Report - clck.ru/39y6zR

Report Overview

Submitted URL
clck.ru/39y6zR
IP
213.180.204.221
ASN
#13238 YANDEX LLC
Submitted
2024-04-16 06:30:03
Access
public
Website Title
q2nv9i.cn/?index=317
Final URL
q2nv9i.cn/?index=317
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
clck.ru	105004	2007-08-13	2017-02-01	2024-03-26	468 B	1.4 kB	213.180.204.221
sba.yandex.ru	unknown	1997-09-23	2020-04-14	2024-03-26	632 B	540 B	213.180.193.232
q2nv9i.cn	unknown	unknown	No data	No data	1.8 kB	10 kB	168.76.121.114

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (6)

	URL	IP	Response	Size
	clck.ru/39y6zR	213.180.204.221	302 FOUND	570 B
URL User Request GET HTTP/1.1 clck.ru/39y6zR IP 213.180.204.221:443 ASN #13238 YANDEX LLC Certificate IssuerGlobalSign nv-sa Subjectclck.ru FingerprintE4:1A:F4:4C:60:E3:51:E7:15:7A:DF:84:8A:8D:54:A5:10:6B:66:E9 ValidityTue, 26 Dec 2023 17:08:29 GMT - Mon, 24 Jun 2024 20:59:59 GMT File type HTML document, ASCII text, with very long lines (460) Size 570 B (570 bytes) Hash 534c927e3bc107505bda71757903d365 ce317ee8bc4392c00080bad1e06a601ae19fea98 2eb98241d9ad145f2a04627a8a9219232c8bce0e66e9af8c6532129ebe556a46 HTTP Headers `GET /39y6zR HTTP/1.1 Host: clck.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 302 FOUND Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA Access-Control-Allow-Origin: * Content-Length: 570 Content-Type: text/html; charset=utf-8 Date: Tue, 16 Apr 2024 06:29:38 GMT Location: https://sba.yandex.ru/redirect?url=http%3A%2F%2Fq2nv9i.cn%3Findex%3D317&client=clck&request_id=1713248978475105-12231758455430541913&sign=cab68b8d31725e628f99fb195ee59e94 Set-Cookie: _yasc=QVYqK/mLuZYpXNaeb3cwVu0pK+4pHH3b+wsetMpqBJvuQmS4gbRswCDHDS1olns2CQ==; domain=.clck.ru; path=/; expires=Fri, 14 Apr 2034 06:29:38 GMT; secure Strict-Transport-Security: max-age=31536000

	sba.yandex.ru/redirect?url=http%3A%2F%2Fq2nv9i.cn%3Findex%3D317&client=clck&request_id=1713248978475105-12231758455430541913&sign=cab68b8d31725e628f99fb195ee59e94	213.180.193.232	302 FOUND	258 B
URL User Request GET HTTP/1.1 sba.yandex.ru/redirect?url=http%3A%2F%2Fq2nv9i.cn%3Findex%3D317&client=clck&request_id=1713248978475105-12231758455430541913&sign=cab68b8d31725e628f99fb195ee59e94 IP 213.180.193.232:443 ASN #13238 YANDEX LLC Certificate IssuerGlobalSign nv-sa Subjectsba.yandex.net Fingerprint08:96:BF:33:F4:7A:45:90:A9:84:93:18:F9:BA:10:8F:6C:CC:78:F7 ValidityTue, 26 Dec 2023 16:46:17 GMT - Mon, 24 Jun 2024 20:59:59 GMT File type HTML document, ASCII text Size 258 B (258 bytes) Hash 3f1adac5efd570c49d47057446fa6783 c3b23b819988e1055d9fcc045e3ddd240cd562a4 743aeb0af41cb923687949038ec7d1ba7418ca341296c57fcf804cc0ca16096f HTTP Headers GET /redirect?url=http%3A%2F%2Fq2nv9i.cn%3Findex%3D317&client=clck&request_id=1713248978475105-12231758455430541913&sign=cab68b8d31725e628f99fb195ee59e94 HTTP/1.1 Host: sba.yandex.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: gdpr=1 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 302 FOUND Content-Length: 258 Content-Type: text/html; charset=utf-8 Date: Tue, 16 Apr 2024 06:29:38 GMT Location: http://q2nv9i.cn?index=317 Strict-Transport-Security: max-age=3600; includeSubDomains X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block`

