vipthe.monster
Open in
urlscan Pro
172.67.172.54
Public Scan
Effective URL: https://vipthe.monster/index9.php?flow_id=109&cid=171391366910000TDETV413588908704V8e&zone=6536622-1984015597-0&keyword...
Submission: On April 23 via api from US — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on April 23rd 2024. Valid for: 3 months.
This is the only time vipthe.monster was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 34.22.240.62 34.22.240.62 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 1 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 2a05:d018:483... 2a05:d018:483:6130:b1b2:2041:e070:8642 | 16509 (AMAZON-02) (AMAZON-02) | |
2 4 | 188.114.97.3 188.114.97.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
6 | 172.67.172.54 172.67.172.54 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a04:4e42::649 2a04:4e42::649 | 54113 (FASTLY) (FASTLY) | |
9 | 4 |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.240.22.34.bc.googleusercontent.com
grmd395.hexatrack.net | |
duct.infralead.net |
ASN13335 (CLOUDFLARENET, US)
adspredictiv.com | |
confidence-x.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
vipthe.monster
vipthe.monster |
103 KB |
3 |
adspredictiv.com
2 redirects
adspredictiv.com |
5 KB |
1 |
confidence-x.com
confidence-x.com — Cisco Umbrella Rank: 230177 |
871 B |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 767 |
29 KB |
1 |
eastrk-dl.com
1 redirects
eastrk-dl.com |
3 KB |
1 |
offer-select.com
1 redirects
offer-select.com |
904 B |
1 |
infralead.net
1 redirects
duct.infralead.net |
572 B |
1 |
hexatrack.net
1 redirects
grmd395.hexatrack.net |
794 B |
9 | 8 |
Domain | Requested by | |
---|---|---|
6 | vipthe.monster |
adspredictiv.com
vipthe.monster |
3 | adspredictiv.com | 2 redirects |
1 | confidence-x.com |
vipthe.monster
|
1 | code.jquery.com |
vipthe.monster
|
1 | eastrk-dl.com | 1 redirects |
1 | offer-select.com | 1 redirects |
1 | duct.infralead.net | 1 redirects |
1 | grmd395.hexatrack.net | 1 redirects |
9 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
adspredictiv.com GTS CA 1P5 |
2024-02-28 - 2024-05-28 |
3 months | crt.sh |
vipthe.monster GTS CA 1P5 |
2024-04-23 - 2024-07-22 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
confidence-x.com E1 |
2024-03-08 - 2024-06-06 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://vipthe.monster/index9.php?flow_id=109&cid=171391366910000TDETV413588908704V8e&zone=6536622-1984015597-0&keyword=YourFileIsReady&time=1713913669&lang=de&country=DE&campaign=380746020
Frame ID: 0FC6808463A501517CD6C23BE7D84B2E
Requests: 10 HTTP requests in this frame
Screenshot
Page Title
FileToSendPage URL History Show full URLs
-
https://grmd395.hexatrack.net/
HTTP 302
https://duct.infralead.net/tools/SetRedirect/?pos=f_1&aff_code=&vl_ph_result=&imsi=&ld_first_name=&ld_l... HTTP 302
https://offer-select.com/5529cebd-836b-4cfb-80e5-c9670cd773ce?cookie=&externalid=;;;;;;;;;;;;;;&ld_fi... HTTP 302
https://eastrk-dl.com/?a=35429&o=142114&c=0&co=32526&mt=18&s1=&s2=w34u0mldjucf67q0jqpnsa9q HTTP 302
https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=946a96c276544140a068f299137a9a4a2099a&su... Page URL
-
https://adspredictiv.com/jump/next.php?stamat=m%257CLqY2d_o3aQdH8AH0dEdHP3xP.a46%252C7H0PozvLiGV-YkDx...
HTTP 302
https://adspredictiv.com/script/i.php?t=1&c=23763794&stamat=m%257C%252C%252CgjJ-d2NyoGU3BE-GH0dEdHP3x... HTTP 302
https://vipthe.monster/index9.php?flow_id=109&cid=171391366910000TDETV413588908704V8e&zone=6536622-... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://grmd395.hexatrack.net/
HTTP 302
https://duct.infralead.net/tools/SetRedirect/?pos=f_1&aff_code=&vl_ph_result=&imsi=&ld_first_name=&ld_last_name=&ld_zip_code=&ld_email=&ld_gender=&ld_address_line1=&ld_phone_cell=&ld_age=&ld_dob=&aff_inc=&externalid=;;;;;;;;;;;;;; HTTP 302
https://offer-select.com/5529cebd-836b-4cfb-80e5-c9670cd773ce?cookie=&externalid=;;;;;;;;;;;;;;&ld_first_name=&ld_last_name=&ld_zip_code=&ld_email=&ld_gender=&ld_address_line1=&ld_phone_cell=&aff_source=&aff_subsource=&operator=NotMapped&mnc=&ld_dob=&aff_inc=&ld_region_code= HTTP 302
https://eastrk-dl.com/?a=35429&o=142114&c=0&co=32526&mt=18&s1=&s2=w34u0mldjucf67q0jqpnsa9q HTTP 302
https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=946a96c276544140a068f299137a9a4a2099a&sub1=35429&sub2= Page URL
-
https://adspredictiv.com/jump/next.php?stamat=m%257CLqY2d_o3aQdH8AH0dEdHP3xP.a46%252C7H0PozvLiGV-YkDx825CHjXHsSctWIGDQyh13bePJRrNfLENJy4TGkHo3ZBtMGSHcNoHqJW2BWVyevbtjYe3OoWyKk_5ylWx6fdNLfQYh_wYpwi1HpFm2atzjBSpthy5&cbpage=https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=946a96c276544140a068f299137a9a4a2099a&sub1=35429&sub2=&cbur=0.8632644525997462&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=&ufp=Win32%2FMozilla%2FNetscape%2Ftrue%2Ffalse1600x1200-120de-DE81424%20bits
HTTP 302
https://adspredictiv.com/script/i.php?t=1&c=23763794&stamat=m%257C%252C%252CgjJ-d2NyoGU3BE-GH0dEdHP3xP.02b%252C35cDCM7L71o05DlniIcFPcKh5TzPUs7anKIAJV4Fu-A33h5ZVwndsMhqb70h3eaoTmov1f7wYjeDdBxt13XnBsR093IEJ-EihbWCCd6zsEB3TK0bECXXmhvxDDD-BjheV2bH4Vy9LCLihdT3SO1CCDRPz05l_BmmNgF_p5Z3wdF8dVxNrCmyRGLzaDWqk3I6aL-m68AMm17mLct2IcNq7KlDyirZHpqlq4DlcsivnyK0_5Z2Dnxnb7qf79JhrJw9ghzVPMWZHvaFmwJafT7uKtjWPTwswRJYSqwVzj_uT36t22pQgEa1crnZqsh890buUS0we6lvGsjoheabmTdrzU23IB5PU2Bkp42mrV0TttSqZEHmjvCP8E5_dXclHEdJTqM1t6_oTWSakEsixSuTQsqeFuZQ-WrTJ-FLhWZxWopbHp-2AfKjm3gLVnQE8St5NhTgl0YH4px0_5kcnNOcPuCeGRMj4QgJmlkqnwWkOnwjjMrlNicUUGFFO81X6CERx4gIQirT93jca0deHkwgu93MTrjTfQxSN9imT7llgquJAIKGtOQckGoQkfoVLKfqZH0bCZwidaycpCxpXUqcXu4WVFqhc2HZPI0k3Qn6tSoO6V1Mdo3dI-ghSSMVC-OJ5l1sAkwK3gyTml85PyCyOw7zyNdwHXEGDEdwN24AZnk%252C HTTP 302
https://vipthe.monster/index9.php?flow_id=109&cid=171391366910000TDETV413588908704V8e&zone=6536622-1984015597-0&keyword=YourFileIsReady&time=1713913669&lang=de&country=DE&campaign=380746020 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://grmd395.hexatrack.net/ HTTP 302
- https://duct.infralead.net/tools/SetRedirect/?pos=f_1&aff_code=&vl_ph_result=&imsi=&ld_first_name=&ld_last_name=&ld_zip_code=&ld_email=&ld_gender=&ld_address_line1=&ld_phone_cell=&ld_age=&ld_dob=&aff_inc=&externalid=;;;;;;;;;;;;;; HTTP 302
- https://offer-select.com/5529cebd-836b-4cfb-80e5-c9670cd773ce?cookie=&externalid=;;;;;;;;;;;;;;&ld_first_name=&ld_last_name=&ld_zip_code=&ld_email=&ld_gender=&ld_address_line1=&ld_phone_cell=&aff_source=&aff_subsource=&operator=NotMapped&mnc=&ld_dob=&aff_inc=&ld_region_code= HTTP 302
- https://eastrk-dl.com/?a=35429&o=142114&c=0&co=32526&mt=18&s1=&s2=w34u0mldjucf67q0jqpnsa9q HTTP 302
- https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=946a96c276544140a068f299137a9a4a2099a&sub1=35429&sub2=
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
next.php
adspredictiv.com/jump/ Redirect Chain
|
8 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
index9.php
vipthe.monster/ Redirect Chain
|
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
style.css
vipthe.monster/ |
298 KB 94 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-2.2.4.min.js
code.jquery.com/ |
84 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gAySB.php
confidence-x.com/ |
395 B 871 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo.png
vipthe.monster/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
file.svg
vipthe.monster/ |
484 B 733 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
26 KB 26 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
data.php
vipthe.monster/ |
0 0 |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.png
vipthe.monster/ |
1 KB 2 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| getUclick function| fxOfLnks function| sendLpPixel function| lp_pixel_callback object| date number| year number| month number| day function| myFunction function| outFunc function| $ function| jQuery object| d object| tokens boolean| lp_pixel_wait_flag17 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
duct.infralead.net/tools/SetRedirect | Name: _frmld Value: 1 |
|
grmd395.hexatrack.net/ | Name: hexa.sid Value: s%3AZYH5w5QdaTT03h-DDRHzrSRYlG6Vi5x3.uAC2lXFbRTQ%2FrDfSa2xdwLYrec1kD4avZPNMuqCznaE |
|
.offer-select.com/ | Name: 5529cebd-836b-4cfb-80e5-c9670cd773ce-v4 Value: v8nEMGcrxO3VMItZLHeBS5q9YeJtTJ3cnTNCf1mfJ0E |
|
.offer-select.com/ | Name: cc-v4 Value: wi%2FjfW20RrdHvxYwuEkV%2BjXiM10X73kAg9BpK%2BvCZpcj0Dd%2FdtiZS716DHEXiy0SxYIsetC00R2TVB9op68M0x7EX8nmyC8txSzn6QzN51dfdEyXa2StsVaFhw3Xcr8eDB8eL8SKbnTwpF%2FRNcaGlg%3D%3D |
|
.eastrk-dl.com/ | Name: gdm_click_freq_v2_1_001 Value: OxGjV6XpcXangzh4Sty+jkfDx3QR5y4imoQ10ABn2J/FY/PonyorWtPdAttU1gml |
|
.eastrk-dl.com/ | Name: gdm_click_adv_freq_v2_1_001 Value: WGP2hL1mCj4amHrx09xyl/uf4z0MtqZgFID8k4qvUr3GvmR4Ea3FNnPLWgcsjBvv |
|
.eastrk-dl.com/ | Name: gdm_uid_v1_1_001 Value: /MNy4sUrm8z1y61dcXml/fvWcPxvPGl7b84+yHcXQtGJXPM0f7xOuxNnzpJarbI8 |
|
.eastrk-dl.com/ | Name: gdm_uid_v2_1_001 Value: /MNy4sUrm8z1y61dcXml/fvWcPxvPGl7b84+yHcXQtGJXPM0f7xOuxNnzpJarbI8 |
|
.eastrk-dl.com/ | Name: gdm_sid_v1_3_001 Value: 3IydlNiK6ZpRSVFio8zZk9iRhTYtoYQX4zT2GBnwQO+6JyxJ/LXih1FoetAHOd+XCeeM8P1Y9OgsFVD4Y+sHJnAXNA98Nu3ZKBZ80nZorIu2xCfWTWIiIS8QU4lVgCaxo8ULOWMSmxo3HBycIAUznQI5oFjc/Y1xi4s3qHaii1vxkcLXeuC3/u6S1krBFsUI8cYOgH7SW0cEIGEV4NrWr7prdNj7lC1cHeqOT9cy7VVSks7eujL1icGmwQ7AHB6EDjuVH1+q62S94KxZ818bZ+m3aqKtDMmxDBDxZtvovAo9MOg/bQVY015H7hQfP+SLjpGj2+oJq2W8tMqnzfUpVZCTujTsObwwVTHcvhkGrBIgt48dZhbWyPErvSNNbBqh4rdVT1zde5LcJq0WoszE4lA3zChrh9pE85IJcZ5iAjEKHsM8J9twGX6CJM+xyc0+wkMlfYMRkCuNwzEqHnAASdojqrL21zMbb/n025rttxQ79E9aZQH4zRL+3tfqg1Baw9G7v184o9ehPBKi84j6kfbO7XxMJjqVB6+t3eSMoZLOTP0/47SaLqxbNxDEoEZ5kOGZj7/isZpw3cQ61BKyRCtQPosQaF924jEYbCKefsEg74xYIpzHlmbWnRqdhlrUqfFyDT5DXitPbOQgon4CKSjalE1/Oa47tX5tgMxRHU9du4+SSvJXcq9O5Ydpb6vUqY3QMb86f99LCqI6mHRKNTqy/t53T0hP3vpe9YnHLY+uE/6duV7AitlhqhaXf4nafkQAww3JqlvRLv6QBBHgwxPFdrTiFgncka+PvrHAuWEh4BOEvq6EFuYOCDplPBko8yy/6iBUkYk7ZAo5Krqa/zglRwBzl+1obnBb8VkjxOTGQr8NxWU0T1m23laShs4KOkGlPLKyVw6e0IBE7R0dEACu9DviZogYdf0lX/2gVOP2CiwioYIuhuA572S61EcWoA3jP2sCcoeLWzSsQt8Vbzr4CXwF/Mz7wiKabBv9lxKCMGznxwPdZqIu6LS/WVAqqPS5mCm5Lhd4Xu2vMboA8TmAnzfEoGcN8TLfRbpef5wrIgu7Jfn43hVhvSxmBobl8GmEDWqqlLmfZ9f1SsQ+/nB+RhN9Zr0nldNaqQML4eo= |
|
.eastrk-dl.com/ | Name: gdm_sid_v2_3_001 Value: 3IydlNiK6ZpRSVFio8zZk9iRhTYtoYQX4zT2GBnwQO+6JyxJ/LXih1FoetAHOd+XCeeM8P1Y9OgsFVD4Y+sHJnAXNA98Nu3ZKBZ80nZorIu2xCfWTWIiIS8QU4lVgCaxo8ULOWMSmxo3HBycIAUznQI5oFjc/Y1xi4s3qHaii1vxkcLXeuC3/u6S1krBFsUI8cYOgH7SW0cEIGEV4NrWr7prdNj7lC1cHeqOT9cy7VVSks7eujL1icGmwQ7AHB6EDjuVH1+q62S94KxZ818bZ+m3aqKtDMmxDBDxZtvovAo9MOg/bQVY015H7hQfP+SLjpGj2+oJq2W8tMqnzfUpVZCTujTsObwwVTHcvhkGrBIgt48dZhbWyPErvSNNbBqh4rdVT1zde5LcJq0WoszE4lA3zChrh9pE85IJcZ5iAjEKHsM8J9twGX6CJM+xyc0+wkMlfYMRkCuNwzEqHnAASdojqrL21zMbb/n025rttxQ79E9aZQH4zRL+3tfqg1Baw9G7v184o9ehPBKi84j6kfbO7XxMJjqVB6+t3eSMoZLOTP0/47SaLqxbNxDEoEZ5kOGZj7/isZpw3cQ61BKyRCtQPosQaF924jEYbCKefsEg74xYIpzHlmbWnRqdhlrUqfFyDT5DXitPbOQgon4CKSjalE1/Oa47tX5tgMxRHU9du4+SSvJXcq9O5Ydpb6vUqY3QMb86f99LCqI6mHRKNTqy/t53T0hP3vpe9YnHLY+uE/6duV7AitlhqhaXf4nafkQAww3JqlvRLv6QBBHgwxPFdrTiFgncka+PvrHAuWEh4BOEvq6EFuYOCDplPBko8yy/6iBUkYk7ZAo5Krqa/zglRwBzl+1obnBb8VkjxOTGQr8NxWU0T1m23laShs4KOkGlPLKyVw6e0IBE7R0dEACu9DviZogYdf0lX/2gVOP2CiwioYIuhuA572S61EcWoA3jP2sCcoeLWzSsQt8Vbzr4CXwF/Mz7wiKabBv9lxKCMGznxwPdZqIu6LS/WVAqqPS5mCm5Lhd4Xu2vMboA8TmAnzfEoGcN8TLfRbpef5wrIgu7Jfn43hVhvSxmBobl8GmEDWqqlLmfZ9f1SsQ+/nB+RhN9Zr0nldNaqQML4eo= |
|
.eastrk-dl.com/ | Name: gdm_click_freq_v1_1_001 Value: OxGjV6XpcXangzh4Sty+jkfDx3QR5y4imoQ10ABn2J/FY/PonyorWtPdAttU1gml |
|
.eastrk-dl.com/ | Name: gdm_suid_v1_1_001 Value: HPfHs3OFxkaNOwO68jCjbQ== |
|
.eastrk-dl.com/ | Name: gdm_suid_v2_1_001 Value: HPfHs3OFxkaNOwO68jCjbQ== |
|
.eastrk-dl.com/ | Name: gdm_click_adv_freq_v1_1_001 Value: WGP2hL1mCj4amHrx09xyl/uf4z0MtqZgFID8k4qvUr3GvmR4Ea3FNnPLWgcsjBvv |
|
confidence-x.com/ | Name: uclick Value: ntj2hqa98n |
|
confidence-x.com/ | Name: uclickhash Value: ntj2hqa98n-ntj2hqa98n-xswj-0-u3fe-ikvr-xr0-ab1fed |
|
vipthe.monster/ | Name: uclick Value: ntj2hqa98n |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adspredictiv.com
code.jquery.com
confidence-x.com
duct.infralead.net
eastrk-dl.com
grmd395.hexatrack.net
offer-select.com
vipthe.monster
172.67.172.54
188.114.97.3
2a04:4e42::649
2a05:d018:483:6130:b1b2:2041:e070:8642
2a06:98c1:3120::3
34.22.240.62
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
26be916be05c78cdb2c3d3cacd2e614a6aa948c8ed0b853b01f9a44a08c369aa
868ebb420c1904c4839eec315d69c16777412f6643f8a138266c93302db08731
990e08f97eb7795d9fbc2b363c808fe30229729c8cbdd82c117cfb85cd7cced3
9f934d35effdeb229720344a21eaddfef83a34329a0fd11d8313e0f6ecb8349b
c11463824a0a1c5d884a02afce53e45534dff9b3fc9ac920b7db131d65d2c09f
c2853217041f8165292180b5322313dda53bbf0b27f101d3f1723be67eb31504
d868aa636a0571f1bf275994ff83da04d3263c6ae10474fb346610259b670ed1