clay6.com
Open in
urlscan Pro
139.162.17.55
Malicious Activity!
Public Scan
Submission: On May 22 via manual from NL
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 1st 2020. Valid for: 2 years.
This is the only time clay6.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Office 365 (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
15 | 139.162.17.55 139.162.17.55 | 63949 (LINODE-AP...) (LINODE-AP Linode) | |
1 | 2a00:1450:400... 2a00:1450:4001:815::200a | 15169 (GOOGLE) (GOOGLE) | |
6 | 2606:4700::68... 2606:4700::6810:85e5 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:818::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:801::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:400c:c00::9c | 15169 (GOOGLE) (GOOGLE) | |
1 | 13.126.239.190 13.126.239.190 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 35.154.133.31 35.154.133.31 | 16509 (AMAZON-02) (AMAZON-02) | |
28 | 9 |
ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li859-55.members.linode.com
clay6.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-13-126-239-190.ap-south-1.compute.amazonaws.com
checkout.razorpay.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-35-154-133-31.ap-south-1.compute.amazonaws.com
api.razorpay.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
clay6.com
clay6.com |
389 KB |
6 |
cloudflare.com
cdnjs.cloudflare.com |
172 KB |
2 |
razorpay.com
checkout.razorpay.com api.razorpay.com |
16 KB |
2 |
doubleclick.net
stats.g.doubleclick.net |
17 KB |
1 |
gstatic.com
fonts.gstatic.com |
14 KB |
1 |
youtube.com
www.youtube.com |
|
1 |
googleapis.com
fonts.googleapis.com |
504 B |
28 | 7 |
Domain | Requested by | |
---|---|---|
15 | clay6.com |
clay6.com
|
6 | cdnjs.cloudflare.com |
clay6.com
cdnjs.cloudflare.com |
2 | stats.g.doubleclick.net |
clay6.com
|
1 | api.razorpay.com |
checkout.razorpay.com
|
1 | checkout.razorpay.com |
clay6.com
|
1 | fonts.gstatic.com |
clay6.com
|
1 | www.youtube.com |
clay6.com
|
1 | fonts.googleapis.com |
clay6.com
|
28 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
facebook.com |
twitter.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
clay6.com Sectigo RSA Domain Validation Secure Server CA |
2020-04-01 - 2022-07-04 |
2 years | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-05-05 - 2020-07-28 |
3 months | crt.sh |
cloudflare.com CloudFlare Inc ECC CA-2 |
2020-01-07 - 2020-10-09 |
9 months | crt.sh |
*.google.com GTS CA 1O1 |
2020-05-05 - 2020-07-28 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-04-28 - 2020-07-21 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-05-05 - 2020-07-28 |
3 months | crt.sh |
*.razorpay.com Amazon |
2020-04-10 - 2021-05-10 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://clay6.com/
Frame ID: DFB6C113F45358662CAFAED8B8A0DA8D
Requests: 33 HTTP requests in this frame
Frame:
https://www.youtube.com/embed/AE2NrRdRp8I?rel=0
Frame ID: 21B2F559D9546A6214490E9E7FFF4451
Requests: 1 HTTP requests in this frame
Frame:
https://api.razorpay.com/v1/checkout/public/canary?canary=1
Frame ID: 50EDA74BE6AC1BE4F2B0E88321088A9A
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
CentOS (Operating Systems) ExpandDetected patterns
- headers server /CentOS/i
OpenSSL (Web Server Extensions) Expand
Detected patterns
- headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Facebook
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
clay6.com/ |
39 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
865 B 504 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
A.plugins,,_magnific_popup,,_magnific-popup.css+plugins,,_font-awesome,,_css,,_font-awesome.min.css+css,,_header_footer_styles.css+css,,_home_styles.css+common,,_css,,_practice_link_styles.css,Mcc....
