urlscan.io logo urlscan.io
SecurityTrails logo

platdom-1.online Open in urlscan Pro
3.33.192.145  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://females.es/
Effective URL: https://platdom-1.online/api/v1/px?xmlid=VnGJHdhrGnqXP2JCjbFWF5r45P9ce5PlfWAZgNSV
Submission: On May 04 via api from IN — Scanned from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 14 HTTP transactions. The main IP is 3.33.192.145, located in United States and belongs to AMAZON-02, US. The main domain is platdom-1.online. The Cisco Umbrella rank of the primary domain is 370994.
TLS certificate: Issued by Amazon RSA 2048 M02 on April 30th 2024. Valid for: a year.
This is the only time platdom-1.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 185.53.178.111 61969 (TEAMINTER...)
1 18.66.121.138 16509 (AMAZON-02)
2 35.172.149.84 14618 (AMAZON-AES)
1 3.33.192.145 16509 (AMAZON-02)
1 130.211.29.114 396982 (GOOGLE-CL...)
2 35.241.15.240 15169 (GOOGLE)
14 7
4    185.53.178.111 (Germany)

ASN61969 (TEAMINTERNET-AS, DE)
females.es
1    18.66.121.138 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-121-138.fra60.r.cloudfront.net
d38psrni17bvxu.cloudfront.net
2    35.172.149.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-149-84.compute-1.amazonaws.com
snorr-dbs.com
1    3.33.192.145 (United States)

ASN16509 (AMAZON-02, US)
PTR: ab226b763647f1870.awsglobalaccelerator.com
platdom-1.online
1    130.211.29.114 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 114.29.211.130.bc.googleusercontent.com
cdn.perfdrive.com
2    35.241.15.240 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 240.15.241.35.bc.googleusercontent.com
cas.avalon.perfdrive.com
Apex Domain
Subdomains		 Transfer
4 females.es
females.es
3 KB
3 perfdrive.com
cdn.perfdrive.com — Cisco Umbrella Rank: 22544
cas.avalon.perfdrive.com — Cisco Umbrella Rank: 9249
90 KB
2 snorr-dbs.com
snorr-dbs.com — Cisco Umbrella Rank: 251929
4 KB
1 platdom-1.online
platdom-1.online — Cisco Umbrella Rank: 370994
1 KB
1 cloudfront.net
d38psrni17bvxu.cloudfront.net
1 KB
0 clouback-1.online Failed
xml-v4.clouback-1.online — Cisco Umbrella Rank: 128656 Failed
14 6
Domain Requested by
4 females.es d38psrni17bvxu.cloudfront.net
females.es
2 cas.avalon.perfdrive.com cdn.perfdrive.com
2 snorr-dbs.com females.es
snorr-dbs.com
1 cdn.perfdrive.com platdom-1.online
1 platdom-1.online snorr-dbs.com
1 d38psrni17bvxu.cloudfront.net females.es
0 xml-v4.clouback-1.online Failed platdom-1.online
14 7

This site contains no links.

Subject Issuer Validity Valid
females.es
R3		 2024-02-13 -
2024-05-13		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
snorr-dbs.com
Amazon RSA 2048 M03		 2024-04-17 -
2025-05-16		 a year crt.sh
platdom-1.online
Amazon RSA 2048 M02		 2024-04-30 -
2025-05-29		 a year crt.sh
*.perfdrive.com
Go Daddy Secure Certificate Authority - G2		 2023-09-21 -
2024-09-26		 a year crt.sh
cas.avalon.perfdrive.com
Go Daddy Secure Certificate Authority - G2		 2023-07-24 -
2024-08-05		 a year crt.sh

This page contains 1 frames:

Frame: http://xml-v4.clouback-1.online/click?seat=2706737&i=WGHgozdyM98_0
Frame ID: 14307E1B4AE35DABA1AEB969362C3C71
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://females.es/ HTTP 307
    https://females.es/ Page URL
  2. http://snorr-dbs.com/zclkvisitor/73c3d341-09ec-11ef-b233-0affd2869eb9/1304ac30-8585-11eb-af9e-0a5... HTTP 307
    https://snorr-dbs.com/zclkvisitor/73c3d341-09ec-11ef-b233-0affd2869eb9/1304ac30-8585-11eb-af9e-0a5... Page URL
  3. https://snorr-dbs.com/zclkredirect?visitid=73c3d341-09ec-11ef-b233-0affd2869eb9&type=js&browserWid... Page URL
  4. http://platdom-1.online/api/v1/px?xmlid=VnGJHdhrGnqXP2JCjbFWF5r45P9ce5PlfWAZgNSV HTTP 307
    https://platdom-1.online/api/v1/px?xmlid=VnGJHdhrGnqXP2JCjbFWF5r45P9ce5PlfWAZgNSV Page URL

Page Statistics

14
Requests

79 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

99 kB
Transfer

254 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://females.es/ HTTP 307
    https://females.es/ Page URL
  2. http://snorr-dbs.com/zclkvisitor/73c3d341-09ec-11ef-b233-0affd2869eb9/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=73cf1de3-09ec-11ef-b233-0affd2869eb9 HTTP 307
    https://snorr-dbs.com/zclkvisitor/73c3d341-09ec-11ef-b233-0affd2869eb9/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=73cf1de3-09ec-11ef-b233-0affd2869eb9 Page URL
  3. https://snorr-dbs.com/zclkredirect?visitid=73c3d341-09ec-11ef-b233-0affd2869eb9&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B01%3A00&timezoneName=Atlantic%2FCanary Page URL
  4. http://platdom-1.online/api/v1/px?xmlid=VnGJHdhrGnqXP2JCjbFWF5r45P9ce5PlfWAZgNSV HTTP 307
    https://platdom-1.online/api/v1/px?xmlid=VnGJHdhrGnqXP2JCjbFWF5r45P9ce5PlfWAZgNSV Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://females.es/ HTTP 307
  • https://females.es/
Request Chain 5
  • http://snorr-dbs.com/zclkvisitor/73c3d341-09ec-11ef-b233-0affd2869eb9/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=73cf1de3-09ec-11ef-b233-0affd2869eb9 HTTP 307
  • https://snorr-dbs.com/zclkvisitor/73c3d341-09ec-11ef-b233-0affd2869eb9/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=73cf1de3-09ec-11ef-b233-0affd2869eb9
Request Chain 8
  • https://platdom-1.online/api/v1/pxcheck?impId=VnGJHdhrGnqXP2JCjbFWF5r45P9ce5PlfWAZgNSV&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyNC4wLjAuMCBTYWZhcmkvNTM3LjM2IiwiaWZyYW1lIjpmYWxzZSwiZGV2aWNlUGl4ZWxSYXRpbyI6MSwid25kTG9jSHJlZiI6Imh0dHBzOi8vcGxhdGRvbS0xLm9ubGluZS9hcGkvdjEvcHg/eG1saWQ9Vm5HSkhkaHJHbnFYUDJKQ2piRldGNXI0NVA5Y2U1UGxmV0FaZ05TViIsImRldmljZVNyZWVuU2l6ZSI6IjEyMDB4MTYwMCIsImRldmljZVdpbmRvd1NpemUiOiIxMjAweDE2MDAiLCJ3bmQyc3JjUmF0aW9Md3IwNiI6ZmFsc2UsImVmZmVjdGl2ZVR5cGUiOiI0ZyIsImlzQm90Ijoib2ZmIn0= HTTP 302
  • http://xml-v4.clouback-1.online/click?seat=2706737&i=WGHgozdyM98_0 HTTP 307
  • https://xml-v4.clouback-1.online/click?seat=2706737&i=WGHgozdyM98_0 HTTP 302
  • https://plorexdry.com/r/b?s=126144421&s2=females.es%252Cfemales%252Ces&s3=c2d416865c0943d28c28641bd HTTP 302
  • https://buybutwhere.com/buy/with/be4/in?store=padelnuestro.com&nid=76&sid1=126144421&sid2=females.es2Cfemales2Ces&sid3=c2d416865c0943d28c28641bd&url=https%3A%2F%2Fpadelnuestro.com&rtb_key=1bd1f326c03a1176d5c895cdca8decfe HTTP 307
  • http://xml-v4.clouback-1.online/click?seat=2706737&i=WGHgozdyM98_0

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
females.es/
Redirect Chain
  • http://females.es/
  • https://females.es/
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://females.es/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.53.178.111 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
Caddy nginx /
Resource Hash
71d4bd9014c5cc5db79d83ddcf5500c9f02434972886cf8fac250c1ba6656e11

