urlscan.io logo urlscan.io
SecurityTrails logo

www.onclickclear.com Open in urlscan Pro
35.201.122.94  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cpitalone.top/
Effective URL: https://www.onclickclear.com/jump/next.php?r=1806311&pub_clickid=3887196660984426479123882155&sub1=35eb5ac9f85367d586cd56f96b...
Submission: On January 06 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 7 HTTP transactions. The main IP is 35.201.122.94, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is www.onclickclear.com. The Cisco Umbrella rank of the primary domain is 726694.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 1st 2021. Valid for: a year.
This is the only time www.onclickclear.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 4 64.190.62.111 47846 (SEDO-AS)
1 205.234.175.175 30081 (CACHENETW...)
1 1 173.239.53.32 36057 (WEBAIR-IN...)
2 3.33.239.202 16509 (AMAZON-02)
2 35.201.122.94 15169 (GOOGLE)
7 4
4    64.190.62.111 (Germany)

ASN47846 (SEDO-AS, DE)
cpitalone.top
1    205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net
img.sedoparking.com
1    173.239.53.32 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
xml.sedodna.com
2    3.33.239.202 (United States)

ASN16509 (AMAZON-02, US)
PTR: a4e2909a0d7f91ad3.awsglobalaccelerator.com
fadverdirect.com
2    35.201.122.94 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 94.122.201.35.bc.googleusercontent.com
www.onclickclear.com
Apex Domain
Subdomains		 Transfer
4 cpitalone.top
cpitalone.top
3 KB
2 onclickclear.com
www.onclickclear.com — Cisco Umbrella Rank: 726694
3 KB
2 fadverdirect.com
fadverdirect.com — Cisco Umbrella Rank: 87366
26 KB
1 sedodna.com
xml.sedodna.com — Cisco Umbrella Rank: 282671
642 B
1 sedoparking.com
img.sedoparking.com — Cisco Umbrella Rank: 51146
5 KB
7 5
Domain Requested by
4 cpitalone.top 2 redirects cpitalone.top
2 www.onclickclear.com www.onclickclear.com
2 fadverdirect.com cpitalone.top
1 xml.sedodna.com 1 redirects
1 img.sedoparking.com cpitalone.top
7 5

This site contains no links.

Subject Issuer Validity Valid
fadverdirect.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-04 -
2022-06-03		 a year crt.sh
onclickclear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-11-01 -
2022-11-01		 a year crt.sh

This page contains 1 frames:

Frame: https://www.onclickclear.com/jump/next.php?stamat=m%257CFSYiP-d2aQdHQAH0dEdHP3xP.600%252C7H0PozvLiGV-YkDx825CHnA5Nr8NMekTU9IOiheCeh4qLYKHwgQrf-9PMx2lc6YjKg_pwtjLuXCW8IGNS2wnYHRwu7QfPlpbNlD3_WIC50MXmkDkexKno6rnxlFiGt5_JzzSMdl4a2l-RP4KrGI5-pwGbMEOsxSgKIRuJagZ8dI%252C&cbur=0.1377182604756606&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=https%3A%2F%2Ffadverdirect.com%2F
Frame ID: 9866E5B0992ADE65540273A77CE518EC
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://cpitalone.top/ Page URL
  2. http://cpitalone.top/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DIkoSFjwC3Kk... HTTP 302
    http://cpitalone.top/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DIkoSFjwC3Kk... HTTP 302
    http://xml.sedodna.com/click?i=IkoSFjwC3Kk_0 HTTP 302
    https://fadverdirect.com/bdv_rd.dbm?ownid=klg.vmlozgrkx&enparms2=9173%2C2066843%2C3350535%2C9124%2C91... Page URL
  3. https://fadverdirect.com/bdv_rd3.dbm?frdto=674235 Page URL
  4. https://www.onclickclear.com/jump/next.php?r=1806311&pub_clickid=3887196660984426479123882155&sub1=35eb5a... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

