![](/screenshots/1a8d024a-681f-49b9-b0d5-615d3359e16a.png)
yellowtraff.com
Open in
urlscan Pro
62.212.87.140
Public Scan
Effective URL: https://yellowtraff.com/gw?sub=5hkvu3n90atz0l8t0j280wc48%2C13418100%2C5%2C6587&source=6587&url=https%3A%2F%2Fhtzrg.com%2...
Submission: On January 24 via manual from IT
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on January 7th 2019. Valid for: 3 months.
This is the only time yellowtraff.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 52.56.150.67 52.56.150.67 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 1 | 66.175.217.160 66.175.217.160 | 63949 (LINODE-AP...) (LINODE-AP Linode) | |
1 | 52.215.113.202 52.215.113.202 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 3 | 62.212.87.140 62.212.87.140 | 60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands) | |
1 1 | 34.197.177.88 34.197.177.88 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 | 34.199.196.153 34.199.196.153 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
4 | 3 |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-56-150-67.eu-west-2.compute.amazonaws.com
track.clickclaro.xyz |
ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li512-160.members.linode.com
m.mobplus.net |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-215-113-202.eu-west-1.compute.amazonaws.com
go.traffic-c.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-197-177-88.compute-1.amazonaws.com
htzrg.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-199-196-153.compute-1.amazonaws.com
uzwhi5fnd2.pshntf.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
yellowtraff.com
1 redirects
yellowtraff.com |
10 KB |
1 |
pshntf.com
uzwhi5fnd2.pshntf.com |
75 B |
1 |
htzrg.com
1 redirects
htzrg.com |
424 B |
1 |
traffic-c.com
go.traffic-c.com |
1 KB |
1 |
mobplus.net
1 redirects
m.mobplus.net |
396 B |
1 |
clickclaro.xyz
1 redirects
track.clickclaro.xyz |
274 B |
4 | 6 |
Domain | Requested by | |
---|---|---|
3 | yellowtraff.com |
1 redirects
yellowtraff.com
|
1 | uzwhi5fnd2.pshntf.com |
yellowtraff.com
|
1 | htzrg.com | 1 redirects |
1 | go.traffic-c.com | |
1 | m.mobplus.net | 1 redirects |
1 | track.clickclaro.xyz | 1 redirects |
4 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
traffic-c.com Let's Encrypt Authority X3 |
2018-12-14 - 2019-03-14 |
3 months | crt.sh |
trk.billysrv.com Let's Encrypt Authority X3 |
2019-01-07 - 2019-04-07 |
3 months | crt.sh |
*.pshntf.com COMODO RSA Domain Validation Secure Server CA |
2018-11-27 - 2019-11-27 |
a year | crt.sh |
This page contains 1 frames:
Frame:
https://uzwhi5fnd2.pshntf.com/lp004?c=DE&rid=R15483200992869634422473609
Frame ID: DE9A8A29260C8EFCD6820125685C6E43
Requests: 4 HTTP requests in this frame
Screenshot
![](/screenshots/1a8d024a-681f-49b9-b0d5-615d3359e16a.png)
Page URL History Show full URLs
-
http://track.clickclaro.xyz/click?offer_id=3&aff_id=13&aff_sub=f2j1lcIztxMACszkAmlSs4tQdjNkIBDiR-gFIqOsB...
HTTP 307
http://m.mobplus.net/c/c/97/540?cid=e5190124083o326bd17665cea00cda82&sc=13 HTTP 302
https://go.traffic-c.com/?p=6587&media_type=mainstream&click_id=3d4b4a7e37b14f7195ed754e2c22d057&pi=5... Page URL
- https://yellowtraff.com/l/196906009217f69164ac?sub=5hkvu3n90atz0l8t0j280wc48,13418100,5,6587&source=... Page URL
-
https://yellowtraff.com/l/196906009217f69164ac?sub=5hkvu3n90atz0l8t0j280wc48,13418100,5,6587&source=...
HTTP 302
https://yellowtraff.com/gw?sub=5hkvu3n90atz0l8t0j280wc48%2C13418100%2C5%2C6587&source=6587&url=https... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://track.clickclaro.xyz/click?offer_id=3&aff_id=13&aff_sub=f2j1lcIztxMACszkAmlSs4tQdjNkIBDiR-gFIqOsBUgSaVKziegJTQYAB8QaQAQH6ATpibWNvbnZfMjAxOTAxMjExMzQ0MzNfZGZmY2JiNzhfZjUzY180NzgzXzg4YjdfNWI1M2NiZGJiMDQ5qgIONTgzNV9jZjFhM2ZkYTA&aff_sub2=7347_5835_cf1a3fda0
HTTP 307
http://m.mobplus.net/c/c/97/540?cid=e5190124083o326bd17665cea00cda82&sc=13 HTTP 302
https://go.traffic-c.com/?p=6587&media_type=mainstream&click_id=3d4b4a7e37b14f7195ed754e2c22d057&pi=540_13 Page URL
- https://yellowtraff.com/l/196906009217f69164ac?sub=5hkvu3n90atz0l8t0j280wc48,13418100,5,6587&source=6587&ctrack=1548320098.4174307832 Page URL
-
https://yellowtraff.com/l/196906009217f69164ac?sub=5hkvu3n90atz0l8t0j280wc48,13418100,5,6587&source=6587&ctrack=1548320098.4174307832&code2=Y3RtATE1NDgzMjAwOTg1MzEAc3JjAWlvAHZlcgExOQBwbHQBTGludXggeDg2XzY0AHRjaAEAaXcBMTYwMABpaAExMjAwAGF3ATE2MDAAYWgBMTIwMAB0egEwAGJ1aWQBAGNrZQExAG9ybnQBAHZuZAFHb29nbGUgSW5jLgBoc2ZjAXRydWUAZnJtAWZhbHNlAHVhAU1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzEzXzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS82Ny4wLjMzOTYuODcgU2FmYXJpLzUzNy4zNgBhNDMBMDAwMDAwAGE0NAEwMABzZgEwMDAwAGZmATExMABjaGQBMABmbHYBZmFsc2UAY2htATExMQBsbmcBMTAwMABzdHJnATEwMTExMTAAb3NjcHUBAHByZHN1YgEyMDAzMDEwNwBldmxuATMzAHJlZgFodHRwczovL2dvLnRyYWZmaWMtYy5jb20vP3A9NjU4NyZtZWRpYV90eXBlPW1haW5zdHJlYW0mY2xpY2tfaWQ9M2Q0YjRhN2UzN2IxNGY3MTk1ZWQ3NTRlMmMyMmQwNTcmcGk9NTQwXzEzAHJiY2MBMTAyNTExNTMAY250cAEAd25tAQB3Z2x2ATAAY2RnATAxMTExMTExMDAwMTEwMDAxMTExMTExMTExMTExMTExMDExMTExMTExMTExMDExMTExMTExMTExMTExMTAxMDEAd3V0AQBrbG5nAWVuLVVTAHJ0dAEwAGxhbwEAaGxzATA_
HTTP 302
https://yellowtraff.com/gw?sub=5hkvu3n90atz0l8t0j280wc48%2C13418100%2C5%2C6587&source=6587&url=https%3A%2F%2Fhtzrg.com%2Fdep.php%3Fpid%3D7642%26subid%3D855_6587%26cid%3Dbmconv_20190124095458_a2017859_bf11_4676_8169_f439587611ac%26ref%3D5hkvu3n90atz0l8t0j280wc48%2C13418100%2C5%2C6587&vId=bmconv_20190124095458_a2017859_bf11_4676_8169_f439587611ac&hash=196906009217f69164ac&ete=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://track.clickclaro.xyz/click?offer_id=3&aff_id=13&aff_sub=f2j1lcIztxMACszkAmlSs4tQdjNkIBDiR-gFIqOsBUgSaVKziegJTQYAB8QaQAQH6ATpibWNvbnZfMjAxOTAxMjExMzQ0MzNfZGZmY2JiNzhfZjUzY180NzgzXzg4YjdfNWI1M2NiZGJiMDQ5qgIONTgzNV9jZjFhM2ZkYTA&aff_sub2=7347_5835_cf1a3fda0 HTTP 307
- http://m.mobplus.net/c/c/97/540?cid=e5190124083o326bd17665cea00cda82&sc=13 HTTP 302
- https://go.traffic-c.com/?p=6587&media_type=mainstream&click_id=3d4b4a7e37b14f7195ed754e2c22d057&pi=540_13
- https://htzrg.com/dep.php?pid=7642&subid=855_6587&cid=bmconv_20190124095458_a2017859_bf11_4676_8169_f439587611ac&ref=5hkvu3n90atz0l8t0j280wc48,13418100,5,6587 HTTP 302
- https://uzwhi5fnd2.pshntf.com/lp004?c=DE&rid=R15483200992869634422473609
4 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
go.traffic-c.com/ Redirect Chain
|
919 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
196906009217f69164ac
yellowtraff.com/l/ |
18 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
gw
yellowtraff.com/ Redirect Chain
|
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lp004
uzwhi5fnd2.pshntf.com/ Redirect Chain
|
0 75 B |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
go.traffic-c.com
htzrg.com
m.mobplus.net
track.clickclaro.xyz
uzwhi5fnd2.pshntf.com
yellowtraff.com
34.197.177.88
34.199.196.153
52.215.113.202
52.56.150.67
62.212.87.140
66.175.217.160
b7806578c7b5de3f40d8e4696a84c3b0b4e686e0b7dea2e935af3df63404e523
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855