	q2nv9i.cn/?index=317	168.76.121.114	404 Not Found	162 B
URL User Request GET HTTP/2 q2nv9i.cn/?index=317 IP 168.76.121.114:443 ASN #137951 ASLINE LIMITED Certificate IssuerLet's Encrypt Subjectvxi40a.cn Fingerprint10:2C:65:85:AA:7B:C6:41:D8:DB:28:87:C0:93:60:28:9B:0B:8F:CC ValidityMon, 08 Apr 2024 18:46:35 GMT - Sun, 07 Jul 2024 18:46:34 GMT File type HTML document, ASCII text, with CRLF line terminators Size 162 B (162 bytes) Hash 4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a HTTP Headers `GET /?index=317 HTTP/1.1 Host: q2nv9i.cn User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 16 Apr 2024 06:28:55 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive Location: https://q2nv9i.cn/?index=317 Strict-Transport-Security: max-age=31536000`

	q2nv9i.cn/?index=317	168.76.121.114	404 Not Found	162 B
URL User Request GET HTTP/2 q2nv9i.cn/?index=317 IP 168.76.121.114:443 ASN #137951 ASLINE LIMITED Certificate IssuerLet's Encrypt Subjectvxi40a.cn Fingerprint10:2C:65:85:AA:7B:C6:41:D8:DB:28:87:C0:93:60:28:9B:0B:8F:CC ValidityMon, 08 Apr 2024 18:46:35 GMT - Sun, 07 Jul 2024 18:46:34 GMT File type HTML document, ASCII text, with CRLF line terminators Size 162 B (162 bytes) Hash 4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a HTTP Headers `GET /?index=317 HTTP/1.1 Host: q2nv9i.cn User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Cookie: PHPSESSID=jfuhe2cfvsemfqnfhft5h08905 Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 16 Apr 2024 06:28:56 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive Location: https://q2nv9i.cn/?index=317 Strict-Transport-Security: max-age=31536000`

	q2nv9i.cn/?index=317	168.76.121.114	404 Not Found	8.9 kB
URL User Request GET HTTP/2 q2nv9i.cn/?index=317 IP 168.76.121.114:443 ASN #137951 ASLINE LIMITED Certificate IssuerLet's Encrypt Subjectvxi40a.cn Fingerprint10:2C:65:85:AA:7B:C6:41:D8:DB:28:87:C0:93:60:28:9B:0B:8F:CC ValidityMon, 08 Apr 2024 18:46:35 GMT - Sun, 07 Jul 2024 18:46:34 GMT File type gzip compressed data, from Unix Size 8.9 kB (8862 bytes) Hash 7265c723e8950d45dadde43009282ac9 13461f0f22b150b46a3082817ebd52ab0a3f97fd 969645f6457b46dd74151d238c696e09dbcd48695bb0f5533495375b36c4a583 HTTP Headers `GET /?index=317 HTTP/1.1 Host: q2nv9i.cn User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 404 Not Found server: nginx date: Tue, 16 Apr 2024 06:28:56 GMT content-type: text/html; charset=UTF-8 vary: Accept-Encoding set-cookie: PHPSESSID=jfuhe2cfvsemfqnfhft5h08905; path=/ expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache content-encoding: gzip X-Firefox-Spdy: h2`

	q2nv9i.cn/favicon.ico	168.76.121.114	404 Not Found	0 B
URL GET HTTP/2 q2nv9i.cn/favicon.ico IP 168.76.121.114:443 ASN #137951 ASLINE LIMITED Requested by https://q2nv9i.cn/?index=317 Certificate IssuerLet's Encrypt Subjectvxi40a.cn Fingerprint10:2C:65:85:AA:7B:C6:41:D8:DB:28:87:C0:93:60:28:9B:0B:8F:CC ValidityMon, 08 Apr 2024 18:46:35 GMT - Sun, 07 Jul 2024 18:46:34 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: q2nv9i.cn User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://q2nv9i.cn/?index=317 Cookie: PHPSESSID=jfuhe2cfvsemfqnfhft5h08905 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 404 Not Found server: nginx date: Tue, 16 Apr 2024 06:28:57 GMT content-type: text/html; charset=UTF-8 vary: Accept-Encoding expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache content-encoding: gzip X-Firefox-Spdy: h2`