8mw9ilXDfMA15TwWZdi_h41BXUCCIO1tQCqcU_zu5fboLGpodSwbw9LPYuGejvcsI-qDeRwEsPvbzeguG-u26T4MmyaIBLJgVYcjeJqkoFW1Eut4FKjHwPPD_7mwpQyN0vIYE2yGN2rb2xvns-MgbVguon1f-AjfpKcXZR-nUJkuMRhADVR3vdtpJmyjMbIlFdOTJFOxOYC0iPCho1wclAOtCvYmZElGCs07ylMdLukrWSLsne0iQFh0DP3thUclYweYkEk_npKrKzN0WIEdclxFrDJHImNp2asPiUpxHKzuCtuWzqoUyU93VkEa49bwFoAdUbkXYMFEOk1srkABqkT5nAODlyRgQF5xjP8saVhnvkbT0BJPovmOXWCy0pBrAW1wqvaP7WxvIudkiXa8cn8P9w2B4vzYuNP_tKYKqTKg7qjiTnETv4euh--5n1038WakhE50NmmpLaCL9krN6sexMFoIbpKjU7CbwdBwjpViMKkuXQ%252C HTTP 302
    https://one.roundpush.com/JJUiDl/?utm_source=4608&utm_campaign=16257366&cid=171765947910000TDETV436481828044Vcb&pubid=157387-3775522587-4269441498 HTTP 302
    https://clickcrazenwp.club/VP_tU17wnvjSlncYUYhLBgn6_IfK-6zgHDCk8U5BY4Q/?cid=171765947910000TDETV436481828044Vcb&pubid=157387-3775522587-4269441498 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.directdexchange.com/jump/next.php?r=157387&sub1=56257 HTTP 307
  • https://www.directdexchange.com/jump/next.php?r=157387&sub1=56257

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
next.php
www.directdexchange.com/jump/
Redirect Chain
  • http://www.directdexchange.com/jump/next.php?r=157387&sub1=56257
  • https://www.directdexchange.com/jump/next.php?r=157387&sub1=56257
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.directdexchange.com/jump/next.php?r=157387&sub1=56257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
88f6bd845cbf2ba9-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 06 Jun 2024 07:37:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XRPeDTmeaJTzs94xJtTeDWGiJpoI9jhv%2BNIuO7ly9DsP4KfGX6O0UQnG7%2BaLTIA7Yuh4BBapWYsdv9bCzHpsHl9o8bwyXbEnYVBXWxILJ82MgrtaXu%2FghfmGRoI%2FQp4FL%2FgNGlo3VIVzqg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google

Redirect headers

Location
https://www.directdexchange.com/jump/next.php?r=157387&sub1=56257
Non-Authoritative-Reason
HttpsUpgrades
Primary Request /
clickcrazenwp.club/VP_tU17wnvjSlncYUYhLBgn6_IfK-6zgHDCk8U5BY4Q/
Redirect Chain
  • https://www.directdexchange.com/jump/next.php?stamat=m%257C%252CodieTY3drB1dwP0dEdHP3xP.958%252C2t5FkDDYpjxJXsMWHSh7wKsTFo_9DWdVnHcBDLzDvAVD47fsyIIopvO6MbJ1VCrs&cbpage=https://www.directdexchange.c...
  • https://www.directdexchange.com/script/i.php?t=1&c=23801164&stamat=m%257C%252C%252Cg2d3t3E-tGU3BE-GH0dEdHP3xP.c03%252Cx6CwihnaYxidqQM3tY_jsM9Ed2PSAENWDoNMV0hupk3SRS0eiSADqPBRFM98Rr-bwS52uL9fB_nai8P...
  • https://one.roundpush.com/JJUiDl/?utm_source=4608&utm_campaign=16257366&cid=171765947910000TDETV436481828044Vcb&pubid=157387-3775522587-4269441498
  • https://clickcrazenwp.club/VP_tU17wnvjSlncYUYhLBgn6_IfK-6zgHDCk8U5BY4Q/?cid=171765947910000TDETV436481828044Vcb&pubid=157387-3775522587-4269441498
33 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clickcrazenwp.club/VP_tU17wnvjSlncYUYhLBgn6_IfK-6zgHDCk8U5BY4Q/?cid=171765947910000TDETV436481828044Vcb&pubid=157387-3775522587-4269441498
Requested by
Host: www.directdexchange.com
URL: https://www.directdexchange.com/jump/next.php?r=157387&sub1=56257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
daa29aee70cbc2cfd254236544f473e986a4d2859d3b2d88b25c6b21ba879d71

