secureclick.cc
Open in
urlscan Pro
2606:4700:3037::ac43:b272
Public Scan
Effective URL: https://secureclick.cc/prelander/dating/global/age_check_tiktok/sex.php?lpkey=16d377a3239e888453&domain=exotra.cc&uclic...
Submission: On February 24 via api from GB — Scanned from NL
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 16th 2022. Valid for: a year.
This is the only time secureclick.cc was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2a06:98c1:312... 2a06:98c1:3120::c | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 2 | 52.116.53.155 52.116.53.155 | 36351 (SOFTLAYER) (SOFTLAYER) | |
1 1 | 2a06:98c1:312... 2a06:98c1:3121::c | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700:303... 2606:4700:3037::ac43:b272 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6811:190e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 23.50.131.20 23.50.131.20 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
3 | 139.45.197.251 139.45.197.251 | 9002 (RETN-AS) (RETN-AS) | |
1 | 139.45.195.8 139.45.195.8 | 9002 (RETN-AS) (RETN-AS) | |
9 | 6 |
ASN36351 (SOFTLAYER, US)
PTR: 9b.35.7434.ip4.static.sl-reverse.com
mybettermb.com | |
p374591.mybettermb.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-50-131-20.deploy.static.akamaitechnologies.com
cdn-bimi.akamaized.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
oungimuk.net
oungimuk.net — Cisco Umbrella Rank: 121777 |
16 KB |
2 |
secureclick.cc
secureclick.cc |
18 KB |
2 |
mybettermb.com
1 redirects
mybettermb.com — Cisco Umbrella Rank: 89242 p374591.mybettermb.com — Cisco Umbrella Rank: 674401 |
1 KB |
1 |
rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 12379 |
544 B |
1 |
akamaized.net
cdn-bimi.akamaized.net — Cisco Umbrella Rank: 470877 |
2 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 195 |
2 KB |
1 |
exotra.cc
1 redirects
exotra.cc |
745 B |
1 |
fhpccvepayments.com
1 redirects
fhpccvepayments.com |
2 KB |
9 | 8 |
Domain | Requested by | |
---|---|---|
3 | oungimuk.net |
secureclick.cc
oungimuk.net |
2 | secureclick.cc |
p374591.mybettermb.com
secureclick.cc |
1 | my.rtmark.net |
oungimuk.net
|
1 | cdn-bimi.akamaized.net |
secureclick.cc
|
1 | cdnjs.cloudflare.com |
secureclick.cc
|
1 | exotra.cc | 1 redirects |
1 | p374591.mybettermb.com | |
1 | mybettermb.com | 1 redirects |
1 | fhpccvepayments.com | 1 redirects |
9 | 9 |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.mybettermb.com Sectigo RSA Domain Validation Secure Server CA |
2022-11-02 - 2023-11-02 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-16 - 2023-06-15 |
a year | crt.sh |
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-06-28 - 2023-06-30 |
a year | crt.sh |
oungimuk.net R3 |
2023-01-27 - 2023-04-27 |
3 months | crt.sh |
rtmark.net R3 |
2023-02-15 - 2023-05-16 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://secureclick.cc/prelander/dating/global/age_check_tiktok/sex.php?lpkey=16d377a3239e888453&domain=exotra.cc&uclick=hee8a6fe&uclickhash=hee8a6fe-hee8a6fe-bz-0-bz-9l-6j-6e2f73
Frame ID: 565142D2D6E98C26E184F5178638C279
Requests: 9 HTTP requests in this frame
Screenshot
Page Title
18+Page URL History Show full URLs
-
http://fhpccvepayments.com/
HTTP 302
https://mybettermb.com/aS/feedclick?s=gOFibdQ_reeRL2-jLAoMi1-L-OG5P5oL14siUQTSg5WPLg4Sv_Eeo7g32pNA5... HTTP 302
https://p374591.mybettermb.com/adServe/domainClick?ai=W6LwHsBtbbGSb241Mczh-F_vey80ZLTZWMt-o_jCWYx4Hq4Dg9hbY... Page URL
-
https://exotra.cc/b/click.php?key=3sj3g3to09xks9v3hoam&subid=90066422442&bid=0.0009&site=44517...
HTTP 302
https://secureclick.cc/prelander/dating/global/age_check_tiktok/sex.php?lpkey=16d377a3239e888453&do... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Yes
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://fhpccvepayments.com/
HTTP 302
https://mybettermb.com/aS/feedclick?s=gOFibdQ_reeRL2-jLAoMi1-L-OG5P5oL14siUQTSg5WPLg4Sv_Eeo7g32pNA5f5W0F5DBqutFioRv-lOIakE3DuHqv5YEePP6IkCbg7sKEvYHBXOP_rLZRBZh6hiaVCNmEqAJIny0JjYunM0ClN1o6ln2qeMlLf4jx9U83IgdUIOgGVA0c_W4zhF-IhhnIVNLqpix-mxgdqq12B14Pd7IFK_XOYnBlK6iPIt7BVkO6yvW-lwJaXYSs5-SCH4a42kRcz3ZLcgrdWhefMmGlYXhLipu5TdSf2H8uZGDB-iehXEWIoc1yluVT013oV-oPJlm5iBnac5eoUs44750Y2n_cGDeHHAzsKjjE7ZnrXb5iuq9X6qdH7tSNYSfTDMMFnXqYNlA3mIW_54G-NjdYcQp8h_at_0XkXc-Y_DToNV2YGpl4_RsvL539N9Lc4btOyR0lsx7sdGwupeTtGkJdhmK-mdlGYTQ5VNwRW7HqZ_Vudie0d88iJD6e0RirDKmO1bEE93CWFNxqeRo4QOC6wKPTkswTCEkmj1VpQIZPTAG_AHsKP2IxW8GILqYL85A2V3Ek-ZrjSLarioc8XFgZ6p1rQd4KtfYu22ug-jVuTTFBt8f0WhZUBTUf_7xA7oNNL0PeHa-_mIorSiPsZqsXRMewFzwM4h4aOqg20Db9oOYyMrfE43kIo3UZMEQ1IxiNxRlr6TujevHYQhQyJhha7INZS4XkO1bByRzY4koFXTQkArAahzCoN35AeFQ3eUOfod_wgxes3fgUUTtlVC96F-pgYTXTS6AKxw5CDeQ2kob9-JPo7B2WmtrX7LSPyNyoWBtgi3Q2S2nKx4-4Z5uhwlSaFq2INJ6buOVCT7Ph7KbCrWz_pI3_0G3iZJ7oUoyrlfNVloe-SqYzuP0Jox4yBDU-tyxqXOYcqsA7wBOEp4Rur63qtSVhqcBDurMwtK0fGCLLr2KRTCmIa22jrfeEIvGu5mHSollN8_7h83WdwDiz0DQXDVb8jeRht7masfIpUQQeoicfcYM8mG8ySH5h4-VA2VuoNeNSdBVDDgrUT4dOz4V5q3rSKM3NQG0tD0l2adFcezebfb8QRpP3LxTo2OwrMtwo6kBcJIjpPgobLOX5DFcZHJN3cgM_xOoM1mVJCUTs-ylLhx7kgQQKjkHbHaKTe-50Swhyy2pAATtx_josdvD63VsuJMoCVRb5PyXkiY0P0a7lj_lZfzLXh0sr4Hmx-7MlF3dnaLZIT4_8PJfXn74jLIw4XZ0lx_HS2HdDiRrkq4k_0v1wzSceA83lJYCz-jr6NciUJSY2F1VpwSY7PU3n2ykTCsTOnq3YN_0ZLzemEUAp0nj2VgEcbh7gTyGe_rnVDtDGsTJg1v6JbB0DQ HTTP 302
https://p374591.mybettermb.com/adServe/domainClick?ai=W6LwHsBtbbGSb241Mczh-F_vey80ZLTZWMt-o_jCWYx4Hq4Dg9hbYvzrtSGNAreXlh4WjfsEUSFdIg_RsZOzQgK8sczUyG_FAz4mvdD0n7T5PQC-Ns7H0UP4ihGJaOYXuSZG5kYBcSAoNJ0GnymVkGiwbqyxMEHnZT4gk-eVXV_uLljrvxIndZgx0ODFmeGzrkq4k_0v1wzSceA83lJYC3ikjAWvIHPKAN9Mp4i1-DgWn-F8pn0nQEDhknBrSU708Kx46MHlupAU0YSU699U-rM-hOHySnRLaygrY9BHdw_UdqdcHeTAytQNy0EHlsrgDOnEXZ7OoQmRFmgORM3pNC4OL1mnImvE_T1XpkVx2uomDW_olsHQNA&ui=4mm7HB0T_jnQKo9BxOvwgyRswabCJl7NgFU2YrVLa1X6j4B7o6Ku1oy8cgaG1EHilH_Ousj5Rn5agRhWOppVXpvUCD90F_PYl2B4Pgd_7cB3dxQtM5MB6-M0Mmv1pbRH&si=1&oref=20acc96b91b1572e464c92f119ac00c7&optunit=98s-FzJBkClBNOoLxzq14uiYnnC3Du8g&rb=g023FNjug5I&rr=1&isco=t&abtg=0 Page URL
-
https://exotra.cc/b/click.php?key=3sj3g3to09xks9v3hoam&subid=90066422442&bid=0.0009&site=445171369&source=445171369&clickid=90066422442&browser=Chrome+109&geo=NL&campaign_name=self+global&device=Mobile&os=Android+10.x+Mobile
HTTP 302
https://secureclick.cc/prelander/dating/global/age_check_tiktok/sex.php?lpkey=16d377a3239e888453&domain=exotra.cc&uclick=hee8a6fe&uclickhash=hee8a6fe-hee8a6fe-bz-0-bz-9l-6j-6e2f73 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://fhpccvepayments.com/ HTTP 302
- https://mybettermb.com/aS/feedclick?s=gOFibdQ_reeRL2-jLAoMi1-L-OG5P5oL14siUQTSg5WPLg4Sv_Eeo7g32pNA5f5W0F5DBqutFioRv-lOIakE3DuHqv5YEePP6IkCbg7sKEvYHBXOP_rLZRBZh6hiaVCNmEqAJIny0JjYunM0ClN1o6ln2qeMlLf4jx9U83IgdUIOgGVA0c_W4zhF-IhhnIVNLqpix-mxgdqq12B14Pd7IFK_XOYnBlK6iPIt7BVkO6yvW-lwJaXYSs5-SCH4a42kRcz3ZLcgrdWhefMmGlYXhLipu5TdSf2H8uZGDB-iehXEWIoc1yluVT013oV-oPJlm5iBnac5eoUs44750Y2n_cGDeHHAzsKjjE7ZnrXb5iuq9X6qdH7tSNYSfTDMMFnXqYNlA3mIW_54G-NjdYcQp8h_at_0XkXc-Y_DToNV2YGpl4_RsvL539N9Lc4btOyR0lsx7sdGwupeTtGkJdhmK-mdlGYTQ5VNwRW7HqZ_Vudie0d88iJD6e0RirDKmO1bEE93CWFNxqeRo4QOC6wKPTkswTCEkmj1VpQIZPTAG_AHsKP2IxW8GILqYL85A2V3Ek-ZrjSLarioc8XFgZ6p1rQd4KtfYu22ug-jVuTTFBt8f0WhZUBTUf_7xA7oNNL0PeHa-_mIorSiPsZqsXRMewFzwM4h4aOqg20Db9oOYyMrfE43kIo3UZMEQ1IxiNxRlr6TujevHYQhQyJhha7INZS4XkO1bByRzY4koFXTQkArAahzCoN35AeFQ3eUOfod_wgxes3fgUUTtlVC96F-pgYTXTS6AKxw5CDeQ2kob9-JPo7B2WmtrX7LSPyNyoWBtgi3Q2S2nKx4-4Z5uhwlSaFq2INJ6buOVCT7Ph7KbCrWz_pI3_0G3iZJ7oUoyrlfNVloe-SqYzuP0Jox4yBDU-tyxqXOYcqsA7wBOEp4Rur63qtSVhqcBDurMwtK0fGCLLr2KRTCmIa22jrfeEIvGu5mHSollN8_7h83WdwDiz0DQXDVb8jeRht7masfIpUQQeoicfcYM8mG8ySH5h4-VA2VuoNeNSdBVDDgrUT4dOz4V5q3rSKM3NQG0tD0l2adFcezebfb8QRpP3LxTo2OwrMtwo6kBcJIjpPgobLOX5DFcZHJN3cgM_xOoM1mVJCUTs-ylLhx7kgQQKjkHbHaKTe-50Swhyy2pAATtx_josdvD63VsuJMoCVRb5PyXkiY0P0a7lj_lZfzLXh0sr4Hmx-7MlF3dnaLZIT4_8PJfXn74jLIw4XZ0lx_HS2HdDiRrkq4k_0v1wzSceA83lJYCz-jr6NciUJSY2F1VpwSY7PU3n2ykTCsTOnq3YN_0ZLzemEUAp0nj2VgEcbh7gTyGe_rnVDtDGsTJg1v6JbB0DQ HTTP 302
- https://p374591.mybettermb.com/adServe/domainClick?ai=W6LwHsBtbbGSb241Mczh-F_vey80ZLTZWMt-o_jCWYx4Hq4Dg9hbYvzrtSGNAreXlh4WjfsEUSFdIg_RsZOzQgK8sczUyG_FAz4mvdD0n7T5PQC-Ns7H0UP4ihGJaOYXuSZG5kYBcSAoNJ0GnymVkGiwbqyxMEHnZT4gk-eVXV_uLljrvxIndZgx0ODFmeGzrkq4k_0v1wzSceA83lJYC3ikjAWvIHPKAN9Mp4i1-DgWn-F8pn0nQEDhknBrSU708Kx46MHlupAU0YSU699U-rM-hOHySnRLaygrY9BHdw_UdqdcHeTAytQNy0EHlsrgDOnEXZ7OoQmRFmgORM3pNC4OL1mnImvE_T1XpkVx2uomDW_olsHQNA&ui=4mm7HB0T_jnQKo9BxOvwgyRswabCJl7NgFU2YrVLa1X6j4B7o6Ku1oy8cgaG1EHilH_Ousj5Rn5agRhWOppVXpvUCD90F_PYl2B4Pgd_7cB3dxQtM5MB6-M0Mmv1pbRH&si=1&oref=20acc96b91b1572e464c92f119ac00c7&optunit=98s-FzJBkClBNOoLxzq14uiYnnC3Du8g&rb=g023FNjug5I&rr=1&isco=t&abtg=0
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
domainClick
p374591.mybettermb.com/adServe/ Redirect Chain
|
420 B 678 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
sex.php
secureclick.cc/prelander/dating/global/age_check_tiktok/ Redirect Chain
|
27 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
froala_style.min.css
cdnjs.cloudflare.com/ajax/libs/froala-editor/2.8.5/css/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sex.png
secureclick.cc/prelander/dating/global/age_check_tiktok/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
popunder.js
cdn-bimi.akamaized.net/mr/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
micro.tag.min.js
oungimuk.net/pfe/current/ |
40 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
zone
oungimuk.net/ |
0 251 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gid.js
my.rtmark.net/ |
65 B 544 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zone
oungimuk.net/ |
910 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
25 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless function| getURLParameter string| lang string| td object| clk string| backOfferUrl number| popunderPeriod string| popunderUrl string| popunderTrigger string| starUrl object| popunderTargets string| cookieName number| starPop undefined| elms undefined| it undefined| selectors function| setCookie function| getCookie function| preventDefault function| openWindow function| mobilePop function| callback function| addClickEvent object| s object| zfgformats5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.mybettermb.com/ | Name: rhid Value: 82912622156 |
|
.mybettermb.com/ | Name: loi Value: ad_1139805_off_584027_aff_87907_cid_374591-FHPCCVEPAYMENTS.COM_ts_1677238552 |
|
exotra.cc/ | Name: uclick Value: hee8a6fe |
|
exotra.cc/ | Name: uclickhash Value: hee8a6fe-hee8a6fe-bz-0-bz-9l-6j-6e2f73 |
|
my.rtmark.net/ | Name: ID Value: 2c1310e668c84d76bff85fd8d47c414b |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn-bimi.akamaized.net
cdnjs.cloudflare.com
exotra.cc
fhpccvepayments.com
my.rtmark.net
mybettermb.com
oungimuk.net
p374591.mybettermb.com
secureclick.cc
139.45.195.8
139.45.197.251
23.50.131.20
2606:4700:3037::ac43:b272
2606:4700::6811:190e
2a06:98c1:3120::c
2a06:98c1:3121::c
52.116.53.155
1cfc73a6db9523c12b6b7f5d009bed19c8799eed001f607bd891a1fd838b7739
2ebdbd8eb2c4bdcc6740825252a25e2e0c78ed44466462bb4d94d1d354f170c3
45d95bb86d9a13bdb56282ac3244651c6b1cccd72a2cb93e914e6c5541966b65
949052e6eb31eac7d6e2321332cb887432c175aa9c5021691a64cd97a9f9f347
db130ac1a16907227fb0e0c27c0b9e766f0a8fdbdeaf0ccc1473f21045de25ae
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e66e105cbf2649d3fe50db11043a86fc10e1dc9298a8e0e84fb1f0d1198b3c5a
fcb9ea68cfc450782bd0b8be1ab22800e64d8f6e5525855b7976a6b03d6c77fb