view.xpect2benefit.com

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 7 HTTP transactions. The main IP is 209.143.158.10, located in United States and belongs to ILAND, US. The main domain is view.xpect2benefit.com.

This is the only time view.xpect2benefit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2607:f1c0:100... 2607:f1c0:100f:f000::249	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
5	209.143.158.10 209.143.158.10	14127 (ILAND) (ILAND)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:271	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	3

1 2607:f1c0:100f:f000::249 (United States) 1 redirects

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)

unlockthegiftnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 209.143.158.10 (United States)

ASN14127 (ILAND, US)
PTR: mail.mailcollab.net

view.xpect2benefit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:271 (United States)

ASN13335 (CLOUDFLARENET, US)

images4.pricelesspossibilities.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	xpect2benefit.com view.xpect2benefit.com	20 KB
1	pricelesspossibilities.com images4.pricelesspossibilities.com	83 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 309	33 KB
1	unlockthegiftnow.com 1 redirects unlockthegiftnow.com	109 B
7	4

	Domain	Requested by
5	view.xpect2benefit.com	view.xpect2benefit.com
1	images4.pricelesspossibilities.com	view.xpect2benefit.com
1	ajax.googleapis.com	view.xpect2benefit.com
1	unlockthegiftnow.com	1 redirects
7	4

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://view.xpect2benefit.com/
Frame ID: 3169CCE815E151D758606D7761E1B8D1
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Xpect 2 Benefit

Page URL History Show full URLs

https://unlockthegiftnow.com/ HTTP 302
http://view.xpect2benefit.com/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

7
Requests

0 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

137 kB
Transfer

192 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://unlockthegiftnow.com/ HTTP 302
http://view.xpect2benefit.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
view.xpect2benefit.com/
Redirect Chain

https://unlockthegiftnow.com/
http://view.xpect2benefit.com/

5 KB
5 KB

897ms
486ms

Document
text/html

209.143.158.10
ILAND

General

Check archive.org

Show headers Download Go to

Full URL: http://view.xpect2benefit.com/
Protocol: HTTP/1.1
Server: 209.143.158.10 , United States, ASN14127 (ILAND, US),
Reverse DNS: mail.mailcollab.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 802a4d9dc163f92e86cce001cb963c777538574a5b56888ee0940169f333fd0c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Content-Length: 4830
Content-Type: text/html; Charset=utf-8
Date: Thu, 23 Mar 2023 21:08:48 GMT
Expires: Wed, 22 Mar 2023 21:08:48 GMT
Pragma: no-cache
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

Redirect headers

cache-control: no-cache
content-length: 0
content-type: text/html
date: Thu, 23 Mar 2023 21:08:47 GMT
location: http://view.xpect2benefit.com
server: Apache

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ 90 KB
33 KB 38ms
19ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: view.xpect2benefit.com
URL: http://view.xpect2benefit.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://view.xpect2benefit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Thu, 23 Mar 2023 10:36:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 37964
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 33018
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Vary: Accept-Encoding
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 22 Mar 2024 10:36:04 GMT

GET
H/1.1 200
OK bg_image.css
view.xpect2benefit.com/site/include/ 377 B
624 B 169ms
169ms Stylesheet
text/css 209.143.158.10
ILAND

General

Check archive.org

Show headers Download Go to

Full URL: http://view.xpect2benefit.com/site/include/bg_image.css
Requested by: Host: view.xpect2benefit.com
URL: http://view.xpect2benefit.com/
Protocol: HTTP/1.1
Server: 209.143.158.10 , United States, ASN14127 (ILAND, US),
Reverse DNS: mail.mailcollab.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b737811ae36bc0328892142edfa55032d4e5b2aa5cf37a006da0cf61705a2d5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://view.xpect2benefit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Thu, 23 Mar 2023 21:08:48 GMT
Last-Modified: Sun, 21 Mar 2021 10:06:24 GMT
Server: Microsoft-IIS/10.0
ETag: "30d8d9d9391ed71:0"
X-Powered-By: ASP.NET
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 377

GET
H/1.1 200
OK style1-i2g.css
view.xpect2benefit.com/imagesrte/d171879/css/ 3 KB
3 KB 170ms
169ms Stylesheet
text/css 209.143.158.10
ILAND

General

Check archive.org

Show headers Download Go to

Full URL: http://view.xpect2benefit.com/imagesrte/d171879/css/style1-i2g.css
Requested by: Host: view.xpect2benefit.com
URL: http://view.xpect2benefit.com/
Protocol: HTTP/1.1
Server: 209.143.158.10 , United States, ASN14127 (ILAND, US),
Reverse DNS: mail.mailcollab.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f94c36877cbaad37b6d7d86e86cf83d30366374ed7783e03a15b2a893fb60864

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://view.xpect2benefit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Thu, 23 Mar 2023 21:08:48 GMT
Last-Modified: Wed, 20 Nov 2013 03:44:00 GMT
Server: Microsoft-IIS/10.0
ETag: "08076bfa2e5ce1:0"
X-Powered-By: ASP.NET
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 2970

GET
H/1.1 200
OK back28.jpg
images4.pricelesspossibilities.com/PLS/BG/ 82 KB
83 KB 687ms
637ms Image
image/jpeg 2606:4700:20::681a:271
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images4.pricelesspossibilities.com/PLS/BG/back28.jpg
Requested by: Host: view.xpect2benefit.com
URL: http://view.xpect2benefit.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:271 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 60941d35dcb754a242b6a6fc793e95cf3ee3a79b4c895248170796f56a0ad8ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://view.xpect2benefit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Thu, 23 Mar 2023 21:08:49 GMT
CF-Cache-Status: MISS
Last-Modified: Mon, 02 Sep 2019 05:59:47 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "a762e79f5361d51:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iqm6uqYHhWla%2F4DthczoCBoDJRo3kZNIosjRXOTIqzfLLVGYIznUfZ4RlDo6N%2FDMRtRPLha2khxZE%2F2OlCjorpeA1Cyt4l0kIUOR6FeequKEoPMxYqIVUs0Kl4YMk8bNvAkdR8Syd%2B1opgqZd8KdYuMPFWOvZt5HhqXEwCMO2uQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7ac9a6db88552bdc-FRA
Content-Length: 84372

GET
H/1.1 200
OK orange_getinstantaccess.png
view.xpect2benefit.com/imagesrte/d171879/images/ 8 KB
8 KB 259ms
170ms Image
image/png 209.143.158.10
ILAND

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://view.xpect2benefit.com/imagesrte/d171879/images/orange_getinstantaccess.png
Requested by: Host: view.xpect2benefit.com
URL: http://view.xpect2benefit.com/
Protocol: HTTP/1.1
Server: 209.143.158.10 , United States, ASN14127 (ILAND, US),
Reverse DNS: mail.mailcollab.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d607958875c03a6b2f3eb06eafd178c57ddba8b6aedb7c92ea0b953d9b120840

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://view.xpect2benefit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Thu, 23 Mar 2023 21:08:48 GMT
Last-Modified: Sun, 17 Nov 2013 02:53:40 GMT
Server: Microsoft-IIS/10.0
ETag: "0d2293840e3ce1:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 7943

GET
H/1.1 200
OK colorbox.css
view.xpect2benefit.com/imagesrte/d171879/css/ 3 KB
3 KB 259ms
169ms Stylesheet
text/css 209.143.158.10
ILAND

General

Check archive.org

Show headers Download Go to

Full URL: http://view.xpect2benefit.com/imagesrte/d171879/css/colorbox.css
Requested by: Host: view.xpect2benefit.com
URL: http://view.xpect2benefit.com/
Protocol: HTTP/1.1
Server: 209.143.158.10 , United States, ASN14127 (ILAND, US),
Reverse DNS: mail.mailcollab.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e81796792b7aea7ceaceeee26cba6b0813a0966e0e10a3df7d6db2ce547c7dbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://view.xpect2benefit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Thu, 23 Mar 2023 21:08:48 GMT
Last-Modified: Wed, 04 Feb 2015 21:46:47 GMT
Server: Microsoft-IIS/10.0
ETag: "80bdfb12c440d01:0"
X-Powered-By: ASP.NET
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 3324

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| $ function| jQuery

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			view.xpect2benefit.com/	1970-01-20 19:18:10	Name: SITE Value: distributor%5FID=1000984
			view.xpect2benefit.com/	1969-12-31 23:59:59	Name: ASPSESSIONIDASDCQBQB Value: FFIKPPECICKJEBBBNKDOBPPM

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
images4.pricelesspossibilities.com
unlockthegiftnow.com
view.xpect2benefit.com
209.143.158.10
2606:4700:20::681a:271
2607:f1c0:100f:f000::249
2a00:1450:4001:811::200a
60941d35dcb754a242b6a6fc793e95cf3ee3a79b4c895248170796f56a0ad8ef
802a4d9dc163f92e86cce001cb963c777538574a5b56888ee0940169f333fd0c
b737811ae36bc0328892142edfa55032d4e5b2aa5cf37a006da0cf61705a2d5f
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
d607958875c03a6b2f3eb06eafd178c57ddba8b6aedb7c92ea0b953d9b120840
e81796792b7aea7ceaceeee26cba6b0813a0966e0e10a3df7d6db2ce547c7dbf
f94c36877cbaad37b6d7d86e86cf83d30366374ed7783e03a15b2a893fb60864

view.xpect2benefit.com Open in urlscan Pro 209.143.158.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

7 Requests

0 %HTTPS

75 %IPv6

4 Domains

4 Subdomains

3 IPs

2 Countries

137 kBTransfer

192 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

2 Cookies

Indicators

view.xpect2benefit.com Open in urlscan Pro
209.143.158.10 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

0 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

137 kB
Transfer

192 kB
Size

2
Cookies

7 HTTP transactions
0 data transactions