secureclick.cc
Open in
urlscan Pro
2606:4700:3037::ac43:b272
Public Scan
Submitted URL: http://fhepcvepayments.com/
Effective URL: https://secureclick.cc/prelander/dating/global/age_check_tiktok/sex.php?lpkey=1607779f239a883a48&domain=exotra.cc&uclic...
Submission: On February 24 via api from GB — Scanned from NL
Effective URL: https://secureclick.cc/prelander/dating/global/age_check_tiktok/sex.php?lpkey=1607779f239a883a48&domain=exotra.cc&uclic...
Submission: On February 24 via api from GB — Scanned from NL
Summary
This website contacted 6 IPs
in 3 countries
across 8 domains to perform 9 HTTP transactions.
The main IP is 2606:4700:3037::ac43:b272, located in
United States and
belongs to CLOUDFLARENET, US.
The main domain is secureclick.cc.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 16th 2022. Valid for: a year.
This is the only time secureclick.cc was scanned on urlscan.io!
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 16th 2022. Valid for: a year.
This is the only time secureclick.cc was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 2a06:98c1:312... 2a06:98c1:3120::c | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 2 | 52.116.53.155 52.116.53.155 | 36351 (SOFTLAYER) (SOFTLAYER) | |
| 1 1 | 2a06:98c1:312... 2a06:98c1:3121::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 2 | 2606:4700:303... 2606:4700:3037::ac43:b272 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 2606:4700::68... 2606:4700::6811:190e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 2.23.97.11 2.23.97.11 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 3 | 139.45.197.251 139.45.197.251 | 9002 (RETN-AS) (RETN-AS) | |
| 1 | 139.45.195.8 139.45.195.8 | 9002 (RETN-AS) (RETN-AS) | |
| 9 | 6 |
2
52.116.53.155
(United States)
ASN36351 (SOFTLAYER, US)
PTR: 9b.35.7434.ip4.static.sl-reverse.com
ASN36351 (SOFTLAYER, US)
PTR: 9b.35.7434.ip4.static.sl-reverse.com
| mybettermb.com | |
| p374591.mybettermb.com |
1
2.23.97.11
(Vienna, Austria)
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-23-97-11.deploy.static.akamaitechnologies.com
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-23-97-11.deploy.static.akamaitechnologies.com
| cdn-bimi.akamaized.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 3 |
oungimuk.net
oungimuk.net — Cisco Umbrella Rank: 121777 |
16 KB |
| 2 |
secureclick.cc
secureclick.cc |
18 KB |
| 2 |
mybettermb.com
1 redirects
mybettermb.com — Cisco Umbrella Rank: 89242 p374591.mybettermb.com — Cisco Umbrella Rank: 674401 |
1 KB |
| 1 |
rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 12379 |
543 B |
| 1 |
akamaized.net
cdn-bimi.akamaized.net — Cisco Umbrella Rank: 470877 |
2 KB |
| 1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 195 |
2 KB |
| 1 |
exotra.cc
1 redirects
exotra.cc |
741 B |
| 1 |
fhepcvepayments.com
1 redirects
fhepcvepayments.com |
2 KB |
| 9 | 8 |
| Domain | Requested by | |
|---|---|---|
| 3 | oungimuk.net |
secureclick.cc
oungimuk.net |
| 2 | secureclick.cc |
p374591.mybettermb.com
secureclick.cc |
| 1 | my.rtmark.net |
oungimuk.net
|
| 1 | cdn-bimi.akamaized.net |
secureclick.cc
|
| 1 | cdnjs.cloudflare.com |
secureclick.cc
|
| 1 | exotra.cc | 1 redirects |
| 1 | p374591.mybettermb.com | |
| 1 | mybettermb.com | 1 redirects |
| 1 | fhepcvepayments.com | 1 redirects |
| 9 | 9 |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.mybettermb.com Sectigo RSA Domain Validation Secure Server CA |
2022-11-02 - 2023-11-02 |
a year | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-16 - 2023-06-15 |
a year | crt.sh |
| a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-06-28 - 2023-06-30 |
a year | crt.sh |
| oungimuk.net R3 |
2023-01-27 - 2023-04-27 |
3 months | crt.sh |
| rtmark.net R3 |
2023-02-15 - 2023-05-16 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://secureclick.cc/prelander/dating/global/age_check_tiktok/sex.php?lpkey=1607779f239a883a48&domain=exotra.cc&uclick=hee8a53y&uclickhash=hee8a53y-hee8a53y-bz-0-bz-9l-6j-1a315d
Frame ID: 48C58E68DDAD95B8478D102EEA3A6BAD
Requests: 9 HTTP requests in this frame
Screenshot
Page Title
18+Page URL History Show full URLs
-
http://fhepcvepayments.com/
HTTP 302
https://mybettermb.com/aS/feedclick?s=gOFibdQ_reeRL2-jLAoMi1-L-OG5P5oLQQbK9sgQOBWt3Q5wgRfquVMf3UExs... HTTP 302
https://p374591.mybettermb.com/adServe/domainClick?ai=W6LwHsBtbbGSb241Mczh-FFU8z1txjJDWMt-o_jCWYx4Hq4Dg9hbY... Page URL
-
https://exotra.cc/b/click.php?key=3sj3g3to09xks9v3hoam&subid=90066395817&bid=0.0009&site=44518...
HTTP 302
https://secureclick.cc/prelander/dating/global/age_check_tiktok/sex.php?lpkey=1607779f239a883a48&do... Page URL
Detected technologies
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- \.php(?:$|\?)
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
URL: https://exotra.cc/b/click.php?lp=1
Title: Yes
Title: Yes
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://fhepcvepayments.com/
HTTP 302
https://mybettermb.com/aS/feedclick?s=gOFibdQ_reeRL2-jLAoMi1-L-OG5P5oLQQbK9sgQOBWt3Q5wgRfquVMf3UExskdoHT9aCzGExlmC1H2g0f_zXlVR_iJrSaT2hvzYfNFjJsKn06qgcpL4cMekvHstgT9yoXj-_RA3t99KvxRhlTspZcZTps4EeX4d50KEGVbR9VHB2Os-U9iuzRU_-GUXMnGIZikZ1GSp_n2wP4X0dUT3Mwzd2n-xlFVaWGBNpJdgdmfuQn-y8FZpGkPpEN-89THsCZ_brz4jSTLc3JKpsC8W8zabWnBVMhtWL9hKURoTXSZsWKiO2-cqRaHk3G1JQgfmEzjCeJVqmiYdAtizwKkS53V98jkQnoyTAVQszuMAXLOjpI_1axRjdmF0wAyzY5QKRBpd57aBTTe49dFghSMMvrZ2pDujJmig1F7xbPFx-aO-htWqA2OpugrEgKp3J1xwxZ6ZQuU8i55RwK7qQvzG0uk8dQs3Ei2G7rWgicpY9pQAt6OCWzQWy-oWU0v5Z_3sRhNBP-CkbXa_vFnNdfb1ATYiXt29Zk_ESYy3iKJk9Xvc6jTjNKWGvi4UDDu-TY0leCDKih9y3-_9_cfDAGfjpj5wqr7tSzeaWuROLwncfj7n8BL-jT9_Y6DNfQ8-9Snnet77oooMr4XEaG3QYAhUWlDbOPdVYe2-Rn_uKaw6DTjrgKpSIxiUY4FYr9tcMBMSO7EGTKs31DoBEgCv21wC3L9Jl3ZWnsp_isZRATMqD_7SNs2JBGO0IPXxOBOmLUn3Uy0LSQNhYTUs-kRhH7dvvFi6kgAkS2OmJgUBf9B2S3TJpxi9Kxuyh4N_Ff81lFki-gGHWlBW9HxDXK-p-WHrH3a1AdWuVKaODl4OPdekq1y7fJPfprpufkqzLDlUjqxSDjmcoqOX7qPCmGmekBdrWWXJhEJPyUEUgpVrr2IIMLKTmQ1dihtP9aBBhWU8rFIADK-Xe1XcS2ugngA9SL4TWj_LFKaQfdCIz9YxWNjV5ncsOZlVMgYw9pvgvZ954MzRRSDlApChyURIwTmxYSdxjcW_LZEobZfJsgSZluxHBz07pgHk6WO8eNpqovRHA8A5hQo4QOZKHM-HX8y66E6MIDjFpjO-N-K6_e4GS827GsDtuMGxczq5MOrxMcIMxGZ8Dd6khgw1xixSpYJ2zq1g4FgKtUs_DqCL1N59spEwrExEXOdsXUFotKxL0NGHGHiputkShADkMQ5ODOaCpIhqXgFjBssk8IsNjhms6clfKgpK1HGoEhL8aQP5G2oPQOEnpzHL4_k9buJTAtBYvQ1DU8taBlhdajoTeF_Gvb0_h6kCo-5eDK5lquF-8HRrbc13JJUdWAduwfZBNOoLxzq14q6AMcFvrxfUZZJCxAdeOqU HTTP 302
https://p374591.mybettermb.com/adServe/domainClick?ai=W6LwHsBtbbGSb241Mczh-FFU8z1txjJDWMt-o_jCWYx4Hq4Dg9hbYvzrtSGNAreXC6cH_WL1V9ZdIg_RsZOzQgK8sczUyG_FAz4mvdD0n7T5PQC-Ns7H0UP4ihGJaOYXuSZG5kYBcSChWrax0TgOH2iwbqyxMEHnZT4gk-eVXV_uLljrvxIndZgx0ODFmeGzrkq4k_0v1wwELAhEM8MXKnikjAWvIHPKAN9Mp4i1-DgWn-F8pn0nQEDhknBrSU708Kx46MHlupAU0YSU699U-rM-hOHySnRLaygrY9BHdw_UdqdcHeTAytQNy0EHlsrgDOnEXZ7OoQmRFmgORM3pNC4OL1mnImvE_T1XpkVx2uomDW_olsHQNA&ui=4mm7HB0T_jnQKo9BxOvwg1CDPzYxHsT5tsY9AQadO5ujSg0Me2EIGYUPJQ75pelRc6Zw_lDZQW9eBykUhlXbYqhrlOPDn-UEyyb9uZCDy7aMuOpUmEv_B6aasxJNPnCO&si=1&oref=ebedd9b053812936ed9b26a94f49cc0e&optunit=JJUdWAduwfZBNOoLxzq14uiYnnC3Du8g&rb=g023FNjug5I&rr=1&isco=t&abtg=0 Page URL
-
https://exotra.cc/b/click.php?key=3sj3g3to09xks9v3hoam&subid=90066395817&bid=0.0009&site=445187053&source=445187053&clickid=90066395817&browser=Chrome+109&geo=NL&campaign_name=self+global&device=Mobile&os=Android+10.x+Mobile
HTTP 302
https://secureclick.cc/prelander/dating/global/age_check_tiktok/sex.php?lpkey=1607779f239a883a48&domain=exotra.cc&uclick=hee8a53y&uclickhash=hee8a53y-hee8a53y-bz-0-bz-9l-6j-1a315d Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://fhepcvepayments.com/ HTTP 302
- https://mybettermb.com/aS/feedclick?s=gOFibdQ_reeRL2-jLAoMi1-L-OG5P5oLQQbK9sgQOBWt3Q5wgRfquVMf3UExskdoHT9aCzGExlmC1H2g0f_zXlVR_iJrSaT2hvzYfNFjJsKn06qgcpL4cMekvHstgT9yoXj-_RA3t99KvxRhlTspZcZTps4EeX4d50KEGVbR9VHB2Os-U9iuzRU_-GUXMnGIZikZ1GSp_n2wP4X0dUT3Mwzd2n-xlFVaWGBNpJdgdmfuQn-y8FZpGkPpEN-89THsCZ_brz4jSTLc3JKpsC8W8zabWnBVMhtWL9hKURoTXSZsWKiO2-cqRaHk3G1JQgfmEzjCeJVqmiYdAtizwKkS53V98jkQnoyTAVQszuMAXLOjpI_1axRjdmF0wAyzY5QKRBpd57aBTTe49dFghSMMvrZ2pDujJmig1F7xbPFx-aO-htWqA2OpugrEgKp3J1xwxZ6ZQuU8i55RwK7qQvzG0uk8dQs3Ei2G7rWgicpY9pQAt6OCWzQWy-oWU0v5Z_3sRhNBP-CkbXa_vFnNdfb1ATYiXt29Zk_ESYy3iKJk9Xvc6jTjNKWGvi4UDDu-TY0leCDKih9y3-_9_cfDAGfjpj5wqr7tSzeaWuROLwncfj7n8BL-jT9_Y6DNfQ8-9Snnet77oooMr4XEaG3QYAhUWlDbOPdVYe2-Rn_uKaw6DTjrgKpSIxiUY4FYr9tcMBMSO7EGTKs31DoBEgCv21wC3L9Jl3ZWnsp_isZRATMqD_7SNs2JBGO0IPXxOBOmLUn3Uy0LSQNhYTUs-kRhH7dvvFi6kgAkS2OmJgUBf9B2S3TJpxi9Kxuyh4N_Ff81lFki-gGHWlBW9HxDXK-p-WHrH3a1AdWuVKaODl4OPdekq1y7fJPfprpufkqzLDlUjqxSDjmcoqOX7qPCmGmekBdrWWXJhEJPyUEUgpVrr2IIMLKTmQ1dihtP9aBBhWU8rFIADK-Xe1XcS2ugngA9SL4TWj_LFKaQfdCIz9YxWNjV5ncsOZlVMgYw9pvgvZ954MzRRSDlApChyURIwTmxYSdxjcW_LZEobZfJsgSZluxHBz07pgHk6WO8eNpqovRHA8A5hQo4QOZKHM-HX8y66E6MIDjFpjO-N-K6_e4GS827GsDtuMGxczq5MOrxMcIMxGZ8Dd6khgw1xixSpYJ2zq1g4FgKtUs_DqCL1N59spEwrExEXOdsXUFotKxL0NGHGHiputkShADkMQ5ODOaCpIhqXgFjBssk8IsNjhms6clfKgpK1HGoEhL8aQP5G2oPQOEnpzHL4_k9buJTAtBYvQ1DU8taBlhdajoTeF_Gvb0_h6kCo-5eDK5lquF-8HRrbc13JJUdWAduwfZBNOoLxzq14q6AMcFvrxfUZZJCxAdeOqU HTTP 302
- https://p374591.mybettermb.com/adServe/domainClick?ai=W6LwHsBtbbGSb241Mczh-FFU8z1txjJDWMt-o_jCWYx4Hq4Dg9hbYvzrtSGNAreXC6cH_WL1V9ZdIg_RsZOzQgK8sczUyG_FAz4mvdD0n7T5PQC-Ns7H0UP4ihGJaOYXuSZG5kYBcSChWrax0TgOH2iwbqyxMEHnZT4gk-eVXV_uLljrvxIndZgx0ODFmeGzrkq4k_0v1wwELAhEM8MXKnikjAWvIHPKAN9Mp4i1-DgWn-F8pn0nQEDhknBrSU708Kx46MHlupAU0YSU699U-rM-hOHySnRLaygrY9BHdw_UdqdcHeTAytQNy0EHlsrgDOnEXZ7OoQmRFmgORM3pNC4OL1mnImvE_T1XpkVx2uomDW_olsHQNA&ui=4mm7HB0T_jnQKo9BxOvwg1CDPzYxHsT5tsY9AQadO5ujSg0Me2EIGYUPJQ75pelRc6Zw_lDZQW9eBykUhlXbYqhrlOPDn-UEyyb9uZCDy7aMuOpUmEv_B6aasxJNPnCO&si=1&oref=ebedd9b053812936ed9b26a94f49cc0e&optunit=JJUdWAduwfZBNOoLxzq14uiYnnC3Du8g&rb=g023FNjug5I&rr=1&isco=t&abtg=0
9 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
domainClick
p374591.mybettermb.com/adServe/ Redirect Chain
|
420 B 678 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
sex.php
secureclick.cc/prelander/dating/global/age_check_tiktok/ Redirect Chain
|
27 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
froala_style.min.css
cdnjs.cloudflare.com/ajax/libs/froala-editor/2.8.5/css/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sex.png
secureclick.cc/prelander/dating/global/age_check_tiktok/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
popunder.js
cdn-bimi.akamaized.net/mr/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
micro.tag.min.js
oungimuk.net/pfe/current/ |
40 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
zone
oungimuk.net/ |
0 251 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gid.js
my.rtmark.net/ |
65 B 543 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zone
oungimuk.net/ |
911 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
25 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless function| getURLParameter string| lang string| td object| clk string| backOfferUrl number| popunderPeriod string| popunderUrl string| popunderTrigger string| starUrl object| popunderTargets string| cookieName number| starPop undefined| elms undefined| it undefined| selectors function| setCookie function| getCookie function| preventDefault function| openWindow function| mobilePop function| callback function| addClickEvent object| s object| zfgformats5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .mybettermb.com/ | Name: rhid Value: 82912612573 |
|
| .mybettermb.com/ | Name: loi Value: ad_1139805_off_584027_aff_87907_cid_374591-FHEPCVEPAYMENTS.COM_ts_1677238547 |
|
| exotra.cc/ | Name: uclick Value: hee8a53y |
|
| exotra.cc/ | Name: uclickhash Value: hee8a53y-hee8a53y-bz-0-bz-9l-6j-1a315d |
|
| my.rtmark.net/ | Name: ID Value: a3c0fb80401841f4a5d6664ec50b1e18 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn-bimi.akamaized.net
cdnjs.cloudflare.com
exotra.cc
fhepcvepayments.com
my.rtmark.net
mybettermb.com
oungimuk.net
p374591.mybettermb.com
secureclick.cc
139.45.195.8
139.45.197.251
2.23.97.11
2606:4700:3037::ac43:b272
2606:4700::6811:190e
2a06:98c1:3120::c
2a06:98c1:3121::3
52.116.53.155
1cfc73a6db9523c12b6b7f5d009bed19c8799eed001f607bd891a1fd838b7739
2ebdbd8eb2c4bdcc6740825252a25e2e0c78ed44466462bb4d94d1d354f170c3
45d95bb86d9a13bdb56282ac3244651c6b1cccd72a2cb93e914e6c5541966b65
949052e6eb31eac7d6e2321332cb887432c175aa9c5021691a64cd97a9f9f347
bb9ccc531d2dd2b1f1bab74c928c61ff2060fda750fe294b0a21cfa4241145de
d30f4d51007b1c8c80ac214a2b461684982a25563c4d869bc7f8f69dc1ce753a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e66e105cbf2649d3fe50db11043a86fc10e1dc9298a8e0e84fb1f0d1198b3c5a