clicklo.com
Open in
urlscan Pro
2a06:98c1:3120::3
Malicious Activity!
Public Scan
Effective URL: https://clicklo.com/
Submission: On July 03 via manual from ES — Scanned from NL
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 2nd 2022. Valid for: a year.
This is the only time clicklo.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Cloudflare (Online)Domain & IP information
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
icons.duckduckgo.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
partner.googleadservices.com |
ASN15169 (GOOGLE, US)
tpc.googlesyndication.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
clicklo.com
clicklo.com |
128 KB |
9 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 160 |
206 KB |
6 |
duckduckgo.com
icons.duckduckgo.com — Cisco Umbrella Rank: 216050 |
27 KB |
6 |
clicklo.live
3 redirects
clicklo.live |
11 KB |
4 |
rsms.me
rsms.me — Cisco Umbrella Rank: 13126 |
308 KB |
3 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2733 www.google-analytics.com — Cisco Umbrella Rank: 49 |
20 KB |
3 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 89 |
148 KB |
2 |
google.com
adservice.google.com — Cisco Umbrella Rank: 92 www.google.com — Cisco Umbrella Rank: 8 |
2 KB |
2 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 |
5 KB |
1 |
google.nl
adservice.google.nl — Cisco Umbrella Rank: 12272 |
792 B |
1 |
googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 867 |
644 B |
52 | 11 |
Domain | Requested by | |
---|---|---|
18 | clicklo.com |
clicklo.com
|
6 | icons.duckduckgo.com |
clicklo.com
|
6 | pagead2.googlesyndication.com |
clicklo.com
pagead2.googlesyndication.com tpc.googlesyndication.com |
6 | clicklo.live |
3 redirects
clicklo.live
|
4 | rsms.me |
clicklo.com
rsms.me |
3 | tpc.googlesyndication.com |
pagead2.googlesyndication.com
tpc.googlesyndication.com |
3 | www.googletagmanager.com |
clicklo.com
www.googletagmanager.com |
2 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
|
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
1 | www.google.com |
tpc.googlesyndication.com
|
1 | adservice.google.com |
pagead2.googlesyndication.com
|
1 | adservice.google.nl |
pagead2.googlesyndication.com
|
1 | partner.googleadservices.com |
pagead2.googlesyndication.com
|
1 | region1.google-analytics.com |
www.googletagmanager.com
|
52 | 14 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-02 - 2023-06-01 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
*.duckduckgo.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-12-05 - 2022-11-26 |
a year | crt.sh |
*.googleadservices.com GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
*.google.nl GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
tpc.googlesyndication.com GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
This page contains 5 frames:
Primary Page:
https://clicklo.com/
Frame ID: 7F47DA1DA69C4B157826A38509F7B979
Requests: 45 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20220629/r20190131/zrt_lookup.html
Frame ID: DAF157B73E73CEE2EC966339D7E0385C
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8426631071255742&output=html&adk=1812271804&adf=3025194257&lmt=1656830548&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fclicklo.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656830547873&bpp=2&bdt=434&idt=170&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3902602192305&frm=20&pv=2&ga_vid=872287743.1656830548&ga_sid=1656830548&ga_hid=1614934935&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C44763827%2C31068288%2C42531608&oid=2&pvsid=3323465746262889&tmod=144827443&uas=0&nvt=1&ref=http%3A%2F%2Fclicklo.live%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=187
Frame ID: E6DFE786D2B4B1D3B6C2D936AAF61EEA
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B927629E160B40A03857F79F267E81A5
Requests: 3 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/aframe
Frame ID: 713C0977827C28BF2F15A1443383EE2A
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Clicklo - URL Shortener - Short URLs & Custom Free Link ShortenerPage URL History Show full URLs
- http://clicklo.live/stenl Page URL
-
http://clicklo.live/cdn-cgi/phish-bypass?atok=7pRd3SGr6BeSsDMe8STqLAX.AvptogLXFyf7APIiGpQ-165683...
