urlscan.io logo urlscan.io
SecurityTrails logo

clear-practice.com Open in urlscan Pro
52.21.227.162  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bkz6o.com/86qhp5Ys
Effective URL: https://clear-practice.com/ping/86qhp5Ys?redirect=http%3A%2F%2Fgo.genborack.com%2Fts5543-sms-14-us%3Fclick_id%3D%7Bclick_id...
Submission Tags: phishing
Submission: On November 29 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 4 domains to perform 3 HTTP transactions. The main IP is 52.21.227.162, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is clear-practice.com. The Cisco Umbrella rank of the primary domain is 491019.
TLS certificate: Issued by R3 on September 30th 2022. Valid for: 3 months.
This is the only time clear-practice.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 162.255.119.167 22612 (NAMECHEAP...)
2 52.21.227.162 14618 (AMAZON-AES)
2 2 216.189.51.86 6921 (ARACHNITEC)
1 66.195.197.18 11402 (CCCAS-1)
3 2
Apex Domain
Subdomains		 Transfer
2 genborack.com
go.genborack.com — Cisco Umbrella Rank: 638694
455 B
2 clear-practice.com
clear-practice.com — Cisco Umbrella Rank: 491019
3 KB
1 linkapplied.com
2w8ov.linkapplied.com
301 B
1 bkz6o.com
bkz6o.com
454 B
3 4
Domain Requested by
2 go.genborack.com 2 redirects
2 clear-practice.com
1 2w8ov.linkapplied.com
1 bkz6o.com 1 redirects
3 4

This site contains no links.

Subject Issuer Validity Valid
clear-practice.com
R3		 2022-09-30 -
2022-12-29		 3 months crt.sh
linkapplied.com
R3		 2022-10-27 -
2023-01-25		 3 months crt.sh

This page contains 1 frames:

Frame: https://2w8ov.linkapplied.com/?kw=ts5543-sms-revs-14-us&s1=ts5543-sms-revs-14-us&s2=1669729728.457740-202522299-0-&s3=&fallback=18
Frame ID: 71FBD631D63F513D04121EA7D0B76B99
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://bkz6o.com/86qhp5Ys HTTP 302
    https://clear-practice.com/pingmeta2/86qhp5Ys?redirect=http%3A%2F%2Fgo.genborack.com%2Fts5543-sms-14-us... Page URL
  2. https://clear-practice.com/ping/86qhp5Ys?redirect=http%3A%2F%2Fgo.genborack.com%2Fts5543-sms-14-us%3Fcl... Page URL

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

2
IPs

1
Countries

3 kB
Transfer

2 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bkz6o.com/86qhp5Ys HTTP 302
    https://clear-practice.com/pingmeta2/86qhp5Ys?redirect=http%3A%2F%2Fgo.genborack.com%2Fts5543-sms-14-us%3Fclick_id%3D%7Bclick_id%7D%26thru%3Dtime-two%26source%3D5%26traffic%3DSWEEPS-EXTRA%26sub_id%3D11-26-22-time-two&traffic=SWEEPS-EXTRA Page URL
  2. https://clear-practice.com/ping/86qhp5Ys?redirect=http%3A%2F%2Fgo.genborack.com%2Fts5543-sms-14-us%3Fclick_id%3D%7Bclick_id%7D%26thru%3Dtime-two%26source%3D5%26traffic%3DSWEEPS-EXTRA%26sub_id%3D11-26-22-time-two&traffic=SWEEPS-EXTRA&ip=81.95.5.41&sub_id=undefined&source=undefined&landerIsActive=yes Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://bkz6o.com/86qhp5Ys HTTP 302
  • https://clear-practice.com/pingmeta2/86qhp5Ys?redirect=http%3A%2F%2Fgo.genborack.com%2Fts5543-sms-14-us%3Fclick_id%3D%7Bclick_id%7D%26thru%3Dtime-two%26source%3D5%26traffic%3DSWEEPS-EXTRA%26sub_id%3D11-26-22-time-two&traffic=SWEEPS-EXTRA
Request Chain 1
  • http://go.genborack.com/ts5543-sms-14-us?click_id=86qhp5Ys&thru=time-two&source=5&traffic=SWEEPS-EXTRA&sub_id=11-26-22-time-two HTTP 302
  • http://go.genborack.com/ts5543-sms-revs-14-us HTTP 302
  • https://2w8ov.linkapplied.com/?kw=ts5543-sms-revs-14-us&s1=ts5543-sms-revs-14-us&s2=1669729728.457740-202522299-0-&s3=&fallback=18

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
86qhp5Ys
clear-practice.com/pingmeta2/
Redirect Chain
  • http://bkz6o.com/86qhp5Ys
  • https://clear-practice.com/pingmeta2/86qhp5Ys?redirect=http%3A%2F%2Fgo.genborack.com%2Fts5543-sms-14-us%3Fclick_id%3D%7Bclick_id%7D%26thru%3Dtime-two%26source%3D5%26traffic%3DSWEEPS-EXTRA%26sub_id%...
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clear-practice.com/pingmeta2/86qhp5Ys?redirect=http%3A%2F%2Fgo.genborack.com%2Fts5543-sms-14-us%3Fclick_id%3D%7Bclick_id%7D%26thru%3Dtime-two%26source%3D5%26traffic%3DSWEEPS-EXTRA%26sub_id%3D11-26-22-time-two&traffic=SWEEPS-EXTRA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-227-162.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
39159495e3cdf1febff4aea3dd37dd4d4c2d37c4fb280ade0c6ec7da41698613

Request headers

Upgrade-Insecure-Requests
1
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers
*
Access-Control-Allow-Methods
GET, PUT, POST, DELETE
Access-Control-Allow-Origin
*
Access-Control-Request-Headers
GET, PUT, POST, DELETE
Connection
keep-alive
Content-Length
1212
Content-Type
text/html; charset=utf-8
Date
Tue, 29 Nov 2022 13:48:47 GMT
Etag
W/"4bc-dxYe7plwQzCyfUqBsa/nloF6rEc"
Server
Cowboy
Via
1.1 vegur
X-Powered-By
Express

Redirect headers

Connection
keep-alive
Content-Length
260
Content-Type
text/html; charset=utf-8
Date
Tue, 29 Nov 2022 13:48:47 GMT
Location
https://clear-practice.com/pingmeta2/86qhp5Ys?redirect=http%3A%2F%2Fgo.genborack.com%2Fts5543-sms-14-us%3Fclick_id%3D%7Bclick_id%7D%26thru%3Dtime-two%26source%3D5%26traffic%3DSWEEPS-EXTRA%26sub_id%3D11-26-22-time-two&traffic=SWEEPS-EXTRA
Server
namecheap-nginx
X-Served-By
Namecheap URL Forward
Primary Request 86qhp5Ys
clear-practice.com/ping/ 		1003 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clear-practice.com/ping/86qhp5Ys?redirect=http%3A%2F%2Fgo.genborack.com%2Fts5543-sms-14-us%3Fclick_id%3D%7Bclick_id%7D%26thru%3Dtime-two%26source%3D5%26traffic%3DSWEEPS-EXTRA%26sub_id%3D11-26-22-time-two&traffic=SWEEPS-EXTRA&ip=81.95.5.41&sub_id=undefined&source=undefined&landerIsActive=yes
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-227-162.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash

Request headers

Referer
https://clear-practice.com/pingmeta2/86qhp5Ys?redirect=http%3A%2F%2Fgo.genborack.com%2Fts5543-sms-14-us%3Fclick_id%3D%7Bclick_id%7D%26thru%3Dtime-two%26source%3D5%26traffic%3DSWEEPS-EXTRA%26sub_id%3D11-26-22-time-two&traffic=SWEEPS-EXTRA
Upgrade-Insecure-Requests
1
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers
*
Access-Control-Allow-Methods
GET, PUT, POST, DELETE
Access-Control-Allow-Origin
*
Access-Control-Request-Headers
GET, PUT, POST, DELETE
Connection
keep-alive
Content-Length
1003
Content-Type
text/html; charset=utf-8
Date
Tue, 29 Nov 2022 13:48:47 GMT
Etag
W/"3eb-e6oJU6JctAMuEN576xBeIJPA1ck"
Server
Cowboy
Via
1.1 vegur
X-Powered-By
Express
/
2w8ov.linkapplied.com/
Redirect Chain
  • http://go.genborack.com/ts5543-sms-14-us?click_id=86qhp5Ys&thru=time-two&source=5&traffic=SWEEPS-EXTRA&sub_id=11-26-22-time-two
  • http://go.genborack.com/ts5543-sms-revs-14-us
  • https://2w8ov.linkapplied.com/?kw=ts5543-sms-revs-14-us&s1=ts5543-sms-revs-14-us&s2=1669729728.457740-202522299-0-&s3=&fallback=18
0
301 B 		Document
General
Check archive.org
Download Go to
Full URL
https://2w8ov.linkapplied.com/?kw=ts5543-sms-revs-14-us&s1=ts5543-sms-revs-14-us&s2=1669729728.457740-202522299-0-&s3=&fallback=18
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.195.197.18 Lexington, United States, ASN11402 (CCCAS-1, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://clear-practice.com/ping/86qhp5Ys?redirect=http%3A%2F%2Fgo.genborack.com%2Fts5543-sms-14-us%3Fclick_id%3D%7Bclick_id%7D%26thru%3Dtime-two%26source%3D5%26traffic%3DSWEEPS-EXTRA%26sub_id%3D11-26-22-time-two&traffic=SWEEPS-EXTRA&ip=81.95.5.41&sub_id=undefined&source=undefined&landerIsActive=yes
Upgrade-Insecure-Requests
1
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language
de-DE,de;q=0.9

Response headers

0
X-Reason
1
BOT
cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 29 Nov 2022 13:48:49 GMT
strict-transport-security
max-age=15768000
transfer-encoding
chunked
x-redir
true

Redirect headers

Connection
close
Date
Tue, 29 Nov 2022 13:48:48 GMT
Location
https://2w8ov.linkapplied.com/?kw=ts5543-sms-revs-14-us&s1=ts5543-sms-revs-14-us&s2=1669729728.457740-202522299-0-&s3=&fallback=18
Server
nginx/1.14.2
Transfer-Encoding
chunked

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://2w8ov.linkapplied.com/?kw=ts5543-sms-revs-14-us&s1=ts5543-sms-revs-14-us&s2=1669729728.457740-202522299-0-&s3=&fallback=18
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2w8ov.linkapplied.com
bkz6o.com
clear-practice.com
go.genborack.com
162.255.119.167
216.189.51.86
52.21.227.162
66.195.197.18
39159495e3cdf1febff4aea3dd37dd4d4c2d37c4fb280ade0c6ec7da41698613
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855