Submitted URL: https://realnews.guru/woCHCA2mMSUXoTUoBAuCzDt9dfhdUStCME9-wTDN0Uk?cid=22923EF0-4861-11EB-BD69-69EBAC72A5ED&sid=38869
Effective URL: http://www.performanceonclick.com/jump/next.php?r=2575139&pub_clickid=kjFMGM1363IceUMWaCSymZNVOLx7bX1AcGC70cqaLiWcTUdEEt81ZwNo30E1...
Submission: On December 27 via manual from RO

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 5 HTTP transactions. The main IP is 35.227.196.138, located in Mountain View, United States and belongs to GOOGLE, US. The main domain is www.performanceonclick.com.
This is the only time www.performanceonclick.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 34.231.89.205 14618 (AMAZON-AES)
2 104.22.65.104 13335 (CLOUDFLAR...)
1 3 35.227.196.138 15169 (GOOGLE)
5 4
Apex Domain
Subdomains
Transfer
3 performanceonclick.com
www.performanceonclick.com
5 KB
2 r-tb.com
feed.r-tb.com
t.r-tb.com
1 KB
1 news-easy.net
news-easy.net
824 B
1 realnews.guru
realnews.guru
28 KB
5 4
Domain Requested by
3 www.performanceonclick.com 1 redirects realnews.guru
www.performanceonclick.com
1 t.r-tb.com realnews.guru
1 news-easy.net 1 redirects
1 feed.r-tb.com realnews.guru
1 realnews.guru
5 5

This site contains no links.

Subject Issuer Validity Valid
realnews.guru
Let's Encrypt Authority X3
2020-11-22 -
2021-02-20
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-07-08 -
2021-07-08
a year crt.sh

This page contains 1 frames:

Frame: http://www.performanceonclick.com/script/i.php?stamat=m%7C%2C%2CAiJ6YjZvoGU3BZ_GH0dEdHP3xP.d23%2Cw0E5NE3fmCWqRQfVuPJK80WrleJIYNj1OkZGccB_5KwHn8E-4wSi4-yB5YWhGrlx5h77YgHQUfmgIvxVxiWM5HvH29GUVL-A9XBVWEXpFwaac2mGLLL_QVJBoAntwBab3Xm_VwPu36OPKQfdDzXksjfl0cF5RGF0ICaS9yuD_UEeL2aBmhCIQj-ejHYWl5fowWyQOGto5KrseMbi_m4Eu55Kmftbr-yj638wBxIbyG9ekinti0Q8UZpo5O4qYeEFXc9HE2SkNHIbREZvBXIKRLn_j0PoFmOpGWVp8wBl2d9OVh255-wJsduv7jsgBOSQV5FGxdYSje0VipSeNl7Jc_A6y1IhL7nI-uZgMOnd3GbOohPD-Bign76rD-8Y10cFsnz1jkHFd615X29p8rTf8c5QJn1FALyxNkA0tZn3loa5RwJtWXEY4XIeneQf56HFzDoMLavfhnEQq5FVKXqkvAPWTnKf3wsyCcT6Vuge6J5717RGueUL2fMVt3FelsvQi37nEUHYogneNajVgsFYIlHIJJjWa1AbBUGtPLClMFtqxe_q_izDO6zAd_tCp-1xFDysPL5K9Mc_7wNkfc7UZdSUVcJxghh902yos8vr-f004edT3boEfTv-NRk1d5_7JWpqWnXk_bD9WFEAd8FfzV6H-pxdBRBPEFMcuhlh77BcEUwidUJa59lrlkQdabnXTf4eNGcIbQ6Q9fOcZY0LOxQ5GhRbcnaGp1pxefVoW0DPaD3rVIFED2nPjWW6i83tuIqejgbO3dYFAnlx7wyFT7BF4TssFzwTohiFPd0CuvNVK8apAhpx6kc-VGsM8jOPCucAo7Ur4TDySvFVxJGnwmel7xBNK2DDP-fvJclXAwRUuaT6DaEkzuxx0buEqs4uDrqC417HNdBc7_UPeuSKGu_6XTC0zfLJU18nzz0D1UiJcBdaXQK_de3Nqq965mAtbr3sZpa25XTO5CQ2h8x2FA%2C%2C
Frame ID: 2D6F21BB1FD8A14FDA416D99EC78E271
Requests: 7 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://realnews.guru/woCHCA2mMSUXoTUoBAuCzDt9dfhdUStCME9-wTDN0Uk?cid=22923EF0-4861-11EB-BD69-69EB... Page URL
  2. https://news-easy.net/Fu7pFVBntLJpLw3NkAeYa_Uvaba_bwcCE2F9IDT7xGc?clck=8HRqG79xPu4xapK3O1wHi9-2YF5... HTTP 302
    http://www.performanceonclick.com/jump/next.php?r=2575139&pub_clickid=kjFMGM1363IceUMWaCSymZNVOLx7bX1AcGC70cqa... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

