ssl.clickbank.net Open in urlscan Pro
13.224.214.3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sugardefender3.preactivo.com/
Effective URL:
https://ssl.clickbank.net/order/orderform.html?time=1708455864&vvvv=7375676172646566&cbskin=44077&cbexit=3666&cbtimer=2101...
Submission: On February 24 via api (February 24th 2024, 4:17:03 pm UTC) from US — Scanned from US

Summary HTTP 108 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 1 countries across 16 domains to perform 108 HTTP transactions. The main IP is 13.224.214.3, located in and belongs to . The main domain is ssl.clickbank.net.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on August 21st 2023. Valid for: a year.

This is the only time ssl.clickbank.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Email (Online)

Domain & IP information

	IP Address	AS Autonomous System
19	108.167.171.79 108.167.171.79	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
2	2607:f8b0:400... 2607:f8b0:4004:c1b::5f	15169 (GOOGLE) (GOOGLE)
1 1	54.203.104.176 54.203.104.176	16509 (AMAZON-02) (AMAZON-02)
35	2606:4700:20:... 2606:4700:20::681a:d9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2607:f8b0:400... 2607:f8b0:4004:c1d::5e	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:400... 2a04:4e42:400::729	54113 (FASTLY) (FASTLY)
3	2607:f8b0:400... 2607:f8b0:4004:c08::61	15169 (GOOGLE) (GOOGLE)
1	44.231.144.135 44.231.144.135	16509 (AMAZON-02) (AMAZON-02)
4	13.224.214.87 13.224.214.87	16509 (AMAZON-02) (AMAZON-02)
3	68.70.204.1 68.70.204.1	() ()
1	34.120.195.249 34.120.195.249	() ()
1 21	13.224.214.3 13.224.214.3	() ()
1	52.143.247.24 52.143.247.24	() ()
1	54.148.115.137 54.148.115.137	() ()
3	2607:f8b0:400... 2607:f8b0:4004:c06::66	() ()
2	3.19.8.217 3.19.8.217	() ()
1	35.81.31.24 35.81.31.24	() ()
1	2607:f8b0:400... 2607:f8b0:4004:c07::9b	() ()
108	18

19 108.167.171.79 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 108-167-171-79.unifiedlayer.com

sugardefender3.preactivo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1b::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.203.104.176 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-203-104-176.us-west-2.compute.amazonaws.com

993b3r24yepp1l7gwcbglzgnfw.hop.clickbank.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2606:4700:20::681a:d9 (United States)

ASN13335 (CLOUDFLARENET, US)

sugardefender24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c1d::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)

js.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c08::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.231.144.135 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-231-144-135.us-west-2.compute.amazonaws.com

cbtb.clickbank.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.224.214.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-87.phl50.r.cloudfront.net

prod.cbstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.70.204.1 (None, )

ASN- ()

seal-boise.bbb.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (None, )

ASN- ()

o4504992471580672.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 13.224.214.3 (None, ) 1 redirects

ASN- ()

ssl.clickbank.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.143.247.24 (None, )

ASN- ()

htp.tokenex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.148.115.137 (None, )

ASN- ()

prod02.kaxsdc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c06::66 (None, )

ASN- ()

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.19.8.217 (None, )

ASN- ()

seal.digicert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.81.31.24 (None, )

ASN- ()

ssl.kaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c07::9b (None, )

ASN- ()

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	sugardefender24.com sugardefender24.com — Cisco Umbrella Rank: 609351	1 MB
23	clickbank.net 2 redirects 993b3r24yepp1l7gwcbglzgnfw.hop.clickbank.net cbtb.clickbank.net — Cisco Umbrella Rank: 185022 ssl.clickbank.net	760 KB
19	preactivo.com sugardefender3.preactivo.com	336 KB
5	gstatic.com fonts.gstatic.com	47 KB
4	cbstatic.net prod.cbstatic.net — Cisco Umbrella Rank: 191087	65 KB
3	google-analytics.com www.google-analytics.com	21 KB
3	bbb.org seal-boise.bbb.org	10 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	253 KB
2	digicert.com seal.digicert.com	11 KB
2	sentry-cdn.com js.sentry-cdn.com — Cisco Umbrella Rank: 6311 browser.sentry-cdn.com — Cisco Umbrella Rank: 4725	71 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 32	3 KB
1	doubleclick.net stats.g.doubleclick.net	347 B
1	kaptcha.com ssl.kaptcha.com
1	kaxsdc.com prod02.kaxsdc.com	6 KB
1	tokenex.com htp.tokenex.com	4 KB
1	sentry.io o4504992471580672.ingest.sentry.io	590 B
108	16

