Submitted URL: http://comericabenefitehr.com/
Effective URL: https://www.google.com/
Submission: On May 27 via api from US — Scanned from US

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 7 HTTP transactions. The main IP is 2607:f8b0:4006:80e::2004, located in and belongs to . The main domain is www.google.com.
TLS certificate: Issued by GTS CA 1C3 on May 6th 2024. Valid for: 3 months.
This is the only time www.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.224.212.213 133618 (TRELLIAN-...)
1 2 103.224.182.206 133618 (TRELLIAN-...)
1 2 52.117.247.211 36351 (SOFTLAYER)
1 52.116.53.146 36351 (SOFTLAYER)
1 1 3.93.251.206 ()
2 2607:f8b0:400... ()
7 6
Apex Domain
Subdomains
Transfer
2 google.com
www.google.com
1 KB
2 myckdom.com
myckdom.com — Cisco Umbrella Rank: 349286
p249699.myckdom.com
2 KB
2 fomiln.com
fomiln.com — Cisco Umbrella Rank: 390433
2 KB
1 securewponline.com
securewponline.com
658 B
1 clkdeals.com
clkdeals.com — Cisco Umbrella Rank: 359625
302 B
1 comericabenefitehr.com
comericabenefitehr.com
4 KB
7 6
Domain Requested by
2 www.google.com p249699.myckdom.com
www.google.com
2 fomiln.com 1 redirects comericabenefitehr.com
1 securewponline.com 1 redirects
1 clkdeals.com p249699.myckdom.com
1 p249699.myckdom.com fomiln.com
1 myckdom.com 1 redirects
1 comericabenefitehr.com
7 7

This site contains no links.

Subject Issuer Validity Valid
gaysupersize.com
R3
2024-04-30 -
2024-07-29
3 months crt.sh
zangu.com
R3
2024-03-28 -
2024-06-26
3 months crt.sh
*.myckdom.com
Sectigo RSA Domain Validation Secure Server CA
2024-03-14 -
2025-03-20
a year crt.sh
www.clkdeals.com
Sectigo RSA Domain Validation Secure Server CA
2023-12-18 -
2024-12-29
a year crt.sh
*.google.com
GTS CA 1C3
2024-05-06 -
2024-07-29
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.google.com/
Frame ID: 103B0BD9A1D69649B47D4378A2706DFB
Requests: 7 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://comericabenefitehr.com/ HTTP 307
    https://comericabenefitehr.com/ Page URL
  2. http://fomiln.com/jr.php?gz=CrVDBSxfG1g7QzJE4oAym349fkxwaVU5WjVPWDJ3VGZvOTY4ODE2K3cveDhyYXFQbn... HTTP 307
    https://fomiln.com/jr.php?gz=CrVDBSxfG1g7QzJE4oAym349fkxwaVU5WjVPWDJ3VGZvOTY4ODE2K3cveDhyYXFQbn... HTTP 302
    https://fomiln.com/jr.php?gz=CrVDBSxfG1g7QzJE4oAym349fkxwaVU5WjVPWDJ3VGZvOTY4ODE2K3cveDhyYXFQbn... Page URL
  3. https://myckdom.com/aS/sfclick?u=f635bd04-e35b-4844-b901-99ae1884d820 HTTP 302
    https://p249699.myckdom.com/adServe/domainClick?ai=OsW9fSXKwqhs4Nk0N3T175hXDnA7furQ4SbPz2OJtljtmEokMxqCL... Page URL
  4. https://securewponline.com/mc-test/7eed5980b46b5623d196ba54858839ac/index.php?utm_source=72&utm_campaig... HTTP 302
    https://www.google.com/ Page URL

Page Statistics

7
Requests

71 %
HTTPS

17 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

6 kB
Transfer

212 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://comericabenefitehr.com/ HTTP 307
    https://comericabenefitehr.com/ Page URL
  2. http://fomiln.com/jr.php?gz=CrVDBSxfG1g7QzJE4oAym349fkxwaVU5WjVPWDJ3VGZvOTY4ODE2K3cveDhyYXFQbnZGcEQ5VkwrNUJpek52ME9mUVNvK3VYZ1Rub2tLOStJOUZVN3pTeXJtSzJFVWlMWEw0QkVCaUNJTGF0eW0vMzdVdk9OTUV1dlYvY0xHaDNnUzdrNGFxVDNXa0w5QUJxNFVnZnY5eTdMT290R0Y0TlBENDlQU0tPY1hXMTR3SFNkR1NQQWJ3bnhxVndZOFRST3JxMlh1T3ZaZ1Z2c2U0RUdkTTMrc3RXcGEwOGxDODgwS0ViZVFkNWUxMTRlUVluVXNrR0RuZXFUcHZRcCttNjFyZ3lwR2pVZ1ovVENWclNxWWhNSSt3SzBWSkRHTktMejZRZVZBall4NnZPYVFkcXlxNlQrMHhVdi84ZWVkeHpCRWFySmQyNG15N1dIWUlGeUhmWUdtZjlkcC9mcTNNaVlydFVQSGFUYzZpRjVHbTVGVnlldXNaNzd6MVlzS3JrUzcwbUp2dVlXa1RQZXVpbWptajBTTFRmbjloQW1qalF6YklmU3E2VVplQ2lIUzhQb1lETGhjWWdPcDJEZFdKNlJLOTVjMnZCTWZOTnUzM2c3WGlEeTFYNGlKR1pEYmhJZlN6ZEwxRGw2VWtRVlpGTDJ0S21XUjdNcVVMbmVTUVhnLzBoN3ViZ3U1dVo0R1VXbHF5ejREM1FRRWNqMCtyUjVNUXNPdDNaZUlJaU5oRFNjWFhuWXc5a2pyZTdRczBSTEJ6OTE0elRHSm15NW5EOGI0WUU0T0Y1YzNFT2VDNTlHMlNGb2krenIwTWJxQWtTTFVhaFJoZEMyK2dDYzgrQ3pHWVE3QURkaVdidHl0UGNwOUMxdmhSeGprdlFqVU01RmFqUmNValZHYW1wSHFBN0lHaHZiTnAyL2h6MEJ5NlpEZUY2dG9IdXUwZGFYelF4akt5UFlkZjVwSU0vbEtkVGlCUFdZYWlXM2M2alBuL3VyeW45NzlXWXoyem5uaHpwQVJWNkJkV2VCY0F4VTh5K1djWXJrMGsvYTNXZXpwblVwZW9zNmdkbHhPVHAwVURUSWd0L1hpVDdlNEZ2bE8rWlk3dzRUZmNlL2lSdDVPcm84d2JxRVJuaWF5TlZlcUREWGVQdHZPSjF1UUJlUDRJSDlyQWtQL2YwRkpndExJb3dEZDI5MmVoekM3bzhPTjhTT3FSTDFzb1pxVmRMQ0tpc2tZYThnbWo5NXFMYi9GSm5xSE04V245YnZlbUhtWT0%3D&vs=1600:1200&ds=1600:1200&sl=20:20&os=f&nos=f&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine&anura_res= HTTP 307
    https://fomiln.com/jr.php?gz=CrVDBSxfG1g7QzJE4oAym349fkxwaVU5WjVPWDJ3VGZvOTY4ODE2K3cveDhyYXFQbnZGcEQ5VkwrNUJpek52ME9mUVNvK3VYZ1Rub2tLOStJOUZVN3pTeXJtSzJFVWlMWEw0QkVCaUNJTGF0eW0vMzdVdk9OTUV1dlYvY0xHaDNnUzdrNGFxVDNXa0w5QUJxNFVnZnY5eTdMT290R0Y0TlBENDlQU0tPY1hXMTR3SFNkR1NQQWJ3bnhxVndZOFRST3JxMlh1T3ZaZ1Z2c2U0RUdkTTMrc3RXcGEwOGxDODgwS0ViZVFkNWUxMTRlUVluVXNrR0RuZXFUcHZRcCttNjFyZ3lwR2pVZ1ovVENWclNxWWhNSSt3SzBWSkRHTktMejZRZVZBall4NnZPYVFkcXlxNlQrMHhVdi84ZWVkeHpCRWFySmQyNG15N1dIWUlGeUhmWUdtZjlkcC9mcTNNaVlydFVQSGFUYzZpRjVHbTVGVnlldXNaNzd6MVlzS3JrUzcwbUp2dVlXa1RQZXVpbWptajBTTFRmbjloQW1qalF6YklmU3E2VVplQ2lIUzhQb1lETGhjWWdPcDJEZFdKNlJLOTVjMnZCTWZOTnUzM2c3WGlEeTFYNGlKR1pEYmhJZlN6ZEwxRGw2VWtRVlpGTDJ0S21XUjdNcVVMbmVTUVhnLzBoN3ViZ3U1dVo0R1VXbHF5ejREM1FRRWNqMCtyUjVNUXNPdDNaZUlJaU5oRFNjWFhuWXc5a2pyZTdRczBSTEJ6OTE0elRHSm15NW5EOGI0WUU0T0Y1YzNFT2VDNTlHMlNGb2krenIwTWJxQWtTTFVhaFJoZEMyK2dDYzgrQ3pHWVE3QURkaVdidHl0UGNwOUMxdmhSeGprdlFqVU01RmFqUmNValZHYW1wSHFBN0lHaHZiTnAyL2h6MEJ5NlpEZUY2dG9IdXUwZGFYelF4akt5UFlkZjVwSU0vbEtkVGlCUFdZYWlXM2M2alBuL3VyeW45NzlXWXoyem5uaHpwQVJWNkJkV2VCY0F4VTh5K1djWXJrMGsvYTNXZXpwblVwZW9zNmdkbHhPVHAwVURUSWd0L1hpVDdlNEZ2bE8rWlk3dzRUZmNlL2lSdDVPcm84d2JxRVJuaWF5TlZlcUREWGVQdHZPSjF1UUJlUDRJSDlyQWtQL2YwRkpndExJb3dEZDI5MmVoekM3bzhPTjhTT3FSTDFzb1pxVmRMQ0tpc2tZYThnbWo5NXFMYi9GSm5xSE04V245YnZlbUhtWT0%3D&vs=1600:1200&ds=1600:1200&sl=20:20&os=f&nos=f&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine&anura_res= HTTP 302
