Report - www.cclickks.com/click/

Report Overview

Submitted URL
www.cclickks.com/click/
IP
8.219.247.160
ASN
#45102 Alibaba US Technology Co., Ltd.
Submitted
2024-05-07 20:42:01
Access
public
Website Title
Recommended articles
Final URL
www.cclickks.com/click/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
poavoabe.net	unknown	2022-10-03	2022-10-03	2023-12-09	1.1 kB	38 kB	139.45.197.251
jouteetu.net	260109	2021-07-08	2021-07-15	2024-05-07	1.3 kB	1.9 kB	139.45.197.251
amunfezanttor.com	unknown	2023-03-31	2023-03-31	2024-05-06	1.0 kB	1.1 kB	139.45.197.250
www.cclickks.com	unknown	unknown	No data	No data	1.8 kB	16 kB	8.219.247.160

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-07	medium	poavoabe.net	Sinkholed
2024-05-07	medium	amunfezanttor.com	Sinkholed
2024-05-07	medium	amunfezanttor.com	Sinkholed
2024-05-07	medium	poavoabe.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (3)

	URL	Size	First Seen	Last Seen
	www.cclickks.com/push1.js	761 B	2024-05-07	2024-05-17
Pretty URL www.cclickks.com/push1.js IP 8.219.247.160 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 22:42:07 Last Seen2024-05-17 09:57:31 Times Seen4 Hash 9ce7cbaf98b1b9a16eb2e9dff69bca73 adb2c159c6f00ef48498ec1873a2aa664cf3d13d 301a162a29508b104c055d482006db9223964c1e45f5fb0fd505919040e3362a Loading...

	www.cclickks.com/click/	0 B	2023-03-07	2024-05-19
Pretty URL www.cclickks.com/click/ IP 8.219.247.160 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-19 17:30:00 Times Seen37836309 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	poavoabe.net/pfe/current/micro.tag.min.js?z=7438708&sw=/sw-check-permissions-164e8.js	37 kB	2024-04-25	2024-05-15
Pretty URL poavoabe.net/pfe/current/micro.tag.min.js?z=7438708&sw=/sw-check-permissions-164e8.js IP 139.45.197.251 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 13:01:48 Last Seen2024-05-15 20:42:51 Times Seen2522 Hash 32d6dbd00a639e2cd10d1704b9159bd5 0dab4c95675393f1d0e13d20f13d80ee12e41d95 9f339e5efd7c959419a4e86bb4c5e9f07eae2ed839484846157be981917743de Loading...

HTTP Transactions (11)

URL IP Response Size

www.cclickks.com/click/

8.219.247.160

200 OK

14 kB

URL User Request GET HTTP/2
www.cclickks.com/click/
IP
8.219.247.160:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Certificate
IssuerLet's Encrypt
Subjectcclickks.com
Fingerprint67:24:6A:50:AA:B7:DE:CD:F0:FD:3F:DD:72:ED:C8:45:86:96:44:09
ValidityTue, 07 May 2024 12:43:55 GMT - Mon, 05 Aug 2024 12:43:54 GMT

File type
gzip compressed data, from Unix
Size
14 kB (13716 bytes)
Hash
4123c562ef9cc146d6911ed1ff6f40af
f7a839905bb2a50011cc435085c1c56b36d2ceee
918d4f14f38a96ebd8186bc164ccdf9a022fe3a9ae46e7af08f9e4d838cc1589

HTTP Headers

GET /click/ HTTP/1.1
Host: www.cclickks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 20:41:37 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

www.cclickks.com/push1.js

8.219.247.160

200 OK

761 B

URL GET HTTP/2
www.cclickks.com/push1.js
IP
8.219.247.160:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://www.cclickks.com/click/
Certificate
IssuerLet's Encrypt
Subjectcclickks.com
Fingerprint67:24:6A:50:AA:B7:DE:CD:F0:FD:3F:DD:72:ED:C8:45:86:96:44:09
ValidityTue, 07 May 2024 12:43:55 GMT - Mon, 05 Aug 2024 12:43:54 GMT

File type
ASCII text
Size
761 B (761 bytes)
Hash
9ce7cbaf98b1b9a16eb2e9dff69bca73
adb2c159c6f00ef48498ec1873a2aa664cf3d13d
301a162a29508b104c055d482006db9223964c1e45f5fb0fd505919040e3362a

HTTP Headers

GET /push1.js HTTP/1.1
Host: www.cclickks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cclickks.com/click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 20:41:38 GMT
content-type: application/javascript
content-length: 761
last-modified: Tue, 07 May 2024 13:37:17 GMT
etag: "663a2e8d-2f9"
expires: Wed, 08 May 2024 08:41:38 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

poavoabe.net/zone?&pub=0&zone_id=7438708&is_mobile=false&domain=www.cclickks.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=2606b3dc-cbf1-41b1-8a38-8d220a15bcaa&action=prerequest

139.45.197.251

200 OK

0 B

URL POST HTTP/2
poavoabe.net/zone?&pub=0&zone_id=7438708&is_mobile=false&domain=www.cclickks.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=2606b3dc-cbf1-41b1-8a38-8d220a15bcaa&action=prerequest
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://www.cclickks.com/click/
Certificate
IssuerLet's Encrypt
Subjectpoavoabe.net
FingerprintEA:0B:FC:6A:9F:F2:C8:BB:63:B0:A9:3E:B1:A6:7B:52:34:86:5B:A4
ValidityMon, 15 Apr 2024 05:23:56 GMT - Sun, 14 Jul 2024 05:23:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /zone?&pub=0&zone_id=7438708&is_mobile=false&domain=www.cclickks.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=2606b3dc-cbf1-41b1-8a38-8d220a15bcaa&action=prerequest HTTP/1.1
Host: poavoabe.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.cclickks.com
DNT: 1
Connection: keep-alive
Referer: https://www.cclickks.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 20:41:38 GMT
content-length: 0
x-trace-id: 9ead646c1e0b433cc880519481d5018a
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://www.cclickks.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

jouteetu.net/custom

139.45.197.251

200 OK

39 B

URL POST HTTP/2
jouteetu.net/custom
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://www.cclickks.com/click/
Certificate
IssuerLet's Encrypt
Subjectjouteetu.net
FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65
ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT

File type
JSON text data
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 253
Origin: https://www.cclickks.com
DNT: 1
Connection: keep-alive
Referer: https://www.cclickks.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 20:41:38 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 7109279469449f20c95359421905e648
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://www.cclickks.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

jouteetu.net/custom

139.45.197.251

200 OK

39 B

URL POST HTTP/2
jouteetu.net/custom
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://www.cclickks.com/click/
Certificate
IssuerLet's Encrypt
Subjectjouteetu.net
FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65
ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT

File type
JSON text data
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 256
Origin: https://www.cclickks.com
DNT: 1
Connection: keep-alive
Referer: https://www.cclickks.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 20:41:38 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: cc331cbe44c633041a2cf2143ef19ca4
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://www.cclickks.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

jouteetu.net/custom

139.45.197.251

200 OK

39 B

URL POST HTTP/2
jouteetu.net/custom
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://www.cclickks.com/click/
Certificate
IssuerLet's Encrypt
Subjectjouteetu.net
FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65
ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT

File type
JSON text data
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 255
Origin: https://www.cclickks.com
DNT: 1
Connection: keep-alive
Referer: https://www.cclickks.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 20:41:38 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 3d5c3c4b63baad93e899ccf0c9b40eba
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://www.cclickks.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

