urlscan.io logo urlscan.io
SecurityTrails logo

cleverbandoline.com Open in urlscan Pro
138.128.118.54  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.co/6LO9Is3WfY
Effective URL: http://cleverbandoline.com/clicks/?cid=4740&pub=107831&prevcid=24221&sid1=&sid2=&sid3=&sid4=
Submission: On June 22 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 7 domains to perform 7 HTTP transactions. The main IP is 138.128.118.54, located in Stoney Creek, Canada and belongs to AS-COLOCROSSING - ColoCrossing, US. The main domain is cleverbandoline.com.
This is the only time cleverbandoline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.244.42.197 13414 (TWITTER)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
4 138.128.118.54 36352 (AS-COLOCR...)
1 1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 1 66.172.12.145 11051 (CYBERVERSE)
1 1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 35.190.48.51 15169 (GOOGLE)
7 4
1    104.244.42.197 (United States)

ASN13414 (TWITTER - Twitter Inc., US)
t.co
1    2606:4700:30::681b:9cac (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
gameprostar.com
4    138.128.118.54 (Stoney Creek, Canada)

ASN36352 (AS-COLOCROSSING - ColoCrossing, US)
cleverbandoline.com
1    2606:4700:30::681b:905f (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
rapid-cdn.com
1    66.172.12.145 (Los Angeles, United States)

ASN11051 (CYBERVERSE - Evocative, Inc., US)
PTR: ip-66-172-12-145.chunkhost.com
go.kyakte.com
1    2606:4700:30::6812:2664 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
mobilapptracking.com
1    35.190.48.51 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 51.48.190.35.bc.googleusercontent.com
www.objectdexchange.com
Domain Requested by
4 cleverbandoline.com cleverbandoline.com
1 www.objectdexchange.com cleverbandoline.com
1 mobilapptracking.com 1 redirects
1 go.kyakte.com 1 redirects
1 rapid-cdn.com 1 redirects
1 gameprostar.com t.co
1 t.co
7 7

This site contains no links.

Subject Issuer Validity Valid
t.co
DigiCert SHA2 High Assurance Server CA		 2019-03-07 -
2020-03-07		 a year crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-04-15 -
2020-04-15		 a year crt.sh

1970-01-01 -
1970-01-01		 a few seconds crt.sh

This page contains 1 frames:

Frame: http://www.objectdexchange.com/jump/next.php?r=2439731&sub1=%7Btrafficsource-domain%7D&sub2=641612885163863641
Frame ID: 47BCB2E069ADF45BF6C57914D8622C06
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://t.co/6LO9Is3WfY Page URL
  2. https://gameprostar.com/system/1.html Page URL
  3. http://cleverbandoline.com/clicks?cid=24221&pub=107831&sid1=&sid2=&sid3=&sid4= Page URL
  4. http://cleverbandoline.com/clicks/?cid=4740&pub=107831&prevcid=24221&sid1=&sid2=&sid3=&sid4= Page URL

Page Statistics

7
Requests

29 %
HTTPS

43 %
IPv6

7
Domains

7
Subdomains

4
IPs

2
Countries

10 kB
Transfer

9 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.co/6LO9Is3WfY Page URL
  2. https://gameprostar.com/system/1.html Page URL
  3. http://cleverbandoline.com/clicks?cid=24221&pub=107831&sid1=&sid2=&sid3=&sid4= Page URL
  4. http://cleverbandoline.com/clicks/?cid=4740&pub=107831&prevcid=24221&sid1=&sid2=&sid3=&sid4= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • http://rapid-cdn.com/?flux_fts=ioxtixzzcotllizozxeiclzclcqzllcaqxxzi74b5b&pubid=107831&vert=&cid=4740&country=&payout= HTTP 307
  • http://go.kyakte.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=641612877017286680 HTTP 302
  • https://mobilapptracking.com/?flux_fts=pqlapaxzaiqtxctllxepqqpqpxlzplqoqpoct4773c&campaign=ht-fallback HTTP 307
  • http://www.objectdexchange.com/jump/next.php?r=2439731&sub1=%7Btrafficsource-domain%7D&sub2=641612885163863641

