www.clicktogo.xyz Open in urlscan Pro
2a06:98c1:3120::3  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.clicktogo.xyz/tk/	46 KB 9 KB	490ms 344ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.clicktogo.xyz/tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 70c60c4d51627cbe2a06d41a3db8726dcd7a745de09eaca0032da807cfe2c543 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8b2534ea296c1c08-AMS content-encoding br content-type text/html date Tue, 13 Aug 2024 02:17:04 GMT last-modified Tue, 18 Jun 2024 15:33:11 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DXBK6Z09GZAU0uvS1BH0Nhe0Q3ib0oPrbgL4oM1Gu%2B%2BgP7dRp4dPeVCsq%2FrgwwNbLl8v%2FLG%2F2xWICdf49utbAcXE7OFRq8VJH%2BYMzCcnKUPjkbjCB%2Fx6ez6pgSNPVX8gC60SWwU9sr2xrcaIh7AsQw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-turbo-charged-by LiteSpeed
GET H2	200	js Show response www.googletagmanager.com/gtag/	237 KB 85 KB	1418ms 68ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-QHGNBZWC2Y Requested by Host: www.clicktogo.xyz URL: https://www.clicktogo.xyz/tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 128da509b5541fda33404b48762bd6c8004b4bf0c55f7718bf3f93e5e9c465d3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 02:17:06 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 87064 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 13 Aug 2024 02:17:06 GMT
GET H2	200	1610818123b298bd56d5920c580e4b88eacbdd5b2e.png www.clicktogo.xyz/tk/d13pxqgp3ixdbh.cloudfront.net/uploads/	23 KB 23 KB	34ms 33ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.clicktogo.xyz/tk/d13pxqgp3ixdbh.cloudfront.net/uploads/1610818123b298bd56d5920c580e4b88eacbdd5b2e.png Requested by Host: www.clicktogo.xyz URL: https://www.clicktogo.xyz/tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash de33a06cba6bccba296d85ad8b6bdca39b147ee3489ceab4dedcecfd107e84b8 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 02:17:04 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 128086 alt-svc h3=":443"; ma=86400 content-length 23337 last-modified Tue, 18 Jun 2024 15:33:11 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rkfd51GrRR1oeiRUrDOOMwcf6ARAftlq%2Fab5DyRaOEam7S654h1xaiIlWtp7SBrBQrM9OqkbgVF51D8FACSu7RSnNt8Uz6Hj0RuoJQjKyHwrYcuiGDzorXc5YZXmWhCFXkx%2BLfDygKfD7T2XddNrLg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 8b2534ec5a6f1c08-AMS expires Sun, 18 Aug 2024 14:42:18 GMT
GET H2	200	16361995774d2af7290e6da427a774dffad963eec0.png www.clicktogo.xyz/tk/d13pxqgp3ixdbh.cloudfront.net/uploads/	9 KB 9 KB	27ms 26ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.clicktogo.xyz/tk/d13pxqgp3ixdbh.cloudfront.net/uploads/16361995774d2af7290e6da427a774dffad963eec0.png Requested by Host: www.clicktogo.xyz URL: https://www.clicktogo.xyz/tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 38ad0eff2bf480bfe14b99303a49244602cc007afa86bdd5f0a75bb6157f48da Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 02:17:04 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 128086 alt-svc h3=":443"; ma=86400 content-length 9137 last-modified Tue, 18 Jun 2024 15:33:11 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dAbYzC%2B4Crc9ZREHX8N6QKASbz46FJgGbV9n2RS78rDkOLaU5ALddQOOtsixR8cdlUVHQbDhVSOcn3ELBVkJ1PajxTAUB6skfsdoFHzSZLSW95T%2F7PIv0sFKthu41txMQhN3sx%2FonQPmBHVNoj0AvQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 8b2534ec5a701c08-AMS expires Sun, 18 Aug 2024 14:42:18 GMT
