![](/screenshots/055080e8-37ab-407f-87a0-a9d9558d6321.png)
xchatrooms.plugvalue.com
Open in
urlscan Pro
208.73.160.53
Public Scan
Effective URL: https://xchatrooms.plugvalue.com/tools/landers/st/005trp/?pgm=18&a_aid=4aed47bc&a_bid=f9e6cfb3&x_agent=VICTM304&chan=VICTM304
Submission: On May 20 via manual from DE
Summary
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on January 17th 2017. Valid for: 3 years.
This is the only time xchatrooms.plugvalue.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 54.83.52.76 54.83.52.76 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 1 | 2606:4700:30:... 2606:4700:30::681c:ca | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 1 | 208.73.160.84 208.73.160.84 | 46378 (FSX-350) (FSX-350 - FSX HOLDINGS) | |
2 13 | 208.73.160.53 208.73.160.53 | 46378 (FSX-350) (FSX-350 - FSX HOLDINGS) | |
1 | 209.197.3.15 209.197.3.15 | 20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group) | |
1 | 2a00:1450:400... 2a00:1450:4001:81a::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
6 | 208.73.164.53 208.73.164.53 | 46378 (FSX-350) (FSX-350 - FSX HOLDINGS) | |
1 | 2a00:1450:400... 2a00:1450:4001:824::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 104.27.189.200 104.27.189.200 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
2 | 2a00:1450:400... 2a00:1450:4001:81f::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
24 | 7 |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-83-52-76.compute-1.amazonaws.com
bit.do |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
americasweblink.com |
ASN46378 (FSX-350 - FSX HOLDINGS, LLC, US)
PTR: ninjaschatclub.mia.fsx.com
208.73.160.84 |
ASN46378 (FSX-350 - FSX HOLDINGS, LLC, US)
xchatrooms.plugvalue.com | |
4aed47bc.joinsafelyonline.com |
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net
maxcdn.bootstrapcdn.com |
ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com |
ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com |
ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
plugvalue.com
xchatrooms.plugvalue.com |
2 MB |
2 |
gstatic.com
fonts.gstatic.com |
22 KB |
2 |
shnvme.com
shnvme.com |
|
2 |
joinsafelyonline.com
2 redirects
4aed47bc.joinsafelyonline.com |
1 KB |
2 |
googleapis.com
ajax.googleapis.com fonts.googleapis.com |
30 KB |
1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
20 KB |
1 |
americasweblink.com
1 redirects
americasweblink.com |
359 B |
1 |
bit.do
1 redirects
bit.do |
273 B |
24 | 8 |
Domain | Requested by | |
---|---|---|
17 | xchatrooms.plugvalue.com |
xchatrooms.plugvalue.com
|
2 | fonts.gstatic.com |
xchatrooms.plugvalue.com
|
2 | shnvme.com |
xchatrooms.plugvalue.com
|
2 | 4aed47bc.joinsafelyonline.com | 2 redirects |
1 | fonts.googleapis.com |
xchatrooms.plugvalue.com
|
1 | ajax.googleapis.com |
xchatrooms.plugvalue.com
|
1 | maxcdn.bootstrapcdn.com |
xchatrooms.plugvalue.com
|
1 | americasweblink.com | 1 redirects |
1 | bit.do | 1 redirects |
24 | 9 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.plugvalue.com AlphaSSL CA - SHA256 - G2 |
2017-01-17 - 2020-01-18 |
3 years | crt.sh |
*.bootstrapcdn.com COMODO RSA Domain Validation Secure Server CA |
2018-10-03 - 2019-10-12 |
a year | crt.sh |
*.googleapis.com Google Internet Authority G3 |
2019-04-30 - 2019-07-23 |
3 months | crt.sh |
sni50809.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2019-03-18 - 2019-09-24 |
6 months | crt.sh |
*.google.com Google Internet Authority G3 |
2019-04-30 - 2019-07-23 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://xchatrooms.plugvalue.com/tools/landers/st/005trp/?pgm=18&a_aid=4aed47bc&a_bid=f9e6cfb3&x_agent=VICTM304&chan=VICTM304
Frame ID: 179B1D61CE52CE7A0501BFB6ECC5548A
Requests: 22 HTTP requests in this frame
Frame:
https://shnvme.com/newuser/?ofid=12&pgm=18&a_aid=4aed47bc&a_bid=f9e6cfb3&x_agent=VICTM304&chan=VICTM304&sitekey=aebce02c8f7c6c4e&ts=1558389689&tsc=4fbbcd0ee83c4632f99c374e16f4bd32
Frame ID: AB47944C3F4AD1B6645C1969D7C2EF8B
Requests: 1 HTTP requests in this frame
Frame:
https://shnvme.com/newuser/?ofid=12&pgm=18&a_aid=4aed47bc&a_bid=f9e6cfb3&x_agent=VICTM304&chan=VICTM304&sitekey=aebce02c8f7c6c4e&ts=1558389689&tsc=4fbbcd0ee83c4632f99c374e16f4bd32
Frame ID: 68B376CD4D44A0ADE7AAC9C29AA1C20A
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/055080e8-37ab-407f-87a0-a9d9558d6321.png)
Page URL History Show full URLs
-
http://bit.do/WatchLIVE_SweetGina13
HTTP 301
https://americasweblink.com/ncc/go/idx.php?to=mpNqkme6fqmHgGNmZQ==&ag=VICTM304 HTTP 302
http://208.73.160.84/ncc/accounts/go/8/11/VICTM304 HTTP 302
https://xchatrooms.plugvalue.com/tools/landers/st/005trp/?pgm=18&a_aid=4aed47bc&a_bid=f9e6cfb3&x_agent=VICTM3... Page URL
Detected technologies
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Detected patterns
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js/i
- env /^jQuery$/i
Twitter Bootstrap () Expand
Detected patterns
- html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
- script /(?:twitter\.github\.com\/bootstrap|bootstrap(?:\.js|\.min\.js))/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://bit.do/WatchLIVE_SweetGina13
HTTP 301
https://americasweblink.com/ncc/go/idx.php?to=mpNqkme6fqmHgGNmZQ==&ag=VICTM304 HTTP 302
http://208.73.160.84/ncc/accounts/go/8/11/VICTM304 HTTP 302
https://xchatrooms.plugvalue.com/tools/landers/st/005trp/?pgm=18&a_aid=4aed47bc&a_bid=f9e6cfb3&x_agent=VICTM304&chan=VICTM304 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 18- https://4aed47bc.joinsafelyonline.com/routes/4aed47bc/?ofid=12&pgm=18&a_aid=4aed47bc&a_bid=f9e6cfb3&x_agent=VICTM304&chan=VICTM304 HTTP 302
- https://shnvme.com/newuser/?ofid=12&pgm=18&a_aid=4aed47bc&a_bid=f9e6cfb3&x_agent=VICTM304&chan=VICTM304&sitekey=aebce02c8f7c6c4e&ts=1558389689&tsc=4fbbcd0ee83c4632f99c374e16f4bd32
- https://4aed47bc.joinsafelyonline.com/routes/4aed47bc/?ofid=12&pgm=18&a_aid=4aed47bc&a_bid=f9e6cfb3&x_agent=VICTM304&chan=VICTM304 HTTP 302
- https://shnvme.com/newuser/?ofid=12&pgm=18&a_aid=4aed47bc&a_bid=f9e6cfb3&x_agent=VICTM304&chan=VICTM304&sitekey=aebce02c8f7c6c4e&ts=1558389689&tsc=4fbbcd0ee83c4632f99c374e16f4bd32
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
xchatrooms.plugvalue.com/tools/landers/st/005trp/ Redirect Chain
|
8 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ |
118 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
xchatrooms.plugvalue.com/tools/landers/st/005trp/css/ |
27 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ |
84 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iso_girl.png
xchatrooms.plugvalue.com/tools/landers/st/005trp/img/ |
565 KB 565 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iso_girl2.png
xchatrooms.plugvalue.com/tools/landers/st/005trp/img/ |
641 KB 641 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
girl1.jpg
xchatrooms.plugvalue.com/tools/landers/st/005trp/img/ |
18 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
girl2.jpg
xchatrooms.plugvalue.com/tools/landers/st/005trp/img/ |
24 KB 25 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
girl3.jpg
xchatrooms.plugvalue.com/tools/landers/st/005trp/img/ |
26 KB 26 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
girl4.jpg
xchatrooms.plugvalue.com/tools/landers/st/005trp/img/ |
18 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
girl5.jpg
xchatrooms.plugvalue.com/tools/landers/st/005trp/img/ |
27 KB 27 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
girl6.jpg
xchatrooms.plugvalue.com/tools/landers/st/005trp/img/ |
20 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
btmgirl.png
xchatrooms.plugvalue.com/tools/landers/st/005trp/img/ |
144 KB 144 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mobilegirl.png
xchatrooms.plugvalue.com/tools/landers/st/005trp/img/ |
155 KB 156 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iframeResizer.min.js
xchatrooms.plugvalue.com/common/js/iframeResizer/ |
12 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
xchatrooms.plugvalue.com/tools/landers/st/005trp/js/ |
36 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
scripts.js
xchatrooms.plugvalue.com/tools/landers/st/005trp/js/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.sticky.js
xchatrooms.plugvalue.com/tools/landers/st/005trp/js/ |
9 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
4 KB 700 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
shnvme.com/newuser/ Frame AB47 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
shnvme.com/newuser/ Frame 68B3 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
background.jpg
xchatrooms.plugvalue.com/tools/landers/st/005trp/img/ |
107 KB 107 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v16/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v13/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery function| iFrameResize7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.shnvme.com/ | Name: __utmb Value: 112366790.2.10.1558389692 |
|
.shnvme.com/ | Name: __utmz Value: 112366790.1558389692.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none) |
|
.shnvme.com/ | Name: __utmc Value: 112366790 |
|
.shnvme.com/ | Name: __utmt Value: 1 |
|
.shnvme.com/ | Name: __utma Value: 112366790.1404976302.1558389692.1558389692.1558389692.1 |
|
shnvme.com/ | Name: PHPSESSID Value: ei6mokdr4icdv84u5fpk5ced43 |
|
.shnvme.com/ | Name: __cfduid Value: d8b98f91a5ba366d3021e9040d8dd39b81558389690 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
4aed47bc.joinsafelyonline.com
ajax.googleapis.com
americasweblink.com
bit.do
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
shnvme.com
xchatrooms.plugvalue.com
104.27.189.200
208.73.160.53
208.73.160.84
208.73.164.53
209.197.3.15
2606:4700:30::681c:ca
2a00:1450:4001:81a::200a
2a00:1450:4001:81f::2003
2a00:1450:4001:824::200a
54.83.52.76
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
13cd3730826557a36637da7a7d1b403378885478b29ecb2d7b1f6c8f426233e8
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
35a59efb7049b51b061c5b4a00d2cb1a648a047a3406d55e500f3d6349052d33
3d4bc3fd0f82289ed669627e6a94c2f6de69521b7c9154174aa4c642d0777c2a
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
59d1ebdb9cfc22fe84d0acb2bcf943507f7bfd604f2374deb23ac9a2690270a5
6793669ad977558cc9ace9e2d7e7521bb424a72acfbb3c0e74e2c8c42d07c743
8ee910408c747f54c7812a2250883df2684690e6af65856b8a27aec533b1ccf5
9644c304d63732c184277417dd170d1dcb3054b0c4d8a3ae0dda3a997e135937
9a552e3ae42f8f5f217990b28c92e258d48f533c9943b67891746f1359a43eaf
a7247a4bc3d7dfb76b5d5b33b462012ab8e961905876aaa62b7a9c914c2524d3
abffab015fd1e8a45f8259b4da68555e3bfc094a421351d1e9d6c2d08eda0252
b4ab9ff7934f497f8fa0d899384e3aaeb9c203ccefd0e67818a50fc4ce639ce2
bf760bad0ec45a59de4f7274facfdb26b1ddcf1bc535dad80f098e8d8f388a1e
d737b146a1996adcb50542b8eb2c514e47ce9892f0f877d7d044c506cfb20bca
ec4453a60c45af35f88f990e33713aa3bb6f2dc2e1b1cdaa1f1b0678d0988483
f23a67c577dfaede3fdd0f669fa2b1d412365753a62804f212a0aceed60c558d
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f971b08f67d1ace8a8d6c00fa5b22ebba46caf69b9ff3ef2408a05eba3e5e84d
fe09f501821bd3cbd36f1299f1d4356601ca2a914dbbfa96d04dfd5134b79912