HTTP 301
http://clicklo.live/stenl HTTP 301
https://clicklo.live/stenl HTTP 301
https://clicklo.com/ Page URL
Detected technologies
Google AdSense (Advertising Networks) ExpandDetected patterns
- googlesyndication\.com/
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://clicklo.live/stenl Page URL
-
http://clicklo.live/cdn-cgi/phish-bypass?atok=7pRd3SGr6BeSsDMe8STqLAX.AvptogLXFyf7APIiGpQ-1656830542-0-%2Fstenl
HTTP 301
http://clicklo.live/stenl HTTP 301
https://clicklo.live/stenl HTTP 301
https://clicklo.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
52 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
stenl
clicklo.live/ |
5 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cf.errors.css
clicklo.live/cdn-cgi/styles/ |
24 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-exclamation.png
clicklo.live/cdn-cgi/images/ |
452 B 889 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
clicklo.com/ Redirect Chain
|
68 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
clicklo.com/js/ |
194 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.dark.css
clicklo.com/css/ |
87 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
193 KB 69 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
103 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
143 KB 51 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inter.css
rsms.me/inter/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
xfDgqIsgeMBDaGYLYVoYn1oRHfd0O64ettrcKApy.png
clicklo.com/uploads/brand/ |
27 KB 27 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
apple.com.ico
icons.duckduckgo.com/ip3/ |
22 KB 3 KB |
Image
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsoft.com.ico
icons.duckduckgo.com/ip3/ |
17 KB 2 KB |
Image
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
youtube.com.ico
icons.duckduckgo.com/ip3/ |
1 KB 2 KB |
Image
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
messenger.com.ico
icons.duckduckgo.com/ip3/ |
68 KB 17 KB |
Image
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yahoo.com.ico
icons.duckduckgo.com/ip3/ |
2 KB 2 KB |
Image
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
us.svg
clicklo.com/images/icons/countries/ |
4 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
windows.svg
clicklo.com/images/icons/platforms/ |
205 B 703 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
chrome.svg
clicklo.com/images/icons/browsers/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
www.youtube.com.ico
icons.duckduckgo.com/ip3/ |
1 KB 2 KB |
Image
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
desktop.svg
clicklo.com/images/icons/devices/ |
406 B 762 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
20dbe5c498222ff7f33e9314b19b7f92.svg
clicklo.com/images/icons/pixels/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
50f09d94fd93abc76a0d2c0267060b28.svg
clicklo.com/images/icons/pixels/ |
465 B 812 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
842153204d5b65983fca3464e84b943f.svg
clicklo.com/images/icons/pixels/ |
455 B 813 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
26cae7718c32180a7a0f8e19d6d40a59.svg
clicklo.com/images/icons/pixels/ |
594 B 900 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
738aa8d3bc02eb8712acd0eb2cf6dfd5.svg
clicklo.com/images/icons/pixels/ |
301 B 716 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
b73c2d22763d1ce2143a3755c1d0ad3a.svg
clicklo.com/images/icons/pixels/ |
581 B 864 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bb6ec8dcea15643283afe386156af82e.svg
clicklo.com/images/icons/pixels/ |
753 B 979 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
f1576406b382b7d1c8c2607f7c563d4f.svg
clicklo.com/images/icons/pixels/ |
674 B 921 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
