signup.lipsmedia.net
Open in
urlscan Pro
52.222.157.28
Public Scan
Effective URL: https://signup.lipsmedia.net/signup/?ad_domain=look.djfiln.com&ad_path=%2Foffer&prod=2&ref=5159832&sf=eone&utm_source=downloa...
Submission: On July 07 via manual from US
Summary
TLS certificate: Issued by Amazon on August 16th 2018. Valid for: a year.
This is the only time signup.lipsmedia.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 2606:4700:30:... 2606:4700:30::6812:2073 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 46.105.201.240 46.105.201.240 | 16276 (OVH) (OVH) | |
1 | 198.27.80.143 198.27.80.143 | 16276 (OVH) (OVH) | |
1 1 | 54.195.242.193 54.195.242.193 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 1 | 18.185.235.46 18.185.235.46 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 1 | 52.54.52.189 52.54.52.189 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 | 52.222.157.28 52.222.157.28 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
5 | 4 |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
download.read2.fun |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-195-242-193.eu-west-1.compute.amazonaws.com
look.djfiln.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-185-235-46.eu-central-1.compute.amazonaws.com
titan.infra.systems |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-54-52-189.compute-1.amazonaws.com
studcat.infra.systems |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-157-28.fra53.r.cloudfront.net
signup.lipsmedia.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
infra.systems
2 redirects
titan.infra.systems studcat.infra.systems |
2 KB |
2 |
histats.com
s10.histats.com s4.histats.com |
5 KB |
2 |
read2.fun
download.read2.fun |
48 KB |
1 |
lipsmedia.net
signup.lipsmedia.net |
7 KB |
1 |
djfiln.com
1 redirects
look.djfiln.com |
533 B |
5 | 5 |
Domain | Requested by | |
---|---|---|
2 | download.read2.fun |
download.read2.fun
|
1 | signup.lipsmedia.net | |
1 | studcat.infra.systems | 1 redirects |
1 | titan.infra.systems | 1 redirects |
1 | look.djfiln.com | 1 redirects |
1 | s4.histats.com |
s10.histats.com
|
1 | s10.histats.com |
download.read2.fun
|
5 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni62161.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2019-06-24 - 2019-12-31 |
6 months | crt.sh |
histats.com Let's Encrypt Authority X3 |
2019-04-16 - 2019-07-15 |
3 months | crt.sh |
*.lipsmedia.net Amazon |
2018-08-16 - 2019-09-16 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://signup.lipsmedia.net/signup/?ad_domain=look.djfiln.com&ad_path=%2Foffer&prod=2&ref=5159832&sf=eone&utm_source=download.read2.fun&utm_medium=referral&placement=https%3A%2F%2Fdownload.read2.fun%2FDownload.php%3Fgetting-file.pdf&adserver=1.3.7&m=books&sfv=11&lp=555&lid=5feafdeb-82e5-46e3-8f5c-675cc9f5e50c&lid_hash=ed7728056e4f4fac1aab28b9c2750264&session_id=119f357ce821d2e435d4531db345fc83&_sign=04a50f559973f67b5baee4bcbb013c02&_signt=1562513839&lng=EN&country=RO
Frame ID: 654FD414E5BEC4A9E321281E5F2E5FFD
Requests: 5 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://download.read2.fun/Download.php?getting-file.pdf Page URL
-
https://look.djfiln.com/offer?prod=2&ref=5159832
HTTP 302
https://titan.infra.systems/signup?ad_domain=look.djfiln.com&ad_path=%2Foffer&prod=2&ref=5159832&sf=eone... HTTP 302
https://studcat.infra.systems/signup?ad_domain=look.djfiln.com&ad_path=%2Foffer&prod=2&ref=5159832&sf=eone... HTTP 302
https://signup.lipsmedia.net/signup/?ad_domain=look.djfiln.com&ad_path=%2Foffer&prod=2&ref=5159832&sf=eon... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /^cloudflare$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://download.read2.fun/Download.php?getting-file.pdf Page URL
-
https://look.djfiln.com/offer?prod=2&ref=5159832
HTTP 302
https://titan.infra.systems/signup?ad_domain=look.djfiln.com&ad_path=%2Foffer&prod=2&ref=5159832&sf=eone&utm_source=download.read2.fun&utm_medium=referral&placement=https%3A%2F%2Fdownload.read2.fun%2FDownload.php%3Fgetting-file.pdf&adserver=1.3.7&m=books&sfv=11&lp=555 HTTP 302
https://studcat.infra.systems/signup?ad_domain=look.djfiln.com&ad_path=%2Foffer&prod=2&ref=5159832&sf=eone&utm_source=download.read2.fun&utm_medium=referral&placement=https%3A%2F%2Fdownload.read2.fun%2FDownload.php%3Fgetting-file.pdf&adserver=1.3.7&m=books&sfv=11&lp=555&lid=5feafdeb-82e5-46e3-8f5c-675cc9f5e50c&lid_hash=ed7728056e4f4fac1aab28b9c2750264 HTTP 302
https://signup.lipsmedia.net/signup/?ad_domain=look.djfiln.com&ad_path=%2Foffer&prod=2&ref=5159832&sf=eone&utm_source=download.read2.fun&utm_medium=referral&placement=https%3A%2F%2Fdownload.read2.fun%2FDownload.php%3Fgetting-file.pdf&adserver=1.3.7&m=books&sfv=11&lp=555&lid=5feafdeb-82e5-46e3-8f5c-675cc9f5e50c&lid_hash=ed7728056e4f4fac1aab28b9c2750264&session_id=119f357ce821d2e435d4531db345fc83&_sign=04a50f559973f67b5baee4bcbb013c02&_signt=1562513839&lng=EN&country=RO Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
5 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Download.php
download.read2.fun/ |
758 B 663 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20151104_141937.gif
download.read2.fun/img/ |
47 KB 48 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js15_as.js
s10.histats.com/ |
11 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0.php
s4.histats.com/stats/ |
49 B 320 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
signup.lipsmedia.net/signup/ Redirect Chain
|
43 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
30 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask function| include undefined| default_home undefined| default_signup undefined| default_lander undefined| flows undefined| getQueryVariable function| getSubdomain undefined| isStepZero undefined| isDev undefined| getLocation undefined| getHeaderLanguages undefined| isNumeric undefined| isNaaN undefined| getTrafficType function| determineFlow undefined| sendGraphiteExpIncrement undefined| checkExperiment undefined| getLang undefined| getParams undefined| getSignature undefined| getFlow undefined| generateGuid undefined| getSessionID undefined| setCookies undefined| setTrackCookie undefined| redirectToHome undefined| domReady0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
download.read2.fun
look.djfiln.com
s10.histats.com
s4.histats.com
signup.lipsmedia.net
studcat.infra.systems
titan.infra.systems
18.185.235.46
198.27.80.143
2606:4700:30::6812:2073
46.105.201.240
52.222.157.28
52.54.52.189
54.195.242.193
1f730c8b78091c3479abc2fb805b9093138f05acd0de421b8da96389cbbb9668
38d4c16d3aaa13b9240309b4f71d974f78e58400f1edc9d8230f1ff71daf26c4
5858dc68acab6099a6b735e31666eca8075f006bc7311c4759baf55da831f54d
6da7fe0a48434907882301d40d7c690c5e6c4dfab2ad4111eec61408abce6a9f
73d728b66b0f84a8770123f0df5c168c7acb842cd438ad5706da06b43a50ffbd