thespeed.monster Open in urlscan Pro
188.114.96.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://wwm1515.leadgentrk1.com/
Effective URL:
https://thespeed.monster/index9.php?flow_id=109&cid=171322317710000TDETV414105763114V38&zone=6536622-1984015597-0&keyword...
Submission: On April 15 via api (April 15th 2024, 11:19:42 pm UTC) from US — Scanned from DE

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 4 countries across 8 domains to perform 9 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is thespeed.monster.
TLS certificate: Issued by GTS CA 1P5 on April 15th 2024. Valid for: 3 months.

This is the only time thespeed.monster was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	34.22.240.62 34.22.240.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	54.171.177.63 54.171.177.63	16509 (AMAZON-02) (AMAZON-02)
2 9	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
9	4

2 34.22.240.62 (Brussels, Belgium) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.240.22.34.bc.googleusercontent.com

wwm1515.leadgentrk1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
duct.infralead.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.97.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

offer-select.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
confidence-x.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.177.63 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-177-63.eu-west-1.compute.amazonaws.com

eastrk-dl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 188.114.96.3 (Amsterdam, Netherlands) 2 redirects

ASN13335 (CLOUDFLARENET, US)

adspredictiv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
thespeed.monster	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	thespeed.monster thespeed.monster	103 KB
3	adspredictiv.com 2 redirects adspredictiv.com	5 KB
1	confidence-x.com confidence-x.com — Cisco Umbrella Rank: 217927	879 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 771	29 KB
1	eastrk-dl.com 1 redirects eastrk-dl.com	3 KB
1	offer-select.com 1 redirects offer-select.com	880 B
1	infralead.net 1 redirects duct.infralead.net	572 B
1	leadgentrk1.com 1 redirects wwm1515.leadgentrk1.com	800 B
9	8

	Domain	Requested by
6	thespeed.monster	adspredictiv.com thespeed.monster
3	adspredictiv.com	2 redirects
1	confidence-x.com	thespeed.monster
1	code.jquery.com	thespeed.monster
1	eastrk-dl.com	1 redirects
1	offer-select.com	1 redirects
1	duct.infralead.net	1 redirects
1	wwm1515.leadgentrk1.com	1 redirects
9	8

This site contains no links.

Subject Issuer	Validity	Valid
adspredictiv.com GTS CA 1P5	`2024-02-28` - `2024-05-28`	3 months	crt.sh
thespeed.monster GTS CA 1P5	`2024-04-15` - `2024-07-14`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
confidence-x.com E1	`2024-03-08` - `2024-06-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://thespeed.monster/index9.php?flow_id=109&cid=171322317710000TDETV414105763114V38&zone=6536622-1984015597-0&keyword=YourFileIsReady&time=1713223177&lang=de&country=DE&campaign=380746020
Frame ID: 78B23A3D99CDA5BDD64DC55E2C909CC1
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FileToSend

Page URL History Show full URLs

https://wwm1515.leadgentrk1.com/ HTTP 302
https://duct.infralead.net/tools/SetRedirect/?pos=f_1&aff_code=&vl_ph_result=&imsi=&ld_first_name=&ld_l... HTTP 302
https://offer-select.com/5529cebd-836b-4cfb-80e5-c9670cd773ce?cookie=&externalid=;;;;;;;;;;;;;;&ld_fi... HTTP 302
https://eastrk-dl.com/?a=35429&o=142114&c=0&co=32526&mt=18&s1=&s2=wrqc6l9ejlda77k0jpde2v8g HTTP 302
https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=e8778a3069714db59cf7a0834f3b22702099a&su... Page URL
https://adspredictiv.com/jump/next.php?stamat=m%257CL-4iL6Y3aQdH8AH0dEdHP3xP.aa9%252C7H0PozvLiGV-YkDx... HTTP 302
https://adspredictiv.com/script/i.php?t=1&c=23763794&stamat=m%257C%252C%252CgjO2N2IitGU3BJ-GH0dEdHP3x... HTTP 302
https://thespeed.monster/index9.php?flow_id=109&cid=171322317710000TDETV414105763114V38&zone=6536622-... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

