68844370a.shakingclicks.com
Open in
urlscan Pro
35.157.9.102
Public Scan
Effective URL: https://68844370a.shakingclicks.com/cur/offer_unavailable.html?jj=1
Submission: On December 12 via manual from CO
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on September 18th 2019. Valid for: 3 months.
This is the only time 68844370a.shakingclicks.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 88.85.69.166 88.85.69.166 | 35415 (WEBZILLA) (WEBZILLA) | |
1 | 78.140.165.10 78.140.165.10 | 35415 (WEBZILLA) (WEBZILLA) | |
1 | 95.216.123.230 95.216.123.230 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 2 | 3.210.48.221 3.210.48.221 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
2 | 35.157.9.102 35.157.9.102 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
5 | 4 |
ASN24940 (HETZNER-AS, DE)
PTR: static.230.123.216.95.clients.your-server.de
1d61d00c1f8.tc-traffic.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-210-48-221.compute-1.amazonaws.com
track.adxmea.net |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-157-9-102.eu-central-1.compute.amazonaws.com
68844370a.shakingclicks.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
shakingclicks.com
68844370a.shakingclicks.com |
3 KB |
2 |
adxmea.net
1 redirects
track.adxmea.net |
814 B |
1 |
tc-traffic.com
1d61d00c1f8.tc-traffic.com |
1 KB |
1 |
th1sib3stway.com
th1sib3stway.com |
8 KB |
1 |
1getbestf1le3.xyz
1 redirects
1getbestf1le3.xyz |
520 B |
5 | 5 |
Domain | Requested by | |
---|---|---|
2 | 68844370a.shakingclicks.com |
68844370a.shakingclicks.com
|
2 | track.adxmea.net | 1 redirects |
1 | 1d61d00c1f8.tc-traffic.com |
th1sib3stway.com
|
1 | th1sib3stway.com | |
1 | 1getbestf1le3.xyz | 1 redirects |
5 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.tc-traffic.com Let's Encrypt Authority X3 |
2019-11-21 - 2020-02-19 |
3 months | crt.sh |
track.adxmea.net Sectigo RSA Domain Validation Secure Server CA |
2019-02-14 - 2020-02-14 |
a year | crt.sh |
*.runclickrun.com Let's Encrypt Authority X3 |
2019-09-18 - 2019-12-17 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://68844370a.shakingclicks.com/cur/offer_unavailable.html?jj=1
Frame ID: B2636B70A3A9958B58849B513F43F516
Requests: 5 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://1getbestf1le3.xyz/
HTTP 302
http://th1sib3stway.com/r?token=a52607692eb999d010fba6a306ace4db817ec236&s1=262&s2=eyJicm93c2VyIjoiQ... Page URL
- https://1d61d00c1f8.tc-traffic.com/?p=6536&media_type=mainstream&click_id=ABGv8l2EBQAARyACAERFNAASAMZzjusA Page URL
- https://track.adxmea.net/aff_c?aid=1041601&oid=204708&source=6536&aff_sub=5l4wa7p2k89fdfly2zxgkw40s,1... Page URL
-
https://track.adxmea.net/v2/hr?s=AAdXJsPWh0dHBzJTNBJTJGJTJGNjg4NDQzNzBhLnNoYWtpbmdjbGlja3MuY29tJTJGJT...
HTTP 302
https://68844370a.shakingclicks.com/?mob=RcKJ4CdaCJVMPBU15SU4QHKmNIIt0HWLKXDXg_tZzA8&clickid=59jcclkitsru_3gfByT... Page URL
- https://68844370a.shakingclicks.com/cur/offer_unavailable.html?jj=1 Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://1getbestf1le3.xyz/
HTTP 302
http://th1sib3stway.com/r?token=a52607692eb999d010fba6a306ace4db817ec236&s1=262&s2=eyJicm93c2VyIjoiQ2hyb21lICIsImJyb3dzZXJfdmVyc2lvbiI6Ijc0LjAuMzcyOSIsIm9zIjoiTWFjIE9TIFggMTAuMTQuNSJ9&s3=eyJ1dG1fc291cmNlIjpudWxsLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX3Rlcm0iOiJTZXR1cC5leGUiLCJ1dG1fY29udGVudCI6bnVsbH0_&q=Setup Page URL
- https://1d61d00c1f8.tc-traffic.com/?p=6536&media_type=mainstream&click_id=ABGv8l2EBQAARyACAERFNAASAMZzjusA Page URL
- https://track.adxmea.net/aff_c?aid=1041601&oid=204708&source=6536&aff_sub=5l4wa7p2k89fdfly2zxgkw40s,14649834,5,6536 Page URL
-
https://track.adxmea.net/v2/hr?s=AAdXJsPWh0dHBzJTNBJTJGJTJGNjg4NDQzNzBhLnNoYWtpbmdjbGlja3MuY29tJTJGJTNGbW9iJTNEUmNLSjRDZGFDSlZNUEJVMTVTVTRRSEttTklJdDBIV0xLWERYZ190WnpBOCUyNmNsaWNraWQlM0Q1OWpjY2xraXRzcnVfM2dmQnlUOEFCZjRRVnRRZGpOayUyNnN1YmlkJTNEMTA0MTYwMV82NTM2JmhpZGVfcmVmZXI9NA==&t=18931
HTTP 302
https://68844370a.shakingclicks.com/?mob=RcKJ4CdaCJVMPBU15SU4QHKmNIIt0HWLKXDXg_tZzA8&clickid=59jcclkitsru_3gfByT8ABf4QVtQdjNk&subid=1041601_6536 Page URL
- https://68844370a.shakingclicks.com/cur/offer_unavailable.html?jj=1 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://1getbestf1le3.xyz/ HTTP 302
- http://th1sib3stway.com/r?token=a52607692eb999d010fba6a306ace4db817ec236&s1=262&s2=eyJicm93c2VyIjoiQ2hyb21lICIsImJyb3dzZXJfdmVyc2lvbiI6Ijc0LjAuMzcyOSIsIm9zIjoiTWFjIE9TIFggMTAuMTQuNSJ9&s3=eyJ1dG1fc291cmNlIjpudWxsLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX3Rlcm0iOiJTZXR1cC5leGUiLCJ1dG1fY29udGVudCI6bnVsbH0_&q=Setup
- https://track.adxmea.net/v2/hr?s=AAdXJsPWh0dHBzJTNBJTJGJTJGNjg4NDQzNzBhLnNoYWtpbmdjbGlja3MuY29tJTJGJTNGbW9iJTNEUmNLSjRDZGFDSlZNUEJVMTVTVTRRSEttTklJdDBIV0xLWERYZ190WnpBOCUyNmNsaWNraWQlM0Q1OWpjY2xraXRzcnVfM2dmQnlUOEFCZjRRVnRRZGpOayUyNnN1YmlkJTNEMTA0MTYwMV82NTM2JmhpZGVfcmVmZXI9NA==&t=18931 HTTP 302
- https://68844370a.shakingclicks.com/?mob=RcKJ4CdaCJVMPBU15SU4QHKmNIIt0HWLKXDXg_tZzA8&clickid=59jcclkitsru_3gfByT8ABf4QVtQdjNk&subid=1041601_6536
5 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
r
th1sib3stway.com/ Redirect Chain
|
7 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
1d61d00c1f8.tc-traffic.com/ |
883 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aff_c
track.adxmea.net/ |
499 B 617 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
68844370a.shakingclicks.com/ Redirect Chain
|
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
offer_unavailable.html
68844370a.shakingclicks.com/cur/ |
1 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
1d61d00c1f8.tc-traffic.com
1getbestf1le3.xyz
68844370a.shakingclicks.com
th1sib3stway.com
track.adxmea.net
3.210.48.221
35.157.9.102
78.140.165.10
88.85.69.166
95.216.123.230
0f4a2a429a88d6e73f4d39b3c3bcc839112dacc5927b49df670caaf7506b5f60
80144e98c9b59aab0eb8286f8cf0a4e13e47af2675f414b087b639f64400f969
c35f268ff24e4198f492b8025b82912eb911e2b95e66a6295eff0c6edd96bc49
d8bf9c8c2298db5d2750c1081cd81b669c7492ee35faeb2cd9d15b2a871a0d68
e1013020b7032453aed28afcd46e8492c9a8e87bd7c75506fec3cf86b5ada886