pppvorgk.pw Open in urlscan Pro
67.223.118.74 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://9.passfixx.com/click/dspsl/dM3pyibNzz/HEGL5kHiSWauuRTBR1TiMw?bip=ALgTdcKstCcuIEYG1865QxcCgveyBA-M8ipLa2B1g1ppBG...
Effective URL:
https://pppvorgk.pw/ap/todays-megaofferz-sale.live/index.html
Submission: On December 03 via manual (December 3rd 2023, 5:34:20 am UTC) from IN — Scanned from NL

Summary HTTP 6 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 6 HTTP transactions. The main IP is 67.223.118.74, located in United States and belongs to NAMECHEAP-NET, US. The main domain is pppvorgk.pw.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 17th 2023. Valid for: a year.

This is the only time pppvorgk.pw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	185.196.196.149 185.196.196.149	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
6	67.223.118.74 67.223.118.74	22612 (NAMECHEAP...) (NAMECHEAP-NET)
6	2

1 185.196.196.149 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

9.passfixx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 67.223.118.74 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium261-3.web-hosting.com

pppvorgk.pw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	pppvorgk.pw pppvorgk.pw	648 KB
1	passfixx.com 1 redirects 9.passfixx.com — Cisco Umbrella Rank: 131478	231 B
6	2

	Domain	Requested by
6	pppvorgk.pw	pppvorgk.pw
1	9.passfixx.com	1 redirects
6	2

This site contains no links.

Subject Issuer	Validity	Valid
pppvorgk.pw Sectigo RSA Domain Validation Secure Server CA	`2023-11-17` - `2024-11-17`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://pppvorgk.pw/ap/todays-megaofferz-sale.live/index.html
Frame ID: 022829686C484E86837562389488F0DA
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home

Page URL History Show full URLs

https://9.passfixx.com/click/dspsl/dM3pyibNzz/HEGL5kHiSWauuRTBR1TiMw?bip=ALgTdcKstCcuIEYG1865QxcCgv... HTTP 302
https://pppvorgk.pw/ap/todays-megaofferz-sale.live/index.html Page URL

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

648 kB
Transfer

733 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://9.passfixx.com/click/dspsl/dM3pyibNzz/HEGL5kHiSWauuRTBR1TiMw?bip=ALgTdcKstCcuIEYG1865QxcCgveyBA-M8ipLa2B1g1ppBGTEup2iUxa9Dl8ZBRBSIQazNa0YiDysx2ZnDNNwypWKuo9UtVh0E9VAc5xuWBF6KwQR4c_FkU3gLKlD322e0pfiexYJxDiCJQeg0s5Pi6_gA2oQnCdy8f-IOP7FtvHGefY0S8zXbVZC1eB0LmJxmXkyHle_f3EKLKuXnBA9hPdc1ICn715KABCi14Si9LJMOTFlM6yzCV040SkTTRXm2ujbeHViZRSRHytvBQ6ddOlP8GtQfGMhqb6ke_zU12INCS7hQOjJKRchyNZeemSlRdUhVZR1ZPbVcJCUIzGQT_8_aTRD7JPSZVEYg01O7LZzvJT1KMDNwcukwv4Ktm9H0p4SRjkYAIT_ik1HSq68qiZV8sWnX4zL-P-RTKCWUMp8eE61ErkTx-1RcOyCZn5ZYnOFd01pGNT9UKHpiHZkLMb7PH4pJqTYBNVF6lrgmxaQMldlFg7DN55ZhY2BXo4wn9ivbF1tBQcbtirCBtlenwEQG7tPcJmnSHldH2seoAR30A-rotCippPPYuAXymb623t_Ntm1t27KiBoOBOhS0RMx-OzBGr8FHBGQKthtzSAg-5_POaZNNDJd5kF2ltYTCtjqrHzU8t1elGqUhVPD8EAO-Hod0Kmpdfs5FWIsF9TQkAbHNJV96DA9nPA0WOv93lrI6KOp4LebDMAEVFNC5ToyLfv5Jdc3ZS9OEYl0fKJZOnCzIjyyqMXgUp_KScfZ-gS5i25J2sDKgE5fCrEb8O5HY1X_NDMVJ0xaKrXnnNholQtKZ7Y3mL4sOy7PXmPhVOI77sDVZj8SSKeBL2Hse4N3uCcvYPTlliDtQAYpXTff4t1MfNWtoqVlwcRyQmxkL-RrgfMyEAneaYY15qmGH7SCHLqGr1N6KgMGI9SuGx30FXS65sVX8h_u-RrJNNkSTNmsdj6ahV9roYmL8jkQVdV5MGTCRvAhBsZVAfoBYi7Dn1CRoewMEwq6ikpnAthqMTwbOCpwY9b2pz0xoLndPXwd8s3AvxLd1aCOCITOY9nbedhOKVoAC-3u7-A4JSvTL-RrgfMyEAneaYY15qmGH7SCHLqGr1N6KgMGI9SuGx2HFJchiKbq84qSReYGSZd9muIfZUOI2LlFBHfzyv9lXIFlA0ujCLEPQT_ozGdd_YXV8e-ZKGVsev0_5dISlNIvMTwbOCpwY9b2pz0xoLndPVQJzscp2qMBA4N8j7YIXyQ9V3v7p5C7qe7C6u1sY7T2L-RrgfMyEAneaYY15qmGH7SCHLqGr1N6KgMGI9SuGx0rHk7C2X9Q0reku2EDgat0U7iR3vj2gAmzRqSFvFjeK5fhF_9IjqNQwAkAAvy0Uow%3D HTTP 302
https://pppvorgk.pw/ap/todays-megaofferz-sale.live/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request index.html Show response pppvorgk.pw/ap/todays-megaofferz-sale.live/ Redirect Chain https://9.passfixx.com/click/dspsl/dM3pyibNzz/HEGL5kHiSWauuRTBR1TiMw?bip=ALgTdcKstCcuIEYG1865QxcCgveyBA-M8ipLa2B1g1ppBGTEup2iUxa9Dl8ZBRBSIQazNa0YiDysx2ZnDNNwypWKuo9UtVh0E9VAc5xuWBF6KwQR4c_FkU3gLKlD... https://pppvorgk.pw/ap/todays-megaofferz-sale.live/index.html	78 KB 45 KB	1148ms 575ms	Document text/html	67.223.118.74 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://pppvorgk.pw/ap/todays-megaofferz-sale.live/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.223.118.74 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium261-3.web-hosting.com Software LiteSpeed / Resource Hash `4dc954e9bcd6d23a9f6c3ddd52cdce61c565e330bfa5894dd704badf85892788` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ranges bytes content-encoding br content-length 45820 content-type text/html date Sun, 03 Dec 2023 05:34:14 GMT last-modified Sat, 02 Dec 2023 17:39:58 GMT server LiteSpeed vary Accept-Encoding x-turbo-charged-by LiteSpeed Redirect headers Connection keep-alive Content-Length 0 Content-Type text/plain; charset=utf-8 Date Sun, 03 Dec 2023 05:34:13 GMT Location https://pppvorgk.pw/ap/todays-megaofferz-sale.live/index.html Server nginx
GET H2	404	external.html pppvorgk.pw/ap/	0 0	374ms 372ms	Script text/html	67.223.118.74 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://pppvorgk.pw/ap/external.html?link=https://www.googletagmanager.com/gtag/js?id=UA-165127164-1 Requested by Host: pppvorgk.pw URL: https://pppvorgk.pw/ap/todays-megaofferz-sale.live/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.223.118.74 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium261-3.web-hosting.com Software LiteSpeed / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer https://pppvorgk.pw/ap/todays-megaofferz-sale.live/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers pragma no-cache date Sun, 03 Dec 2023 05:34:14 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 x-turbo-charged-by LiteSpeed server LiteSpeed content-length 1238 content-type text/html
GET H2	200	style.css pppvorgk.pw/ap/todays-megaofferz-sale.live/img/	2 KB 944 B	184ms 183ms	Stylesheet text/css	67.223.118.74 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://pppvorgk.pw/ap/todays-megaofferz-sale.live/img/style.css Requested by Host: pppvorgk.pw URL: https://pppvorgk.pw/ap/todays-megaofferz-sale.live/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.223.118.74 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium261-3.web-hosting.com Software LiteSpeed / Resource Hash `d145552298fc33d1aafd936f6ae6dcfed87e1d10aa82236924f690f36296af94` Request headers accept-language nl-NL,nl;q=0.9 Referer https://pppvorgk.pw/ap/todays-megaofferz-sale.live/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sun, 03 Dec 2023 05:34:14 GMT content-encoding gzip last-modified Fri, 20 Oct 2023 22:00:44 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 722 expires Sun, 10 Dec 2023 05:34:14 GMT
GET H2	200	1T.jpg pppvorgk.pw/ap/todays-megaofferz-sale.live/img/	351 KB 351 KB	185ms 185ms	Image image/jpeg	67.223.118.74 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://pppvorgk.pw/ap/todays-megaofferz-sale.live/img/1T.jpg Requested by Host: pppvorgk.pw URL: https://pppvorgk.pw/ap/todays-megaofferz-sale.live/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.223.118.74 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium261-3.web-hosting.com Software LiteSpeed / Resource Hash `fe1e81bb31d2379e4bc442aa9a1f575831c2d4dbcc9c87bd90cec05acd486e8d` Request headers accept-language nl-NL,nl;q=0.9 Referer https://pppvorgk.pw/ap/todays-megaofferz-sale.live/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sun, 03 Dec 2023 05:34:14 GMT last-modified Fri, 20 Oct 2023 22:00:44 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 359128 expires Sun, 10 Dec 2023 05:34:14 GMT
GET H2	200	1B.jpg pppvorgk.pw/ap/todays-megaofferz-sale.live/img/	137 KB 138 KB	355ms 355ms	Image image/jpeg	67.223.118.74 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://pppvorgk.pw/ap/todays-megaofferz-sale.live/img/1B.jpg Requested by Host: pppvorgk.pw URL: https://pppvorgk.pw/ap/todays-megaofferz-sale.live/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.223.118.74 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium261-3.web-hosting.com Software LiteSpeed / Resource Hash `36f839a1ee2c29e0786bd9b73db145bf95734fa165c052143cacc155fcd24218` Request headers accept-language nl-NL,nl;q=0.9 Referer https://pppvorgk.pw/ap/todays-megaofferz-sale.live/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sun, 03 Dec 2023 05:34:14 GMT last-modified Fri, 20 Oct 2023 22:00:44 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 140538 expires Sun, 10 Dec 2023 05:34:14 GMT
GET H2	200	1L.jpg pppvorgk.pw/ap/todays-megaofferz-sale.live/img/	113 KB 113 KB	679ms 679ms	Image image/jpeg	67.223.118.74 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://pppvorgk.pw/ap/todays-megaofferz-sale.live/img/1L.jpg Requested by Host: pppvorgk.pw URL: https://pppvorgk.pw/ap/todays-megaofferz-sale.live/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.223.118.74 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium261-3.web-hosting.com Software LiteSpeed / Resource Hash `a482a103341f54e1f1e584ebd939fac35c1649c0fd6ac57a72106f8362c4e57a` Request headers accept-language nl-NL,nl;q=0.9 Referer https://pppvorgk.pw/ap/todays-megaofferz-sale.live/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sun, 03 Dec 2023 05:34:14 GMT last-modified Fri, 20 Oct 2023 22:00:44 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 115920 expires Sun, 10 Dec 2023 05:34:14 GMT
GET DATA	200 OK	truncated /	49 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `f4eb4e1cd55dab37e015035ef964729f20aece9e953cca1c48a7454fe54baf5d` Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `d195b2bdfffd3e66d1b80920a94ebad44b309472388034cb7e374c0c82fde23b` Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type image/png