8
Subdomains

4
IPs

4
Countries

162 kB
Transfer

425 kB
Size

17
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://wwm1515.leadgentrk1.com/ HTTP 302
https://duct.infralead.net/tools/SetRedirect/?pos=f_1&aff_code=&vl_ph_result=&imsi=&ld_first_name=&ld_last_name=&ld_zip_code=&ld_email=&ld_gender=&ld_address_line1=&ld_phone_cell=&ld_age=&ld_dob=&aff_inc=&externalid=;;;;;;;;;;;;;; HTTP 302
https://offer-select.com/5529cebd-836b-4cfb-80e5-c9670cd773ce?cookie=&externalid=;;;;;;;;;;;;;;&ld_first_name=&ld_last_name=&ld_zip_code=&ld_email=&ld_gender=&ld_address_line1=&ld_phone_cell=&aff_source=&aff_subsource=&operator=NotMapped&mnc=&ld_dob=&aff_inc=&ld_region_code= HTTP 302
https://eastrk-dl.com/?a=35429&o=142114&c=0&co=32526&mt=18&s1=&s2=wrqc6l9ejlda77k0jpde2v8g HTTP 302
https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=e8778a3069714db59cf7a0834f3b22702099a&sub1=35429&sub2= Page URL
https://adspredictiv.com/jump/next.php?stamat=m%257CL-4iL6Y3aQdH8AH0dEdHP3xP.aa9%252C7H0PozvLiGV-YkDx825CHjXHsSctWIGDQyh13bePJRrNfLENJy4TGkHo3ZBtMGSH6fTUmfe9dR7hTHZK4ao6iycbYLz1YNiqWGPc-lFfGahZdij5PvgOox_6kNvwvz2t&cbpage=https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=e8778a3069714db59cf7a0834f3b22702099a&sub1=35429&sub2=&cbur=0.8584446769934213&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref= HTTP 302
https://adspredictiv.com/script/i.php?t=1&c=23763794&stamat=m%257C%252C%252CgjO2N2IitGU3BJ-GH0dEdHP3xP.e6e%252CCA04ZJ73ajPcuhv5TqFu77OADpeYRwVUFMErCwCuDO_cZJs6TpiVQCVqr5gbu8Q_RO3bPM6ZdFtSH_avfON1CWXRZ2w4l3b0y7jRn4kYOFrK0EJpYZwMo7Hujy5X3uP1t9uB0VM4DQQkpcSuA9b3zvz_GjdkiZ3lal40H1pdvjcDjLNkz92MYSDnro7ERJVAjGIeR6oJdkLUFOhBBLs6q4prrorLE8qx92CGC71Cl8XB7PghsHmmN4s5Q1ORm9QdqrRrvi7vIjg9V6wnqOFxuANqb-LQQSI3MTn8Rj5DflER08SnwI9IuDI-jBanfA11A-JpA0PCZn3BjSfjDtTHuXf-Ihr3F3Gie1O2g3_aLtkOrksAPYilXt90Y4_CBVm4gm2a94MjI8dIlD3d69qPrY10chnSjsnlWvCqVSzCxg61cnbea-ZrO2ZwpD_jJsMT6qNdqvj3a2TjTuERrGGocmWnXlVON5eXCCYEaslN1-2zR4rs85HsAxOGzhQ5n7JygaoBEMTgYISyt9dUZTQRWBNrYtvb6EFyF41Q_HYM3ykxst-36xPLdPO8N7Y1LkCxG8RxWSPTkd9c4_R_uSm9mTC-Un_Vm2ly_GBwrWiFGpwsmxmjciNw0nxl6VADZHAWiEJAETTd9YfuAoooOBJFlQ%252C%252C HTTP 302
https://thespeed.monster/index9.php?flow_id=109&cid=171322317710000TDETV414105763114V38&zone=6536622-1984015597-0&keyword=YourFileIsReady&time=1713223177&lang=de&country=DE&campaign=380746020 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://wwm1515.leadgentrk1.com/ HTTP 302
https://duct.infralead.net/tools/SetRedirect/?pos=f_1&aff_code=&vl_ph_result=&imsi=&ld_first_name=&ld_last_name=&ld_zip_code=&ld_email=&ld_gender=&ld_address_line1=&ld_phone_cell=&ld_age=&ld_dob=&aff_inc=&externalid=;;;;;;;;;;;;;; HTTP 302
https://offer-select.com/5529cebd-836b-4cfb-80e5-c9670cd773ce?cookie=&externalid=;;;;;;;;;;;;;;&ld_first_name=&ld_last_name=&ld_zip_code=&ld_email=&ld_gender=&ld_address_line1=&ld_phone_cell=&aff_source=&aff_subsource=&operator=NotMapped&mnc=&ld_dob=&aff_inc=&ld_region_code= HTTP 302
https://eastrk-dl.com/?a=35429&o=142114&c=0&co=32526&mt=18&s1=&s2=wrqc6l9ejlda77k0jpde2v8g HTTP 302
https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=e8778a3069714db59cf7a0834f3b22702099a&sub1=35429&sub2=

