| sdk.51.la/js-sdk-pro.min.js | 47.246.44.243 | 200 OK | 13 kB |
URL GET HTTP/2sdk.51.la/js-sdk-pro.min.js IP47.246.44.243:443 ASN#24429 Zhejiang Taobao Network Co.,Ltd
Requested byhttps://cclickr.com/click/?lpkey=174815c5064583b525&uclick=gmj2a1&uclickhash=gmj2a1-gmj2a1-wj-0-wj-lpbl-q5-033590 CertificateIssuerGlobalSign nv-sa Subject*.51.la Fingerprint9E:F3:EB:9A:59:E9:6D:6E:48:13:64:78:3C:33:1D:AA:79:52:5B:79 ValidityThu, 20 Apr 2023 01:12:57 GMT - Tue, 21 May 2024 01:12:56 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (34110) Hash24bb520e9517f2ed3ed987b46aeaf723 846723563d7dd2bff3954f93633b11af0103adc8 d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cclickr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 12846
date: Sun, 28 Apr 2024 20:09:00 GMT
x-oss-request-id: 662EACDCE144DC3230A0C500
x-oss-cdn-auth: success
x-oss-object-type: Normal
x-oss-storage-class: Standard
content-md5: JLtSDpUX8u0+2Ye0aur3Iw==
x-oss-server-time: 3
ali-swift-global-savetime: 1714334940
via: cache15.l2de2[0,0,304-0,H], cache8.l2de2[1,0], ens-cache18.se2[0,0,200-0,H], ens-cache6.se2[0,0]
accept-ranges: bytes
vary: Accept-Encoding
last-modified: Thu, 08 Jun 2023 02:24:34 GMT
x-oss-hash-crc64ecma: 5143829838470429443
content-encoding: gzip
age: 733125
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Tue, 07 May 2024 06:00:54 GMT
x-swift-cachetime: 569286
access-control-allow-origin: *
timing-allow-origin: *
eagleid: 2ff62c9a17150680654705810e
X-Firefox-Spdy: h2
|
|
| redrotou.net/zone?&pub=0&zone_id=4890055&is_mobile=false&domain=cclickr.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=86ad7d98-c534-49a7-ae1f-21e660a3f92f&action=prerequest | 139.45.197.251 | | 0 B |
URL redrotou.net/zone?&pub=0&zone_id=4890055&is_mobile=false&domain=cclickr.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=86ad7d98-c534-49a7-ae1f-21e660a3f92f&action=prerequest IP139.45.197.251:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /zone?&pub=0&zone_id=4890055&is_mobile=false&domain=cclickr.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=86ad7d98-c534-49a7-ae1f-21e660a3f92f&action=prerequest HTTP/1.1
Host: redrotou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cclickr.com
DNT: 1
Connection: keep-alive
Referer: https://cclickr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:47:45 GMT
content-length: 0
x-trace-id: 5f9065d1724d8251fae853bb8e3c22bf
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://cclickr.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 0 B |
IP139.45.197.250:443
Requested byhttps://cclickr.com/click/?lpkey=174815c5064583b525&uclick=gmj2a1&uclickhash=gmj2a1-gmj2a1-wj-0-wj-lpbl-q5-033590 CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cclickr.com/
Origin: https://cclickr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:47:45 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://cclickr.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| cclickr.com/push1.js | 43.130.43.76 | | 15 kB |
IP43.130.43.76:0 ASN#132203 Tencent Building, Kejizhongyi Avenue
File typegzip compressed data, from Unix Hashb8d6a54651adae71dad9522d2c3b8a0f ad6a300cbbe0aa037ad21ae32de5cb2ee4b2e82f 071f9765b8f67998bba47b7efd193a53fd6a3f25098c40c4a30d6c57d13e2aa7
GET /push1.js HTTP/1.1
Host: cclickr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cclickr.com/click/?lpkey=174815c5064583b525&uclick=gmj2a1&uclickhash=gmj2a1-gmj2a1-wj-0-wj-lpbl-q5-033590
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:47:45 GMT
content-type: application/javascript
last-modified: Fri, 03 Nov 2023 04:46:55 GMT
vary: Accept-Encoding
etag: W/"65447b3f-486"
expires: Tue, 07 May 2024 19:47:45 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://cclickr.com/click/?lpkey=174815c5064583b525&uclick=gmj2a1&uclickhash=gmj2a1-gmj2a1-wj-0-wj-lpbl-q5-033590 CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 332
Origin: https://cclickr.com
DNT: 1
Connection: keep-alive
Referer: https://cclickr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:47:45 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 06c49aee8e7a2d7c4295fbf49917bf63
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://cclickr.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 94 B |
IP139.45.197.250:443
Requested byhttps://cclickr.com/click/?lpkey=174815c5064583b525&uclick=gmj2a1&uclickhash=gmj2a1-gmj2a1-wj-0-wj-lpbl-q5-033590 CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hashecb8eb366870ef6445525bc6b3e72159 32dc70a66d698aa19309fdecc761e0414e35f0ac 3d496a49434fda6bb4b8fa6203ef90e7f461aca9873d3afbb98b8c5ee2ca50ee
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cclickr.com/
Content-Type: application/json
Content-Length: 957
