www.oneclicktwofucks.com Open in urlscan Pro
2600:9000:211e:8000:0:fb01:9140:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://localdatingfling.com/sJ0VCddkTeEALV11QO9RVKBURAVkQC5kHVRDE70TBR4RIbkSQlkgI78xGSQjSF8jH9UQEi4kFG
Effective URL:
https://www.oneclicktwofucks.com/39451680536602765/?subid=4606&uclick=b48pa0b7vr&uclickhash=b48pa0b7vr-b48pa0b7vr-1za6-0-qnqd-g5b...
Submission: On April 14 via api (April 14th 2023, 10:49:29 am UTC) from BE — Scanned from GB

Summary HTTP 14 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 5 countries across 7 domains to perform 14 HTTP transactions. The main IP is 2600:9000:211e:8000:0:fb01:9140:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.oneclicktwofucks.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on April 1st 2023. Valid for: a year.

This is the only time www.oneclicktwofucks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	185.36.80.2 185.36.80.2	43463 (BST-LT) (BST-LT)
1 1	146.185.131.178 146.185.131.178	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	52.204.49.11 52.204.49.11	14618 (AMAZON-AES) (AMAZON-AES)
1 1	18.192.108.151 18.192.108.151	16509 (AMAZON-02) (AMAZON-02)
1 1	142.93.95.250 142.93.95.250	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	2600:9000:211... 2600:9000:211e:8000:0:fb01:9140:93a1	16509 (AMAZON-02) (AMAZON-02)
10	139.45.240.92 139.45.240.92	57304 (RUBY-AS) (RUBY-AS)
14	2

1 185.36.80.2 (United Kingdom) 1 redirects

ASN43463 (BST-LT, GB)
PTR: paguridae.localdatingfling.com

localdatingfling.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.185.131.178 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

58.mylocalaffair.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.204.49.11 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-49-11.compute-1.amazonaws.com

z87234.smartredirect.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.192.108.151 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-108-151.eu-central-1.compute.amazonaws.com

tds.wooqi.win	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.93.95.250 (Santa Clara, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: dopaleads.tracker

dopaleads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:211e:8000:0:fb01:9140:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.oneclicktwofucks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 139.45.240.92 (Russian Federation)

ASN57304 (RUBY-AS, RU)

notix.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	notix.io notix.io — Cisco Umbrella Rank: 13773	25 KB
4	oneclicktwofucks.com www.oneclicktwofucks.com	160 KB
1	dopaleads.com 1 redirects dopaleads.com	419 B
1	wooqi.win 1 redirects tds.wooqi.win	608 B
1	smartredirect.link 1 redirects z87234.smartredirect.link	2 KB
1	mylocalaffair.com 1 redirects 58.mylocalaffair.com	415 B
1	localdatingfling.com 1 redirects localdatingfling.com	342 B
14	7

	Domain	Requested by
10	notix.io	www.oneclicktwofucks.com notix.io
4	www.oneclicktwofucks.com	www.oneclicktwofucks.com
1	dopaleads.com	1 redirects
1	tds.wooqi.win	1 redirects
1	z87234.smartredirect.link	1 redirects
1	58.mylocalaffair.com	1 redirects
1	localdatingfling.com	1 redirects
14	7

This site contains links to these domains. Also see Links.

Domain
dopaleads.com

Subject Issuer	Validity	Valid
oneclicktwofucks.com Amazon RSA 2048 M01	`2023-04-01` - `2024-04-29`	a year	crt.sh
notix.io R3	`2023-01-24` - `2023-04-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.oneclicktwofucks.com/39451680536602765/?subid=4606&uclick=b48pa0b7vr&uclickhash=b48pa0b7vr-b48pa0b7vr-1za6-0-qnqd-g5bgi4-d54pwj-20440a
Frame ID: 451C230F676F04E0E42A0DE1CC575E93
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

(+18)

