app.clixlo.com Open in urlscan Pro
35.202.49.152 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://app.clixlo.com/v2/preview/
Effective URL:
https://app.clixlo.com/v2/preview/
Submission Tags: falconsandbox
Submission: On May 13 via api (May 13th 2022, 1:31:06 pm UTC) from US — Scanned from DE

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 1 countries across 4 domains to perform 16 HTTP transactions. The main IP is 35.202.49.152, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is app.clixlo.com.
TLS certificate: Issued by R3 on April 26th 2022. Valid for: 3 months.

This is the only time app.clixlo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	35.202.49.152 35.202.49.152	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::15	15169 (GOOGLE) (GOOGLE)
6	35.244.153.18 35.244.153.18	15169 (GOOGLE) (GOOGLE)
3	18.66.248.116 18.66.248.116	16509 (AMAZON-02) (AMAZON-02)
2	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
2	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
1	54.148.89.44 54.148.89.44	16509 (AMAZON-02) (AMAZON-02)
16	7

2 35.202.49.152 (Council Bluffs, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 152.49.202.35.bc.googleusercontent.com

app.clixlo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::15 (United States)

ASN15169 (GOOGLE, US)

msgsndr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.244.153.18 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 18.153.244.35.bc.googleusercontent.com

cdn.msgsndr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.248.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-116.dus51.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.128.176 (United States)

ASN54113 (FASTLY, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.148.89.44 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-89-44.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	msgsndr.com msgsndr.com — Cisco Umbrella Rank: 52196 cdn.msgsndr.com — Cisco Umbrella Rank: 80427	333 KB
6	stripe.com js.stripe.com — Cisco Umbrella Rank: 1068 q.stripe.com — Cisco Umbrella Rank: 6349 m.stripe.com — Cisco Umbrella Rank: 943	85 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1115	17 KB
2	clixlo.com 1 redirects app.clixlo.com	18 KB
16	4

	Domain	Requested by
6	cdn.msgsndr.com	app.clixlo.com cdn.msgsndr.com
3	js.stripe.com	cdn.msgsndr.com js.stripe.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	q.stripe.com	app.clixlo.com
2	app.clixlo.com	1 redirects
1	m.stripe.com	m.stripe.network
1	msgsndr.com	app.clixlo.com
16	7

This site contains no links.

Subject Issuer	Validity	Valid
app.clixlo.com R3	`2022-04-26` - `2022-07-25`	3 months	crt.sh
msgsndr.com GTS CA 1D4	`2022-05-01` - `2022-07-30`	3 months	crt.sh
cdn.msgsndr.com GTS CA 1D4	`2022-04-13` - `2022-07-12`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-04-19` - `2022-08-05`	4 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2022-06-09`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-11` - `2022-08-03`	4 months	crt.sh

This page contains 3 frames:

Primary Page: https://app.clixlo.com/v2/preview/
Frame ID: B919D82748F5D532BB346AEE289C414B
Requests: 9 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-08a68483638f1673180e789f690b2a14.html
Frame ID: 62FB526A29B1D53FD04A9ECF717C0949
Requests: 3 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 5EBF9953406464E6C947E37484170193
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://app.clixlo.com/v2/preview/ HTTP 301
https://app.clixlo.com/v2/preview/ Page URL

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

16
Requests

100 %
HTTPS

14 %
IPv6

4
Domains

7
Subdomains

7
IPs

1
Countries

453 kB
Transfer

1858 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://app.clixlo.com/v2/preview/ HTTP 301
https://app.clixlo.com/v2/preview/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

500

Primary Request / Show response
app.clixlo.com/v2/preview/
Redirect Chain

http://app.clixlo.com/v2/preview/
https://app.clixlo.com/v2/preview/

169 KB
18 KB

1148ms
896ms

Document
text/html

35.202.49.152
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://app.clixlo.com/v2/preview/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.202.49.152 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 152.49.202.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 2c756b3e204f58a61ae8377e8a0a19d8b14d74f2e75e198ed7a2282b6a948443

