www.onclickalgo.com
Open in
urlscan Pro
35.201.66.189
Public Scan
Effective URL: https://www.onclickalgo.com/jump/next.php?r=4263635&sub1=4823&sub2=0q9lei0g00084
Submission: On December 28 via api from BE — Scanned from DE
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 21st 2021. Valid for: a year.
This is the only time www.onclickalgo.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 37.220.26.173 37.220.26.173 | 20860 (IOMART-AS) (IOMART-AS) | |
1 | 50.115.175.67 50.115.175.67 | 32875 (VIRP) (VIRP) | |
1 1 | 2606:4700:303... 2606:4700:3033::6815:195b | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:303... 2606:4700:3036::6815:3cc9 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:303... 2606:4700:3030::ac43:c657 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 104.248.110.148 104.248.110.148 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
1 | 37.58.56.244 37.58.56.244 | 28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10) | |
2 | 35.201.66.189 35.201.66.189 | 15169 (GOOGLE) (GOOGLE) | |
6 | 5 |
ASN20860 (IOMART-AS, GB)
PTR: tenticipality.com
37.220.26.173 |
ASN15169 (GOOGLE, US)
PTR: 189.66.201.35.bc.googleusercontent.com
www.onclickalgo.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
onclickalgo.com
www.onclickalgo.com |
3 KB |
1 |
click2me.club
click2me.club |
817 B |
1 |
trapin.xyz
1 redirects
www.trapin.xyz |
351 B |
1 |
addlnk.com
cdn.addlnk.com |
1 KB |
1 |
marmeladejar.com
spu.marmeladejar.com |
1 KB |
1 |
ngunsen.com
1 redirects
tulac.ngunsen.com |
930 B |
1 |
wricksmix.com
wricksmix.com |
448 B |
6 | 7 |
Domain | Requested by | |
---|---|---|
2 | www.onclickalgo.com |
www.onclickalgo.com
|
1 | click2me.club |
spu.marmeladejar.com
|
1 | www.trapin.xyz | 1 redirects |
1 | cdn.addlnk.com |
spu.marmeladejar.com
|
1 | spu.marmeladejar.com |
wricksmix.com
|
1 | tulac.ngunsen.com | 1 redirects |
1 | wricksmix.com | |
6 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
wricksmix.com Sectigo RSA Domain Validation Secure Server CA |
2021-07-12 - 2022-07-12 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-10-28 - 2022-10-27 |
a year | crt.sh |
click2me.club R3 |
2021-10-30 - 2022-01-28 |
3 months | crt.sh |
onclickalgo.com Sectigo RSA Domain Validation Secure Server CA |
2021-01-21 - 2022-01-21 |
a year | crt.sh |
This page contains 1 frames:
Frame:
https://www.onclickalgo.com/jump/next.php?stamat=m%257C%252CkY2JqIjerB1dAN0dEdHP3xP.471%252C7H0PozvLiGV-YkDx825CHjXHsSctWIGDQyh13bePJRpCRmTVeqnna7_DazwYs_pIiDrzi7mQk2kLf8JgkSqDADmtEXNiitXHWyz6IxhRGbc%252C&cbur=0.9692310440177829&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=
Frame ID: 2E673562002C5E49F44C37A6B3C6CDE3
Requests: 6 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://37.220.26.173/zeaeaz.html/b2Q9MXN5ZDYxY2IyNDZhOGMyYjFfdmxfQWN0aXZlMXZsXzEzbWMuMnlvOHBjLlUw...
HTTP 302
https://wricksmix.com/17640661dcd101cc000/Oth1228_13m61cb246a95458/yd13m%7CGHWso3EbMKWm%7Cfn81h%7C... Page URL
-
https://tulac.ngunsen.com/rc/9e8aef8068?affclick=1225210203&pubid=690372
HTTP 302
https://spu.marmeladejar.com/rc/4fae28eb48?af5=pubid-not-valid Page URL
-
https://www.trapin.xyz/redirects?offer_id=13&affiliate_id=9&click_id=pube1a5f969320d41169152847a4dd...
HTTP 302
https://click2me.club/go/4823/3?subid1=1_0d0485cdf0f74606ca663189d03db06a&subid2=747b6738 Page URL
- https://www.onclickalgo.com/jump/next.php?r=4263635&sub1=4823&sub2=0q9lei0g00084 Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://37.220.26.173/zeaeaz.html/b2Q9MXN5ZDYxY2IyNDZhOGMyYjFfdmxfQWN0aXZlMXZsXzEzbWMuMnlvOHBjLlUwMDAwcmZuODFoMWNnNDRzN192cTE0MjYuZm44MWg=MGRjMTM2LTFlY3BhMHU=1z7eDn
HTTP 302
https://wricksmix.com/17640661dcd101cc000/Oth1228_13m61cb246a95458/yd13m%7CGHWso3EbMKWm%7Cfn81h%7C0dc136%7C1ecpa0u%7C62788%7C0000rfn81h%7CU%7CGHWso3EbMKWm%7CPC%7C2stb6t3/p3yxAwSwLwV0AzR4LmWvZI92oS9OL3EcqzHkqzksZGAgLj== Page URL
-
https://tulac.ngunsen.com/rc/9e8aef8068?affclick=1225210203&pubid=690372
HTTP 302
https://spu.marmeladejar.com/rc/4fae28eb48?af5=pubid-not-valid Page URL
-
https://www.trapin.xyz/redirects?offer_id=13&affiliate_id=9&click_id=pube1a5f969320d41169152847a4dd2ca95&sub_id=747b6738
HTTP 302
https://click2me.club/go/4823/3?subid1=1_0d0485cdf0f74606ca663189d03db06a&subid2=747b6738 Page URL
- https://www.onclickalgo.com/jump/next.php?r=4263635&sub1=4823&sub2=0q9lei0g00084 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://37.220.26.173/zeaeaz.html/b2Q9MXN5ZDYxY2IyNDZhOGMyYjFfdmxfQWN0aXZlMXZsXzEzbWMuMnlvOHBjLlUwMDAwcmZuODFoMWNnNDRzN192cTE0MjYuZm44MWg=MGRjMTM2LTFlY3BhMHU=1z7eDn HTTP 302
- https://wricksmix.com/17640661dcd101cc000/Oth1228_13m61cb246a95458/yd13m%7CGHWso3EbMKWm%7Cfn81h%7C0dc136%7C1ecpa0u%7C62788%7C0000rfn81h%7CU%7CGHWso3EbMKWm%7CPC%7C2stb6t3/p3yxAwSwLwV0AzR4LmWvZI92oS9OL3EcqzHkqzksZGAgLj==
- https://tulac.ngunsen.com/rc/9e8aef8068?affclick=1225210203&pubid=690372 HTTP 302
- https://spu.marmeladejar.com/rc/4fae28eb48?af5=pubid-not-valid
- https://www.trapin.xyz/redirects?offer_id=13&affiliate_id=9&click_id=pube1a5f969320d41169152847a4dd2ca95&sub_id=747b6738 HTTP 302
- https://click2me.club/go/4823/3?subid1=1_0d0485cdf0f74606ca663189d03db06a&subid2=747b6738
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
p3yxAwSwLwV0AzR4LmWvZI92oS9OL3EcqzHkqzksZGAgLj==
wricksmix.com/17640661dcd101cc000/Oth1228_13m61cb246a95458/yd13m%7CGHWso3EbMKWm%7Cfn81h%7C0dc136%7C1ecpa0u%7C62788%7C0000rfn81h%7CU%7CGHWso3EbMKWm%7CPC%7C2stb6t3/ Redirect Chain
|
135 B 448 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4fae28eb48
spu.marmeladejar.com/rc/ Redirect Chain
|
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
redirect.css
cdn.addlnk.com/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3
click2me.club/go/4823/ Redirect Chain
|
301 B 817 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
next.php
www.onclickalgo.com/jump/ |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
next.php
www.onclickalgo.com/jump/ |
0 0 |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| inIframe function| checkDocumentBody function| documentAsyncWriteElementFromHtml function| ReopenUrlBuilder object| browser function| isFraud function| preppopedRedirect4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
wricksmix.com/ | Name: uid15295 Value: 1225210203-20211228113423-eb3885e624ecf1834dc67f347d0bd89d- |
|
tulac.ngunsen.com/ | Name: AWSALB Value: v6ACvRiG/g4Q/K6p06AhJJ4yzGEEi6BqiNpAyaxcEjqdmFNj4ZPjzWa2dJ4S65A2BW9hIhHVRJMqTm4mIOJIBj1gM5rFAJcKgKW2sUXAOeYBHInnGccbJqmgxy7x |
|
spu.marmeladejar.com/ | Name: AWSALB Value: n9j8NyoiOW695LDHO1PVuNwrJImKYoL5QdBWkspgahJVUnCXghsLQG78xjqPBkPLo4Zy/YUaYOQUOBUBdhkGVo7s6pzmc+qChAMqd6k/Nf0SpZtZaxDboE9x+VP1 |
|
click2me.club/ | Name: mobitck Value: 1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.addlnk.com
click2me.club
spu.marmeladejar.com
tulac.ngunsen.com
wricksmix.com
www.onclickalgo.com
www.trapin.xyz
104.248.110.148
2606:4700:3030::ac43:c657
2606:4700:3033::6815:195b
2606:4700:3036::6815:3cc9
35.201.66.189
37.220.26.173
37.58.56.244
50.115.175.67
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
78dfd707eca030bb1d53f499552f066d77abe8242eb4f9136ee66389ff6220d5
fb6244f34e3483624bc7f2f2ef64b9b27c6bb52cc20fac659d7de74bf99065b2