GET H3	200	1636471537cc9c306f7c389c185189bf3daf7260c1.png www.clicktogo.xyz/tk/d13pxqgp3ixdbh.cloudfront.net/uploads/	69 KB 69 KB	1326ms 1326ms	Image image/png	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.clicktogo.xyz/tk/d13pxqgp3ixdbh.cloudfront.net/uploads/1636471537cc9c306f7c389c185189bf3daf7260c1.png Requested by Host: www.clicktogo.xyz URL: https://www.clicktogo.xyz/tk/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e59b05fd8cb982e4eb8b2b6b633dab1c55780ee4767e2f32f7bf0f694e1e8db3 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 02:17:06 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 128088 alt-svc h3=":443"; ma=86400 content-length 70215 last-modified Tue, 18 Jun 2024 15:33:11 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=delJvpWPUq7WVk14hdUMEJFfLT5RSfcaGJiH8RaMp4asJXi0PZ3m2V7cxYGqDdACHyS10QtIRuTgWbu%2FigPbh0wF4OkO0pN8C5PCAgkUiUetmxMQVJB%2F5NUCi%2FYSOIlp%2FZPxmQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 8b2534f4ae601c9e-AMS expires Sun, 18 Aug 2024 14:42:18 GMT
GET H3	200	1636472786ee1905a53e0b903bb72600a288d20d03.png www.clicktogo.xyz/tk/d13pxqgp3ixdbh.cloudfront.net/uploads/	48 KB 49 KB	1315ms 1314ms	Image image/png	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.clicktogo.xyz/tk/d13pxqgp3ixdbh.cloudfront.net/uploads/1636472786ee1905a53e0b903bb72600a288d20d03.png Requested by Host: www.clicktogo.xyz URL: https://www.clicktogo.xyz/tk/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 17c75e2e71a9b6ca2bd024f7cb0d5c13ebb53f1a1c319d3fdbbfaf79ab24c1a3 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 02:17:06 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 128088 alt-svc h3=":443"; ma=86400 content-length 49131 last-modified Tue, 18 Jun 2024 15:33:11 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=46A%2B%2FD77J5ScZu5AbumfmMX%2Bdzt3wQLgTHB6LjGUeM8BsR2qDyjnjd2vRI%2BrlEWoqo020M5RLp3RKs%2BP6D6CnjB5z2gz1KrvBT1owgCMfHiKA%2FG4kFV7X63V%2B5RhC%2F2mVa6doQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 8b2534f4ae611c9e-AMS expires Sun, 18 Aug 2024 14:42:18 GMT
GET H3	200	1635653021ac61a7aa31f58b94c30339f142fa4242.png www.clicktogo.xyz/tk/d13pxqgp3ixdbh.cloudfront.net/uploads/	16 KB 16 KB	1381ms 1380ms	Image image/png	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.clicktogo.xyz/tk/d13pxqgp3ixdbh.cloudfront.net/uploads/1635653021ac61a7aa31f58b94c30339f142fa4242.png Requested by Host: www.clicktogo.xyz URL: https://www.clicktogo.xyz/tk/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 33339f3bc6836ed71dfd3e10d149b673d1f3fdc4f8bbc46226e04d43b4702ee7 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 02:17:06 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 128087 alt-svc h3=":443"; ma=86400 content-length 16335 last-modified Tue, 18 Jun 2024 15:33:11 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N1o9azQSmFY8srUehSZCGBvHNLqwvTGvoyDBWLnlVTKq9OqqyOeih8TEToDw9Iugwi16KShseLWkjnEQ2BNuW8KoEvVgfMQVocK6o%2BjrHC5Wg31tlOTpkNhVsNqj80tL5PuD8w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 8b2534f4ae661c9e-AMS expires Sun, 18 Aug 2024 14:42:19 GMT
GET H3	200	163542468278c021e06cc778d4aef36f80e47413a2.gif www.clicktogo.xyz/tk/d13pxqgp3ixdbh.cloudfront.net/uploads/	49 KB 50 KB	1382ms 1382ms	Image image/gif	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.clicktogo.xyz/tk/d13pxqgp3ixdbh.cloudfront.net/uploads/163542468278c021e06cc778d4aef36f80e47413a2.gif Requested by Host: www.clicktogo.xyz URL: https://www.clicktogo.xyz/tk/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c932bbb1439415184a6a2fa36b2a251d4eecaee2eef0bf954f78fe4e5f768780 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 02:17:06 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 128087 alt-svc h3=":443"; ma=86400 content-length 50587 last-modified Tue, 18 Jun 2024 15:33:11 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UsY6uzxZ8Cap3nmgqg4ZUcwuyPl7wMbfsL1h9h07liAftqsc97YsBrVgduwVHEARVW3B1Ao4Qr%2B7xOlI%2BHOhpEJ%2FwoN2gFgWk7RQ15zYz9CthpRxkE0zOWVnHbZmD5JFWvdEWA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 8b2534f4ae681c9e-AMS expires Sun, 18 Aug 2024 14:42:19 GMT