Page URL History Show full URLs

http://localdatingfling.com/sJ0VCddkTeEALV11QO9RVKBURAVkQC5kHVRDE70TBR4RIbkSQlkgI78xGSQjSF8jH9UQEi4kFG HTTP 307
http://58.mylocalaffair.com/?hash=83377a3135d47bf5&email=psondages@yahoo.com HTTP 302
http://z87234.smartredirect.link/track/MTAuODAzNjY4LjEyMi4xNDguMC4wLjAuMC4wLjAuMC4w?_ocid=64392fb3b9711d4e374... HTTP 302
https://tds.wooqi.win/2dcb226c-9047-4ba5-8e4c-f0dccb1c032b?source1=10&_ocid=64392fb3b9711d4e374e21... HTTP 302
https://dopaleads.com/click.php?key=kkt1reigsj4sp7slb13k&cid=wo58t8lgbhfrgi0oij06h4lk HTTP 302
https://www.oneclicktwofucks.com/39451680536602765/?subid=4606&uclick=b48pa0b7vr&uclickhash=b48pa0b7vr-b48pa0... Page URL

Page Statistics

14
Requests

100 %
HTTPS

14 %
IPv6

7
Domains

7
Subdomains

2
IPs

5
Countries

185 kB
Transfer

244 kB
Size

12
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://dopaleads.com/click.php?lp=1

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://localdatingfling.com/sJ0VCddkTeEALV11QO9RVKBURAVkQC5kHVRDE70TBR4RIbkSQlkgI78xGSQjSF8jH9UQEi4kFG HTTP 307
http://58.mylocalaffair.com/?hash=83377a3135d47bf5&email=psondages@yahoo.com HTTP 302
http://z87234.smartredirect.link/track/MTAuODAzNjY4LjEyMi4xNDguMC4wLjAuMC4wLjAuMC4w?_ocid=64392fb3b9711d4e374e21ea&email=psondages@yahoo.com HTTP 302
https://tds.wooqi.win/2dcb226c-9047-4ba5-8e4c-f0dccb1c032b?source1=10&_ocid=64392fb3b9711d4e374e21ea&email=psondages%40yahoo.com&ocode=MTAuODAzNjY4LjEyMi4xNDguMC4wLjAuMC4wLjAuMC4w HTTP 302
https://dopaleads.com/click.php?key=kkt1reigsj4sp7slb13k&cid=wo58t8lgbhfrgi0oij06h4lk HTTP 302
https://www.oneclicktwofucks.com/39451680536602765/?subid=4606&uclick=b48pa0b7vr&uclickhash=b48pa0b7vr-b48pa0b7vr-1za6-0-qnqd-g5bgi4-d54pwj-20440a Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.oneclicktwofucks.com/39451680536602765/
Redirect Chain

http://localdatingfling.com/sJ0VCddkTeEALV11QO9RVKBURAVkQC5kHVRDE70TBR4RIbkSQlkgI78xGSQjSF8jH9UQEi4kFG
http://58.mylocalaffair.com/?hash=83377a3135d47bf5&email=psondages@yahoo.com
http://z87234.smartredirect.link/track/MTAuODAzNjY4LjEyMi4xNDguMC4wLjAuMC4wLjAuMC4w?_ocid=64392fb3b9711d4e374e21ea&email=psondages@yahoo.com
https://tds.wooqi.win/2dcb226c-9047-4ba5-8e4c-f0dccb1c032b?source1=10&_ocid=64392fb3b9711d4e374e21ea&email=psondages%40yahoo.com&ocode=MTAuODAzNjY4LjEyMi4xNDguMC4wLjAuMC4wLjAuMC4w
https://dopaleads.com/click.php?key=kkt1reigsj4sp7slb13k&cid=wo58t8lgbhfrgi0oij06h4lk
https://www.oneclicktwofucks.com/39451680536602765/?subid=4606&uclick=b48pa0b7vr&uclickhash=b48pa0b7vr-b48pa0b7vr-1za6-0-qnqd-g5bgi4-d54pwj-20440a