Origin: https://cclickr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:47:45 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://cclickr.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://cclickr.com/click/?lpkey=174815c5064583b525&uclick=gmj2a1&uclickhash=gmj2a1-gmj2a1-wj-0-wj-lpbl-q5-033590 CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 333
Origin: https://cclickr.com
DNT: 1
Connection: keep-alive
Referer: https://cclickr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:47:45 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: e8c5c55e6904b2982b06b12f22fad4ef
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://cclickr.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| cclickr.com/sw-check-permissions-39082.js?zoneId=4890055 | 43.130.43.76 | 200 OK | 566 B |
URL GET HTTP/2cclickr.com/sw-check-permissions-39082.js?zoneId=4890055 IP43.130.43.76:443 ASN#132203 Tencent Building, Kejizhongyi Avenue
Requested byhttps://cclickr.com/click/?lpkey=174815c5064583b525&uclick=gmj2a1&uclickhash=gmj2a1-gmj2a1-wj-0-wj-lpbl-q5-033590 CertificateIssuerLet's Encrypt Subjectcclickr.com Fingerprint59:89:4F:7F:D7:1C:D7:69:A7:9C:FA:4F:A4:06:02:FA:92:08:C2:94 ValiditySat, 04 May 2024 04:44:08 GMT - Fri, 02 Aug 2024 04:44:07 GMT
Hashabe744ee08b268ba24d317fc9d4c6017 9d72aed0a058ca5e4a8e739df5a4e2aa7ec7f25e 8d003bd79298b6413790b60e6440f340f852ab147d7e4c90e9de5e7f9b7e5ab6
GET /sw-check-permissions-39082.js?zoneId=4890055 HTTP/1.1
Host: cclickr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://cclickr.com/click/?lpkey=174815c5064583b525&uclick=gmj2a1&uclickhash=gmj2a1-gmj2a1-wj-0-wj-lpbl-q5-033590
Cookie: __vtins__Jmob0jx6GjvoH3MT=%7B%22sid%22%3A%20%2273db30c0-9d1c-5b54-9eb3-93b749f12fd9%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201715069865568%2C%20%22ct%22%3A%201715068065568%7D; __51uvsct__Jmob0jx6GjvoH3MT=1; __51vcke__Jmob0jx6GjvoH3MT=45f91326-9736-54d8-9c43-4269f5f64edf; __51vuft__Jmob0jx6GjvoH3MT=1715068065575
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:47:45 GMT
content-type: application/javascript
content-length: 566
last-modified: Tue, 16 Apr 2024 13:24:52 GMT
etag: "661e7c24-236"
expires: Tue, 07 May 2024 19:47:45 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cclickr.com/favicon.ico | 43.130.43.76 | | 146 B |
IP43.130.43.76:0 ASN#132203 Tencent Building, Kejizhongyi Avenue
File typeHTML document, ASCII text, with CRLF line terminators Hash8eec510e57f5f732fd2cce73df7b73ef 3c0af39ecb3753c5fee3b53d063c7286019eac3b 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /favicon.ico HTTP/1.1
Host: cclickr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cclickr.com/click/?lpkey=174815c5064583b525&uclick=gmj2a1&uclickhash=gmj2a1-gmj2a1-wj-0-wj-lpbl-q5-033590
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 07 May 2024 07:47:46 GMT
content-type: text/html
content-length: 146
X-Firefox-Spdy: h2
|
|
| collect-v6.51.la/v6/collect?dt=4 | 203.107.86.226 | | 0 B |
URL collect-v6.51.la/v6/collect?dt=4 IP203.107.86.226:0 ASN#37963 Hangzhou Alibaba Advertising Co.,Ltd.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 310
Origin: https://cclickr.com
DNT: 1
Connection: keep-alive
Referer: https://cclickr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403
Date: Tue, 07 May 2024 07:47:46 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: aliyungf_tc=2fa312b9c6c9d1ce00a8c42aeef6d250bf9c1b3794a2df24cf5ecd511195f3d9; Path=/; HttpOnly
acw_tc=ac11000117150680666242511e8ac47138c5bd6c6b8564ea7c4fee1334363a;path=/;HttpOnly;Max-Age=1800
Server: nginx
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: https://cclickr.com
Access-Control-Allow-Credentials: true
|
|
| redrotou.net/pfe/current/micro.tag.min.js?z=4890055&sw=/sw-check-permissions-39082.js | 139.45.197.251 | 200 OK | 37 kB |
URL GET HTTP/2redrotou.net/pfe/current/micro.tag.min.js?z=4890055&sw=/sw-check-permissions-39082.js IP139.45.197.251:443
Requested byhttps://cclickr.com/click/?lpkey=174815c5064583b525&uclick=gmj2a1&uclickhash=gmj2a1-gmj2a1-wj-0-wj-lpbl-q5-033590 CertificateIssuerLet's Encrypt Subjectredrotou.net Fingerprint39:B1:42:2F:2E:C9:93:68:DA:9E:0F:4B:F8:AF:00:35:BA:E4:5D:5F ValidityFri, 05 Apr 2024 05:17:56 GMT - Thu, 04 Jul 2024 05:17:55 GMT
File typeJavaScript source, ASCII text, with very long lines (37142), with no line terminators Hash32d6dbd00a639e2cd10d1704b9159bd5 0dab4c95675393f1d0e13d20f13d80ee12e41d95 9f339e5efd7c959419a4e86bb4c5e9f07eae2ed839484846157be981917743de
GET /pfe/current/micro.tag.min.js?z=4890055&sw=/sw-check-permissions-39082.js HTTP/1.1
Host: redrotou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cclickr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:47:45 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 10:48:51 GMT
etag: W/"662a3513-9116"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|