urlscan.io logo urlscan.io
SecurityTrails logo

clickintelligence.co.uk Open in urlscan Pro
2606:4700:20::6818:622  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/
Submission: On August 16 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 8 domains to perform 24 HTTP transactions. The main IP is 2606:4700:20::6818:622, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is clickintelligence.co.uk.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on July 7th 2019. Valid for: 6 months.
This is the only time clickintelligence.co.uk was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic (Online)

Domain & IP information

IP Address AS Autonomous System
2 19 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.12.193 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
24 7
19    2606:4700:20::6818:622 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
clickintelligence.co.uk
www.clickintelligence.co.uk
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    151.101.12.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
i.imgur.com
2    2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
2    2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2a00:1450:4001:816::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
Domain Requested by
12 clickintelligence.co.uk 2 redirects clickintelligence.co.uk
7 www.clickintelligence.co.uk clickintelligence.co.uk
2 www.google-analytics.com 1 redirects clickintelligence.co.uk
2 fonts.gstatic.com clickintelligence.co.uk
1 www.google.de clickintelligence.co.uk
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 i.imgur.com clickintelligence.co.uk
1 fonts.googleapis.com clickintelligence.co.uk
24 9

This site contains links to these domains. Also see Links.

Domain
www.docusign.com
www.twitter.com
www.facebook.com
Subject Issuer Validity Valid
ssl387647.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-07-07 -
2020-01-13		 6 months crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-07-29 -
2019-10-21		 3 months crt.sh

1970-01-01 -
1970-01-01		 a few seconds crt.sh
*.google.com
Google Internet Authority G3		 2019-07-29 -
2019-10-21		 3 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-07-29 -
2019-10-21		 3 months crt.sh
www.google.de
Google Internet Authority G3		 2019-07-29 -
2019-10-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/
Frame ID: BCD25A104F04F9F79871C01492A17D8D
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

24
Requests

92 %
HTTPS

88 %
IPv6

8
Domains

9
Subdomains

7
IPs

3
Countries

617 kB
Transfer

2266 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://clickintelligence.co.uk/images/logo-dstr-login.png HTTP 301
  • https://www.clickintelligence.co.uk/images/logo-dstr-login.png
Request Chain 14
  • https://clickintelligence.co.uk/images/ctv-icon-sprite.png HTTP 301
  • https://www.clickintelligence.co.uk/images/ctv-icon-sprite.png
Request Chain 17
  • https://www.google-analytics.com/r/collect?v=1&_v=j78&a=803549866&t=pageview&_s=1&dl=https%3A%2F%2Fclickintelligence.co.uk%2Fwp-admin%2Fuser%2FDoCuSigN%2F&ul=en-us&de=UTF-8&dt=Sign%20In%20-%20DocuSign&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1627041345&gjid=748152007&cid=461246570.1565984633&tid=UA-39550292-1&_gid=1638536215.1565984633&_r=1&z=352555792 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-39550292-1&cid=461246570.1565984633&jid=1627041345&_gid=1638536215.1565984633&gjid=748152007&_v=j78&z=352555792 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-39550292-1&cid=461246570.1565984633&jid=1627041345&_v=j78&z=352555792 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-39550292-1&cid=461246570.1565984633&jid=1627041345&_v=j78&z=352555792&slf_rd=1&random=980293220

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
clickintelligence.co.uk/wp-admin/user/DoCuSigN/ 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fefc9e721312a667ca73b8ff3e94ddfe2683a370e6a3dd4983062f6ff670bd21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
clickintelligence.co.uk
:scheme
https
:path
/wp-admin/user/DoCuSigN/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