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.directdexchange.com/jump/next.php?r=157387&sub1=56257
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
88f6bd8a7ed55c80-FRA
content-encoding
br
content-type
text/html
date
Thu, 06 Jun 2024 07:38:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aH7xhhMZL9%2Fw%2Ftom5I3ugRB46rAAm5XbzXTBG%2BUZxKgmwr4xwB8B2Ba5rOXMNgKg%2FJGC%2FZ8F%2FI68jITPdhORj4Xh8Ok1vOpqY7uZRzjIdq9o3b5nUk2ElVSbksnNdULLWv6%2BOd8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
88f6bd881c8071b5-FRA
content-type
text/html
date
Thu, 06 Jun 2024 07:38:00 GMT
location
https://clickcrazenwp.club/VP_tU17wnvjSlncYUYhLBgn6_IfK-6zgHDCk8U5BY4Q/?cid=171765947910000TDETV436481828044Vcb&pubid=157387-3775522587-4269441498
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FybCysZP%2FSVpO9xNGtMRhc8luEgRoVsDT3m8QvScAcVNne5K7XInMpDf9kIzg5Mye86cWEJ1CCUeJmElFt6wrgSK7QAm0AksJcz3Pa6xVCHfVdnwoQjhait%2BE6xH6vuiSoHzXb3wwmsxJmBnKbRohA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36

Response headers

Content-Type
image/png
AFU1kAAPatM
feed.rtbadshubmy.com/v1/native/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://feed.rtbadshubmy.com/v1/native/AFU1kAAPatM?subid=75969&uid=eb871453-0f72-4e7b-abb0-b0d96bf5c99d&kw=download%20install&ud_tpcid=jbFOwEkWODxbmwPSyVUG4eNf7s87RDUo
Requested by
Host: clickcrazenwp.club
URL: https://clickcrazenwp.club/VP_tU17wnvjSlncYUYhLBgn6_IfK-6zgHDCk8U5BY4Q/?cid=171765947910000TDETV436481828044Vcb&pubid=157387-3775522587-4269441498
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9088157cc3454a8ff43e6fca72365a01541b94c9c7625546bd93a0e6b278a6d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://clickcrazenwp.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36

Response headers

date
Thu, 06 Jun 2024 07:38:01 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M6a8B%2BePHAHDwa5w3iSC5VuB%2FeAYte1mdp1u50C9qPKQDIGrd0yQ9aoXj1kfAr4pLtnXLFSGh30KG99WCBFVhoM5h%2FculKI%2BpcURiLUmq1Rh3bQJ1HTC3uzGmTFGKAWHrFXsOzNQEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
cf-ray
88f6bd8c5d2835e6-FRA
alt-svc
h3=":443"; ma=86400
conf.json
clickcrazenwp.club/hood/Y2xpY2tjcmF6ZW53cC5jbHVi/ 		49 B
499 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://clickcrazenwp.club/hood/Y2xpY2tjcmF6ZW53cC5jbHVi/conf.json
Requested by
Host: clickcrazenwp.club
URL: https://clickcrazenwp.club/VP_tU17wnvjSlncYUYhLBgn6_IfK-6zgHDCk8U5BY4Q/?cid=171765947910000TDETV436481828044Vcb&pubid=157387-3775522587-4269441498
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4c3d647a71e8d586802f696550efe9e02079f168462e58029bb8d4f8c7d732b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://clickcrazenwp.club/VP_tU17wnvjSlncYUYhLBgn6_IfK-6zgHDCk8U5BY4Q/?cid=171765947910000TDETV436481828044Vcb&pubid=157387-3775522587-4269441498
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36

