Submitted URL: https://www.laligue.be/jump/?url=https://clck.ru/N5pVm&viewing_code=
Effective URL: http://heyat.yaranenab.com/wp-snapshots/r9678335580731489922eckbgdhfbyswi2wkxck/browserinfo/sales_comment/convert/projects/...
Submission: On April 28 via manual from SG

Summary

This website contacted 1 IPs in 3 countries across 4 domains to perform 1 HTTP transactions. The main IP is 2606:4700:3030::681b:ba5b, located in United States and belongs to CLOUDFLARENET, US. The main domain is heyat.yaranenab.com.
This is the only time heyat.yaranenab.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 178.62.231.146 14061 (DIGITALOC...)
1 1 2a02:6b8::221 13238 (YANDEX)
1 1 2a02:6b8::232 13238 (YANDEX)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1
Apex Domain
Subdomains
Transfer
1 yaranenab.com
heyat.yaranenab.com
698 B
1 yandex.net
sba.yandex.net
453 B
1 clck.ru
clck.ru
552 B
1 laligue.be
www.laligue.be
432 B
1 4
Domain Requested by
1 heyat.yaranenab.com
1 sba.yandex.net 1 redirects
1 clck.ru 1 redirects
1 www.laligue.be 1 redirects
1 4

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://heyat.yaranenab.com/wp-snapshots/r9678335580731489922eckbgdhfbyswi2wkxck/browserinfo/sales_comment/convert/projects/validation/produkt/derefer/datepicker.php/gsqyq/mpqb/?pass=b1k0aegm12a5u
Frame ID: 744D620882E3AFDE48A55A56129381E0
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://www.laligue.be/jump/?url=https://clck.ru/N5pVm&viewing_code= HTTP 303
    https://clck.ru/N5pVm HTTP 302
    https://sba.yandex.net/redirect?url=http%3A%2F%2Fheyat.yaranenab.com%2Fwp-snapshots%2Fr967833558073... HTTP 302
    http://heyat.yaranenab.com/wp-snapshots/r9678335580731489922eckbgdhfbyswi2wkxck/browserinfo/sales_comme... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

1
Requests

0 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

1
IPs

3
Countries

1 kB
Transfer

0 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.laligue.be/jump/?url=https://clck.ru/N5pVm&viewing_code= HTTP 303
    https://clck.ru/N5pVm HTTP 302
    https://sba.yandex.net/redirect?url=http%3A%2F%2Fheyat.yaranenab.com%2Fwp-snapshots%2Fr9678335580731489922eckbgdhfbyswi2wkxck%2Fbrowserinfo%2Fsales_comment%2Fconvert%2Fprojects%2Fvalidation%2Fprodukt%2Fderefer%2Fdatepicker.php%2Fgsqyq%2Fmpqb%2F%3Fpass%3Db1k0aegm12a5u&client=clck&sign=be4ba242fe373fce895d9d990d1b00c0 HTTP 302
    http://heyat.yaranenab.com/wp-snapshots/r9678335580731489922eckbgdhfbyswi2wkxck/browserinfo/sales_comment/convert/projects/validation/produkt/derefer/datepicker.php/gsqyq/mpqb/?pass=b1k0aegm12a5u Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set /
heyat.yaranenab.com/wp-snapshots/r9678335580731489922eckbgdhfbyswi2wkxck/browserinfo/sales_comment/convert/projects/validation/produkt/derefer/datepicker.php/gsqyq/mpqb/
Redirect Chain
  • https://www.laligue.be/jump/?url=https://clck.ru/N5pVm&viewing_code=
  • https://clck.ru/N5pVm
  • https://sba.yandex.net/redirect?url=http%3A%2F%2Fheyat.yaranenab.com%2Fwp-snapshots%2Fr9678335580731489922eckbgdhfbyswi2wkxck%2Fbrowserinfo%2Fsales_comment%2Fconvert%2Fprojects%2Fvalidation%2Fprodu...
  • http://heyat.yaranenab.com/wp-snapshots/r9678335580731489922eckbgdhfbyswi2wkxck/browserinfo/sales_comment/convert/projects/validation/produkt/derefer/datepicker.php/gsqyq/mpqb/?pass=b1k0aegm12a5u
261 B
698 B
Document
General
Full URL
http://heyat.yaranenab.com/wp-snapshots/r9678335580731489922eckbgdhfbyswi2wkxck/browserinfo/sales_comment/convert/projects/validation/produkt/derefer/datepicker.php/gsqyq/mpqb/?pass=b1k0aegm12a5u
Protocol
HTTP/1.1
Server
2606:4700:3030::681b:ba5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4d4d30b9daa6bd67be4c388edc1879c99f605f189d76a14ba39cc3822241f30

Request headers

Host
heyat.yaranenab.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 28 Apr 2020 09:05:20 GMT
Content-Type
text/html; charset=iso-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=dccc4cbdd096b8559b3d6903ea1d2b9e21588064718; expires=Thu, 28-May-20 09:05:18 GMT; path=/; domain=.yaranenab.com; HttpOnly; SameSite=Lax
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
58af9eed9eb4178a-FRA
Content-Encoding
gzip
cf-request-id
0261a1a8800000178a84395200000001

Redirect headers

Content-Length
597
Content-Type
text/html; charset=utf-8
Date
Tue, 28 Apr 2020 09:05:18 GMT
Location
http://heyat.yaranenab.com/wp-snapshots/r9678335580731489922eckbgdhfbyswi2wkxck/browserinfo/sales_comment/convert/projects/validation/produkt/derefer/datepicker.php/gsqyq/mpqb/?pass=b1k0aegm12a5u
Strict-Transport-Security
max-age=3600; includeSubDomains
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

1 Cookies

Domain/Path Name / Value
.yaranenab.com/ Name: __cfduid
Value: dccc4cbdd096b8559b3d6903ea1d2b9e21588064718

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

clck.ru
heyat.yaranenab.com
sba.yandex.net
www.laligue.be
178.62.231.146
2606:4700:3030::681b:ba5b
2a02:6b8::221
2a02:6b8::232
e4d4d30b9daa6bd67be4c388edc1879c99f605f189d76a14ba39cc3822241f30