    https://fomiln.com/jr.php?gz=CrVDBSxfG1g7QzJE4oAym349fkxwaVU5WjVPWDJ3VGZvOTY4ODE2K3cveDhyYXFQbnZGcEQ5VkwrNUJpek52ME9mUVNvK3VYZ1Rub2tLOStJOUZVN3pTeXJtSzJFVWlMWEw0QkVCaUNJTGF0eW0vMzdVdk9OTUV1dlYvY0xHaDNnUzdrNGFxVDNXa0w5QUJxNFVnZnY5eTdMT290R0Y0TlBENDlQU0tPY1hXMTR3SFNkR1NQQWJ3bnhxVndZOFRST3JxMlh1T3ZaZ1Z2c2U0RUdkTTMrc3RXcGEwOGxDODgwS0ViZVFkNWUxMTRlUVluVXNrR0RuZXFUcHZRcCttNjFyZ3lwR2pVZ1ovVENWclNxWWhNSSt3SzBWSkRHTktMejZRZVZBall4NnZPYVFkcXlxNlQrMHhVdi84ZWVkeHpCRWFySmQyNG15N1dIWUlGeUhmWUdtZjlkcC9mcTNNaVlydFVQSGFUYzZpRjVHbTVGVnlldXNaNzd6MVlzS3JrUzcwbUp2dVlXa1RQZXVpbWptajBTTFRmbjloQW1qalF6YklmU3E2VVplQ2lIUzhQb1lETGhjWWdPcDJEZFdKNlJLOTVjMnZCTWZOTnUzM2c3WGlEeTFYNGlKR1pEYmhJZlN6ZEwxRGw2VWtRVlpGTDJ0S21XUjdNcVVMbmVTUVhnLzBoN3ViZ3U1dVo0R1VXbHF5ejREM1FRRWNqMCtyUjVNUXNPdDNaZUlJaU5oRFNjWFhuWXc5a2pyZTdRczBSTEJ6OTE0elRHSm15NW5EOGI0WUU0T0Y1YzNFT2VDNTlHMlNGb2krenIwTWJxQWtTTFVhaFJoZEMyK2dDYzgrQ3pHWVE3QURkaVdidHl0UGNwOUMxdmhSeGprdlFqVU01RmFqUmNValZHYW1wSHFBN0lHaHZiTnAyL2h6MEJ5NlpEZUY2dG9IdXUwZGFYelF4akt5UFlkZjVwSU0vbEtkVGlCUFdZYWlXM2M2alBuL3VyeW45NzlXWXoyem5uaHpwQVJWNkJkV2VCY0F4VTh5K1djWXJrMGsvYTNXZXpwblVwZW9zNmdkbHhPVHAwVURUSWd0L1hpVDdlNEZ2bE8rWlk3dzRUZmNlL2lSdDVPcm84d2JxRVJuaWF5TlZlcUREWGVQdHZPSjF1UUJlUDRJSDlyQWtQL2YwRkpndExJb3dEZDI5MmVoekM3bzhPTjhTT3FSTDFzb1pxVmRMQ0tpc2tZYThnbWo5NXFMYi9GSm5xSE04V245YnZlbUhtWT0%3D&vs=1600%3A1200&ds=1600%3A1200&sl=20%3A20&os=f&nos=f&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&anura_res=&ckReS=1716809569.3464935 Page URL
  3. https://myckdom.com/aS/sfclick?u=f635bd04-e35b-4844-b901-99ae1884d820 HTTP 302
    https://p249699.myckdom.com/adServe/domainClick?ai=OsW9fSXKwqhs4Nk0N3T175hXDnA7furQ4SbPz2OJtljtmEokMxqCLc4JPx-ycluhaQvcDLFKa3lxFO_13iSZJTj-GPcsoI_bX2-RUHmZe-TbZh2vrFwOgYCd-SFvF-Fq0qMxFYX8xdAplCfSiUmQzUv7EJ8xQviaeyZeB4t_suq54Ng4o40aQNKjMRWF_MXQKZQn0olJkM079DsxxaaOIg6VEAw_1BQ0OSWCvWGkYGW655sn8NUzKSZggkaL9NJRZN_F-zUlvRWh8HfcFb6b2kMb4Do7y-b-De0rL-F5kimWV6YBZNo-eHvK0TihL_ekkvgqc45ggkUpG405w9CXKFq5LhImb3BCguu2D-tqLGlSrIfnXI3KxAvGd3WbeZnnbWnaHeEFBuddA-e5aUFqZsS33aYyBWDD&ui=ULvdn1uz3feDU7guKw2nTPbWwvziNp_11Mw5XOE4fEIIYcbHxbpRSZ2lnLodg8JZtC1kSlVpViLgaa_9stvBRasKE71InVNuipK1gntj3NJd7mm6_QCSpw&si=1&oref=bf8d6a7d8c26a8de1c97474dbb1142bb&optunit=5jMlRtESsPeY7nfU0cB7mhDI2oop-ALI&rb=tatMM8WvJYA&rr=1&abtg=0 Page URL
  4. https://securewponline.com/mc-test/7eed5980b46b5623d196ba54858839ac/index.php?utm_source=72&utm_campaign=16263144&cid=90829201108&sid=447376410&s=0.01 HTTP 302
    https://www.google.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://comericabenefitehr.com/ HTTP 307
  • https://comericabenefitehr.com/
Request Chain 1
  • http://fomiln.com/jr.php?gz=CrVDBSxfG1g7QzJE4oAym349fkxwaVU5WjVPWDJ3VGZvOTY4ODE2K3cveDhyYXFQbnZGcEQ5VkwrNUJpek52ME9mUVNvK3VYZ1Rub2tLOStJOUZVN3pTeXJtSzJFVWlMWEw0QkVCaUNJTGF0eW0vMzdVdk9OTUV1dlYvY0xHaDNnUzdrNGFxVDNXa0w5QUJxNFVnZnY5eTdMT290R0Y0TlBENDlQU0tPY1hXMTR3SFNkR1NQQWJ3bnhxVndZOFRST3JxMlh1T3ZaZ1Z2c2U0RUdkTTMrc3RXcGEwOGxDODgwS0ViZVFkNWUxMTRlUVluVXNrR0RuZXFUcHZRcCttNjFyZ3lwR2pVZ1ovVENWclNxWWhNSSt3SzBWSkRHTktMejZRZVZBall4NnZPYVFkcXlxNlQrMHhVdi84ZWVkeHpCRWFySmQyNG15N1dIWUlGeUhmWUdtZjlkcC9mcTNNaVlydFVQSGFUYzZpRjVHbTVGVnlldXNaNzd6MVlzS3JrUzcwbUp2dVlXa1RQZXVpbWptajBTTFRmbjloQW1qalF6YklmU3E2VVplQ2lIUzhQb1lETGhjWWdPcDJEZFdKNlJLOTVjMnZCTWZOTnUzM2c3WGlEeTFYNGlKR1pEYmhJZlN6ZEwxRGw2VWtRVlpGTDJ0S21XUjdNcVVMbmVTUVhnLzBoN3ViZ3U1dVo0R1VXbHF5ejREM1FRRWNqMCtyUjVNUXNPdDNaZUlJaU5oRFNjWFhuWXc5a2pyZTdRczBSTEJ6OTE0elRHSm15NW5EOGI0WUU0T0Y1YzNFT2VDNTlHMlNGb2krenIwTWJxQWtTTFVhaFJoZEMyK2dDYzgrQ3pHWVE3QURkaVdidHl0UGNwOUMxdmhSeGprdlFqVU01RmFqUmNValZHYW1wSHFBN0lHaHZiTnAyL2h6MEJ5NlpEZUY2dG9IdXUwZGFYelF4akt5UFlkZjVwSU0vbEtkVGlCUFdZYWlXM2M2alBuL3VyeW45NzlXWXoyem5uaHpwQVJWNkJkV2VCY0F4VTh5K1djWXJrMGsvYTNXZXpwblVwZW9zNmdkbHhPVHAwVURUSWd0L1hpVDdlNEZ2bE8rWlk3dzRUZmNlL2lSdDVPcm84d2JxRVJuaWF5TlZlcUREWGVQdHZPSjF1UUJlUDRJSDlyQWtQL2YwRkpndExJb3dEZDI5MmVoekM3bzhPTjhTT3FSTDFzb1pxVmRMQ0tpc2tZYThnbWo5NXFMYi9GSm5xSE04V245YnZlbUhtWT0%3D&vs=1600:1200&ds=1600:1200&sl=20:20&os=f&nos=f&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine&anura_res= HTTP 307