Response headers

date
Thu, 06 Jun 2024 07:38:01 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 02 Apr 2024 15:44:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"660c27dc-31"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6jBFRNE%2F6bVCq%2BinqVhmGmHEhz1U2qIZ3EbIpXgiM4AM6Q41bxtOtK5qjzxy15GnmnrzGI9QKqljZQZmZvfq6%2BztajTWtEfULg1%2FXJobDnD2A27Ld89fnB54GR1QtIgA94fNQLo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cf-ray
88f6bd8c183e5c80-FRA
alt-svc
h3=":443"; ma=86400
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
260b073c6af7b2e361f1ba7f05d23007587adbdd79de704fc1999c9d64cd737e

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36

Response headers

Content-Type
image/jpeg
ht.js
sdk.ocmhood.com/sdk/ 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2eEExNDY4MjE0Nj2F
Requested by
Host: clickcrazenwp.club
URL: https://clickcrazenwp.club/VP_tU17wnvjSlncYUYhLBgn6_IfK-6zgHDCk8U5BY4Q/?cid=171765947910000TDETV436481828044Vcb&pubid=157387-3775522587-4269441498
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81195ecef1ef260cddab7b3ab6123888768242882b856b5fab360f25850a9fa1

Request headers

Referer
https://clickcrazenwp.club/
Origin
https://clickcrazenwp.club
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36

Response headers

date
Thu, 06 Jun 2024 07:38:01 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4172
alt-svc
h3=":443"; ma=86400
content-length
12460
service-worker-allowed
/
last-modified
Tue, 09 Apr 2024 11:24:49 GMT
server
cloudflare
etag
"66152581-30ac"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R%2F%2Fpm%2Bn1gWeOS7cvprN9XBC5Hn23BVB0pgdz4TpiATXiNZS%2Bu2%2FqOuqJpIw6OZNw%2FSMORjE6Lg6p7c2Rk0z%2FniP1jYSeMJb6NXuJs7Q7jRzt8368Q9JDiMW01Z4K6GsbCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
88f6bd8d1e1765c2-FRA
imp
t.rtbadshubmy.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t.rtbadshubmy.com/imp?l2=79KsBomD35kUhh_n9TCFJlmO_CZt5Chv5I4ADjXLvcCf7whI7ML0nrvF3Q0xTUi2TQCw1p2TDwSpvDVOjDABSw2Q4mlxJfiYPkjWvUdNtVKXKRT48XA2EN-Tq8XDCtYvofzdhoVZpmBJ8ALBxbXaKT-d6IZvKKoRjU6AjxigEy_vwaAgehrKMhoBpBtkIwfQp6DpNZCrVAg0ewOpUcnY5MWpONy_OYQYRscfMYJWu2gxVh1x4OdKxPAcm6Dsrn9W
Requested by
Host: clickcrazenwp.club
URL: https://clickcrazenwp.club/VP_tU17wnvjSlncYUYhLBgn6_IfK-6zgHDCk8U5BY4Q/?cid=171765947910000TDETV436481828044Vcb&pubid=157387-3775522587-4269441498
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://clickcrazenwp.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36

Response headers

date
Thu, 06 Jun 2024 07:38:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e1iL2zfSg6pJ4hkt%2FvZ%2BMbp40M2Ra2fu26mAY3kvDAAWKUEasvempegTtAZrbIAYDLfjDQSAUGLaDLF5u8GhLtVUNUqg9F1aTcf6vHAjgLL%2BRDlsSmMpXgP%2FquL36ClLeenr7w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
no-cache
cf-ray
88f6bd8d9ef135e6-FRA
alt-svc
h3=":443"; ma=86400
NjY4ZwSkNAFfmDQ2eEExNDY4MjE0Nj2F.js
cdn.ocmtag.com/tag/ 		423 B
812 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ocmtag.com/tag/NjY4ZwSkNAFfmDQ2eEExNDY4MjE0Nj2F.js
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2eEExNDY4MjE0Nj2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91df24d66a316560ce5b6f7afa473668278aefd21e00e2cb678a9f6a60de3d7f