clay6.com/ |
59 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
xtutor_with_board.jpg.pagespeed.ic.JW3qwZmTAz.webp
clay6.com/tutor/img/ |
8 KB 8 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
xindianexpress.png.pagespeed.ic.GaJ7OhxAzu.webp
clay6.com/about/ |
8 KB 8 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js.pagespeed.jm.hJPIhFzu5k.js
clay6.com/js/ |
91 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js,_jquery.blockui.js+plugins,_jquery_dropdown,_jquery.dropdown.min.js+plugins,_magnific_popup,_jquery.magnific-popup.min.js.pagespeed.jc.VY9gzI-YUP.js
clay6.com/ |
32 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MathJax.js
cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/ |
62 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common,_js,_common.js+js,_pageResizeHandler.js+js,_home_page_util.js+ask,_ques.js.pagespeed.jc.JIIECPVfUz.js
clay6.com/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ga.js
clay6.com/js/ |
410 B 768 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AE2NrRdRp8I
www.youtube.com/embed/ Frame 21B2 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
410 B 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
556 B 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
416 B 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
640 B 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
418 B 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontawesome-webfont.woff2
clay6.com/plugins/font-awesome/fonts/ |
75 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
OpenSans-Regular.ttf
clay6.com/fonts/ |
212 KB 213 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
VEM1Ro9xs5PjtzCu-srDqSTijP6gukAR.woff2
fonts.gstatic.com/s/concertone/v10/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TeX-AMS_HTML-full.js
cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/config/ |
305 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc.js
stats.g.doubleclick.net/ |
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loading.gif
clay6.com/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
__utm.gif
stats.g.doubleclick.net/r/ |
35 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontdata.js
cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/jax/output/HTML-CSS/fonts/TeX/ |
43 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
pending.php
clay6.com/ask/ |
1 B 452 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MathJax_Main-Regular.woff
cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/fonts/HTML-CSS/TeX/woff/ |
33 KB 34 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MathJax_Math-Italic.woff
cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/fonts/HTML-CSS/TeX/woff/ |
19 KB 19 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MathJax_Size1-Regular.woff
cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/fonts/HTML-CSS/TeX/woff/ |
6 KB 6 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
checkout.js
checkout.razorpay.com/v1/ |
49 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
util.js
clay6.com/payment/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.cookie.js
clay6.com/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
mod_pagespeed_beacon
clay6.com/ |
0 202 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
canary
api.razorpay.com/v1/checkout/public/ Frame 50ED |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Office 365 (Online)57 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate number| targetOffset object| pagespeed object| body undefined| timer function| profileInfoCloser function| initProfilePicClickHandler function| addWindowOnLoadHandler function| addDomOnLoadHandler function| downloadJSAtOnload function| showChatWithTutorInstallPopup function| $ function| jQuery string| mod_pagespeed_3Qdb8uoQ8m string| mod_pagespeed_jdL1YyvSo8 string| mod_pagespeed_vsQb1OHrv3 object| jQuery110107294541461521638 object| MathJax string| mod_pagespeed_jyRIK7iFB4 string| mod_pagespeed_LWonOaP8dl string| mod_pagespeed_QknBNVqbCk string| mod_pagespeed_XhUSGo9FSh function| blockPage function| unblockPage function| blockElement function| unblockElement function| scrollToPageTop function| getFormattedTime function| showResponseMessage function| populateQuesAndOptions object| windowRef object| headerElem object| headerNav object| headerLeftSection object| navLinksContainerTrigger object| headerAltContainer boolean| isHeaderMenuInLowRes number| headerNavResponsiveBreakpoint function| handleHeaderMenuResize function| handlePageResize object| functionListForPageResize function| submitSearchString function| checkPendingAndOpenAskQuestionPopup function| showAskQuestionPopup object| _gaq number| pageResizeTimeout object| _gat object| gaGlobal undefined| module function| initiatePayment function| createPaymentOrder function| getPaymentOrderBaseConfig function| showPaymentPopup function| submitPaymentResponse function| showPaymentSuccessPopup function| Razorpay9 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.youtube.com/ | Name: GPS Value: 1 |
|
.youtube.com/ | Name: YSC Value: 8MU4YP7b7_s |
|
.clay6.com/ | Name: __utmb Value: 138702561.1.10.1590134783 |
|
.clay6.com/ | Name: __utmt Value: 1 |
|
.clay6.com/ | Name: __utmz Value: 138702561.1590134783.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none) |
|
.youtube.com/ | Name: VISITOR_INFO1_LIVE Value: gfN-f0-cB6w |
|
.clay6.com/ | Name: __utma Value: 138702561.8833927.1590134783.1590134783.1590134783.1 |
|
.clay6.com/ | Name: __utmc Value: 138702561 |
|
clay6.com/ | Name: PHPSESSID Value: 1qd8lvaj6i8e4ppb3k0qgb6s4g |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.razorpay.com
cdnjs.cloudflare.com
checkout.razorpay.com
clay6.com
fonts.googleapis.com
fonts.gstatic.com
stats.g.doubleclick.net
www.youtube.com
13.126.239.190
139.162.17.55
2606:4700::6810:85e5
2a00:1450:4001:801::2003
2a00:1450:4001:815::200a
2a00:1450:4001:818::200e
2a00:1450:400c:c00::9c
35.154.133.31
0a8f3c475d7b9bc249845a3e4a498ba8a2d3d811f2d51c20279779af0a6b639d
1069ffc62eb6f64b5e29f70a8d7557bf4a62841b3b58831de41ca4d5d06f6f1a
17d9ca600ef3542bdb5852c226d6b1012988a529a41c960d992b32378980e8ef
1ceebc9e311f153df0b06b444f9e1d1b993eb4bb4286a9a71df901c01fea6e2c
23c5579e0875c5590677dacae1b790a7db004f40557c8cdd52c18909ceceb094
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cf985fbe70694eda52314ccab5a052a177691e05d90c0be44d05e57da22d001
45fb23172886ecef94b3a70ced43487c88d99c8cb8a4f1154315953a9ef3c850
48344fd55558bbeb600062a175d052979f9ece87c7299788f8ecf16a46c87bf6
55c77dfef369aee9bf4058c15f01b7d8c245177cd0e2a6ecb1d1ae71a7443d6f
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
64a7a0e3612b87d5088ceb8daf269c7cd96acfd33b2c380ebaaa43fe3d69553a
65080255c8a32c8d64f6c5a471dfaa81a6f568a37531856120103794aee1a104
66f6bc47a1802338d7f812695988bf1025bf286050a9dc1ad5a7d24fd24f75b9
67045b2289294c222cbab0dbfd07e0af1a40ba39c4ff6165ea9578e2345385da
6ac6f8a677a549ddf28792863b031c0227f3320b7aa699286f8b035506fae480
72d694fa03a47b7cb9bbbb5b60ad81212a18f63f2030ec5027e7d3f1511610f7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85baa6446fe171ed24397115ce7e2cedfeee9eb66bd1ec1aeb70085d66a09acd
85fd9464dc77800e3e2023c5ab0f2072f206d80bd655542e0cfc0566e148b2e6
8db815a915b38f569e5c06686cae5489a9a396607915fdc21eeb052e61d6c27c
9a414d9d7c989cbaffd1680c97fd07a472c49c8d979b3a6325857f90eba79256
a2b4a59fe227bb9041ced90736308a4da23f81c1794d6d193d2c5e236e1c8845
b4eca35034a6d3084b60efea14eb643e737bd8c2d1d98e24cc00b6a50afbf276
db0a48f740ff14664c3bcb16cec1ca2af3e778b06bbb61c8cb3fd8eef70e016f
de7c703d752a450e21418da2a2feb1f34c24d2f98ad9878078a367b2593f6d0a
ded1b923cd17c070e4eb0e7f96a11d86fcb9bc09612fa03b6dd3db81d9450581
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64e508b2aa2880f907e470c4550980ec4c0694d103a43f36150ac3f93189bee
eaedb041ef68fa9f0117437841ec76f76d5f731a3f889a331fadd4f119a5e88f
f38a9576a01259f715c8480d9ed3e65b5c63d4acbc8313dfec49a14fdbc07f93
f44eeb74899de9cd97c09882cd1bd1446c2c20fbd1793fd933b76dde1427ec8f