click-to-continue.network
Open in
urlscan Pro
213.227.145.147
Public Scan
Effective URL: https://click-to-continue.network/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2266483-2658448306-0&tag3=999762&tag4=dating&clickid=...
Submission: On May 13 via manual from RO
Summary
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on November 3rd 2020. Valid for: a year.
This is the only time click-to-continue.network was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 143.204.98.70 143.204.98.70 | () () | |
1 1 | 2001:41d0:203... 2001:41d0:203:2511::3 | 16276 (OVH) (OVH) | |
1 | 35.201.127.73 35.201.127.73 | 15169 (GOOGLE) (GOOGLE) | |
2 2 | 35.201.117.228 35.201.117.228 | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 2a03:b0c0:3:d... 2a03:b0c0:3:d0::105c:9001 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
1 | 213.227.149.216 213.227.149.216 | 60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands) | |
4 | 213.227.145.147 213.227.145.147 | 60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands) | |
2 | 67.27.157.122 67.27.157.122 | 3356 (LEVEL3) (LEVEL3) | |
1 | 213.227.145.141 213.227.145.141 | 60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands) | |
9 | 5 |
ASN- ()
PTR: server-143-204-98-70.fra50.r.cloudfront.net
rdifferenco.club |
ASN15169 (GOOGLE, US)
PTR: 73.127.201.35.bc.googleusercontent.com
www.trafyield.com |
ASN15169 (GOOGLE, US)
PTR: 228.117.201.35.bc.googleusercontent.com
dexchangeinc.com |
ASN14061 (DIGITALOCEAN-ASN, US)
track.free-coupons.network |
ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
click-to-continue.network | |
free-coupons.network |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
free-coupons.network
1 redirects
track.free-coupons.network free-coupons.network |
107 KB |
3 |
special-offers.online
special-offers.online cdn.special-offers.online |
394 KB |
2 |
dexchangeinc.com
2 redirects
dexchangeinc.com |
1 KB |
1 |
wbidder.online
wbidder.online |
1 KB |
1 |
click-to-continue.network
click-to-continue.network |
873 B |
1 |
trafyield.com
www.trafyield.com |
3 KB |
1 |
gamingadult.com
1 redirects
tm-offers.gamingadult.com |
144 B |
1 |
rdifferenco.club
1 redirects
rdifferenco.club |
442 B |
9 | 8 |
Domain | Requested by | |
---|---|---|
3 | free-coupons.network |
click-to-continue.network
|
2 | cdn.special-offers.online |
click-to-continue.network
|
2 | dexchangeinc.com | 2 redirects |
1 | wbidder.online |
free-coupons.network
|
1 | click-to-continue.network |
special-offers.online
|
1 | special-offers.online |
www.trafyield.com
|
1 | track.free-coupons.network | 1 redirects |
1 | www.trafyield.com | |
1 | tm-offers.gamingadult.com | 1 redirects |
1 | rdifferenco.club | 1 redirects |
9 | 10 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.special-offers.online AlphaSSL CA - SHA256 - G2 |
2020-07-06 - 2021-08-30 |
a year | crt.sh |
*.click-to-continue.network AlphaSSL CA - SHA256 - G2 |
2020-11-03 - 2021-12-05 |
a year | crt.sh |
*.free-coupons.network AlphaSSL CA - SHA256 - G2 |
2021-03-08 - 2022-04-09 |
a year | crt.sh |
*.wbidder.online AlphaSSL CA - SHA256 - G2 |
2021-03-06 - 2022-04-07 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://click-to-continue.network/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2266483-2658448306-0&tag3=999762&tag4=dating&clickid=b029c2c68390bb7a7e9a0ffb5645bfc9-4888-0513&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999762&subid=2266483-2658448306-0&ln=en&cid=%7Bcountry%7D&useragent=%7Bvar:useragent%7D&ip=2a01:04f8:0192:5414:0000:0000:0000:0002&bv=Chrome%2055&as=pc
Frame ID: 89BE4E4EE60437C8CAED0A3EFECA0020
Requests: 9 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://rdifferenco.club/?tid=737329&noocp=1&hop=6&geo=IL&sub=4usio
HTTP 302
https://tm-offers.gamingadult.com/?offer=461&uid=1b428417-5a71-4589-b1e9-809f2b9dbee1&subid=518112085444847515... HTTP 302
http://www.trafyield.com/jump/next.php?r=2266483&pub_clickid=${UNIQUE_ID}&sub1=${CHANNEL_ID} Page URL
-
http://dexchangeinc.com/jump/next.php?stamat=m%7C%2C4ojNqNhJqB1dAN0dEdHP3xP.803%2C7H0PozvLiGV-YkDx82...
