postback.fapclick.com
Open in
urlscan Pro
2a05:d018:48:3d01:cd9c:38d1:dab2:18c0
Public Scan
Submitted URL: http://mycapitallonecard.com/
Effective URL: https://postback.fapclick.com/go/4b56dde6-0fdb-4ca3-913e-41d2908cce75?cpv=0.005&sid=2022032313113033bf9c88243fa688fa&subid=940...
Submission: On March 23 via api from US — Scanned from DE
Effective URL: https://postback.fapclick.com/go/4b56dde6-0fdb-4ca3-913e-41d2908cce75?cpv=0.005&sid=2022032313113033bf9c88243fa688fa&subid=940...
Submission: On March 23 via api from US — Scanned from DE
Summary
This website contacted 3 IPs
in 1 countries
across 4 domains to perform 6 HTTP transactions.
The main IP is 2a05:d018:48:3d01:cd9c:38d1:dab2:18c0, located in
and
belongs to .
The main domain is postback.fapclick.com.
TLS certificate: Issued by R3 on February 18th 2022. Valid for: 3 months.
This is the only time postback.fapclick.com was scanned on urlscan.io!
TLS certificate: Issued by R3 on February 18th 2022. Valid for: 3 months.
This is the only time postback.fapclick.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 2 2 | 103.224.182.246 103.224.182.246 | 133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited) | |
| 1 5 | 103.224.182.206 103.224.182.206 | 133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited) | |
| 1 | 2a05:d018:48:... 2a05:d018:48:3d01:cd9c:38d1:dab2:18c0 | () () | |
| 6 | 3 |
2
103.224.182.246
(Australia)
ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-246.above.com
ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-246.above.com
| mycapitallonecard.com |
5
103.224.182.206
(Australia)
ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com
ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com
| 1redirc.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 5 |
1redirc.com
1 redirects
1redirc.com — Cisco Umbrella Rank: 313936 |
8 KB |
| 2 |
mycapitallonecard.com
2 redirects
mycapitallonecard.com |
1 KB |
| 1 |
fapclick.com
postback.fapclick.com |
873 B |
| 0 |
happywithvegas.com
Failed
happywithvegas.com Failed |
|
| 6 | 4 |
| Domain | Requested by | |
|---|---|---|
| 5 | 1redirc.com |
1 redirects
1redirc.com
|
| 2 | mycapitallonecard.com | 2 redirects |
| 1 | postback.fapclick.com |
1redirc.com
|
| 0 | happywithvegas.com Failed | |
| 6 | 4 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| postback.fapclick.com R3 |
2022-02-18 - 2022-05-19 |
3 months | crt.sh |
This page contains 1 frames:
Frame:
https://happywithvegas.com/l/6238842fd1acd6186e629bff?sub_id=940440896&{click_id}=Jwpbg9kJRPyt1ftUeA3AKC
Frame ID: 31419B3AC0B3346B05E310598F8F6D4D
Requests: 6 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://mycapitallonecard.com/
HTTP 302
https://mycapitallonecard.com/ HTTP 302
http://1redirc.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDansxuzP6G3CLqTBug1IS0UsyOYgddRO3%2FH9DvFNVa8v... Page URL
-
http://1redirc.com/r.php?u=https%3A%2F%2Fpostback.fapclick.com%2Fgo%2F4b56dde6-0fdb-4ca3-913e-4...
HTTP 302
https://postback.fapclick.com/go/4b56dde6-0fdb-4ca3-913e-41d2908cce75?cpv=0.005&sid=2022032313113033bf9c88... Page URL
Detected technologies
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- \.php(?:$|\?)