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://clickcrazenwp.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36

Response headers

date
Thu, 06 Jun 2024 07:38:01 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 02 Apr 2024 15:18:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"660c21a9-1a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p7nk%2B8xg8yJy%2B63Iwo2Q2Z4w92qD8%2BMgXr85xl9hBMdjnIwNHSjopZpuPLGkoIvl9e6eN7TR1sRSIlD8j%2FnBKEmB4h6OADXx2KnHzbt%2B6lONwE%2B%2BTrOJXeFgx2Z2MfGdEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
88f6bd8dcff9bbe6-FRA
alt-svc
h3=":443"; ma=86400
service-worker-allowed
/
activity
t.ocmhood.com/v2/ 		0
433 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.ocmhood.com/v2/activity
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2eEExNDY4MjE0Nj2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://clickcrazenwp.club/
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 06 Jun 2024 07:38:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2npg%2BP8McH0RQYXojT6Vs8DO9PvBORC6PaXGk4okqsMshr31DVHwut9Kz0bhRI7lCDIz5BqjW3LVzPQSsvaHQkl5U%2BpkSMjZ4XX4q3CsqZZRsJpfx5xG15BaP%2BlK7Eo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
no-cache
cf-ray
88f6bd8e5eff37cc-FRA
alt-svc
h3=":443"; ma=86400
activity
t.ocmhood.com/v2/ 		0
394 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.ocmhood.com/v2/activity
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2eEExNDY4MjE0Nj2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://clickcrazenwp.club/
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 06 Jun 2024 07:38:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kIQleNmD6n8huh%2Bo4tO4IzI6ijDMZxTrJt7Py8cMQhoV65RZXxxEG9kIKiyYSmk8ifYGFDVz%2BEXUuFqRs1yvWB7NmEse2bm8TAhyPJlEB5scaHv0BlVE26bvrSpi134%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
no-cache
cf-ray
88f6bd8e5f0337cc-FRA
alt-svc
h3=":443"; ma=86400
activity
t.ocmhood.com/v2/ 		0
396 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.ocmhood.com/v2/activity
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2eEExNDY4MjE0Nj2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://clickcrazenwp.club/
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 06 Jun 2024 07:38:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KjHqphmP%2FF3hoNxWUC9wia3Z%2FQDz4VqjoSWJ7j8shmJt3SasGgjZghbMFxxpSGGMzWDR8WeytRn5XAs1JMAyJmHxnP9KA0XYVGYdwxz6EBn8gztOrGYYhZRwFq3OO4k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
no-cache
cf-ray
88f6bd96d90737cc-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| qs string| lwp function| snippetGetEngineDomain function| snippetGetAllLocations object| campaign_domains function| importOmpServiceWorker function| initOmpServiceWorker function| clearSession function| getLpType function| fetchAd function| getOCP function| popme function| finalRedirect function| goNextStep function| goToRedirectonAllow function| goToRedirectSmart2 function| isPushApiSupported function| uuidv4 function| initLpPush function| startOmpWorker function| getLpIdParamIfSet function| getSourcePrefix object| ad number| cpc number| o_eid string| o_ocid string| source_prefix string| fallback_url function| before_redirect_block object| sParams string| cc function| Hood function| NjY4ZwSkNAFfmDQ2eEExNDY4MjE0Nj2F

3 Cookies

Domain/Path Name / Value
clickcrazenwp.club/ Name: session
Value: jbFOwEkWODxbmwPSyVUG4eNf7s87RDUo
.clickcrazenwp.club/ Name: _ht_v
Value: 1717659481.5505802968
.clickcrazenwp.club/ Name: _ht_s
Value: 1717659481.2