l2.clckrs.com
Open in
urlscan Pro
188.226.172.213
Public Scan
Effective URL: https://l2.clckrs.com/l/sf1?s1=cs1&s2=45b8a0ceb1c14a3.46270991&s3=362-902
Submission: On September 01 via manual from US
Summary
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on October 30th 2017. Valid for: a year.
This is the only time l2.clckrs.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 35.197.52.214 35.197.52.214 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 52.15.116.42 52.15.116.42 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 2a00:1450:400... 2a00:1450:4001:806::2008 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 3 | 2a00:1450:400... 2a00:1450:4001:818::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 1 | 2a00:1450:400... 2a00:1450:400c:c0c::9d | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 1 | 2a00:1450:400... 2a00:1450:4001:80b::2004 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:806::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 1 | 34.240.71.119 34.240.71.119 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 1 | 2400:cb00:204... 2400:cb00:2048:1::681b:b458 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 1 | 54.164.198.58 54.164.198.58 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 1 | 165.227.181.132 165.227.181.132 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean) | |
6 | 188.226.172.213 188.226.172.213 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean) | |
14 | 6 |
ASN15169 (GOOGLE - Google LLC, US)
PTR: 214.52.197.35.bc.googleusercontent.com
uploadphasestroglodytes.site |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-15-116-42.us-east-2.compute.amazonaws.com
ufjdhd.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-240-71-119.eu-west-1.compute.amazonaws.com
www.heywhatsup.xyz |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
x.datingtrk.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-164-198-58.compute-1.amazonaws.com
www.conversiontrk.com |
ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
l.brmediatrk.com |
ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
PTR: push.7click.com
l2.clckrs.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
clckrs.com
l2.clckrs.com |
327 KB |
3 |
google-analytics.com
1 redirects
www.google-analytics.com |
14 KB |
2 |
ufjdhd.com
ufjdhd.com |
1 KB |
2 |
uploadphasestroglodytes.site
uploadphasestroglodytes.site |
13 KB |
1 |
brmediatrk.com
1 redirects
l.brmediatrk.com |
238 B |
1 |
conversiontrk.com
1 redirects
www.conversiontrk.com |
2 KB |
1 |
datingtrk.com
1 redirects
x.datingtrk.com |
966 B |
1 |
heywhatsup.xyz
1 redirects
www.heywhatsup.xyz |
2 KB |
1 |
google.de
www.google.de |
109 B |
1 |
google.com
1 redirects
www.google.com |
185 B |
1 |
doubleclick.net
1 redirects
stats.g.doubleclick.net |
170 B |
1 |
googletagmanager.com
www.googletagmanager.com |
25 KB |
14 | 12 |
Domain | Requested by | |
---|---|---|
6 | l2.clckrs.com |
ufjdhd.com
l2.clckrs.com |
3 | www.google-analytics.com |
1 redirects
www.googletagmanager.com
www.google-analytics.com |
2 | ufjdhd.com |
uploadphasestroglodytes.site
ufjdhd.com |
2 | uploadphasestroglodytes.site | |
1 | l.brmediatrk.com | 1 redirects |
1 | www.conversiontrk.com | 1 redirects |
1 | x.datingtrk.com | 1 redirects |
1 | www.heywhatsup.xyz | 1 redirects |
1 | www.google.de | |
1 | www.google.com | 1 redirects |
1 | stats.g.doubleclick.net | 1 redirects |
1 | www.googletagmanager.com |
ufjdhd.com
|
14 | 12 |
This site contains links to these domains. Also see Links.
Domain |
---|
click2pawn.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.google-analytics.com Google Internet Authority G3 |
2018-08-14 - 2018-10-23 |
2 months | crt.sh |
www.google.de Google Internet Authority G3 |
2018-08-14 - 2018-10-23 |
2 months | crt.sh |
*.clckrs.com AlphaSSL CA - SHA256 - G2 |
2017-10-30 - 2018-10-31 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://l2.clckrs.com/l/sf1?s1=cs1&s2=45b8a0ceb1c14a3.46270991&s3=362-902
Frame ID: 68AB37C6C85982BDCB2D55AD40AB3B70
Requests: 14 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://uploadphasestroglodytes.site/5wMWFgL21p7nAfMStS8GAh8G8gIStV7mpq_GRh8V9XLnR=9Eh6NGVfLzFnLj4g7n8f8T4k9T8dAD... Page URL
- http://ufjdhd.com/click.track?CID=382713&AFID=415875&ADID=1857426&BRITT=Replay-36258&PERK=jonw... Page URL
- http://ufjdhd.com/sanitize.go?url=http%3A%2F%2Fwww.heywhatsup.xyz%2Faff_c%3Foffer_id%3D361%26a... Page URL
-
http://www.heywhatsup.xyz/aff_c?offer_id=361&aff_id=1063&aff_sub=Replay-36258&aff_sub2=22463-A00071659...
HTTP 302
http://x.datingtrk.com/1ddd953f-8375-4262-be60-d39bc05e3a77?source=902&source2=Replay-36258 HTTP 302
http://www.conversiontrk.com/track/MzYyLjUyMC41MjAuMTQzNS4wLjAuMC4wLjAuMC4wLjA/?_ocid=w13GNOOG8A8PQRFGH5U... HTTP 302
http://l.brmediatrk.com/sf1/?s1=cs1&s2=45b8a0ceb1c14a3.46270991&s3=362-902&_ocid=w13GNOOG8A8PQRFGH5U... HTTP 302
https://l2.clckrs.com/l/sf1?s1=cs1&s2=45b8a0ceb1c14a3.46270991&s3=362-902 Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Twitter Bootstrap () Expand
Detected patterns
- html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: YES
Search URL Search Domain Scan URL
Title: NO
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://uploadphasestroglodytes.site/5wMWFgL21p7nAfMStS8GAh8G8gIStV7mpq_GRh8V9XLnR=9Eh6NGVfLzFnLj4g7n8f8T4k9T8dADwg8zMh9TEp8yhGET8m8TEo70kiIj8gND0c Page URL
- http://ufjdhd.com/click.track?CID=382713&AFID=415875&ADID=1857426&BRITT=Replay-36258&PERK=jonwamn@yahoo.com&SID=22463-A000716590,VR36258,M2c30u1,yahoo Page URL
- http://ufjdhd.com/sanitize.go?url=http%3A%2F%2Fwww.heywhatsup.xyz%2Faff_c%3Foffer_id%3D361%26aff_id%3D1063%26aff_sub%3DReplay-36258%26aff_sub2%3D22463-A000716590%2CVR36258%2CM2c30u1%2Cyahoo%26aff_sub3%3Djonwamn%40yahoo.com Page URL
-
http://www.heywhatsup.xyz/aff_c?offer_id=361&aff_id=1063&aff_sub=Replay-36258&aff_sub2=22463-A000716590,VR36258,M2c30u1,yahoo&aff_sub3=jonwamn@yahoo.com
HTTP 302
http://x.datingtrk.com/1ddd953f-8375-4262-be60-d39bc05e3a77?source=902&source2=Replay-36258 HTTP 302
http://www.conversiontrk.com/track/MzYyLjUyMC41MjAuMTQzNS4wLjAuMC4wLjAuMC4wLjA/?_ocid=w13GNOOG8A8PQRFGH5U9EE4O&autocamp=902 HTTP 302
http://l.brmediatrk.com/sf1/?s1=cs1&s2=45b8a0ceb1c14a3.46270991&s3=362-902&_ocid=w13GNOOG8A8PQRFGH5U9EE4O&autocamp=902&ocode=MzYyLjM3My4zNzMuOTA2LjEyNTQuMC4wLjAuMC4wLjAuMA HTTP 302
https://l2.clckrs.com/l/sf1?s1=cs1&s2=45b8a0ceb1c14a3.46270991&s3=362-902 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 7- https://www.google-analytics.com/r/collect?v=1&_v=j68&a=1137666571&t=pageview&_s=1&dl=http%3A%2F%2Fufjdhd.com%2Fclick.track%3FCID%3D382713%26AFID%3D415875%26ADID%3D1857426%26BRITT%3DReplay-36258%26PERK%3Djonwamn%40yahoo.com%26SID%3D22463-A000716590%2CVR36258%2CM2c30u1%2Cyahoo&dr=http%3A%2F%2Fuploadphasestroglodytes.site%2F5wMWFgL21p7nAfMStS8GAh8G8gIStV7mpq_GRh8V9XLnR%3D9Eh6NGVfLzFnLj4g7n8f8T4k9T8dADwg8zMh9TEp8yhGET8m8TEo70kiIj8gND0c&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=oGBAAUAB~&jid=128447277&gjid=2125397634&cid=2023924375.1535773930&tid=UA-109215160-2&_gid=843179649.1535773930&_r=1>m=u8o&z=1786144587 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-109215160-2&cid=2023924375.1535773930&jid=128447277&_gid=843179649.1535773930&gjid=2125397634&_v=j68&z=1786144587 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109215160-2&cid=2023924375.1535773930&jid=128447277&_v=j68&z=1786144587 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109215160-2&cid=2023924375.1535773930&jid=128447277&_v=j68&z=1786144587&slf_rd=1&random=2569794179
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
5wMWFgL21p7nAfMStS8GAh8G8gIStV7mpq_GRh8V9XLnR=9Eh6NGVfLzFnLj4g7n8f8T4k9T8dADwg8zMh9TEp8yhGET8m8TEo70kiIj8gND0c
uploadphasestroglodytes.site/ |