5
Requests

60 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

4
IPs

1
Countries

34 kB
Transfer

45 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://realnews.guru/woCHCA2mMSUXoTUoBAuCzDt9dfhdUStCME9-wTDN0Uk?cid=22923EF0-4861-11EB-BD69-69EBAC72A5ED&sid=38869 Page URL
  2. https://news-easy.net/Fu7pFVBntLJpLw3NkAeYa_Uvaba_bwcCE2F9IDT7xGc?clck=8HRqG79xPu4xapK3O1wHi9-2YF5FDXSHFA7lc7H05vSiFWbn9OElzK8075t2jdcO4uIRDFQNHoNkHIwZn_4kRxjce-sjVdDhNQF9VSC_9bBIBES6P1GGfCZ1SQtTvC2on-jz7C_0ZYJopVNaZVgJDNeHrA0CNam5lGPrSu2Lyw81tvaIs3MGDXHb7Jt60jXyePwugSfl7I8Qmh1UMvNAzg&sid=glx_w10_1225_winpush HTTP 302
    http://www.performanceonclick.com/jump/next.php?r=2575139&pub_clickid=kjFMGM1363IceUMWaCSymZNVOLx7bX1AcGC70cqaLiWcTUdEEt81ZwNo30E1r4rWz7-PC7a95deAjtZjWW5xMmzv-nRVvT4dueHI9MYYZuf4-Hrke4IJjVqt6eA4teb1-kBMk7gGToS9M1kelfwnjSyif0SxGKiD9WLeWe_yXWk36j6aRcoz2hE3fmyqEsFQw8s4mpoeKUtQGnZjw4NEvIFvQ6rok17gp9ft4GNH-3keyy7Gh0acM1xhh-Cg3cN1BGHFAD0UmxXYMhj9x620fwNFww_ZqOeZf54pNafRvazdc-AInMFy5xK-NTt4FUJmnrQB4ELmk2F1dv1gAfyijo7lTWgXApZ-GkANZrxlQhb0FpZ_zUVsId2PFE18Q50zv0v5_Ydjhxw9mkgkeW129kkB5N6-Wnwdi-91EnuDYov6uDl347v2sGBg09RLRWb5GjLnyZ6UF2p7wZzwApWrmg&sub1=glx_w10_1225_winpush Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • http://www.performanceonclick.com/jump/next.php?stamat=m%7C%2C%2CgiOSIiejoGU3B0-GH0dEdHP3xP.84b%2CKbjrCM3NeUg7cWNy4MJxmBRLLDbODQ61fB8uPa3VAlQf1SqRE6bNjegRhEFA3oyxudkXQloDBImpH3by3HQXS2OwvpV751PaYtsREMkH9ZcO4-G8KtmNUiWrEWIDeT0OKbIk7rscviBcFDvQViMboKJ_llGraLeeFcNGY0WCJpqjqO3N-dE0boW46T5nGlkcQWrH_MxwMhQ-ZjfLWMR8ufqnMCNm-khgy5x1W_3fMwQLgVS8wgpeFdkjXZVQCK40lgmbRAsoR-kqtr_oRuTnxPNl5jKxv3wXFi62rF0GFWRDH4uFbtB_V2ekf2fcGqLH3B_sYA69dXuM4WHODbzpf7kRYKqkmTlP2yKv4Ljq9pYi_m1sqT4fM0d6VTnb2LlRPWcIVx7seWnG_uvVPu48fw7N9tGIzNJz90RKTUf2YCsdFWcLLQVfbbznRxs0cOL2uNJCJyQDEEhF523T1LS8IgyMziMrVTCLZW_rJIuyPBlO-_dNWZ4w6DRV9E8d_70ex5BINxNHqtrtI8l8iwNKdZ2u5_Ae7YHFnMORjioy7JKa3GBtfWN7dcEQpTUZ_fft0ed8a7_V-dXjlzR1XtnwBJetZAf1jUP56VFvGxDijek%2C&cbrandom=0.751171738821306&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref= HTTP 302
  • http://www.performanceonclick.com/script/i.php?stamat=m%7C%2C%2CAiJ6YjZvoGU3BZ_GH0dEdHP3xP.d23%2Cw0E5NE3fmCWqRQfVuPJK80WrleJIYNj1OkZGccB_5KwHn8E-4wSi4-yB5YWhGrlx5h77YgHQUfmgIvxVxiWM5HvH29GUVL-A9XBVWEXpFwaac2mGLLL_QVJBoAntwBab3Xm_VwPu36OPKQfdDzXksjfl0cF5RGF0ICaS9yuD_UEeL2aBmhCIQj-ejHYWl5fowWyQOGto5KrseMbi_m4Eu55Kmftbr-yj638wBxIbyG9ekinti0Q8UZpo5O4qYeEFXc9HE2SkNHIbREZvBXIKRLn_j0PoFmOpGWVp8wBl2d9OVh255-wJsduv7jsgBOSQV5FGxdYSje0VipSeNl7Jc_A6y1IhL7nI-uZgMOnd3GbOohPD-Bign76rD-8Y10cFsnz1jkHFd615X29p8rTf8c5QJn1FALyxNkA0tZn3loa5RwJtWXEY4XIeneQf56HFzDoMLavfhnEQq5FVKXqkvAPWTnKf3wsyCcT6Vuge6J5717RGueUL2fMVt3FelsvQi37nEUHYogneNajVgsFYIlHIJJjWa1AbBUGtPLClMFtqxe_q_izDO6zAd_tCp-1xFDysPL5K9Mc_7wNkfc7UZdSUVcJxghh902yos8vr-f004edT3boEfTv-NRk1d5_7JWpqWnXk_bD9WFEAd8FfzV6H-pxdBRBPEFMcuhlh77BcEUwidUJa59lrlkQdabnXTf4eNGcIbQ6Q9fOcZY0LOxQ5GhRbcnaGp1pxefVoW0DPaD3rVIFED2nPjWW6i83tuIqejgbO3dYFAnlx7wyFT7BF4TssFzwTohiFPd0CuvNVK8apAhpx6kc-VGsM8jOPCucAo7Ur4TDySvFVxJGnwmel7xBNK2DDP-fvJclXAwRUuaT6DaEkzuxx0buEqs4uDrqC417HNdBc7_UPeuSKGu_6XTC0zfLJU18nzz0D1UiJcBdaXQK_de3Nqq965mAtbr3sZpa25XTO5CQ2h8x2FA%2C%2C

