www.vivemoncasinovip1.com Open in urlscan Pro
172.64.144.42 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://abosolutionimportexport.com/jamesone.php?d=conflicting&j=pend&h=saintly&m=wang
Effective URL:
https://www.vivemoncasinovip1.com/promonew/roue-de-fortune/?hold=yes&c_silent=1&aff_system=RVG&sourceID=903726&source=fb&sub_aid2=...
Submission Tags: phishing
Submission: On August 18 via api (August 18th 2022, 6:25:31 pm UTC) from US — Scanned from FR

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 8 countries across 17 domains to perform 19 HTTP transactions. The main IP is 172.64.144.42, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.vivemoncasinovip1.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 13th 2022. Valid for: a year.

This is the only time www.vivemoncasinovip1.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2001:41d0:301... 2001:41d0:301::31	16276 (OVH) (OVH)
1 1	185.125.19.53 185.125.19.53	62222 (QS-AS) (QS-AS)
1 1	2a05:7880:5b1... 2a05:7880:5b1:2bd5:2408:493b:c191:e915	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1 3	2a07:180:156:... 2a07:180:156:fbb0:6ea6:bab6:460b:d6d3	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
7 7	2a06:9ac0:23e... 2a06:9ac0:23e:aff1:26ef:4b5a:45c1:f9fb	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	172.64.144.42 172.64.144.42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400e:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
19	6

1 2001:41d0:301::31 (France)

ASN16276 (OVH, FR)

abosolutionimportexport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.125.19.53 (Russian Federation) 1 redirects

ASN62222 (QS-AS, RU)
PTR: ejex.club

fortuneadvert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:7880:5b1:2bd5:2408:493b:c191:e915 (Cyprus) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

tarenived.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a07:180:156:fbb0:6ea6:bab6:460b:d6d3 (Belize) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

huffson-delivery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
huffson-derivery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a06:9ac0:23e:aff1:26ef:4b5a:45c1:f9fb (Virgin Islands (British)) 7 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

hghit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hgbn.rocks	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hgbn.space	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hgbn.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hgbn1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hg-bn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hgbnr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.bfflnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 172.64.144.42 (United States)

ASN13335 (CLOUDFLARENET, US)

www.vivemoncasinovip1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:80f::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	vivemoncasinovip1.com www.vivemoncasinovip1.com	664 KB
2	huffson-delivery.com 1 redirects huffson-delivery.com — Cisco Umbrella Rank: 301288	1 KB
1	gstatic.com fonts.gstatic.com	21 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 54	634 B
1	bfflnk.com 1 redirects www.bfflnk.com	859 B
1	huffson-derivery.com huffson-derivery.com — Cisco Umbrella Rank: 345853	512 B
1	hgbnr.com 1 redirects hgbnr.com — Cisco Umbrella Rank: 343625	507 B
1	hg-bn.com 1 redirects hg-bn.com — Cisco Umbrella Rank: 336399	499 B
1	hgbn1.com 1 redirects hgbn1.com — Cisco Umbrella Rank: 343624	499 B
1	hgbn.network 1 redirects hgbn.network — Cisco Umbrella Rank: 338453	499 B
1	hgbn.space 1 redirects hgbn.space — Cisco Umbrella Rank: 339197	501 B
1	hgbn.rocks 1 redirects hgbn.rocks — Cisco Umbrella Rank: 332317	499 B
1	hghit.com 1 redirects hghit.com — Cisco Umbrella Rank: 331653	500 B
1	tarenived.com 1 redirects tarenived.com — Cisco Umbrella Rank: 616495	473 B
1	fortuneadvert.com 1 redirects fortuneadvert.com	182 B
1	abosolutionimportexport.com abosolutionimportexport.com	2 KB
0	afflnk.com Failed track.afflnk.com Failed
19	17

	Domain	Requested by
13	www.vivemoncasinovip1.com	huffson-delivery.com www.vivemoncasinovip1.com
2	huffson-delivery.com	1 redirects abosolutionimportexport.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	www.vivemoncasinovip1.com
1	www.bfflnk.com	1 redirects
1	huffson-derivery.com
1	hgbnr.com	1 redirects
1	hg-bn.com	1 redirects
1	hgbn1.com	1 redirects
1	hgbn.network	1 redirects
1	hgbn.space	1 redirects
1	hgbn.rocks	1 redirects
1	hghit.com	1 redirects
1	tarenived.com	1 redirects
1	fortuneadvert.com	1 redirects
1	abosolutionimportexport.com
0	track.afflnk.com Failed	www.vivemoncasinovip1.com
19	17

This site contains no links.

