urlquery - report: diractclicker.com/survey/CO/Claro/

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	Sent bytes	Received bytes	IP
teleforum.site (1)	0	2022-12-22 21:47:10	2023-05-26 01:23:19	440	0	0.0.0.0
diractclicker.com (11)	0	2022-11-15 14:46:30	2023-05-26 06:24:50	4963	245322	138.68.64.85
oungimuk.net (2)	335656	2021-02-10 05:25:40	2023-05-26 05:16:43	998	42681	139.45.197.251

Scan Date	Severity	Indicator	Comment
2023-05-26	medium	diractclicker.com/survey/CO/Claro/	Phishing
2023-05-26	medium	diractclicker.com/survey/CO/Claro/jquery-3.4.1.min.js	Phishing
2023-05-26	medium	diractclicker.com/survey/CO/Claro/tag.min.js	Phishing
2023-05-26	medium	diractclicker.com/sw-check-permissions-f6451.js	Phishing
2023-05-26	medium	diractclicker.com/survey/CO/Claro/	Phishing

Date	UQ / IDS / BL	URL	IP
2023-05-26 20:42:18 UTC	0 - 0 - 7	diractclicker.com/survey/TH/Chest-DTAC/	138.68.64.85
2023-05-26 20:38:42 UTC	0 - 0 - 7	diractclicker.com/survey/MX/ATT/	138.68.64.85
2023-05-26 20:08:22 UTC	0 - 0 - 7	diractclicker.com/survey/ML/Orange/	138.68.64.85
2023-05-26 16:58:27 UTC	0 - 0 - 7	diractclicker.com/survey/SA/Chest-STC/	138.68.64.85
2023-05-26 15:58:20 UTC	0 - 0 - 6	diractclicker.com/survey/NG/Chest-Airtel/	138.68.64.85

Date	UQ / IDS / BL	URL	IP
2023-06-03 23:52:05 UTC	3 - 0 - 9	bafybeidalcgaj4ol4ls5exxbksgv6xhwguxgjfgt3pjr (...)	167.99.28.56
2023-06-03 23:45:47 UTC	0 - 6 - 0	lactans.serveo.net/	159.89.214.31
2023-06-03 23:20:39 UTC	0 - 10 - 0	tiny.cc/tdbank016?06	157.245.113.153
2023-06-03 23:20:30 UTC	0 - 12 - 0	tiny.cc/tdbank0016?33	157.245.113.153
2023-06-03 22:22:00 UTC	0 - 0 - 4	90reto9ndk.projects.webpages.one/	143.198.248.15

Date	UQ / IDS / BL	URL	IP
2023-05-26 20:42:18 UTC	0 - 0 - 7	diractclicker.com/survey/TH/Chest-DTAC/	138.68.64.85
2023-05-26 20:38:42 UTC	0 - 0 - 7	diractclicker.com/survey/MX/ATT/	138.68.64.85
2023-05-26 20:08:22 UTC	0 - 0 - 7	diractclicker.com/survey/ML/Orange/	138.68.64.85
2023-05-26 16:58:27 UTC	0 - 0 - 7	diractclicker.com/survey/SA/Chest-STC/	138.68.64.85
2023-05-26 15:58:20 UTC	0 - 0 - 6	diractclicker.com/survey/NG/Chest-Airtel/	138.68.64.85

Date	UQ / IDS / BL	URL	IP
2023-05-29 01:17:01 UTC	0 - 0 - 7	piggieflures.com/survey/MX/ATT/	178.128.197.244
2023-05-28 12:21:10 UTC	0 - 0 - 7	piggieflures.com/survey/MX/ATT/	178.128.197.244
2023-05-26 20:38:42 UTC	0 - 0 - 7	diractclicker.com/survey/MX/ATT/	138.68.64.85
2023-05-25 19:58:12 UTC	0 - 0 - 5	telestellar.space/survey/MX/Virgin/	209.38.193.54
2023-05-25 14:37:20 UTC	0 - 0 - 5	telestellar.space/survey/CL/Entel/	209.38.193.54