5 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set woCHCA2mMSUXoTUoBAuCzDt9dfhdUStCME9-wTDN0Uk
realnews.guru/
28 KB
28 KB
Document
General
Full URL
https://realnews.guru/woCHCA2mMSUXoTUoBAuCzDt9dfhdUStCME9-wTDN0Uk?cid=22923EF0-4861-11EB-BD69-69EBAC72A5ED&sid=38869
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.89.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-89-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Host
realnews.guru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Dec 2020 16:33:05 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Origin
*
Set-Cookie
session=e21c0e94-26d9-4fb6-bb56-3101d9d39ff1
Server
nginx
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
AFU1kAAPaBk
feed.r-tb.com/v1/native/
2 KB
1 KB
Fetch
General
Full URL
https://feed.r-tb.com/v1/native/AFU1kAAPaBk?subid=glx_w10_1225_winpush&uid=556b2f45-be23-4bab-a693-bb8bd982901c
Requested by
Host: realnews.guru
URL: https://realnews.guru/woCHCA2mMSUXoTUoBAuCzDt9dfhdUStCME9-wTDN0Uk?cid=22923EF0-4861-11EB-BD69-69EBAC72A5ED&sid=38869
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.65.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://realnews.guru/woCHCA2mMSUXoTUoBAuCzDt9dfhdUStCME9-wTDN0Uk?cid=22923EF0-4861-11EB-BD69-69EBAC72A5ED&sid=38869
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Dec 2020 16:33:06 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
cf-request-id
0746a4f2f300000c09671fe000000001
cf-ray
608470fe5f5f0c09-AMS
krcc
PL
Primary Request next.php
www.performanceonclick.com/jump/
Redirect Chain
  • https://news-easy.net/Fu7pFVBntLJpLw3NkAeYa_Uvaba_bwcCE2F9IDT7xGc?clck=8HRqG79xPu4xapK3O1wHi9-2YF5FDXSHFA7lc7H05vSiFWbn9OElzK8075t2jdcO4uIRDFQNHoNkHIwZn_4kRxjce-sjVdDhNQF9VSC_9bBIBES6P1GGfCZ1SQtTvC...
  • http://www.performanceonclick.com/jump/next.php?r=2575139&pub_clickid=kjFMGM1363IceUMWaCSymZNVOLx7bX1AcGC70cqaLiWcTUdEEt81ZwNo30E1r4rWz7-PC7a95deAjtZjWW5xMmzv-nRVvT4dueHI9MYYZuf4-Hrke4IJjVqt6eA4teb...
8 KB
4 KB
Document
General
Full URL
http://www.performanceonclick.com/jump/next.php?r=2575139&pub_clickid=kjFMGM1363IceUMWaCSymZNVOLx7bX1AcGC70cqaLiWcTUdEEt81ZwNo30E1r4rWz7-PC7a95deAjtZjWW5xMmzv-nRVvT4dueHI9MYYZuf4-Hrke4IJjVqt6eA4teb1-kBMk7gGToS9M1kelfwnjSyif0SxGKiD9WLeWe_yXWk36j6aRcoz2hE3fmyqEsFQw8s4mpoeKUtQGnZjw4NEvIFvQ6rok17gp9ft4GNH-3keyy7Gh0acM1xhh-Cg3cN1BGHFAD0UmxXYMhj9x620fwNFww_ZqOeZf54pNafRvazdc-AInMFy5xK-NTt4FUJmnrQB4ELmk2F1dv1gAfyijo7lTWgXApZ-GkANZrxlQhb0FpZ_zUVsId2PFE18Q50zv0v5_Ydjhxw9mkgkeW129kkB5N6-Wnwdi-91EnuDYov6uDl347v2sGBg09RLRWb5GjLnyZ6UF2p7wZzwApWrmg&sub1=glx_w10_1225_winpush
Requested by
Host: realnews.guru
URL: https://realnews.guru/woCHCA2mMSUXoTUoBAuCzDt9dfhdUStCME9-wTDN0Uk?cid=22923EF0-4861-11EB-BD69-69EBAC72A5ED&sid=38869
Protocol
HTTP/1.1
Server
35.227.196.138 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
138.196.227.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
99c6ccb7beeb74035c6a7895725cbe7cd5977c971ac34cb6f34f480205c9eeb2

Request headers

Host
www.performanceonclick.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://realnews.guru/woCHCA2mMSUXoTUoBAuCzDt9dfhdUStCME9-wTDN0Uk?cid=22923EF0-4861-11EB-BD69-69EBAC72A5ED&sid=38869

Response headers

Server
openresty
Date
Sun, 27 Dec 2020 16:33:08 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 google