  • https://fomiln.com/jr.php?gz=CrVDBSxfG1g7QzJE4oAym349fkxwaVU5WjVPWDJ3VGZvOTY4ODE2K3cveDhyYXFQbnZGcEQ5VkwrNUJpek52ME9mUVNvK3VYZ1Rub2tLOStJOUZVN3pTeXJtSzJFVWlMWEw0QkVCaUNJTGF0eW0vMzdVdk9OTUV1dlYvY0xHaDNnUzdrNGFxVDNXa0w5QUJxNFVnZnY5eTdMT290R0Y0TlBENDlQU0tPY1hXMTR3SFNkR1NQQWJ3bnhxVndZOFRST3JxMlh1T3ZaZ1Z2c2U0RUdkTTMrc3RXcGEwOGxDODgwS0ViZVFkNWUxMTRlUVluVXNrR0RuZXFUcHZRcCttNjFyZ3lwR2pVZ1ovVENWclNxWWhNSSt3SzBWSkRHTktMejZRZVZBall4NnZPYVFkcXlxNlQrMHhVdi84ZWVkeHpCRWFySmQyNG15N1dIWUlGeUhmWUdtZjlkcC9mcTNNaVlydFVQSGFUYzZpRjVHbTVGVnlldXNaNzd6MVlzS3JrUzcwbUp2dVlXa1RQZXVpbWptajBTTFRmbjloQW1qalF6YklmU3E2VVplQ2lIUzhQb1lETGhjWWdPcDJEZFdKNlJLOTVjMnZCTWZOTnUzM2c3WGlEeTFYNGlKR1pEYmhJZlN6ZEwxRGw2VWtRVlpGTDJ0S21XUjdNcVVMbmVTUVhnLzBoN3ViZ3U1dVo0R1VXbHF5ejREM1FRRWNqMCtyUjVNUXNPdDNaZUlJaU5oRFNjWFhuWXc5a2pyZTdRczBSTEJ6OTE0elRHSm15NW5EOGI0WUU0T0Y1YzNFT2VDNTlHMlNGb2krenIwTWJxQWtTTFVhaFJoZEMyK2dDYzgrQ3pHWVE3QURkaVdidHl0UGNwOUMxdmhSeGprdlFqVU01RmFqUmNValZHYW1wSHFBN0lHaHZiTnAyL2h6MEJ5NlpEZUY2dG9IdXUwZGFYelF4akt5UFlkZjVwSU0vbEtkVGlCUFdZYWlXM2M2alBuL3VyeW45NzlXWXoyem5uaHpwQVJWNkJkV2VCY0F4VTh5K1djWXJrMGsvYTNXZXpwblVwZW9zNmdkbHhPVHAwVURUSWd0L1hpVDdlNEZ2bE8rWlk3dzRUZmNlL2lSdDVPcm84d2JxRVJuaWF5TlZlcUREWGVQdHZPSjF1UUJlUDRJSDlyQWtQL2YwRkpndExJb3dEZDI5MmVoekM3bzhPTjhTT3FSTDFzb1pxVmRMQ0tpc2tZYThnbWo5NXFMYi9GSm5xSE04V245YnZlbUhtWT0%3D&vs=1600:1200&ds=1600:1200&sl=20:20&os=f&nos=f&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine&anura_res= HTTP 302
  • https://fomiln.com/jr.php?gz=CrVDBSxfG1g7QzJE4oAym349fkxwaVU5WjVPWDJ3VGZvOTY4ODE2K3cveDhyYXFQbnZGcEQ5VkwrNUJpek52ME9mUVNvK3VYZ1Rub2tLOStJOUZVN3pTeXJtSzJFVWlMWEw0QkVCaUNJTGF0eW0vMzdVdk9OTUV1dlYvY0xHaDNnUzdrNGFxVDNXa0w5QUJxNFVnZnY5eTdMT290R0Y0TlBENDlQU0tPY1hXMTR3SFNkR1NQQWJ3bnhxVndZOFRST3JxMlh1T3ZaZ1Z2c2U0RUdkTTMrc3RXcGEwOGxDODgwS0ViZVFkNWUxMTRlUVluVXNrR0RuZXFUcHZRcCttNjFyZ3lwR2pVZ1ovVENWclNxWWhNSSt3SzBWSkRHTktMejZRZVZBall4NnZPYVFkcXlxNlQrMHhVdi84ZWVkeHpCRWFySmQyNG15N1dIWUlGeUhmWUdtZjlkcC9mcTNNaVlydFVQSGFUYzZpRjVHbTVGVnlldXNaNzd6MVlzS3JrUzcwbUp2dVlXa1RQZXVpbWptajBTTFRmbjloQW1qalF6YklmU3E2VVplQ2lIUzhQb1lETGhjWWdPcDJEZFdKNlJLOTVjMnZCTWZOTnUzM2c3WGlEeTFYNGlKR1pEYmhJZlN6ZEwxRGw2VWtRVlpGTDJ0S21XUjdNcVVMbmVTUVhnLzBoN3ViZ3U1dVo0R1VXbHF5ejREM1FRRWNqMCtyUjVNUXNPdDNaZUlJaU5oRFNjWFhuWXc5a2pyZTdRczBSTEJ6OTE0elRHSm15NW5EOGI0WUU0T0Y1YzNFT2VDNTlHMlNGb2krenIwTWJxQWtTTFVhaFJoZEMyK2dDYzgrQ3pHWVE3QURkaVdidHl0UGNwOUMxdmhSeGprdlFqVU01RmFqUmNValZHYW1wSHFBN0lHaHZiTnAyL2h6MEJ5NlpEZUY2dG9IdXUwZGFYelF4akt5UFlkZjVwSU0vbEtkVGlCUFdZYWlXM2M2alBuL3VyeW45NzlXWXoyem5uaHpwQVJWNkJkV2VCY0F4VTh5K1djWXJrMGsvYTNXZXpwblVwZW9zNmdkbHhPVHAwVURUSWd0L1hpVDdlNEZ2bE8rWlk3dzRUZmNlL2lSdDVPcm84d2JxRVJuaWF5TlZlcUREWGVQdHZPSjF1UUJlUDRJSDlyQWtQL2YwRkpndExJb3dEZDI5MmVoekM3bzhPTjhTT3FSTDFzb1pxVmRMQ0tpc2tZYThnbWo5NXFMYi9GSm5xSE04V245YnZlbUhtWT0%3D&vs=1600%3A1200&ds=1600%3A1200&sl=20%3A20&os=f&nos=f&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&anura_res=&ckReS=1716809569.3464935
Request Chain 2
  • https://myckdom.com/aS/sfclick?u=f635bd04-e35b-4844-b901-99ae1884d820 HTTP 302
  • https://p249699.myckdom.com/adServe/domainClick?ai=OsW9fSXKwqhs4Nk0N3T175hXDnA7furQ4SbPz2OJtljtmEokMxqCLc4JPx-ycluhaQvcDLFKa3lxFO_13iSZJTj-GPcsoI_bX2-RUHmZe-TbZh2vrFwOgYCd-SFvF-Fq0qMxFYX8xdAplCfSiUmQzUv7EJ8xQviaeyZeB4t_suq54Ng4o40aQNKjMRWF_MXQKZQn0olJkM079DsxxaaOIg6VEAw_1BQ0OSWCvWGkYGW655sn8NUzKSZggkaL9NJRZN_F-zUlvRWh8HfcFb6b2kMb4Do7y-b-De0rL-F5kimWV6YBZNo-eHvK0TihL_ekkvgqc45ggkUpG405w9CXKFq5LhImb3BCguu2D-tqLGlSrIfnXI3KxAvGd3WbeZnnbWnaHeEFBuddA-e5aUFqZsS33aYyBWDD&ui=ULvdn1uz3feDU7guKw2nTPbWwvziNp_11Mw5XOE4fEIIYcbHxbpRSZ2lnLodg8JZtC1kSlVpViLgaa_9stvBRasKE71InVNuipK1gntj3NJd7mm6_QCSpw&si=1&oref=bf8d6a7d8c26a8de1c97474dbb1142bb&optunit=5jMlRtESsPeY7nfU0cB7mhDI2oop-ALI&rb=tatMM8WvJYA&rr=1&abtg=0

