urlscan.io logo urlscan.io
SecurityTrails logo

sadbh-kye.com Open in urlscan Pro
44.215.221.129  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://chinasemservice.com/scripts/pdf.exe9/q
Effective URL: http://sadbh-kye.com/zclkredirect?visitid=cb9fac21-d034-11ee-9007-1296f21b483b&type=js&browserWidth=1600&browserHeigh...
Submission: On February 20 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 9 domains to perform 11 HTTP transactions. The main IP is 44.215.221.129, located in and belongs to . The main domain is sadbh-kye.com.
This is the only time sadbh-kye.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 216.245.214.81 46475 (LIMESTONE...)
1 2 192.99.158.241 16276 (OVH)
1 2 139.177.202.97 63949 (AKAMAI-LI...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 50.97.212.250 36351 (SOFTLAYER)
1 1 103.224.182.241 133618 (TRELLIAN-...)
4 185.53.179.29 ()
1 2600:9000:220... ()
2 44.215.221.129 ()
11 7
1    216.245.214.81 (Dallas, United States)

ASN46475 (LIMESTONENETWORKS, US)
PTR: 81-214-245-216.static.reverse.lstn.net
chinasemservice.com
2    192.99.158.241 (Canada)

ASN16276 (OVH, FR)
PTR: ip241.ip-192-99-158.net
btxxxnav.com
2    139.177.202.97 (Atlanta, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 139-177-202-97.ip.linodeusercontent.com
264.muehlecr.xyz
1    2606:4700:3033::6815:3ae4 (United States)

ASN13335 (CLOUDFLARENET, US)
trackme.wdk18.com
2    50.97.212.250 (San Jose, United States)

ASN36351 (SOFTLAYER, US)
PTR: fa.d4.6132.ip4.static.sl-reverse.com
www.clkmg.com
1    103.224.182.241 (Australia)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-241.above.com
oaklye.com
4    185.53.179.29 (None, )

ASN- ()
ww38.oaklye.com
1    2600:9000:2209:6200:1d:4618:5c80:21 (None, )

ASN- ()
d38psrni17bvxu.cloudfront.net
2    44.215.221.129 (None, )

ASN- ()
sadbh-kye.com
Apex Domain
Subdomains		 Transfer
5 oaklye.com
oaklye.com
ww38.oaklye.com
5 KB
2 sadbh-kye.com
sadbh-kye.com
4 KB
2 clkmg.com
www.clkmg.com — Cisco Umbrella Rank: 262557
2 KB
2 muehlecr.xyz
264.muehlecr.xyz
2 KB
2 btxxxnav.com
btxxxnav.com
6 KB
1 cloudfront.net
d38psrni17bvxu.cloudfront.net
2 KB
1 wdk18.com
trackme.wdk18.com
849 B
1 chinasemservice.com
chinasemservice.com
639 B
0 g2afse.com Failed
clicktracking.g2afse.com Failed
11 9
Domain Requested by
4 ww38.oaklye.com d38psrni17bvxu.cloudfront.net
ww38.oaklye.com
2 sadbh-kye.com ww38.oaklye.com
sadbh-kye.com
2 www.clkmg.com 1 redirects btxxxnav.com
2 264.muehlecr.xyz 1 redirects
2 btxxxnav.com 1 redirects
1 d38psrni17bvxu.cloudfront.net ww38.oaklye.com
1 oaklye.com 1 redirects
1 trackme.wdk18.com 1 redirects
1 chinasemservice.com 1 redirects
0 clicktracking.g2afse.com Failed sadbh-kye.com
11 10

This site contains no links.

Subject Issuer Validity Valid
*.clkmg.com
AlphaSSL CA - SHA256 - G4		 2023-02-23 -
2024-03-26		 a year crt.sh

This page contains 1 frames:

Frame: https://clicktracking.g2afse.com/click?pid=778&offer_id=4110&sub1=zrcb9fac21d03411ee90071296f21b483b5f7d10f74c6443978183bec92f41bb9608010967db1e6ef309&sub3=lateritious-falcon&sub4=0.001400&sub5=DOMAIN__broad&sub2=zeropark&sub6=NON-ADULT&sub7=charlie-rob-kgj8on8q5m&sub8=
Frame ID: 490B5D3AE6A35E9A2FF1487CAF7CE482
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://chinasemservice.com/scripts/pdf.exe9/q HTTP 302
    http://btxxxnav.com/click?data=ZWt5cjNRWUxjNmx5TlF2WVppSEFJQU1XeDRuT2ZvNVV4Q2JKRFF4T1FEZnZ2MWJsN... Page URL
  2. http://btxxxnav.com/Redirect/ HTTP 302
    http://264.muehlecr.xyz/match-264/87541/208450543/1708463563/mf_7b0a71d1-68ce-41ad-b023-ed6d8fc6cc93... Page URL
  3. http://264.muehlecr.xyz/match-264/87541/208450543/1708463563/mf_7b0a71d1-68ce-41ad-b023-ed6d8fc6cc93... HTTP 302
    https://trackme.wdk18.com/1jl065/rn-apix01-chinasemservice.com HTTP 302
    https://www.clkmg.com/qvikar/1jl065/rn-apix01-chinasemservice.com HTTP 302
    https://www.clkmg.com/redir.cgi?url=https%3a%2f%2foaklye.com&pixel=0&lidc=1578205433 Page URL
  4. https://oaklye.com/ HTTP 302
    http://ww38.oaklye.com/ Page URL
  5. http://sadbh-kye.com/zclkvisitor/cb9fac21-d034-11ee-9007-1296f21b483b/85aefdc2-9ed0-48aa-922d-60f... Page URL
  6. http://sadbh-kye.com/zclkredirect?visitid=cb9fac21-d034-11ee-9007-1296f21b483b&type=js&browserWid... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js

Page Statistics

11
Requests

9 %
HTTPS

22 %
IPv6

9
Domains

10
Subdomains

7
IPs

3
Countries

18 kB
Transfer

15 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://chinasemservice.com/scripts/pdf.exe9/q HTTP 302
    http://btxxxnav.com/click?data=ZWt5cjNRWUxjNmx5TlF2WVppSEFJQU1XeDRuT2ZvNVV4Q2JKRFF4T1FEZnZ2MWJsNTU2eUVYeVNXWnZmSEU3U28yNFo1VS1FZGZDSDB1Sm00N2tzWGFDakN6dzNjUW9qYl9pUnVsSmQ1U3JMUlBId0ZiekZ0RmtFYWRuU1k2RjFZTk9RNk9YX1R1eXJmVENyU2stTmtnZTNEOXNfOVZpR3ZqNUxPQ1hzVVRNMQ2&id=709e9f83-9b2f-4041-8fc0-5f17165874c4 Page URL
  2. http://btxxxnav.com/Redirect/ HTTP 302
    http://264.muehlecr.xyz/match-264/87541/208450543/1708463563/mf_7b0a71d1-68ce-41ad-b023-ed6d8fc6cc93/YXBpeDAxLWNoaW5hc2Vtc2VydmljZS5jb218MTcwODQ2MzU2My4yMDQ5MTItMjA4NDUwNTQzLTg3NTQx/feed/?ci=GTLLBQB60G3G3TGV1VJPS5 Page URL
  3. http://264.muehlecr.xyz/match-264/87541/208450543/1708463563/mf_7b0a71d1-68ce-41ad-b023-ed6d8fc6cc93/YXBpeDAxLWNoaW5hc2Vtc2VydmljZS5jb218MTcwODQ2MzU2My4yMDQ5MTItMjA4NDUwNTQzLTg3NTQx/?ci%3DGTLLBQB60G3G3TGV1VJPS5 HTTP 302
    https://trackme.wdk18.com/1jl065/rn-apix01-chinasemservice.com HTTP 302
    https://www.clkmg.com/qvikar/1jl065/rn-apix01-chinasemservice.com HTTP 302
    https://www.clkmg.com/redir.cgi?url=https%3a%2f%2foaklye.com&pixel=0&lidc=1578205433 Page URL
  4. https://oaklye.com/ HTTP 302
    http://ww38.oaklye.com/ Page URL
  5. http://sadbh-kye.com/zclkvisitor/cb9fac21-d034-11ee-9007-1296f21b483b/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=a3b50e90-a3c9-11ee-857f-123f4a2b6bb7 Page URL
  6. http://sadbh-kye.com/zclkredirect?visitid=cb9fac21-d034-11ee-9007-1296f21b483b&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected%20%20%20%20%20%20%20%20=false&usingEventListener=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://chinasemservice.com/scripts/pdf.exe9/q HTTP 302
  • http://btxxxnav.com/click?data=ZWt5cjNRWUxjNmx5TlF2WVppSEFJQU1XeDRuT2ZvNVV4Q2JKRFF4T1FEZnZ2MWJsNTU2eUVYeVNXWnZmSEU3U28yNFo1VS1FZGZDSDB1Sm00N2tzWGFDakN6dzNjUW9qYl9pUnVsSmQ1U3JMUlBId0ZiekZ0RmtFYWRuU1k2RjFZTk9RNk9YX1R1eXJmVENyU2stTmtnZTNEOXNfOVZpR3ZqNUxPQ1hzVVRNMQ2&id=709e9f83-9b2f-4041-8fc0-5f17165874c4
Request Chain 1
  • http://btxxxnav.com/Redirect/ HTTP 302
  • http://264.muehlecr.xyz/match-264/87541/208450543/1708463563/mf_7b0a71d1-68ce-41ad-b023-ed6d8fc6cc93/YXBpeDAxLWNoaW5hc2Vtc2VydmljZS5jb218MTcwODQ2MzU2My4yMDQ5MTItMjA4NDUwNTQzLTg3NTQx/feed/?ci=GTLLBQB60G3G3TGV1VJPS5
Request Chain 2
  • http://264.muehlecr.xyz/match-264/87541/208450543/1708463563/mf_7b0a71d1-68ce-41ad-b023-ed6d8fc6cc93/YXBpeDAxLWNoaW5hc2Vtc2VydmljZS5jb218MTcwODQ2MzU2My4yMDQ5MTItMjA4NDUwNTQzLTg3NTQx/?ci%3DGTLLBQB60G3G3TGV1VJPS5 HTTP 302
  • https://trackme.wdk18.com/1jl065/rn-apix01-chinasemservice.com HTTP 302
  • https://www.clkmg.com/qvikar/1jl065/rn-apix01-chinasemservice.com HTTP 302
  • https://www.clkmg.com/redir.cgi?url=https%3a%2f%2foaklye.com&pixel=0&lidc=1578205433
Request Chain 3
  • https://oaklye.com/ HTTP 302
  • http://ww38.oaklye.com/