Redirect headers

Date
Sun, 27 Dec 2020 16:33:08 GMT
Content-Type
text/html
Content-Length
142
Connection
keep-alive
Access-Control-Allow-Origin
*
Location
http://www.performanceonclick.com/jump/next.php?r=2575139&pub_clickid=kjFMGM1363IceUMWaCSymZNVOLx7bX1AcGC70cqaLiWcTUdEEt81ZwNo30E1r4rWz7-PC7a95deAjtZjWW5xMmzv-nRVvT4dueHI9MYYZuf4-Hrke4IJjVqt6eA4teb1-kBMk7gGToS9M1kelfwnjSyif0SxGKiD9WLeWe_yXWk36j6aRcoz2hE3fmyqEsFQw8s4mpoeKUtQGnZjw4NEvIFvQ6rok17gp9ft4GNH-3keyy7Gh0acM1xhh-Cg3cN1BGHFAD0UmxXYMhj9x620fwNFww_ZqOeZf54pNafRvazdc-AInMFy5xK-NTt4FUJmnrQB4ELmk2F1dv1gAfyijo7lTWgXApZ-GkANZrxlQhb0FpZ_zUVsId2PFE18Q50zv0v5_Ydjhxw9mkgkeW129kkB5N6-Wnwdi-91EnuDYov6uDl347v2sGBg09RLRWb5GjLnyZ6UF2p7wZzwApWrmg&sub1=glx_w10_1225_winpush
Set-Cookie
session=a4a6f86b-4544-4a08-bffc-911f63976235
Server
nginx
imp
t.r-tb.com/
0
0
Fetch
General
Full URL
https://t.r-tb.com/imp?l=82O5Ivb-ziLDDsRuJdlAqcFAzb1_hAesgnLF4St1odlkpeFN0wK7ErDPpN7xziFVXh7TC1F21iQa3GjwJA3eapaponlM3RtjDK2F-3tHSMdptWpQ0hXua-m5KavYm2LJ3stB11H-OddmZsWwvrBlaueq4w4vA0tvJnHL7Z4OZ5ti5404vk1KC8XbB3ZKgt8Qbk9OT4jQfZeADd0ngYG23dIhyHyZel48Zmwgjgx5v7PoNAOKSe9gG45MMhRli5JfrVIOWWEtJu6IBOwdsMzBAMyr2tufAnGQU6ynjnCdSvOFM1pqtWPbSYrbqS7hLbNrsMiMiGFuKLOalEIkibf7pPncgNprLchLo34DU2dHpoM
Requested by
Host: realnews.guru
URL: https://realnews.guru/woCHCA2mMSUXoTUoBAuCzDt9dfhdUStCME9-wTDN0Uk?cid=22923EF0-4861-11EB-BD69-69EBAC72A5ED&sid=38869
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.65.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://realnews.guru/woCHCA2mMSUXoTUoBAuCzDt9dfhdUStCME9-wTDN0Uk?cid=22923EF0-4861-11EB-BD69-69EBAC72A5ED&sid=38869
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Dec 2020 16:33:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin
*
cache-control
no-cache
cf-ray
60847101b9d80c09-AMS
cf-request-id
0746a4f56e00000c09443c0000000001
i.php
www.performanceonclick.com/script/
Redirect Chain
  • http://www.performanceonclick.com/jump/next.php?stamat=m%7C%2C%2CgiOSIiejoGU3B0-GH0dEdHP3xP.84b%2CKbjrCM3NeUg7cWNy4MJxmBRLLDbODQ61fB8uPa3VAlQf1SqRE6bNjegRhEFA3oyxudkXQloDBImpH3by3HQXS2OwvpV751PaYts...
  • http://www.performanceonclick.com/script/i.php?stamat=m%7C%2C%2CAiJ6YjZvoGU3BZ_GH0dEdHP3xP.d23%2Cw0E5NE3fmCWqRQfVuPJK80WrleJIYNj1OkZGccB_5KwHn8E-4wSi4-yB5YWhGrlx5h77YgHQUfmgIvxVxiWM5HvH29GUVL-A9XBV...
0
0
Document
General
Full URL