2afabc8d52b1b1fe7e38f426784ab0ef.svg
clicklo.com/images/icons/pixels/ |
633 B 925 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
8ac4807464cace143c37c2204494139c.svg
clicklo.com/images/icons/pixels/ |
474 B 858 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Inter-Regular.woff2
rsms.me/inter/font-files/ |
97 KB 97 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Inter-Medium.woff2
rsms.me/inter/font-files/ |
103 KB 104 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Inter-Bold.woff2
rsms.me/inter/font-files/ |
104 KB 104 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 344 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
103 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/ |
339 KB 119 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220629/r20190131/ Frame DAF1 |
10 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
1 B 21 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookie.js
partner.googleadservices.com/gampad/ |
215 B 644 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.nl/adsid/ |
107 B 792 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.com/adsid/ |
107 B 549 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ads
googleads.g.doubleclick.net/pagead/ Frame E6DF |
603 B 68 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/getconfig/ |
14 KB 10 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B927 |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aframe
www.google.com/recaptcha/api2/ Frame 713C |
783 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js
pagead2.googlesyndication.com/bg/ Frame B927 |
36 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ Frame 713C |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
generate_204
tpc.googlesyndication.com/ Frame B927 |
0 9 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Cloudflare (Online)55 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| gtag object| dataLayer number| max function| $ function| jQuery object| bootstrap function| ClipboardJS object| google_tag_manager function| onYouTubeIframeAPIReady object| google_tag_data object| gaGlobal string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| gaplugins object| gaData function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.clicklo.live/ | Name: __cf_mw_byp Value: 7pRd3SGr6BeSsDMe8STqLAX.AvptogLXFyf7APIiGpQ-1656830542-0-/stenl |
|
clicklo.live/ | Name: XSRF-TOKEN Value: eyJpdiI6IlRFUW5oZlB3NnFQYmlMeHpCTVRSR3c9PSIsInZhbHVlIjoiWlR4bnRuZnZUWDl3dnpaRXROVFwvaDdDZWpIQ1U4eHM1XC9ad3c0N1NYTVwvMEFBaXJtZlVaYkl1bjE2KzluZXM1eHQ0VUE1Q2ZaQ1djZHRvWm1Dc3NQQ1hrbEx5cHkxZm1mTUVNUnlPXC9UbTQ4dUZRck91R0wrVUp0VHJcL0NjXC9mcVkiLCJtYWMiOiIxZjlhNjQ5MTg3YWQ4M2I5NTBiYjFlNjI2YTMzZWYwMTZjZDI4MDllOTBlOGFiZGYwZGNmMTM4OTM5ODdkMDBiIn0%3D |
|
clicklo.live/ | Name: phpshort_session Value: eyJpdiI6IkVTTFdxSVFwWTJzc3BRWXJvdERHaXc9PSIsInZhbHVlIjoiazFaVWtPa2ZRMklLT3hyVWJMMzJcL2o0K2RISms4MlhtT2Q1b0VSb2sxN0tmeXdpMm9FUDlMdVNnTytxTnhKOEhBMGx5REYzUkVEWnZaYkt6YVM5YUpqNXMyaDQ1bGR1bnhQcTFWVCtoSVRRcldBc3Rwa0RCUFh5RHFhRWF6V0c3IiwibWFjIjoiMjg3OThjMDg4YWIxMjUyYTk2NGVmNzk0ZDZiOTViYThkMWY2MTIzMWMzNjdiMDJiOWQxMDA0MTg3ZmUyMTQ2MiJ9 |
|
clicklo.com/ | Name: XSRF-TOKEN Value: eyJpdiI6Imx0THVIOFpFZEJETW5WS0NaU1FDY0E9PSIsInZhbHVlIjoiU2hKcW5DK0ZIWUhBMlRydDNnMnZzVU5XUloxMVh5YUhqSlwvcUtyOFgwYkduRnR4alUwQm5DbmVzeWs1am1aMnowTlwvSzZraDdRV2QwazNNdmNRZ1RmcHcxNUFGV3lLVGcyNnVjRitaYTRFSjlBdytcL3l5dWM1Tm1UTndQR2dDdVUiLCJtYWMiOiI1ODhhOTY4ODg1MDMzNmM3MDU3NzhhZTA3NmZkMDliY2IwMTg4ZTRjNmYyNjVmNzBlOTBkZGU3ZDI2YzVkMjZiIn0%3D |
|
clicklo.com/ | Name: phpshort_session Value: eyJpdiI6InhpOFBVemF2elJ5bzZmQUd3dGJCM1E9PSIsInZhbHVlIjoiVllWZGkrbnM3clo0UHRqek83Vk5tK2ppcUtsZzFEXC9NbWw2Skh2dTJsRXcwYTFkVUdPTjc3MWNNbTdLTFVVMEJQbTYzYnU5NTVYeTc2VnY3bTkrMExsMm1YS3h5eTRJeXRybFBqeGt5dFwvdGptRDlrWkc5MWRcLzNIa1NjQkFORWciLCJtYWMiOiI0NjFiMjRjNGU2MWY5M2NlNjI1ZjZlMGNkYzZjNTdiN2JkMjAxMDdhYWRiNzM3YmM1ZTQyOTgzMjVkMWQwY2RlIn0%3D |
