urlscan.io logo urlscan.io
SecurityTrails logo

www.dclicks.site Open in urlscan Pro
172.67.201.197  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://dclicks.site/e217n/index.php
Effective URL: https://www.dclicks.site/e217n/index.php
Submission: On December 05 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 7 domains to perform 16 HTTP transactions. The main IP is 172.67.201.197, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.dclicks.site.
TLS certificate: Issued by WE1 on November 4th 2024. Valid for: 3 months.
This is the only time www.dclicks.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 172.67.201.197 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.67.194.119 13335 (CLOUDFLAR...)
3 188.114.97.3 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 172.217.18.3 15169 (GOOGLE)
1 1 172.67.145.143 13335 (CLOUDFLAR...)
1 104.26.2.30 13335 (CLOUDFLAR...)
16 8
7    172.67.201.197 (United States)

ASN13335 (CLOUDFLARENET, US)
dclicks.site
www.dclicks.site
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    172.67.194.119 (United States)

ASN13335 (CLOUDFLARENET, US)
qfqbk.nxt-psh.com
3    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
qfqbk.ajscdn.com
2    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f3.1e100.net
fonts.gstatic.com
1    172.67.145.143 (United States)

ASN13335 (CLOUDFLARENET, US)
inpp-ssp-trk.trkless.com
1    104.26.2.30 (None, )

ASN13335 (CLOUDFLARENET, US)
static.imghst-de.com
Apex Domain
Subdomains		 Transfer
7 dclicks.site
dclicks.site
www.dclicks.site
251 KB
3 ajscdn.com
qfqbk.ajscdn.com
14 KB
3 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 415
fonts.googleapis.com — Cisco Umbrella Rank: 29
33 KB
2 gstatic.com
fonts.gstatic.com
37 KB
1 imghst-de.com
static.imghst-de.com — Cisco Umbrella Rank: 13122
4 KB
1 trkless.com
inpp-ssp-trk.trkless.com — Cisco Umbrella Rank: 212581
815 B
1 nxt-psh.com
qfqbk.nxt-psh.com
14 KB
16 7
Domain Requested by
6 www.dclicks.site www.dclicks.site
3 qfqbk.ajscdn.com www.dclicks.site
qfqbk.ajscdn.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com www.dclicks.site
client
1 static.imghst-de.com
1 inpp-ssp-trk.trkless.com 1 redirects
1 qfqbk.nxt-psh.com www.dclicks.site
1 ajax.googleapis.com www.dclicks.site
1 dclicks.site 1 redirects
16 9

This site contains links to these domains. Also see Links.

Domain
www.traffibox.com
Subject Issuer Validity Valid
dclicks.site
WE1		 2024-11-04 -
2025-02-02		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
nxt-psh.com
WE1		 2024-10-10 -
2025-01-08		 3 months crt.sh
ajscdn.com
WE1		 2024-11-23 -
2025-02-21		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.dclicks.site/e217n/index.php
Frame ID: AE59A7EC50B4F8A4AAD39D6E83DBF2EA
Requests: 15 HTTP requests in this frame

Frame: https://static.imghst-de.com/69b864ac-bbee-42a1-88eb-9de40dd41b4d.jpg
Frame ID: 44D53E23981C15AC5F3CEDFB8F469AAE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

DatingNSFW

Page URL History Show full URLs

  1. https://dclicks.site/e217n/index.php HTTP 301
    https://www.dclicks.site/e217n/index.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