http://www.performanceonclick.com/script/i.php?stamat=m%7C%2C%2CAiJ6YjZvoGU3BZ_GH0dEdHP3xP.d23%2Cw0E5NE3fmCWqRQfVuPJK80WrleJIYNj1OkZGccB_5KwHn8E-4wSi4-yB5YWhGrlx5h77YgHQUfmgIvxVxiWM5HvH29GUVL-A9XBVWEXpFwaac2mGLLL_QVJBoAntwBab3Xm_VwPu36OPKQfdDzXksjfl0cF5RGF0ICaS9yuD_UEeL2aBmhCIQj-ejHYWl5fowWyQOGto5KrseMbi_m4Eu55Kmftbr-yj638wBxIbyG9ekinti0Q8UZpo5O4qYeEFXc9HE2SkNHIbREZvBXIKRLn_j0PoFmOpGWVp8wBl2d9OVh255-wJsduv7jsgBOSQV5FGxdYSje0VipSeNl7Jc_A6y1IhL7nI-uZgMOnd3GbOohPD-Bign76rD-8Y10cFsnz1jkHFd615X29p8rTf8c5QJn1FALyxNkA0tZn3loa5RwJtWXEY4XIeneQf56HFzDoMLavfhnEQq5FVKXqkvAPWTnKf3wsyCcT6Vuge6J5717RGueUL2fMVt3FelsvQi37nEUHYogneNajVgsFYIlHIJJjWa1AbBUGtPLClMFtqxe_q_izDO6zAd_tCp-1xFDysPL5K9Mc_7wNkfc7UZdSUVcJxghh902yos8vr-f004edT3boEfTv-NRk1d5_7JWpqWnXk_bD9WFEAd8FfzV6H-pxdBRBPEFMcuhlh77BcEUwidUJa59lrlkQdabnXTf4eNGcIbQ6Q9fOcZY0LOxQ5GhRbcnaGp1pxefVoW0DPaD3rVIFED2nPjWW6i83tuIqejgbO3dYFAnlx7wyFT7BF4TssFzwTohiFPd0CuvNVK8apAhpx6kc-VGsM8jOPCucAo7Ur4TDySvFVxJGnwmel7xBNK2DDP-fvJclXAwRUuaT6DaEkzuxx0buEqs4uDrqC417HNdBc7_UPeuSKGu_6XTC0zfLJU18nzz0D1UiJcBdaXQK_de3Nqq965mAtbr3sZpa25XTO5CQ2h8x2FA%2C%2C
Requested by
Host: www.performanceonclick.com
URL: http://www.performanceonclick.com/jump/next.php?r=2575139&pub_clickid=kjFMGM1363IceUMWaCSymZNVOLx7bX1AcGC70cqaLiWcTUdEEt81ZwNo30E1r4rWz7-PC7a95deAjtZjWW5xMmzv-nRVvT4dueHI9MYYZuf4-Hrke4IJjVqt6eA4teb1-kBMk7gGToS9M1kelfwnjSyif0SxGKiD9WLeWe_yXWk36j6aRcoz2hE3fmyqEsFQw8s4mpoeKUtQGnZjw4NEvIFvQ6rok17gp9ft4GNH-3keyy7Gh0acM1xhh-Cg3cN1BGHFAD0UmxXYMhj9x620fwNFww_ZqOeZf54pNafRvazdc-AInMFy5xK-NTt4FUJmnrQB4ELmk2F1dv1gAfyijo7lTWgXApZ-GkANZrxlQhb0FpZ_zUVsId2PFE18Q50zv0v5_Ydjhxw9mkgkeW129kkB5N6-Wnwdi-91EnuDYov6uDl347v2sGBg09RLRWb5GjLnyZ6UF2p7wZzwApWrmg&sub1=glx_w10_1225_winpush
Protocol
HTTP/1.1
Server
35.227.196.138 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
138.196.227.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Host
www.performanceonclick.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.performanceonclick.com/jump/next.php?r=2575139&pub_clickid=kjFMGM1363IceUMWaCSymZNVOLx7bX1AcGC70cqaLiWcTUdEEt81ZwNo30E1r4rWz7-PC7a95deAjtZjWW5xMmzv-nRVvT4dueHI9MYYZuf4-Hrke4IJjVqt6eA4teb1-kBMk7gGToS9M1kelfwnjSyif0SxGKiD9WLeWe_yXWk36j6aRcoz2hE3fmyqEsFQw8s4mpoeKUtQGnZjw4NEvIFvQ6rok17gp9ft4GNH-3keyy7Gh0acM1xhh-Cg3cN1BGHFAD0UmxXYMhj9x620fwNFww_ZqOeZf54pNafRvazdc-AInMFy5xK-NTt4FUJmnrQB4ELmk2F1dv1gAfyijo7lTWgXApZ-GkANZrxlQhb0FpZ_zUVsId2PFE18Q50zv0v5_Ydjhxw9mkgkeW129kkB5N6-Wnwdi-91EnuDYov6uDl347v2sGBg09RLRWb5GjLnyZ6UF2p7wZzwApWrmg&sub1=glx_w10_1225_winpush