7 KB
2 KB

205ms
41ms

Document
text/html

2600:9000:211e:8000:0:fb01:9140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oneclicktwofucks.com/39451680536602765/?subid=4606&uclick=b48pa0b7vr&uclickhash=b48pa0b7vr-b48pa0b7vr-1za6-0-qnqd-g5bgi4-d54pwj-20440a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:8000:0:fb01:9140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fbe788cf20a1a52f7fe31d49badb5ff153a547c0421a1a525c75f5496b5f1d1c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 239252
content-encoding: br
content-type: text/html
date: Tue, 11 Apr 2023 16:21:54 GMT
etag: W/"43246e1996a9b7bd6ff6e85352ecfcf1"
last-modified: Mon, 03 Apr 2023 15:43:51 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
x-amz-cf-id: LfY9WHApcDLnmjaMuHfsEe_0qo-JnbuEgJjfYh3YiF0pxeZC2P-pTw==
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront

Redirect headers

content-type: text/html; charset=UTF-8
date: Fri, 14 Apr 2023 10:49:24 GMT
location: https://www.oneclicktwofucks.com/39451680536602765/?subid=4606&uclick=b48pa0b7vr&uclickhash=b48pa0b7vr-b48pa0b7vr-1za6-0-qnqd-g5bgi4-d54pwj-20440a
server: nginx/1.14.2
strict-transport-security: max-age=31536000

GET
H2 200 script.min.js Show response
www.oneclicktwofucks.com/39451680536602765/ 410 B
723 B 41ms
41ms Script
text/javascript 2600:9000:211e:8000:0:fb01:9140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oneclicktwofucks.com/39451680536602765/script.min.js
Requested by: Host: www.oneclicktwofucks.com
URL: https://www.oneclicktwofucks.com/39451680536602765/?subid=4606&uclick=b48pa0b7vr&uclickhash=b48pa0b7vr-b48pa0b7vr-1za6-0-qnqd-g5bgi4-d54pwj-20440a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:8000:0:fb01:9140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 04a030f7d5e8db47c53d566c5627f03deb9eea40d4121d731915797a90388f92

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oneclicktwofucks.com/39451680536602765/?subid=4606&uclick=b48pa0b7vr&uclickhash=b48pa0b7vr-b48pa0b7vr-1za6-0-qnqd-g5bgi4-d54pwj-20440a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 08:38:20 GMT
via: 1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
last-modified: Mon, 03 Apr 2023 15:43:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 94266
etag: "0705d6fde7e3d06c816ca45a15afc334"
x-cache: Hit from cloudfront
content-type: text/javascript
content-length: 410
x-amz-cf-id: xxeDTOUaqMXNSUpxtLBZ4hmPO2RVbtNJFd0eoIE02U7b8_rOyfteRA==

GET
H2 200 gumtree_white-1680536630507.png
www.oneclicktwofucks.com/39451680536602765/ 59 KB
59 KB 48ms
48ms Image
image/png 2600:9000:211e:8000:0:fb01:9140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.oneclicktwofucks.com/39451680536602765/gumtree_white-1680536630507.png
Requested by: Host: www.oneclicktwofucks.com
URL: https://www.oneclicktwofucks.com/39451680536602765/?subid=4606&uclick=b48pa0b7vr&uclickhash=b48pa0b7vr-b48pa0b7vr-1za6-0-qnqd-g5bgi4-d54pwj-20440a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:8000:0:fb01:9140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b4d7242243d52b90cfce8c83976db6338ded5b828764fbeca6cca849c3d30b34

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oneclicktwofucks.com/39451680536602765/?subid=4606&uclick=b48pa0b7vr&uclickhash=b48pa0b7vr-b48pa0b7vr-1za6-0-qnqd-g5bgi4-d54pwj-20440a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 08:38:20 GMT
via: 1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
last-modified: Mon, 03 Apr 2023 15:43:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 94266
etag: "3f836cdc5af89dd39d6625dccfe09572"
x-cache: Hit from cloudfront
content-type: image/png
content-length: 59938
x-amz-cf-id: LYKa0Y5XSmqUDF2ij4Kooa6cKL1Ft6T-VzQKCr9ThSWKqTAcbzih8w==