GET H3	200	jquery.min.js Show response www.clicktogo.xyz/tk/ajax.googleapis.com/ajax/libs/jquery/2.2.4/	84 KB 31 KB	1324ms 1323ms	Script text/javascript	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.clicktogo.xyz/tk/ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js Requested by Host: www.clicktogo.xyz URL: https://www.clicktogo.xyz/tk/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 02:17:06 GMT content-encoding br cf-cache-status HIT last-modified Tue, 18 Jun 2024 15:33:11 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3525 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P6DVRy%2FQYq%2BJLFVT1TwGpquU2ir569jkE%2Fmmhao5qh9eOzfdP9dMV4IsJXETAZ%2FFZ8PDvYsviBLkg%2FdQkrp3LnrlEnW12ltMIJIbLsyuolCOslSbj8%2F8j58CsQRDM8m5F7ND%2BA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 x-turbo-charged-by LiteSpeed cf-ray 8b2534f4ae631c9e-AMS alt-svc h3=":443"; ma=86400
GET H3	200	9d1fe20.js Show response www.clicktogo.xyz/tk/dby7kx9z9yzse.cloudfront.net/	23 KB 7 KB	1377ms 1376ms	Script text/javascript	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.clicktogo.xyz/tk/dby7kx9z9yzse.cloudfront.net/9d1fe20.js Requested by Host: www.clicktogo.xyz URL: https://www.clicktogo.xyz/tk/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3b777391a3c099cecfb5faaf122ebe02899b22cff41b6faaec401fbb3373fa63 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 02:17:06 GMT content-encoding br cf-cache-status HIT last-modified Tue, 18 Jun 2024 15:33:11 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3525 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cWHhWIknVh3FJiJkdk6JZG0kaCsNOmM7hd8B1kmxhIntrV7WFwj8BpLGd1GdgJe%2BWuz%2Bt6AXekisTZdyi6vXyGkYZhmF5z%2FpJ80P7CXoL8hAmBuaBpv7Q81Kz%2FcKq1KrNrRfWg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 x-turbo-charged-by LiteSpeed cf-ray 8b2534f4ae651c9e-AMS alt-svc h3=":443"; ma=86400
GET H2	200	/ www.clicktogo.xyz/tk/	46 KB 46 KB	0ms 0ms	Image text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.clicktogo.xyz/tk/ Requested by Host: www.clicktogo.xyz URL: https://www.clicktogo.xyz/tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 02:17:04 GMT content-encoding br cf-cache-status DYNAMIC last-modified Tue, 18 Jun 2024 15:33:11 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DXBK6Z09GZAU0uvS1BH0Nhe0Q3ib0oPrbgL4oM1Gu%2B%2BgP7dRp4dPeVCsq%2FrgwwNbLl8v%2FLG%2F2xWICdf49utbAcXE7OFRq8VJH%2BYMzCcnKUPjkbjCB%2Fx6ez6pgSNPVX8gC60SWwU9sr2xrcaIh7AsQw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html x-turbo-charged-by LiteSpeed cf-ray 8b2534ea296c1c08-AMS alt-svc h3=":443"; ma=86400
GET		Pru33qjShpZSmG3z6VYwnRJtnKITppOI_IvcXXDNrsc.woff2 fonts.gstatic.com/s/roboto/v15/	0 0
GET H3	200	1638888285b91b6c227628b8cceac6f34770039923.jpg www.clicktogo.xyz/tk/d13pxqgp3ixdbh.cloudfront.net/uploads/	190 KB 191 KB	1395ms 1395ms	Image image/jpeg	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.clicktogo.xyz/tk/d13pxqgp3ixdbh.cloudfront.net/uploads/1638888285b91b6c227628b8cceac6f34770039923.jpg Requested by Host: www.clicktogo.xyz URL: https://www.clicktogo.xyz/tk/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 91bde274413aef51ac375028742077140d75712772968ef99b8bae76196899f8 Request headers Referer https://www.clicktogo.xyz/tk/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 02:17:06 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 128088 alt-svc h3=":443"; ma=86400 content-length 194770 last-modified Tue, 18 Jun 2024 15:33:11 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iF2tOwWIqT3tGdulHdbGQbrNsG2kuYx5pr1Z6BPFH%2Fm1FH3A%2BjXsR3BAPEgmDH1dzzbqeHI6lA630FadMJoaAjjbp5un%2F3GqKVHh3PnkQYbX81j3BsKhSWBmJGHwFFfSh1rzrg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 8b2534f4ae691c9e-AMS expires Sun, 18 Aug 2024 14:42:18 GMT