HTTP 302
http://dexchangeinc.com/script/i.php?stamat=m%7C%2C%2CQhfrd2frtGU3Bf9GH0dEdHP3xP.ea8%2C0DEanjlk6-sxm... HTTP 302
https://track.free-coupons.network/15GlN9?subid=2266483-2658448306-0&country={country}&affid=999762&cost={payou... HTTP 302
https://special-offers.online/lp/common/arb/?url=/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2266483-26584... Page URL
- https://click-to-continue.network/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2266483-2658448306-0&tag3=999762&... Page URL
Detected technologies
Lua (Programming Languages) ExpandDetected patterns
- headers server /openresty(?:\/([\d.]+))?/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /openresty(?:\/([\d.]+))?/i
OpenResty (Web Servers) Expand
Detected patterns
- headers server /openresty(?:\/([\d.]+))?/i
Google Cloud (CDN) Expand
Detected patterns
- headers via /^1\.1 google$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://rdifferenco.club/?tid=737329&noocp=1&hop=6&geo=IL&sub=4usio
HTTP 302
https://tm-offers.gamingadult.com/?offer=461&uid=1b428417-5a71-4589-b1e9-809f2b9dbee1&subid=5181120854448475154&subid2=737329 HTTP 302
http://www.trafyield.com/jump/next.php?r=2266483&pub_clickid=${UNIQUE_ID}&sub1=${CHANNEL_ID} Page URL
-
http://dexchangeinc.com/jump/next.php?stamat=m%7C%2C4ojNqNhJqB1dAN0dEdHP3xP.803%2C7H0PozvLiGV-YkDx825CHjXHsSctWIGDQyh13bePJRpTXHmP4fPJqZw3misuQaTrYiQZ_O80jDaW0Nc5Qo-FKvvrAUwtubi-6hYNcaJ4DcM%2C&cbrandom=0.8671571375525682&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=
HTTP 302
http://dexchangeinc.com/script/i.php?stamat=m%7C%2C%2CQhfrd2frtGU3Bf9GH0dEdHP3xP.ea8%2C0DEanjlk6-sxm4I4MfTK7Dj8FGg-dRX5mYtQ2l6rM7MGguoWuOYqZ10bG0k5eq71c2Hi3FL44lgdS8dBIKR8-x7yoypJBLNLfq6t4bqXV7VRZAou4J_tn8lo9panzgcn9yNKhts3EL-O-Ni18yVlY9ln8FaVIlUzLf87oJ_vx7jUOakotXBrmPJZ50Fl2CrWhqtbIoZRj0IEekMRi5OYNQU9GMg9qdxCBPOqOfAEzbOoSZzXMSwBhnt4_hqNZxd3OgRoWm1iTT7JIuIB8GRGKxtQauHLfK1mXvqMh7JrkJYYXX_NAs1QVDvQQ54fjVY85fdl82LAAFlYKd-NRhbJ0zGFiTwYhywofOOoV3DMcFSwVImkQFynG3-2N8J4t2D5qDjEmNp4xN4IgARddjkuudbVy-AyNqr7pCLF4O6CPn0PVjp7kuwa8AhIl58erXyE HTTP 302
https://track.free-coupons.network/15GlN9?subid=2266483-2658448306-0&country={country}&affid=999762&cost={payout}&external_id=16208664593287471459183754093139744 HTTP 302
https://special-offers.online/lp/common/arb/?url=/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2266483-2658448306-0&tag3=999762&tag4=dating&clickid=b029c2c68390bb7a7e9a0ffb5645bfc9-4888-0513&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999762&subid=2266483-2658448306-0&ln=en&cid=%7Bcountry%7D&useragent=%7Bvar:useragent%7D&ip=2a01:04f8:0192:5414:0000:0000:0000:0002&bv=Chrome%2055&as=pc Page URL
- https://click-to-continue.network/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2266483-2658448306-0&tag3=999762&tag4=dating&clickid=b029c2c68390bb7a7e9a0ffb5645bfc9-4888-0513&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999762&subid=2266483-2658448306-0&ln=en&cid=%7Bcountry%7D&useragent=%7Bvar:useragent%7D&ip=2a01:04f8:0192:5414:0000:0000:0000:0002&bv=Chrome%2055&as=pc Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://rdifferenco.club/?tid=737329&noocp=1&hop=6&geo=IL&sub=4usio HTTP 302
- https://tm-offers.gamingadult.com/?offer=461&uid=1b428417-5a71-4589-b1e9-809f2b9dbee1&subid=5181120854448475154&subid2=737329 HTTP 302
- http://www.trafyield.com/jump/next.php?r=2266483&pub_clickid=${UNIQUE_ID}&sub1=${CHANNEL_ID}
- http://dexchangeinc.com/jump/next.php?stamat=m%7C%2C4ojNqNhJqB1dAN0dEdHP3xP.803%2C7H0PozvLiGV-YkDx825CHjXHsSctWIGDQyh13bePJRpTXHmP4fPJqZw3misuQaTrYiQZ_O80jDaW0Nc5Qo-FKvvrAUwtubi-6hYNcaJ4DcM%2C&cbrandom=0.8671571375525682&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref= HTTP 302