Response headers

Server
openresty
Date
Sun, 27 Dec 2020 16:33:09 GMT
Access-Control-Allow-Origin
*
Referrer-Policy
no-referrer
Via
1.1 google

Redirect headers

Server
openresty
Date
Sun, 27 Dec 2020 16:33:09 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Access-Control-Allow-Origin
*
Location
http://www.performanceonclick.com/script/i.php?stamat=m%7C%2C%2CAiJ6YjZvoGU3BZ_GH0dEdHP3xP.d23%2Cw0E5NE3fmCWqRQfVuPJK80WrleJIYNj1OkZGccB_5KwHn8E-4wSi4-yB5YWhGrlx5h77YgHQUfmgIvxVxiWM5HvH29GUVL-A9XBVWEXpFwaac2mGLLL_QVJBoAntwBab3Xm_VwPu36OPKQfdDzXksjfl0cF5RGF0ICaS9yuD_UEeL2aBmhCIQj-ejHYWl5fowWyQOGto5KrseMbi_m4Eu55Kmftbr-yj638wBxIbyG9ekinti0Q8UZpo5O4qYeEFXc9HE2SkNHIbREZvBXIKRLn_j0PoFmOpGWVp8wBl2d9OVh255-wJsduv7jsgBOSQV5FGxdYSje0VipSeNl7Jc_A6y1IhL7nI-uZgMOnd3GbOohPD-Bign76rD-8Y10cFsnz1jkHFd615X29p8rTf8c5QJn1FALyxNkA0tZn3loa5RwJtWXEY4XIeneQf56HFzDoMLavfhnEQq5FVKXqkvAPWTnKf3wsyCcT6Vuge6J5717RGueUL2fMVt3FelsvQi37nEUHYogneNajVgsFYIlHIJJjWa1AbBUGtPLClMFtqxe_q_izDO6zAd_tCp-1xFDysPL5K9Mc_7wNkfc7UZdSUVcJxghh902yos8vr-f004edT3boEfTv-NRk1d5_7JWpqWnXk_bD9WFEAd8FfzV6H-pxdBRBPEFMcuhlh77BcEUwidUJa59lrlkQdabnXTf4eNGcIbQ6Q9fOcZY0LOxQ5GhRbcnaGp1pxefVoW0DPaD3rVIFED2nPjWW6i83tuIqejgbO3dYFAnlx7wyFT7BF4TssFzwTohiFPd0CuvNVK8apAhpx6kc-VGsM8jOPCucAo7Ur4TDySvFVxJGnwmel7xBNK2DDP-fvJclXAwRUuaT6DaEkzuxx0buEqs4uDrqC417HNdBc7_UPeuSKGu_6XTC0zfLJU18nzz0D1UiJcBdaXQK_de3Nqq965mAtbr3sZpa25XTO5CQ2h8x2FA%2C%2C
Via
1.1 google

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated function| inIframe function| checkDocumentBody function| documentAsyncWriteElementFromHtml function| ReopenUrlBuilder object| browser function| preppopedRedirect

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

feed.r-tb.com
news-easy.net
realnews.guru
t.r-tb.com
www.performanceonclick.com
104.22.65.104
34.231.89.205
35.227.196.138
99c6ccb7beeb74035c6a7895725cbe7cd5977c971ac34cb6f34f480205c9eeb2
ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2