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
click
btxxxnav.com/
Redirect Chain
  • http://chinasemservice.com/scripts/pdf.exe9/q
  • http://btxxxnav.com/click?data=ZWt5cjNRWUxjNmx5TlF2WVppSEFJQU1XeDRuT2ZvNVV4Q2JKRFF4T1FEZnZ2MWJsNTU2eUVYeVNXWnZmSEU3U28yNFo1VS1FZGZDSDB1Sm00N2tzWGFDakN6dzNjUW9qYl9pUnVsSmQ1U3JMUlBId0ZiekZ0RmtFYWRuU1...
5 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://btxxxnav.com/click?data=ZWt5cjNRWUxjNmx5TlF2WVppSEFJQU1XeDRuT2ZvNVV4Q2JKRFF4T1FEZnZ2MWJsNTU2eUVYeVNXWnZmSEU3U28yNFo1VS1FZGZDSDB1Sm00N2tzWGFDakN6dzNjUW9qYl9pUnVsSmQ1U3JMUlBId0ZiekZ0RmtFYWRuU1k2RjFZTk9RNk9YX1R1eXJmVENyU2stTmtnZTNEOXNfOVZpR3ZqNUxPQ1hzVVRNMQ2&id=709e9f83-9b2f-4041-8fc0-5f17165874c4
Protocol
HTTP/1.1
Server
192.99.158.241 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip241.ip-192-99-158.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5bd088734cc88f7061127b6e15cdf0c4f59e75a107b45e88da4f40e044d3e18f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
*
Cache-Control
private
Content-Length
5470
Content-Type
text/html; charset=utf-8
Date
Tue, 20 Feb 2024 21:09:38 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Powered-By
ASP.NET