94 %
HTTPS

25 %
IPv6

7
Domains

9
Subdomains

8
IPs

4
Countries

353 kB
Transfer

581 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://dclicks.site/e217n/index.php HTTP 301
    https://www.dclicks.site/e217n/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://inpp-ssp-trk.trkless.com/trk?s1=QgmRxgdVtwnpndW6M3fnLWMJ0yKA3xT3kp48lKDmGLiYHtC5dqLbuFmeDgBxZNPZAhJp393P0%2FW1qmTq2QekgATDWrXMV8SYKKqOcqeHNq811Hxme4lmaSNth4OATFDpkGQfn9T0gQHISKl7tR4wf0rM7u4sRxacXcGvh3nCEiIkoBHBW7o%2F2LNobb11M7F9Xocfsp4d8MpaDetrX9bAZbrejvW33gHKgspDmwZkhHLOnap9smxaMYhxv5%2BxCfvW2sqlCS9sbkOdaXWZWLiJtcc36QHzY3oQBBgL7sJfgjPneQ3sK7SHcVpgbSB2qzg1CP4PWPUTIxfAa03fhra16aWnpAj3Xw1C4mKOHbbFtfKsA3zP%2FYLCraaNz54hikkYHobwPlH%2FJd1tK1cNB24HfEBa0shCsfL2UlrQC%2BGQaogNj3vYj6atQOqj7JhB9lYFAmzHE1%2BQR2k1LBTswO2VVokjWZ34m87stsi704oqsFtRdllR%2BQMnId4T9fV6ZdUrypba%2B%2BMfI7vNFvLgvDUv6xOM2J1pPcuAYAey3n7MLgZKWbBpQLE1%2F1VvK4v7uE58HeT0M2O9wncqT5qUoifpez46bGpnxMEkKCgon82rCsJxRdZIDkRIQnsCw6zytkmkRWszKSWuyh68YmvkgZzoIxxKa0FLQH90J71wijFKTlQzk%2Fc%2Bp4CGgdzFop5k1g65ZnhNzIFqaQf%2BIexS2hdoysjD2OenEm7%2B9CNzpVIIJhCOH4WMohPJCJH4bQ%3D%3D&type=1&brid=PB06-0HN8I3RGFTS74K3NI&nrid=f3accc8b639777e9f7ccd8f7e40fee2d HTTP 302
  • https://static.imghst-de.com/69b864ac-bbee-42a1-88eb-9de40dd41b4d.jpg

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
www.dclicks.site/e217n/
Redirect Chain
  • https://dclicks.site/e217n/index.php
  • https://www.dclicks.site/e217n/index.php
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dclicks.site/e217n/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8060bb0d88184a326850e5a756f2306885da6aa0eefdb12524c881bcc38cfd84
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ed233e3be82dcb2-FRA
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Thu, 05 Dec 2024 07:08:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
referrer-policy
same-origin same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NrmXkMd1PXwLquA1JbUg%2BGtOCgyPU%2Fug6%2FAexih7BbIlMfi49SuFmX3mpCpCHzGYWOaa0n6rVXTbdvqSMBijKr3fV3fe8BB3B1gDEC%2BMY3YrsDd7%2B3tP%2Fjj7mwwv0KY1mWa9"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=6216&min_rtt=6195&rtt_var=1008&sent=15&recv=12&lost=0&retrans=0&sent_bytes=5149&recv_bytes=4935&delivery_rate=33222&cwnd=12000&unsent_bytes=0&cid=6b3cb562e04e970c&ts=96&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-permitted-cross-domain-policies
master-only master-only
x-xss-protection
1; mode=block 1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ed233e36e0ddcb2-FRA
content-type
text/html
date
Thu, 05 Dec 2024 07:08:02 GMT
location
https://www.dclicks.site/e217n/index.php
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4DseHGBpOBA%2FPIYlxIRD9WcCH%2FcWrGIJxHPhtQ8O9W8m6RFWDYt2yBIqeuC768OjEA%2FYaSJMRb%2BSFjnk%2F1PxNZZsO80sMquCTjxzoOVnpDxJFOQACWxwBai8qy1K94Q%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=6217&min_rtt=6195&rtt_var=1343&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4167&recv_bytes=4449&delivery_rate=93943&cwnd=12000&unsent_bytes=0&cid=6b3cb562e04e970c&ts=40&x=1" cfExtPri cfHdrFlush;dur=0
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
master-only
x-xss-protection
1; mode=block
styles.css
www.dclicks.site/e217n/css/ 		7 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dclicks.site/e217n/css/styles.css
Requested by
Host: www.dclicks.site
URL: https://www.dclicks.site/e217n/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e74bcc05c436d6d3534dd4193fa1f29e3f109d328034e9bce6011a14731ec35

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.dclicks.site/e217n/index.php