Subject Issuer	Validity	Valid
huffson-delivery.com Cloudflare Inc ECC CA-3	`2022-08-01` - `2023-08-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-13` - `2023-06-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.vivemoncasinovip1.com/promonew/roue-de-fortune/?hold=yes&c_silent=1&aff_system=RVG&sourceID=903726&source=fb&sub_aid2=11920_54_154__&sub_aid5=f8f76e76e24bec34b7ab83932c76d1e8tea5phoo5df20d3c4b251-3091&transaction_id=i04612200c779fb22b01e00dca2e69&click_id=3983904331&qt=0.65709
Frame ID: F2C085A2C6F685404CA32C00C6482AD1
Requests: 17 HTTP requests in this frame

Frame: https://www.vivemoncasinovip1.com/trackCookie?ab=a&adv_sub1=a&hold=yes&c_silent=1&aff_system=RVG&sourceID=903726&source=fb&sub_aid2=11920_54_154__&sub_aid5=f8f76e76e24bec34b7ab83932c76d1e8tea5phoo5df20d3c4b251-3091&transaction_id=i04612200c779fb22b01e00dca2e69&click_id=3983904331&qt=0.65709
Frame ID: 0F4EB3F3F367452293FC5C044B128976
Requests: 1 HTTP requests in this frame

Frame: https://track.afflnk.com/track.gif?e=lp&info=%7B%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22cd%22%3A24%2C%22pd%22%3A24%2C%22r%22%3A%22https%3A//huffson-delivery.com/%22%2C%22l%22%3A%22https%3A//www.vivemoncasinovip1.com/promonew/roue-de-fortune/%3Fhold%3Dyes%26c_silent%3D1%26aff_system%3DRVG%26sourceID%3D903726%26source%3Dfb%26sub_aid2%3D11920_54_154__%26sub_aid5%3Df8f76e76e24bec34b7ab83932c76d1e8tea5phoo5df20d3c4b251-3091%26transaction_id%3Di04612200c779fb22b01e00dca2e69%26click_id%3D3983904331%26qt%3D0.65709%22%7D&src=903726&sid=69&cid=1660847130&ab=a&hold=yes&c_silent=1&aff_system=RVG&sourceID=903726&source=fb&sub_aid2=11920_54_154__&sub_aid5=f8f76e76e24bec34b7ab83932c76d1e8tea5phoo5df20d3c4b251-3091&transaction_id=i04612200c779fb22b01e00dca2e69&click_id=3983904331&qt=0.65709
Frame ID: B984E517FC7A8B4CFF1FE84F01199068
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ViveMonCasino - L’HEURE DE LA PROVOC’ EST ARRIVÉE

Page URL History Show full URLs

http://abosolutionimportexport.com/jamesone.php?d=conflicting&j=pend&h=saintly&m=wang Page URL
https://fortuneadvert.com/vive-mon-casino3/?flow=154&utm_source=1&homemade=weeks HTTP 302
https://tarenived.com/11920/26807?param=54_154__&clickid=3126025&lp=3726 HTTP 302
https://huffson-delivery.com/direct?placement_id=11920&atp=54_154__&click_id=3126025&sub_id_4=&pv=3726&la... Page URL
https://huffson-delivery.com/p/11920/b/26807?u=https%3A%2F%2Fwww.bfflnk.com%2F%3Fbrand_id%3D69%26source_i... HTTP 302
https://www.bfflnk.com/?brand_id=69&source_id=903726&source=fb&aff_sub2=11920_54_154__&aff_sub5=f8f... HTTP 302
https://www.vivemoncasinovip1.com/promonew/roue-de-fortune/?hold=yes&c_silent=1&aff_system=RVG&sourceID=903726... Page URL

Page Statistics

19
Requests

84 %
HTTPS

78 %
IPv6

17
Domains

17
Subdomains

6
IPs

8
Countries

689 kB
Transfer

776 kB
Size

21
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://abosolutionimportexport.com/jamesone.php?d=conflicting&j=pend&h=saintly&m=wang Page URL
https://fortuneadvert.com/vive-mon-casino3/?flow=154&utm_source=1&homemade=weeks HTTP 302
https://tarenived.com/11920/26807?param=54_154__&clickid=3126025&lp=3726 HTTP 302
https://huffson-delivery.com/direct?placement_id=11920&atp=54_154__&click_id=3126025&sub_id_4=&pv=3726&lang=fr&cc=FR Page URL
https://huffson-delivery.com/p/11920/b/26807?u=https%3A%2F%2Fwww.bfflnk.com%2F%3Fbrand_id%3D69%26source_id%3D903726%26source%3Dfb%26aff_sub2%3D11920_54_154__%26aff_sub5%3Df8f76e76e24bec34b7ab83932c76d1e8tea5phoo5df20d3c4b251-3091%26atp%3D54_154__%26click_id%3D3126025%26sub_id_4%3D%26pv%3D3726%26lang%3Dfr%26cc%3DFR&atp=54_154__&click_id=3126025&sub_id_4=&pv=3726&lang=fr&cc=FR HTTP 302
https://www.bfflnk.com/?brand_id=69&source_id=903726&source=fb&aff_sub2=11920_54_154__&aff_sub5=f8f76e76e24bec34b7ab83932c76d1e8tea5phoo5df20d3c4b251-3091 HTTP 302
https://www.vivemoncasinovip1.com/promonew/roue-de-fortune/?hold=yes&c_silent=1&aff_system=RVG&sourceID=903726&source=fb&sub_aid2=11920_54_154__&sub_aid5=f8f76e76e24bec34b7ab83932c76d1e8tea5phoo5df20d3c4b251-3091&transaction_id=i04612200c779fb22b01e00dca2e69&click_id=3983904331&qt=0.65709 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://fortuneadvert.com/vive-mon-casino3/?flow=154&utm_source=1&homemade=weeks HTTP 302
https://tarenived.com/11920/26807?param=54_154__&clickid=3126025&lp=3726 HTTP 302
https://huffson-delivery.com/direct?placement_id=11920&atp=54_154__&click_id=3126025&sub_id_4=&pv=3726&lang=fr&cc=FR

Request Chain 2

https://hghit.com/set-cookie.gif?_HGAU=edff578c-fb2d-4a00-83bd-9987cf812be6&partially=1 HTTP 302
https://hgbn.rocks/set-cookie.gif?_HGAU=edff578c-fb2d-4a00-83bd-9987cf812be6&partially=1&iteration=2 HTTP 302
https://hgbn.space/set-cookie.gif?_HGAU=edff578c-fb2d-4a00-83bd-9987cf812be6&partially=1&iteration=3 HTTP 302
https://hgbn.network/set-cookie.gif?_HGAU=edff578c-fb2d-4a00-83bd-9987cf812be6&partially=1&iteration=4 HTTP 302
https://hgbn1.com/set-cookie.gif?_HGAU=edff578c-fb2d-4a00-83bd-9987cf812be6&partially=1&iteration=5 HTTP 302
https://hg-bn.com/set-cookie.gif?_HGAU=edff578c-fb2d-4a00-83bd-9987cf812be6&partially=1&iteration=6 HTTP 302
https://hgbnr.com/set-cookie.gif?_HGAU=edff578c-fb2d-4a00-83bd-9987cf812be6&partially=1&iteration=7 HTTP 302
https://huffson-derivery.com/set-cookie.gif?_HGAU=edff578c-fb2d-4a00-83bd-9987cf812be6&partially=1&iteration=8

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK jamesone.php Show response
abosolutionimportexport.com/ 4 KB
2 KB 999ms
762ms Document
text/html 2001:41d0:301::31
OVH

General

Domain/Path	Expires	Name / Value
fortuneadvert.com/	1970-01-20 05:22:13	Name: site28 Value: 154
tarenived.com/	1970-01-20 14:56:47	Name: _HGAU Value: af7c9556-799d-473e-870a-3e320a59ab0b
tarenived.com/	1970-01-20 06:05:25	Name: vst_cnt_17292 Value: 1
huffson-delivery.com/	1970-01-20 14:56:47	Name: _HGAU Value: edff578c-fb2d-4a00-83bd-9987cf812be6
huffson-delivery.com/	1970-01-20 05:20:50	Name: pl_impr_11920_hourly Value: 1\|1660850728.0
huffson-delivery.com/	1970-01-20 05:22:13	Name: pl_impr_11920_daily Value: 1\|1660933528.0
hghit.com/	1970-01-20 14:56:47	Name: _HGAU Value: edff578c-fb2d-4a00-83bd-9987cf812be6
hgbn.rocks/	1970-01-20 14:56:47	Name: _HGAU Value: edff578c-fb2d-4a00-83bd-9987cf812be6
hgbn.space/	1970-01-20 14:56:47	Name: _HGAU Value: edff578c-fb2d-4a00-83bd-9987cf812be6
hgbn.network/	1970-01-20 14:56:47	Name: _HGAU Value: edff578c-fb2d-4a00-83bd-9987cf812be6
hgbn1.com/	1970-01-20 14:56:47	Name: _HGAU Value: edff578c-fb2d-4a00-83bd-9987cf812be6
hg-bn.com/	1970-01-20 14:56:47	Name: _HGAU Value: edff578c-fb2d-4a00-83bd-9987cf812be6
www.bfflnk.com/	1970-01-20 05:25:06	Name: tid Value: i04612200c779fb22b01e00dca2e69
hgbnr.com/	1970-01-20 14:56:47	Name: _HGAU Value: edff578c-fb2d-4a00-83bd-9987cf812be6
huffson-derivery.com/	1970-01-20 14:56:47	Name: _HGAU Value: edff578c-fb2d-4a00-83bd-9987cf812be6
www.vivemoncasinovip1.com/	1970-01-20 05:22:09	Name: __cflb Value: 02DiuDi4Jiy6Skh6C81b3VVAsmm4VSpXnNbzB4RxMdU7W
.vivemoncasinovip1.com/	1969-12-31 23:59:59	Name: __cfruid Value: cd442d29ad66888ee6c01ccc564d0fb610ff9c11-1660847129
.vivemoncasinovip1.com/	1970-01-20 05:27:59	Name: sourceID Value: 903726
.vivemoncasinovip1.com/	1970-01-20 05:27:59	Name: systemID Value: 69
.vivemoncasinovip1.com/	1970-01-20 05:27:59	Name: hasOffers Value: a:5:{s:14:%22transaction_id%22%3Bs:30:%22i04612200c779fb22b01e00dca2e69%22%3Bs:3:%22aid%22%3Bs:0:%22%22%3Bs:7:%22sub_aid%22%3Bs:0:%22%22%3Bs:8:%22sub_aid2%22%3Bs:14:%2211920_54_154__%22%3Bs:7:%22offerId%22%3Bs:0:%22%22%3B}
.vivemoncasinovip1.com/	1970-01-20 05:27:59	Name: splitRun Value: a

www.vivemoncasinovip1.com Open in urlscan Pro 172.64.144.42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

19 Requests

84 %HTTPS

78 %IPv6

17 Domains

17 Subdomains

6 IPs

8 Countries

689 kBTransfer

776 kBSize

21 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

21 Cookies

Indicators

www.vivemoncasinovip1.com Open in urlscan Pro
172.64.144.42 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

84 %
HTTPS

78 %
IPv6

17
Domains

17
Subdomains

6
IPs

8
Countries

689 kB
Transfer

776 kB
Size

21
Cookies

19 HTTP transactions
0 data transactions