vulkanvegas-offers.com
Open in
urlscan Pro
2606:4700:3035::6815:54e3
Public Scan
Effective URL: https://vulkanvegas-offers.com/landingpages/vv005de/index.php
Submission Tags: phishing
Submission: On February 12 via api from AU
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 16th 2020. Valid for: a year.
This is the only time vulkanvegas-offers.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2606:4700:303... 2606:4700:3031::6815:5837 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:303... 2606:4700:3036::6815:1448 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 52.72.49.79 52.72.49.79 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 2 | 216.189.51.65 216.189.51.65 | 6921 (ARACHNITEC) (ARACHNITEC) | |
2 11 | 2606:4700:303... 2606:4700:3035::6815:54e3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:829::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:801::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:811::2003 | 15169 (GOOGLE) (GOOGLE) | |
14 | 6 |
ASN14618 (AMAZON-AES, US)
PTR: visit.rebrand.ly
t.clkitgo.com |
ASN6921 (ARACHNITEC, US)
PTR: 216-189-51-65.for-global-telecom.com
go.stonergar.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
vulkanvegas-offers.com
2 redirects
vulkanvegas-offers.com |
648 KB |
2 |
googleapis.com
fonts.googleapis.com ajax.googleapis.com |
34 KB |
2 |
stonergar.com
1 redirects
go.stonergar.com |
800 B |
1 |
gstatic.com
fonts.gstatic.com |
99 KB |
1 |
clkitgo.com
1 redirects
t.clkitgo.com |
317 B |
1 |
lnkit.club
www.lnkit.club |
1 KB |
1 |
lnkclik.com
1 redirects
lnkclik.com |
953 B |
14 | 7 |
Domain | Requested by | |
---|---|---|
11 | vulkanvegas-offers.com |
2 redirects
go.stonergar.com
vulkanvegas-offers.com |
2 | go.stonergar.com | 1 redirects |
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | ajax.googleapis.com |
vulkanvegas-offers.com
|
1 | fonts.googleapis.com |
vulkanvegas-offers.com
|
1 | t.clkitgo.com | 1 redirects |
1 | www.lnkit.club | |
1 | lnkclik.com | 1 redirects |
14 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
vegas-redirect.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-08-13 - 2021-08-13 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://vulkanvegas-offers.com/landingpages/vv005de/index.php
Frame ID: BF853220E26B3E0EF5326A63844FA685
Requests: 14 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://lnkclik.com/9DfP
HTTP 301
https://www.lnkit.club/go.php?camp=32301&pub=215721&sid= Page URL
-
https://t.clkitgo.com/clk?thru=215721
HTTP 301
http://go.stonergar.com/ts3219-international-general?thru=215721 Page URL
-
http://go.stonergar.com/match-6633/43853/92451887/1613106124/mf_1b229cb3-dbff-45b0-ae21-8afe33825d97...
HTTP 302
https://vulkanvegas-offers.com/l/5e53bad328c43f0cf37fa455?click_id=1613106125.38-92451887-43853&sub_id=ts32... HTTP 302
https://vulkanvegas-offers.com/landingpages/vv005de/index.php?ref=vp_w51532c52030l3949gdep167_ts3219-intern... HTTP 302
https://vulkanvegas-offers.com/landingpages/vv005de/index.php Page URL
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Registrieren
Search URL Search Domain Scan URL
Title: Bonusbedingungen
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://lnkclik.com/9DfP
HTTP 301
https://www.lnkit.club/go.php?camp=32301&pub=215721&sid= Page URL
-
https://t.clkitgo.com/clk?thru=215721
HTTP 301
http://go.stonergar.com/ts3219-international-general?thru=215721 Page URL
-
http://go.stonergar.com/match-6633/43853/92451887/1613106124/mf_1b229cb3-dbff-45b0-ae21-8afe33825d97/dHMzMjE5LWludGVybmF0aW9uYWwtZ2VuZXJhbA==/?thru=215721
HTTP 302
https://vulkanvegas-offers.com/l/5e53bad328c43f0cf37fa455?click_id=1613106125.38-92451887-43853&sub_id=ts3219-international-general HTTP 302
https://vulkanvegas-offers.com/landingpages/vv005de/index.php?ref=vp_w51532c52030l3949gdep167_ts3219-international-general&click_id=1613106125.38-92451887-43853 HTTP 302
https://vulkanvegas-offers.com/landingpages/vv005de/index.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://lnkclik.com/9DfP HTTP 301
- https://www.lnkit.club/go.php?camp=32301&pub=215721&sid=
- https://t.clkitgo.com/clk?thru=215721 HTTP 301
- http://go.stonergar.com/ts3219-international-general?thru=215721
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
go.php
www.lnkit.club/ Redirect Chain
|
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ts3219-international-general
go.stonergar.com/ Redirect Chain
|
444 B 529 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
index.php
vulkanvegas-offers.com/landingpages/vv005de/ Redirect Chain
|
4 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
css
fonts.googleapis.com/ |
182 B 262 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
vulkanvegas-offers.com/landingpages/vv005de/css/ |
10 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
vulkanvegas-offers.com/landingpages/vv005de/img/ |
42 KB 43 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
partners-pay.png
vulkanvegas-offers.com/landingpages/vv005de/img/ |
57 KB 57 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
partners-pay-mob.png
vulkanvegas-offers.com/landingpages/vv005de/img/ |
59 KB 60 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ |
95 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
device.js
vulkanvegas-offers.com/landingpages/vv005de/js/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg-main.jpg
vulkanvegas-offers.com/landingpages/vv005de/img/ |
170 KB 171 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
steps.png
vulkanvegas-offers.com/landingpages/vv005de/img/ |
109 KB 110 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sh.png
vulkanvegas-offers.com/landingpages/vv005de/img/ |
200 KB 201 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
4iCv6KVjbNBYlgoCjC3jtGyI.ttf
fonts.gstatic.com/s/ubuntu/v15/ |
98 KB 99 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| device object| television2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
vulkanvegas-offers.com/ | Name: mongo_sess Value: b7d00b66b5f26211bd3c1a55a2a6227a |
|
.vulkanvegas-offers.com/ | Name: __cfduid Value: d477f2096c83b33be48725f4cd2e1c97f1613106125 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
go.stonergar.com
lnkclik.com
t.clkitgo.com
vulkanvegas-offers.com
www.lnkit.club
216.189.51.65
2606:4700:3031::6815:5837
2606:4700:3035::6815:54e3
2606:4700:3036::6815:1448
2a00:1450:4001:801::200a
2a00:1450:4001:811::2003
2a00:1450:4001:829::200a
52.72.49.79
02230ab1cef72625511cc2e4cc91d9a6a04b50147e90e7160a5977da793d23e6
3f0fd94794825f139347cac74e72c7ac6fc2dccbfbb74871339398c61f7b215d
661a1fcd5ee413a92a0ebca8ad9985c1a63145e326dbbe038208bdb7e8d44201
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
8b4fd7bcadd8d9e95b7aebae2f7b233dab0453cc931ba13add8a313dc3c61033
913daf33b191bf645b76e001bd82810270836aceb02f89080cef26527bfd74b6
a3e7fb0af15d381ab6cd16c39f5362e8c321cde7c51f3d39e34847e1da22d77c
b37eb5b630452b0167595c191f82ac332ee01733ea17f14770aaf88d16b45bc4
d0995adab66d849112dbee0a6ec8f267f9984f9f99f9304a4333c400e3d2f529
e55890cb5a12335f64fdb5f8758a9bb90be8dbdee5c3f347176cf4e2c9f37bf4
eb7efccc33e70f3721e498654643f1df4fad044faaf1d25f29b9547f68fa4ab1
f0e0835d3dc138d1fb46ca058c95423da812cde39b2fd24302bf0240dcb89524
f5b06d58012f2f7eeba074fa00a0fbbd6218fff7869617da0fc9e305674c05bc
f934a2176a1f60765eb675163aec628b8b754ce7876cf8fced3ed005a1ce39c5