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: none
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 13 May 2022 13:31:01 GMT
server: openresty
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 166
Content-Type: text/html
Date: Fri, 13 May 2022 13:30:59 GMT
Location: https://app.clixlo.com/v2/preview/
Server: openresty

GET
H2 200 user_session.js Show response
msgsndr.com/js/ 7 KB
3 KB 171ms
129ms Script
application/javascript 2001:4860:4802:32::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://msgsndr.com/js/user_session.js

Requested by

Host: app.clixlo.com
URL: https://app.clixlo.com/v2/preview/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

2fddb0152b7827669035a54fcc3b4bf03c675b80fa6ec0ec48478e581db914de

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.clixlo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=2592000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
server: Google Frontend
etag: "z45x8w"
x-frame-options: sameorigin
content-type: application/javascript
x-cloud-trace-context: 645c71cb8ee40592d6166389766ffefb
cache-control: no-cache, must-revalidate
date: Fri, 13 May 2022 13:31:01 GMT
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 0c92738.js Show response
cdn.msgsndr.com/_preview/ 2 KB
2 KB 59ms
15ms Script
application/javascript 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.msgsndr.com/_preview/0c92738.js
Requested by: Host: app.clixlo.com
URL: https://app.clixlo.com/v2/preview/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.153.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0ffde426e63c9b01a9ee9eabb4cef766eebb86ce5002168d5bbb1438f60358f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.clixlo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 10:49:35 GMT
content-encoding: gzip
age: 96086
x-guploader-uploadid: ADPycduqdqtNU-e3eTQwrIYnQpjb32DoGNDLYpOLfM-6R430o5XHQirljxM1b1cWep2IkH8tn2-R80No6R_1bcXt4p0wa2fO80Tu
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1261
last-modified: Thu, 12 May 2022 10:45:32 GMT
server: UploadServer
etag: "14b610bc8d3ab9dbeeabc7c24720f4d0"
x-goog-hash: crc32c=UJraHg==, md5=FLYQvI06udvuq8fCRyD00A==
x-goog-generation: 1652352332732991
access-control-allow-origin: *
cache-control: public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length: 1261
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 12 May 2023 10:49:35 GMT

GET
H2 200 9c52044.js Show response
cdn.msgsndr.com/_preview/ 9 KB
4 KB 16ms
15ms Script
application/javascript 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.msgsndr.com/_preview/9c52044.js
Requested by: Host: app.clixlo.com
URL: https://app.clixlo.com/v2/preview/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.153.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 53528fc9b763ea9c89d300490dd96f0f73acee819dfca9399b6001e3220a99ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.clixlo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 10:53:32 GMT
content-encoding: gzip
age: 95849
x-guploader-uploadid: ADPycdupQwvGMQLybdKu9PSLs95sV0HcoRRyp-S5fn-bPAu_nrl-zKxE0YZD82g66WkgpbNr2NScGpPinE_3gp442bVRM9xqz1SS
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3542
last-modified: Thu, 12 May 2022 10:45:35 GMT
server: UploadServer
etag: "9cc042f48b96dc02db694a1eaa759a16"
x-goog-hash: crc32c=sLjeXw==, md5=nMBC9IuW3ALbaUoeqnWaFg==
x-goog-generation: 1652352335275615
access-control-allow-origin: *
cache-control: public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length: 3542
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 12 May 2023 10:53:32 GMT