GET
H2 200 gif_t1_top_gif%20t1%202-1680536630503.gif
www.oneclicktwofucks.com/39451680536602765/ 98 KB
99 KB 57ms
56ms Image
image/gif 2600:9000:211e:8000:0:fb01:9140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.oneclicktwofucks.com/39451680536602765/gif_t1_top_gif%20t1%202-1680536630503.gif
Requested by: Host: www.oneclicktwofucks.com
URL: https://www.oneclicktwofucks.com/39451680536602765/?subid=4606&uclick=b48pa0b7vr&uclickhash=b48pa0b7vr-b48pa0b7vr-1za6-0-qnqd-g5bgi4-d54pwj-20440a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:8000:0:fb01:9140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a3213e5b84c9d0ee11ee619d6aaa614b7764261bc4140d8a812618b923f92d97

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oneclicktwofucks.com/39451680536602765/?subid=4606&uclick=b48pa0b7vr&uclickhash=b48pa0b7vr-b48pa0b7vr-1za6-0-qnqd-g5bgi4-d54pwj-20440a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 15:16:49 GMT
via: 1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
last-modified: Mon, 03 Apr 2023 15:43:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 70357
etag: "c93e6200b872c6fe322557f56ab986e5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
content-length: 100809
x-amz-cf-id: q5LxAxnMB39jSC_I8fFHqmxeFXfSspaGhcsNjRc6kaGqoeuQBOPjCQ==

GET
H2 200 enot.min.js Show response
notix.io/ent/current/ 80 KB
24 KB 112ms
33ms Script
application/javascript 139.45.240.92
RUBY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://notix.io/ent/current/enot.min.js
Requested by: Host: www.oneclicktwofucks.com
URL: https://www.oneclicktwofucks.com/39451680536602765/?subid=4606&uclick=b48pa0b7vr&uclickhash=b48pa0b7vr-b48pa0b7vr-1za6-0-qnqd-g5bgi4-d54pwj-20440a
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: fff4dd66aa1eda6256abec8c02829950e5750883107ebb459991e8167c139d51

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oneclicktwofucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 10:49:18 GMT
content-encoding: gzip
last-modified: Tue, 11 Apr 2023 09:48:43 GMT
server: nginx
etag: W/"64352cfb-13fc4"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 settings Show response
notix.io/ 283 B
544 B 49ms
49ms Fetch
application/json 139.45.240.92
RUBY-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://notix.io/settings?appId=1004ff5b462d010c4966484aad5375c

Requested by

Host: notix.io
URL: https://notix.io/ent/current/enot.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

6cccd43ec5d032e856c844490dc40f20bbe696e87f26b22230d14cbf58cc6aa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oneclicktwofucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 10:49:18 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.oneclicktwofucks.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 283

OPTIONS
H2 200 event
notix.io/ 0
0 101ms
32ms Preflight
text/plain 139.45.240.92
RUBY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://notix.io/event
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.oneclicktwofucks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.oneclicktwofucks.com
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Fri, 14 Apr 2023 10:49:23 GMT
server: nginx

POST
H2 200 event
notix.io/ 15 B
275 B 36ms
34ms Ping
application/json 139.45.240.92
RUBY-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://notix.io/event

Requested by

Host: notix.io
URL: https://notix.io/ent/current/enot.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.oneclicktwofucks.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 14 Apr 2023 10:49:18 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.oneclicktwofucks.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 15

POST
H2 200 event
notix.io/ 15 B
275 B 34ms
33ms Ping
application/json 139.45.240.92
RUBY-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://notix.io/event

Requested by

Host: notix.io
URL: https://notix.io/ent/current/enot.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.oneclicktwofucks.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 14 Apr 2023 10:49:18 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.oneclicktwofucks.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 15

