www.onclickclear.com

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 5 HTTP transactions. The main IP is 35.201.122.94, located in Ann Arbor, United States and belongs to GOOGLE - Google LLC, US. The main domain is www.onclickclear.com.

This is the only time www.onclickclear.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	107.180.41.48 107.180.41.48	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com)
1	2400:cb00:204... 2400:cb00:2048:1::6818:71ba	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 2	185.66.200.161 185.66.200.161	201702 (SKHOSTING-EU) (SKHOSTING-EU)
2	35.201.122.94 35.201.122.94	15169 (GOOGLE) (GOOGLE - Google LLC)
5	4

1 107.180.41.48 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-107-180-41-48.ip.secureserver.net

futureinsurance.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:cb00:2048:1::6818:71ba (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

gamtrot.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.66.200.161 (Slovakia) 1 redirects

ASN201702 (SKHOSTING-EU, SK)
PTR: p1.yllix.com

ylx-4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
redir.ylx-4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.122.94 (Ann Arbor, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 94.122.201.35.bc.googleusercontent.com

www.onclickclear.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	onclickclear.com www.onclickclear.com	2 KB
2	ylx-4.com 1 redirects ylx-4.com redir.ylx-4.com	893 B
1	gamtrot.xyz gamtrot.xyz
1	futureinsurance.ca futureinsurance.ca	616 B
5	4

	Domain	Requested by
2	www.onclickclear.com	redir.ylx-4.com www.onclickclear.com
1	redir.ylx-4.com
1	ylx-4.com	1 redirects
1	gamtrot.xyz	futureinsurance.ca
1	futureinsurance.ca
5	5

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 2 frames:

Frame: http://www.onclickclear.com/jump/next.php?stamat=m%7C%2Ck9iK-o3frB1dAN0dEdHP3xP.7c1%2C3yTdAVUW8xRMazaPnyK3xa5Kjj_1wp46AImnpWdJQmxsYV9RJ94ChhmoU2jdB0x7k4_TF9N8ZTkWhw42_eWf65M_d3QTJ3pQpZflv8nCpiw%2C&cbrandom=0.7979338375335607&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=http%3A%2F%2Fredir.ylx-4.com%2F%3Fhttp%3A%2F%2Fwww.onclickclear.com%2Fjump%2Fnext.php%3Fr%3D306951%26sub1%3D961318
Frame ID: E3E8D0FD181EF83E75AB6441819BBA1D
Requests: 4 HTTP requests in this frame

Frame: http://gamtrot.xyz///fcb/en/
Frame ID: EE53324E16F7ADB4AAE730E3A205A905
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://futureinsurance.ca/DSReN//fcb/en/ Page URL
http://ylx-4.com/fullpage.php?section=Redirected_Desktop_Traffic&pub=961318&ga=g HTTP 302
http://redir.ylx-4.com/?http://www.onclickclear.com/jump/next.php?r=306951&sub1=961318 Page URL
http://www.onclickclear.com/jump/next.php?r=306951&sub1=961318 Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Page Statistics

5
Requests

0 %
HTTPS

25 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

3 kB
Transfer

6 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://futureinsurance.ca/DSReN//fcb/en/ Page URL
http://ylx-4.com/fullpage.php?section=Redirected_Desktop_Traffic&pub=961318&ga=g HTTP 302
http://redir.ylx-4.com/?http://www.onclickclear.com/jump/next.php?r=306951&sub1=961318 Page URL
http://www.onclickclear.com/jump/next.php?r=306951&sub1=961318 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

http://ylx-4.com/fullpage.php?section=Redirected_Desktop_Traffic&pub=961318&ga=g HTTP 302
http://redir.ylx-4.com/?http://www.onclickclear.com/jump/next.php?r=306951&sub1=961318

5 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response futureinsurance.ca/DSReN//fcb/en/	771 B 616 B	112ms 112ms	Document text/html	107.180.41.48 GoDaddy.com
General Check archive.org Show headers Download Go to Full URL http://futureinsurance.ca/DSReN//fcb/en/ Protocol HTTP/1.1 Server 107.180.41.48 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US), Reverse DNS ip-107-180-41-48.ip.secureserver.net Software Apache / PHP/5.4.45 Resource Hash `aaf6e6708b75e4acdb0229588285cee71180f1a10ce1da9518f4d5ab720333ff` Request headers Host futureinsurance.ca Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id E3E8D0FD181EF83E75AB6441819BBA1D Response headers Date Thu, 05 Jul 2018 23:06:22 GMT Server Apache X-Powered-By PHP/5.4.45 Vary Accept-Encoding,User-Agent Content-Encoding gzip Content-Length 367 Keep-Alive timeout=5 Connection Keep-Alive Content-Type text/html
GET H/1.1	404 Not Found	Cookie set / gamtrot.xyz///fcb/en/ Frame EE53	0 0	56ms 56ms	Document text/html	2400:cb00:2048:1::6818:71ba Cloudflare
General Check archive.org Show headers Download Go to Full URL http://gamtrot.xyz///fcb/en/ Requested by Host: futureinsurance.ca URL: http://futureinsurance.ca/DSReN//fcb/en/ Protocol HTTP/1.1 Server 2400:cb00:2048:1::6818:71ba , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / PHP/5.6.33 Resource Hash Request headers Host gamtrot.xyz Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Referer http://futureinsurance.ca/DSReN//fcb/en/ Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id E3E8D0FD181EF83E75AB6441819BBA1D Referer http://futureinsurance.ca/DSReN//fcb/en/ Response headers Date Thu, 05 Jul 2018 23:06:22 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=d5affb9cf0883216ee4244ba720ed4d6c1530831982; expires=Fri, 05-Jul-19 23:06:22 GMT; path=/; domain=.gamtrot.xyz; HttpOnly X-Powered-By PHP/5.6.33 Server cloudflare CF-RAY 435d7b52767c6355-FRA Content-Encoding gzip
GET H/1.1	200 OK	/ redir.ylx-4.com/ Redirect Chain http://ylx-4.com/fullpage.php?section=Redirected_Desktop_Traffic&pub=961318&ga=g http://redir.ylx-4.com/?http://www.onclickclear.com/jump/next.php?r=306951&sub1=961318	382 B 450 B	52ms 26ms	Document text/html	185.66.200.161 SKHOSTING-EU
General Check archive.org Show headers Download Go to Full URL http://redir.ylx-4.com/?http://www.onclickclear.com/jump/next.php?r=306951&sub1=961318 Protocol HTTP/1.1 Server 185.66.200.161 , Slovakia, ASN201702 (SKHOSTING-EU, SK), Reverse DNS p1.yllix.com Software nginx / Resource Hash Request headers Host redir.ylx-4.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Referer http://gamtrot.xyz/pubs.php Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id E3E8D0FD181EF83E75AB6441819BBA1D Referer http://gamtrot.xyz/pubs.php Response headers Server nginx Date Thu, 05 Jul 2018 23:06:22 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection close Content-Encoding gzip Redirect headers Server nginx Date Thu, 05 Jul 2018 23:06:22 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection close Expires Sun, 01 Jan 1900 00:00:00 GMT Cache-Control no-store, no-cache, must-revalidate post-check=0, pre-check=0 Pragma no-cache X-Robots-Tag noindex,nofollow Location http://redir.ylx-4.com/?http://www.onclickclear.com/jump/next.php?r=306951&sub1=961318
GET H/1.1	200 OK	Primary Request next.php Show response www.onclickclear.com/jump/	5 KB 2 KB	201ms 143ms	Document text/html	35.201.122.94 Google LLC
General Check archive.org Show headers Download Go to Full URL http://www.onclickclear.com/jump/next.php?r=306951&sub1=961318 Requested by Host: redir.ylx-4.com URL: http://redir.ylx-4.com/?http://www.onclickclear.com/jump/next.php?r=306951&sub1=961318 Protocol HTTP/1.1 Server 35.201.122.94 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 94.122.201.35.bc.googleusercontent.com Software openresty / Resource Hash `a86c596bc60f4798de82630f088d26fffe5b9e90d1f99df01b9c876509b9f83a` Request headers Host www.onclickclear.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Referer http://redir.ylx-4.com/?http://www.onclickclear.com/jump/next.php?r=306951&sub1=961318 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id E3E8D0FD181EF83E75AB6441819BBA1D Referer http://redir.ylx-4.com/?http://www.onclickclear.com/jump/next.php?r=306951&sub1=961318 Response headers Server openresty Date Thu, 05 Jul 2018 23:06:23 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Vary Accept-Encoding Referrer-Policy no-referrer Link <//www.onclickclear.com>; rel=dns-prefetch,<//www.onclickclear.com>; rel=preconnect Content-Encoding gzip Via 1.1 google
GET H/1.1	204 No Content	next.php www.onclickclear.com/jump/	0 0	133ms 133ms	Document text/plain	35.201.122.94 Google LLC
General Check archive.org Show headers Download Go to Full URL http://www.onclickclear.com/jump/next.php?stamat=m%7C%2Ck9iK-o3frB1dAN0dEdHP3xP.7c1%2C3yTdAVUW8xRMazaPnyK3xa5Kjj_1wp46AImnpWdJQmxsYV9RJ94ChhmoU2jdB0x7k4_TF9N8ZTkWhw42_eWf65M_d3QTJ3pQpZflv8nCpiw%2C&cbrandom=0.7979338375335607&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=http%3A%2F%2Fredir.ylx-4.com%2F%3Fhttp%3A%2F%2Fwww.onclickclear.com%2Fjump%2Fnext.php%3Fr%3D306951%26sub1%3D961318 Requested by Host: www.onclickclear.com URL: http://www.onclickclear.com/jump/next.php?r=306951&sub1=961318 Protocol HTTP/1.1 Server 35.201.122.94 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 94.122.201.35.bc.googleusercontent.com Software openresty / Resource Hash Request headers Host www.onclickclear.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id E3E8D0FD181EF83E75AB6441819BBA1D Response headers Server openresty Date Thu, 05 Jul 2018 23:06:23 GMT Referrer-Policy no-referrer Vary Accept-Encoding Via 1.1 google

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.gamtrot.xyz/	1970-01-19 01:59:27	Name: __cfduid Value: d5affb9cf0883216ee4244ba720ed4d6c1530831982

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

futureinsurance.ca
gamtrot.xyz
redir.ylx-4.com
www.onclickclear.com
ylx-4.com
107.180.41.48
185.66.200.161
2400:cb00:2048:1::6818:71ba
35.201.122.94
a86c596bc60f4798de82630f088d26fffe5b9e90d1f99df01b9c876509b9f83a
aaf6e6708b75e4acdb0229588285cee71180f1a10ce1da9518f4d5ab720333ff

www.onclickclear.com Open in urlscan Pro 35.201.122.94 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

5 Requests

0 %HTTPS

25 %IPv6

4 Domains

5 Subdomains

4 IPs

2 Countries

3 kBTransfer

6 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

1 Cookies

Indicators

www.onclickclear.com Open in urlscan Pro
35.201.122.94 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

0 %
HTTPS

25 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

3 kB
Transfer

6 kB
Size

1
Cookies

5 HTTP transactions
0 data transactions