- http://dexchangeinc.com/script/i.php?stamat=m%7C%2C%2CQhfrd2frtGU3Bf9GH0dEdHP3xP.ea8%2C0DEanjlk6-sxm4I4MfTK7Dj8FGg-dRX5mYtQ2l6rM7MGguoWuOYqZ10bG0k5eq71c2Hi3FL44lgdS8dBIKR8-x7yoypJBLNLfq6t4bqXV7VRZAou4J_tn8lo9panzgcn9yNKhts3EL-O-Ni18yVlY9ln8FaVIlUzLf87oJ_vx7jUOakotXBrmPJZ50Fl2CrWhqtbIoZRj0IEekMRi5OYNQU9GMg9qdxCBPOqOfAEzbOoSZzXMSwBhnt4_hqNZxd3OgRoWm1iTT7JIuIB8GRGKxtQauHLfK1mXvqMh7JrkJYYXX_NAs1QVDvQQ54fjVY85fdl82LAAFlYKd-NRhbJ0zGFiTwYhywofOOoV3DMcFSwVImkQFynG3-2N8J4t2D5qDjEmNp4xN4IgARddjkuudbVy-AyNqr7pCLF4O6CPn0PVjp7kuwa8AhIl58erXyE HTTP 302
- https://track.free-coupons.network/15GlN9?subid=2266483-2658448306-0&country={country}&affid=999762&cost={payout}&external_id=16208664593287471459183754093139744 HTTP 302
- https://special-offers.online/lp/common/arb/?url=/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2266483-2658448306-0&tag3=999762&tag4=dating&clickid=b029c2c68390bb7a7e9a0ffb5645bfc9-4888-0513&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999762&subid=2266483-2658448306-0&ln=en&cid=%7Bcountry%7D&useragent=%7Bvar:useragent%7D&ip=2a01:04f8:0192:5414:0000:0000:0000:0002&bv=Chrome%2055&as=pc
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
next.php
www.trafyield.com/jump/ Redirect Chain
|
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
special-offers.online/lp/common/arb/ Redirect Chain
|
479 B 572 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
click-to-continue.network/gif-lp/3/ |
728 B 873 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style-new.css
cdn.special-offers.online/lp/plugin/css/ |
38 KB 38 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg.webp
cdn.special-offers.online/lp/gif-lp/3/ |
355 KB 356 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IndexedDb.js
free-coupons.network/lp/plugin/js/ |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
log.js
free-coupons.network/lp/plugin/js/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
client.js
free-coupons.network/lp/plugin/js/ |
99 KB 99 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
client
wbidder.online/offer/ |
4 KB 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
35 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| _createClass function| _classCallCheck function| IndexedDb function| Log object| _0x30cd function| _0x5046 function| _slicedToArray string| API_URL object| publicKeys string| domain object| log object| bidderBlockAffids object| bidderAffids2 object| bidder100Affids object| affidNoTimeoutRedirect function| Client function| Modal function| Dom object| body object| head object| qsObj string| kId function| getDomain function| getRandomArrItem0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.special-offers.online
click-to-continue.network
dexchangeinc.com
free-coupons.network
rdifferenco.club
special-offers.online
tm-offers.gamingadult.com
track.free-coupons.network
wbidder.online
www.trafyield.com
143.204.98.70
2001:41d0:203:2511::3
213.227.145.141
213.227.145.147
213.227.149.216
2a03:b0c0:3:d0::105c:9001
35.201.117.228
35.201.127.73
67.27.157.122
16ce0f7d9635fcb57c2ce46a649d17c9cc7e32819161179f41eea29caf5d5223
2ae833f4464565f0a42688dc6e386f1e2fdfd63ccafe93151404b4c27fa9f8f7
3868ed768d0436228e19a06304f5c053a567b1c1d212db12aa77132d32b95e45
6695d270650865abfa1944df5d3bc0deae2b6e67f08a271a63aadfb2698e4faf
9e7c9574e75be184057aea30be04c143861d825c5e8029894862d6199c85934b
b126582a2dc15643553ecc896192ffe2b58858c39571411ef548013a0be9d258
e1dc080590e3e7408ae747da5e0f0fc3d7c1bb3207be2e6d35f877518b9a4cf6
e68a5fa473afa396b513a8a02c197417123b13dc4b0109af33de25d49da9e862