7 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
comericabenefitehr.com/
Redirect Chain
  • http://comericabenefitehr.com/
  • https://comericabenefitehr.com/
7 KB
4 KB
Document
General
Full URL
https://comericabenefitehr.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.224.212.213 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
lb-212-213.above.com
Software
Apache /
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

connection
close
content-encoding
gzip
content-length
3331
content-type
text/html; charset=UTF-8
date
Mon, 27 May 2024 11:32:48 GMT
server
Apache
vary
Accept-Encoding

Redirect headers

Location
https://comericabenefitehr.com/
Non-Authoritative-Reason
HttpsUpgrades
jr.php
fomiln.com/
Redirect Chain
  • http://fomiln.com/jr.php?gz=CrVDBSxfG1g7QzJE4oAym349fkxwaVU5WjVPWDJ3VGZvOTY4ODE2K3cveDhyYXFQbnZGcEQ5VkwrNUJpek52ME9mUVNvK3VYZ1Rub2tLOStJOUZVN3pTeXJtSzJFVWlMWEw0QkVCaUNJTGF0eW0vMzdVdk9OTUV1dlYvY0xHa...
  • https://fomiln.com/jr.php?gz=CrVDBSxfG1g7QzJE4oAym349fkxwaVU5WjVPWDJ3VGZvOTY4ODE2K3cveDhyYXFQbnZGcEQ5VkwrNUJpek52ME9mUVNvK3VYZ1Rub2tLOStJOUZVN3pTeXJtSzJFVWlMWEw0QkVCaUNJTGF0eW0vMzdVdk9OTUV1dlYvY0xH...
  • https://fomiln.com/jr.php?gz=CrVDBSxfG1g7QzJE4oAym349fkxwaVU5WjVPWDJ3VGZvOTY4ODE2K3cveDhyYXFQbnZGcEQ5VkwrNUJpek52ME9mUVNvK3VYZ1Rub2tLOStJOUZVN3pTeXJtSzJFVWlMWEw0QkVCaUNJTGF0eW0vMzdVdk9OTUV1dlYvY0xH...
372 B
454 B
Document
General
Full URL
https://fomiln.com/jr.php?gz=CrVDBSxfG1g7QzJE4oAym349fkxwaVU5WjVPWDJ3VGZvOTY4ODE2K3cveDhyYXFQbnZGcEQ5VkwrNUJpek52ME9mUVNvK3VYZ1Rub2tLOStJOUZVN3pTeXJtSzJFVWlMWEw0QkVCaUNJTGF0eW0vMzdVdk9OTUV1dlYvY0xHaDNnUzdrNGFxVDNXa0w5QUJxNFVnZnY5eTdMT290R0Y0TlBENDlQU0tPY1hXMTR3SFNkR1NQQWJ3bnhxVndZOFRST3JxMlh1T3ZaZ1Z2c2U0RUdkTTMrc3RXcGEwOGxDODgwS0ViZVFkNWUxMTRlUVluVXNrR0RuZXFUcHZRcCttNjFyZ3lwR2pVZ1ovVENWclNxWWhNSSt3SzBWSkRHTktMejZRZVZBall4NnZPYVFkcXlxNlQrMHhVdi84ZWVkeHpCRWFySmQyNG15N1dIWUlGeUhmWUdtZjlkcC9mcTNNaVlydFVQSGFUYzZpRjVHbTVGVnlldXNaNzd6MVlzS3JrUzcwbUp2dVlXa1RQZXVpbWptajBTTFRmbjloQW1qalF6YklmU3E2VVplQ2lIUzhQb1lETGhjWWdPcDJEZFdKNlJLOTVjMnZCTWZOTnUzM2c3WGlEeTFYNGlKR1pEYmhJZlN6ZEwxRGw2VWtRVlpGTDJ0S21XUjdNcVVMbmVTUVhnLzBoN3ViZ3U1dVo0R1VXbHF5ejREM1FRRWNqMCtyUjVNUXNPdDNaZUlJaU5oRFNjWFhuWXc5a2pyZTdRczBSTEJ6OTE0elRHSm15NW5EOGI0WUU0T0Y1YzNFT2VDNTlHMlNGb2krenIwTWJxQWtTTFVhaFJoZEMyK2dDYzgrQ3pHWVE3QURkaVdidHl0UGNwOUMxdmhSeGprdlFqVU01RmFqUmNValZHYW1wSHFBN0lHaHZiTnAyL2h6MEJ5NlpEZUY2dG9IdXUwZGFYelF4akt5UFlkZjVwSU0vbEtkVGlCUFdZYWlXM2M2alBuL3VyeW45NzlXWXoyem5uaHpwQVJWNkJkV2VCY0F4VTh5K1djWXJrMGsvYTNXZXpwblVwZW9zNmdkbHhPVHAwVURUSWd0L1hpVDdlNEZ2bE8rWlk3dzRUZmNlL2lSdDVPcm84d2JxRVJuaWF5TlZlcUREWGVQdHZPSjF1UUJlUDRJSDlyQWtQL2YwRkpndExJb3dEZDI5MmVoekM3bzhPTjhTT3FSTDFzb1pxVmRMQ0tpc2tZYThnbWo5NXFMYi9GSm5xSE04V245YnZlbUhtWT0%3D&vs=1600%3A1200&ds=1600%3A1200&sl=20%3A20&os=f&nos=f&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&anura_res=&ckReS=1716809569.3464935
Requested by
Host: comericabenefitehr.com
URL: https://comericabenefitehr.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache /
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://comericabenefitehr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

connection
close
content-encoding
gzip
content-length
241
content-type
text/html; charset=UTF-8
date
Mon, 27 May 2024 11:32:49 GMT
server
Apache
vary
Accept-Encoding
x-jr-code
s