Request headers

Accept-Language
es-ES,es;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ch
viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
accept-ch-lifetime
30
alt-svc
h3=":8443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 04 May 2024 08:01:03 GMT
host
{http.reverse_proxy.upstream.hostport}
server
Caddy nginx
vary
Accept-Encoding
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_ShZQFKI+hls61wAGHCR3m6N9++MxkmhCdIOXMjiLLqhl705oicP8ehSsKPXOc5rr+Envqd5JivnrGBuuDWZL7A==
x-buckets
bucket011
x-domain
females.es
x-forwarded-host
females.es
x-language
spanish
x-redirect
zeropark_zeroclick
x-ssl-c
v1
x-ssl-proxy
v2
x-subdomain
x-template
tpl_CleanPeppermintBlack_twoclick

Redirect headers

Location
https://females.es/
Non-Authoritative-Reason
HttpsUpgrades
js3.js
d38psrni17bvxu.cloudfront.net/scripts/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Requested by
Host: females.es
URL: https://females.es/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.121.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-121-138.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://females.es/
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 04:33:15 GMT
via
1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
last-modified
Thu, 21 Mar 2024 11:48:11 GMT
server
nginx
x-amz-cf-pop
FRA60-P2
age
12469
etag
"65fc1e7b-448"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
1096
x-amz-cf-id
HrC-PN32kIJJZctpmNBA7D95tcik1suxStkj1k9K2ri9LX0rxrOUHA==
track.php
females.es/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://females.es/track.php?domain=females.es&toggle=browserjs&uid=MTcxNDgwOTY2Mi45MzE0OjNlMTJhOGFmY2YwMzY1OTY5YzQ3OTQ4OTVhYTRlZDQ1NjIwYmJkYjBmM2E4MGI0YmViODdkY2JlNWY2NWJjNzk6NjYzNWViM2VlMzY3MA%3D%3D
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.53.178.111 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
Caddy, nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
device-memory
8
rtt
250
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
viewport-width
1600
Accept-Language
es-ES,es;q=0.9;q=0.9
Referer
https://females.es/
dpr
1
downlink
10
ect
4g
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 08:01:04 GMT
content-encoding
gzip
x-ssl-proxy
v2
accept-ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
host
{http.reverse_proxy.upstream.hostport}
server
Caddy, nginx
x-custom-track
browserjs
vary
Accept-Encoding
accept-ch-lifetime
30
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
x-forwarded-host
females.es
x-ssl-c
v1
alt-svc
h3=":8443"; ma=2592000
ls.php
females.es/ 		16 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://females.es/ls.php?t=6635eb3f&token=41b02bbc536fa38623d72d96e8719e4c4292b6f8
Requested by
Host: females.es
URL: https://females.es/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.53.178.111 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
Caddy, nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
device-memory
8
rtt
250
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
viewport-width
1600
Accept-Language
es-ES,es;q=0.9;q=0.9
Referer
https://females.es/
dpr
1
downlink
10
ect
4g
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 08:01:04 GMT
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_F5TdOA9yJOuGARGZxXIqpa58bAOmwlfGL3qdKKK9ZBxHdba9QGNjfZfENBnRIdSxI4a1tLWflpntXI8nTJl2dA==
x-ssl-c
v1
alt-svc
h3=":8443"; ma=2592000
x-ssl-proxy
v2
accept-ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
host
{http.reverse_proxy.upstream.hostport}
server
Caddy, nginx
access-control-max-age
86400
access-control-allow-methods
POST, OPTIONS
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
accept-ch-lifetime
30
charset
utf-8
x-forwarded-host
females.es
x-log-success
6635eb40024c8b9e9802b2ad
track.php
females.es/ 		0
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://females.es/track.php?click=1b5a4264798a792f5ed1b59b3239d05714c56931&domain=females.es&uid=MTcxNDgwOTY2Mi45MzE0OjNlMTJhOGFmY2YwMzY1OTY5YzQ3OTQ4OTVhYTRlZDQ1NjIwYmJkYjBmM2E4MGI0YmViODdkY2JlNWY2NWJjNzk6NjYzNWViM2VlMzY3MA%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2NjM1ZWIzZWUzNjFifHx8MTcxNDgwOTY2My4yMjE5fGNmZDlkMDZiYTIwMzI1NDRhZGM2NmE4Y2JmYWQ1Y2I2NjVhZjQ5NTh8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw0MWIwMmJiYzUzNmZhMzg2MjNkNzJkOTZlODcxOWU0YzQyOTJiNmY4fDB8fDB8MHx8&kw=&search=&pcat=&bucket=&clientID=&adtest=off
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.53.178.111 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
Caddy, nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
device-memory
8
rtt
250
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
viewport-width
1600
Accept-Language
es-ES,es;q=0.9;q=0.9
Referer
https://females.es/
dpr
1
downlink
10
ect
4g
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 08:01:04 GMT
content-encoding
gzip
x-ssl-proxy
v2
accept-ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
host
{http.reverse_proxy.upstream.hostport}
server
Caddy, nginx
x-custom-track
none
vary
Accept-Encoding
accept-ch-lifetime
30
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
x-forwarded-host
females.es
x-ssl-c
v1
x-view-match
true
alt-svc
h3=":8443"; ma=2592000
1304ac30-8585-11eb-af9e-0a51339b19df
snorr-dbs.com/zclkvisitor/73c3d341-09ec-11ef-b233-0affd2869eb9/
Redirect Chain
  • http://snorr-dbs.com/zclkvisitor/73c3d341-09ec-11ef-b233-0affd2869eb9/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=73cf1de3-09ec-11ef-b233-0affd2869eb9
  • https://snorr-dbs.com/zclkvisitor/73c3d341-09ec-11ef-b233-0affd2869eb9/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=73cf1de3-09ec-11ef-b233-0affd2869eb9
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://snorr-dbs.com/zclkvisitor/73c3d341-09ec-11ef-b233-0affd2869eb9/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=73cf1de3-09ec-11ef-b233-0affd2869eb9
Requested by
Host: females.es
URL: https://females.es/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.149.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-149-84.compute-1.amazonaws.com
Software
/
Resource Hash
b60b86903c091506d50a53c90d627613ba802af041bffb59544cca749cb93b21
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Accept-Language
es-ES,es;q=0.9;q=0.9
Referer
https://females.es/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
2732
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
content-type
text/html;charset=UTF-8
date
Sat, 04 May 2024 08:01:05 GMT
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp
default-src 'self'; script-src 'self' 'unsafe-inline'