Redirect headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
11
date
Tue, 20 Feb 2024 21:12:43 GMT
location
http://btxxxnav.com/click?data=ZWt5cjNRWUxjNmx5TlF2WVppSEFJQU1XeDRuT2ZvNVV4Q2JKRFF4T1FEZnZ2MWJsNTU2eUVYeVNXWnZmSEU3U28yNFo1VS1FZGZDSDB1Sm00N2tzWGFDakN6dzNjUW9qYl9pUnVsSmQ1U3JMUlBId0ZiekZ0RmtFYWRuU1k2RjFZTk9RNk9YX1R1eXJmVENyU2stTmtnZTNEOXNfOVZpR3ZqNUxPQ1hzVVRNMQ2&id=709e9f83-9b2f-4041-8fc0-5f17165874c4
server
nginx
/
264.muehlecr.xyz/match-264/87541/208450543/1708463563/mf_7b0a71d1-68ce-41ad-b023-ed6d8fc6cc93/YXBpeDAxLWNoaW5hc2Vtc2VydmljZS5jb218MTcwODQ2MzU2My4yMDQ5MTItMjA4NDUwNTQzLTg3NTQx/feed/
Redirect Chain
  • http://btxxxnav.com/Redirect/
  • http://264.muehlecr.xyz/match-264/87541/208450543/1708463563/mf_7b0a71d1-68ce-41ad-b023-ed6d8fc6cc93/YXBpeDAxLWNoaW5hc2Vtc2VydmljZS5jb218MTcwODQ2MzU2My4yMDQ5MTItMjA4NDUwNTQzLTg3NTQx/feed/?ci=GTLLBQ...
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://264.muehlecr.xyz/match-264/87541/208450543/1708463563/mf_7b0a71d1-68ce-41ad-b023-ed6d8fc6cc93/YXBpeDAxLWNoaW5hc2Vtc2VydmljZS5jb218MTcwODQ2MzU2My4yMDQ5MTItMjA4NDUwNTQzLTg3NTQx/feed/?ci=GTLLBQB60G3G3TGV1VJPS5
Protocol
HTTP/1.1
Server
139.177.202.97 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
139-177-202-97.ip.linodeusercontent.com
Software
nginx/1.14.2 /
Resource Hash

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
http://btxxxnav.com
Referer
http://btxxxnav.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Tue, 20 Feb 2024 21:12:44 GMT
server
nginx/1.14.2
transfer-encoding
chunked

Redirect headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
*
Cache-Control
private
Content-Length
330
Content-Type
text/html; charset=utf-8
Date
Tue, 20 Feb 2024 21:09:38 GMT
Location
http://264.muehlecr.xyz/match-264/87541/208450543/1708463563/mf_7b0a71d1-68ce-41ad-b023-ed6d8fc6cc93/YXBpeDAxLWNoaW5hc2Vtc2VydmljZS5jb218MTcwODQ2MzU2My4yMDQ5MTItMjA4NDUwNTQzLTg3NTQx/feed/?ci=GTLLBQB60G3G3TGV1VJPS5
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Powered-By
ASP.NET
redir.cgi
www.clkmg.com/
Redirect Chain
  • http://264.muehlecr.xyz/match-264/87541/208450543/1708463563/mf_7b0a71d1-68ce-41ad-b023-ed6d8fc6cc93/YXBpeDAxLWNoaW5hc2Vtc2VydmljZS5jb218MTcwODQ2MzU2My4yMDQ5MTItMjA4NDUwNTQzLTg3NTQx/?ci%3DGTLLBQB60...
  • https://trackme.wdk18.com/1jl065/rn-apix01-chinasemservice.com
  • https://www.clkmg.com/qvikar/1jl065/rn-apix01-chinasemservice.com
  • https://www.clkmg.com/redir.cgi?url=https%3a%2f%2foaklye.com&pixel=0&lidc=1578205433
110 B
804 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.clkmg.com/redir.cgi?url=https%3a%2f%2foaklye.com&pixel=0&lidc=1578205433
Requested by
Host: btxxxnav.com
URL: http://btxxxnav.com/click?data=ZWt5cjNRWUxjNmx5TlF2WVppSEFJQU1XeDRuT2ZvNVV4Q2JKRFF4T1FEZnZ2MWJsNTU2eUVYeVNXWnZmSEU3U28yNFo1VS1FZGZDSDB1Sm00N2tzWGFDakN6dzNjUW9qYl9pUnVsSmQ1U3JMUlBId0ZiekZ0RmtFYWRuU1k2RjFZTk9RNk9YX1R1eXJmVENyU2stTmtnZTNEOXNfOVZpR3ZqNUxPQ1hzVVRNMQ2&id=709e9f83-9b2f-4041-8fc0-5f17165874c4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.97.212.250 San Jose, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
fa.d4.6132.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://264.muehlecr.xyz/match-264/87541/208450543/1708463563/mf_7b0a71d1-68ce-41ad-b023-ed6d8fc6cc93/YXBpeDAxLWNoaW5hc2Vtc2VydmljZS5jb218MTcwODQ2MzU2My4yMDQ5MTItMjA4NDUwNTQzLTg3NTQx/feed/?ci=GTLLBQB60G3G3TGV1VJPS5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
undefined-origin
Access-Control-Max-Age
300
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Tue, 20 Feb 2024 21:12:45 GMT
P3P
CP="This is not a P3P policy! See http://www.clkmg.com for more info."
Server
nginx
Transfer-Encoding
chunked
X-CM-FE
httpfe-01.clickmagick.com
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
1; mode=block

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
undefined-origin
Access-Control-Max-Age
300
Connection
keep-alive
Content-Length
276
Content-Type
text/html; charset=iso-8859-1
Date
Tue, 20 Feb 2024 21:12:45 GMT
Location
https://www.clkmg.com/redir.cgi?url=https%3a%2f%2foaklye.com&pixel=0&lidc=1578205433
P3P
CP="This is not a P3P policy! See https://www.clkmg.com for more info."
Server
nginx
X-CM-FE
httpfe-01.clickmagick.com
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
1; mode=block
/
ww38.oaklye.com/
Redirect Chain
  • https://oaklye.com/
  • http://ww38.oaklye.com/
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ww38.oaklye.com/
Protocol
HTTP/1.1
Server
185.53.179.29 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e0d79824f556771a407c5e6d4f9e4cd6b1c67050591a9f33ade38e2c7150f9d7

Request headers

Referer
https://www.clkmg.com/redir.cgi?url=https%3a%2f%2foaklye.com&pixel=0&lidc=1578205433
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-CH
viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
Accept-CH-Lifetime
30
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 20 Feb 2024 21:12:47 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_AswIi0xxQuUMPacb97a3Ah1PHLFKAzpsuMpQvDH+5ZLOqDgjdyGtDEMyuKD7szXo74fMRua/dmpwBPc0zIO51A==
X-Buckets
bucket011
X-Domain
oaklye.com
X-Language
english
X-Redirect
zeropark_zeroclick
X-Subdomain
ww38
X-Template
tpl_CleanPeppermintBlack_twoclick

Redirect headers

connection
close
content-length
2
content-type
text/html; charset=UTF-8
date
Tue, 20 Feb 2024 21:12:45 GMT
location
http://ww38.oaklye.com/
server
Apache
js3.js
d38psrni17bvxu.cloudfront.net/scripts/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Requested by
Host: ww38.oaklye.com
URL: http://ww38.oaklye.com/
Protocol
HTTP/1.1
Server
2600:9000:2209:6200:1d:4618:5c80:21 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ww38.oaklye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Mon, 19 Feb 2024 23:52:56 GMT
Via
1.1 957a0e737a088bdc07cb5cc9dcc9e826.cloudfront.net (CloudFront)
Last-Modified
Mon, 23 Jan 2023 11:12:07 GMT
Server
nginx
X-Amz-Cf-Pop
EWR53-P1
Age
76791
ETag
"63ce6b87-448"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1096
X-Amz-Cf-Id
7hzx1lLLAphMa_tqKEi9--oxAPDkngoCgXCX_2IBVaE0VIz4Af_ybg==
track.php
ww38.oaklye.com/ 		0
608 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://ww38.oaklye.com/track.php?domain=oaklye.com&toggle=browserjs&uid=MTcwODQ2MzU2Ni42NTY5OmQyNDE4MDQ0YmRlNmViOGJiNDY4MmVkNWY4NzRmMzZlY2I5YjdhNDJmNjU1Y2ZjZmE0NWNjMzU5YjZhODAyZDk6NjVkNTE1Y2VhMDVlZQ%3D%3D
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: http://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
HTTP/1.1
Server
185.53.179.29 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ww38.oaklye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 21:12:47 GMT
Content-Encoding
gzip
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
X-Custom-Track
browserjs
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Accept-CH-Lifetime
30
Connection
keep-alive
ls.php
ww38.oaklye.com/ 		16 B
906 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://ww38.oaklye.com/ls.php?t=65d515cf&token=7596e22206b9383a48a3b2bbdf16cce7db314c30
Requested by
Host: ww38.oaklye.com
URL: http://ww38.oaklye.com/
Protocol
HTTP/1.1
Server
185.53.179.29 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ww38.oaklye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 21:12:47 GMT
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Transfer-Encoding
chunked
Accept-CH-Lifetime
30
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
Access-Control-Allow-Methods
POST, OPTIONS
Charset
utf-8
Access-Control-Max-Age
86400
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_gVln+Kq1sitdUH+or5oKrZx3xOyDDxfvGskSR6kesLdCl/2Y6BalN6/JYZ31AzfZixEsqG1IpJiEPnygcp4M4w==
Connection
keep-alive
X-Log-Success
65d515cff9b554e9d602edaa
track.php
ww38.oaklye.com/ 		0
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://ww38.oaklye.com/track.php?click=ee12fd574102c71b8613bc405f5c1f9c41cf9c94&domain=oaklye.com&uid=MTcwODQ2MzU2Ni42NTY5OmQyNDE4MDQ0YmRlNmViOGJiNDY4MmVkNWY4NzRmMzZlY2I5YjdhNDJmNjU1Y2ZjZmE0NWNjMzU5YjZhODAyZDk6NjVkNTE1Y2VhMDVlZQ%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2NWQ1MTVjZWEwNWI5fHx8MTcwODQ2MzU2Ny4wNjE5fDg5MWY5ZGYyYTM1MWRiZGNlMTg4MzY4NmMxNjRlZjgwMWVjYmI4Mzl8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw3NTk2ZTIyMjA2YjkzODNhNDhhM2IyYmJkZjE2Y2NlN2RiMzE0YzMwfDB8fDB8MHx8&kw=&search=&pcat=&bucket=&clientID=&adtest=off
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: http://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
HTTP/1.1
Server
185.53.179.29 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ww38.oaklye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 21:12:47 GMT
Content-Encoding
gzip
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
X-Custom-Track
none
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Accept-CH-Lifetime
30
X-View-Match
true
Connection
keep-alive
85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d
sadbh-kye.com/zclkvisitor/cb9fac21-d034-11ee-9007-1296f21b483b/ 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://sadbh-kye.com/zclkvisitor/cb9fac21-d034-11ee-9007-1296f21b483b/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=a3b50e90-a3c9-11ee-857f-123f4a2b6bb7
Requested by
Host: ww38.oaklye.com
URL: http://ww38.oaklye.com/
Protocol
HTTP/1.1
Server
44.215.221.129 -, , ASN (),
Reverse DNS
Software
CNhKXMnR /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
http://ww38.oaklye.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
Date
Tue, 20 Feb 2024 21:12:48 GMT
Server
CNhKXMnR
Transfer-Encoding
chunked
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
Primary Request zclkredirect
sadbh-kye.com/ 		722 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://sadbh-kye.com/zclkredirect?visitid=cb9fac21-d034-11ee-9007-1296f21b483b&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected%20%20%20%20%20%20%20%20=false&usingEventListener=true
Requested by
Host: sadbh-kye.com
URL: http://sadbh-kye.com/zclkvisitor/cb9fac21-d034-11ee-9007-1296f21b483b/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=a3b50e90-a3c9-11ee-857f-123f4a2b6bb7
Protocol
HTTP/1.1
Server
44.215.221.129 -, , ASN (),
Reverse DNS
Software
slWXMZXv /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
http://sadbh-kye.com/zclkvisitor/cb9fac21-d034-11ee-9007-1296f21b483b/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=a3b50e90-a3c9-11ee-857f-123f4a2b6bb7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
Date
Tue, 20 Feb 2024 21:12:48 GMT
Server
slWXMZXv
Transfer-Encoding
chunked
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
redirected
JS
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
click
clicktracking.g2afse.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
clicktracking.g2afse.com
URL
https://clicktracking.g2afse.com/click?pid=778&offer_id=4110&sub1=zrcb9fac21d03411ee90071296f21b483b5f7d10f74c6443978183bec92f41bb9608010967db1e6ef309&sub3=lateritious-falcon&sub4=0.001400&sub5=DOMAIN__broad&sub2=zeropark&sub6=NON-ADULT&sub7=charlie-rob-kgj8on8q5m&sub8=

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| domain string| uniqueTrackingID boolean| clickTracking string| themedata string| xkw string| xsearch string| xpcat string| bucket string| clientID string| clientIDs number| num_ads string| adtest string| scriptPath

6 Cookies

Domain/Path Name / Value
.chinasemservice.com/ Name: sid
Value: c94c83b0-d034-11ee-bbac-9d685467b573
btxxxnav.com/ Name: JkglICLxOeKPErw
Value: JkglICLxOeKPErw
.clkmg.com/ Name: alc
Value: 1
.clkmg.com/ Name: lids
Value: 2409752-2409752+
.clkmg.com/ Name: vid
Value: 967478400
oaklye.com/ Name: __tad
Value: 1708463565.8722271