Redirect headers

connection
close
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 27 May 2024 11:32:49 GMT
location
jr.php?gz=CrVDBSxfG1g7QzJE4oAym349fkxwaVU5WjVPWDJ3VGZvOTY4ODE2K3cveDhyYXFQbnZGcEQ5VkwrNUJpek52ME9mUVNvK3VYZ1Rub2tLOStJOUZVN3pTeXJtSzJFVWlMWEw0QkVCaUNJTGF0eW0vMzdVdk9OTUV1dlYvY0xHaDNnUzdrNGFxVDNXa0w5QUJxNFVnZnY5eTdMT290R0Y0TlBENDlQU0tPY1hXMTR3SFNkR1NQQWJ3bnhxVndZOFRST3JxMlh1T3ZaZ1Z2c2U0RUdkTTMrc3RXcGEwOGxDODgwS0ViZVFkNWUxMTRlUVluVXNrR0RuZXFUcHZRcCttNjFyZ3lwR2pVZ1ovVENWclNxWWhNSSt3SzBWSkRHTktMejZRZVZBall4NnZPYVFkcXlxNlQrMHhVdi84ZWVkeHpCRWFySmQyNG15N1dIWUlGeUhmWUdtZjlkcC9mcTNNaVlydFVQSGFUYzZpRjVHbTVGVnlldXNaNzd6MVlzS3JrUzcwbUp2dVlXa1RQZXVpbWptajBTTFRmbjloQW1qalF6YklmU3E2VVplQ2lIUzhQb1lETGhjWWdPcDJEZFdKNlJLOTVjMnZCTWZOTnUzM2c3WGlEeTFYNGlKR1pEYmhJZlN6ZEwxRGw2VWtRVlpGTDJ0S21XUjdNcVVMbmVTUVhnLzBoN3ViZ3U1dVo0R1VXbHF5ejREM1FRRWNqMCtyUjVNUXNPdDNaZUlJaU5oRFNjWFhuWXc5a2pyZTdRczBSTEJ6OTE0elRHSm15NW5EOGI0WUU0T0Y1YzNFT2VDNTlHMlNGb2krenIwTWJxQWtTTFVhaFJoZEMyK2dDYzgrQ3pHWVE3QURkaVdidHl0UGNwOUMxdmhSeGprdlFqVU01RmFqUmNValZHYW1wSHFBN0lHaHZiTnAyL2h6MEJ5NlpEZUY2dG9IdXUwZGFYelF4akt5UFlkZjVwSU0vbEtkVGlCUFdZYWlXM2M2alBuL3VyeW45NzlXWXoyem5uaHpwQVJWNkJkV2VCY0F4VTh5K1djWXJrMGsvYTNXZXpwblVwZW9zNmdkbHhPVHAwVURUSWd0L1hpVDdlNEZ2bE8rWlk3dzRUZmNlL2lSdDVPcm84d2JxRVJuaWF5TlZlcUREWGVQdHZPSjF1UUJlUDRJSDlyQWtQL2YwRkpndExJb3dEZDI5MmVoekM3bzhPTjhTT3FSTDFzb1pxVmRMQ0tpc2tZYThnbWo5NXFMYi9GSm5xSE04V245YnZlbUhtWT0%3D&vs=1600%3A1200&ds=1600%3A1200&sl=20%3A20&os=f&nos=f&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&anura_res=&ckReS=1716809569.3464935
server
Apache
x-jr-code
cr
domainClick
p249699.myckdom.com/adServe/
Redirect Chain
  • https://myckdom.com/aS/sfclick?u=f635bd04-e35b-4844-b901-99ae1884d820
  • https://p249699.myckdom.com/adServe/domainClick?ai=OsW9fSXKwqhs4Nk0N3T175hXDnA7furQ4SbPz2OJtljtmEokMxqCLc4JPx-ycluhaQvcDLFKa3lxFO_13iSZJTj-GPcsoI_bX2-RUHmZe-TbZh2vrFwOgYCd-SFvF-Fq0qMxFYX8xdAplCfSiU...
757 B
962 B
Document
General
Full URL
https://p249699.myckdom.com/adServe/domainClick?ai=OsW9fSXKwqhs4Nk0N3T175hXDnA7furQ4SbPz2OJtljtmEokMxqCLc4JPx-ycluhaQvcDLFKa3lxFO_13iSZJTj-GPcsoI_bX2-RUHmZe-TbZh2vrFwOgYCd-SFvF-Fq0qMxFYX8xdAplCfSiUmQzUv7EJ8xQviaeyZeB4t_suq54Ng4o40aQNKjMRWF_MXQKZQn0olJkM079DsxxaaOIg6VEAw_1BQ0OSWCvWGkYGW655sn8NUzKSZggkaL9NJRZN_F-zUlvRWh8HfcFb6b2kMb4Do7y-b-De0rL-F5kimWV6YBZNo-eHvK0TihL_ekkvgqc45ggkUpG405w9CXKFq5LhImb3BCguu2D-tqLGlSrIfnXI3KxAvGd3WbeZnnbWnaHeEFBuddA-e5aUFqZsS33aYyBWDD&ui=ULvdn1uz3feDU7guKw2nTPbWwvziNp_11Mw5XOE4fEIIYcbHxbpRSZ2lnLodg8JZtC1kSlVpViLgaa_9stvBRasKE71InVNuipK1gntj3NJd7mm6_QCSpw&si=1&oref=bf8d6a7d8c26a8de1c97474dbb1142bb&optunit=5jMlRtESsPeY7nfU0cB7mhDI2oop-ALI&rb=tatMM8WvJYA&rr=1&abtg=0
Requested by
Host: fomiln.com
URL: https://fomiln.com/jr.php?gz=CrVDBSxfG1g7QzJE4oAym349fkxwaVU5WjVPWDJ3VGZvOTY4ODE2K3cveDhyYXFQbnZGcEQ5VkwrNUJpek52ME9mUVNvK3VYZ1Rub2tLOStJOUZVN3pTeXJtSzJFVWlMWEw0QkVCaUNJTGF0eW0vMzdVdk9OTUV1dlYvY0xHaDNnUzdrNGFxVDNXa0w5QUJxNFVnZnY5eTdMT290R0Y0TlBENDlQU0tPY1hXMTR3SFNkR1NQQWJ3bnhxVndZOFRST3JxMlh1T3ZaZ1Z2c2U0RUdkTTMrc3RXcGEwOGxDODgwS0ViZVFkNWUxMTRlUVluVXNrR0RuZXFUcHZRcCttNjFyZ3lwR2pVZ1ovVENWclNxWWhNSSt3SzBWSkRHTktMejZRZVZBall4NnZPYVFkcXlxNlQrMHhVdi84ZWVkeHpCRWFySmQyNG15N1dIWUlGeUhmWUdtZjlkcC9mcTNNaVlydFVQSGFUYzZpRjVHbTVGVnlldXNaNzd6MVlzS3JrUzcwbUp2dVlXa1RQZXVpbWptajBTTFRmbjloQW1qalF6YklmU3E2VVplQ2lIUzhQb1lETGhjWWdPcDJEZFdKNlJLOTVjMnZCTWZOTnUzM2c3WGlEeTFYNGlKR1pEYmhJZlN6ZEwxRGw2VWtRVlpGTDJ0S21XUjdNcVVMbmVTUVhnLzBoN3ViZ3U1dVo0R1VXbHF5ejREM1FRRWNqMCtyUjVNUXNPdDNaZUlJaU5oRFNjWFhuWXc5a2pyZTdRczBSTEJ6OTE0elRHSm15NW5EOGI0WUU0T0Y1YzNFT2VDNTlHMlNGb2krenIwTWJxQWtTTFVhaFJoZEMyK2dDYzgrQ3pHWVE3QURkaVdidHl0UGNwOUMxdmhSeGprdlFqVU01RmFqUmNValZHYW1wSHFBN0lHaHZiTnAyL2h6MEJ5NlpEZUY2dG9IdXUwZGFYelF4akt5UFlkZjVwSU0vbEtkVGlCUFdZYWlXM2M2alBuL3VyeW45NzlXWXoyem5uaHpwQVJWNkJkV2VCY0F4VTh5K1djWXJrMGsvYTNXZXpwblVwZW9zNmdkbHhPVHAwVURUSWd0L1hpVDdlNEZ2bE8rWlk3dzRUZmNlL2lSdDVPcm84d2JxRVJuaWF5TlZlcUREWGVQdHZPSjF1UUJlUDRJSDlyQWtQL2YwRkpndExJb3dEZDI5MmVoekM3bzhPTjhTT3FSTDFzb1pxVmRMQ0tpc2tZYThnbWo5NXFMYi9GSm5xSE04V245YnZlbUhtWT0%3D&vs=1600%3A1200&ds=1600%3A1200&sl=20%3A20&os=f&nos=f&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&anura_res=&ckReS=1716809569.3464935
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.117.247.211 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
d3.f7.7534.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
1c831c9f1b4a4b71fadd5bfa9131cf22c928f56b971d47887b5f3e7bf1c05777

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://fomiln.com/jr.php?gz=CrVDBSxfG1g7QzJE4oAym349fkxwaVU5WjVPWDJ3VGZvOTY4ODE2K3cveDhyYXFQbnZGcEQ5VkwrNUJpek52ME9mUVNvK3VYZ1Rub2tLOStJOUZVN3pTeXJtSzJFVWlMWEw0QkVCaUNJTGF0eW0vMzdVdk9OTUV1dlYvY0xHaDNnUzdrNGFxVDNXa0w5QUJxNFVnZnY5eTdMT290R0Y0TlBENDlQU0tPY1hXMTR3SFNkR1NQQWJ3bnhxVndZOFRST3JxMlh1T3ZaZ1Z2c2U0RUdkTTMrc3RXcGEwOGxDODgwS0ViZVFkNWUxMTRlUVluVXNrR0RuZXFUcHZRcCttNjFyZ3lwR2pVZ1ovVENWclNxWWhNSSt3SzBWSkRHTktMejZRZVZBall4NnZPYVFkcXlxNlQrMHhVdi84ZWVkeHpCRWFySmQyNG15N1dIWUlGeUhmWUdtZjlkcC9mcTNNaVlydFVQSGFUYzZpRjVHbTVGVnlldXNaNzd6MVlzS3JrUzcwbUp2dVlXa1RQZXVpbWptajBTTFRmbjloQW1qalF6YklmU3E2VVplQ2lIUzhQb1lETGhjWWdPcDJEZFdKNlJLOTVjMnZCTWZOTnUzM2c3WGlEeTFYNGlKR1pEYmhJZlN6ZEwxRGw2VWtRVlpGTDJ0S21XUjdNcVVMbmVTUVhnLzBoN3ViZ3U1dVo0R1VXbHF5ejREM1FRRWNqMCtyUjVNUXNPdDNaZUlJaU5oRFNjWFhuWXc5a2pyZTdRczBSTEJ6OTE0elRHSm15NW5EOGI0WUU0T0Y1YzNFT2VDNTlHMlNGb2krenIwTWJxQWtTTFVhaFJoZEMyK2dDYzgrQ3pHWVE3QURkaVdidHl0UGNwOUMxdmhSeGprdlFqVU01RmFqUmNValZHYW1wSHFBN0lHaHZiTnAyL2h6MEJ5NlpEZUY2dG9IdXUwZGFYelF4akt5UFlkZjVwSU0vbEtkVGlCUFdZYWlXM2M2alBuL3VyeW45NzlXWXoyem5uaHpwQVJWNkJkV2VCY0F4VTh5K1djWXJrMGsvYTNXZXpwblVwZW9zNmdkbHhPVHAwVURUSWd0L1hpVDdlNEZ2bE8rWlk3dzRUZmNlL2lSdDVPcm84d2JxRVJuaWF5TlZlcUREWGVQdHZPSjF1UUJlUDRJSDlyQWtQL2YwRkpndExJb3dEZDI5MmVoekM3bzhPTjhTT3FSTDFzb1pxVmRMQ0tpc2tZYThnbWo5NXFMYi9GSm5xSE04V245YnZlbUhtWT0%3D&vs=1600%3A1200&ds=1600%3A1200&sl=20%3A20&os=f&nos=f&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&anura_res=&ckReS=1716809569.3464935
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 27 May 2024 11:32:50 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Mon, 27 May 2024 11:32:50 GMT
Location
https://p249699.myckdom.com/adServe/domainClick?ai=OsW9fSXKwqhs4Nk0N3T175hXDnA7furQ4SbPz2OJtljtmEokMxqCLc4JPx-ycluhaQvcDLFKa3lxFO_13iSZJTj-GPcsoI_bX2-RUHmZe-TbZh2vrFwOgYCd-SFvF-Fq0qMxFYX8xdAplCfSiUmQzUv7EJ8xQviaeyZeB4t_suq54Ng4o40aQNKjMRWF_MXQKZQn0olJkM079DsxxaaOIg6VEAw_1BQ0OSWCvWGkYGW655sn8NUzKSZggkaL9NJRZN_F-zUlvRWh8HfcFb6b2kMb4Do7y-b-De0rL-F5kimWV6YBZNo-eHvK0TihL_ekkvgqc45ggkUpG405w9CXKFq5LhImb3BCguu2D-tqLGlSrIfnXI3KxAvGd3WbeZnnbWnaHeEFBuddA-e5aUFqZsS33aYyBWDD&ui=ULvdn1uz3feDU7guKw2nTPbWwvziNp_11Mw5XOE4fEIIYcbHxbpRSZ2lnLodg8JZtC1kSlVpViLgaa_9stvBRasKE71InVNuipK1gntj3NJd7mm6_QCSpw&si=1&oref=bf8d6a7d8c26a8de1c97474dbb1142bb&optunit=5jMlRtESsPeY7nfU0cB7mhDI2oop-ALI&rb=tatMM8WvJYA&rr=1&abtg=0
Server
nginx
track
clkdeals.com/adServe/
49 B
302 B
Image
General
Full URL
https://clkdeals.com/adServe/track?subid=90829201108&prdid=2750&price=0
Requested by
Host: p249699.myckdom.com
URL: https://p249699.myckdom.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.116.53.146 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
92.35.7434.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Mon, 27 May 2024 11:32:50 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
49
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Primary Request /
www.google.com/
Redirect Chain
  • https://securewponline.com/mc-test/7eed5980b46b5623d196ba54858839ac/index.php?utm_source=72&utm_campaign=16263144&cid=90829201108&sid=447376410&s=0.01
  • https://www.google.com/
201 KB
0
Document
General
Full URL
https://www.google.com/
Requested by
Host: p249699.myckdom.com
URL: https://p249699.myckdom.com/adServe/domainClick?ai=OsW9fSXKwqhs4Nk0N3T175hXDnA7furQ4SbPz2OJtljtmEokMxqCLc4JPx-ycluhaQvcDLFKa3lxFO_13iSZJTj-GPcsoI_bX2-RUHmZe-TbZh2vrFwOgYCd-SFvF-Fq0qMxFYX8xdAplCfSiUmQzUv7EJ8xQviaeyZeB4t_suq54Ng4o40aQNKjMRWF_MXQKZQn0olJkM079DsxxaaOIg6VEAw_1BQ0OSWCvWGkYGW655sn8NUzKSZggkaL9NJRZN_F-zUlvRWh8HfcFb6b2kMb4Do7y-b-De0rL-F5kimWV6YBZNo-eHvK0TihL_ekkvgqc45ggkUpG405w9CXKFq5LhImb3BCguu2D-tqLGlSrIfnXI3KxAvGd3WbeZnnbWnaHeEFBuddA-e5aUFqZsS33aYyBWDD&ui=ULvdn1uz3feDU7guKw2nTPbWwvziNp_11Mw5XOE4fEIIYcbHxbpRSZ2lnLodg8JZtC1kSlVpViLgaa_9stvBRasKE71InVNuipK1gntj3NJd7mm6_QCSpw&si=1&oref=bf8d6a7d8c26a8de1c97474dbb1142bb&optunit=5jMlRtESsPeY7nfU0cB7mhDI2oop-ALI&rb=tatMM8WvJYA&rr=1&abtg=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2004 -, , ASN (),
Reverse DNS
Software
gws /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://p249699.myckdom.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
58811
content-security-policy-report-only
object-src 'none';base-uri 'self';script-src 'nonce-hgVMbWgxyloFXoiZASs7Ow' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Mon, 27 May 2024 11:32:58 GMT
expires
-1
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
unload=()
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server
gws
strict-transport-security
max-age=31536000
x-frame-options
SAMEORIGIN
x-xss-protection
0