Redirect headers

Location
https://snorr-dbs.com/zclkvisitor/73c3d341-09ec-11ef-b233-0affd2869eb9/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=73cf1de3-09ec-11ef-b233-0affd2869eb9
Non-Authoritative-Reason
HttpsUpgrades
zclkredirect
snorr-dbs.com/ 		342 B
804 B 		Document
General
Check archive.org
Download Go to
Full URL
https://snorr-dbs.com/zclkredirect?visitid=73c3d341-09ec-11ef-b233-0affd2869eb9&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B01%3A00&timezoneName=Atlantic%2FCanary
Requested by
Host: snorr-dbs.com
URL: https://snorr-dbs.com/zclkvisitor/73c3d341-09ec-11ef-b233-0affd2869eb9/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=73cf1de3-09ec-11ef-b233-0affd2869eb9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.149.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-149-84.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Accept-Language
es-ES,es;q=0.9;q=0.9
Referer
https://snorr-dbs.com/zclkvisitor/73c3d341-09ec-11ef-b233-0affd2869eb9/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=73cf1de3-09ec-11ef-b233-0affd2869eb9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
342
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
content-type
text/html;charset=UTF-8
date
Sat, 04 May 2024 08:01:06 GMT
redirected
JS
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp
default-src 'self'; script-src 'self' 'unsafe-inline'
Primary Request px
platdom-1.online/api/v1/
Redirect Chain
  • http://platdom-1.online/api/v1/px?xmlid=VnGJHdhrGnqXP2JCjbFWF5r45P9ce5PlfWAZgNSV
  • https://platdom-1.online/api/v1/px?xmlid=VnGJHdhrGnqXP2JCjbFWF5r45P9ce5PlfWAZgNSV
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platdom-1.online/api/v1/px?xmlid=VnGJHdhrGnqXP2JCjbFWF5r45P9ce5PlfWAZgNSV
Requested by
Host: snorr-dbs.com
URL: https://snorr-dbs.com/zclkredirect?visitid=73c3d341-09ec-11ef-b233-0affd2869eb9&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B01%3A00&timezoneName=Atlantic%2FCanary
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.192.145 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ab226b763647f1870.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept-Language
es-ES,es;q=0.9;q=0.9
Referer
https://snorr-dbs.com/zclkredirect?visitid=73c3d341-09ec-11ef-b233-0affd2869eb9&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B01%3A00&timezoneName=Atlantic%2FCanary
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 04 May 2024 08:01:06 GMT
etag
W/"8ad-IJH9iqau+DZTq3TMMA3Xp/wivsc"
vary
Accept-Encoding

