urlscan.io logo urlscan.io
SecurityTrails logo

click.lull.com Open in urlscan Pro
104.16.158.74  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://al-nour.net/MZWydV5ZopJ9
Effective URL: https://click.lull.com/?c=1243&scn=whdp&sca=101113&scs=4c305207f160b37b397314f6e0252128
Submission: On September 28 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 6 domains to perform 10 HTTP transactions. The main IP is 104.16.158.74, located in United States and belongs to CLOUDFLARENET, US. The main domain is click.lull.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 4th 2020. Valid for: a year.
This is the only time click.lull.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
2 23.250.10.112 55286 (SERVER-MANIA)
1 2a00:1450:400... 15169 (GOOGLE)
3 104.16.158.74 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
10 6
2    2606:4700:3037::681b:b9ac (United States)

ASN13335 (CLOUDFLARENET, US)
al-nour.net
1    2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
2    23.250.10.112 (Stoney Creek, Canada)

ASN55286 (SERVER-MANIA, CA)
perkscat.com
1    2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    104.16.158.74 (United States)

ASN13335 (CLOUDFLARENET, US)
click.lull.com
1    2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
Domain Requested by
3 click.lull.com perkscat.com
click.lull.com
static.cloudflareinsights.com
2 perkscat.com al-nour.net
perkscat.com
2 al-nour.net code.jquery.com
1 static.cloudflareinsights.com click.lull.com
1 www.googletagmanager.com perkscat.com
1 code.jquery.com al-nour.net
10 6

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh
lull.com
Cloudflare Inc ECC CA-3		 2020-07-04 -
2021-07-04		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-11 -
2021-07-11		 a year crt.sh

This page contains 1 frames:

Primary Page: https://click.lull.com/?c=1243&scn=whdp&sca=101113&scs=4c305207f160b37b397314f6e0252128
Frame ID: 3CC2C2B700534F83A3F039F898F43D14
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://al-nour.net/MZWydV5ZopJ9 Page URL
  2. http://perkscat.com/a3b0264f756d3535dbc8181862e70bcbe/?sid3=111927 Page URL
  3. https://click.lull.com/?c=1243&scn=whdp&sca=101113&scs=4c305207f160b37b397314f6e0252128 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

10
Requests

50 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

6
IPs

4
Countries

74 kB
Transfer

187 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://al-nour.net/MZWydV5ZopJ9 Page URL
  2. http://perkscat.com/a3b0264f756d3535dbc8181862e70bcbe/?sid3=111927 Page URL
  3. https://click.lull.com/?c=1243&scn=whdp&sca=101113&scs=4c305207f160b37b397314f6e0252128 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set MZWydV5ZopJ9
al-nour.net/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://al-nour.net/MZWydV5ZopJ9
Protocol
HTTP/1.1
Server
2606:4700:3037::681b:b9ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d6de9ea738ae81311042dcd825b0acc8a61e800ac0c1ee2713731c96620a49a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Host
al-nour.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 28 Sep 2020 15:20:12 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=dac396df5f1b2ee1200dc9f04e97076d41601306409; expires=Wed, 28-Oct-20 15:20:09 GMT; path=/; domain=.al-nour.net; HttpOnly; SameSite=Lax a=111927; expires=Tue, 28-Sep-2021 15:20:12 GMT; Max-Age=31536000; Path=/ t=MZWydV5ZopJ9; expires=Tue, 28-Sep-2021 15:20:12 GMT; Max-Age=31536000; Path=/
X-Frame-Options
SAMEORIGIN
CF-Cache-Status
DYNAMIC
cf-request-id
0576e5d31a00002c2671a2a200000001
Server
cloudflare
CF-RAY
5d9e7264f8f32c26-FRA
Content-Encoding
gzip
jquery-1.11.3.min.js
code.jquery.com/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://code.jquery.com/jquery-1.11.3.min.js
Requested by
Host: al-nour.net
URL: http://al-nour.net/MZWydV5ZopJ9
Protocol
HTTP/1.1
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

Referer
http://al-nour.net/MZWydV5ZopJ9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 28 Sep 2020 15:20:12 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Apr 2015 16:20:58 GMT
Server
nginx
ETag
W/"553fb36a-176d5"
Vary
Accept-Encoding
X-HW
1601306412.dop125.fr8.t,1601306412.cds127.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
33261
/
al-nour.net/ajax_post/ 		66 B
427 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://al-nour.net/ajax_post/
Requested by
Host: code.jquery.com
URL: http://code.jquery.com/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Server
2606:4700:3037::681b:b9ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
http://al-nour.net/MZWydV5ZopJ9
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 28 Sep 2020 15:20:13 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5d9e7274cb422c26-FRA
cf-request-id
0576e5dd0000002c2671b25200000001
/
perkscat.com/a3b0264f756d3535dbc8181862e70bcbe/ 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://perkscat.com/a3b0264f756d3535dbc8181862e70bcbe/?sid3=111927
Requested by
Host: al-nour.net
URL: http://al-nour.net/MZWydV5ZopJ9
Protocol
HTTP/1.1
Server
23.250.10.112 Stoney Creek, Canada, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software
nginx /
Resource Hash
087b0dfac1b9bf509c39cd5a115bb0c526df501efda755560d4a7e9f16cf8e60