7
Requests

57 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

35 kB
Transfer

38 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cpitalone.top/ Page URL
  2. http://cpitalone.top/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DIkoSFjwC3Kk_0&v=YmMyMTRlNjY1NGE1Mzk3ZjBmZWU0MTgyZThmMDcwZjcJMQljcGl0YWxvbmUudG9wNjFkNjZkNWFjN2FmZjguNTg5NDY1MDcJY3BpdGFsb25lLnRvcDYxZDY2ZDVhYzdiMmQyLjk2NDA4MDU0CTE2NDE0NDI2NTIJYWRfNjNfMA==&l=OAk0MDFmYzc3OTI2MDU5MzAxYWI4OGM2ZTdhNjg1YjgxMAkwCTQwCTAJNDBhMjBjMWI5OTFkYzBlNWM0NTJhMWIxZDk2OWJhZDMJMzg1NjgzOTM1CWNwaXRhbG9uZQkwCTYzCTMyCTM3CTE2NDE0NDI2NTIJMC4wMDA5MDkJTgkwCTEJMTgwNQkxMjA1CTM3MzI3MDI1Nwk5MS4yMzguODIuMTU1CTA%3D HTTP 302
    http://cpitalone.top/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DIkoSFjwC3Kk_0&v=YmMyMTRlNjY1NGE1Mzk3ZjBmZWU0MTgyZThmMDcwZjcJMQljcGl0YWxvbmUudG9wNjFkNjZkNWFjN2FmZjguNTg5NDY1MDcJY3BpdGFsb25lLnRvcDYxZDY2ZDVhYzdiMmQyLjk2NDA4MDU0CTE2NDE0NDI2NTIJYWRfNjNfMA==&l=OAk0MDFmYzc3OTI2MDU5MzAxYWI4OGM2ZTdhNjg1YjgxMAkwCTQwCTAJNDBhMjBjMWI5OTFkYzBlNWM0NTJhMWIxZDk2OWJhZDMJMzg1NjgzOTM1CWNwaXRhbG9uZQkwCTYzCTMyCTM3CTE2NDE0NDI2NTIJMC4wMDA5MDkJTgkwCTEJMTgwNQkxMjA1CTM3MzI3MDI1Nwk5MS4yMzguODIuMTU1CTA%3D HTTP 302
    http://xml.sedodna.com/click?i=IkoSFjwC3Kk_0 HTTP 302
    https://fadverdirect.com/bdv_rd.dbm?ownid=klg.vmlozgrkx&enparms2=9173%2C2066843%2C3350535%2C9124%2C9125%2C11423%2C9174%2C0%2C0%2C9128%2C0%2C2064454%2C674235%2C50854%2C115423453719%2C206235750%2Cklg.vmlozgrkx&u_agnt=a2fdad25d911a8a4b39828759d282361&skter=tmrkklsh%20vml%20ozgrkzx%2Cmrtlo%20vml%20ozgrkzx%2Cpmzy%20vml%20ozgrkzx%2C063%20vml%20ozgrkzx%2Cvmlozgrkzx%2Cvml%20ozgrkzx%2Cvmlozgrkx&czero=-1&cstate=mvhhvs&skwdb=MLI&ccntry=VW&cctid=384&chsh=35eb5ac9f85367d586cd56f96b42f2e3&rn=303024244189&cf=24&frdto=674235 Page URL
  3. https://fadverdirect.com/bdv_rd3.dbm?frdto=674235 Page URL
  4. https://www.onclickclear.com/jump/next.php?r=1806311&pub_clickid=3887196660984426479123882155&sub1=35eb5ac9f85367d586cd56f96b42f2e3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • http://cpitalone.top/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DIkoSFjwC3Kk_0&v=YmMyMTRlNjY1NGE1Mzk3ZjBmZWU0MTgyZThmMDcwZjcJMQljcGl0YWxvbmUudG9wNjFkNjZkNWFjN2FmZjguNTg5NDY1MDcJY3BpdGFsb25lLnRvcDYxZDY2ZDVhYzdiMmQyLjk2NDA4MDU0CTE2NDE0NDI2NTIJYWRfNjNfMA==&l=OAk0MDFmYzc3OTI2MDU5MzAxYWI4OGM2ZTdhNjg1YjgxMAkwCTQwCTAJNDBhMjBjMWI5OTFkYzBlNWM0NTJhMWIxZDk2OWJhZDMJMzg1NjgzOTM1CWNwaXRhbG9uZQkwCTYzCTMyCTM3CTE2NDE0NDI2NTIJMC4wMDA5MDkJTgkwCTEJMTgwNQkxMjA1CTM3MzI3MDI1Nwk5MS4yMzguODIuMTU1CTA%3D HTTP 302
  • http://cpitalone.top/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DIkoSFjwC3Kk_0&v=YmMyMTRlNjY1NGE1Mzk3ZjBmZWU0MTgyZThmMDcwZjcJMQljcGl0YWxvbmUudG9wNjFkNjZkNWFjN2FmZjguNTg5NDY1MDcJY3BpdGFsb25lLnRvcDYxZDY2ZDVhYzdiMmQyLjk2NDA4MDU0CTE2NDE0NDI2NTIJYWRfNjNfMA==&l=OAk0MDFmYzc3OTI2MDU5MzAxYWI4OGM2ZTdhNjg1YjgxMAkwCTQwCTAJNDBhMjBjMWI5OTFkYzBlNWM0NTJhMWIxZDk2OWJhZDMJMzg1NjgzOTM1CWNwaXRhbG9uZQkwCTYzCTMyCTM3CTE2NDE0NDI2NTIJMC4wMDA5MDkJTgkwCTEJMTgwNQkxMjA1CTM3MzI3MDI1Nwk5MS4yMzguODIuMTU1CTA%3D HTTP 302
  • http://xml.sedodna.com/click?i=IkoSFjwC3Kk_0 HTTP 302
  • https://fadverdirect.com/bdv_rd.dbm?ownid=klg.vmlozgrkx&enparms2=9173%2C2066843%2C3350535%2C9124%2C9125%2C11423%2C9174%2C0%2C0%2C9128%2C0%2C2064454%2C674235%2C50854%2C115423453719%2C206235750%2Cklg.vmlozgrkx&u_agnt=a2fdad25d911a8a4b39828759d282361&skter=tmrkklsh%20vml%20ozgrkzx%2Cmrtlo%20vml%20ozgrkzx%2Cpmzy%20vml%20ozgrkzx%2C063%20vml%20ozgrkzx%2Cvmlozgrkzx%2Cvml%20ozgrkzx%2Cvmlozgrkx&czero=-1&cstate=mvhhvs&skwdb=MLI&ccntry=VW&cctid=384&chsh=35eb5ac9f85367d586cd56f96b42f2e3&rn=303024244189&cf=24&frdto=674235