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"64e0d319-1c89"
age
416712
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ADEtRJrs7deMYZ4IUqskRIrdwddQ51%2Ffuu%2B754Mn4YacsLdRoU%2FISSE3UqGMcaPBaZv3O66c8F0%2FrZyv4EbjGspSgXCJ%2FS55iy83nQfFApRo1O8V0kspvOqqKNqjpaA%2BdXMh"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6230&min_rtt=6195&rtt_var=783&sent=20&recv=16&lost=0&retrans=0&sent_bytes=8988&recv_bytes=5917&delivery_rate=43746&cwnd=12000&unsent_bytes=0&cid=6b3cb562e04e970c&ts=118&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 05 Dec 2024 07:08:02 GMT
content-type
text/css
last-modified
Sat, 19 Aug 2023 14:35:05 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed233e3fef3dcb2-FRA
access-control-allow-origin
*
server
cloudflare
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.7.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js
Requested by
Host: www.dclicks.site
URL: https://www.dclicks.site/e217n/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
age
167825
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Wed, 03 Dec 2025 08:30:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 08:30:57 GMT
last-modified
Tue, 12 Sep 2023 02:38:22 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
30462
x-xss-protection
0
server
sffe
notifications.js
www.dclicks.site/e217n/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dclicks.site/e217n/js/notifications.js
Requested by
Host: www.dclicks.site
URL: https://www.dclicks.site/e217n/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9c7de620de17d3edd06df7ad292c4317359dcef409be2b3c965dc62966c0a50

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.dclicks.site/e217n/index.php

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"65b67350-629"
age
416712
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VaLCy6R8nZLJU29Oe04NTWPrbs6Uq%2FabNvoaw85SFWCZehE8HpULFSaqA2p1ZJp3mcapBv%2FPcxVheSgvNfCk57LzreTDgFaEHGNjPPfYKRHKzwRVFLz%2FD4DbHl9vIewPZ7x5"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6230&min_rtt=6195&rtt_var=783&sent=18&recv=16&lost=0&retrans=0&sent_bytes=7566&recv_bytes=5917&delivery_rate=43746&cwnd=12000&unsent_bytes=0&cid=6b3cb562e04e970c&ts=117&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 05 Dec 2024 07:08:02 GMT
content-type
application/javascript
last-modified
Sun, 28 Jan 2024 15:31:28 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed233e3fef6dcb2-FRA
access-control-allow-origin
*
server
cloudflare
pp.js
qfqbk.nxt-psh.com/ps/ 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qfqbk.nxt-psh.com/ps/pp.js?id=0Yid_sX9ik-RuOQ0JAUTvw
Requested by
Host: www.dclicks.site
URL: https://www.dclicks.site/e217n/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01b50c8b28e1e34482c0f1c49e98401957203c108425fcc569e26df93d5f560d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
accept-ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cAsWa2fG5kYlKbXTwJ70cIMA8VgMFpqL%2Fhf47VrK0pygOh13Pw8sw%2B%2FS5KsUZdksw7iiLMJ33djZufsplEwGrnwSpGTd130C3LCnR4KZu5GhruVdpuUpupwOQkFp00DvfLok8A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ed233e4a8a62bbb-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7059&min_rtt=6477&rtt_var=2170&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4267&recv_bytes=4371&delivery_rate=69077&cwnd=12000&unsent_bytes=0&cid=6371663c82d07e01&ts=49&x=1", cfHdrFlush;dur=0
date
Thu, 05 Dec 2024 07:08:02 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
ipp.js
qfqbk.ajscdn.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qfqbk.ajscdn.com/ipp.js?id=v492Teb3Dk6zc6fjGgYW2w&sub_id=175nbr
Requested by
Host: www.dclicks.site
URL: https://www.dclicks.site/e217n/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcb94164884bdb5297e3a02b15ceca881ab6f865147285d6b817614e8789192b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
accept-ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u%2BAGT0Dl4g6xdcBO1J7nSRr9qn7VP6ag6cCmuKsW9n5BOnDEBE3uq1oKJpH6ZyOeUBI0IorCFE4AvjGArS%2FxtjAJgQFw2fRxRnv8cEz1EKqliUly%2Fk3YUJzwt1tC0uFpxZLD"}],"group":"cf-nel","max_age":604800}
cf-ray
8ed233e43ae56adc-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=6122&min_rtt=5980&rtt_var=1124&sent=8&recv=11&lost=0&retrans=0&sent_bytes=4016&recv_bytes=2189&delivery_rate=601919&cwnd=250&unsent_bytes=0&cid=532177136e4ec771&ts=42&x=0"
date
Thu, 05 Dec 2024 07:08:02 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
script.js
www.dclicks.site/e217n/js/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dclicks.site/e217n/js/script.js
Requested by
Host: www.dclicks.site
URL: https://www.dclicks.site/e217n/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c50c1a2f85f42fdb9a94187a348db9d8ae0b9b1de1d82afdf9140e79be51c8b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.dclicks.site/e217n/index.php

