![](/screenshots/28983fb7-a35b-4bf6-aeff-697dfd17a0d8.png)
tubemate.us
Open in
urlscan Pro
75.102.22.187
Public Scan
Effective URL: https://tubemate.us/?lang=en
Submission Tags: phishingrod
Submission: On July 15 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on May 20th 2024. Valid for: 3 months.
This is the only time tubemate.us was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 64.225.91.73 64.225.91.73 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
1 | 2606:4700::68... 2606:4700::6812:1a2d | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 2604:9e00:1:1... 2604:9e00:1:129::2:b2a | 27257 (WEBAIR-IN...) (WEBAIR-INTERNET) | |
1 | 173.239.53.32 173.239.53.32 | 27257 (WEBAIR-IN...) (WEBAIR-INTERNET) | |
1 | 130.211.29.114 130.211.29.114 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
2 | 35.241.15.240 35.241.15.240 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 1 | 2604:9e00:1:1... 2604:9e00:1:129::2:b1f | 27257 (WEBAIR-IN...) (WEBAIR-INTERNET) | |
1 1 | 52.59.165.42 52.59.165.42 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 75.102.22.187 75.102.22.187 | 23352 (SERVERCEN...) (SERVERCENTRAL) | |
1 | 23.109.170.188 23.109.170.188 | 7979 (SERVERS-COM) (SERVERS-COM) | |
11 | 8 |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 114.29.211.130.bc.googleusercontent.com
cdn.perfdrive.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.15.241.35.bc.googleusercontent.com
cas.avalon.perfdrive.com |
ASN16509 (AMAZON-02, US)
PTR: eu-ip-1.short.io
go.advertia.click |
ASN23352 (SERVERCENTRAL, US)
PTR: bh7106.banahosting.com
tubemate.us |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
perfdrive.com
cdn.perfdrive.com — Cisco Umbrella Rank: 35132 cas.avalon.perfdrive.com — Cisco Umbrella Rank: 12612 |
9 KB |
2 |
tubemate.us
tubemate.us |
2 KB |
2 |
starvalue-2.online
1 redirects
tq.starvalue-2.online xml.starvalue-2.online |
15 KB |
2 |
cometroblox.cc
cometroblox.cc |
1 KB |
1 |
wisteinsight.com
wisteinsight.com — Cisco Umbrella Rank: 635535 |
1 KB |
1 |
advertia.click
1 redirects
go.advertia.click |
87 B |
1 |
exclkplat.com
1 redirects
click.exclkplat.com |
324 B |
1 |
domaincntrol.com
domaincntrol.com — Cisco Umbrella Rank: 284723 |
422 B |
0 |
viinufhg.com
Failed
viinufhg.com Failed |
|
11 | 9 |
Domain | Requested by | |
---|---|---|
2 | tubemate.us | |
2 | cas.avalon.perfdrive.com |
cdn.perfdrive.com
|
2 | cometroblox.cc | |
1 | wisteinsight.com |
tubemate.us
|
1 | go.advertia.click | 1 redirects |
1 | xml.starvalue-2.online | 1 redirects |
1 | cdn.perfdrive.com |
tq.starvalue-2.online
|
1 | tq.starvalue-2.online |
cometroblox.cc
|
1 | click.exclkplat.com | 1 redirects |
1 | domaincntrol.com |
cometroblox.cc
|
0 | viinufhg.com Failed |
tubemate.us
|
11 | 11 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
cometroblox.cc E5 |
2024-07-14 - 2024-10-12 |
3 months | crt.sh |
domaincntrol.com GTS CA 1P5 |
2024-05-26 - 2024-08-24 |
3 months | crt.sh |
starvalue-2.online R10 |
2024-06-27 - 2024-09-25 |
3 months | crt.sh |
*.perfdrive.com Go Daddy Secure Certificate Authority - G2 |
2023-09-21 - 2024-09-26 |
a year | crt.sh |
cas.avalon.perfdrive.com Go Daddy Secure Certificate Authority - G2 |
2023-07-24 - 2024-08-05 |
a year | crt.sh |
tubemate.us cPanel, Inc. Certification Authority |
2024-05-20 - 2024-08-18 |
3 months | crt.sh |
wisteinsight.com R10 |
2024-06-11 - 2024-09-09 |
3 months | crt.sh |
This page contains 1 frames:
Frame:
https://viinufhg.com/dc/?blockID=351529&tb=https%3A%2F%2Fgoogle.com
Frame ID: 8431130D3FFC2C4B10F2A978B54CECAD
Requests: 12 HTTP requests in this frame
Screenshot
![](/screenshots/28983fb7-a35b-4bf6-aeff-697dfd17a0d8.png)
Page Title
5 Best Bitcoin Mining Hardware ASIC Machines (2021 Rigs)Page URL History Show full URLs
- https://cometroblox.cc/ Page URL
-
http://click.exclkplat.com/click?i=Xcuh7jtCtc8_0
HTTP 307
https://click.exclkplat.com/click?i=Xcuh7jtCtc8_0 HTTP 302
https://tq.starvalue-2.online/filter?q=cometroblox.cc&i=zay2TR1n4zQ_0&ci=-1003206313533970117&t=404215609&h=2 Page URL
-
https://xml.starvalue-2.online/click2?i=zay2TR1n4zQ_0&ci=-1003206313533970117&j=rv%3Db%26ss%3D1600x1200%26w...
HTTP 302
https://go.advertia.click/galaktic HTTP 302
http://tubemate.us/?lang=en HTTP 307
https://tubemate.us/?lang=en Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://cometroblox.cc/ Page URL
-
http://click.exclkplat.com/click?i=Xcuh7jtCtc8_0
HTTP 307
https://click.exclkplat.com/click?i=Xcuh7jtCtc8_0 HTTP 302
https://tq.starvalue-2.online/filter?q=cometroblox.cc&i=zay2TR1n4zQ_0&ci=-1003206313533970117&t=404215609&h=2 Page URL
-
https://xml.starvalue-2.online/click2?i=zay2TR1n4zQ_0&ci=-1003206313533970117&j=rv%3Db%26ss%3D1600x1200%26ws%3D1600x1200%26wp%3D1380x1170%26ce%3D1%26ck%3Djc%26cv%3D1606%26cs%3D1%26fr%3D0%26hc%3D0%26fl%3Dnull%26jv%3Dnull%26sc%3D24%26hr%3D2%26rf%3D%26lo%3Dtq.starvalue-2.online%26mb%3D0%26hb%3D1%26pl%3DLinux%2Bx86_64%26ua%3DMozilla%252F5.0%2B%28X11%253B%2BLinux%2Bx86_64%29%2BAppleWebKit%252F537.36%2B%28KHTML%252C%2Blike%2BGecko%29%2BChrome%252F126.0.0.0%2BSafari%252F537.36%26tp%3D50%26nd%3D0%26to%3Dnull%26wbd%3D1%26wbde%3D0%26sqm%3D0%26phj%3D0%26nmj%3D0%26sln%3D0%26es%3D0%26er%3D%26shs%3D%26ln%3Den-US%252Cen%26lnl%3D2%26hsc%3D1%26frc%3D1%26dbt%3D1%26prb%3D20030107%26tz%3D-120%26hid%3D0%26mq%3D1%26my%3D8%26geo%3D1%26thx%3D0%26the%3D0%26ths%3D0%26cpc%3D%26ocp%3D%26hwc%3D12%26hrl%3D%26acd%3Dpppmp%26vcd%3Dnpp%26pal%3D5%26pai%3D1%26pli%3D1%26win%3D1600x1200%26wout%3D1600x1285%26wpof%3D0x0%26bcld%3D1584x18%26scrp%3D1380x1170%26scrad%3D1600x1200%26spd%3D24%26pxr%3D1%26sck%3D1%26ckl%3D52%26sls%3D1%26sss%3D1%26six%3D1%26sdb%3D0%26vvr%3DIntel%2BInc.%26vrd%3DIntel%2BIris%2BOpenGL%2BEngine%26pnt%3Dprompt%26bch%3D1%26blv%3D1%26cnvs%3D80808080%26mmd_ao%3D3%26mmd_ai%3D3%26mmd_vi%3D1
HTTP 302
https://go.advertia.click/galaktic HTTP 302
http://tubemate.us/?lang=en HTTP 307
https://tubemate.us/?lang=en Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 3- http://click.exclkplat.com/click?i=Xcuh7jtCtc8_0 HTTP 307
- https://click.exclkplat.com/click?i=Xcuh7jtCtc8_0 HTTP 302
- https://tq.starvalue-2.online/filter?q=cometroblox.cc&i=zay2TR1n4zQ_0&ci=-1003206313533970117&t=404215609&h=2
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
cometroblox.cc/ |
593 B 606 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
domaincntrol.com/ |
50 B 422 B |
Fetch
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
cometroblox.cc/ |
593 B 606 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
filter
tq.starvalue-2.online/ Redirect Chain
|
15 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aperture.js
cdn.perfdrive.com/aperture/ |
26 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
jsdata
cas.avalon.perfdrive.com/ |
316 B 461 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
jsdata
cas.avalon.perfdrive.com/ |
211 B 268 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
68 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
tubemate.us/ Redirect Chain
|
707 B 640 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
84389
wisteinsight.com/1clkn/ |
6 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
tubemate.us/ |
796 B 909 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
viinufhg.com/dc/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- viinufhg.com
- URL
- https://viinufhg.com/dc/?blockID=351529&tb=https%3A%2F%2Fgoogle.com
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
tq.starvalue-2.online/ | Name: c104144462 Value: 1990329985 |
|
.starvalue-2.online/ | Name: x3325799 Value: 1990329985 |
|
.starvalue-2.online/ | Name: __ssds Value: 2 |
|
.starvalue-2.online/ | Name: __ssuzjsr2 Value: a9be0cd8e |
|
.starvalue-2.online/ | Name: __uzmaj2 Value: 60338e0c-fe61-49b8-b0b4-977635a174c0 |
|
.starvalue-2.online/ | Name: __uzmbj2 Value: 1721002633 |
|
.starvalue-2.online/ | Name: __uzmcj2 Value: 412091040716 |
|
.starvalue-2.online/ | Name: __uzmdj2 Value: 1721002633 |
|
tq.starvalue-2.online/ | Name: jc Value: 1606 |
|
wisteinsight.com/ | Name: GL_UI4 Value: eJw9jd1Og0AQhaGwtNWCTsID%2BAgstVgvTW99B7LLTula2GmGLdW3dzXRq%2FOTL%2BdEUbQoHyCeszUkV7WDJ1lXx6p56WSjt7XGZveKldxXeiuxqffPEtZ2ar3SA%2FoUVtOo2Ld%2BTmHTo0O2XduRwRweA%2FXXnB3dXApCs3ImBzEGYshhqZluE3KZQOrUiJAdTkxBxag%2BiCGRdRO8dcHHFSxoKpPiDsS7ddfPYpNFRZFFcH8ZlD8Sj601IYqelUGI32DVKY898RcsDU5nTxcAGkz7z%2F9%2BiuFnDTKDs%2B1CJH9C%2Fgbc802c |
|
wisteinsight.com/ | Name: GL_GI10 Value: eJwNy9EKgjAUBuDtQIuoLn7yAXyCgTLxAcryxocYtkLCs3GmQW%2Bftx98SikqTqAp4ewaW7nKVk1tWwf9Bt060MjYP4LMnn%2FQAuo3E8auDzkH6BG4i%2BfPa5Wl9HM5%2BImhJxyH2rVlt0pMAcQZh2uUFMUvW0pGg5ZoCJSfhYL%2BmssfGuIfkw%3D%3D |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cas.avalon.perfdrive.com
cdn.perfdrive.com
click.exclkplat.com
cometroblox.cc
domaincntrol.com
go.advertia.click
tq.starvalue-2.online
tubemate.us
viinufhg.com
wisteinsight.com
xml.starvalue-2.online
viinufhg.com
130.211.29.114
173.239.53.32
23.109.170.188
2604:9e00:1:129::2:b1f
2604:9e00:1:129::2:b2a
2606:4700::6812:1a2d
35.241.15.240
52.59.165.42
64.225.91.73
75.102.22.187
4797bb9fff1f78cd82f8d3ed610c4d6dc940998db1e61c6debbe1ebfe3cdef0a
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
7392749832c70fcfc2d440d7afc2f880000dd564930d95d634eb1199fa15de30
7bf112e958c2b1c2f533f4b1b5bf5d7e29cc3dc40c4917b9d01772558acd4509
9fb91ff0e8c179aea40dbe6842b36fd201654f5647c21dcec41fd18be535d506
af70fdb702464141cb83f54569a43b745a4dffa2b17167a3a10b605c55c0b6b9
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
c4b07931b3fc37bc80d56a367783e7fa7c04ced4befec7f57ed079c38c960400
d45041fb14b3e0e86928b920471030bc1c193e7070927b1a7969e6f9911b72bf
ef178f3daa9dbfa71a79154d1eeba57107c690b72ca7b755e9379febae3fde29