urlscan.io logo urlscan.io
SecurityTrails logo

clientes.quelana.com.ar Open in urlscan Pro
162.252.82.220  Public Scan

Go To Rescan Add Verdict Report
URL: http://clientes.quelana.com.ar/
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On October 15 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 5 domains to perform 7 HTTP transactions. The main IP is 162.252.82.220, located in Tampa, United States and belongs to HVC-AS, US. The main domain is clientes.quelana.com.ar.
This is the only time clientes.quelana.com.ar was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 162.252.82.220 29802 (HVC-AS)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:310... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 6
1    162.252.82.220 (Tampa, United States)

ASN29802 (HVC-AS, US)
PTR: cpanel118.wnpservers.net
clientes.quelana.com.ar
2    2606:4700:3031::ac43:8c6f (United States)

ASN13335 (CLOUDFLARENET, US)
assets.wnpservers.net
1    2607:f8b0:4004:c08::61 (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6811:616c (United States)

ASN13335 (CLOUDFLARENET, US)
static.getclicky.com
1    2606:4700:3108::ac42:2877 (United States)

ASN13335 (CLOUDFLARENET, US)
formspree.io
1    2606:4700::6811:626c (United States)

ASN13335 (CLOUDFLARENET, US)
in.getclicky.com
Apex Domain
Subdomains		 Transfer
2 getclicky.com
static.getclicky.com — Cisco Umbrella Rank: 12479
in.getclicky.com — Cisco Umbrella Rank: 10625
6 KB
2 wnpservers.net
assets.wnpservers.net
21 KB
1 formspree.io
formspree.io — Cisco Umbrella Rank: 640418
39 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
61 KB
1 quelana.com.ar
clientes.quelana.com.ar
930 B
7 5
Domain Requested by
2 assets.wnpservers.net clientes.quelana.com.ar
assets.wnpservers.net
1 in.getclicky.com static.getclicky.com
1 formspree.io www.googletagmanager.com
1 static.getclicky.com www.googletagmanager.com
1 www.googletagmanager.com clientes.quelana.com.ar
1 clientes.quelana.com.ar
7 6

This site contains no links.

Subject Issuer Validity Valid
assets.wnpservers.net
Cloudflare Inc ECC CA-3		 2023-04-04 -
2024-04-03		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.getclicky.com
E1		 2023-10-05 -
2024-01-03		 3 months crt.sh
formspree.io
Cloudflare Inc ECC CA-3		 2023-04-11 -
2024-04-10		 a year crt.sh

This page contains 1 frames:

Primary Page: http://clientes.quelana.com.ar/
Frame ID: C4DF43E4FAFF2A73261B032EF1A8AF3E
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Forbidden

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.getclicky\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Page Statistics

7
Requests

71 %
HTTPS

83 %
IPv6

5
Domains

6
Subdomains

6
IPs

1
Countries

128 kB
Transfer

326 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
clientes.quelana.com.ar/ 		1 KB
930 B 		Document
General
Check archive.org
Download Go to
Full URL
http://clientes.quelana.com.ar/
Protocol
HTTP/1.1
Server
162.252.82.220 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
cpanel118.wnpservers.net
Software
nginx /
Resource Hash
f7aea5b10219af21c36d34db3e86882075b7f33708d412ab181e837ca44b116f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sun, 15 Oct 2023 09:24:59 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding Accept-Encoding,User-Agent
style.css
assets.wnpservers.net/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.wnpservers.net/css/style.css
Requested by
Host: clientes.quelana.com.ar
URL: http://clientes.quelana.com.ar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8c6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d400cec57f296ab0f045eed5ddfb32acf6c368f764c9708fd98677817265192b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://clientes.quelana.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 09:25:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2036
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"77a156d3decd874f4732a26a333b5d3d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=el%2FbmJO4c35AKbHuKrKB0ZWVM5Fbc10fMM3cUj9Js8LETU84N%2FMXM%2BjGowWA7b79GXIN1WzkVo%2FPBb0AGvz%2FgE74mFai%2B4aafVuK7%2Bp3TXch5aRHonXpeJfU%2FeZm3%2BHxXA2wK1tT4hE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
81670323ecc73a06-YYZ
gtm.js
www.googletagmanager.com/ 		168 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WLLGKCQ
Requested by
Host: clientes.quelana.com.ar
URL: http://clientes.quelana.com.ar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3b87c327b31dbe247010e580dff6eab2b06dc38d5119ba408ba9614bc53fd001
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://clientes.quelana.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 09:25:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62013
x-xss-protection
0
last-modified
Sun, 15 Oct 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 15 Oct 2023 09:25:00 GMT
montserrat-400.woff2
assets.wnpservers.net/fonts/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.wnpservers.net/fonts/montserrat-400.woff2
Requested by
Host: assets.wnpservers.net
URL: https://assets.wnpservers.net/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8c6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://assets.wnpservers.net/css/style.css
Origin
http://clientes.quelana.com.ar
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 09:25:00 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
19172
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"5435c5943e13b5abf7854f0942f03108"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1epuGli7DWw%2BwrCW8oP%2Bz0P0%2BE9tKT04PjM9gRHS7sohLzHDmBJKuvVS0O5kQ%2B4DSgR8bHb9TLGZM3sADGX7Ya00g%2BxJu4w0Ay2kjTHFvg7Xj3vJafUcGwbB0KHj7SIJMXUtHWPO4UcrxB7Lo14kDkQZ8PI%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
816703250c24a253-YYZ
priority
u=0,i=?0
js
static.getclicky.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.getclicky.com/js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WLLGKCQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:616c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee892f4438a985948e729d440931f0437736840888a636bdfd054244886823a9

