| | 8.219.247.160 | 200 OK | 14 kB |
URL User Request GET HTTP/2IP8.219.247.160:443 ASN#45102 Alibaba US Technology Co., Ltd.
CertificateIssuerLet's Encrypt Subjectcclickks.com Fingerprint67:24:6A:50:AA:B7:DE:CD:F0:FD:3F:DD:72:ED:C8:45:86:96:44:09 ValidityTue, 07 May 2024 12:43:55 GMT - Mon, 05 Aug 2024 12:43:54 GMT
File typegzip compressed data, from Unix Hash4123c562ef9cc146d6911ed1ff6f40af f7a839905bb2a50011cc435085c1c56b36d2ceee 918d4f14f38a96ebd8186bc164ccdf9a022fe3a9ae46e7af08f9e4d838cc1589
GET /click/ HTTP/1.1
Host: www.cclickks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 20:41:37 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.cclickks.com/push1.js | 8.219.247.160 | 200 OK | 761 B |
URL GET HTTP/2www.cclickks.com/push1.js IP8.219.247.160:443 ASN#45102 Alibaba US Technology Co., Ltd.
Requested byhttps://www.cclickks.com/click/ CertificateIssuerLet's Encrypt Subjectcclickks.com Fingerprint67:24:6A:50:AA:B7:DE:CD:F0:FD:3F:DD:72:ED:C8:45:86:96:44:09 ValidityTue, 07 May 2024 12:43:55 GMT - Mon, 05 Aug 2024 12:43:54 GMT
Hash9ce7cbaf98b1b9a16eb2e9dff69bca73 adb2c159c6f00ef48498ec1873a2aa664cf3d13d 301a162a29508b104c055d482006db9223964c1e45f5fb0fd505919040e3362a
GET /push1.js HTTP/1.1
Host: www.cclickks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cclickks.com/click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 20:41:38 GMT
content-type: application/javascript
content-length: 761
last-modified: Tue, 07 May 2024 13:37:17 GMT
etag: "663a2e8d-2f9"
expires: Wed, 08 May 2024 08:41:38 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| poavoabe.net/zone?&pub=0&zone_id=7438708&is_mobile=false&domain=www.cclickks.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=2606b3dc-cbf1-41b1-8a38-8d220a15bcaa&action=prerequest | 139.45.197.251 | 200 OK | 0 B |
URL POST HTTP/2poavoabe.net/zone?&pub=0&zone_id=7438708&is_mobile=false&domain=www.cclickks.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=2606b3dc-cbf1-41b1-8a38-8d220a15bcaa&action=prerequest IP139.45.197.251:443
Requested byhttps://www.cclickks.com/click/ CertificateIssuerLet's Encrypt Subjectpoavoabe.net FingerprintEA:0B:FC:6A:9F:F2:C8:BB:63:B0:A9:3E:B1:A6:7B:52:34:86:5B:A4 ValidityMon, 15 Apr 2024 05:23:56 GMT - Sun, 14 Jul 2024 05:23:55 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /zone?&pub=0&zone_id=7438708&is_mobile=false&domain=www.cclickks.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=2606b3dc-cbf1-41b1-8a38-8d220a15bcaa&action=prerequest HTTP/1.1
Host: poavoabe.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.cclickks.com
DNT: 1
Connection: keep-alive
Referer: https://www.cclickks.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 20:41:38 GMT
content-length: 0
x-trace-id: 9ead646c1e0b433cc880519481d5018a
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://www.cclickks.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://www.cclickks.com/click/ CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 253
Origin: https://www.cclickks.com
DNT: 1
Connection: keep-alive
Referer: https://www.cclickks.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 20:41:38 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 7109279469449f20c95359421905e648
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://www.cclickks.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://www.cclickks.com/click/ CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 256
Origin: https://www.cclickks.com
DNT: 1
Connection: keep-alive
Referer: https://www.cclickks.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 20:41:38 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: cc331cbe44c633041a2cf2143ef19ca4
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://www.cclickks.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://www.cclickks.com/click/ CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 255
Origin: https://www.cclickks.com
DNT: 1
Connection: keep-alive
Referer: https://www.cclickks.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 20:41:38 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 3d5c3c4b63baad93e899ccf0c9b40eba
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://www.cclickks.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 0 B |
IP139.45.197.250:443
Requested byhttps://www.cclickks.com/click/ CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.cclickks.com/
Origin: https://www.cclickks.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 20:41:38 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.cclickks.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| www.cclickks.com/favicon.ico | 8.219.247.160 | 404 Not Found | 146 B |
URL GET HTTP/2www.cclickks.com/favicon.ico IP8.219.247.160:443 ASN#45102 Alibaba US Technology Co., Ltd.