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| gtag object| dataLayer

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pppvorgk.pw/ap/external.html?link=https://www.googletagmanager.com/gtag/js?id=UA-165127164-1 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9.passfixx.com
pppvorgk.pw
185.196.196.149
67.223.118.74
36f839a1ee2c29e0786bd9b73db145bf95734fa165c052143cacc155fcd24218
4dc954e9bcd6d23a9f6c3ddd52cdce61c565e330bfa5894dd704badf85892788
a482a103341f54e1f1e584ebd939fac35c1649c0fd6ac57a72106f8362c4e57a
d145552298fc33d1aafd936f6ae6dcfed87e1d10aa82236924f690f36296af94
d195b2bdfffd3e66d1b80920a94ebad44b309472388034cb7e374c0c82fde23b
f4eb4e1cd55dab37e015035ef964729f20aece9e953cca1c48a7454fe54baf5d
fe1e81bb31d2379e4bc442aa9a1f575831c2d4dbcc9c87bd90cec05acd486e8d

pppvorgk.pw Open in urlscan Pro 67.223.118.74 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

6 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

648 kBTransfer

733 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

pppvorgk.pw Open in urlscan Pro
67.223.118.74 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

648 kB
Transfer

733 kB
Size

0
Cookies

6 HTTP transactions
2 data transactions