GET H2	200	html.1448734.c5ffa.0.js Show response dwmsurhf1svv8.cloudfront.net/public/external/v2/	9 KB 9 KB	492ms 332ms	Script application/javascript	2600:9000:223d:4600:1b:9327:5500:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dwmsurhf1svv8.cloudfront.net/public/external/v2/html.1448734.c5ffa.0.js Requested by Host: www.clicktogo.xyz URL: https://www.clicktogo.xyz/tk/dby7kx9z9yzse.cloudfront.net/9d1fe20.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223d:4600:1b:9327:5500:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash 51e2f0308ffe75337b20f3251206763419550323e3dc670f77b0adf75dc320fe Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 02:17:06 GMT via 1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront) server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA56-P3 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type application/javascript x-amz-cf-id 7ucT1TWc3JvKOiuCwV2JKtN9rifoDY1VnO-Hxly3yobv366sJj5Rdg==
GET H2	200	css_front.css dwmsurhf1svv8.cloudfront.net/public/external/	6 KB 7 KB	477ms 318ms	Stylesheet text/css	2600:9000:223d:4600:1b:9327:5500:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dwmsurhf1svv8.cloudfront.net/public/external/css_front.css Requested by Host: www.clicktogo.xyz URL: https://www.clicktogo.xyz/tk/dby7kx9z9yzse.cloudfront.net/9d1fe20.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223d:4600:1b:9327:5500:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.48 () OpenSSL/1.0.2k-fips PHP/7.4.11 / Resource Hash a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 02:17:06 GMT via 1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront) last-modified Tue, 23 Jun 2020 20:06:47 GMT server Apache/2.4.48 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA56-P3 etag "19c4-5a8c5e62e9d0a" x-cache Miss from cloudfront content-type text/css accept-ranges bytes content-length 6596 x-amz-cf-id KYfw3i4314WqNKh2AgN7ux9uBQkJ1_CrRrT_FM7TfChs34nR2KNhpw==
GET H2	206	click.mp3 allfile.club/sound/	4 KB 4 KB	595ms 155ms	Media audio/mpeg	162.0.235.66 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://allfile.club/sound/click.mp3 Requested by Host: www.clicktogo.xyz URL: https://www.clicktogo.xyz/tk/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.235.66 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS business82-4.web-hosting.com Software LiteSpeed / Resource Hash 1f84733afdefb4b0ad2a0baabbfe453392aa11004a54dac336f412bd847c8807 Request headers Referer Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Range bytes=0- Response headers Content-Range bytes 0-4315/4316 date Tue, 13 Aug 2024 02:17:06 GMT last-modified Thu, 26 Nov 2020 15:57:08 GMT server LiteSpeed x-turbo-charged-by LiteSpeed Content-Length 4316 content-type audio/mpeg
GET H2	206	connected.mp3 allfile.club/sound/	20 KB 20 KB	754ms 326ms	Media audio/mpeg	162.0.235.66 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://allfile.club/sound/connected.mp3 Requested by Host: www.clicktogo.xyz URL: https://www.clicktogo.xyz/tk/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.235.66 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS business82-4.web-hosting.com Software LiteSpeed / Resource Hash 5e8dfead8f12cc0cf9aff8aaaeb7497798520ecb67de152776e3f383e52eb635 Request headers Referer Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Range bytes=0- Response headers Content-Range bytes 0-20616/20617 date Tue, 13 Aug 2024 02:17:06 GMT last-modified Thu, 26 Nov 2020 15:57:08 GMT server LiteSpeed x-turbo-charged-by LiteSpeed Content-Length 20617 content-type audio/mpeg
POST H2	204	collect region1.google-analytics.com/g/	0 0	159ms 29ms	Fetch text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-QHGNBZWC2Y&gtm=45je4880v886407698za200&_p=1723515424722&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=974011147.1723515427&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723515426&sct=1&seg=0&dl=https%3A%2F%2Fwww.clicktogo.xyz%2Ftk%2F&dt=TikTok%20Followers%20Generator&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2373 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-QHGNBZWC2Y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 13 Aug 2024 02:17:06 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.clicktogo.xyz cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	css.css dwmsurhf1svv8.cloudfront.net/public/clockers/PrimeApps/	1010 B 1 KB	334ms 332ms	Stylesheet text/css	2600:9000:223d:4600:1b:9327:5500:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dwmsurhf1svv8.cloudfront.net/public/clockers/PrimeApps/css.css Requested by Host: www.clicktogo.xyz URL: https://www.clicktogo.xyz/tk/dby7kx9z9yzse.cloudfront.net/9d1fe20.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223d:4600:1b:9327:5500:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11 / Resource Hash a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 02:17:06 GMT via 1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront) last-modified Fri, 10 Apr 2020 22:29:00 GMT server Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA56-P3 etag "3f2-5a2f7428ae907" x-cache Miss from cloudfront content-type text/css accept-ranges bytes content-length 1010 x-amz-cf-id QsyApiFBmQ580Hig_aPmjPT7cJxQiBdJL0KMfUygPBvUvDntZyFnBg==
GET H3	404	favicon.ico www.clicktogo.xyz/	1 KB 1 KB	336ms 335ms	Other text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.clicktogo.xyz/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 13 Aug 2024 02:17:07 GMT content-encoding br cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bjOmWRZEPcY2qmVBO%2BOA%2BEHqETCNBE3%2FSx2oV9eVOd9PzqslZAUtbB3CeH%2FZhkKQxkgLLlFVyw3fnkpjUw7A4X3M%2FrSavfXXcun1TgqfDpAqlqGY2Y%2FrRTWsv%2BA490FxqOPmuw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control private, no-cache, no-store, must-revalidate, max-age=0 x-turbo-charged-by LiteSpeed cf-ray 8b2534fadaab1c9e-AMS alt-svc h3=":443"; ma=86400
GET H2	200	guid Show response dwmsurhf1svv8.cloudfront.net/public/	0 277 B	226ms 171ms	Script text/html	2600:9000:223d:4600:1b:9327:5500:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dwmsurhf1svv8.cloudfront.net/public/guid?cpguid=mehjewb1o&e=ll&t=1723515427151 Requested by Host: www.clicktogo.xyz URL: https://www.clicktogo.xyz/tk/dby7kx9z9yzse.cloudfront.net/9d1fe20.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223d:4600:1b:9327:5500:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 02:17:07 GMT via 1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront) server Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA56-P3 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type text/html; charset=UTF-8 content-length 0 x-amz-cf-id 6gf6l2VtEB6GfJLIOVzMnyAH-q6zkK9L4RoTR1__eKU_lAk-U-t6Uw==