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://clientes.quelana.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires
Fri, 20 Oct 2023 19:23:47 GMT
date
Sun, 15 Oct 2023 09:25:00 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 13 Oct 2023 19:23:47 GMT
server
cloudflare
age
136873
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
816703274ac35443-YYZ
alt-svc
h3=":443"; ma=86400
x-proxy-cache
MISS
formbutton-v1.min.js
formspree.io/js/ 		118 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://formspree.io/js/formbutton-v1.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WLLGKCQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2877 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fb3a9e8543340f421cdefa9d1d4be74d27b5ca4e94cfe36556a139c8fbf03f3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://clientes.quelana.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 09:25:00 GMT
via
1.1 6085ae9abfe185eabb8b69d91c76ba4a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
null
age
3274
x-amz-cf-pop
YTO50-C1
content-encoding
br
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 05 Apr 2021 20:05:15 GMT
server
cloudflare
etag
W/"d3da9e5d33f6532fa3b78be6ccb6e125"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MFjXaDSrK96Ff2uf5W22%2BDPcG5RRH2Yt5TARPdwhJ%2Bqm9HJheaSJdM9go2IFmwZnUN9uHRrjNgpJvJSV6doISRvv7iZEptcF%2F8r9DyBUcMQmFw3CCKKXhvBKgNJTajTSyDp9mBg%2FBrrKAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
816703273d9b5467-YYZ
x-amz-cf-id
cIY4LWObsz-jntUrHnQCgv-5agBQcITSltMuS7zgL58jsxXy8-SbvQ==
in.php
in.getclicky.com/ 		103 B
587 B 		Script
General
Check archive.org
Download Go to
Full URL
http://in.getclicky.com/in.php?site_id=101293313&type=pageview&href=%2F&title=Forbidden&res=1600x1200&lang=en-US&tz=America%2FVancouver&tc=&ck=1&x=9b3o6f
Requested by
Host: static.getclicky.com
URL: https://static.getclicky.com/js
Protocol
HTTP/1.1
Server
2606:4700::6811:626c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
424347ff522807b9e6b738da7792aaa167e55d9c7c2b9fca07d6741c537336b3

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://clientes.quelana.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Sun, 15 Oct 2023 09:25:01 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
CF-RAY
816703299e0c39de-YYZ
alt-svc
h3=":443"; ma=86400
Expires
Mon, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer object| google_tag_manager object| google_tag_data object| clicky_site_ids object| logoHosting object| statusHosting undefined| divStatus object| statusHostingWNP undefined| divStatusWNP undefined| linkStatusWNP object| clicky_obj object| clicky object| clicky_custom undefined| test object| cs object| _cgen object| _cgen_custom function| formbutton function| parcelRequire

1 Cookies

Domain/Path Name / Value
.clientes.quelana.com.ar/ Name: _jsuid
Value: 4129073283

2 Console Messages

Source Level URL
Text
network error URL: http://clientes.quelana.com.ar/
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
security warning URL: about:srcdoc
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.