	Domain	Requested by
35	sugardefender24.com	sugardefender3.preactivo.com sugardefender24.com
21	ssl.clickbank.net	1 redirects sugardefender3.preactivo.com ssl.clickbank.net ssl.kaptcha.com
19	sugardefender3.preactivo.com	sugardefender3.preactivo.com
5	fonts.gstatic.com	fonts.googleapis.com
4	prod.cbstatic.net	cbtb.clickbank.net browser.sentry-cdn.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	seal-boise.bbb.org	ssl.clickbank.net
3	www.googletagmanager.com	sugardefender24.com ssl.clickbank.net www.googletagmanager.com
2	seal.digicert.com	ssl.clickbank.net
2	fonts.googleapis.com	sugardefender3.preactivo.com sugardefender24.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ssl.kaptcha.com	ssl.clickbank.net
1	prod02.kaxsdc.com	ssl.clickbank.net
1	htp.tokenex.com	ssl.clickbank.net
1	o4504992471580672.ingest.sentry.io	browser.sentry-cdn.com
1	browser.sentry-cdn.com	js.sentry-cdn.com
1	cbtb.clickbank.net	sugardefender24.com
1	js.sentry-cdn.com	sugardefender24.com
1	993b3r24yepp1l7gwcbglzgnfw.hop.clickbank.net	1 redirects
108	19

This site contains no links.

Subject Issuer	Validity	Valid
www.sugardefender1.preactivo.com R3	`2024-02-21` - `2024-05-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
sugardefender24.com E1	`2024-02-17` - `2024-05-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-01` - `2024-09-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.clickbank.net Amazon RSA 2048 M03	`2024-01-09` - `2025-02-07`	a year	crt.sh
*.cbstatic.net Amazon RSA 2048 M02	`2023-07-19` - `2024-08-16`	a year	crt.sh
*.bbb.org DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-26` - `2024-04-25`	a year	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
ssl.clickbank.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-21` - `2024-08-28`	a year	crt.sh
api.tokenex.com Go Daddy Secure Certificate Authority - G2	`2024-01-08` - `2024-12-14`	a year	crt.sh
kaxsdc.com Sectigo RSA Organization Validation Secure Server CA	`2023-10-25` - `2024-10-24`	a year	crt.sh
seal.digicert.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-14` - `2025-01-30`	a year	crt.sh
ssl.kaptcha.com Sectigo RSA Organization Validation Secure Server CA	`2023-08-16` - `2024-08-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://ssl.clickbank.net/order/orderform.html?time=1708455864&vvvv=7375676172646566&cbskin=44077&cbexit=3666&cbtimer=2101&cbfid=55479&cbf=FC3RUV5V5G&cbitems=2&vvar=cbitems%3D2%26cbfid%3D55479%26cbskin%3D44077%26cbexit%3D3666%26cbtimer%3D2101&oaref=01.F2F27B82FC46354DA141FFC3BBBCE2F402F9402E93DCAEE98DA5C23431011BDF32E27B6F&corid=1e016d08-67a1-41b1-ab9f-94b6b63810bc
Frame ID: 903350CCF6B5E2819AC9A19F1B81765D
Requests: 51 HTTP requests in this frame

Frame: https://sugardefender24.com/c/order-now.php?hopId=26c7ff4b-b251-4c67-be1f-2ef297e86d0e
Frame ID: F8DCD3D92AC2BFB034C5CF18896C719A
Requests: 53 HTTP requests in this frame

Frame: https://ssl.clickbank.net/order/norton_logo.html;jsessionid=F414E8556310E6477FE2550CC6E4D0AA.AO1
Frame ID: 22E3467D4378D259C9A0FDB55740AF29
Requests: 3 HTTP requests in this frame

Frame: https://ssl.clickbank.net/order/orderform-kaptcha.html;jsessionid=F414E8556310E6477FE2550CC6E4D0AA.AO1?kaptchaUrl=https%3a%2f%2fssl.clickbank.net%2f&sessionId=GB5RUV66GQK366
Frame ID: 685F2238C3D4F032DD45357624B3C996
Requests: 1 HTTP requests in this frame

Frame: https://ssl.kaptcha.com/logo.htm?m=100100&s=GB5RUV66GQK366
Frame ID: 76D4ED495D78D1ED4FCD6C6E9D6A8A0F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://sugardefender3.preactivo.com/ Page URL
https://ssl.clickbank.net/order/orderform.html?time=1708455864&vvvv=7375676172646566&cbskin=44077&cbex... Page URL