s.getclick.vip
Open in
urlscan Pro
2a04:3542:1000:910:80c8:eeff:fe8b:30bf
Public Scan
Effective URL: https://s.getclick.vip/iq_test2?flow=sms&tid=63vrjgrar7f3yswuzma04gkws,17815799,5,21846&ctrack=1723089747.3542436865&p=...
Submission: On August 08 via api from US — Scanned from GB
Summary
TLS certificate: Issued by E5 on July 29th 2024. Valid for: 3 months.
This is the only time s.getclick.vip was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 143.198.241.168 143.198.241.168 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
1 1 | 2a04:3542:100... 2a04:3542:1000:910:80c8:eeff:fe8b:6d38 | 202053 (UPCLOUD) (UPCLOUD) | |
10 | 2a04:3542:100... 2a04:3542:1000:910:80c8:eeff:fe8b:30bf | 202053 (UPCLOUD) (UPCLOUD) | |
1 | 2a00:1450:400... 2a00:1450:4001:830::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:82b::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2001:4860:480... 2001:4860:4802:32::36 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:80b::2003 | 15169 (GOOGLE) (GOOGLE) | |
14 | 5 |
ASN14061 (DIGITALOCEAN-ASN, US)
th.mobilefunkem.com | |
mobilefunkem.com |
ASN202053 (UPCLOUD, FI)
126411d3a667.terrificompany.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
getclick.vip
s.getclick.vip |
339 KB |
2 |
mobilefunkem.com
2 redirects
th.mobilefunkem.com mobilefunkem.com |
467 B |
1 |
gstatic.com
fonts.gstatic.com |
35 KB |
1 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3123 |
|
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110 |
903 B |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112 |
94 KB |
1 |
terrificompany.com
1 redirects
126411d3a667.terrificompany.com |
916 B |
14 | 7 |
Domain | Requested by | |
---|---|---|
10 | s.getclick.vip |
s.getclick.vip
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | fonts.googleapis.com |
s.getclick.vip
|
1 | www.googletagmanager.com |
s.getclick.vip
|
1 | 126411d3a667.terrificompany.com | 1 redirects |
1 | mobilefunkem.com | 1 redirects |
1 | th.mobilefunkem.com | 1 redirects |
14 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.getclick.vip E5 |
2024-07-29 - 2024-10-27 |
3 months | crt.sh |
*.google-analytics.com WR2 |
2024-07-30 - 2024-10-22 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-07-30 - 2024-10-22 |
3 months | crt.sh |
*.gstatic.com WR2 |
2024-07-30 - 2024-10-22 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://s.getclick.vip/iq_test2?flow=sms&tid=63vrjgrar7f3yswuzma04gkws,17815799,5,21846&ctrack=1723089747.3542436865&p=21846&media_type=mainstream
Frame ID: 1D3B1EC19FBB3C9B7530AD49963F5852
Requests: 14 HTTP requests in this frame
Screenshot
Page Title
Congratulations!Page URL History Show full URLs
-
http://th.mobilefunkem.com/link/764/10324?click_id=2f6ae2ea-493d-47ed-bc4a-68234cf1651b&19813=mdk-jsy4lz4=
HTTP 307
https://th.mobilefunkem.com/link/764/10324?click_id=2f6ae2ea-493d-47ed-bc4a-68234cf1651b&19813=mdk-jsy4lz4= HTTP 302
https://mobilefunkem.com/th/TH_DownloadGamez?cid=52808&click_id=2f6ae2ea-493d-47ed-bc4a-68234cf1651b&... HTTP 302
https://126411d3a667.terrificompany.com/?p=21846&media_type=mainstream HTTP 302
https://s.getclick.vip/iq_test2?flow=sms&tid=63vrjgrar7f3yswuzma04gkws,17815799,5,21846&ctrack=1723... Page URL
Detected technologies
Google Analytics (Analytics) ExpandDetected patterns
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://th.mobilefunkem.com/link/764/10324?click_id=2f6ae2ea-493d-47ed-bc4a-68234cf1651b&19813=mdk-jsy4lz4=