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Security-Policy
default-src 'self' http: https: data: blob: 'unsafe-inline'
Content-Type
text/html; charset=UTF-8
Date
Mon, 27 May 2024 11:32:58 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Location
https://www.google.com
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl
www.google.com/xjs/_/ss/k=xjs.hd.7F1VkoRpyRY.L.B1.O/am=AEYBAAAAAAAABgAAAAAAAAAAAAAAAAAQAAABAAAAAKAA8AkHQACwIQAAAEAAAAAAAAAAAQAAgHECAABAAAIBADAACBAAAAAAAAQCAAEQQASQBAIZCABABCMMQCoAMAAAAAABEgAAAAAgIA...
2 KB
1 KB
Stylesheet
General
Full URL
https://www.google.com/xjs/_/ss/k=xjs.hd.7F1VkoRpyRY.L.B1.O/am=AEYBAAAAAAAABgAAAAAAAAAAAAAAAAAQAAABAAAAAKAA8AkHQACwIQAAAEAAAAAAAAAAAQAAgHECAABAAAIBADAACBAAAAAAAAQCAAEQQASQBAIZCABABCMMQCoAMAAAAAABEgAAAAAgIACBAREAAQ8hAIABnSAACQAACGAAQQAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAAACAACAAgAAAAAAAAAAAAAAAAAAQA/d=1/ed=1/br=1/rs=ACT90oF6zEzNaIjH2wR1MnNz4iNrHnhGNA/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl
Requested by
Host: www.google.com
URL: https://www.google.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2004 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"125.0.6422.112"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://www.google.com/
sec-ch-ua-full-version-list
"Google Chrome";v="125.0.6422.112", "Chromium";v="125.0.6422.112", "Not.A/Brand";v="24.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-wow64
?0
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 11:05:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
260841
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gws-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1080
x-xss-protection
0
last-modified
Fri, 24 May 2024 10:30:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="gws-team"
vary
Accept-Encoding, Origin
report-to
{"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]}
content-type
text/css; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 24 May 2025 11:05:37 GMT
m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl
www.google.com/xjs/_/js/k=xjs.hd.en.687zznw5zSM.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAIQACgAAQAEAAAgAAAAAAACAEAAAAQAIwHsAIAQQAAIBADAARBCAhzIBAAQwAQAAAAQABAIgCAAABAAAACgAAAAAAAAAAAAAAA4gQAAA...
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.com
URL
https://www.google.com/xjs/_/js/k=xjs.hd.en.687zznw5zSM.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAIQACgAAQAEAAAgAAAAAAACAEAAAAQAIwHsAIAQQAAIBADAARBCAhzIBAAQwAQAAAAQABAIgCAAABAAAACgAAAAAAAAAAAAAAA4gQAAAAAAAAAAAAAAAnQAAAgAAAWAAQQAACAAAAEAeAIIDYJCCAAAAAAAAAAAAAAAgAAmCuZCAgggIAAAAAAAAAAAAAAAAUtKJhQ0/d=1/ed=1/dg=2/br=1/rs=ACT90oGQT-FL_KFmVZa88pzShO0Gx2w5NA/ee=ALeJib:B8gLwd;AfeaP:TkrAjf;Afksuc:wMx0R;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DM55c:imLrKe;DULqB:RKfG5c;Dkk6ge:wJqrrd;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;EnlcNd:WeHg4;Erl4fe:FloWmf,FloWmf;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;HqeXPd:cmbnH;IBADCc:RYquRb;IoGlCf:b5lhvb;IsdWVc:qzxzOb;JXS8fb:Qj0suc;JbMT3:M25sS;JsbNhc:Xd8iUd;KOxcK:OZqGte;KQzWid:ZMKkN;KcokUb:KiuZBf;KpRAue:Tia57b;LBgRLc:SdcwHb,XVMNvd;LEikZe:byfTOb,lsjVmc;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;Oj465e:KG2eXe,KG2eXe;OohIYe:mpEAQb;Pjplud:EEDORb,PoEs9b;Q1Ow7b:x5CSu;Q6C5kf:pfdZCe;QGR0gd:Mlhmy;R2kc8b:ALJqWb;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;RDNBlf:zPRCJb;SLtqO:Kh1xYe;SMDL4c:fTfGO,fTfGO;SNUn3:ZwDk9d,x8cHvb;ShpF6e:N0pvGc;TxfV6d:YORN0b;U96pRd:FsR04;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YV5bee:IvPZ6d;YkQtAf:rx8ur;ZMvdv:PHFPjb;ZSH6tc:QAvyLe;ZWEUA:afR4Cf;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aCJ9tf:qKftvc;aZ61od:arTwJ;af0EJf:ghinId;bDXwRe:UsyOtc;bFZ6gf:RsDQqe;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:VruDBd;eHDfl:ofjVkb;eO3lse:nFClrf;fWLTFc:TVBJbf;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;heHB1:sFczq;hjRo6e:F62sG;hsLsYc:Vl118;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;io8t5d:sgY6Zb;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lkq0A:JyBE3e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;oSUNyd:fTfGO,fTfGO;oUlnpc:RagDlc;okUaUd:wItadb;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:mg5CW;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sP4Vbe:VwDzFe;sTsDMc:kHVSUb;sZmdvc:rdGEfc;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uY49fb:COQbmf;uknmt:GkPrzb;uuQkY:u2V3ud;vGrMZ:lPJJ0c;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:O1Gjze,TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;yGxLoc:FmAr0c;ysNiMc:CpIBjd;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Domain/Path Name / Value
comericabenefitehr.com/ Name: __tad
Value: 1716809568.4597051
fomiln.com/ Name: __tad
Value: 1716809569.3464935
.myckdom.com/ Name: rhid
Value: 83767376575
.myckdom.com/ Name: loi
Value: ad_1847126_off_1289692_aff_840_cid_249699-1908117875_ts_1716809570