Redirect headers

Location
https://platdom-1.online/api/v1/px?xmlid=VnGJHdhrGnqXP2JCjbFWF5r45P9ce5PlfWAZgNSV
Non-Authoritative-Reason
HttpsUpgrades
stormcaster.js
cdn.perfdrive.com/advanced/ 		238 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.perfdrive.com/advanced/stormcaster.js
Requested by
Host: platdom-1.online
URL: https://platdom-1.online/api/v1/px?xmlid=VnGJHdhrGnqXP2JCjbFWF5r45P9ce5PlfWAZgNSV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.29.114 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
114.29.211.130.bc.googleusercontent.com
Software
nginx/1.10.1 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://platdom-1.online/
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 07:19:15 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 03 May 2024 04:53:10 GMT
server
nginx/1.10.1
age
2512
etag
W/"66346db6-3b60f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
90762
click
xml-v4.clouback-1.online/
Redirect Chain
  • https://platdom-1.online/api/v1/pxcheck?impId=VnGJHdhrGnqXP2JCjbFWF5r45P9ce5PlfWAZgNSV&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVX...
  • http://xml-v4.clouback-1.online/click?seat=2706737&i=WGHgozdyM98_0
  • https://xml-v4.clouback-1.online/click?seat=2706737&i=WGHgozdyM98_0
  • https://plorexdry.com/r/b?s=126144421&s2=females.es%252Cfemales%252Ces&s3=c2d416865c0943d28c28641bd
  • https://buybutwhere.com/buy/with/be4/in?store=padelnuestro.com&nid=76&sid1=126144421&sid2=females.es2Cfemales2Ces&sid3=c2d416865c0943d28c28641bd&url=https%3A%2F%2Fpadelnuestro.com&rtb_key=1bd1f326c...
  • http://xml-v4.clouback-1.online/click?seat=2706737&i=WGHgozdyM98_0
0
0
jsdata
cas.avalon.perfdrive.com/ 		360 B
514 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cas.avalon.perfdrive.com/jsdata?
Requested by
Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/advanced/stormcaster.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.15.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
240.15.241.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://platdom-1.online/
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
x-response-time
0ms
date
Sat, 04 May 2024 08:01:07 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
360
content-type
text/plain; charset=UTF-8
jsdata
cas.avalon.perfdrive.com/ 		255 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cas.avalon.perfdrive.com/jsdata?
Requested by
Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/advanced/stormcaster.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.15.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
240.15.241.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://platdom-1.online/
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
x-response-time
0ms
date
Sat, 04 May 2024 08:01:07 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
content-type
text/plain; charset=UTF-8
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747

Request headers

Accept-Language
es-ES,es;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2

Request headers

Accept-Language
es-ES,es;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		155 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521

Request headers

Accept-Language
es-ES,es;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
click
xml-v4.clouback-1.online/ 		0
0
click
xml-v4.clouback-1.online/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
xml-v4.clouback-1.online
URL
http://xml-v4.clouback-1.online/click?seat=2706737&i=WGHgozdyM98_0
Domain
xml-v4.clouback-1.online
URL
http://xml-v4.clouback-1.online/click?seat=2706737&i=WGHgozdyM98_0
Domain
xml-v4.clouback-1.online
URL
http://xml-v4.clouback-1.online/click?seat=2706737&i=WGHgozdyM98_0

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Domain/Path Name / Value
.platdom-1.online/ Name: __ssds
Value: 2
.platdom-1.online/ Name: __ssuzjsr2
Value: a9be0cd8e
.platdom-1.online/ Name: __uzmaj2
Value: e8cdc7c7-a1d8-4fed-b0b1-7346a7bcf67d
.platdom-1.online/ Name: __uzmbj2
Value: 1714809667
.platdom-1.online/ Name: __uzmcj2
Value: 854401076882
.platdom-1.online/ Name: __uzmdj2
Value: 1714809667
.platdom-1.online/ Name: __uzmlj2
Value: mkY1lW/eeI0ywyD9M5LbqFNdHuOF220o8ZBIMKMwEFk=
.platdom-1.online/ Name: __uzmfj2
Value: 7f6000647b5b60-efec-4057-baf4-efc5ee15012f17148096674120-cc04670e0bc9365910