200 OK

0 B

URL POST HTTP/2
amunfezanttor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://www.cclickks.com/click/
Certificate
IssuerLet's Encrypt
Subjectamunfezanttor.com
FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA
ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.cclickks.com/
Origin: https://www.cclickks.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 20:41:38 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.cclickks.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

www.cclickks.com/favicon.ico

8.219.247.160

404 Not Found

146 B

URL GET HTTP/2
www.cclickks.com/favicon.ico
IP
8.219.247.160:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://www.cclickks.com/click/
Certificate
IssuerLet's Encrypt
Subjectcclickks.com
Fingerprint67:24:6A:50:AA:B7:DE:CD:F0:FD:3F:DD:72:ED:C8:45:86:96:44:09
ValidityTue, 07 May 2024 12:43:55 GMT - Mon, 05 Aug 2024 12:43:54 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.cclickks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cclickks.com/click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Tue, 07 May 2024 20:41:38 GMT
content-type: text/html
content-length: 146
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

200 OK

94 B

URL POST HTTP/2
amunfezanttor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://www.cclickks.com/click/
Certificate
IssuerLet's Encrypt
Subjectamunfezanttor.com
FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA
ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT

File type
JSON text data
Size
94 B (94 bytes)
Hash
0453016a02aabfd89ff631796388927b
6ee44744503438292e725dd43133c8852bbdd380
f48de8dd3ab140e2d47942dd192595ce86328860e1ec47ba54fdc001e09cfb5c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cclickks.com/
Content-Type: application/json
Content-Length: 875
Origin: https://www.cclickks.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 20:41:38 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://www.cclickks.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

www.cclickks.com/sw-check-permissions-164e8.js?zoneId=7438708

8.219.247.160

200 OK

566 B

URL GET HTTP/2
www.cclickks.com/sw-check-permissions-164e8.js?zoneId=7438708
IP
8.219.247.160:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://www.cclickks.com/click/
Certificate
IssuerLet's Encrypt
Subjectcclickks.com
Fingerprint67:24:6A:50:AA:B7:DE:CD:F0:FD:3F:DD:72:ED:C8:45:86:96:44:09
ValidityTue, 07 May 2024 12:43:55 GMT - Mon, 05 Aug 2024 12:43:54 GMT

File type
Java source, ASCII text
Size
566 B (566 bytes)
Hash
1996c42e22ccd2f8d816f212865b4e0c
0f0d827b3c756825a819b6b7b1a89a0920f2134d
7e55220aa499769446bc2a7b714801888bf0d28956c9c8a1eeedc5af703beb50

HTTP Headers

GET /sw-check-permissions-164e8.js?zoneId=7438708 HTTP/1.1
Host: www.cclickks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://www.cclickks.com/click/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 20:41:38 GMT
content-type: application/javascript
content-length: 566
last-modified: Tue, 07 May 2024 13:42:14 GMT
etag: "663a2fb6-236"
expires: Wed, 08 May 2024 08:41:38 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

poavoabe.net/pfe/current/micro.tag.min.js?z=7438708&sw=/sw-check-permissions-164e8.js

139.45.197.251

200 OK

37 kB

URL GET HTTP/2
poavoabe.net/pfe/current/micro.tag.min.js?z=7438708&sw=/sw-check-permissions-164e8.js
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://www.cclickks.com/click/
Certificate
IssuerLet's Encrypt
Subjectpoavoabe.net
FingerprintEA:0B:FC:6A:9F:F2:C8:BB:63:B0:A9:3E:B1:A6:7B:52:34:86:5B:A4
ValidityMon, 15 Apr 2024 05:23:56 GMT - Sun, 14 Jul 2024 05:23:55 GMT

File type
JavaScript source, ASCII text, with very long lines (37142), with no line terminators
Size
37 kB (37142 bytes)
Hash
32d6dbd00a639e2cd10d1704b9159bd5
0dab4c95675393f1d0e13d20f13d80ee12e41d95
9f339e5efd7c959419a4e86bb4c5e9f07eae2ed839484846157be981917743de

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pfe/current/micro.tag.min.js?z=7438708&sw=/sw-check-permissions-164e8.js HTTP/1.1
Host: poavoabe.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cclickks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 20:41:38 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 10:48:53 GMT
etag: W/"662a3515-9116"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (11)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL POST HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL POST HTTP/2

IP

ASN

Requested by

Certificate