www.onclickclear.com
Open in
urlscan Pro
35.201.122.94
Public Scan
Effective URL: http://www.onclickclear.com/jump/next.php?r=306951&sub1=961318
Submission: On July 19 via automatic, source phishtank
Summary
This is the only time www.onclickclear.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 107.180.41.48 107.180.41.48 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com) | |
1 | 2400:cb00:204... 2400:cb00:2048:1::6818:692c | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 1 | 185.66.200.164 185.66.200.164 | 201702 (SKHOSTING-EU) (SKHOSTING-EU) | |
1 | 185.66.200.163 185.66.200.163 | 201702 (SKHOSTING-EU) (SKHOSTING-EU) | |
2 | 35.201.122.94 35.201.122.94 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
5 | 4 |
ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-107-180-41-48.ip.secureserver.net
futureinsurance.ca |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
naban.xyz |
ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.163.skhosting.eu
redir.ylx-4.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: 94.122.201.35.bc.googleusercontent.com
www.onclickclear.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
onclickclear.com
www.onclickclear.com |
2 KB |
2 |
ylx-4.com
1 redirects
ylx-4.com redir.ylx-4.com |
893 B |
1 |
naban.xyz
naban.xyz |
|
1 |
futureinsurance.ca
futureinsurance.ca |
666 B |
5 | 4 |
Domain | Requested by | |
---|---|---|
2 | www.onclickclear.com |
redir.ylx-4.com
www.onclickclear.com |
1 | redir.ylx-4.com | |
1 | ylx-4.com | 1 redirects |
1 | naban.xyz |
futureinsurance.ca
|
1 | futureinsurance.ca | |
5 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 2 frames:
Frame:
http://www.onclickclear.com/jump/next.php?stamat=m%7C%2CQ4iL6YiKqB1dAN0dEdHP3xP.c52%2ChZSynT8Hp32tF5HsvLyywrm6EsnF4NBxFr1TmHJizjDgOB2ELOI8AzjOcK7fJ61NfAwqNEym5OFEzgD1hvB5Rw2y5v2-jvjw8clwBUQNZiw%2C&cbrandom=0.631828012523258&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=http%3A%2F%2Fredir.ylx-4.com%2F%3Fhttp%3A%2F%2Fwww.onclickclear.com%2Fjump%2Fnext.php%3Fr%3D306951%26sub1%3D961318
Frame ID: 45142950E7CBB88AE840499AD2729FD7
Requests: 4 HTTP requests in this frame
Frame:
http://naban.xyz///5b25671f4229c2abb9bb219f5725c316/fcb/en/?i=3540623&i=3540623
Frame ID: E6C76E87FD04103E1297AFAD64DF09A2
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://futureinsurance.ca/pcrY8//5b25671f4229c2abb9bb219f5725c316/fcb/en/?i=3540623&i=3540623 Page URL
-
http://ylx-4.com/fullpage.php?section=Redirected_Desktop_Traffic&pub=961318&ga=g
HTTP 302
http://redir.ylx-4.com/?http://www.onclickclear.com/jump/next.php?r=306951&sub1=961318 Page URL
- http://www.onclickclear.com/jump/next.php?r=306951&sub1=961318 Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://futureinsurance.ca/pcrY8//5b25671f4229c2abb9bb219f5725c316/fcb/en/?i=3540623&i=3540623 Page URL
-
http://ylx-4.com/fullpage.php?section=Redirected_Desktop_Traffic&pub=961318&ga=g
HTTP 302
http://redir.ylx-4.com/?http://www.onclickclear.com/jump/next.php?r=306951&sub1=961318 Page URL
- http://www.onclickclear.com/jump/next.php?r=306951&sub1=961318 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 2- http://ylx-4.com/fullpage.php?section=Redirected_Desktop_Traffic&pub=961318&ga=g HTTP 302
- http://redir.ylx-4.com/?http://www.onclickclear.com/jump/next.php?r=306951&sub1=961318
5 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
futureinsurance.ca/pcrY8//5b25671f4229c2abb9bb219f5725c316/fcb/en/ |
881 B 666 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
/
naban.xyz///5b25671f4229c2abb9bb219f5725c316/fcb/en/ Frame E6C7 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
redir.ylx-4.com/ Redirect Chain
|
382 B 450 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
next.php
www.onclickclear.com/jump/ |
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
next.php
www.onclickclear.com/jump/ |
0 0 |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| inIframe function| checkDocumentBody function| documentAsyncWriteElementFromHtml undefined| ufp function| ReopenUrlBuilder function| preppopedRedirect1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.naban.xyz/ | Name: __cfduid Value: d30df72bee5d113dbb994bc83d65b4e5f1531971743 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
futureinsurance.ca
naban.xyz
redir.ylx-4.com
www.onclickclear.com
ylx-4.com
107.180.41.48
185.66.200.163
185.66.200.164
2400:cb00:2048:1::6818:692c
35.201.122.94
8ace0e883b264c8861f848771e34682b7e56c02bcb4d1ac4d060599e47ac5feb
a618ac335e09fc0a3717d4e4b9f23ece6993770c0ee60f363d3030d12c06cfb9