GET
H2 200 0420568.js Show response
cdn.msgsndr.com/_preview/ 277 KB
93 KB 16ms
16ms Script
application/javascript 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.msgsndr.com/_preview/0420568.js
Requested by: Host: app.clixlo.com
URL: https://app.clixlo.com/v2/preview/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.153.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7aa5807a1890755275bbd9fc7926984eadb155cb9f0d9003814a6c0c09d88df0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.clixlo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 10:49:35 GMT
content-encoding: gzip
age: 96086
x-guploader-uploadid: ADPycds8FzulU1VP9yj1rUyDRbWR1cIAaQcsaxODlykRAMmskH7FhTRRaTtiQ0VMMB5GtvrOmsQB364hNzAko5gjiMfk6A
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95102
last-modified: Thu, 12 May 2022 10:45:32 GMT
server: UploadServer
etag: "6770468ce8cd23c76d3f50edf26a225e"
x-goog-hash: crc32c=FpDNlA==, md5=Z3BGjOjNI8dtP1Dt8moiXg==
x-goog-generation: 1652352332466954
access-control-allow-origin: *
cache-control: public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length: 95102
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 12 May 2023 10:49:35 GMT

GET
H2 200 eadd5c6.js Show response
cdn.msgsndr.com/_preview/ 244 KB
75 KB 36ms
36ms Script
application/javascript 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.msgsndr.com/_preview/eadd5c6.js
Requested by: Host: app.clixlo.com
URL: https://app.clixlo.com/v2/preview/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.153.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b73c2e73bb86d8bea60bdf60e259bdab773cf0aaeb762e0839dac17b2884944f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.clixlo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 10:49:35 GMT
content-encoding: gzip
age: 96086
x-guploader-uploadid: ADPycdsT9rINwTwAfbJ3XI2BiIE82iSHT7veDXsV6AvRr1ZZB7k6AjmT1_w6Cj6qn4_Y1CYUVXIaFf1OkPnMOymbjKgnL1EeiMDS
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76132
last-modified: Thu, 12 May 2022 10:45:35 GMT
server: UploadServer
etag: "179366873f675f727d33e502dc5ccbc9"
x-goog-hash: crc32c=WjhTBg==, md5=F5Nmhz9nX3J9M+UC3FzLyQ==
x-goog-generation: 1652352335742010
access-control-allow-origin: *
cache-control: public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length: 76132
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 12 May 2023 10:49:35 GMT

GET
H2 200 8e9e5e3.js Show response
cdn.msgsndr.com/_preview/ 743 KB
152 KB 40ms
39ms Script
application/javascript 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.msgsndr.com/_preview/8e9e5e3.js
Requested by: Host: app.clixlo.com
URL: https://app.clixlo.com/v2/preview/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.153.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 1a4e1586213e1c67b8fa90df793fac4112605d7460f53fe7548872c56f225ee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.clixlo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 06:25:59 GMT
content-encoding: gzip
age: 25502
x-guploader-uploadid: ADPycdud2kM1tIQdvZwvZyhrGDi4qFkoqnI-ch0OVR-6FfZ2wnrMrMtOcAbIoyYMA6tIBwv-DL7ENC8r5VkOaDQ-bCG6_TTLpcsi
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 155324
last-modified: Fri, 13 May 2022 06:20:58 GMT
server: UploadServer
etag: "1316b1213ef7a0ff5a790b090419b030"
x-goog-hash: crc32c=GDDkPg==, md5=ExaxIT73oP9aeQsJBBmwMA==
x-goog-generation: 1652422858779304
access-control-allow-origin: *
cache-control: public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length: 155324
accept-ranges: bytes
content-type: application/javascript
expires: Sat, 13 May 2023 06:25:59 GMT

GET
H2 200 v3 Show response
js.stripe.com/ 308 KB
81 KB 61ms
12ms Script
application/javascript 18.66.248.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: cdn.msgsndr.com
URL: https://cdn.msgsndr.com/_preview/eadd5c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-116.dus51.r.cloudfront.net

Software

Cloudfront /

Resource Hash

31a5cf9abd037653db34f252c848918bc7d827e5dc26ab3a2571210d6c0f0b2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.clixlo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 13:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50
x-cache: Hit from cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-origin: *
last-modified: Thu, 12 May 2022 20:10:04 GMT
server: Cloudfront
etag: W/"8ff566edd5e54a96ac1be2fed95c4957"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 cd8cc1ff175a63c59feeb56bb3687766.cloudfront.net (CloudFront)
cache-control: max-age=60
x-amz-cf-pop: DUS51-P1
timing-allow-origin: *
x-amz-cf-id: GwRt2hcIG3KnHC1Utmshgmq2T1lkIHbBKc2Ouv-ZBcTXPvqXHC48OA==

GET
H3 200 0e45fec.js Show response
cdn.msgsndr.com/_preview/ 11 KB
4 KB 14ms
14ms Script
application/javascript 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.msgsndr.com/_preview/0e45fec.js
Requested by: Host: cdn.msgsndr.com
URL: https://cdn.msgsndr.com/_preview/0c92738.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.153.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f35ad487da6a035580fb5813895e5fa47685ed3844664299f9c6cfd8aad371db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.clixlo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 10:51:12 GMT
content-encoding: gzip
age: 95989
x-guploader-uploadid: ADPycdvRF04CXCiIQ-lS5jgwS5i_T6g0TKay4txO6osjXiWQiONL-DGSpaAFILwVlXTIxLJiBAV9y70ff3Z1TifC8d3zw67LKsI_
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
last-modified: Thu, 12 May 2022 10:45:33 GMT
server: UploadServer
etag: "121e1878e36b814680b4c929164b0da3"
x-goog-hash: crc32c=JOqvMg==, md5=Eh4YeONrgUaAtMkpFksNow==
x-goog-generation: 1652352332952623
access-control-allow-origin: *
cache-control: public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length: 4196
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 12 May 2023 10:51:12 GMT

GET
H2 200 m-outer-08a68483638f1673180e789f690b2a14.html Show response
js.stripe.com/v3/ Frame 62FB 240 B
980 B 11ms
11ms Document
text/html 18.66.248.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-08a68483638f1673180e789f690b2a14.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-116.dus51.r.cloudfront.net

Software

Cloudfront /

Resource Hash

eaf2bd3d92596d7daa1105013ab1a9df04c5638908c58a816aebedd3d299aefd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.clixlo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 723
cache-control: max-age=31536000
content-length: 240
content-security-policy: default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 13 May 2022 13:18:58 GMT
etag: "08a68483638f1673180e789f690b2a14"
last-modified: Mon, 02 May 2022 23:16:40 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 cd8cc1ff175a63c59feeb56bb3687766.cloudfront.net (CloudFront)
x-amz-cf-id: X-clX-itVtgOQ2QfPMOyLt87Us6nATAeRTp0kC0uD6DlHnnxSyWH2A==
x-amz-cf-pop: DUS51-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame 62FB 0
571 B 520ms
172ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.clixlo.com
URL: https://app.clixlo.com/v2/preview/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 13 May 2022 13:31:02 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-a862395be942d34811e19def0b9ea803.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 62FB 1 KB
1 KB 11ms
11ms Script
application/javascript 18.66.248.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-a862395be942d34811e19def0b9ea803.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-08a68483638f1673180e789f690b2a14.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-116.dus51.r.cloudfront.net

Software

Cloudfront /

Resource Hash

32efd3c886b0811738301f293d38482b2b18f34a7d2b5ed6dd197fd08c821815

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-08a68483638f1673180e789f690b2a14.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 31
x-cache: Hit from cloudfront
date: Fri, 13 May 2022 13:30:31 GMT
via: 1.1 cd8cc1ff175a63c59feeb56bb3687766.cloudfront.net (CloudFront)
last-modified: Mon, 02 May 2022 23:16:41 GMT
server: Cloudfront
etag: W/"799080ebea6eade0766c4725741ce6bf"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: DUS51-P1
timing-allow-origin: *
x-amz-cf-id: skEEiwW29QGXc0_jO9ONTlLoo42t5ZzCLGN-o-7GPENZBiIh1Wb2DQ==

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 5EBF 930 B
1 KB 49ms
7ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-a862395be942d34811e19def0b9ea803.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 104
cache-control: max-age=300, public
content-encoding: gzip
content-length: 527
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 13 May 2022 13:31:01 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 114
x-content-type-options: nosniff
x-request-id: ed8f232e-b56b-47a0-817e-f939e5a634fa
x-served-by: cache-fra19126-FRA
x-timer: S1652448662.710160,VS0,VE0