GET H2	200	check.php Show response dwmsurhf1svv8.cloudfront.net/public/external/	72 B 366 B	331ms 331ms	Script application/javascript	2600:9000:223d:4600:1b:9327:5500:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dwmsurhf1svv8.cloudfront.net/public/external/check.php?it=1448734&time=1723515428721 Requested by Host: www.clicktogo.xyz URL: https://www.clicktogo.xyz/tk/dby7kx9z9yzse.cloudfront.net/9d1fe20.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223d:4600:1b:9327:5500:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash 577d248638c57941b7e35d9a19ef4b5d88d52482f6e59254142d4266c57bad38 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 02:17:08 GMT via 1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront) server Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA56-P3 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type application/javascript content-length 72 x-amz-cf-id R97KqRqDiGG3eu_Ke9EucbpS8hMgFl2NvHVfR9xri8x8jofS5k6q9g==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

fonts.gstatic.com

URL

http://fonts.gstatic.com/s/roboto/v15/Pru33qjShpZSmG3z6VYwnRJtnKITppOI_IvcXXDNrsc.woff2

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| gtag object| dataLayer function| $ function| jQuery object| CPABUILDSETTINGS object| CPABUILDContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| og_load function| CPABuildComplete function| call_locker object| audioclick object| audiolaststep object| audiopoinrunning object| audioselected object| audiosDiamondscess number| gemsvalue function| gemsAmountSelected function| myFunction function| proStep1 function| proStep2 function| myFunHideSearching function| myFunHideUserFound function| myFunNext object| google_tag_manager object| google_tag_data object| gaGlobal

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.clicktogo.xyz/	1970-01-20 22:59:39	Name: _cpguid Value: mehjewb1o
			.clicktogo.xyz/	1970-01-21 08:21:15	Name: _ga_QHGNBZWC2Y Value: GS1.1.1723515426.1.0.1723515426.0.0.0
			.clicktogo.xyz/	1970-01-21 08:21:15	Name: _ga Value: GA1.1.974011147.1723515427

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.clicktogo.xyz/tk/ Message: Mixed Content: The page at 'https://www.clicktogo.xyz/tk/' was loaded over HTTPS, but requested an insecure font 'http://fonts.gstatic.com/s/roboto/v15/Pru33qjShpZSmG3z6VYwnRJtnKITppOI_IvcXXDNrsc.woff2'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://www.clicktogo.xyz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

allfile.club
dwmsurhf1svv8.cloudfront.net
fonts.gstatic.com
region1.google-analytics.com
www.clicktogo.xyz
www.googletagmanager.com
fonts.gstatic.com
162.0.235.66
188.114.97.3
2001:4860:4802:32::36
2600:9000:223d:4600:1b:9327:5500:21
2a00:1450:4001:810::2008
2a06:98c1:3120::3
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
128da509b5541fda33404b48762bd6c8004b4bf0c55f7718bf3f93e5e9c465d3
17c75e2e71a9b6ca2bd024f7cb0d5c13ebb53f1a1c319d3fdbbfaf79ab24c1a3
1f84733afdefb4b0ad2a0baabbfe453392aa11004a54dac336f412bd847c8807
33339f3bc6836ed71dfd3e10d149b673d1f3fdc4f8bbc46226e04d43b4702ee7
38ad0eff2bf480bfe14b99303a49244602cc007afa86bdd5f0a75bb6157f48da
3b777391a3c099cecfb5faaf122ebe02899b22cff41b6faaec401fbb3373fa63
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896
51e2f0308ffe75337b20f3251206763419550323e3dc670f77b0adf75dc320fe
577d248638c57941b7e35d9a19ef4b5d88d52482f6e59254142d4266c57bad38
5e8dfead8f12cc0cf9aff8aaaeb7497798520ecb67de152776e3f383e52eb635
70c60c4d51627cbe2a06d41a3db8726dcd7a745de09eaca0032da807cfe2c543
91bde274413aef51ac375028742077140d75712772968ef99b8bae76196899f8
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
c932bbb1439415184a6a2fa36b2a251d4eecaee2eef0bf954f78fe4e5f768780
de33a06cba6bccba296d85ad8b6bdca39b147ee3489ceab4dedcecfd107e84b8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59b05fd8cb982e4eb8b2b6b633dab1c55780ee4767e2f32f7bf0f694e1e8db3