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
6LO9Is3WfY
t.co/ 		267 B
398 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/6LO9Is3WfY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_o /
Resource Hash
5d888e9e54bce8c69301d027be900845343245e0b6c281de4ecfbe41f0e8342a
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

:method
GET
:authority
t.co
:scheme
https
:path
/6LO9Is3WfY
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
cache-control
private,max-age=300
content-encoding
gzip
content-length
185
content-type
text/html; charset=utf-8
date
Sat, 22 Jun 2019 01:04:38 GMT
expires
Sat, 22 Jun 2019 01:09:38 GMT
server
tsa_o
set-cookie
muc=6c63e1d7-e481-4484-a524-83356469f22d; Max-Age=63072000; Expires=Mon, 21 Jun 2021 01:04:38 GMT; Domain=t.co
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
32124deaa6195b886d77c8efea2b3b39
x-response-time
124
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report
1.html
gameprostar.com/system/ 		195 B
423 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gameprostar.com/system/1.html
Requested by
Host: t.co
URL: https://t.co/6LO9Is3WfY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:9cac , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
20c41d958471f8d81e3518b136954a785c378bea038d9fbd68ceb8cd6ccdf808

Request headers

:method
GET
:authority
gameprostar.com
:scheme
https
:path
/system/1.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://t.co/6LO9Is3WfY
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://t.co/6LO9Is3WfY

Response headers

status
200
date
Sat, 22 Jun 2019 01:04:38 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d4ae292e5d21ce7679c8d057c401c1edb1561165478; expires=Sun, 21-Jun-20 01:04:38 GMT; path=/; domain=.gameprostar.com; HttpOnly
last-modified
Thu, 13 Jun 2019 01:42:33 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4eaa4f2e6b089724-FRA
content-encoding
br
clicks
cleverbandoline.com/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://cleverbandoline.com/clicks?cid=24221&pub=107831&sid1=&sid2=&sid3=&sid4=
Protocol
HTTP/1.1
Server
138.128.118.54 Stoney Creek, Canada, ASN36352 (AS-COLOCROSSING - ColoCrossing, US),
Reverse DNS
Software
nginx /
Resource Hash
1c5fc319b78285c0c0634915d33ca6f8bc079e93b42013f8e07447e30a41fc9a

Request headers

Host
cleverbandoline.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Sat, 22 Jun 2019 01:03:27 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
index.php
cleverbandoline.com/ 		179 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://cleverbandoline.com/index.php
Requested by
Host: cleverbandoline.com
URL: http://cleverbandoline.com/clicks?cid=24221&pub=107831&sid1=&sid2=&sid3=&sid4=
Protocol
HTTP/1.1
Security
, ,
Server
138.128.118.54 Stoney Creek, Canada, ASN36352 (AS-COLOCROSSING - ColoCrossing, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
http://cleverbandoline.com/clicks?cid=24221&pub=107831&sid1=&sid2=&sid3=&sid4=
Origin
http://cleverbandoline.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Sat, 22 Jun 2019 01:03:27 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Primary Request /
cleverbandoline.com/clicks/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://cleverbandoline.com/clicks/?cid=4740&pub=107831&prevcid=24221&sid1=&sid2=&sid3=&sid4=
Requested by
Host: cleverbandoline.com
URL: http://cleverbandoline.com/clicks?cid=24221&pub=107831&sid1=&sid2=&sid3=&sid4=
Protocol
HTTP/1.1
Server
138.128.118.54 Stoney Creek, Canada, ASN36352 (AS-COLOCROSSING - ColoCrossing, US),
Reverse DNS
Software
nginx /
Resource Hash
071d4cfd07bdd0f9ced243e24343a518f44177634abf6bc5fc7823dd5f18cbb5

Request headers

Host
cleverbandoline.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://cleverbandoline.com/clicks?cid=24221&pub=107831&sid1=&sid2=&sid3=&sid4=
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://cleverbandoline.com/clicks?cid=24221&pub=107831&sid1=&sid2=&sid3=&sid4=

Response headers

Server
nginx
Date
Sat, 22 Jun 2019 01:03:27 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
index.php
cleverbandoline.com/ 		205 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://cleverbandoline.com/index.php
Requested by
Host: cleverbandoline.com
URL: http://cleverbandoline.com/clicks/?cid=4740&pub=107831&prevcid=24221&sid1=&sid2=&sid3=&sid4=
Protocol
HTTP/1.1
Security
, ,
Server
138.128.118.54 Stoney Creek, Canada, ASN36352 (AS-COLOCROSSING - ColoCrossing, US),
Reverse DNS
Software
nginx /
Resource Hash
b341d4ddfb82e24bbb879b8c9930c52bcb76b6d35882eaa3d135d2b6fda85dce

Request headers

Referer
http://cleverbandoline.com/clicks/?cid=4740&pub=107831&prevcid=24221&sid1=&sid2=&sid3=&sid4=
Origin
http://cleverbandoline.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Sat, 22 Jun 2019 01:03:28 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
next.php
www.objectdexchange.com/jump/
Redirect Chain
  • http://rapid-cdn.com/?flux_fts=ioxtixzzcotllizozxeiclzclcqzllcaqxxzi74b5b&pubid=107831&vert=&cid=4740&country=&payout=
  • http://go.kyakte.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=641612877017286680
  • https://mobilapptracking.com/?flux_fts=pqlapaxzaiqtxctllxepqqpqpxlzplqoqpoct4773c&campaign=ht-fallback
  • http://www.objectdexchange.com/jump/next.php?r=2439731&sub1=%7Btrafficsource-domain%7D&sub2=641612885163863641
0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://www.objectdexchange.com/jump/next.php?r=2439731&sub1=%7Btrafficsource-domain%7D&sub2=641612885163863641
Requested by
Host: cleverbandoline.com
URL: http://cleverbandoline.com/clicks/?cid=4740&pub=107831&prevcid=24221&sid1=&sid2=&sid3=&sid4=
Protocol
HTTP/1.1
Server
35.190.48.51 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
51.48.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Host
www.objectdexchange.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://cleverbandoline.com/clicks/?cid=4740&pub=107831&prevcid=24221&sid1=&sid2=&sid3=&sid4=
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://cleverbandoline.com/clicks/?cid=4740&pub=107831&prevcid=24221&sid1=&sid2=&sid3=&sid4=

Response headers

Server
openresty
Date
Sat, 22 Jun 2019 01:04:40 GMT
Referrer-Policy
no-referrer
Via
1.1 google

Redirect headers

status
307
date
Sat, 22 Jun 2019 01:04:40 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dbfe2939aeb671ba848a1b8b28a805faa1561165480; expires=Sun, 21-Jun-20 01:04:40 GMT; path=/; domain=.mobilapptracking.com; HttpOnly PHPSESSID=cl750ql64iqtgn0fin23j95kb4; expires=Sat, 29-Jun-2019 01:04:40 GMT; Max-Age=604800; path=/ csid2=cl750ql64iqtgn0fin23j95kb4; expires=Sun, 21-Jun-2020 01:04:40 GMT; Max-Age=31536000; path=/ PHPSESSID=cl750ql64iqtgn0fin23j95kb4; expires=Sun, 23-Jun-2019 01:04:40 GMT; Max-Age=86400; path=/
x-powered-by
PHP/7.0.32
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-robots-tag
noindex, noarchive, nofollow
p3p
CP="This is not a P3P policy"
location
http://www.objectdexchange.com/jump/next.php?r=2439731&sub1=%7Btrafficsource-domain%7D&sub2=641612885163863641
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4eaa4f3b9e83c281-FRA

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| isTouchDevice boolean| errFirefox object| var_params string| na function| get_ad_block function| emulate_device_support object| http string| _timezone string| url object| params

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report