|
.clicklo.com/ | Name: _ga_KR22VVZ8T0 Value: GS1.1.1656830547.1.0.1656830547.0 |
|
.clicklo.com/ | Name: _ga Value: GA1.2.872287743.1656830548 |
|
.clicklo.com/ | Name: _gid Value: GA1.2.688995617.1656830548 |
|
.clicklo.com/ | Name: _gat_gtag_UA_219676900_1 Value: 1 |
|
.clicklo.com/ | Name: __gads Value: ID=86b3b13e7a314b1e-22926bcdc4cd00e9:T=1656830548:RT=1656830548:S=ALNI_Mb-fXpP2tLQdVgamxNSUmzrzVO6-A |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adservice.google.com
adservice.google.nl
clicklo.com
clicklo.live
googleads.g.doubleclick.net
icons.duckduckgo.com
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
rsms.me
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
142.250.184.194
2001:4860:4802:34::36
2606:4700:3037::6815:8fa
2a00:1450:4001:801::2001
2a00:1450:4001:809::2002
2a00:1450:4001:809::2008
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2002
2a00:1450:4001:82b::2004
2a06:98c1:3120::3
2a06:98c1:3121::3
40.114.178.124
00979234d7059d57941107032785304e95b5ccdaac387c024a3ba8a4963484f4
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0585f462cea19f0c1fa6d097eaf16cebaf4e40b1a3ef11891e45d85cd6db7421
0eb1bfb7312ab752e1e6ab39a808bd8236f700b38b4ebdfd2a61a37cec5dd7e0
0f5a5f43d8e1396449a739fd18ba0fdaca450859f97d82e53761256f050a4e3c
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
184cbd0d5847bbae759a641150736f6a4c4d39f44c08137f6f2e7684b466cb70
187ce272b2f622e5a5cf1b76bb042adbc17751a7c24478c046aa17a182706fe0
1b498b959e5b7decbf9185803591d25bc1fbf83e798372ed30d32d5c79d82ff6
1e5e36ca2b47720c09359ac11fce9d5285314b8b3c375d5d9886d12e95227c60
4a5ec454554e61f349f4893dbe41461bd8a847f4d668d5e2be4304b3620a1bad
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6752edb05b430580b4c993b4fa5c6ff7e6de5090fb970f707f966dc1b42a90d3
6907b3dfa45e8c11e1519650f8562544805f9173f23fc510644574235f974a82
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
7fe85579fb319215f2d450fd629a949c9677ae6a0e0342f2f59a2b818faed12c
8bb1d0fa43a17436d59dd546f6f74c76dc44735def7522c22d8031166db8911d
8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a96c8ffad4445e16abf4e2eb9ef4f0f3d07d7d6e8293b04548afa61b8d99ae8f
ace07af67895a64072c91508f5908659c7b573bbafaaa1f22ad05208fa563492
b2d44963cdfbf0217776f073816509d06fb45eef52ddb40da775406407ba1fae
b31dc3260a12863796a1231374c1034bf539ec10a54b239a4e9a80ad4dd698b2
b466cf8f29f0269d6b1ad06fa022b9e43c0b00b5ea42ef5e90486b22663445e9
ba41821092677246c7715237951c24211733be4e895c00372e33bb202f58bc08
c14569b287795db20f175729c90108f5e756049018e48f45d6f92c11c31be884
c63158babcb7902203ed73476ccf901db34825ea524d4a36a52b5e5f97e1abf7
c6f7ee2cadae2e121342a8c4245141175bfe887776206deb17149d46cf3aa827
c70ba1cb67cc649da2b1f5dc4a26891437d8bba2cc098c88461e6bfc23949d9e
d44e1597028e1112888029e2c7a518a1d9d59aa92986226c2095f926b6538f39
d4cf528f02a7963154d2fc4011a60401416f796e0e38fec6e65e14050b834b9e
d53128e662c0fae928fe7eba829b6f8d148d0a6a69b3a85296c9c51891740bb7
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4bdf72e2f803f7e19907c12f407ac7f7cd5f1f94bfd730b9be24b0d49191b48
e5f831e970f0b7dc430b39371b79d5f18ebfbaa9f3ed164ee9ce9f3ac4e839c5
e69bddd112a6a4577365f93e4af8064e7687fdd24b485d259376542688f53b87
f057e6a1a3b0fb2e9146940dd2fdf4fcb479b1aa7aaa3c11b7fa3cf56ab5a96c
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f620dc4c3e51940da017fb02934ed25de7e44ef69e6a5bdd57bc5c803beba7b3
fa1523249f496acde1e810dd4c5ff9ec9aef5dafa279fb55eb99b325411b184f
faca5d0e19134d373265f92c5c6d4d88579a13484899afe09e106ce72c58c70b
ff2f7799644ff33f84d38c32ba9caa916e16a527cf4f8c4b08a8702bec938dc7