HTTP 307
https://th.mobilefunkem.com/link/764/10324?click_id=2f6ae2ea-493d-47ed-bc4a-68234cf1651b&19813=mdk-jsy4lz4= HTTP 302
https://mobilefunkem.com/th/TH_DownloadGamez?cid=52808&click_id=2f6ae2ea-493d-47ed-bc4a-68234cf1651b&19813=mdk-jsy4lz4= HTTP 302
https://126411d3a667.terrificompany.com/?p=21846&media_type=mainstream HTTP 302
https://s.getclick.vip/iq_test2?flow=sms&tid=63vrjgrar7f3yswuzma04gkws,17815799,5,21846&ctrack=1723089747.3542436865&p=21846&media_type=mainstream Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
iq_test2
s.getclick.vip/ Redirect Chain
|
14 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
272 KB 94 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
1 KB 903 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.css
s.getclick.vip/css/offers/iq_test2/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
puzzle.png
s.getclick.vip/img/offers/iq_test2/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
laptop.webp
s.getclick.vip/img/offers/iq_test2/ |
220 KB 220 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
brains.png
s.getclick.vip/img/offers/iq_test2/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cash.png
s.getclick.vip/img/offers/iq_test2/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
growth.png
s.getclick.vip/img/offers/iq_test2/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
verified.png
s.getclick.vip/img/offers/iq_test2/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
s.getclick.vip/js/ |
0 207 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
s.getclick.vip/js/offers/iq_test2/ |
281 KB 92 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
k3kPo8UDI-1M0wlSV9XAw6lQkqWY8Q82sLydOxI.woff2
fonts.gstatic.com/s/archivo/v19/ |
34 KB 35 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| gtag object| dataLayer object| pd_options object| view object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal14 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
mobilefunkem.com/ | Name: JSESSIONID Value: 33A9D25A733644F1B4A595575E85A170 |
|
.126411d3a667.terrificompany.com/ | Name: rts-trck Value: 1 |
|
.terrificompany.com/ | Name: t-uuid Value: 63vrjgraua9wr36flpfs4c8wg |
|
.terrificompany.com/ | Name: ab Value: B |
|
.terrificompany.com/ | Name: traffic-visited-domain Value: getclick.vip |
|
.terrificompany.com/ | Name: traffic-back-ivr Value: ok |
|
s.getclick.vip/ | Name: XSRF-TOKEN Value: eyJpdiI6ImQ2T0dSL2pydHRaWjlKb3pFWGxCaWc9PSIsInZhbHVlIjoic2JDKzJIV0F5RmJwSFVrOGh3Q3g3cWl6S09Vb096RGVQSFlMSENhSlZ5NXptK25OYlVMcXdEUzllQ3pKVytOR0NiZWZtdS96amttWjJhSi8wTnFYUy9TdUJ3bGdXY2FDdXhJUTdYVE12dHpQNnFMWjJpWncxRnFtVTREVUcwRjkiLCJtYWMiOiJiNzM3ZDAzZjc3MDJlMjY5YjJiMDVhYmY1MzdkMzY3Nzc2ZDk3YzI4MDdjMzViYWE4MTEwZDBmMjcxMzVkMmJiIiwidGFnIjoiIn0%3D |
|
s.getclick.vip/ | Name: ivr_offers_session Value: eyJpdiI6ImZobU9jQ2txTFFxdnhYejhxMExxUXc9PSIsInZhbHVlIjoidTJ4TXMxdjNaNnB5ek00aHIrWnh2Q0xPaGNJU1dzOWRpTStMZ3EzQVRBdHVhMmkzWHk3UU0wVTRmQlZMNjdsM2tCZ3FzcG04MzdOcWN0VjVncFJJRWV4dUFSK2FwN0ZtaHFPZ1dVTTV2NEwxNGRINXovVmhIRCtlUktscmNjL3QiLCJtYWMiOiJlN2E3NjkyOTFkZjc3NDczMmIyZWRmYjFlODA0NWJkMDhiOTk5Y2NkNjI2ZTBmODNhZDdiZTk4ZjBiNDY0NThhIiwidGFnIjoiIn0%3D |
|
s.getclick.vip/ | Name: domain-trk Value: eyJpdiI6ImVzcWNvaG9kKzZOcmFIcnZ6TlZsUkE9PSIsInZhbHVlIjoiRzJjU2ljWmhQZVdKdEVFRlYzRHVaWlo5akY5NWlCaksraEVnNEI3RXpyTVhVZ3pISnNVSDA0YWh2SzZPak12ViIsIm1hYyI6ImE5YTA0NGMzYWI4YTc0NjJjZmMxZGY4NGZjMjdjMzZhN2VmZDViZWM4MTIxMTViYjU2ODlhM2ZjMWYwMjRhNDgiLCJ0YWciOiIifQ%3D%3D |
|
s.getclick.vip/ | Name: SESS_TRAF Value: eyJpdiI6IkxpSDBGUkRSbHlQTmZRNzZhVFphSUE9PSIsInZhbHVlIjoiV25mclRORjFzdjFwbDRTY21CTjRXTWVsRDhqQnZQQzhvMmMyMnVYZ2J1YkZ2NE5kdEtuZ2VuQmlVYnpTR0kwRllXMjlyWm0yS2pIUldhYkxXZW5aa0tVTHlwQ0hVTjErOE5YL2NXRXh6MXRib2taS2xPMVo1U1E2MGNCbFZnRGJrZk1BNERtbEZXR2tGcHk0Nytnbkx4YmFib1Y0SS9QTWlDNFdUVi9aelhxM1ByNExOb0FGWDNnVUNwNlFHaTZXREFTNjFFeVBCVnpuclpFbVg2Lzg5b3cwaUpXY0l2K0cwOWJLZi95cjJIc1ppZXM2d1ZiWnhIOW8ya2l3aFJ2dyIsIm1hYyI6ImFhYzAxOTkzODNhMzZiMmIxYjc5YTQ0MGIxZmFhOWM2MzkzMjZiYWJiNGNkZjRkNGI5YTczYzdmMWJmMGNjNzIiLCJ0YWciOiIifQ%3D%3D |
|
s.getclick.vip/ | Name: visit Value: eyJpdiI6ImUyUSszclNpeDh6WU5QaHJtd01Vcnc9PSIsInZhbHVlIjoiV1lpK1FJRW9PZXdnK0pjQURjc0hLSGNLckdoV0ZnOHJ2b25uTldkQm0zUHE3ZldjS3VrVkpVWi85aEVKY0h4SiIsIm1hYyI6ImZmZmM0Y2E3NjgzNDhhNzQ0YjRiNDEyZjJjZWRjOWQyM2RjNzI0MWQ5ZDk1YWY4YmJiNDk5NzE2ZWRmYmQ1OWQiLCJ0YWciOiIifQ%3D%3D |
|
s.getclick.vip/ | Name: E9ONXnlOMvAper1oX3QfqxFCYhjziLr9Vcy4u0OY Value: eyJpdiI6IjJYZmRWZmNSb1lGS1o5U0VHMFBvVGc9PSIsInZhbHVlIjoiVGlBbWgxRi93aVc0Z2ZweWNCYzhEVWRDYy80NnBUNGVVYjNXak1JTkQzKzdRY3NZT25QSmhhN0pDbG9SbStKTnp6ZEdCYjdQV05OL1crc1paekhMQ1ZxNElzWnhQcjNkMmdGMFIwcGFhaDBEeXlxT2N1cktBRzdmR0ZoUUM5VnpLdmlUcUFDLzJRQmpqUmVXU01FMUFGVDUzb0FudzlVN2x1M2s5TzErR29XWTNUb040N1R1S3hGb1V3V3R4eU1FTUJWMVBMOGVSa2N6Uk95UXM4ajRoMDNVd3ltYStNcTBwNWs5OUlsdUJEOGcxOGFaNmh4dUJnSzNGUkpFcWhJMmhUcEQxWjAxWHluWnhJazlScElsRUduanpSZHB3ZDBmK0FlRW9SUU5qTG51cnk2NzBxVWNVMDVWdHJqQm0wVlRwOHp3VXhkeldVSGhaUjh1UGVmZVF0anRlcXNYbHdzK1FramIzbWxiLzJlUzlGWm50Y1FlYUR1Vkh1eFZ5cHA1dWtkOFB0aTVxSVdBa2RIM3dqMDI1a0ZBa2tlRkNQTlpPVXRiK2RHNDF6MnBDV2doY0RtcS9PNmVuZ2xQWmxqbWx4Ung1SUhadUNaMm5vTUF3cDl4ODhWU0pkTGhidFRxNFRCVWt0YVVvSU9wS1VHLzN1Zm44RzlNbW1icFo2QXVzRVlsbUlCeXFvSmFrNG91S0pUSlluNDNEUHJLRFpCQkdvb3JRS3hlR21vPSIsIm1hYyI6IjRiZGVkMzM0MzQ2ZDNkNzA0MGI3ZGM1NzI5N2IwZGU0NTg0OGY5MGNiMDIxMzkwNmJhNTEwZWJjMDljYzU3OWMiLCJ0YWciOiIifQ%3D%3D |
|
.getclick.vip/ | Name: _ga_2V6DGFRPKP Value: GS1.1.1723089748.1.0.1723089748.0.0.0 |
|
.getclick.vip/ | Name: _ga Value: GA1.1.1921736819.1723089748 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
126411d3a667.terrificompany.com
fonts.googleapis.com
fonts.gstatic.com
mobilefunkem.com
region1.google-analytics.com
s.getclick.vip
th.mobilefunkem.com
www.googletagmanager.com
143.198.241.168
2001:4860:4802:32::36
2a00:1450:4001:80b::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2008
2a04:3542:1000:910:80c8:eeff:fe8b:30bf
2a04:3542:1000:910:80c8:eeff:fe8b:6d38
0273f2e75d5e4a9c51e6cfb82861a3b966c512a8da68e95099f26c6ec97dd10c
3073a3320c9703b12799a8339214c6c662d04eb1a3c4cebdd61624ccec8fcb5d
39f9a4fdb28c198c413c7b09016508f23fc82d9790f48c586daed29065db9bb8
594067042cdbd19b4be737bbf547f2bab5aabf92e60592c7a17271ff0517672f
7c59b09511f172d20fbf5feaf7aff9e844460cdb286d8930a1f546b39ed1a5e1
858a78925f062b495a27eaa02f3b6588828d854af5a7acf78e7cdc1bfcc42e3a
9e9d8edb2badcbc01136c747f9cc5da267d7e200c08f7adeea61c6886a134895
c148136bcd502f456dc410ee7b0457d3fc117a88c181598d360d7d679d1677a2
cc0bd9f92cd2353fead82a4b502c72cb1ef370ceba8921355e4c219f56fd3b37
d646bd618a65a9e488e2d30ae799d10447bb3ba7a3c4a969ff09de06d2c280ce
dd31fbf72786f5e458f69bde6d6c1a02697ab7e682e90b8d620faa44fbdcb517
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f643af623e28368725ef7d618d980e052ce9201e4399fd72f9353ba32ab4286f