9 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	next.php adspredictiv.com/jump/ Redirect Chain https://wwm1515.leadgentrk1.com/ https://duct.infralead.net/tools/SetRedirect/?pos=f_1&aff_code=&vl_ph_result=&imsi=&ld_first_name=&ld_last_name=&ld_zip_code=&ld_email=&ld_gender=&ld_address_line1=&ld_phone_cell=&ld_age=&ld_dob=&a... https://offer-select.com/5529cebd-836b-4cfb-80e5-c9670cd773ce?cookie=&externalid=;;;;;;;;;;;;;;&ld_first_name=&ld_last_name=&ld_zip_code=&ld_email=&ld_gender=&ld_address_line1=&ld_phone_cell=&aff_s... https://eastrk-dl.com/?a=35429&o=142114&c=0&co=32526&mt=18&s1=&s2=wrqc6l9ejlda77k0jpde2v8g https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=e8778a3069714db59cf7a0834f3b22702099a&sub1=35429&sub2=	7 KB 3 KB	233ms 164ms	Document text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=e8778a3069714db59cf7a0834f3b22702099a&sub1=35429&sub2= Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers access-control-allow-headers Content-Type access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 874fa95788824d55-FRA content-encoding br content-type text/html; charset=utf-8 date Mon, 15 Apr 2024 23:19:37 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zKPlfaAxH5rNSCtSUOQz5N89nSYo7VQS2RaCCK4L4wWD1NW%2FPyo%2FyheXopyqUHEGc0XC9RlwD%2BAF4cdRgMS9r%2FwoKJPC%2B8Linx2cJfKokvlxAJTct8WQcdGNJ9%2Ft5OoWDeOx"}],"group":"cf-nel","max_age":604800} server cloudflare via 1.1 google Redirect headers access-control-allow-credentials true access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS access-control-allow-origin * content-language en-US content-type text/html;charset=ISO-8859-1 date Mon, 15 Apr 2024 23:19:36 GMT location https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=e8778a3069714db59cf7a0834f3b22702099a&sub1=35429&sub2= server nginx
GET H3	200	Primary Request index9.php Show response thespeed.monster/ Redirect Chain https://adspredictiv.com/jump/next.php?stamat=m%257CL-4iL6Y3aQdH8AH0dEdHP3xP.aa9%252C7H0PozvLiGV-YkDx825CHjXHsSctWIGDQyh13bePJRrNfLENJy4TGkHo3ZBtMGSH6fTUmfe9dR7hTHZK4ao6iycbYLz1YNiqWGPc-lFfGahZdij5... https://adspredictiv.com/script/i.php?t=1&c=23763794&stamat=m%257C%252C%252CgjO2N2IitGU3BJ-GH0dEdHP3xP.e6e%252CCA04ZJ73ajPcuhv5TqFu77OADpeYRwVUFMErCwCuDO_cZJs6TpiVQCVqr5gbu8Q_RO3bPM6ZdFtSH_avfON1CW... https://thespeed.monster/index9.php?flow_id=109&cid=171322317710000TDETV414105763114V38&zone=6536622-1984015597-0&keyword=YourFileIsReady&time=1713223177&lang=de&country=DE&campaign=380746020	4 KB 2 KB	398ms 269ms	Document text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://thespeed.monster/index9.php?flow_id=109&cid=171322317710000TDETV414105763114V38&zone=6536622-1984015597-0&keyword=YourFileIsReady&time=1713223177&lang=de&country=DE&campaign=380746020 Requested by Host: adspredictiv.com URL: https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=e8778a3069714db59cf7a0834f3b22702099a&sub1=35429&sub2= Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4b0bc1ae2c80a5c05c86524207759d627df0c66ed656315f05e878e06ba6772c` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=e8778a3069714db59cf7a0834f3b22702099a&sub1=35429&sub2= Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cache-control no-store cf-cache-status DYNAMIC cf-ray 