Request	Response
GET /survey/CO/Claro/ HTTP/1.1 Host: diractclicker.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache	138.68.64.85 HTTP/1.1 200 OK Content-Type: text/html Server: nginx/1.18.0 (Ubuntu) Date: Fri, 26 May 2023 14:58:19 GMT Last-Modified: Fri, 26 May 2023 03:42:45 GMT Transfer-Encoding: chunked Connection: keep-alive ETag: W/"64702ab5-291c" Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (462) Size: 3900 Md5: 895f3a4b1b668bced638b43af34408b6 Sha1: a53d0f857285d6009b580ddeb2c750cf1132a703 Sha256: 61f465d2ae716d5b9c77b75f10329eed913044ae78f7bb540317b4caf591473e Blocklists: - fortinet: Phishing
GET /survey/CO/Claro/jquery-3.4.1.min.js HTTP/1.1 Host: diractclicker.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://diractclicker.com/survey/CO/Claro/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache	138.68.64.85 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx/1.18.0 (Ubuntu) Date: Fri, 26 May 2023 14:58:20 GMT Content-Length: 88145 Last-Modified: Fri, 26 May 2023 03:42:46 GMT Connection: keep-alive ETag: "64702ab6-15851" Accept-Ranges: bytes --- Additional Info --- Magic: ASCII text, with very long lines (65451) Size: 88145 Md5: 220afd743d9e9643852e31a135a9f3ae Sha1: 88523924351bac0b5d560fe0c5781e2556e7693d Sha256: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Blocklists: - fortinet: Phishing
GET /survey/CO/Claro/tag.min.js HTTP/1.1 Host: diractclicker.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://diractclicker.com/survey/CO/Claro/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache	138.68.64.85 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx/1.18.0 (Ubuntu) Date: Fri, 26 May 2023 14:58:20 GMT Content-Length: 14602 Last-Modified: Fri, 26 May 2023 03:42:45 GMT Connection: keep-alive ETag: "64702ab5-390a" Accept-Ranges: bytes --- Additional Info --- Magic: C source, ASCII text, with very long lines (14602), with no line terminators Size: 14602 Md5: 87d9472427b55ed4521f876551ea39d7 Sha1: d6bd6818ed1f0976b65f3c8e6edaeedc498e512c Sha256: f94100399b8b590ac26643f021f2768189cc24ba1de5cd09871b6288b0dbe8b7 Blocklists: - fortinet: Phishing
GET /survey/CO/Claro/main.css HTTP/1.1 Host: diractclicker.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://diractclicker.com/survey/CO/Claro/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache	138.68.64.85 HTTP/1.1 200 OK Content-Type: text/css Server: nginx/1.18.0 (Ubuntu) Date: Fri, 26 May 2023 14:58:20 GMT Content-Length: 62816 Last-Modified: Fri, 26 May 2023 03:42:46 GMT Connection: keep-alive ETag: "64702ab6-f560" Accept-Ranges: bytes --- Additional Info --- Magic: ASCII text, with very long lines (62816), with no line terminators Size: 62816 Md5: 46cd9d8d7e49040a70de1cee11d60163 Sha1: b7da6ef378af1cd4f8f4da79b3764a7e6ec4df0b Sha256: b8345641e409fcada471fc750b47371dbf7cd40e626c3ddfde068a31bd5ab91c
GET /survey/CO/Claro/env_prize.png HTTP/1.1 Host: diractclicker.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://diractclicker.com/survey/CO/Claro/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache	138.68.64.85 HTTP/1.1 200 OK Content-Type: image/png Server: nginx/1.18.0 (Ubuntu) Date: Fri, 26 May 2023 14:58:20 GMT Content-Length: 35155 Last-Modified: Fri, 26 May 2023 03:42:47 GMT Connection: keep-alive ETag: "64702ab7-8953" Accept-Ranges: bytes --- Additional Info --- Magic: PNG image data, 257 x 191, 8-bit/color RGBA, non-interlaced\012- data Size: 35155 Md5: 1e7bcb1a18bc4e6d90a733511ce5e3a9 Sha1: ff92daadeeb9c714201cddeb934c3d747a0e6b64 Sha256: 104b93b2fdd292d3800dab20a05d02cb100f3020752b3179a446cf67a4d5fd95
GET /survey/CO/Claro/env_closed.png HTTP/1.1 Host: diractclicker.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://diractclicker.com/survey/CO/Claro/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache	138.68.64.85 HTTP/1.1 200 OK Content-Type: image/png Server: nginx/1.18.0 (Ubuntu) Date: Fri, 26 May 2023 14:58:20 GMT Content-Length: 2537 Last-Modified: Fri, 26 May 2023 03:42:47 GMT Connection: keep-alive ETag: "64702ab7-9e9" Accept-Ranges: bytes --- Additional Info --- Magic: PNG image data, 257 x 184, 8-bit colormap, non-interlaced\012- data Size: 2537 Md5: 9adbaf1f271f2921d941cfc431705ff0 Sha1: e82f0ee057bac2525d8558c431995b4f59f3a897 Sha256: ec8362f7adbe35e42507491256929b59a8af11a8b369bc800f778b834e411abf
GET /survey/CO/Claro/menu.png HTTP/1.1 Host: diractclicker.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://diractclicker.com/survey/CO/Claro/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache	138.68.64.85 HTTP/1.1 200 OK Content-Type: image/png Server: nginx/1.18.0 (Ubuntu) Date: Fri, 26 May 2023 14:58:20 GMT Content-Length: 409 Last-Modified: Fri, 26 May 2023 03:42:47 GMT Connection: keep-alive ETag: "64702ab7-199" Accept-Ranges: bytes --- Additional Info --- Magic: PNG image data, 96 x 34, 8-bit/color RGB, non-interlaced\012- data Size: 409 Md5: 4a98f87225fd8e0f1a430a48c0434ac8 Sha1: be7960d7d9fc8055ed0f7ac3ba2dd8a468489b2f Sha256: 41d97f40faf1d359aae3802433ea5ddf2931ee9dff59c6e55e43b03f2048ad8f
GET /survey/CO/Claro/logo.png HTTP/1.1 Host: diractclicker.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://diractclicker.com/survey/CO/Claro/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache	138.68.64.85 HTTP/1.1 200 OK Content-Type: image/png Server: nginx/1.18.0 (Ubuntu) Date: Fri, 26 May 2023 14:58:20 GMT Content-Length: 30447 Last-Modified: Fri, 26 May 2023 03:42:47 GMT Connection: keep-alive ETag: "64702ab7-76ef" Accept-Ranges: bytes --- Additional Info --- Magic: PNG image data, 1200 x 435, 8-bit/color RGBA, non-interlaced\012- data Size: 30447 Md5: 567ff3e4b064750bb27b5882cdc1d3a4 Sha1: feb8671f0c6d4709826f5d9a021ec899bfd369d9 Sha256: 4675a91777561d9ab9ff10bc1d92faadedf054e043c461a9a8487f0dd15ac894
GET /survey/CO/Claro/top_r.png HTTP/1.1 Host: diractclicker.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://diractclicker.com/survey/CO/Claro/main.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache	138.68.64.85 HTTP/1.1 404 Not Found Content-Type: text/html Server: nginx/1.18.0 (Ubuntu) Date: Fri, 26 May 2023 14:58:20 GMT Transfer-Encoding: chunked Connection: keep-alive Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 123 Md5: 1b7c22a214949975556626d7217e9a39 Sha1: d01c97e2944166ed23e47e4a62ff471ab8fa031f Sha256: 340c8464c2007ce3f80682e15dfafa4180b641d53c14201b929906b7b0284d87
GET /sw-check-permissions-f6451.js HTTP/1.1 Host: diractclicker.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-Moz: prefetch DNT: 1 Connection: keep-alive Referer: https://diractclicker.com/survey/CO/Claro/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache	138.68.64.85 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx/1.18.0 (Ubuntu) Date: Fri, 26 May 2023 14:58:20 GMT Content-Length: 566 Last-Modified: Fri, 26 May 2023 03:36:41 GMT Connection: keep-alive ETag: "64702949-236" Accept-Ranges: bytes --- Additional Info --- Magic: Java source, ASCII text Size: 566 Md5: 0702e0ed99b8c0592873f6730041cc82 Sha1: fad9bd352b4e3d5d1a4ea69dd929d52067ca8305 Sha256: 9988a6fd4fd7a7b05e21b6ace3d756a989f4d79023dadb34fac95c09fbdf4a2a Blocklists: - fortinet: Phishing
POST /zone?&pub=0&zone_id=5857532&is_mobile=false&domain=diractclicker.com&var=&ymid=&var_3=&var_4=&dsig=&action=prerequest HTTP/1.1 Host: oungimuk.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://diractclicker.com DNT: 1 Connection: keep-alive Referer: https://diractclicker.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0 TE: trailers	139.45.197.251 HTTP/2 200 OK server: nginx date: Fri, 26 May 2023 14:58:20 GMT content-length: 0 x-trace-id: ad33329c6b2b9eef915b69e1c3e2508d access-control-allow-origin: https://diractclicker.com access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /survey/CO/Claro/ HTTP/1.1 Host: diractclicker.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache	138.68.64.85 HTTP/1.1 200 OK Content-Type: text/html Server: nginx/1.18.0 (Ubuntu) Date: Fri, 26 May 2023 14:58:34 GMT Last-Modified: Fri, 26 May 2023 03:42:45 GMT Transfer-Encoding: chunked Connection: keep-alive ETag: W/"64702ab5-291c" Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (462) Size: 3900 Md5: 895f3a4b1b668bced638b43af34408b6 Sha1: a53d0f857285d6009b580ddeb2c750cf1132a703 Sha256: 61f465d2ae716d5b9c77b75f10329eed913044ae78f7bb540317b4caf591473e Blocklists: - fortinet: Phishing
GET /zaenvvodacom/favicon.ico HTTP/1.1 Host: teleforum.site User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://diractclicker.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache
GET /pfe/current/micro.tag.min.js?z=5857532&sw=/sw-check-permissions-f6451.js HTTP/1.1 Host: oungimuk.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://diractclicker.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache	139.45.197.251 HTTP/2 200 OK content-type: application/javascript server: nginx date: Fri, 26 May 2023 14:58:20 GMT last-modified: Thu, 11 May 2023 14:20:13 GMT etag: W/"645cf99d-a3fb" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: C source, ASCII text, with very long lines (41979), with no line terminators Size: 41979 Md5: d44fd7b96fceca8f81b472766025d0d2 Sha1: 237541097413baf5cd3e703413f8bc9ea538a4db Sha256: b6c7c1e7fb1a437f100bdcb253df8b0468f130835fbb82c5687505a099997d16