Requested byhttps://www.cclickks.com/click/ CertificateIssuerLet's Encrypt Subjectcclickks.com Fingerprint67:24:6A:50:AA:B7:DE:CD:F0:FD:3F:DD:72:ED:C8:45:86:96:44:09 ValidityTue, 07 May 2024 12:43:55 GMT - Mon, 05 Aug 2024 12:43:54 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash8eec510e57f5f732fd2cce73df7b73ef 3c0af39ecb3753c5fee3b53d063c7286019eac3b 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /favicon.ico HTTP/1.1
Host: www.cclickks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cclickks.com/click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 07 May 2024 20:41:38 GMT
content-type: text/html
content-length: 146
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 94 B |
IP139.45.197.250:443
Requested byhttps://www.cclickks.com/click/ CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hash0453016a02aabfd89ff631796388927b 6ee44744503438292e725dd43133c8852bbdd380 f48de8dd3ab140e2d47942dd192595ce86328860e1ec47ba54fdc001e09cfb5c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cclickks.com/
Content-Type: application/json
Content-Length: 875
Origin: https://www.cclickks.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 20:41:38 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://www.cclickks.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| www.cclickks.com/sw-check-permissions-164e8.js?zoneId=7438708 | 8.219.247.160 | 200 OK | 566 B |
URL GET HTTP/2www.cclickks.com/sw-check-permissions-164e8.js?zoneId=7438708 IP8.219.247.160:443 ASN#45102 Alibaba US Technology Co., Ltd.
Requested byhttps://www.cclickks.com/click/ CertificateIssuerLet's Encrypt Subjectcclickks.com Fingerprint67:24:6A:50:AA:B7:DE:CD:F0:FD:3F:DD:72:ED:C8:45:86:96:44:09 ValidityTue, 07 May 2024 12:43:55 GMT - Mon, 05 Aug 2024 12:43:54 GMT
Hash1996c42e22ccd2f8d816f212865b4e0c 0f0d827b3c756825a819b6b7b1a89a0920f2134d 7e55220aa499769446bc2a7b714801888bf0d28956c9c8a1eeedc5af703beb50
GET /sw-check-permissions-164e8.js?zoneId=7438708 HTTP/1.1
Host: www.cclickks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://www.cclickks.com/click/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 20:41:38 GMT
content-type: application/javascript
content-length: 566
last-modified: Tue, 07 May 2024 13:42:14 GMT
etag: "663a2fb6-236"
expires: Wed, 08 May 2024 08:41:38 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| poavoabe.net/pfe/current/micro.tag.min.js?z=7438708&sw=/sw-check-permissions-164e8.js | 139.45.197.251 | 200 OK | 37 kB |
URL GET HTTP/2poavoabe.net/pfe/current/micro.tag.min.js?z=7438708&sw=/sw-check-permissions-164e8.js IP139.45.197.251:443
Requested byhttps://www.cclickks.com/click/ CertificateIssuerLet's Encrypt Subjectpoavoabe.net FingerprintEA:0B:FC:6A:9F:F2:C8:BB:63:B0:A9:3E:B1:A6:7B:52:34:86:5B:A4 ValidityMon, 15 Apr 2024 05:23:56 GMT - Sun, 14 Jul 2024 05:23:55 GMT
File typeJavaScript source, ASCII text, with very long lines (37142), with no line terminators Hash32d6dbd00a639e2cd10d1704b9159bd5 0dab4c95675393f1d0e13d20f13d80ee12e41d95 9f339e5efd7c959419a4e86bb4c5e9f07eae2ed839484846157be981917743de
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pfe/current/micro.tag.min.js?z=7438708&sw=/sw-check-permissions-164e8.js HTTP/1.1
Host: poavoabe.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cclickks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 20:41:38 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 10:48:53 GMT
etag: W/"662a3515-9116"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|