OPTIONS
H2 200 event
notix.io/ 0
0 48ms
32ms Preflight
text/plain 139.45.240.92
RUBY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://notix.io/event
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.oneclicktwofucks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.oneclicktwofucks.com
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Fri, 14 Apr 2023 10:49:23 GMT
server: nginx

POST
H2 200 event
notix.io/ 15 B
275 B 35ms
34ms Ping
application/json 139.45.240.92
RUBY-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://notix.io/event

Requested by

Host: notix.io
URL: https://notix.io/ent/current/enot.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.oneclicktwofucks.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 14 Apr 2023 10:49:18 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.oneclicktwofucks.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 15

OPTIONS
H2 200 event
notix.io/ 0
0 47ms
33ms Preflight
text/plain 139.45.240.92
RUBY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://notix.io/event
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.oneclicktwofucks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.oneclicktwofucks.com
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Fri, 14 Apr 2023 10:49:23 GMT
server: nginx

POST
H2 200 event
notix.io/ 15 B
275 B 35ms
34ms Ping
application/json 139.45.240.92
RUBY-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://notix.io/event

Requested by

Host: notix.io
URL: https://notix.io/ent/current/enot.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.oneclicktwofucks.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 14 Apr 2023 10:49:18 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.oneclicktwofucks.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 15

OPTIONS
H2 200 event
notix.io/ 0
0 47ms
33ms Preflight
text/plain 139.45.240.92
RUBY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://notix.io/event
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.oneclicktwofucks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.oneclicktwofucks.com
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Fri, 14 Apr 2023 10:49:23 GMT
server: nginx

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
58.mylocalaffair.com/	1969-12-31 23:59:59	Name: CL_WEB Value: CL_WEB02
z87234.smartredirect.link/	1970-01-20 11:14:34	Name: AWSALB Value: gcNDgl3g+rHUIJtMqvtqRcVsgS8f/L5Iu0f41TNviPcHQdbvRarx+rHSAMsd/AY6e8N8XYwnuSaVSxO5rv8+jsKAqol/tnrdB6SokfpePYWHoJKPttQhQW1jAucy
z87234.smartredirect.link/	1969-12-31 23:59:59	Name: PHPSESSID Value: gao870g6jf67tcn1r5p7ig3uv5
.smartredirect.link/	1970-01-20 11:05:55	Name: offerit_unique_679_122_148 Value: MTAuODAzNjY4LjEyMi4xNDguMC4wLjAuMC4wLjAuMC4w
.smartredirect.link/	1970-01-20 13:14:05	Name: ocode_679_148 Value: MTAuODAzNjY4LjEyMi4xNDguMC4wLjAuMC4wLjAuMC4w
.smartredirect.link/	1970-01-20 13:14:05	Name: ocode_679 Value: MTAuODAzNjY4LjEyMi4xNDguMC4wLjAuMC4wLjAuMC4w
.smartredirect.link/	1970-01-20 13:14:05	Name: offerit_679_148_cookie Value: No+Referring+URL
.smartredirect.link/	1970-01-20 13:14:05	Name: offerit_679_148 Value: MTAuODAzNjY4LjEyMi4xNDguMC4wLjAuMC4wLjAuMC4w\|\|\|364392fb3c3c0e5.11461547
.tds.wooqi.win/	1970-01-20 11:05:55	Name: 2dcb226c-9047-4ba5-8e4c-f0dccb1c032b-v4 Value: maUI2jFsOPXe9_6uyKAHImzT7HxorivTklqlXbqOOLU
.tds.wooqi.win/	1970-01-20 19:50:05	Name: cc-v4 Value: %2FNsYjmUbk8CyvV5CkyTV6UYYkNEo%2FVYJJ7Z0HDCBhupEnUZrdulGr0PVMzLgCWcJwH5q4uSy9Iki6krnNcqjzJ54hYvjb1Vg%2F%2BDVaNdOaED6MDbV1ljDrzSsZWMag7zijA%2BB%2Fqb0UJ0i7WROknG9jQ%3D%3D
dopaleads.com/	1970-01-20 11:05:55	Name: uclick Value: b48pa0b7vr
dopaleads.com/	1970-01-20 11:05:55	Name: uclickhash Value: b48pa0b7vr-b48pa0b7vr-1za6-0-qnqd-g5bgi4-d54pwj-20440a