                                        
                                            GET /survey/CO/Claro/ HTTP/1.1 

                                        
                                            
Host: diractclicker.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
DNT: 1 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                        
                                             138.68.64.85

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
Content-Type: text/html

                                            

                                            
                                                
Server: nginx/1.18.0 (Ubuntu) 

                                            
                                                
Date: Fri, 26 May 2023 14:58:19 GMT 

                                            
                                                
Last-Modified: Fri, 26 May 2023 03:42:45 GMT 

                                            
                                                
Transfer-Encoding: chunked 

                                            
                                                
Connection: keep-alive 

                                            
                                                
ETag: W/"64702ab5-291c" 

                                            
                                                
Content-Encoding: gzip 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (462)

                                                Size:   3900

                                                Md5:    895f3a4b1b668bced638b43af34408b6

                                                Sha1:   a53d0f857285d6009b580ddeb2c750cf1132a703

                                                Sha256: 61f465d2ae716d5b9c77b75f10329eed913044ae78f7bb540317b4caf591473e

                                        

                                        
                                            

                                            

                                            
                                                Blocklists:

                                                
                                                      - fortinet: Phishing

                                        
                                            GET /survey/CO/Claro/jquery-3.4.1.min.js HTTP/1.1 

                                        
                                            
Host: diractclicker.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
DNT: 1 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://diractclicker.com/survey/CO/Claro/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                        
                                             138.68.64.85

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
Content-Type: application/javascript

                                            

                                            
                                                
Server: nginx/1.18.0 (Ubuntu) 

                                            
                                                
Date: Fri, 26 May 2023 14:58:20 GMT 

                                            
                                                
Content-Length: 88145 

                                            
                                                
Last-Modified: Fri, 26 May 2023 03:42:46 GMT 

                                            
                                                
Connection: keep-alive 

                                            
                                                
ETag: "64702ab6-15851" 

                                            
                                                
Accept-Ranges: bytes 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  ASCII text, with very long lines (65451)

                                                Size:   88145

                                                Md5:    220afd743d9e9643852e31a135a9f3ae

                                                Sha1:   88523924351bac0b5d560fe0c5781e2556e7693d

                                                Sha256: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

                                        

                                        
                                            

                                            

                                            
                                                Blocklists:

                                                
                                                      - fortinet: Phishing

                                        
                                            GET /survey/CO/Claro/tag.min.js HTTP/1.1 

                                        
                                            
Host: diractclicker.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
DNT: 1 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://diractclicker.com/survey/CO/Claro/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                        
                                             138.68.64.85

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
Content-Type: application/javascript

                                            

                                            
                                                
Server: nginx/1.18.0 (Ubuntu) 

                                            
                                                
Date: Fri, 26 May 2023 14:58:20 GMT 

                                            
                                                
Content-Length: 14602 

                                            
                                                
Last-Modified: Fri, 26 May 2023 03:42:45 GMT 

                                            
                                                
Connection: keep-alive 

                                            
                                                
ETag: "64702ab5-390a" 

                                            
                                                
Accept-Ranges: bytes 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  C source, ASCII text, with very long lines (14602), with no line terminators

                                                Size:   14602

                                                Md5:    87d9472427b55ed4521f876551ea39d7

                                                Sha1:   d6bd6818ed1f0976b65f3c8e6edaeedc498e512c

                                                Sha256: f94100399b8b590ac26643f021f2768189cc24ba1de5cd09871b6288b0dbe8b7

                                        

                                        
                                            

                                            

                                            
                                                Blocklists:

                                                
                                                      - fortinet: Phishing

                                        
                                            GET /sw-check-permissions-f6451.js HTTP/1.1 

                                        
                                            
Host: diractclicker.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
X-Moz: prefetch 

                                        
                                            
DNT: 1 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://diractclicker.com/survey/CO/Claro/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                        
                                             138.68.64.85

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
Content-Type: application/javascript

                                            

                                            
                                                
Server: nginx/1.18.0 (Ubuntu) 

                                            
                                                
Date: Fri, 26 May 2023 14:58:20 GMT 

                                            
                                                
Content-Length: 566 

                                            
                                                
Last-Modified: Fri, 26 May 2023 03:36:41 GMT 

                                            
                                                
Connection: keep-alive 

                                            
                                                
ETag: "64702949-236" 

                                            
                                                
Accept-Ranges: bytes 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  Java source, ASCII text

                                                Size:   566

                                                Md5:    0702e0ed99b8c0592873f6730041cc82

                                                Sha1:   fad9bd352b4e3d5d1a4ea69dd929d52067ca8305

                                                Sha256: 9988a6fd4fd7a7b05e21b6ace3d756a989f4d79023dadb34fac95c09fbdf4a2a

                                        

                                        
                                            

                                            

                                            
                                                Blocklists:

                                                
                                                      - fortinet: Phishing

                                        
                                            GET /survey/CO/Claro/ HTTP/1.1 

                                        
                                            
Host: diractclicker.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                        
                                             138.68.64.85

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
Content-Type: text/html

                                            

                                            
                                                
Server: nginx/1.18.0 (Ubuntu) 

                                            
                                                
Date: Fri, 26 May 2023 14:58:34 GMT 

                                            
                                                
Last-Modified: Fri, 26 May 2023 03:42:45 GMT 

                                            
                                                
Transfer-Encoding: chunked 

                                            
                                                
Connection: keep-alive 

                                            
                                                
ETag: W/"64702ab5-291c" 

                                            
                                                
Content-Encoding: gzip 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (462)

                                                Size:   3900

                                                Md5:    895f3a4b1b668bced638b43af34408b6

                                                Sha1:   a53d0f857285d6009b580ddeb2c750cf1132a703

                                                Sha256: 61f465d2ae716d5b9c77b75f10329eed913044ae78f7bb540317b4caf591473e

                                        

                                        
                                            

                                            

                                            
                                                Blocklists:

                                                
                                                      - fortinet: Phishing

URL	diractclicker.com/survey/CO/Claro/
IP	138.68.64.85 (Germany)
ASN	#14061 DIGITALOCEAN-ASN
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Access	public
Report completed	2023-05-26 14:58:37 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	5
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (3)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 138.68.64.85

Last 5 reports on ASN: DIGITALOCEAN-ASN

Last 5 reports on domain: diractclicker.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (8)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (14)

Overview

Domain Summary (3)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 138.68.64.85

Last 5 reports on ASN: DIGITALOCEAN-ASN

Last 5 reports on domain: diractclicker.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (8)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (14)

Network Intrusion Detection Systems