44 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fp.php
uploadphasestroglodytes.site/images/ |
35 B 240 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
click.track
ufjdhd.com/ |
777 B 934 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
js
www.googletagmanager.com/gtag/ |
72 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sanitize.go
ufjdhd.com/ |
188 B 345 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
analytics.js
www.google-analytics.com/ |
34 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST S |
collect
www.google-analytics.com/ |
35 B 126 B |
Other
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
sf1
l2.clckrs.com/l/ Redirect Chain
|
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
l2.clckrs.com/images/sf1/ |
153 KB 153 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
l2.clckrs.com/images/sf1/ |
32 KB 32 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pusher.js
l2.clckrs.com/ |
2 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default.ogg
l2.clckrs.com/images/sf1/ |
11 KB 12 KB |
Media
audio/ogg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
photo3.jpg
l2.clckrs.com/images/sf1/images/ |
125 KB 125 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| app boolean| PreventExitPop function| ExitPop2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
l2.clckrs.com/ | Name: lander_session Value: eyJpdiI6Imh6ZGZaZ1wvKytoMVBqMzNablRsRmFBPT0iLCJ2YWx1ZSI6Im1CWTIrdVZqS1JwUFhEalozNjF1eVdHNHh2NXdNZ3BoYjc4TVpyZ25PbWx0ekM4dHJhUGJNQWlyWjVQZHZ5YmR2NldsbG9peVpvSVBWakdwTmwxaDFRPT0iLCJtYWMiOiI3NmY3NWQyYjU5YzcwM2I1MzA2MDMxMGU4YzlhN2RhMDY4OTM1YzQyMmY0NzdmNmU0NmE2MjEzZWVjNzk1MGZhIn0%3D |
|
l2.clckrs.com/ | Name: XSRF-TOKEN Value: eyJpdiI6InVVS0gyMXF4K1kyN05cL3ErQ3g3eUNRPT0iLCJ2YWx1ZSI6IlJvN0IwVFl5ajQ3bWppNHZKUTFvTGJodHJmUjhGMXNJcjlVdkNvOG9pczhESm83ZHVsK1FUM29zSG5EQ0dXb0dCQkFScFcyY09OaXc4Y0ppcHhOSFlBPT0iLCJtYWMiOiIyYWQ0Mzc0NmIwNTBmMjlhNzRkYTZmMmNjZDM5MjI2YzJlZTZmMjdmN2Q2ZDExNWJmYmVlMzE0NzE3NjgwMWM2In0%3D |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | sameorigin |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
l.brmediatrk.com
l2.clckrs.com
stats.g.doubleclick.net
ufjdhd.com
uploadphasestroglodytes.site
www.conversiontrk.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.heywhatsup.xyz
x.datingtrk.com
165.227.181.132
188.226.172.213
2400:cb00:2048:1::681b:b458
2a00:1450:4001:806::2003
2a00:1450:4001:806::2008
2a00:1450:4001:80b::2004
2a00:1450:4001:818::200e
2a00:1450:400c:c0c::9d
34.240.71.119
35.197.52.214
52.15.116.42
54.164.198.58
02e3abcb078c95cad2d5dbff1b240a5dc4e6ef2e7c8f0e34e75947304df0198a
49a9b0ffa7015f71f6653199ba7716c54fb413a8e83521c81ac1d10e0ec92aef
5f732d7dc347608b8024efc823e2292979c3606118549e724b2438c5afb77a2b
5f9e9e3c4627dc31561e968b23478ba130eea270ef933cd1f183d07f536d4f60
9bbd64e8db88c92e290a33123f885a16e5aeeff15ff6a26ac983fa4c839e4e34
b28190b5216c02abbcfa09c58d3582121c3462b0200d01f3ec82965b2788a96c
e2de48ef6ade77381ca634eb6a2ce36b5f7048108d076c7525be726c9bc8ade3
f2520d3e33e412ec92690f79df3c39f1930d22c2cf126dc85a0641bcde13e9c4
f403475281fbf391c0fa6b4024984b767ed62c7fe14f22564339df1ce6b62f70
f6215fe91398988393e4a7b531cbdff51b5f60933704d93b10ac2f8ef2d1a811