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"64e0daf2-3ab1"
age
416712
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OtbR8Khb4ZC1wltRVzzTmoIlJkiEahhg497C%2FVAk50spH8y6bAs%2BpviXE95SrgnO8sDA%2BMr3%2BGriS62C9yKEUXwpCgMC4sMWJrdrwa0WEYaMZ%2BjiPy%2B0qs7g%2BxABfp7Z0iEi"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6230&min_rtt=6195&rtt_var=783&sent=23&recv=16&lost=0&retrans=0&sent_bytes=11796&recv_bytes=5917&delivery_rate=43746&cwnd=12000&unsent_bytes=0&cid=6b3cb562e04e970c&ts=119&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 05 Dec 2024 07:08:02 GMT
content-type
application/javascript
last-modified
Sat, 19 Aug 2023 15:08:34 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed233e3fef9dcb2-FRA
access-control-allow-origin
*
server
cloudflare
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat&subset=latin-ext
Requested by
Host: www.dclicks.site
URL: https://www.dclicks.site/e217n/css/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d2985f60e922d8796396c202ffcb9f6f6c2a57f510cb49f9babf16d025c6b058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 05 Dec 2024 07:08:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 05 Dec 2024 07:08:02 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 05 Dec 2024 07:08:02 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
x.avifs
www.dclicks.site/e217n/images/ 		233 KB
234 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dclicks.site/e217n/images/x.avifs
Requested by
Host: www.dclicks.site
URL: https://www.dclicks.site/e217n/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2da789638c3f2d5d58a5b287f28400c21028305b27c292af65dd49c9158a1f0
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.dclicks.site/e217n/index.php

Response headers

cf-cache-status
DYNAMIC
etag
"6739a34f-3a250"
x-permitted-cross-domain-policies
master-only, master-only
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JNF%2BxmvpzO7kUCvx9CPzWXQh88ODmvUEFKdqpag5tsgzVmQpD5gYaKZetxMu7HxQD0zwp6UEUAlbr%2F3oLHfD12SlxPqd%2FP4vithbWzoR7opXEDoQN8baQT3icreVuHyXR5lY"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff, nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7165&min_rtt=6195&rtt_var=1512&sent=29&recv=22&lost=0&retrans=0&sent_bytes=16850&recv_bytes=6520&delivery_rate=736914&cwnd=12000&unsent_bytes=0&cid=6b3cb562e04e970c&ts=207&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 05 Dec 2024 07:08:02 GMT
content-type
application/octet-stream
last-modified
Sun, 17 Nov 2024 08:03:27 GMT
vary
Accept-Encoding
priority
u=3,i
x-frame-options
SAMEORIGIN, SAMEORIGIN
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin, same-origin
cf-ray
8ed233e48fcedcb2-FRA
accept-ranges
bytes
content-length
238160
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v29/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v29/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat&subset=latin-ext
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f3.1e100.net
Software
sffe /
Resource Hash
1c9c85d0b73b7321eb8ed22e0b6bcd577478dd5f99d1379a5d4cea10884033ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.dclicks.site
Referer
https://fonts.googleapis.com/

Response headers

age
100353
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 04 Dec 2025 03:15:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 03:15:29 GMT
last-modified
Wed, 06 Nov 2024 17:30:39 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18792
x-xss-protection
0
server
sffe
favicon.ico
www.dclicks.site/e217n/ 		99 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.dclicks.site/e217n/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3421d5dc43d6e5a7737267736e7e392c40269714995bb60dc5556f19d43300e0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.dclicks.site/e217n/index.php

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"63483631-18da3"
age
1497708
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YpDhUAgvVrTsSvanQ7QIMBi%2BcYsIpbDhc5wAvakSCMoDhq1nD%2FlI%2BMnvmr7UF1gtAJ3Rtx1oVkX0bM7teDSeG7ensvyHDZvylhPpb5CG601T6TEtAWuE4Ji%2BlzM7CAUdI6Ul"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7532&min_rtt=6163&rtt_var=668&sent=238&recv=75&lost=0&retrans=0&sent_bytes=261372&recv_bytes=9212&delivery_rate=15237444&cwnd=132000&unsent_bytes=0&cid=6b3cb562e04e970c&ts=280&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 05 Dec 2024 07:08:02 GMT
content-type
image/x-icon
last-modified
Thu, 13 Oct 2022 16:00:49 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed233e508b4dcb2-FRA
access-control-allow-origin
*
server
cloudflare
ippfeed2
qfqbk.ajscdn.com/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://qfqbk.ajscdn.com/ippfeed2?id=v492Teb3Dk6zc6fjGgYW2w&p=https%3A//www.dclicks.site/e217n/index.php&nrid=5698c884abba451d8bd52178d24f9a2c&sub_id=175nbr
Requested by
Host: qfqbk.ajscdn.com
URL: https://qfqbk.ajscdn.com/ipp.js?id=v492Teb3Dk6zc6fjGgYW2w&sub_id=175nbr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cb7f8e343aefba72ba90c38d3f5475167ef9254dac0abba19b92800450023a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
inppu
dbf48f41-d949-4fc9-a216-03f3328b6e3b
Referer

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bv96e5VLr6u5j0iREDYNiD%2F85iBS2LYXe3js3wQbGbwyNP1iriiNX%2FtSq9QwAYlu9EXec%2FrplbFripU5jBNEzvAgwImsOWGBR%2F9W3XV5nTuip%2Fx5O3c1hcPL2G%2BtBkj4uji5"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=13113&min_rtt=5980&rtt_var=12304&sent=23&recv=20&lost=0&retrans=0&sent_bytes=16533&recv_bytes=2447&delivery_rate=601919&cwnd=254&unsent_bytes=0&cid=532177136e4ec771&ts=2254&x=0"
date
Thu, 05 Dec 2024 07:08:04 GMT
content-type
application/json; charset=utf-8
vary
Origin
cache-control
max-age=0, no-cache, no-store, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
referrer-policy
no-referrer
cf-ray
8ed233f15ab26adc-FRA
access-control-allow-origin
https://www.dclicks.site
server
cloudflare
ippfeed2
qfqbk.ajscdn.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://qfqbk.ajscdn.com/ippfeed2?id=v492Teb3Dk6zc6fjGgYW2w&p=https%3A//www.dclicks.site/e217n/index.php&nrid=5698c884abba451d8bd52178d24f9a2c&sub_id=175nbr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
inppu
Access-Control-Request-Method
GET
Origin
https://www.dclicks.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
inppu
access-control-allow-methods
GET
access-control-allow-origin
https://www.dclicks.site
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ed233f1386ff964-DUS
date
Thu, 05 Dec 2024 07:08:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=1,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oVkRAzkJByZJA3oef7Jzlv5KcB7JvX2FDIBD%2Br3Hc9JDB4ZabYIv0lEY7rYZNsa8z5lLQJSGpSjqswhtHdzuz1FBinnNEjiiwXOqv8h8CzChlHOnNDgmVF756S4u7y%2FHqqM5"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=9244&min_rtt=9068&rtt_var=2218&sent=11&recv=9&lost=0&retrans=0&sent_bytes=4217&recv_bytes=4454&delivery_rate=64712&cwnd=12000&unsent_bytes=0&cid=9c3749f541a01e43&ts=33&x=1" cfExtPri cfHdrFlush;dur=0
x-nginx
filtered
css
fonts.googleapis.com/ 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700|Roboto:400,700&subset=cyrillic
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c6710bd9e4f89f434d82297f4202f4e93b57df9049f016be41270ec171a0ced9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 05 Dec 2024 07:08:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 05 Dec 2024 07:08:04 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 05 Dec 2024 07:08:04 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
73787cd7d8d0f1954e12f7dff2d5e396b7cc930ed72a27ff15ebca30b72bd786

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Roboto:400,700&subset=cyrillic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.dclicks.site
Referer
https://fonts.googleapis.com/

Response headers

age
56881
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 04 Dec 2025 15:20:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 15:20:03 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
69b864ac-bbee-42a1-88eb-9de40dd41b4d.jpg
static.imghst-de.com/ Frame 44D5
Redirect Chain
  • https://inpp-ssp-trk.trkless.com/trk?s1=QgmRxgdVtwnpndW6M3fnLWMJ0yKA3xT3kp48lKDmGLiYHtC5dqLbuFmeDgBxZNPZAhJp393P0%2FW1qmTq2QekgATDWrXMV8SYKKqOcqeHNq811Hxme4lmaSNth4OATFDpkGQfn9T0gQHISKl7tR4wf0rM7u4...
  • https://static.imghst-de.com/69b864ac-bbee-42a1-88eb-9de40dd41b4d.jpg
3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.imghst-de.com/69b864ac-bbee-42a1-88eb-9de40dd41b4d.jpg
Protocol
H2
Server
104.26.2.30 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56bca43d2d566052f0a4bab37e1c484fe2bf7d35c6a1af1ed216c8d0eaa054a6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cf-bgj
h2pri
etag
"672cd3e6-dec"
age
6344
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R4jgsw%2BpuDk2SmaMpwlz4JT02AT7m7cWC%2F5jl0iVwvGU5FQiyv4BNnK3p8NdceHZM869cHC1ELtCojT4IhgEL%2Fzo9FBbp3V2ymj8VohSk9tVHPfkt1%2BOh%2FbIb6ZcDqYenuckd2ZY"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=7428&min_rtt=6828&rtt_var=2178&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3997&recv_bytes=2300&delivery_rate=542198&cwnd=252&unsent_bytes=0&cid=0ae600af3bf376e9&ts=26&x=0"
date
Thu, 05 Dec 2024 07:08:04 GMT
content-type
image/jpeg
last-modified
Thu, 07 Nov 2024 14:51:18 GMT
vary
Accept-Encoding
cache-control
max-age=691200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ed233f2fa699741-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
3564
server
cloudflare

Redirect headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
location
https://static.imghst-de.com/69b864ac-bbee-42a1-88eb-9de40dd41b4d.jpg
cf-cache-status
DYNAMIC
accept-ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m4xU1pNVz98s8S2TAztWLKWVrQzdi%2F43z1C0VWcFkuZ99mh8LrzHbwOIOGD0Gh9p%2FBMHgul0%2BylulmzJ%2BgqYMY8JqIcSrxq9TfMiYlHILJJ0k6Iw5kOE5zMGFe2bLi%2BvSTBvc7eoxkmPD0M%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy
no-referrer
cf-ray
8ed233f28f1d1e6c-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7003&min_rtt=6134&rtt_var=1748&sent=11&recv=9&lost=0&retrans=0&sent_bytes=4222&recv_bytes=5077&delivery_rate=95851&cwnd=12000&unsent_bytes=0&cid=f0af9da25e0e80b7&ts=39&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
0
date
Thu, 05 Dec 2024 07:08:04 GMT
server
cloudflare
priority
u=1,i

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery function| getURLParameter function| replaceCustomParams function| __showPush function| __assign function| CountUp function| a0_0x5295

4 Cookies

Domain/Path Name / Value
qfqbk.ajscdn.com/ Name: __inppu
Value: dbf48f41-d949-4fc9-a216-03f3328b6e3b
www.dclicks.site/ Name: __inppu
Value: dbf48f41-d949-4fc9-a216-03f3328b6e3b
www.dclicks.site/ Name: inpp_TTN4_EXH2
Value: 1
www.dclicks.site/ Name: inpp_TTN4_EXH2_cap
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
dclicks.site
fonts.googleapis.com
fonts.gstatic.com
inpp-ssp-trk.trkless.com
qfqbk.ajscdn.com
qfqbk.nxt-psh.com
static.imghst-de.com
www.dclicks.site
104.26.2.30
172.217.18.3
172.67.145.143
172.67.194.119
172.67.201.197
188.114.97.3
2a00:1450:4001:80e::200a
2a00:1450:4001:828::200a
01b50c8b28e1e34482c0f1c49e98401957203c108425fcc569e26df93d5f560d
0cb7f8e343aefba72ba90c38d3f5475167ef9254dac0abba19b92800450023a3
0e74bcc05c436d6d3534dd4193fa1f29e3f109d328034e9bce6011a14731ec35
1c9c85d0b73b7321eb8ed22e0b6bcd577478dd5f99d1379a5d4cea10884033ac
3421d5dc43d6e5a7737267736e7e392c40269714995bb60dc5556f19d43300e0
3c50c1a2f85f42fdb9a94187a348db9d8ae0b9b1de1d82afdf9140e79be51c8b
56bca43d2d566052f0a4bab37e1c484fe2bf7d35c6a1af1ed216c8d0eaa054a6
73787cd7d8d0f1954e12f7dff2d5e396b7cc930ed72a27ff15ebca30b72bd786
8060bb0d88184a326850e5a756f2306885da6aa0eefdb12524c881bcc38cfd84
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
a9c7de620de17d3edd06df7ad292c4317359dcef409be2b3c965dc62966c0a50
b2da789638c3f2d5d58a5b287f28400c21028305b27c292af65dd49c9158a1f0
bcb94164884bdb5297e3a02b15ceca881ab6f865147285d6b817614e8789192b
c6710bd9e4f89f434d82297f4202f4e93b57df9049f016be41270ec171a0ced9
d2985f60e922d8796396c202ffcb9f6f6c2a57f510cb49f9babf16d025c6b058
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a