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
cpitalone.top/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://cpitalone.top/
Protocol
HTTP/1.1
Server
64.190.62.111 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software
NginX /
Resource Hash
f58fbec523ef6fead36357a428940734a266229e11245a4d282e0b5fc169fadf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 06 Jan 2022 04:17:32 GMT
content-type
text/html; charset=UTF-8
transfer-encoding
chunked
vary
Accept-Encoding
expires
Mon, 26 Jul 1997 05:00:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_wlVvajR7VxdM7gT9Jd+KJbYF4V69aWkgZWQ1ThL0wHwlv5dVJe629ad7tJZuS6xUszKkQIikAR9r/yj5kr3gkg==
last-modified
Thu, 06 Jan 2022 04:17:30 GMT
x-cache-miss-from
parking-78bc4f798d-cpmgj
server
NginX
content-encoding
gzip
js_preloader.gif
img.sedoparking.com/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.sedoparking.com/images/js_preloader.gif
Requested by
Host: cpitalone.top
URL: http://cpitalone.top/
Protocol
HTTP/1.1
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
5f6ad7031600056b578a6e8c6b34bc718d13125cc8256aa4a9050e549576f81a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://cpitalone.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 06 Jan 2022 04:17:32 GMT
X-CF3
M
CF4ttl
31536000.000
X-CFHash
"90c93102a88c2ab94bff1575b7a6e86e"
X-CF1
11696:fD.fra2:cf:cacheN.fra2-01:H
Connection
keep-alive
Content-Length
4254
x-cf-tsc
1616487030
X-CF2
H
Last-Modified
Fri, 15 Mar 2019 12:24:07 GMT
Server
CFS 0215
X-CFF
B
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
CF4Age
0
Accept-Ranges
bytes
Expires
Thu, 13 Jan 2022 04:17:32 GMT
tsc.php
cpitalone.top/search/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://cpitalone.top/search/tsc.php?200=Mzg1NjgzOTM1&21=OTEuMjM4LjgyLjE1NQ==&681=MTY0MTQ0MjY1MjNmYjYyNWY4MjZjMzg2YWVkNTI5NGMzNjYyYTUwMTM1&crc=80574e2893b23d597323e1c99f790618291c3a04&cv=1
Requested by
Host: cpitalone.top
URL: http://cpitalone.top/
Protocol
HTTP/1.1
Server
64.190.62.111 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software
NginX /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://cpitalone.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 04:17:32 GMT
x-cache-miss-from
parking-78bc4f798d-x6gjq
server
NginX
content-length
0
content-type
text/html; charset=UTF-8
bdv_rd.dbm
fadverdirect.com/
Redirect Chain
  • http://cpitalone.top/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DIkoSFjwC3Kk_0&v=YmMyMTRlNjY1NGE1Mzk3ZjBmZWU0MTgyZThmMDcwZjcJMQljcGl0YWxvbmUudG9wNjFkNjZkNWFjN2FmZjguNTg5NDY1MDc...
  • http://cpitalone.top/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DIkoSFjwC3Kk_0&v=YmMyMTRlNjY1NGE1Mzk3ZjBmZWU0MTgyZThmMDcwZjcJMQljcGl0YWxvbmUudG9wNjFkNjZkNWFjN2FmZjguNTg5NDY1MDc...
  • http://xml.sedodna.com/click?i=IkoSFjwC3Kk_0
  • https://fadverdirect.com/bdv_rd.dbm?ownid=klg.vmlozgrkx&enparms2=9173%2C2066843%2C3350535%2C9124%2C9125%2C11423%2C9174%2C0%2C0%2C9128%2C0%2C2064454%2C674235%2C50854%2C115423453719%2C206235750%2Cklg...
24 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fadverdirect.com/bdv_rd.dbm?ownid=klg.vmlozgrkx&enparms2=9173%2C2066843%2C3350535%2C9124%2C9125%2C11423%2C9174%2C0%2C0%2C9128%2C0%2C2064454%2C674235%2C50854%2C115423453719%2C206235750%2Cklg.vmlozgrkx&u_agnt=a2fdad25d911a8a4b39828759d282361&skter=tmrkklsh%20vml%20ozgrkzx%2Cmrtlo%20vml%20ozgrkzx%2Cpmzy%20vml%20ozgrkzx%2C063%20vml%20ozgrkzx%2Cvmlozgrkzx%2Cvml%20ozgrkzx%2Cvmlozgrkx&czero=-1&cstate=mvhhvs&skwdb=MLI&ccntry=VW&cctid=384&chsh=35eb5ac9f85367d586cd56f96b42f2e3&rn=303024244189&cf=24&frdto=674235
Requested by
Host: cpitalone.top
URL: http://cpitalone.top/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.239.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a4e2909a0d7f91ad3.awsglobalaccelerator.com
Software
Microsoft-IIS/8.5 / PHP/7.3.7 ASP.NET
Resource Hash
abdefa65a894479f51849e91534e2904c492c75cb4cc1e016e4f2b54bd41a3bf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://cpitalone.top/