SWFObject
(Miscellaneous)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- swfobject.*\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://mycapitallonecard.com/
HTTP 302
https://mycapitallonecard.com/ HTTP 302
http://1redirc.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDansxuzP6G3CLqTBug1IS0UsyOYgddRO3%2FH9DvFNVa8vR85JFU82OpdwM%2B2X9tClZfOrElR1p6n7rtHLcQdQ%2FvhQO0unOqtG2Bp1KZ%2F%2FOgiAdswRHvzQxh82PjTdSPW4d3pt13GtRWyWhe1aQZsRfHsT4XOT2%2BWNCGUvBC%2BLnoq6aoVFgsKtZWytGTOmLPKM6oEAvhCacpslLIn59vy%2FDVuJ%2BJGVgshDNi7PgEf6xpe89lF4EEILGdpq1MSO7cn%2FI5E13ki7szIvD4EJf3t11bIf1rPdW86wxqhdk3HGYl7i5WcFdUO%2FrH6SGTcZeqBy73yCphoGXac%2BSsv%2FgLZRO37iVz36i0tcJC8LPq1VtEgerV2RW8LYOZfJWu%2BZPB6RvExCesqLT8wo0m619CFnhN0pYlFg9m9dwcijsH5iMIriKD9OlPHC6XneZZDTcyTc8Xzua1QHJD4p3sFbfAYMRx1YVmjgwEswrzH%2FLQYHqg4Iz%2FdRYgnl%2FMWxUHCvq9f03AyetdUxF5ZrC03Z%2BZAdaULTQTBZHsDjRj4O7te4Ss%2BHF7Fh4zKPWQDfsSxELg1qev72e3Gl%2BiNKCfoG5UUc%2FTtfeQbLqqNWA9VWSPGiR%2FnluZsZ%2FRYL%2BSwNawydrI%2Bh4COXQE1SECwDH8oT%2B4ErpXjF65hVqVcG8N7yXlHY5ieSxXXiidqrvfl6yTdDJv6msIQ1j1GMIfOUDvgANb1gZ%2FEpsG%2FfQX%2FkziWMnOLAHefqRneDX8O36Ew8KPIyQpE2mmCbJm8IUqRRqCl2BFoSDiCE1OO2w%2FWvm3jR88JKFerPTqwIp%2BUmK3rAF5U6RlmA5xVUW5dDt4YHhKYp7h0Yg2yinMn8JBvjA%3D%3D Page URL
-
http://1redirc.com/r.php?u=https%3A%2F%2Fpostback.fapclick.com%2Fgo%2F4b56dde6-0fdb-4ca3-913e-41d2908cce75%3Fcpv%3D0.005%26sid%3D2022032313113033bf9c88243fa688fa%26subid%3D940440896%26kw%3D.de.subp.nonadult&s=j&enc=V1NMaW40MW51ZHZJSnZyQVRwZ0lSWDQ5ZmpSWFNVc3ZSR3AxWWpsalRFSllVMEpPWkdjME1YVm9TMlp2ZWxjd2VrWTRWbVZISzBkdlpHNVNXRnBKVXpoNU1WcEpPSFo0TTNsT1ZqSjRTMmxrTW1VeWMySnFMMjEwUldKaFluSnJkRFJwWTJGTmNrRnhiRlZzYnpadk9VWjRjV1JYUmxsWloxUm5RamRFVlVGQ1F5OVZSRnBTU2tkWFVESnliSE00YmtJdllVZ3hjRUZPYUZWamFDOWtOMmw0UkVrNWJFdHBVMWxIVmpsUVdEUnJlRXBqU1hCeFJ5dDRUbloxY21OWmFqRmFObmxIUlhOT0sxQk1jVEJ2VDBsNE5UbFhTbGhCWXpkdWJETnVPVXhyU2paWFRXOW9NRWRJVVhjNGRDOVllakpXTldOUlkzTnJNVzB3VEhoclZWRmthM1V6YnpoT2VpOWtSR1pPTlhKcVpXNDFOVVZ2VjBseFpFRnFTRTV1TkZwTVkwTmplR1ZJTmxaUVQyYzBOVk0wYzBFeFp6QmpkbVpYWXpSVWQwZDNUV3d4WkUxbFFUVnJNR2RXYkVGQ05IWnlRVEozYUhaTlpFUXdlWGhDUzNaWlNYTTBja0oyVldoak1pOVBSVEJEUldsTU4xWk1RM2wzZURWWWIyWldjR2c0UVN0UVRTdFZOV1YyYzFFemJGcFVTamd4YkhCTFFrVTVkek5aUzNWd1dVRXZaazlKT1c5SVR6VkJaVUpzWlhaV05IUjJXVlJ4WVVkUWEwUllLMFl5YkdGd05FOXRTbEEzZEU0M2JrdHROMWRFS3pKMFZuRjRZV001VFN0dFdXcGhVRkJ3THpFeGRVMUZNbTVVYVRGRlFWbG9WRlprZDB4ckt6UlJiRTg0Y1d4RVRGcHBXbkpaY0ZOa1FVSmtjVTE1Y1dkalZGQjFUaXQzUTFSSmJXaHliREZyUzFKWVpEWmpibU4yTjNNM01XNU1lblp2VjFKc2FsQklUbUZEVDB0TE5FOXliVVl4Y1RGbVUyNXBibU14WjFsVVJsaGFaRzFGYzJONFlraFhkRGRXVW1NeldWZE9aazV2WWpNMWVqUlhVMGsxTHk4ek9Yb3JaMnhuVkdsR1QwTnNSRnBCU2xWMlUyUXhORnBrV21GaFMxQjFaa2RHVlhOdlRDc3pSVlkzZW5weGFrNXNUV3BCYWxVMFdXbHZkWEJCTWxaelYwVnBkRmRPUm1Wc04yOVZUakYxTHl0aWRXazRRVlZLUTJzM05VSnBjamMxZDFVME5ESk5hRkV6VVRoWFZrMWFhVkVyU0VOQ1JVdGpVMkkxZWpabU5EUjFLMkV2VVV3eFF6UjRhbkJ6V25WcGNsbENhVkp3WXpSa05IRnViakZ1UVd4RmMxaENTVzQ0YkZwM2VtNU9RMXBWUjJoT00yVTRXRTF5VHpSaE5tZFZjRWRTYmtKR2J6SklVMjFZWmtocmREa3phM2h5UjJkb2VWTlZVelJOZW1oS2FXOXdORVJKTDBoV2IySTVTV3BEZDNFMk5HSlRieXM0VWt0WVIwUlVSVVJ3WkdOM1JUZHRWVTh2TWs1NmRsbDZkV2xCUTFac1YyTm9Va1F5VDAwNWNqRmlVM1ZwYTB0aFFWcFZVek13TjBkU1NGVkpiVkZoWTJRMGFDOU1hVzV6WTBabGR6Umtlbk5GWTBaSlYxVlRRbXhMVFdWWWRHbDZjRVJvYVcxV2MzVk1VVk01U205TllWcDVRMWRRZUVKMGNWRmhWazFXVUU0MWFuRnpaRVJoTWpSTlNVVnhLM0ZHZVZRdlMzQTBkVGw0U210NVRERklNRUU9&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine
HTTP 302
https://postback.fapclick.com/go/4b56dde6-0fdb-4ca3-913e-41d2908cce75?cpv=0.005&sid=2022032313113033bf9c88243fa688fa&subid=940440896&kw=.de.subp.nonadult Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://mycapitallonecard.com/ HTTP 302
- https://mycapitallonecard.com/ HTTP 302
- http://1redirc.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDansxuzP6G3CLqTBug1IS0UsyOYgddRO3%2FH9DvFNVa8vR85JFU82OpdwM%2B2X9tClZfOrElR1p6n7rtHLcQdQ%2FvhQO0unOqtG2Bp1KZ%2F%2FOgiAdswRHvzQxh82PjTdSPW4d3pt13GtRWyWhe1aQZsRfHsT4XOT2%2BWNCGUvBC%2BLnoq6aoVFgsKtZWytGTOmLPKM6oEAvhCacpslLIn59vy%2FDVuJ%2BJGVgshDNi7PgEf6xpe89lF4EEILGdpq1MSO7cn%2FI5E13ki7szIvD4EJf3t11bIf1rPdW86wxqhdk3HGYl7i5WcFdUO%2FrH6SGTcZeqBy73yCphoGXac%2BSsv%2FgLZRO37iVz36i0tcJC8LPq1VtEgerV2RW8LYOZfJWu%2BZPB6RvExCesqLT8wo0m619CFnhN0pYlFg9m9dwcijsH5iMIriKD9OlPHC6XneZZDTcyTc8Xzua1QHJD4p3sFbfAYMRx1YVmjgwEswrzH%2FLQYHqg4Iz%2FdRYgnl%2FMWxUHCvq9f03AyetdUxF5ZrC03Z%2BZAdaULTQTBZHsDjRj4O7te4Ss%2BHF7Fh4zKPWQDfsSxELg1qev72e3Gl%2BiNKCfoG5UUc%2FTtfeQbLqqNWA9VWSPGiR%2FnluZsZ%2FRYL%2BSwNawydrI%2Bh4COXQE1SECwDH8oT%2B4ErpXjF65hVqVcG8N7yXlHY5ieSxXXiidqrvfl6yTdDJv6msIQ1j1GMIfOUDvgANb1gZ%2FEpsG%2FfQX%2FkziWMnOLAHefqRneDX8O36Ew8KPIyQpE2mmCbJm8IUqRRqCl2BFoSDiCE1OO2w%2FWvm3jR88JKFerPTqwIp%2BUmK3rAF5U6RlmA5xVUW5dDt4YHhKYp7h0Yg2yinMn8JBvjA%3D%3D
6 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
r2.php
1redirc.com/ Redirect Chain
|
5 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jscheck.js
1redirc.com/javascript/ |
899 B 718 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
swfobject.js
1redirc.com/javascript/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jscheck.php
1redirc.com/ |
0 166 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
4b56dde6-0fdb-4ca3-913e-41d2908cce75
postback.fapclick.com/go/ Redirect Chain
|
233 B 873 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
6238842fd1acd6186e629bff
happywithvegas.com/l/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- happywithvegas.com
- URL
- https://happywithvegas.com/l/6238842fd1acd6186e629bff?sub_id=940440896&{click_id}=Jwpbg9kJRPyt1ftUeA3AKC
Verdicts & Comments Add Verdict or Comment
25 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone object| oncontextlost object| oncontextrestored object| xmlHttp function| ChkRequestEnc function| RedirectToUrl function| GetXmlHttpObject object| swfobject object| canvas object| gl string| gpu object| debugInfo string| vendor string| renderer string| gstr string| vs string| ds string| sl string| os string| nos object| playerVersion string| swfV string| inside_frame string| sc function| inIframe2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| mycapitallonecard.com/ | Name: __tad Value: 1648001490.6473641 |
|
| .1redirc.com/ | Name: __dsnsid Value: 2022032313113033bf9c88243fa688fa |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
1redirc.com
happywithvegas.com
mycapitallonecard.com
postback.fapclick.com
happywithvegas.com
103.224.182.206
103.224.182.246
2a05:d018:48:3d01:cd9c:38d1:dab2:18c0
40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e
4812c6ba38d0c06eeb16a0b51957a4850b04a9244ac51bd112a89615ef6fc6bf
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed