vipprimeiapp.monster Open in urlscan Pro
2606:4700:3035::ac43:a70f Public Scan

Go To Rescan
Add Verdict Report

URL:
https://vipprimeiapp.monster/
Submission: On July 18 via api (July 18th 2024, 4:43:46 pm UTC) from US — Scanned from DE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 8 HTTP transactions. The main IP is 2606:4700:3035::ac43:a70f, located in United States and belongs to CLOUDFLARENET, US. The main domain is vipprimeiapp.monster.
TLS certificate: Issued by WE1 on July 18th 2024. Valid for: 3 months.

This is the only time vipprimeiapp.monster was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2606:4700:303... 2606:4700:3035::ac43:a70f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	4

5 2606:4700:3035::ac43:a70f (United States)

ASN13335 (CLOUDFLARENET, US)

vipprimeiapp.monster	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

kurwa-log.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	vipprimeiapp.monster vipprimeiapp.monster	66 KB
1	kurwa-log.com kurwa-log.com — Cisco Umbrella Rank: 175881	923 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	953 B
8	3

	Domain	Requested by
5	vipprimeiapp.monster	vipprimeiapp.monster
1	kurwa-log.com	vipprimeiapp.monster
1	fonts.googleapis.com	vipprimeiapp.monster
8	3

This site contains no links.

Subject Issuer	Validity	Valid
vipprimeiapp.monster WE1	`2024-07-18` - `2024-10-16`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
kurwa-log.com WE1	`2024-07-09` - `2024-10-07`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://vipprimeiapp.monster/
Frame ID: FD4CB313D272668BB5A6AC2B8C585319
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

RapidShare - Fast & Secure File Transfer for Free

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

8
Requests

88 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

68 kB
Transfer

347 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
vipprimeiapp.monster/ 5 KB
2 KB 122ms
86ms Document
text/html 2606:4700:3035::ac43:a70f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vipprimeiapp.monster/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a70f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99b8ab602d90dbde702741ba49edd37f1ecc7538dc6150635cc4e5da0a61da7c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8a53eea1cf180bba-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 18 Jul 2024 16:43:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dTbEGc0bHK8h6imnLAbQNZ6hkc1d%2BjT6F%2Fnvd34jWL%2BzE%2FKmhPFG9Vs41NyWSktmbmOR3U%2BzH0v9PvWVM5KB%2Bm1WkOX6egdMEnm3YnV7F1cLUZRDhQQTOn08GaRfYEcKAUGNA8bLJ26Ts4booRAvYaNbCg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 7 KB
953 B 43ms
16ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:100,200,300,400,500,600,700,800,900

Requested by

Host: vipprimeiapp.monster
URL: https://vipprimeiapp.monster/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

609795016110cd4bcf69fae138e9d4548f26745cdce9e620b44eab056612fbf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://vipprimeiapp.monster/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 18 Jul 2024 16:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 18 Jul 2024 15:59:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Jul 2024 16:43:41 GMT

GET
H3 200 bootstrap.min.css
vipprimeiapp.monster/css/ 245 KB
41 KB 26ms
26ms Stylesheet
text/css 2606:4700:3035::ac43:a70f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vipprimeiapp.monster/css/bootstrap.min.css
Requested by: Host: vipprimeiapp.monster
URL: https://vipprimeiapp.monster/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a70f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92f82710882b3f7fa115584003134141d8b25fb45d63ec86a57f627cfb4d8944

Request headers

Referer: https://vipprimeiapp.monster/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 16:43:41 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 08 Jul 2024 15:30:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 38522
etag: W/"668c0614-3d41a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C6pAQA5iQ8iwzAzLYAxlGPLh%2F4LAhvJ2ab99fFUWam9E9FDfJxnUeNcykPNDeZ66semiist4AiEoTIhOeMy5%2BiLtz7RuoTvrvZNmSJtESCXJVZRaWGh1Zsz2dSuYLzRiP3SW9b8IKFI3RH4VhXsxTUKaiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 8a53eea26fd90bba-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 18 Jul 2024 18:01:39 GMT

GET
H3 200 all.min.css
vipprimeiapp.monster/css/ 58 KB
15 KB 51ms
51ms Stylesheet
text/css 2606:4700:3035::ac43:a70f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vipprimeiapp.monster/css/all.min.css
Requested by: Host: vipprimeiapp.monster
URL: https://vipprimeiapp.monster/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a70f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9364be3c7e552cc73bf6aef68056e25398a21f750f115b793e1ccd705083793f

Request headers

Referer: https://vipprimeiapp.monster/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 16:43:41 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 08 Jul 2024 15:30:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 38522
etag: W/"668c0614-e6f8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eETFx%2BMYzKVbE2cIvoNUAbYgUdLpkxt204VmdwwJWS1%2BwC4rETfMhl18aIj9Urf9nKbEwMXXu4tdMg6KAAQSOthLg1242Dsf7B4MLbUuRY5jE6ZN%2FMb6L5VtRIIzjHQHk%2FnxJZn%2FP2g0MpvCMRmLLxNXIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 8a53eea26fda0bba-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 18 Jul 2024 18:01:39 GMT

GET
H3 200 style.css
vipprimeiapp.monster/css/ 31 KB
6 KB 25ms
25ms Stylesheet
text/css 2606:4700:3035::ac43:a70f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vipprimeiapp.monster/css/style.css
Requested by: Host: vipprimeiapp.monster
URL: https://vipprimeiapp.monster/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a70f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a8e6e90f9973ada83271a084d530331eef38398016497320a2cef96077c6d0d

Request headers

Referer: https://vipprimeiapp.monster/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 16:43:41 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 08 Jul 2024 15:30:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 38522
etag: W/"668c0614-7dd7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3q7vL2oNYxonR5pZkXSuf5Yv16DVPRykmrtfgfo%2BiK2BmdbJF8WhzcVNHNhGznRNzSz9Y0YKMndrB1iD%2BWovgk0ITgRcCipR3SNg8x%2Fz5PVvh1jkj30cHux8LqEzppf1DE%2FUe8aRRHOnn6K6GjXZSRWl5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 8a53eea26fdd0bba-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 18 Jul 2024 18:01:39 GMT

GET
H3 200 gAySB.php Show response
kurwa-log.com/ 460 B
923 B 190ms
111ms Script
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kurwa-log.com/gAySB.php?key=4aljczal7lsl3pbukwni&lp_type=pixel
Requested by: Host: vipprimeiapp.monster
URL: https://vipprimeiapp.monster/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4403ca95321d11694ee75fb065db5a666ee653ea0a1c3e04e9e23800f4ebb1d0

Request headers

Referer: https://vipprimeiapp.monster/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 16:43:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zwtsj0%2Bjl9uJ9RBIWQAaC%2FF%2FC5FpPyqRWpxVPD5upUlr%2FvR2GYzOvvyOp8TwQZ5TzE%2Boy4hFuA3Uh6ijt%2BYEbATdwe1sfMpt74XlS%2BBxPx0mk0S0QpVTwT4OElCaExN3pJDZ6YHiKLb%2B%2BR86"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 8a53eea349349fd0-AMS
alt-svc: h3=":443"; ma=86400

GET data.php
vipprimeiapp.monster/ 0
0

GET
H3 200 favicon.png
vipprimeiapp.monster/images/ 1 KB
2 KB 26ms
26ms Other
image/png 2606:4700:3035::ac43:a70f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vipprimeiapp.monster/images/favicon.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a70f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 888fc822d786f03fa865c52b8b88c4c3fd29a36979dd5485b0f93e4cd7735726

Request headers

Referer: https://vipprimeiapp.monster/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 16:43:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38523
alt-svc: h3=":443"; ma=86400
content-length: 1308
last-modified: Mon, 08 Jul 2024 15:30:27 GMT
server: cloudflare
etag: "668c0613-51c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jLRMFo%2Fl0PoD5iAZfCkDawEzNxfYU3Vozr96AW9wftvEWBuvVR7Q%2Fam2UkmZ5ZKxas5DbK6zQMVc93sNQuDYYnuRbQL%2BGbxAhKXWGnYND0DvZ2KJf%2BMHauOGExTMUXnCZV9wPg%2BW4i0v5%2B102hFt7Q8Ctw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8a53eea3fa080bba-AMS
expires: Sat, 17 Aug 2024 06:01:39 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: vipprimeiapp.monster
URL: https://vipprimeiapp.monster/data.php?filename=Unknown&sourcename=Unknown&flow_id=99&click_id=877e89la4hoqe8n65d&ip=2a02:6ea0:c71b:0:1011:8d47:44a9:4617

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
kurwa-log.com/	1970-01-20 22:10:07	Name: uclick Value: 9la4hoqe8n
kurwa-log.com/	1970-01-20 22:10:07	Name: uclickhash Value: 9la4hoqe8n-9la4hoqe8n-bzfe-0-4k8n-kt8n-ktbl-30896b
vipprimeiapp.monster/	1970-01-20 22:10:14	Name: uclick Value: 9la4hoqe8n

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
kurwa-log.com
vipprimeiapp.monster
vipprimeiapp.monster
2606:4700:3035::ac43:a70f
2a00:1450:4001:812::200a
2a06:98c1:3120::3
4403ca95321d11694ee75fb065db5a666ee653ea0a1c3e04e9e23800f4ebb1d0
609795016110cd4bcf69fae138e9d4548f26745cdce9e620b44eab056612fbf0
888fc822d786f03fa865c52b8b88c4c3fd29a36979dd5485b0f93e4cd7735726
8a8e6e90f9973ada83271a084d530331eef38398016497320a2cef96077c6d0d
92f82710882b3f7fa115584003134141d8b25fb45d63ec86a57f627cfb4d8944
9364be3c7e552cc73bf6aef68056e25398a21f750f115b793e1ccd705083793f
99b8ab602d90dbde702741ba49edd37f1ecc7538dc6150635cc4e5da0a61da7c

vipprimeiapp.monster Open in urlscan Pro 2606:4700:3035::ac43:a70f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

8 Requests

88 %HTTPS

100 %IPv6

3 Domains

3 Subdomains

4 IPs

2 Countries

68 kBTransfer

347 kBSize

3 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

3 Cookies

Indicators

vipprimeiapp.monster Open in urlscan Pro
2606:4700:3035::ac43:a70f Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

88 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

68 kB
Transfer

347 kB
Size

3
Cookies

8 HTTP transactions
0 data transactions