status
200
date
Fri, 16 Aug 2019 19:43:52 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=db08294b1a97428b03ded2ef77d4067161565984631; expires=Sat, 15-Aug-20 19:43:51 GMT; path=/; domain=.clickintelligence.co.uk; HttpOnly; Secure
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=3600
expires
Fri, 16 Aug 2019 20:43:54 GMT
referrer-policy
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-cache-status
BYPASS
x-server-powered-by
Engintron
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5075e64cf955bee2-FRA
content-encoding
br
css
fonts.googleapis.com/ 		7 KB
746 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Requested by
Host: clickintelligence.co.uk
URL: https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
0d9b67625f262e1eba2b5294ffbd97db236096233fb4fbb4b5cb01e8defffe1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 16 Aug 2019 19:43:52 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Fri, 16 Aug 2019 19:43:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Fri, 16 Aug 2019 19:43:52 GMT
site.css
clickintelligence.co.uk/wp-admin/user/DoCuSigN/css/ 		145 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/css/site.css
Requested by
Host: clickintelligence.co.uk
URL: https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / W3 Total Cache/0.9.7.5
Resource Hash
d861b8dc9c3a7d5943e4b7547af6f646775ea8d286a92a7c0a76aa3c0146935b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 16 Aug 2019 19:43:53 GMT
content-encoding
br
cf-cache-status
HIT
age
4668
x-powered-by
W3 Total Cache/0.9.7.5
status
200
pragma
public
referrer-policy
last-modified
Tue, 20 Mar 2018 19:15:36 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"2447d-567dce6312600"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
cf-ray
5075e6517dddbee2-FRA
expires
Sun, 15 Sep 2019 18:26:08 GMT
jquery.js
clickintelligence.co.uk/wp-admin/user/DoCuSigN/js/ 		101 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/js/jquery.js
Requested by
Host: clickintelligence.co.uk
URL: https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / W3 Total Cache/0.9.7.5
Resource Hash
aa0034a3d565c8dda497b31b9b7c0c38bb47a51afb18a1cd070fe08f478ef4c3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 16 Aug 2019 19:43:53 GMT
content-encoding
br
cf-cache-status
HIT
age
4667
x-powered-by
W3 Total Cache/0.9.7.5
status
200
pragma
public
referrer-policy
last-modified
Tue, 20 Mar 2018 19:15:40 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"19416-567dce66e2f00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2592000
cf-ray
5075e6517ddebee2-FRA
expires
Sun, 15 Sep 2019 18:26:08 GMT
ios_gmail_icon.png
clickintelligence.co.uk/wp-admin/user/DoCuSigN/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/images/ios_gmail_icon.png
Requested by
Host: clickintelligence.co.uk
URL: https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / W3 Total Cache/0.9.7.5
Resource Hash
96091d584777cf202cfa01a0cfab804097f13a5b4581da32fb8a34a44462e7c6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 16 Aug 2019 19:43:52 GMT
cf-cache-status
HIT
age
4667
x-powered-by
W3 Total Cache/0.9.7.5
status
200
content-length
4162
pragma
public
referrer-policy
last-modified
Tue, 20 Mar 2018 19:15:38 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"1278-567dce64faa80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
expires
Tue, 15 Oct 2019 18:26:08 GMT
cache-control
max-age=5184000
cf-polished
origSize=4728, status=webp_bigger
accept-ranges
bytes
cf-ray
5075e6517ddfbee2-FRA
cf-bgj
imgq:85
R2CkTs2S_400x400.png
clickintelligence.co.uk/wp-admin/user/DoCuSigN/images/ 		466 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/images/R2CkTs2S_400x400.png
Requested by
Host: clickintelligence.co.uk
URL: https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / W3 Total Cache/0.9.7.5
Resource Hash
f5c12546f360cb73b5fb1408986f44f00166fac29f5e7d699bb68392c20d4b3e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 16 Aug 2019 19:43:52 GMT
cf-cache-status
HIT
age
4667
x-powered-by
W3 Total Cache/0.9.7.5
status
200
content-disposition
inline; filename="R2CkTs2S_400x400.webp"
content-length
466
pragma
public
referrer-policy
last-modified
Tue, 20 Mar 2018 19:15:38 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"505-567dce64faa80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Tue, 15 Oct 2019 18:26:08 GMT
cache-control
max-age=5184000
cf-polished
origFmt=png, origSize=1285
accept-ranges
bytes
cf-ray
5075e6517de0bee2-FRA
cf-bgj
imgq:85
live_id.png
clickintelligence.co.uk/wp-admin/user/DoCuSigN/images/ 		174 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/images/live_id.png
Requested by
Host: clickintelligence.co.uk
URL: https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / W3 Total Cache/0.9.7.5
Resource Hash
b6e4e3c524999d409f3399389016e7425b4cc915cb42391830bb4b413b24a8e4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 16 Aug 2019 19:43:52 GMT
cf-cache-status
HIT
age
4666
x-powered-by
W3 Total Cache/0.9.7.5
status
200
content-disposition
inline; filename="live_id.webp"
content-length
174
pragma
public
referrer-policy
last-modified
Tue, 20 Mar 2018 19:15:38 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"1b8-567dce64faa80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Tue, 15 Oct 2019 18:26:08 GMT
cache-control
max-age=5184000
cf-polished
origFmt=png, origSize=440
accept-ranges
bytes
cf-ray
5075e651adfebee2-FRA
cf-bgj
imgq:85
ggfffsss.png
clickintelligence.co.uk/wp-admin/user/DoCuSigN/images/ 		854 B
987 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/images/ggfffsss.png
Requested by
Host: clickintelligence.co.uk
URL: https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / W3 Total Cache/0.9.7.5
Resource Hash
cba3994f9c4d9469487287f04081f99fd291b6071f2fa4762bd834d6af3601be
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 16 Aug 2019 19:43:52 GMT
cf-cache-status
HIT
age
4666
x-powered-by
W3 Total Cache/0.9.7.5
status
200
content-disposition
inline; filename="ggfffsss.webp"
content-length
854
pragma
public
referrer-policy
last-modified
Tue, 20 Mar 2018 19:15:38 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"689-567dce64faa80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Tue, 15 Oct 2019 18:26:08 GMT
cache-control
max-age=5184000
cf-polished
origFmt=png, origSize=1673
accept-ranges
bytes
cf-ray
5075e651be05bee2-FRA
cf-bgj
imgq:85
office365logo.png
clickintelligence.co.uk/wp-admin/user/DoCuSigN/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/images/office365logo.png
Requested by
Host: clickintelligence.co.uk
URL: https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / W3 Total Cache/0.9.7.5
Resource Hash
fa2f45e83c5eb093bff0ce8de031516de2161ddf893899310bfd23a66276bfd7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 16 Aug 2019 19:43:52 GMT
cf-cache-status
HIT
age
4666
x-powered-by
W3 Total Cache/0.9.7.5
status
200
content-length
3501
pragma
public
referrer-policy
last-modified
Tue, 20 Mar 2018 19:15:38 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"4943-567dce64faa80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
expires
Tue, 15 Oct 2019 18:26:08 GMT
cache-control
max-age=5184000
cf-polished
origSize=18755, status=webp_bigger
accept-ranges
bytes
cf-ray
5075e651ce12bee2-FRA
cf-bgj
imgq:85
modernizr.js
clickintelligence.co.uk/wp-admin/user/DoCuSigN/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/js/modernizr.js
Requested by
Host: clickintelligence.co.uk
URL: https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / W3 Total Cache/0.9.7.5
Resource Hash
3333a0b1f1d2031bea53021a8ea5ace8ff2814381f70ec19126f17975060b985
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 16 Aug 2019 19:43:52 GMT
content-encoding
br
cf-cache-status
HIT
age
4666
x-powered-by
W3 Total Cache/0.9.7.5
status
200
pragma
public
referrer-policy
last-modified
Tue, 20 Mar 2018 19:15:40 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"2e81-567dce66e2f00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2592000
cf-ray
5075e6518decbee2-FRA
expires
Sun, 15 Sep 2019 18:26:08 GMT
scripts.js
clickintelligence.co.uk/wp-admin/user/DoCuSigN/js/ 		519 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/js/scripts.js
Requested by
Host: clickintelligence.co.uk
URL: https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / W3 Total Cache/0.9.7.5
Resource Hash
f4b013459ec08eac601b9062849965844f311e9c1dd0b3e37d68dbe6976900c7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 16 Aug 2019 19:43:52 GMT
content-encoding
br
cf-cache-status
HIT
age
4666
x-powered-by
W3 Total Cache/0.9.7.5
status
200
pragma
public
referrer-policy
last-modified
Tue, 20 Mar 2018 19:15:40 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"81da2-567dce66e2f00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2592000
cf-ray
5075e6518df1bee2-FRA
expires
Sun, 15 Sep 2019 18:26:08 GMT
css
fonts.googleapis.com/ 		0
0
dfA9LLf.png
i.imgur.com/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.imgur.com/dfA9LLf.png
Requested by
Host: clickintelligence.co.uk
URL: https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/
Protocol
HTTP/1.1
Security
, ,
Server
151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
744979e5ea01429ed85799be4a13370803085222cd8a79ca8c0bab36a0159491

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 16 Aug 2019 19:43:53 GMT
Age
810832
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29640
X-Served-By
cache-bwi5147-BWI, cache-fra19169-FRA
Last-Modified
Tue, 30 Jun 2015 18:55:54 GMT
Server
cat factory 1.0
X-Timer
S1565984633.329124,VS0,VE2
ETag
"f39717b675a1f6040e3d062985aa36b2"
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
cache-control
public, max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
1, 1
logo-dstr-login.png
www.clickintelligence.co.uk/images/
Redirect Chain
  • https://clickintelligence.co.uk/images/logo-dstr-login.png
  • https://www.clickintelligence.co.uk/images/logo-dstr-login.png
64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.clickintelligence.co.uk/images/logo-dstr-login.png
Requested by
Host: clickintelligence.co.uk
URL: https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dca4fac5527699d997dda317019bd12f450798168fbdc9a34cb4ee8428fb6bfb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/css/site.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 16 Aug 2019 19:43:55 GMT
content-encoding
br
referrer-policy
cf-cache-status
EXPIRED
server
cloudflare
link
<https://www.clickintelligence.co.uk/wp-json/>; rel="https://api.w.org/", </wp-content/cache/minify/c7035.js>; rel=preload; as=script, </wp-content/cache/minify/05ae5.js>; rel=preload; as=script, </wp-content/cache/minify/f24b6.css>; rel=preload; as=style, </wp-content/cache/minify/bb07c.css>; rel=preload; as=style, </wp-content/cache/minify/129cf.css>; rel=preload; as=style
cf-h2-pushed
</wp-content/cache/minify/c7035.js>,</wp-content/cache/minify/05ae5.js>,</wp-content/cache/minify/f24b6.css>,</wp-content/cache/minify/bb07c.css>,</wp-content/cache/minify/129cf.css>
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
status
404
cf-ray
5075e6564cb1bee2-FRA
vary
Accept-Encoding

Redirect headers

date
Fri, 16 Aug 2019 19:43:53 GMT
cf-cache-status
HIT
age
4667
x-redirect-by
WordPress
status
301
pragma
public
referrer-policy
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://www.clickintelligence.co.uk/images/logo-dstr-login.png
cache-control
max-age=5184000
cf-ray
5075e6561c61bee2-FRA
expires
Tue, 15 Oct 2019 18:26:09 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: clickintelligence.co.uk
URL: https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Origin
https://clickintelligence.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 12 Aug 2019 20:01:34 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
344539
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
9132
x-xss-protection
0
expires
Tue, 11 Aug 2020 20:01:34 GMT
ctv-icon-sprite.png
www.clickintelligence.co.uk/images/
Redirect Chain
  • https://clickintelligence.co.uk/images/ctv-icon-sprite.png
  • https://www.clickintelligence.co.uk/images/ctv-icon-sprite.png
64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.clickintelligence.co.uk/images/ctv-icon-sprite.png
Requested by
Host: clickintelligence.co.uk
URL: https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3160c747b76831bd319d7d6680a797e12664ac8447f8b93f2e9a2d7a95f907fa
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/css/site.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 16 Aug 2019 19:43:54 GMT
content-encoding
br
referrer-policy
cf-cache-status
UPDATING
server
cloudflare
age
2495
cf-h2-pushed
</wp-content/cache/minify/c7035.js>,</wp-content/cache/minify/05ae5.js>,</wp-content/cache/minify/f24b6.css>,</wp-content/cache/minify/bb07c.css>,</wp-content/cache/minify/129cf.css>
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
status
404
link
<https://www.clickintelligence.co.uk/wp-json/>; rel="https://api.w.org/", </wp-content/cache/minify/c7035.js>; rel=preload; as=script, </wp-content/cache/minify/05ae5.js>; rel=preload; as=script, </wp-content/cache/minify/f24b6.css>; rel=preload; as=style, </wp-content/cache/minify/bb07c.css>; rel=preload; as=style, </wp-content/cache/minify/129cf.css>; rel=preload; as=style
cf-ray
5075e6564cb2bee2-FRA
vary
Accept-Encoding

Redirect headers

date
Fri, 16 Aug 2019 19:43:53 GMT
cf-cache-status
HIT
age
4667
x-redirect-by
WordPress
status
301
pragma
public
referrer-policy
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://www.clickintelligence.co.uk/images/ctv-icon-sprite.png
cache-control
max-age=5184000
cf-ray
5075e6561c66bee2-FRA
expires
Tue, 15 Oct 2019 18:26:09 GMT
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Requested by
Host: clickintelligence.co.uk
URL: https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Origin
https://clickintelligence.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 12 Aug 2019 16:54:08 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:44 GMT
server
sffe
age
355785
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
9180
x-xss-protection
0
expires
Tue, 11 Aug 2020 16:54:08 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: clickintelligence.co.uk
URL: https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
cec3748d0c3da4700300d5424aaea375b03550b0ee8b3dd38e242c4022261446
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 29 Jul 2019 21:35:27 GMT
server
Golfe2
age
443
date
Fri, 16 Aug 2019 19:36:30 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17724
expires
Fri, 16 Aug 2019 21:36:30 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j78&a=803549866&t=pageview&_s=1&dl=https%3A%2F%2Fclickintelligence.co.uk%2Fwp-admin%2Fuser%2FDoCuSigN%2F&ul=en-us&de=UTF-8&dt=Sign%20In%20-%20DocuS...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-39550292-1&cid=461246570.1565984633&jid=1627041345&_gid=1638536215.1565984633&gjid=748152007&_v=j78&z=352555792
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-39550292-1&cid=461246570.1565984633&jid=1627041345&_v=j78&z=352555792
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-39550292-1&cid=461246570.1565984633&jid=1627041345&_v=j78&z=352555792&slf_rd=1&random=980293220
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-39550292-1&cid=461246570.1565984633&jid=1627041345&_v=j78&z=352555792&slf_rd=1&random=980293220
Requested by
Host: clickintelligence.co.uk
URL: https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Aug 2019 19:43:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Aug 2019 19:43:53 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-39550292-1&cid=461246570.1565984633&jid=1627041345&_v=j78&z=352555792&slf_rd=1&random=980293220
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c7035.js
www.clickintelligence.co.uk/wp-content/cache/minify/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clickintelligence.co.uk/wp-content/cache/minify/c7035.js
Requested by
Host: clickintelligence.co.uk
URL: https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / W3 Total Cache/0.9.7.5
Resource Hash
940218cf93b5972b9d0dbe1fb6651bd377cca9c963a29a867360541a937645a8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 16 Aug 2019 19:43:54 GMT
content-encoding
br
cf-cache-status
HIT
age
3905
x-powered-by
W3 Total Cache/0.9.7.5
status
200
pragma
public
referrer-policy
last-modified
Fri, 16 Aug 2019 16:43:34 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"17a65-5903eb0ef90e2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2592000
cf-ray
5075e65c7ca5bee2-FRA
expires
Sun, 15 Sep 2019 18:38:52 GMT
05ae5.js
www.clickintelligence.co.uk/wp-content/cache/minify/ 		147 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clickintelligence.co.uk/wp-content/cache/minify/05ae5.js
Requested by
Host: clickintelligence.co.uk
URL: https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / W3 Total Cache/0.9.7.5
Resource Hash
9fb5a47d68d4e427ef620ebc97ef51341669d39eea2f6eda16913b35707094d0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 16 Aug 2019 19:43:54 GMT
content-encoding
br
cf-cache-status
HIT
age
573
x-powered-by
W3 Total Cache/0.9.7.5
status
200
pragma
public
referrer-policy
last-modified
Fri, 16 Aug 2019 16:44:41 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"24a4d-5903eb4ead8cb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2592000
cf-ray
5075e65c7ca7bee2-FRA
expires
Sun, 15 Sep 2019 19:34:24 GMT
f24b6.css
www.clickintelligence.co.uk/wp-content/cache/minify/ 		351 KB
75 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.clickintelligence.co.uk/wp-content/cache/minify/f24b6.css
Requested by
Host: clickintelligence.co.uk
URL: https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / W3 Total Cache/0.9.7.5
Resource Hash
4bbc8c542a33ab249a86cf68e3fb407bb1ccee406e0a9bf0e77669d3c5380c7b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 16 Aug 2019 19:43:54 GMT
content-encoding
br
cf-cache-status
HIT
age
3905
x-powered-by
W3 Total Cache/0.9.7.5
status
200
pragma
public
referrer-policy
last-modified
Fri, 16 Aug 2019 16:44:48 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5db0e-5903eb5572247"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
expires
Sun, 15 Sep 2019 18:38:52 GMT
cache-control
max-age=2592000
cf-polished
origSize=383758
cf-ray
5075e65c7ca8bee2-FRA
cf-bgj
minify
bb07c.css
www.clickintelligence.co.uk/wp-content/cache/minify/ 		507 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.clickintelligence.co.uk/wp-content/cache/minify/bb07c.css
Requested by
Host: clickintelligence.co.uk
URL: https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / W3 Total Cache/0.9.7.5
Resource Hash
cf79d69249a5a1a535defd1a5a69c8be80e3c16fa3dbbbaeb204ae712ca98678
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 16 Aug 2019 19:43:54 GMT
content-encoding
br
cf-cache-status
HIT
age
3905
x-powered-by
W3 Total Cache/0.9.7.5
status
200
pragma
public
referrer-policy
last-modified
Fri, 16 Aug 2019 16:44:40 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"7ea7f-5903eb4e0d222"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
expires
Sun, 15 Sep 2019 18:38:52 GMT
cache-control
max-age=2592000
cf-polished
origSize=518783
cf-ray
5075e65c7ca9bee2-FRA
cf-bgj
minify
129cf.css
www.clickintelligence.co.uk/wp-content/cache/minify/ 		150 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.clickintelligence.co.uk/wp-content/cache/minify/129cf.css
Requested by
Host: clickintelligence.co.uk
URL: https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / W3 Total Cache/0.9.7.5
Resource Hash
185fc1b5c3ab8860cb39b1240af0b6ee7f7496c83b803baf9b4b190b4ecd683c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://clickintelligence.co.uk/wp-admin/user/DoCuSigN/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 16 Aug 2019 19:43:54 GMT
content-encoding
br
cf-cache-status
HIT
age
577
x-powered-by
W3 Total Cache/0.9.7.5
status
200
pragma
public
referrer-policy
last-modified
Fri, 16 Aug 2019 16:43:34 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"25a40-5903eb0f80911"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
expires
Sun, 15 Sep 2019 19:34:20 GMT
cache-control
max-age=2592000
cf-polished
origSize=154176
cf-ray
5075e65c7caabee2-FRA
cf-bgj
minify

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic (Online)

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery object| html5 object| Modernizr function| yepnope object| Foundation object| Mustache function| purl object| Select2 object| jQuery111008616652342822146 object| plupload function| SimpleWidget object| Tree object| ctv string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
.clickintelligence.co.uk/ Name: _gat
Value: 1
.clickintelligence.co.uk/ Name: __cfduid
Value: d304619171370d8ecfc0a4e4a0f6a73bf1565984634
.clickintelligence.co.uk/ Name: _gid
Value: GA1.3.1638536215.1565984633
.clickintelligence.co.uk/ Name: _ga
Value: GA1.3.461246570.1565984633

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

clickintelligence.co.uk
fonts.googleapis.com
fonts.gstatic.com
i.imgur.com
stats.g.doubleclick.net
www.clickintelligence.co.uk
www.google-analytics.com
www.google.com
www.google.de
fonts.googleapis.com
151.101.12.193
2606:4700:20::6818:622
2a00:1450:4001:806::200a
2a00:1450:4001:815::200e
2a00:1450:4001:816::2003
2a00:1450:4001:816::2004
2a00:1450:4001:817::2003
2a00:1450:400c:c04::9c
0d9b67625f262e1eba2b5294ffbd97db236096233fb4fbb4b5cb01e8defffe1b
185fc1b5c3ab8860cb39b1240af0b6ee7f7496c83b803baf9b4b190b4ecd683c
3160c747b76831bd319d7d6680a797e12664ac8447f8b93f2e9a2d7a95f907fa
3333a0b1f1d2031bea53021a8ea5ace8ff2814381f70ec19126f17975060b985
4bbc8c542a33ab249a86cf68e3fb407bb1ccee406e0a9bf0e77669d3c5380c7b
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
744979e5ea01429ed85799be4a13370803085222cd8a79ca8c0bab36a0159491
940218cf93b5972b9d0dbe1fb6651bd377cca9c963a29a867360541a937645a8
96091d584777cf202cfa01a0cfab804097f13a5b4581da32fb8a34a44462e7c6
9fb5a47d68d4e427ef620ebc97ef51341669d39eea2f6eda16913b35707094d0
aa0034a3d565c8dda497b31b9b7c0c38bb47a51afb18a1cd070fe08f478ef4c3
b6e4e3c524999d409f3399389016e7425b4cc915cb42391830bb4b413b24a8e4
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
cba3994f9c4d9469487287f04081f99fd291b6071f2fa4762bd834d6af3601be
cec3748d0c3da4700300d5424aaea375b03550b0ee8b3dd38e242c4022261446
cf79d69249a5a1a535defd1a5a69c8be80e3c16fa3dbbbaeb204ae712ca98678
d861b8dc9c3a7d5943e4b7547af6f646775ea8d286a92a7c0a76aa3c0146935b
dca4fac5527699d997dda317019bd12f450798168fbdc9a34cb4ee8428fb6bfb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4b013459ec08eac601b9062849965844f311e9c1dd0b3e37d68dbe6976900c7
f5c12546f360cb73b5fb1408986f44f00166fac29f5e7d699bb68392c20d4b3e
fa2f45e83c5eb093bff0ce8de031516de2161ddf893899310bfd23a66276bfd7
fefc9e721312a667ca73b8ff3e94ddfe2683a370e6a3dd4983062f6ff670bd21