874fa95c0eef3667-FRA content-encoding br content-type text/html; charset=UTF-8 date Mon, 15 Apr 2024 23:19:37 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rkGAn7PabH8Sb2Kft1pjtLkQnXj1vkSc7qbO8c%2BLlP7jtKMHNvhxDX%2BkVnL29MsqZHSwIvyFFIqKLsU3tL26siSyz5dDE6q3oFM8SJe3g%2Bp%2BdTnSFW0lLvBp5%2FsUuYmukT6M"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 874fa95a1a484d55-FRA content-type text/html; charset=utf-8 date Mon, 15 Apr 2024 23:19:37 GMT location https://thespeed.monster/index9.php?flow_id=109&cid=171322317710000TDETV414105763114V38&zone=6536622-1984015597-0&keyword=YourFileIsReady&time=1713223177&lang=de&country=DE&campaign=380746020 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Y8lDiFviQrS913eCSICpQuyQ8%2Fvn82Qqtsh2TmK0r5yKqJVqO1lfApeokbmHTis1mFmkMnk%2FPl1z3eFafyiqeqBHNBnMGgAmG2%2Fjnl4MFqQ2%2BaIhVNT%2F4eXYtAZnJRv2ipu"}],"group":"cf-nel","max_age":604800} server cloudflare via 1.1 google
GET H3	200	style.css thespeed.monster/	298 KB 94 KB	60ms 59ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://thespeed.monster/style.css Requested by Host: thespeed.monster URL: https://thespeed.monster/index9.php?flow_id=109&cid=171322317710000TDETV414105763114V38&zone=6536622-1984015597-0&keyword=YourFileIsReady&time=1713223177&lang=de&country=DE&campaign=380746020 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c2853217041f8165292180b5322313dda53bbf0b27f101d3f1723be67eb31504` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://thespeed.monster/index9.php?flow_id=109&cid=171322317710000TDETV414105763114V38&zone=6536622-1984015597-0&keyword=YourFileIsReady&time=1713223177&lang=de&country=DE&campaign=380746020 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 23:19:38 GMT content-encoding br cf-cache-status HIT last-modified Mon, 15 Apr 2024 15:49:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 23303 etag W/"661d4c90-4a68b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hHF8yleKzMLuYupZ6ZyCsmFqDd4O0ETD08ofHifSQopPRBLVFuiZJ9P9CGTj2jvnqasN8GEFHvLg3mPPfOPJjjFXTZtUY7SjKVrhbFNLPRSrm7CXamHhYmhJJhJwVUAPc1BG"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=43200 cf-ray 874fa95f38f73667-FRA alt-svc h3=":443"; ma=86400 expires Tue, 16 Apr 2024 04:51:15 GMT
GET H2	200	jquery-2.2.4.min.js Show response code.jquery.com/	84 KB 29 KB	83ms 22ms	Script application/javascript	151.101.130.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-2.2.4.min.js Requested by Host: thespeed.monster URL: https://thespeed.monster/index9.php?flow_id=109&cid=171322317710000TDETV414105763114V38&zone=6536622-1984015597-0&keyword=YourFileIsReady&time=1713223177&lang=de&country=DE&campaign=380746020 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash `05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://thespeed.monster/ Origin https://thespeed.monster Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 23:19:38 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 5964425 x-cache HIT, HIT content-length 29811 x-served-by cache-lga21935-LGA, cache-fra-etou8220092-FRA last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1713223178.173675,VS0,VE0 etag W/"28feccc0-14e4a" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 1, 98328