Response headers

Content-Type
text/html; charset=UTF-8
Server
Microsoft-IIS/8.5
X-Powered-By
PHP/7.3.7 ASP.NET
Date
Thu, 06 Jan 2022 04:17:26 GMT
Content-Length
24833
Vary
Accept-Encoding

Redirect headers

Cache-Control
no-store
Content-Length
0
Age
0
Connection
keep-alive
Location
https://fadverdirect.com/bdv_rd.dbm?ownid=klg.vmlozgrkx&enparms2=9173%2C2066843%2C3350535%2C9124%2C9125%2C11423%2C9174%2C0%2C0%2C9128%2C0%2C2064454%2C674235%2C50854%2C115423453719%2C206235750%2Cklg.vmlozgrkx&u_agnt=a2fdad25d911a8a4b39828759d282361&skter=tmrkklsh%20vml%20ozgrkzx%2Cmrtlo%20vml%20ozgrkzx%2Cpmzy%20vml%20ozgrkzx%2C063%20vml%20ozgrkzx%2Cvmlozgrkzx%2Cvml%20ozgrkzx%2Cvmlozgrkx&czero=-1&cstate=mvhhvs&skwdb=MLI&ccntry=VW&cctid=384&chsh=35eb5ac9f85367d586cd56f96b42f2e3&rn=303024244189&cf=24&frdto=674235
Pragma
no-cache
bdv_rd3.dbm
fadverdirect.com/ 		878 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fadverdirect.com/bdv_rd3.dbm?frdto=674235
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.239.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a4e2909a0d7f91ad3.awsglobalaccelerator.com
Software
Microsoft-IIS/8.5 / PHP/7.3.7 ASP.NET
Resource Hash
b56c201148ceea48d5482e803e8086c73f70287db5fb8f040bf4f3a272a9c2d6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Frame-Options deny

Request headers

Upgrade-Insecure-Requests
1
Origin
https://fadverdirect.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fadverdirect.com/bdv_rd.dbm?ownid=klg.vmlozgrkx&enparms2=9173%2C2066843%2C3350535%2C9124%2C9125%2C11423%2C9174%2C0%2C0%2C9128%2C0%2C2064454%2C674235%2C50854%2C115423453719%2C206235750%2Cklg.vmlozgrkx&u_agnt=a2fdad25d911a8a4b39828759d282361&skter=tmrkklsh%20vml%20ozgrkzx%2Cmrtlo%20vml%20ozgrkzx%2Cpmzy%20vml%20ozgrkzx%2C063%20vml%20ozgrkzx%2Cvmlozgrkzx%2Cvml%20ozgrkzx%2Cvmlozgrkx&czero=-1&cstate=mvhhvs&skwdb=MLI&ccntry=VW&cctid=384&chsh=35eb5ac9f85367d586cd56f96b42f2e3&rn=303024244189&cf=24&frdto=674235

Response headers

Content-Type
text/html; charset=utf-8
Server
Microsoft-IIS/8.5
X-Powered-By
PHP/7.3.7 ASP.NET
X-Frame-Options
deny
Content-Security-Policy
frame-ancestors 'none'
Referrer-Polic
no-referrer
Date
Thu, 06 Jan 2022 04:17:26 GMT
Content-Length
878
Vary
Accept-Encoding
Primary Request next.php
www.onclickclear.com/jump/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.onclickclear.com/jump/next.php?r=1806311&pub_clickid=3887196660984426479123882155&sub1=35eb5ac9f85367d586cd56f96b42f2e3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.122.94 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
94.122.201.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
5326e5747b13f56f9d9afa6655a5589809b0cf9eb375b5fefa1ae94357a809c0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fadverdirect.com/

Response headers

server
openresty
date
Thu, 06 Jan 2022 04:17:33 GMT
content-type
text/html; charset=utf-8
access-control-allow-origin
*
content-encoding
gzip
via
1.1 google
alt-svc
clear
next.php
www.onclickclear.com/jump/ 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.onclickclear.com/jump/next.php?stamat=m%257CFSYiP-d2aQdHQAH0dEdHP3xP.600%252C7H0PozvLiGV-YkDx825CHnA5Nr8NMekTU9IOiheCeh4qLYKHwgQrf-9PMx2lc6YjKg_pwtjLuXCW8IGNS2wnYHRwu7QfPlpbNlD3_WIC50MXmkDkexKno6rnxlFiGt5_JzzSMdl4a2l-RP4KrGI5-pwGbMEOsxSgKIRuJagZ8dI%252C&cbur=0.1377182604756606&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=https%3A%2F%2Ffadverdirect.com%2F
Requested by
Host: www.onclickclear.com
URL: https://www.onclickclear.com/jump/next.php?r=1806311&pub_clickid=3887196660984426479123882155&sub1=35eb5ac9f85367d586cd56f96b42f2e3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.122.94 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
94.122.201.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
openresty
date
Thu, 06 Jan 2022 04:17:33 GMT
access-control-allow-origin
*
via
1.1 google
alt-svc
clear

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| inIframe function| checkDocumentBody function| documentAsyncWriteElementFromHtml function| ReopenUrlBuilder object| browser function| isFraud function| preppopedRedirect

2 Cookies

Domain/Path Name / Value
fadverdirect.com/ Name: CF1604fd084b8a0bdcfb32308e28ef9dc4
Value: 1641442647000
fadverdirect.com/ Name: C1604fd084b8a0bdcfb32308e28ef9dc4_js
Value: 1641529053298