POST
H2 200 csp-report
q.stripe.com/ Frame 5EBF 0
344 B 452ms
173ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.clixlo.com
URL: https://app.clixlo.com/v2/preview/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Fri, 13 May 2022 13:31:02 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 3
x-robots-tag: none
content-length: 0
x-content-type-options: nosniff
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 5EBF 86 KB
16 KB 7ms
7ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 147
x-cache: HIT
content-length: 16031
x-request-id: 88fbf144-84be-4555-9220-66df6fce0c12
x-served-by: cache-fra19126-FRA
server: Fastly
x-timer: S1652448662.723688,VS0,VE0
date: Fri, 13 May 2022 13:31:01 GMT
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 143

POST
H2 200 6 Show response
m.stripe.com/ Frame 5EBF 156 B
523 B 750ms
235ms XHR
application/json 54.148.89.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.148.89.44 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-148-89-44.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

70468dcaa6214b800fef5e26f8968070ba44c160c0ebac57b3eb371aca9617fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 13 May 2022 13:31:02 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
m.stripe.com/	1970-01-20 20:32:00	Name: m Value: 9a08cdb9-6085-451c-b3bc-0dce5ee6c3d85f3c9f
.app.clixlo.com/	1970-01-20 11:46:24	Name: __stripe_mid Value: 58f5e3a7-4650-4dd7-b455-1afd3168a3f2cc9ae5
.app.clixlo.com/	1970-01-20 03:00:50	Name: __stripe_sid Value: 3df708d2-39fd-433e-9e47-31389c5f226fc75dfc

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://app.clixlo.com/v2/preview/ Message: Failed to load resource: the server responded with a status of 500 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.clixlo.com
cdn.msgsndr.com
js.stripe.com
m.stripe.com
m.stripe.network
msgsndr.com
q.stripe.com
151.101.128.176
18.66.248.116
2001:4860:4802:32::15
35.202.49.152
35.244.153.18
54.148.89.44
54.187.119.242
0ffde426e63c9b01a9ee9eabb4cef766eebb86ce5002168d5bbb1438f60358f4
1a4e1586213e1c67b8fa90df793fac4112605d7460f53fe7548872c56f225ee3
2c756b3e204f58a61ae8377e8a0a19d8b14d74f2e75e198ed7a2282b6a948443
2fddb0152b7827669035a54fcc3b4bf03c675b80fa6ec0ec48478e581db914de
31a5cf9abd037653db34f252c848918bc7d827e5dc26ab3a2571210d6c0f0b2e
32efd3c886b0811738301f293d38482b2b18f34a7d2b5ed6dd197fd08c821815
53528fc9b763ea9c89d300490dd96f0f73acee819dfca9399b6001e3220a99ae
70468dcaa6214b800fef5e26f8968070ba44c160c0ebac57b3eb371aca9617fe
7aa5807a1890755275bbd9fc7926984eadb155cb9f0d9003814a6c0c09d88df0
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
b73c2e73bb86d8bea60bdf60e259bdab773cf0aaeb762e0839dac17b2884944f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf2bd3d92596d7daa1105013ab1a9df04c5638908c58a816aebedd3d299aefd
f35ad487da6a035580fb5813895e5fa47685ed3844664299f9c6cfd8aad371db
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

app.clixlo.com Open in urlscan Pro 35.202.49.152 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

14 %IPv6

4 Domains

7 Subdomains

7 IPs

1 Countries

453 kBTransfer

1858 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

3 Cookies

1 Console Messages

Indicators

app.clixlo.com Open in urlscan Pro
35.202.49.152 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

14 %
IPv6

4
Domains

7
Subdomains

7
IPs

1
Countries

453 kB
Transfer

1858 kB
Size

3
Cookies

16 HTTP transactions
0 data transactions