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://www.oneclicktwofucks.com/39451680536602765/?subid=4606&uclick=b48pa0b7vr&uclickhash=b48pa0b7vr-b48pa0b7vr-1za6-0-qnqd-g5bgi4-d54pwj-20440a(Line 7) Message: The value "false" for key "user-scalable" is invalid, and has been ignored.
rendering	warning	URL: https://www.oneclicktwofucks.com/39451680536602765/?subid=4606&uclick=b48pa0b7vr&uclickhash=b48pa0b7vr-b48pa0b7vr-1za6-0-qnqd-g5bgi4-d54pwj-20440a(Line 187) Message: The value "false" for key "user-scalable" is invalid, and has been ignored.
rendering	warning	URL: https://www.oneclicktwofucks.com/39451680536602765/script.min.js(Line 7) Message: The value "false" for key "user-scalable" is invalid, and has been ignored.
rendering	warning	URL: https://www.oneclicktwofucks.com/39451680536602765/script.min.js(Line 7) Message: The value "false" for key "user-scalable" is invalid, and has been ignored.
rendering	warning	URL: https://www.oneclicktwofucks.com/39451680536602765/script.min.js(Line 7) Message: The value "false" for key "user-scalable" is invalid, and has been ignored.
rendering	warning	URL: https://www.oneclicktwofucks.com/39451680536602765/script.min.js(Line 7) Message: The value "false" for key "user-scalable" is invalid, and has been ignored.
rendering	warning	URL: https://www.oneclicktwofucks.com/39451680536602765/script.min.js(Line 7) Message: The value "false" for key "user-scalable" is invalid, and has been ignored.
rendering	warning	URL: https://www.oneclicktwofucks.com/39451680536602765/script.min.js(Line 7) Message: The value "false" for key "user-scalable" is invalid, and has been ignored.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

58.mylocalaffair.com
dopaleads.com
localdatingfling.com
notix.io
tds.wooqi.win
www.oneclicktwofucks.com
z87234.smartredirect.link
139.45.240.92
142.93.95.250
146.185.131.178
18.192.108.151
185.36.80.2
2600:9000:211e:8000:0:fb01:9140:93a1
52.204.49.11
04a030f7d5e8db47c53d566c5627f03deb9eea40d4121d731915797a90388f92
6cccd43ec5d032e856c844490dc40f20bbe696e87f26b22230d14cbf58cc6aa0
a3213e5b84c9d0ee11ee619d6aaa614b7764261bc4140d8a812618b923f92d97
b4d7242243d52b90cfce8c83976db6338ded5b828764fbeca6cca849c3d30b34
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
fbe788cf20a1a52f7fe31d49badb5ff153a547c0421a1a525c75f5496b5f1d1c
fff4dd66aa1eda6256abec8c02829950e5750883107ebb459991e8167c139d51

www.oneclicktwofucks.com Open in urlscan Pro 2600:9000:211e:8000:0:fb01:9140:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

14 Requests

100 %HTTPS

14 %IPv6

7 Domains

7 Subdomains

2 IPs

5 Countries

185 kBTransfer

244 kBSize

12 Cookies

1 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

12 Cookies

8 Console Messages

Indicators

www.oneclicktwofucks.com Open in urlscan Pro
2600:9000:211e:8000:0:fb01:9140:93a1 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

14 %
IPv6

7
Domains

7
Subdomains

2
IPs

5
Countries

185 kB
Transfer

244 kB
Size

12
Cookies

14 HTTP transactions
0 data transactions