GET H3	200	gAySB.php Show response confidence-x.com/	395 B 879 B	138ms 103ms	Script text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://confidence-x.com/gAySB.php?key=rsm1xi81koodrjh8d94n&lp_type=pixel&flow_id=109&cid=171322317710000TDETV414105763114V38&zone=6536622-1984015597-0&keyword=YourFileIsReady&time=1713223177&lang=de&country=DE&campaign=380746020 Requested by Host: thespeed.monster URL: https://thespeed.monster/index9.php?flow_id=109&cid=171322317710000TDETV414105763114V38&zone=6536622-1984015597-0&keyword=YourFileIsReady&time=1713223177&lang=de&country=DE&campaign=380746020 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d6de55bd5a5bb837c1db80d4c401eb9cc739a2a6ec121434f57ec040d7aa0577` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://thespeed.monster/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 23:19:38 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bz4VZOcBGlJexOONemoQfXF34d9HCeKPeKmeX%2BVKEadp0ge3C0kUa%2F8Qj10gdWr%2FAerUIpCRJjo4HMBM9l5IjBEA6RA%2FSwhhkwQwEvmFq3zeGcfbwlIzKVQoRMm%2BYsP98lUE"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 874fa9603cde2bda-FRA alt-svc h3=":443"; ma=86400
GET H3	200	logo.png thespeed.monster/	4 KB 5 KB	29ms 29ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://thespeed.monster/logo.png Requested by Host: thespeed.monster URL: https://thespeed.monster/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c11463824a0a1c5d884a02afce53e45534dff9b3fc9ac920b7db131d65d2c09f` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://thespeed.monster/style.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 23:19:38 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 23172 alt-svc h3=":443"; ma=86400 content-length 4326 last-modified Mon, 15 Apr 2024 15:49:36 GMT server cloudflare etag "661d4c90-10e6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=isdnhSkvA1zYsWBw7zZ5nTMxRU%2BWmXe0hRuvWNCm5R1NPIdu2AUdX6f%2BaIDCYOotOzv7uS4g1hbmlyZ%2BZtYRNWTxpmmi94KeqznYtbLXsAX9koqPeOWKKxN35fSDpIwmFBXv"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 874fa96019b63667-FRA expires Wed, 15 May 2024 16:53:26 GMT
GET H3	200	file.svg thespeed.monster/	484 B 732 B	30ms 30ms	Image image/svg+xml	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://thespeed.monster/file.svg Requested by Host: thespeed.monster URL: https://thespeed.monster/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `26be916be05c78cdb2c3d3cacd2e614a6aa948c8ed0b853b01f9a44a08c369aa` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://thespeed.monster/style.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 23:19:38 GMT content-encoding br cf-cache-status HIT last-modified Mon, 15 Apr 2024 15:49:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1446 etag W/"661d4c90-1e4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0DotR2vNQMEgA9E9EeaM%2BGbyZPOsnXqhxYj1p%2BhP%2BlY%2BL9iOlSkCAGS3tGCp4uspQZVbRWO9kOPiIC7OVELoEXSOiHJkLDFNvLRkIjUvxROnp9fTCbsDcuZJVPat2A0I0Nbh"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 874fa96019b73667-FRA alt-svc h3=":443"; ma=86400
GET DATA	200 OK	truncated /	26 KB 26 KB		Font application/font-woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `990e08f97eb7795d9fbc2b363c808fe30229729c8cbdd82c117cfb85cd7cced3` Request headers Referer Origin https://thespeed.monster Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Content-Type application/font-woff2
GET H3	200	data.php thespeed.monster/	0 0	53ms 52ms	Fetch text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://thespeed.monster/data.php?filename=undefined&sourcename=6536622-1984015597-0&flow_id=109&click_id=9e850wfgh2thodz260 Requested by Host: thespeed.monster URL: https://thespeed.monster/index9.php?flow_id=109&cid=171322317710000TDETV414105763114V38&zone=6536622-1984015597-0&keyword=YourFileIsReady&time=1713223177&lang=de&country=DE&campaign=380746020 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://thespeed.monster/index9.php?flow_id=109&cid=171322317710000TDETV414105763114V38&zone=6536622-1984015597-0&keyword=YourFileIsReady&time=1713223177&lang=de&country=DE&campaign=380746020 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 23:19:38 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2qBJZEOjuJwdjYL4mgRU6coy6uDzbbYs%2FbTqXPzlvZLlLxJ12yWh%2Fq7egA6KgIU09egmT5MiHsJBcmSjSJG0ziMxrjroGPcHIA1pOdAQ7BnpbhhK44PnXHErxh1cmC3JB9x9"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 874fa960eac83667-FRA alt-svc h3=":443"; ma=86400
GET H3	200	favicon.png thespeed.monster/	1 KB 2 KB	31ms 31ms	Other image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://thespeed.monster/favicon.png Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9f934d35effdeb229720344a21eaddfef83a34329a0fd11d8313e0f6ecb8349b` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://thespeed.monster/index9.php?flow_id=109&cid=171322317710000TDETV414105763114V38&zone=6536622-1984015597-0&keyword=YourFileIsReady&time=1713223177&lang=de&country=DE&campaign=380746020 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 23:19:38 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 23176 alt-svc h3=":443"; ma=86400 content-length 1395 last-modified Mon, 15 Apr 2024 15:49:36 GMT server cloudflare etag "661d4c90-573" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WZR63juGwsnd7dmo1wmdOaT0O7JrOg%2F9hLb6Qx51%2BDUpk7SjwPPQvyrGZlEaE1sPauh18pJ9EwCarmQoZ0RTCmcbVWIBqTWIA6cCpz4rhzpM11UwExUDP9jPpG0nW0PWbuMq"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 874fa960eac93667-FRA expires Wed, 15 May 2024 16:53:22 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
duct.infralead.net/tools/SetRedirect	1970-01-20 19:53:46	Name: _frmld Value: 1
wwm1515.leadgentrk1.com/	1969-12-31 23:59:59	Name: hexa.sid Value: s%3AZfgamIjgMsdsTSl27uIIhTdPfBni7kF_.nz%2FVTMOn22%2FL%2FdEqWZeAPf3qlEF85W5KzMIaOW%2BZwhU
.offer-select.com/	1970-01-20 19:55:09	Name: 5529cebd-836b-4cfb-80e5-c9670cd773ce-v4 Value: iFWvXYcEM7YnKyoEEjxY6GIryRMpyA0f6PAdZNZcru4
.offer-select.com/	1970-01-21 04:39:19	Name: cc-v4 Value: 44vxlmNcJ3o6Mz25%2Bfbl98Q0YxxcSSGNfZyfKF%2BCW0T9kmUrnZB9ay9jpem%2BoZuooo5bGs2MtdFCxza4SSQrGPmMJB0sij3ZWREywj2LfIPP92iXLdMtTF0Wg726hnpzniKWduIZKo9oXke4m4AtqQ%3D%3D
.eastrk-dl.com/	1970-01-20 22:03:19	Name: gdm_uid_v1_1_001 Value: Ss49s9u+bPaWwgdajfu3ar7a+kbN1a1v8su5sKQNLwVyuIYvNI2iGcyqBTcQmUZr
.eastrk-dl.com/	1970-01-20 22:03:19	Name: gdm_suid_v2_1_001 Value: HPfHs3OFxkaNOwO68jCjbQ==
.eastrk-dl.com/	1970-01-20 22:03:19	Name: gdm_click_freq_v1_1_001 Value: OxGjV6XpcXangzh4Sty+jnDlTBrWXTc2le0aO3W5lsXT3XbPIR1ZT6zTQfRYTrTR
.eastrk-dl.com/	1970-01-20 22:03:19	Name: gdm_uid_v2_1_001 Value: Ss49s9u+bPaWwgdajfu3ar7a+kbN1a1v8su5sKQNLwVyuIYvNI2iGcyqBTcQmUZr
.eastrk-dl.com/	1970-01-20 22:03:19	Name: gdm_suid_v1_1_001 Value: HPfHs3OFxkaNOwO68jCjbQ==
.eastrk-dl.com/	1970-01-20 22:03:19	Name: gdm_click_adv_freq_v2_1_001 Value: WGP2hL1mCj4amHrx09xyl1yF7EMsEcTTtaOJtxZGypo/vXQ3CQLD5q/lvHYxBLz+
.eastrk-dl.com/	1970-01-20 22:03:19	Name: gdm_sid_v1_3_001 Value: MFhdipnl87f5RWCSMnAk/EElEa6aJD7sxGnEJ9f1ExSDCBJT52iSNQQUWv1HrYgXnic6ObbsopmUIF3e83MwtJiAAWreHNb+yiod2136rem0KgbB9DKoVPC6CV97OsmJPqTmcIH2BAMzK7/1WB+tKGBEptDviMYKRaK2rnjm6EiLFSJwuagiLMqHAtEun871fuzWoIW7prbekdcrmFUXfi0zlsaTBsZrcNjw5pBhxUB0BgrcbvjL6M/ZfRh12SVXyI59ln7VZPGxqqxQMbgVeFsgI1apvrpFQGF1mgqqUvuoTAjAujYrS3AK1mhow7mbUrYO7u8Urn196ptqx/68WIwC0C7rIFi/CWgQHc/+qMMhbvXNyPIkTdj2y4kWAyEi6k25pWtkgPQ4BDgvdukxLjq2IBlZJVgME2woixEwO4YiuLLDGvGCDA2eGve88IU2x0gApNMTsLwxepB/xLnDXBH/jOM3l88KUb25XBhD32fFHYR/54qVRfaMrVLCxvLXtJMbuFrDocwbPSX5SDQOJPgV1e9NMBHrrixf2RKw2578klkCs77Pcjf2Pd25jKkDO6+84AMYrgzJS21xR98gJhIlUXuJGmwXcJfxoCBiadpYOgVAb4j9zntW7c5wDpzfE3nbltHh9SiPY25dKtPHIie0/xkFwCUUOwtVnyWEaf5xPMeui+VjIXXW0lfa9V7wULX680vQyMpWHi6LxUnRJcyRe1jKjzu5A7PlLFdef8+LST/SsO0LPa53cQ1FM/eXW2JhfPE61c+434KZKgfAa0EaDjNLDp2J+r440/ucP4ncZL3vBUZNizWavMGVOrxLTyYut8RO5VzCHEwTJd3V5otWnGt/PZ6r3IBXLAi1l2vAB9FgJRd5yuarmlsSYLEZNa52dTLuu8X2EVfUhVaOJ7hf2BGi6WzoiacauqVGBmuTaRxCqa3RxskXNL9F++fFnLwp1OgKBhX5UQvhhYyYtHGG2RVnilI6aZG7PIgGyAIjM7K7r/0SHmTzcIsMtzbGmyfGIJszh0/whZm/8048rLvt2hcWALoTh9VoIm1xC/e+efSrPsS1o0CBS3TQPZQThWabkBNQGSsdlCKap4LT6sOdG5KJRBd+vNe8t2742xc=
.eastrk-dl.com/	1970-01-20 22:03:19	Name: gdm_click_adv_freq_v1_1_001 Value: WGP2hL1mCj4amHrx09xyl1yF7EMsEcTTtaOJtxZGypo/vXQ3CQLD5q/lvHYxBLz+
.eastrk-dl.com/	1970-01-20 22:03:19	Name: gdm_sid_v2_3_001 Value: MFhdipnl87f5RWCSMnAk/EElEa6aJD7sxGnEJ9f1ExSDCBJT52iSNQQUWv1HrYgXnic6ObbsopmUIF3e83MwtJiAAWreHNb+yiod2136rem0KgbB9DKoVPC6CV97OsmJPqTmcIH2BAMzK7/1WB+tKGBEptDviMYKRaK2rnjm6EiLFSJwuagiLMqHAtEun871fuzWoIW7prbekdcrmFUXfi0zlsaTBsZrcNjw5pBhxUB0BgrcbvjL6M/ZfRh12SVXyI59ln7VZPGxqqxQMbgVeFsgI1apvrpFQGF1mgqqUvuoTAjAujYrS3AK1mhow7mbUrYO7u8Urn196ptqx/68WIwC0C7rIFi/CWgQHc/+qMMhbvXNyPIkTdj2y4kWAyEi6k25pWtkgPQ4BDgvdukxLjq2IBlZJVgME2woixEwO4YiuLLDGvGCDA2eGve88IU2x0gApNMTsLwxepB/xLnDXBH/jOM3l88KUb25XBhD32fFHYR/54qVRfaMrVLCxvLXtJMbuFrDocwbPSX5SDQOJPgV1e9NMBHrrixf2RKw2578klkCs77Pcjf2Pd25jKkDO6+84AMYrgzJS21xR98gJhIlUXuJGmwXcJfxoCBiadpYOgVAb4j9zntW7c5wDpzfE3nbltHh9SiPY25dKtPHIie0/xkFwCUUOwtVnyWEaf5xPMeui+VjIXXW0lfa9V7wULX680vQyMpWHi6LxUnRJcyRe1jKjzu5A7PlLFdef8+LST/SsO0LPa53cQ1FM/eXW2JhfPE61c+434KZKgfAa0EaDjNLDp2J+r440/ucP4ncZL3vBUZNizWavMGVOrxLTyYut8RO5VzCHEwTJd3V5otWnGt/PZ6r3IBXLAi1l2vAB9FgJRd5yuarmlsSYLEZNa52dTLuu8X2EVfUhVaOJ7hf2BGi6WzoiacauqVGBmuTaRxCqa3RxskXNL9F++fFnLwp1OgKBhX5UQvhhYyYtHGG2RVnilI6aZG7PIgGyAIjM7K7r/0SHmTzcIsMtzbGmyfGIJszh0/whZm/8048rLvt2hcWALoTh9VoIm1xC/e+efSrPsS1o0CBS3TQPZQThWabkBNQGSsdlCKap4LT6sOdG5KJRBd+vNe8t2742xc=
.eastrk-dl.com/	1970-01-20 22:03:19	Name: gdm_click_freq_v2_1_001 Value: OxGjV6XpcXangzh4Sty+jnDlTBrWXTc2le0aO3W5lsXT3XbPIR1ZT6zTQfRYTrTR
confidence-x.com/	1970-01-20 19:55:09	Name: uclick Value: wfgh2thodz
confidence-x.com/	1970-01-20 19:55:09	Name: uclickhash Value: wfgh2thodz-wfgh2thodz-xswj-0-u3fe-ikvr-xr0-df018c
thespeed.monster/	1970-01-20 19:55:16	Name: uclick Value: wfgh2thodz

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://thespeed.monster/index9.php?flow_id=109&cid=171322317710000TDETV414105763114V38&zone=6536622-1984015597-0&keyword=YourFileIsReady&time=1713223177&lang=de&country=DE&campaign=380746020 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://thespeed.monster/index9.php?flow_id=109&cid=171322317710000TDETV414105763114V38&zone=6536622-1984015597-0&keyword=YourFileIsReady&time=1713223177&lang=de&country=DE&campaign=380746020 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adspredictiv.com
code.jquery.com
confidence-x.com
duct.infralead.net
eastrk-dl.com
offer-select.com
thespeed.monster
wwm1515.leadgentrk1.com
151.101.130.137
188.114.96.3
188.114.97.3
34.22.240.62
54.171.177.63
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
26be916be05c78cdb2c3d3cacd2e614a6aa948c8ed0b853b01f9a44a08c369aa
4b0bc1ae2c80a5c05c86524207759d627df0c66ed656315f05e878e06ba6772c
990e08f97eb7795d9fbc2b363c808fe30229729c8cbdd82c117cfb85cd7cced3
9f934d35effdeb229720344a21eaddfef83a34329a0fd11d8313e0f6ecb8349b
c11463824a0a1c5d884a02afce53e45534dff9b3fc9ac920b7db131d65d2c09f
c2853217041f8165292180b5322313dda53bbf0b27f101d3f1723be67eb31504
d6de55bd5a5bb837c1db80d4c401eb9cc739a2a6ec121434f57ec040d7aa0577

thespeed.monster Open in urlscan Pro 188.114.96.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

0 %IPv6

8 Domains

8 Subdomains

4 IPs

4 Countries

162 kBTransfer

425 kBSize

17 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

17 Cookies

2 Console Messages

Indicators

thespeed.monster Open in urlscan Pro
188.114.96.3 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

8
Subdomains

4
IPs

4
Countries

162 kB
Transfer

425 kB
Size

17
Cookies

9 HTTP transactions
1 data transactions