Request headers

Host
perkscat.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://al-nour.net/MZWydV5ZopJ9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://al-nour.net/MZWydV5ZopJ9

Response headers

Server
nginx
Date
Mon, 28 Sep 2020 15:24:38 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
gtm.js
www.googletagmanager.com/ 		67 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NXNQ2LW
Requested by
Host: perkscat.com
URL: http://perkscat.com/a3b0264f756d3535dbc8181862e70bcbe/?sid3=111927
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
62751266f28c62b3a3fcee15dacd5f4c560bda80f4cfdb87564cb595a4189e6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://perkscat.com/a3b0264f756d3535dbc8181862e70bcbe/?sid3=111927
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 15:20:14 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26817
x-xss-protection
0
expires
Mon, 28 Sep 2020 15:20:14 GMT
index.php
perkscat.com/ 		234 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://perkscat.com/index.php
Requested by
Host: perkscat.com
URL: http://perkscat.com/a3b0264f756d3535dbc8181862e70bcbe/?sid3=111927
Protocol
HTTP/1.1
Server
23.250.10.112 Stoney Creek, Canada, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
http://perkscat.com/a3b0264f756d3535dbc8181862e70bcbe/?sid3=111927
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Mon, 28 Sep 2020 15:24:39 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Primary Request /
click.lull.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://click.lull.com/?c=1243&scn=whdp&sca=101113&scs=4c305207f160b37b397314f6e0252128
Requested by
Host: perkscat.com
URL: http://perkscat.com/a3b0264f756d3535dbc8181862e70bcbe/?sid3=111927
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.158.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e00b824c505fbc85c00344046d3abdc77b9b7c9d1a52cebf5ae67f9fca433d6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
click.lull.com
:scheme
https
:path
/?c=1243&scn=whdp&sca=101113&scs=4c305207f160b37b397314f6e0252128
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://perkscat.com/a3b0264f756d3535dbc8181862e70bcbe/?sid3=111927
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://perkscat.com/a3b0264f756d3535dbc8181862e70bcbe/?sid3=111927

Response headers

status
403
date
Mon, 28 Sep 2020 15:20:14 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
set-cookie
__cfduid=d6c6890abb5157ad6a98b592982a0ac931601306414; expires=Wed, 28-Oct-20 15:20:14 GMT; path=/; domain=.lull.com; HttpOnly; SameSite=Lax
cf-request-id
0576e5e66b00000b748c290200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
strict-transport-security
max-age=15552000
server
cloudflare
cf-ray
5d9e7283d9470b74-AMS
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
main.css
click.lull.com/cdn-cgi/styles/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://click.lull.com/cdn-cgi/styles/main.css
Requested by
Host: click.lull.com
URL: https://click.lull.com/?c=1243&scn=whdp&sca=101113&scs=4c305207f160b37b397314f6e0252128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.158.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2729a14ce8234270b0833cd05eaae83a0d00a89f7e3d79b0bc3b4609c48d85fd
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://click.lull.com/?c=1243&scn=whdp&sca=101113&scs=4c305207f160b37b397314f6e0252128
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 15:20:14 GMT
content-encoding
gzip
last-modified
Fri, 25 Sep 2020 21:33:08 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5f6e6214-19dc"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=7200, public
cf-ray
5d9e72844a5d0b74-AMS
cf-request-id
0576e5e6b100000b748c296200000001
expires
Mon, 28 Sep 2020 17:20:14 GMT
beacon.min.js
static.cloudflareinsights.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: click.lull.com
URL: https://click.lull.com/?c=1243&scn=whdp&sca=101113&scs=4c305207f160b37b397314f6e0252128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
238fd13c4393c3f9851a3e58a475a5fcac69f09944f40c0319db7a6797aa6cf5

Request headers

Referer
https://click.lull.com/?c=1243&scn=whdp&sca=101113&scs=4c305207f160b37b397314f6e0252128
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 15:20:14 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
status
200
cf-ray
5d9e72844f37d72d-FRA
cf-request-id
0576e5e6a90000d72dac819200000001
performance
click.lull.com/cdn-cgi/beacon/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://click.lull.com/cdn-cgi/beacon/performance?req_id=5d9e7283d9470b74
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.158.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://click.lull.com/?c=1243&scn=whdp&sca=101113&scs=4c305207f160b37b397314f6e0252128
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type
application/json

Response headers

status
204
date
Mon, 28 Sep 2020 15:20:14 GMT
x-frame-options
SAMEORIGIN
server
cloudflare
cf-ray
5d9e7284db580b74-AMS
cf-request-id
0576e5e70a00000b748c29f200000001

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| _cf_translation

1 Cookies

Domain/Path Name / Value
.lull.com/ Name: __cfduid
Value: d6c6890abb5157ad6a98b592982a0ac931601306414

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN