vik-game.moonactive.net Open in urlscan Pro
104.17.32.187 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://getcoinmaster.com/
Effective URL:
https://vik-game.moonactive.net/external/users/DEFAULT/invite
Submission: On October 23 via api (October 23rd 2024, 1:13:21 pm UTC) from US — Scanned from US

Summary HTTP 8 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 8 HTTP transactions. The main IP is 104.17.32.187, located in and belongs to CLOUDFLARENET, US. The main domain is vik-game.moonactive.net. The Cisco Umbrella rank of the primary domain is 68693.
TLS certificate: Issued by WE1 on October 10th 2024. Valid for: 3 months.

This is the only time vik-game.moonactive.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.226.34.125 13.226.34.125	16509 (AMAZON-02) (AMAZON-02)
3	104.17.32.187 104.17.32.187	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	18.238.55.61 18.238.55.61	16509 (AMAZON-02) (AMAZON-02)
8	3

1 13.226.34.125 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-125.ewr53.r.cloudfront.net

getcoinmaster.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.32.187 (None, )

ASN13335 (CLOUDFLARENET, US)

vik-game.moonactive.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.238.55.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-55-61.jfk52.r.cloudfront.net

static.moonactive.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	moonactive.net vik-game.moonactive.net — Cisco Umbrella Rank: 68693 static.moonactive.net — Cisco Umbrella Rank: 82173	174 KB
1	getcoinmaster.com 1 redirects getcoinmaster.com	273 B
0	facebook.com Failed www.facebook.com Failed
8	3

	Domain	Requested by
4	static.moonactive.net	vik-game.moonactive.net
3	vik-game.moonactive.net	vik-game.moonactive.net
1	getcoinmaster.com	1 redirects
0	www.facebook.com Failed	vik-game.moonactive.net
8	4

This site contains links to these domains. Also see Links.

Domain
play.google.com
itunes.apple.com

Subject Issuer	Validity	Valid
moonactive.net WE1	`2024-10-10` - `2025-01-09`	3 months	crt.sh
*.moonactive.net Amazon RSA 2048 M02	`2023-11-25` - `2024-12-22`	a year	crt.sh

This page contains 1 frames:

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fapps.facebook.com%2Fcoin-master%2F%3Fis_retargeting%3Dtrue%26af_sub1%3Dexpired%26c%3Dexpired%26pid%3Dshared_link%26f%3Dbetterinvites%26af_force_deeplink%3Dtrue
Frame ID: 200D129DA007EE9B4BC3E53C423951E0
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Coin Master - Friend Request

Page URL History Show full URLs

http://getcoinmaster.com/ HTTP 307
https://getcoinmaster.com/ HTTP 302
https://vik-game.moonactive.net/external/users/DEFAULT/invite Page URL

Page Statistics

8
Requests

88 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

174 kB
Transfer

173 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://play.google.com/store/apps/details?id=com.moonactive.coinmaster

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/id406889139

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://getcoinmaster.com/ HTTP 307
https://getcoinmaster.com/ HTTP 302
https://vik-game.moonactive.net/external/users/DEFAULT/invite Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://coinmaster.onelink.me/2792196939?pid=shared_link&c=expired&af_dp=coinmaster%3A%2F%2F&af_web_dp=https%3A%2F%2Fapps.facebook.com%2Fcoin-master%2F&af_sub1=expired&is_retargeting=true&af_force_deeplink=true&f=betterinvites HTTP 301
https://apps.facebook.com/coin-master/?is_retargeting=true&af_sub1=expired&c=expired&pid=shared_link&f=betterinvites&af_force_deeplink=true HTTP 302
https://apps.facebook.com/login/?next=https%3A%2F%2Fapps.facebook.com%2Fcoin-master%2F%3Fis_retargeting%3Dtrue%26af_sub1%3Dexpired%26c%3Dexpired%26pid%3Dshared_link%26f%3Dbetterinvites%26af_force_deeplink%3Dtrue HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fapps.facebook.com%2Fcoin-master%2F%3Fis_retargeting%3Dtrue%26af_sub1%3Dexpired%26c%3Dexpired%26pid%3Dshared_link%26f%3Dbetterinvites%26af_force_deeplink%3Dtrue

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request invite Show response vik-game.moonactive.net/external/users/DEFAULT/ Redirect Chain http://getcoinmaster.com/ https://getcoinmaster.com/ https://vik-game.moonactive.net/external/users/DEFAULT/invite	3 KB 2 KB	207ms 126ms	Document text/html	104.17.32.187 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vik-game.moonactive.net/external/users/DEFAULT/invite Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.32.187 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `d4d44d1153687c89a46bb97bf7a7397a3abc6558541f97860d8f55527bbc9269` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers access-control-allow-origin * cf-cache-status DYNAMIC cf-ray 8d71fbc5d9ed3476-DFW content-encoding gzip content-type text/html; charset=utf-8 date Wed, 23 Oct 2024 13:13:16 GMT server cloudflare vary Accept-Encoding via 1.1 93c5ff43d4b02798969c9009d5ab9db6.cloudfront.net (CloudFront) x-amz-cf-id ko8eJikYXwv61AZrYleb4AAo_llek-7qDLKOWM1U7i2yndoYfC4hfQ== x-amz-cf-pop DFW56-P7 x-cache Miss from cloudfront x-envoy-upstream-service-time 18 x-powered-by Express Redirect headers content-length 0 date Wed, 23 Oct 2024 13:13:16 GMT location https://vik-game.moonactive.net/external/users/DEFAULT/invite server CloudFront via 1.1 08e4533f506df09f2c978ceaed6e2310.cloudfront.net (CloudFront) x-amz-cf-id xQIM5RyfmQU7EG-SDJEFxgwbjpLMlNaePcDno0-e0tjQuff3djJszg== x-amz-cf-pop EWR53-C2 x-cache LambdaGeneratedResponse from cloudfront
GET H2	200	invite_image.png static.moonactive.net/open_graph/CoinMaster/Invite/	108 KB 108 KB	246ms 74ms	Image image/png	18.238.55.61 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.moonactive.net/open_graph/CoinMaster/Invite/invite_image.png Requested by Host: vik-game.moonactive.net URL: https://vik-game.moonactive.net/external/users/DEFAULT/invite Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.55.61 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-55-61.jfk52.r.cloudfront.net Software AmazonS3 / Resource Hash `fdb2124a40a86a89f191a4d5d1ae62f2670f1c1e92ebdc676e390dc9a37893bb` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://vik-game.moonactive.net/ Response headers x-amz-version-id Ccrq1Ve1FIsFe0UPpcrkub_Y5Pad.6id etag "baf15255414c4dcea605a998dbbd00eb" age 720 via 1.1 3f3479c6387cb9e42ecda1d46e66eddc.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 110172 x-amz-cf-id tDORWe6TmaWyhpHMkyEkP_jWi3Kr6AhtjCTzw1I_T_YaOwC4apHpWg== date Wed, 23 Oct 2024 13:03:05 GMT x-amz-meta-version-id FVKqXHzUHgMHqozMvK1qXWcr70ryUcpW content-type image/png last-modified Tue, 07 Nov 2017 18:06:42 GMT server AmazonS3 x-amz-cf-pop JFK52-P4
GET H2	200	google_play_logo.png static.moonactive.net/open_graph/CoinMaster/Invite/	8 KB 9 KB	247ms 76ms	Image image/png	18.238.55.61 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.moonactive.net/open_graph/CoinMaster/Invite/google_play_logo.png Requested by Host: vik-game.moonactive.net URL: https://vik-game.moonactive.net/external/users/DEFAULT/invite Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.55.61 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-55-61.jfk52.r.cloudfront.net Software AmazonS3 / Resource Hash `226d6797c29b44fa5079116f48fca161614ba46f5b5756bc01e5bab0d12e5bde` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://vik-game.moonactive.net/ Response headers x-amz-version-id RDy9V1T0MInC.iXRqn5vXP1tZ4JrDQKT etag "ad4f5e22cf77f65522ffecb7b91c735a" age 667 via 1.1 3f3479c6387cb9e42ecda1d46e66eddc.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 8394 x-amz-cf-id YfI_m9A0UbPCUfXP0XhTaj_rYCQJBRQzPsqA9axT6ooCAs31blRdYg== date Wed, 23 Oct 2024 13:12:28 GMT content-type image/png last-modified Tue, 07 Nov 2017 18:06:42 GMT server AmazonS3 x-amz-cf-pop JFK52-P4
GET H2	200	appstore_logo.png static.moonactive.net/open_graph/CoinMaster/Invite/	9 KB 9 KB	240ms 104ms	Image image/png	18.238.55.61 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.moonactive.net/open_graph/CoinMaster/Invite/appstore_logo.png Requested by Host: vik-game.moonactive.net URL: https://vik-game.moonactive.net/external/users/DEFAULT/invite Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.55.61 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-55-61.jfk52.r.cloudfront.net Software AmazonS3 / Resource Hash `1bf230280511f8f2211bc90ba1f1f5a7a2bcafcdd1c7fe397e275d7fde02fbc4` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://vik-game.moonactive.net/ Response headers x-amz-version-id He.TbvdQoHdvSkap90znp237CiFxuWpM etag "05a7f5eb9e81518c7cfa06b5d60e6652" age 676 via 1.1 3f3479c6387cb9e42ecda1d46e66eddc.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 8871 x-amz-cf-id -FEtCeEWCdTxrOMhzNVnYQYTgedjaMIFUvk1IhPaxmF9vpKpbTL_mA== date Wed, 23 Oct 2024 13:12:29 GMT content-type image/png last-modified Tue, 07 Nov 2017 18:06:41 GMT server AmazonS3 x-amz-cf-pop JFK52-P4
POST H2	200	opened Show response vik-game.moonactive.net/external/invite/	2 B 210 B	93ms 86ms	Fetch text/plain	104.17.32.187 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vik-game.moonactive.net/external/invite/opened Requested by Host: vik-game.moonactive.net URL: https://vik-game.moonactive.net/external/users/DEFAULT/invite Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.32.187 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type application/json Referer https://vik-game.moonactive.net/external/users/DEFAULT/invite Response headers server cloudflare cf-cache-status DYNAMIC x-envoy-upstream-service-time 6 via 1.1 777efc09a8ed2c67b43b8cf66d13fd7a.cloudfront.net (CloudFront) cf-ray 8d71fbc72b2b3476-DFW access-control-allow-origin * x-cache Miss from cloudfront content-length 2 x-amz-cf-id 95jm-8o5XiUFxrtygTuOM8jYcBpfs3ad1ZboibysyAN-JFpF6WYzNA== date Wed, 23 Oct 2024 13:13:16 GMT content-type text/plain; charset=utf-8 x-powered-by Express vary X-HTTP-Method-Override, Accept-Encoding x-amz-cf-pop DFW56-P7
GET H2	200	GROBOPRO_0.TTF static.moonactive.net/open_graph/CoinMaster/Invite/	45 KB 46 KB	492ms 90ms	Font application/x-font-ttf	18.238.55.61 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.moonactive.net/open_graph/CoinMaster/Invite/GROBOPRO_0.TTF Requested by Host: vik-game.moonactive.net URL: https://vik-game.moonactive.net/external/users/DEFAULT/invite Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.55.61 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-55-61.jfk52.r.cloudfront.net Software AmazonS3 / Resource Hash `71570293bf525bc08017a88151df518185b797892a0c0e8efd8f32bd06d1428f` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://vik-game.moonactive.net Referer https://vik-game.moonactive.net/ Response headers access-control-max-age 3000 x-amz-version-id DxQwG2Wd7rmG8GVe2Y0Ar9M9oYNX07CA etag "17ec48a01a75362acdfd28519ab6e70f" age 249 access-control-allow-methods GET x-cache Hit from cloudfront x-amz-cf-id vdTZZIflEoUTwsda9-hcq4TTuYzFgc8IgCdpGKAoPGXSaENc6VzpPA== date Wed, 23 Oct 2024 13:12:28 GMT content-type application/x-font-ttf last-modified Tue, 07 Nov 2017 18:06:42 GMT via 1.1 c079338af747d912717239089fea0484.cloudfront.net (CloudFront) accept-ranges bytes access-control-allow-origin * content-length 46548 x-amz-cf-pop JFK52-P4 server AmazonS3
GET H2	403	favicon.ico vik-game.moonactive.net/	14 B 107 B	40ms 40ms	Other application/json	104.17.32.187 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vik-game.moonactive.net/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.32.187 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7e6c9e9a89cdaf76d7d970f05a99b10b27d00e7bfc3e5250d6c4068747f41247` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://vik-game.moonactive.net/external/users/DEFAULT/invite Response headers cf-ray 8d71fbcabf433476-DFW content-length 14 date Wed, 23 Oct 2024 13:13:17 GMT content-type application/json vary Accept-Encoding server cloudflare
GET		/ www.facebook.com/login/ Redirect Chain https://coinmaster.onelink.me/2792196939?pid=shared_link&c=expired&af_dp=coinmaster%3A%2F%2F&af_web_dp=https%3A%2F%2Fapps.facebook.com%2Fcoin-master%2F&af_sub1=expired&is_retarg... https://apps.facebook.com/coin-master/?is_retargeting=true&af_sub1=expired&c=expired&pid=shared_link&f=betterinvites&af_force_deeplink=true https://apps.facebook.com/login/?next=https%3A%2F%2Fapps.facebook.com%2Fcoin-master%2F%3Fis_retargeting%3Dtrue%26af_sub1%3Dexpired%26c%3Dexpired%26pid%3Dshared_link%26f%3Dbetterinvites%26af_force_d... https://www.facebook.com/login/?next=https%3A%2F%2Fapps.facebook.com%2Fcoin-master%2F%3Fis_retargeting%3Dtrue%26af_sub1%3Dexpired%26c%3Dexpired%26pid%3Dshared_link%26f%3Dbetterinvites%26af_force_de...	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.facebook.com
URL: https://www.facebook.com/login/?next=https%3A%2F%2Fapps.facebook.com%2Fcoin-master%2F%3Fis_retargeting%3Dtrue%26af_sub1%3Dexpired%26c%3Dexpired%26pid%3Dshared_link%26f%3Dbetterinvites%26af_force_deeplink%3Dtrue

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| data

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.moonactive.net/	1970-01-21 00:28:10	Name: __cf_bm Value: olUz_1ApAyH.b4DTidfAjR9ibKfFFDKz9hRCcjcKnyc-1729689196-1.0.1.1-z0MXTEuyMzpLGNWhJ.TW5LC8AgQZrGBC.o4xb4ExY5qnnTrl4tVe8SipY2YODolZR2nL0tE4tTDwkFVO4SMsuw
			.moonactive.net/	1969-12-31 23:59:59	Name: _cfuvid Value: Mlj23CrJN4VAhVxxT.Ng6eI9X9SjOYGp0haOz8HKJjs-1729689196538-0.0.1.1-604800000

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://vik-game.moonactive.net/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

getcoinmaster.com
static.moonactive.net
vik-game.moonactive.net
www.facebook.com
www.facebook.com
104.17.32.187
13.226.34.125
18.238.55.61
1bf230280511f8f2211bc90ba1f1f5a7a2bcafcdd1c7fe397e275d7fde02fbc4
226d6797c29b44fa5079116f48fca161614ba46f5b5756bc01e5bab0d12e5bde
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
71570293bf525bc08017a88151df518185b797892a0c0e8efd8f32bd06d1428f
7e6c9e9a89cdaf76d7d970f05a99b10b27d00e7bfc3e5250d6c4068747f41247
d4d44d1153687c89a46bb97bf7a7397a3abc6558541f97860d8f55527bbc9269
fdb2124a40a86a89f191a4d5d1ae62f2670f1c1e92ebdc676e390dc9a37893bb

vik-game.moonactive.net Open in urlscan Pro 104.17.32.187 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

8 Requests

88 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

3 IPs

2 Countries

174 kBTransfer

173 kBSize

2 Cookies

2 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

2 Cookies

1 Console Messages

Indicators

vik-game.moonactive.net Open in urlscan Pro
104.17.32.187 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

88 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

174 kB
Transfer

173 kB
Size

2
Cookies

8 HTTP transactions
0 data transactions