s.getclick.vip Open in urlscan Pro
2a04:3542:1000:910:80c8:eeff:fe8b:30bf Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://th.mobilefunkem.com/link/764/10324?click_id=2f6ae2ea-493d-47ed-bc4a-68234cf1651b&19813=mdk-jsy4lz4=
Effective URL:
https://s.getclick.vip/iq_test2?flow=sms&tid=63vrjgrar7f3yswuzma04gkws,17815799,5,21846&ctrack=1723089747.3542436865&p=...
Submission: On August 08 via api (August 8th 2024, 4:02:33 am UTC) from US — Scanned from GB

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 4 countries across 7 domains to perform 14 HTTP transactions. The main IP is 2a04:3542:1000:910:80c8:eeff:fe8b:30bf, located in Madrid, Spain and belongs to UPCLOUD, FI. The main domain is s.getclick.vip.
TLS certificate: Issued by E5 on July 29th 2024. Valid for: 3 months.

This is the only time s.getclick.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	143.198.241.168 143.198.241.168	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	2a04:3542:100... 2a04:3542:1000:910:80c8:eeff:fe8b:6d38	202053 (UPCLOUD) (UPCLOUD)
10	2a04:3542:100... 2a04:3542:1000:910:80c8:eeff:fe8b:30bf	202053 (UPCLOUD) (UPCLOUD)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
14	5

2 143.198.241.168 (Slough, United Kingdom) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

th.mobilefunkem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mobilefunkem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:3542:1000:910:80c8:eeff:fe8b:6d38 (Madrid, Spain) 1 redirects

ASN202053 (UPCLOUD, FI)

126411d3a667.terrificompany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a04:3542:1000:910:80c8:eeff:fe8b:30bf (Madrid, Spain)

ASN202053 (UPCLOUD, FI)

s.getclick.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	getclick.vip s.getclick.vip	339 KB
2	mobilefunkem.com 2 redirects th.mobilefunkem.com mobilefunkem.com	467 B
1	gstatic.com fonts.gstatic.com	35 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3123
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	903 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	94 KB
1	terrificompany.com 1 redirects 126411d3a667.terrificompany.com	916 B
14	7

	Domain	Requested by
10	s.getclick.vip	s.getclick.vip
1	fonts.gstatic.com	fonts.googleapis.com
1	region1.google-analytics.com	www.googletagmanager.com
1	fonts.googleapis.com	s.getclick.vip
1	www.googletagmanager.com	s.getclick.vip
1	126411d3a667.terrificompany.com	1 redirects
1	mobilefunkem.com	1 redirects
1	th.mobilefunkem.com	1 redirects
14	8

This site contains no links.

Subject Issuer	Validity	Valid
*.getclick.vip E5	`2024-07-29` - `2024-10-27`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://s.getclick.vip/iq_test2?flow=sms&tid=63vrjgrar7f3yswuzma04gkws,17815799,5,21846&ctrack=1723089747.3542436865&p=21846&media_type=mainstream
Frame ID: 1D3B1EC19FBB3C9B7530AD49963F5852
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Congratulations!

Page URL History Show full URLs

http://th.mobilefunkem.com/link/764/10324?click_id=2f6ae2ea-493d-47ed-bc4a-68234cf1651b&19813=mdk-jsy4lz4= HTTP 307
https://th.mobilefunkem.com/link/764/10324?click_id=2f6ae2ea-493d-47ed-bc4a-68234cf1651b&19813=mdk-jsy4lz4= HTTP 302
https://mobilefunkem.com/th/TH_DownloadGamez?cid=52808&click_id=2f6ae2ea-493d-47ed-bc4a-68234cf1651b&... HTTP 302
https://126411d3a667.terrificompany.com/?p=21846&media_type=mainstream HTTP 302
https://s.getclick.vip/iq_test2?flow=sms&tid=63vrjgrar7f3yswuzma04gkws,17815799,5,21846&ctrack=1723... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

14
Requests

100 %
HTTPS

86 %
IPv6

7
Domains

8
Subdomains

5
IPs

4
Countries

469 kB
Transfer

843 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://th.mobilefunkem.com/link/764/10324?click_id=2f6ae2ea-493d-47ed-bc4a-68234cf1651b&19813=mdk-jsy4lz4= HTTP 307
https://th.mobilefunkem.com/link/764/10324?click_id=2f6ae2ea-493d-47ed-bc4a-68234cf1651b&19813=mdk-jsy4lz4= HTTP 302
https://mobilefunkem.com/th/TH_DownloadGamez?cid=52808&click_id=2f6ae2ea-493d-47ed-bc4a-68234cf1651b&19813=mdk-jsy4lz4= HTTP 302
https://126411d3a667.terrificompany.com/?p=21846&media_type=mainstream HTTP 302
https://s.getclick.vip/iq_test2?flow=sms&tid=63vrjgrar7f3yswuzma04gkws,17815799,5,21846&ctrack=1723089747.3542436865&p=21846&media_type=mainstream Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request iq_test2 Show response
s.getclick.vip/
Redirect Chain

http://th.mobilefunkem.com/link/764/10324?click_id=2f6ae2ea-493d-47ed-bc4a-68234cf1651b&19813=mdk-jsy4lz4=
https://th.mobilefunkem.com/link/764/10324?click_id=2f6ae2ea-493d-47ed-bc4a-68234cf1651b&19813=mdk-jsy4lz4=
https://mobilefunkem.com/th/TH_DownloadGamez?cid=52808&click_id=2f6ae2ea-493d-47ed-bc4a-68234cf1651b&19813=mdk-jsy4lz4=
https://126411d3a667.terrificompany.com/?p=21846&media_type=mainstream
https://s.getclick.vip/iq_test2?flow=sms&tid=63vrjgrar7f3yswuzma04gkws,17815799,5,21846&ctrack=1723089747.3542436865&p=21846&media_type=mainstream

14 KB
7 KB

319ms
120ms

Document
text/html

2a04:3542:1000:910:80c8:eeff:fe8b:30bf
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://s.getclick.vip/iq_test2?flow=sms&tid=63vrjgrar7f3yswuzma04gkws,17815799,5,21846&ctrack=1723089747.3542436865&p=21846&media_type=mainstream
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a04:3542:1000:910:80c8:eeff:fe8b:30bf Madrid, Spain, ASN202053 (UPCLOUD, FI),
Reverse DNS
Software: /
Resource Hash: 3073a3320c9703b12799a8339214c6c662d04eb1a3c4cebdd61624ccec8fcb5d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 08 Aug 2024 04:02:27 GMT
log-id: 14bba0ff-db39-4723-987f-4904adf18c84
vary: Accept-Encoding

Redirect headers

content-type: text/html; charset=UTF-8
date: Thu, 08 Aug 2024 04:02:27 GMT
location: https://s.getclick.vip/iq_test2?flow=sms&tid=63vrjgrar7f3yswuzma04gkws,17815799,5,21846&ctrack=1723089747.3542436865&p=21846&media_type=mainstream

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 272 KB
94 KB 214ms
71ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2V6DGFRPKP

Requested by

Host: s.getclick.vip
URL: https://s.getclick.vip/iq_test2?flow=sms&tid=63vrjgrar7f3yswuzma04gkws,17815799,5,21846&ctrack=1723089747.3542436865&p=21846&media_type=mainstream

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9e9d8edb2badcbc01136c747f9cc5da267d7e200c08f7adeea61c6886a134895

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://s.getclick.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 04:02:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96049
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 08 Aug 2024 04:02:27 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
903 B 209ms
62ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Archivo:wght@100..900&display=swap

Requested by

Host: s.getclick.vip
URL: https://s.getclick.vip/iq_test2?flow=sms&tid=63vrjgrar7f3yswuzma04gkws,17815799,5,21846&ctrack=1723089747.3542436865&p=21846&media_type=mainstream

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0273f2e75d5e4a9c51e6cfb82861a3b966c512a8da68e95099f26c6ec97dd10c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://s.getclick.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 08 Aug 2024 04:02:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 08 Aug 2024 04:02:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Aug 2024 04:02:27 GMT

GET
H2 200 app.css
s.getclick.vip/css/offers/iq_test2/ 3 KB
1 KB 83ms
83ms Stylesheet
text/css 2a04:3542:1000:910:80c8:eeff:fe8b:30bf
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://s.getclick.vip/css/offers/iq_test2/app.css?id=d3f0203d5f5be414d14e5f6219a7867b
Requested by: Host: s.getclick.vip
URL: https://s.getclick.vip/iq_test2?flow=sms&tid=63vrjgrar7f3yswuzma04gkws,17815799,5,21846&ctrack=1723089747.3542436865&p=21846&media_type=mainstream
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a04:3542:1000:910:80c8:eeff:fe8b:30bf Madrid, Spain, ASN202053 (UPCLOUD, FI),
Reverse DNS
Software: /
Resource Hash: 858a78925f062b495a27eaa02f3b6588828d854af5a7acf78e7cdc1bfcc42e3a

Request headers

Referer: https://s.getclick.vip/iq_test2?flow=sms&tid=63vrjgrar7f3yswuzma04gkws,17815799,5,21846&ctrack=1723089747.3542436865&p=21846&media_type=mainstream
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: public
date: Thu, 08 Aug 2024 04:02:27 GMT
content-encoding: gzip
last-modified: Thu, 01 Aug 2024 14:12:59 GMT
etag: W/"66ab97eb-ddf"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
expires: Fri, 08 Aug 2025 04:02:27 GMT

GET
H2 200 puzzle.png
s.getclick.vip/img/offers/iq_test2/ 5 KB
5 KB 89ms
88ms Image
image/png 2a04:3542:1000:910:80c8:eeff:fe8b:30bf
UPCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.getclick.vip/img/offers/iq_test2/puzzle.png
Requested by: Host: s.getclick.vip
URL: https://s.getclick.vip/iq_test2?flow=sms&tid=63vrjgrar7f3yswuzma04gkws,17815799,5,21846&ctrack=1723089747.3542436865&p=21846&media_type=mainstream
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a04:3542:1000:910:80c8:eeff:fe8b:30bf Madrid, Spain, ASN202053 (UPCLOUD, FI),
Reverse DNS
Software: /
Resource Hash: d646bd618a65a9e488e2d30ae799d10447bb3ba7a3c4a969ff09de06d2c280ce

Request headers

Referer: https://s.getclick.vip/iq_test2?flow=sms&tid=63vrjgrar7f3yswuzma04gkws,17815799,5,21846&ctrack=1723089747.3542436865&p=21846&media_type=mainstream
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: public
date: Thu, 08 Aug 2024 04:02:27 GMT
last-modified: Thu, 01 Aug 2024 14:12:59 GMT
etag: "66ab97eb-1268"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 4712
expires: Fri, 08 Aug 2025 04:02:27 GMT

GET
H2 200 laptop.webp
s.getclick.vip/img/offers/iq_test2/ 220 KB
220 KB 88ms
87ms Image
image/webp 2a04:3542:1000:910:80c8:eeff:fe8b:30bf
UPCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.getclick.vip/img/offers/iq_test2/laptop.webp
Requested by: Host: s.getclick.vip
URL: https://s.getclick.vip/iq_test2?flow=sms&tid=63vrjgrar7f3yswuzma04gkws,17815799,5,21846&ctrack=1723089747.3542436865&p=21846&media_type=mainstream
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a04:3542:1000:910:80c8:eeff:fe8b:30bf Madrid, Spain, ASN202053 (UPCLOUD, FI),
Reverse DNS
Software: /
Resource Hash: dd31fbf72786f5e458f69bde6d6c1a02697ab7e682e90b8d620faa44fbdcb517

Request headers

Referer: https://s.getclick.vip/iq_test2?flow=sms&tid=63vrjgrar7f3yswuzma04gkws,17815799,5,21846&ctrack=1723089747.3542436865&p=21846&media_type=mainstream
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 04:02:27 GMT
last-modified: Thu, 01 Aug 2024 14:12:59 GMT
accept-ranges: bytes
etag: "66ab97eb-37086"
content-length: 225414
content-type: image/webp

GET
H2 200 brains.png
s.getclick.vip/img/offers/iq_test2/ 4 KB
5 KB 199ms
199ms Image
image/png 2a04:3542:1000:910:80c8:eeff:fe8b:30bf
UPCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.getclick.vip/img/offers/iq_test2/brains.png
Requested by: Host: s.getclick.vip
URL: https://s.getclick.vip/iq_test2?flow=sms&tid=63vrjgrar7f3yswuzma04gkws,17815799,5,21846&ctrack=1723089747.3542436865&p=21846&media_type=mainstream
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a04:3542:1000:910:80c8:eeff:fe8b:30bf Madrid, Spain, ASN202053 (UPCLOUD, FI),
Reverse DNS
Software: /
Resource Hash: f643af623e28368725ef7d618d980e052ce9201e4399fd72f9353ba32ab4286f

Request headers

Referer: https://s.getclick.vip/iq_test2?flow=sms&tid=63vrjgrar7f3yswuzma04gkws,17815799,5,21846&ctrack=1723089747.3542436865&p=21846&media_type=mainstream
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: public
date: Thu, 08 Aug 2024 04:02:27 GMT
last-modified: Thu, 01 Aug 2024 14:12:59 GMT
etag: "66ab97eb-1146"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 4422
expires: Fri, 08 Aug 2025 04:02:27 GMT

GET
H2 200 cash.png
s.getclick.vip/img/offers/iq_test2/ 3 KB
3 KB 186ms
186ms Image
image/png 2a04:3542:1000:910:80c8:eeff:fe8b:30bf
UPCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.getclick.vip/img/offers/iq_test2/cash.png
Requested by: Host: s.getclick.vip
URL: https://s.getclick.vip/iq_test2?flow=sms&tid=63vrjgrar7f3yswuzma04gkws,17815799,5,21846&ctrack=1723089747.3542436865&p=21846&media_type=mainstream
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a04:3542:1000:910:80c8:eeff:fe8b:30bf Madrid, Spain, ASN202053 (UPCLOUD, FI),
Reverse DNS
Software: /
Resource Hash: 594067042cdbd19b4be737bbf547f2bab5aabf92e60592c7a17271ff0517672f

Request headers

Referer: https://s.getclick.vip/iq_test2?flow=sms&tid=63vrjgrar7f3yswuzma04gkws,17815799,5,21846&ctrack=1723089747.3542436865&p=21846&media_type=mainstream
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: public
date: Thu, 08 Aug 2024 04:02:27 GMT
last-modified: Thu, 01 Aug 2024 14:12:59 GMT
etag: "66ab97eb-abb"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 2747
expires: Fri, 08 Aug 2025 04:02:27 GMT

GET
H2 200 growth.png
s.getclick.vip/img/offers/iq_test2/ 2 KB
2 KB 199ms
199ms Image
image/png 2a04:3542:1000:910:80c8:eeff:fe8b:30bf
UPCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.getclick.vip/img/offers/iq_test2/growth.png
Requested by: Host: s.getclick.vip
URL: https://s.getclick.vip/iq_test2?flow=sms&tid=63vrjgrar7f3yswuzma04gkws,17815799,5,21846&ctrack=1723089747.3542436865&p=21846&media_type=mainstream
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a04:3542:1000:910:80c8:eeff:fe8b:30bf Madrid, Spain, ASN202053 (UPCLOUD, FI),
Reverse DNS
Software: /
Resource Hash: cc0bd9f92cd2353fead82a4b502c72cb1ef370ceba8921355e4c219f56fd3b37

Request headers

Referer: https://s.getclick.vip/iq_test2?flow=sms&tid=63vrjgrar7f3yswuzma04gkws,17815799,5,21846&ctrack=1723089747.3542436865&p=21846&media_type=mainstream
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: public
date: Thu, 08 Aug 2024 04:02:27 GMT
last-modified: Thu, 01 Aug 2024 14:12:59 GMT
etag: "66ab97eb-72a"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 1834
expires: Fri, 08 Aug 2025 04:02:27 GMT

GET
H2 200 verified.png
s.getclick.vip/img/offers/iq_test2/ 4 KB
4 KB 199ms
199ms Image
image/png 2a04:3542:1000:910:80c8:eeff:fe8b:30bf
UPCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.getclick.vip/img/offers/iq_test2/verified.png
Requested by: Host: s.getclick.vip
URL: https://s.getclick.vip/iq_test2?flow=sms&tid=63vrjgrar7f3yswuzma04gkws,17815799,5,21846&ctrack=1723089747.3542436865&p=21846&media_type=mainstream
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a04:3542:1000:910:80c8:eeff:fe8b:30bf Madrid, Spain, ASN202053 (UPCLOUD, FI),
Reverse DNS
Software: /
Resource Hash: 39f9a4fdb28c198c413c7b09016508f23fc82d9790f48c586daed29065db9bb8

Request headers

Referer: https://s.getclick.vip/iq_test2?flow=sms&tid=63vrjgrar7f3yswuzma04gkws,17815799,5,21846&ctrack=1723089747.3542436865&p=21846&media_type=mainstream
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: public
date: Thu, 08 Aug 2024 04:02:27 GMT
last-modified: Thu, 01 Aug 2024 14:12:59 GMT
etag: "66ab97eb-e49"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 3657
expires: Fri, 08 Aug 2025 04:02:27 GMT

GET
H2 200 app.js Show response
s.getclick.vip/js/ 0
207 B 199ms
199ms Script
application/javascript 2a04:3542:1000:910:80c8:eeff:fe8b:30bf
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://s.getclick.vip/js/app.js?id=d41d8cd98f00b204e9800998ecf8427e
Requested by: Host: s.getclick.vip
URL: https://s.getclick.vip/iq_test2?flow=sms&tid=63vrjgrar7f3yswuzma04gkws,17815799,5,21846&ctrack=1723089747.3542436865&p=21846&media_type=mainstream
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a04:3542:1000:910:80c8:eeff:fe8b:30bf Madrid, Spain, ASN202053 (UPCLOUD, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s.getclick.vip/iq_test2?flow=sms&tid=63vrjgrar7f3yswuzma04gkws,17815799,5,21846&ctrack=1723089747.3542436865&p=21846&media_type=mainstream
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: public
date: Thu, 08 Aug 2024 04:02:27 GMT
last-modified: Thu, 01 Aug 2024 14:12:59 GMT
etag: "66ab97eb-0"
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 0
expires: Fri, 08 Aug 2025 04:02:27 GMT

GET
H2 200 app.js Show response
s.getclick.vip/js/offers/iq_test2/ 281 KB
92 KB 201ms
201ms Script
application/javascript 2a04:3542:1000:910:80c8:eeff:fe8b:30bf
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://s.getclick.vip/js/offers/iq_test2/app.js?id=e752bd327f4bbeab7672aaa4fe280efb
Requested by: Host: s.getclick.vip
URL: https://s.getclick.vip/iq_test2?flow=sms&tid=63vrjgrar7f3yswuzma04gkws,17815799,5,21846&ctrack=1723089747.3542436865&p=21846&media_type=mainstream
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a04:3542:1000:910:80c8:eeff:fe8b:30bf Madrid, Spain, ASN202053 (UPCLOUD, FI),
Reverse DNS
Software: /
Resource Hash: c148136bcd502f456dc410ee7b0457d3fc117a88c181598d360d7d679d1677a2

Request headers

Referer: https://s.getclick.vip/iq_test2?flow=sms&tid=63vrjgrar7f3yswuzma04gkws,17815799,5,21846&ctrack=1723089747.3542436865&p=21846&media_type=mainstream
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: public
date: Thu, 08 Aug 2024 04:02:27 GMT
content-encoding: gzip
last-modified: Thu, 01 Aug 2024 14:12:59 GMT
etag: W/"66ab97eb-46430"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Fri, 08 Aug 2025 04:02:27 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 396ms
64ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2V6DGFRPKP&gtm=45je4851v880168263za200&_p=1723089747675&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1921736819.1723089748&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723089748&sct=1&seg=0&dl=https%3A%2F%2Fs.getclick.vip%2Fiq_test2%3Fflow%3Dsms%26tid%3D63vrjgrar7f3yswuzma04gkws%2C17815799%2C5%2C21846%26ctrack%3D1723089747.3542436865%26p%3D21846%26media_type%3Dmainstream&dt=Congratulations!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.ab=a&ep.flow=sms&ep.offer=iq_test2&ep.prize=iphone-15-pro&ep.category=sms_win&ep.p=21846&tfd=3021
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2V6DGFRPKP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://s.getclick.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Aug 2024 04:02:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://s.getclick.vip
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 k3kPo8UDI-1M0wlSV9XAw6lQkqWY8Q82sLydOxI.woff2
fonts.gstatic.com/s/archivo/v19/ 34 KB
35 KB 381ms
59ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/archivo/v19/k3kPo8UDI-1M0wlSV9XAw6lQkqWY8Q82sLydOxI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Archivo:wght@100..900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c59b09511f172d20fbf5feaf7aff9e844460cdb286d8930a1f546b39ed1a5e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s.getclick.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 13:53:53 GMT
x-content-type-options: nosniff
age: 50915
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35272
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:41:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Aug 2025 13:53:53 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
mobilefunkem.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 33A9D25A733644F1B4A595575E85A170
.126411d3a667.terrificompany.com/	1970-01-20 22:38:10	Name: rts-trck Value: 1
.terrificompany.com/	1970-01-21 08:14:09	Name: t-uuid Value: 63vrjgraua9wr36flpfs4c8wg
.terrificompany.com/	1970-01-20 22:39:36	Name: ab Value: B
.terrificompany.com/	1970-01-20 23:21:21	Name: traffic-visited-domain Value: getclick.vip
.terrificompany.com/	1970-01-20 22:38:09	Name: traffic-back-ivr Value: ok
s.getclick.vip/	1970-01-20 22:38:16	Name: XSRF-TOKEN Value: eyJpdiI6ImQ2T0dSL2pydHRaWjlKb3pFWGxCaWc9PSIsInZhbHVlIjoic2JDKzJIV0F5RmJwSFVrOGh3Q3g3cWl6S09Vb096RGVQSFlMSENhSlZ5NXptK25OYlVMcXdEUzllQ3pKVytOR0NiZWZtdS96amttWjJhSi8wTnFYUy9TdUJ3bGdXY2FDdXhJUTdYVE12dHpQNnFMWjJpWncxRnFtVTREVUcwRjkiLCJtYWMiOiJiNzM3ZDAzZjc3MDJlMjY5YjJiMDVhYmY1MzdkMzY3Nzc2ZDk3YzI4MDdjMzViYWE4MTEwZDBmMjcxMzVkMmJiIiwidGFnIjoiIn0%3D
s.getclick.vip/	1970-01-20 22:38:16	Name: ivr_offers_session Value: eyJpdiI6ImZobU9jQ2txTFFxdnhYejhxMExxUXc9PSIsInZhbHVlIjoidTJ4TXMxdjNaNnB5ek00aHIrWnh2Q0xPaGNJU1dzOWRpTStMZ3EzQVRBdHVhMmkzWHk3UU0wVTRmQlZMNjdsM2tCZ3FzcG04MzdOcWN0VjVncFJJRWV4dUFSK2FwN0ZtaHFPZ1dVTTV2NEwxNGRINXovVmhIRCtlUktscmNjL3QiLCJtYWMiOiJlN2E3NjkyOTFkZjc3NDczMmIyZWRmYjFlODA0NWJkMDhiOTk5Y2NkNjI2ZTBmODNhZDdiZTk4ZjBiNDY0NThhIiwidGFnIjoiIn0%3D
s.getclick.vip/	1970-01-20 22:39:36	Name: domain-trk Value: eyJpdiI6ImVzcWNvaG9kKzZOcmFIcnZ6TlZsUkE9PSIsInZhbHVlIjoiRzJjU2ljWmhQZVdKdEVFRlYzRHVaWlo5akY5NWlCaksraEVnNEI3RXpyTVhVZ3pISnNVSDA0YWh2SzZPak12ViIsIm1hYyI6ImE5YTA0NGMzYWI4YTc0NjJjZmMxZGY4NGZjMjdjMzZhN2VmZDViZWM4MTIxMTViYjU2ODlhM2ZjMWYwMjRhNDgiLCJ0YWciOiIifQ%3D%3D
s.getclick.vip/	1969-12-31 23:59:59	Name: SESS_TRAF Value: eyJpdiI6IkxpSDBGUkRSbHlQTmZRNzZhVFphSUE9PSIsInZhbHVlIjoiV25mclRORjFzdjFwbDRTY21CTjRXTWVsRDhqQnZQQzhvMmMyMnVYZ2J1YkZ2NE5kdEtuZ2VuQmlVYnpTR0kwRllXMjlyWm0yS2pIUldhYkxXZW5aa0tVTHlwQ0hVTjErOE5YL2NXRXh6MXRib2taS2xPMVo1U1E2MGNCbFZnRGJrZk1BNERtbEZXR2tGcHk0Nytnbkx4YmFib1Y0SS9QTWlDNFdUVi9aelhxM1ByNExOb0FGWDNnVUNwNlFHaTZXREFTNjFFeVBCVnpuclpFbVg2Lzg5b3cwaUpXY0l2K0cwOWJLZi95cjJIc1ppZXM2d1ZiWnhIOW8ya2l3aFJ2dyIsIm1hYyI6ImFhYzAxOTkzODNhMzZiMmIxYjc5YTQ0MGIxZmFhOWM2MzkzMjZiYWJiNGNkZjRkNGI5YTczYzdmMWJmMGNjNzIiLCJ0YWciOiIifQ%3D%3D
s.getclick.vip/	1970-01-20 22:39:36	Name: visit Value: eyJpdiI6ImUyUSszclNpeDh6WU5QaHJtd01Vcnc9PSIsInZhbHVlIjoiV1lpK1FJRW9PZXdnK0pjQURjc0hLSGNLckdoV0ZnOHJ2b25uTldkQm0zUHE3ZldjS3VrVkpVWi85aEVKY0h4SiIsIm1hYyI6ImZmZmM0Y2E3NjgzNDhhNzQ0YjRiNDEyZjJjZWRjOWQyM2RjNzI0MWQ5ZDk1YWY4YmJiNDk5NzE2ZWRmYmQ1OWQiLCJ0YWciOiIifQ%3D%3D
s.getclick.vip/	1970-01-20 22:38:16	Name: E9ONXnlOMvAper1oX3QfqxFCYhjziLr9Vcy4u0OY Value: eyJpdiI6IjJYZmRWZmNSb1lGS1o5U0VHMFBvVGc9PSIsInZhbHVlIjoiVGlBbWgxRi93aVc0Z2ZweWNCYzhEVWRDYy80NnBUNGVVYjNXak1JTkQzKzdRY3NZT25QSmhhN0pDbG9SbStKTnp6ZEdCYjdQV05OL1crc1paekhMQ1ZxNElzWnhQcjNkMmdGMFIwcGFhaDBEeXlxT2N1cktBRzdmR0ZoUUM5VnpLdmlUcUFDLzJRQmpqUmVXU01FMUFGVDUzb0FudzlVN2x1M2s5TzErR29XWTNUb040N1R1S3hGb1V3V3R4eU1FTUJWMVBMOGVSa2N6Uk95UXM4ajRoMDNVd3ltYStNcTBwNWs5OUlsdUJEOGcxOGFaNmh4dUJnSzNGUkpFcWhJMmhUcEQxWjAxWHluWnhJazlScElsRUduanpSZHB3ZDBmK0FlRW9SUU5qTG51cnk2NzBxVWNVMDVWdHJqQm0wVlRwOHp3VXhkeldVSGhaUjh1UGVmZVF0anRlcXNYbHdzK1FramIzbWxiLzJlUzlGWm50Y1FlYUR1Vkh1eFZ5cHA1dWtkOFB0aTVxSVdBa2RIM3dqMDI1a0ZBa2tlRkNQTlpPVXRiK2RHNDF6MnBDV2doY0RtcS9PNmVuZ2xQWmxqbWx4Ung1SUhadUNaMm5vTUF3cDl4ODhWU0pkTGhidFRxNFRCVWt0YVVvSU9wS1VHLzN1Zm44RzlNbW1icFo2QXVzRVlsbUlCeXFvSmFrNG91S0pUSlluNDNEUHJLRFpCQkdvb3JRS3hlR21vPSIsIm1hYyI6IjRiZGVkMzM0MzQ2ZDNkNzA0MGI3ZGM1NzI5N2IwZGU0NTg0OGY5MGNiMDIxMzkwNmJhNTEwZWJjMDljYzU3OWMiLCJ0YWciOiIifQ%3D%3D
.getclick.vip/	1970-01-21 08:14:09	Name: _ga_2V6DGFRPKP Value: GS1.1.1723089748.1.0.1723089748.0.0.0
.getclick.vip/	1970-01-21 08:14:09	Name: _ga Value: GA1.1.1921736819.1723089748

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

126411d3a667.terrificompany.com
fonts.googleapis.com
fonts.gstatic.com
mobilefunkem.com
region1.google-analytics.com
s.getclick.vip
th.mobilefunkem.com
www.googletagmanager.com
143.198.241.168
2001:4860:4802:32::36
2a00:1450:4001:80b::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2008
2a04:3542:1000:910:80c8:eeff:fe8b:30bf
2a04:3542:1000:910:80c8:eeff:fe8b:6d38
0273f2e75d5e4a9c51e6cfb82861a3b966c512a8da68e95099f26c6ec97dd10c
3073a3320c9703b12799a8339214c6c662d04eb1a3c4cebdd61624ccec8fcb5d
39f9a4fdb28c198c413c7b09016508f23fc82d9790f48c586daed29065db9bb8
594067042cdbd19b4be737bbf547f2bab5aabf92e60592c7a17271ff0517672f
7c59b09511f172d20fbf5feaf7aff9e844460cdb286d8930a1f546b39ed1a5e1
858a78925f062b495a27eaa02f3b6588828d854af5a7acf78e7cdc1bfcc42e3a
9e9d8edb2badcbc01136c747f9cc5da267d7e200c08f7adeea61c6886a134895
c148136bcd502f456dc410ee7b0457d3fc117a88c181598d360d7d679d1677a2
cc0bd9f92cd2353fead82a4b502c72cb1ef370ceba8921355e4c219f56fd3b37
d646bd618a65a9e488e2d30ae799d10447bb3ba7a3c4a969ff09de06d2c280ce
dd31fbf72786f5e458f69bde6d6c1a02697ab7e682e90b8d620faa44fbdcb517
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f643af623e28368725ef7d618d980e052ce9201e4399fd72f9353ba32ab4286f

s.getclick.vip Open in urlscan Pro 2a04:3542:1000:910:80c8:eeff:fe8b:30bf Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

86 %IPv6

7 Domains

8 Subdomains

5 IPs

4 Countries

469 kBTransfer

843 kBSize

14 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

14 Cookies

Indicators

s.getclick.vip Open in urlscan Pro
2a04:3542:1000:910:80c8:eeff:fe8b:30bf Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

86 %
IPv6

7
Domains

8
Subdomains

5
IPs

4
Countries

469 kB
Transfer

843 kB
Size

14
Cookies

14 HTTP transactions
0 data transactions