urlscan.io logo urlscan.io
SecurityTrails logo

y1unncc.knowpacenine.live Open in urlscan Pro
185.155.184.55  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://jili-games-login.siamgo.com/
Effective URL: https://y1unncc.knowpacenine.live/bqecjyqf/?u=ccnnu1y&o=kaa85y6&cid=lxio0s3cqqsqmlaiwckq4iwlmf&f=1&sid=t3~1hsuvgqvyarhselwweu2j101...
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On June 17 via api from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 8 domains to perform 11 HTTP transactions. The main IP is 185.155.184.55, located in Switzerland and belongs to AS-6898 C41.CH SAGL - LUGANO Data Center, CH. The main domain is y1unncc.knowpacenine.live.
TLS certificate: Issued by E6 on June 17th 2024. Valid for: 3 months.
This is the only time y1unncc.knowpacenine.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 5 91.195.240.122 47846 (SEDO-AS)
1 205.234.175.175 23352 (SERVERCEN...)
3 4 173.239.53.32 27257 (WEBAIR-IN...)
2 35.169.236.194 14618 (AMAZON-AES)
1 1 76.223.68.153 16509 (AMAZON-02)
2 185.155.184.32 6898 (AS-6898 C...)
2 185.155.184.55 6898 (AS-6898 C...)
11 7
5    91.195.240.122 (Germany)

ASN47846 (SEDO-AS, DE)
jili-games-login.siamgo.com
1    205.234.175.175 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net
img.sedoparking.com
4    173.239.53.32 (New York, United States)

ASN27257 (WEBAIR-INTERNET, US)
xml.sedodna.com
filter.sedodna.com
xml-v4.mpds-smart2.online
2    35.169.236.194 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-236-194.compute-1.amazonaws.com
iovia-pmj.com
1    76.223.68.153 (United States)

ASN16509 (AMAZON-02, US)
PTR: ae71b9a1f5097bbce.awsglobalaccelerator.com
lure24.teammkt.com
2    185.155.184.32 (Switzerland)

ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH)
bestexpertbonus.life
2    185.155.184.55 (Switzerland)

ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH)
y1unncc.knowpacenine.live
Apex Domain
Subdomains		 Transfer
5 siamgo.com
jili-games-login.siamgo.com
2 KB
3 sedodna.com
xml.sedodna.com — Cisco Umbrella Rank: 425615
filter.sedodna.com
14 KB
2 knowpacenine.live
y1unncc.knowpacenine.live
307 B
2 bestexpertbonus.life
bestexpertbonus.life
61 KB
2 iovia-pmj.com
iovia-pmj.com — Cisco Umbrella Rank: 313241
4 KB
1 teammkt.com
lure24.teammkt.com
775 B
1 mpds-smart2.online
xml-v4.mpds-smart2.online — Cisco Umbrella Rank: 147397
564 B
1 sedoparking.com
img.sedoparking.com — Cisco Umbrella Rank: 65990
15 KB
11 8
Domain Requested by
5 jili-games-login.siamgo.com 2 redirects jili-games-login.siamgo.com
2 y1unncc.knowpacenine.live bestexpertbonus.life
2 bestexpertbonus.life iovia-pmj.com
2 iovia-pmj.com iovia-pmj.com
2 xml.sedodna.com 2 redirects
1 lure24.teammkt.com 1 redirects
1 xml-v4.mpds-smart2.online 1 redirects
1 filter.sedodna.com jili-games-login.siamgo.com
1 img.sedoparking.com
11 9

This site contains no links.

Subject Issuer Validity Valid
jili-games-login.siamgo.com
Encryption Everywhere DV TLS CA - G2		 2024-06-17 -
2025-06-16		 a year crt.sh
*.cachefly.net
GlobalSign RSA OV SSL CA 2018		 2023-11-13 -
2024-12-14		 a year crt.sh
*.sedodna.com
GlobalSign GCC R6 AlphaSSL CA 2023		 2024-03-27 -
2025-04-28		 a year crt.sh
iovia-pmj.com
Amazon RSA 2048 M02		 2024-05-31 -
2025-06-29		 a year crt.sh
bestexpertbonus.life
R11		 2024-06-16 -
2024-09-14		 3 months crt.sh
knowpacenine.live
E6		 2024-06-17 -
2024-09-15		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://y1unncc.knowpacenine.live/bqecjyqf/?u=ccnnu1y&o=kaa85y6&cid=lxio0s3cqqsqmlaiwckq4iwlmf&f=1&sid=t3~1hsuvgqvyarhselwweu2j101&fp=SqI%2BI85MDeHL5A0Z39ZUaw%3D%3D
Frame ID: 1B051E9B2C347C1A27F435D8FF3C4DF9
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://jili-games-login.siamgo.com/ HTTP 307
    https://jili-games-login.siamgo.com/ Page URL
  2. https://jili-games-login.siamgo.com/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DcTqsDyBy42... HTTP 302
    https://jili-games-login.siamgo.com/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DcTqsDyBy42... HTTP 302
    https://xml.sedodna.com/click?i=cTqsDyBy42o_0 HTTP 302
    https://filter.sedodna.com/filter?q=siamgo&i=cTqsDyBy42o_0&ci=-6522433627439061500&t=353034666 Page URL
  3. https://xml.sedodna.com/click2?i=cTqsDyBy42o_0&ci=-6522433627439061500&j=rv%3Db%26ss%3D1600x1200%26w... HTTP 302
    https://iovia-pmj.com/zclkvisitor/cb6f2382-2c7c-11ef-bccd-125918c042ad/8d5a31e0-4096-11e7-ab4f-0a8... Page URL
  4. https://iovia-pmj.com/zclkredirect?visitid=cb6f2382-2c7c-11ef-bccd-125918c042ad&type=js&browserWid... Page URL
  5. http://xml-v4.mpds-smart2.online/click?seat=2898311&i=RobmR4ghE0o_0 HTTP 307
    https://xml-v4.mpds-smart2.online/click?seat=2898311&i=RobmR4ghE0o_0 HTTP 302
    https://lure24.teammkt.com/visit/bb2fbca3-82e4-4cf6-91ea-9ca4cad193d5?cost=0.002&src_clid=SiZyaQBG0NA&s... HTTP 302
    https://bestexpertbonus.life/?u=ccnnu1y&o=kaa85y6&cid=lxio0s3cqqsqmlaiwckq4iwlmf Page URL
  6. https://y1unncc.knowpacenine.live/bqecjyqf/?u=ccnnu1y&o=kaa85y6&cid=lxio0s3cqqsqmlaiwckq4iwlmf&f=1&sid=t3~1hsu... Page URL

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

7
IPs

3
Countries

95 kB
Transfer

93 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://jili-games-login.siamgo.com/ HTTP 307
    https://jili-games-login.siamgo.com/ Page URL
  2. https://jili-games-login.siamgo.com/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DcTqsDyBy42o_0&v=OTI4MDY5MTU4YjgyZjI2MzhiMWI0ZjE1ZDAwN2Y4MmEJMQlqaWxpLWdhbWVzLWxvZ2luLnNpYW1nby5jb202NjZmZTg0ZDBhYjBjNy44OTI3MjEyOAlqaWxpLWdhbWVzLWxvZ2luLnNpYW1nby5jb202NjZmZTg0ZDBhYjVlNC43NzMyNjUyNAkxNzE4NjA5OTk3CWFkXzYzXzA%3D&l=OAkyNGQ0ZmNjNTdmYTk2NzE1NDU4ZDEzMTNhYzgxZWFlNAkwCTI3CTAJMjhiN2MzMmE5NTk3NGZkYjUwYTM3YWNjZGZkZTNlZGYJNTg3NDgxMjY1CXNpYW1nbwkwCTYzCTExCTIxCTE3MTg2MDk5OTcJMC4wMDA5NTcJTgkyNTUJMQkwCTEyMDUJNDEwMTU2ODYJMTg1LjE5OC42Mi4xNTUJMQ%253D%253D HTTP 302
    https://jili-games-login.siamgo.com/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DcTqsDyBy42o_0&v=OTI4MDY5MTU4YjgyZjI2MzhiMWI0ZjE1ZDAwN2Y4MmEJMQlqaWxpLWdhbWVzLWxvZ2luLnNpYW1nby5jb202NjZmZTg0ZDBhYjBjNy44OTI3MjEyOAlqaWxpLWdhbWVzLWxvZ2luLnNpYW1nby5jb202NjZmZTg0ZDBhYjVlNC43NzMyNjUyNAkxNzE4NjA5OTk3CWFkXzYzXzA%3D&l=OAkyNGQ0ZmNjNTdmYTk2NzE1NDU4ZDEzMTNhYzgxZWFlNAkwCTI3CTAJMjhiN2MzMmE5NTk3NGZkYjUwYTM3YWNjZGZkZTNlZGYJNTg3NDgxMjY1CXNpYW1nbwkwCTYzCTExCTIxCTE3MTg2MDk5OTcJMC4wMDA5NTcJTgkyNTUJMQkwCTEyMDUJNDEwMTU2ODYJMTg1LjE5OC42Mi4xNTUJMQ%253D%253D HTTP 302
    https://xml.sedodna.com/click?i=cTqsDyBy42o_0 HTTP 302
    https://filter.sedodna.com/filter?q=siamgo&i=cTqsDyBy42o_0&ci=-6522433627439061500&t=353034666 Page URL
  3. https://xml.sedodna.com/click2?i=cTqsDyBy42o_0&ci=-6522433627439061500&j=rv%3Db%26ss%3D1600x1200%26ws%3D1600x1200%26wp%3D50x50%26ce%3D1%26ck%3Djc%26cv%3D7826%26cs%3D1%26fr%3D0%26hc%3D0%26fl%3Dnull%26jv%3Dnull%26sc%3D24%26hr%3D3%26rf%3Djili-games-login.siamgo.com%26lo%3Dfilter.sedodna.com%26mb%3D0%26hb%3D1%26pl%3DWin32%26ua%3DMozilla%252F5.0%2B%28Windows%2BNT%2B10.0%253B%2BWin64%253B%2Bx64%29%2BAppleWebKit%252F537.36%2B%28KHTML%252C%2Blike%2BGecko%29%2BChrome%252F126.0.0.0%2BSafari%252F537.36%26nd%3D0%26to%3Dnull%26wbd%3D1%26wbde%3D0%26sqm%3D0%26phj%3D0%26nmj%3D0%26sln%3D0%26es%3D0%26ln%3Den-US%252Cen%26lnl%3D2%26hsc%3D1%26frc%3D1%26dbt%3D1%26prb%3D20030107%26tz%3D-120%26hid%3D0%26mq%3D1%26my%3D8%26geo%3D1%26thx%3D0%26the%3D0%26ths%3D0%26cpc%3D%26ocp%3D%26hwc%3D12%26hrl%3D%26acd%3Dpppmp%26vcd%3Dnpp%26pal%3D5%26pai%3D1%26pli%3D1%26win%3D1600x1200%26wout%3D1600x1285%26wpof%3D0x0%26bcld%3D1584x18%26scrp%3D50x50%26scrad%3D1600x1200%26spd%3D24%26pxr%3D1%26sck%3D1%26ckl%3D51%26sls%3D1%26sss%3D1%26six%3D1%26sdb%3D0%26vvr%3DIntel%2BInc.%26vrd%3DIntel%2BIris%2BOpenGL%2BEngine%26pnt%3Dprompt%26bch%3D1%26blv%3D1%26cnvs%3D80808080%26mmd_ao%3D3%26mmd_ai%3D3%26mmd_vi%3D1 HTTP 302
    https://iovia-pmj.com/zclkvisitor/cb6f2382-2c7c-11ef-bccd-125918c042ad/8d5a31e0-4096-11e7-ab4f-0a85d6ab2dfa?campaignid=cb74a1c1-2c7c-11ef-bccd-125918c042ad Page URL
  4. https://iovia-pmj.com/zclkredirect?visitid=cb6f2382-2c7c-11ef-bccd-125918c042ad&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B02%3A00&timezoneName=Europe%2FRome Page URL
  5. http://xml-v4.mpds-smart2.online/click?seat=2898311&i=RobmR4ghE0o_0 HTTP 307
    https://xml-v4.mpds-smart2.online/click?seat=2898311&i=RobmR4ghE0o_0 HTTP 302
    https://lure24.teammkt.com/visit/bb2fbca3-82e4-4cf6-91ea-9ca4cad193d5?cost=0.002&src_clid=SiZyaQBG0NA&source_subid=13879731922&campaign=1361249&search_referrer_domain=filter.sedodna.com&pubfeed=397304&query=siamgo&carrier=Global+Router&state=25&banner=6411065&ip=185.198.62.155&keyword=* HTTP 302
    https://bestexpertbonus.life/?u=ccnnu1y&o=kaa85y6&cid=lxio0s3cqqsqmlaiwckq4iwlmf Page URL
  6. https://y1unncc.knowpacenine.live/bqecjyqf/?u=ccnnu1y&o=kaa85y6&cid=lxio0s3cqqsqmlaiwckq4iwlmf&f=1&sid=t3~1hsuvgqvyarhselwweu2j101&fp=SqI%2BI85MDeHL5A0Z39ZUaw%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://jili-games-login.siamgo.com/ HTTP 307
  • https://jili-games-login.siamgo.com/
Request Chain 4
  • https://jili-games-login.siamgo.com/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DcTqsDyBy42o_0&v=OTI4MDY5MTU4YjgyZjI2MzhiMWI0ZjE1ZDAwN2Y4MmEJMQlqaWxpLWdhbWVzLWxvZ2luLnNpYW1nby5jb202NjZmZTg0ZDBhYjBjNy44OTI3MjEyOAlqaWxpLWdhbWVzLWxvZ2luLnNpYW1nby5jb202NjZmZTg0ZDBhYjVlNC43NzMyNjUyNAkxNzE4NjA5OTk3CWFkXzYzXzA%3D&l=OAkyNGQ0ZmNjNTdmYTk2NzE1NDU4ZDEzMTNhYzgxZWFlNAkwCTI3CTAJMjhiN2MzMmE5NTk3NGZkYjUwYTM3YWNjZGZkZTNlZGYJNTg3NDgxMjY1CXNpYW1nbwkwCTYzCTExCTIxCTE3MTg2MDk5OTcJMC4wMDA5NTcJTgkyNTUJMQkwCTEyMDUJNDEwMTU2ODYJMTg1LjE5OC42Mi4xNTUJMQ%253D%253D HTTP 302
  • https://jili-games-login.siamgo.com/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DcTqsDyBy42o_0&v=OTI4MDY5MTU4YjgyZjI2MzhiMWI0ZjE1ZDAwN2Y4MmEJMQlqaWxpLWdhbWVzLWxvZ2luLnNpYW1nby5jb202NjZmZTg0ZDBhYjBjNy44OTI3MjEyOAlqaWxpLWdhbWVzLWxvZ2luLnNpYW1nby5jb202NjZmZTg0ZDBhYjVlNC43NzMyNjUyNAkxNzE4NjA5OTk3CWFkXzYzXzA%3D&l=OAkyNGQ0ZmNjNTdmYTk2NzE1NDU4ZDEzMTNhYzgxZWFlNAkwCTI3CTAJMjhiN2MzMmE5NTk3NGZkYjUwYTM3YWNjZGZkZTNlZGYJNTg3NDgxMjY1CXNpYW1nbwkwCTYzCTExCTIxCTE3MTg2MDk5OTcJMC4wMDA5NTcJTgkyNTUJMQkwCTEyMDUJNDEwMTU2ODYJMTg1LjE5OC42Mi4xNTUJMQ%253D%253D HTTP 302
  • https://xml.sedodna.com/click?i=cTqsDyBy42o_0 HTTP 302
  • https://filter.sedodna.com/filter?q=siamgo&i=cTqsDyBy42o_0&ci=-6522433627439061500&t=353034666
Request Chain 6
  • https://xml.sedodna.com/click2?i=cTqsDyBy42o_0&ci=-6522433627439061500&j=rv%3Db%26ss%3D1600x1200%26ws%3D1600x1200%26wp%3D50x50%26ce%3D1%26ck%3Djc%26cv%3D7826%26cs%3D1%26fr%3D0%26hc%3D0%26fl%3Dnull%26jv%3Dnull%26sc%3D24%26hr%3D3%26rf%3Djili-games-login.siamgo.com%26lo%3Dfilter.sedodna.com%26mb%3D0%26hb%3D1%26pl%3DWin32%26ua%3DMozilla%252F5.0%2B%28Windows%2BNT%2B10.0%253B%2BWin64%253B%2Bx64%29%2BAppleWebKit%252F537.36%2B%28KHTML%252C%2Blike%2BGecko%29%2BChrome%252F126.0.0.0%2BSafari%252F537.36%26nd%3D0%26to%3Dnull%26wbd%3D1%26wbde%3D0%26sqm%3D0%26phj%3D0%26nmj%3D0%26sln%3D0%26es%3D0%26ln%3Den-US%252Cen%26lnl%3D2%26hsc%3D1%26frc%3D1%26dbt%3D1%26prb%3D20030107%26tz%3D-120%26hid%3D0%26mq%3D1%26my%3D8%26geo%3D1%26thx%3D0%26the%3D0%26ths%3D0%26cpc%3D%26ocp%3D%26hwc%3D12%26hrl%3D%26acd%3Dpppmp%26vcd%3Dnpp%26pal%3D5%26pai%3D1%26pli%3D1%26win%3D1600x1200%26wout%3D1600x1285%26wpof%3D0x0%26bcld%3D1584x18%26scrp%3D50x50%26scrad%3D1600x1200%26spd%3D24%26pxr%3D1%26sck%3D1%26ckl%3D51%26sls%3D1%26sss%3D1%26six%3D1%26sdb%3D0%26vvr%3DIntel%2BInc.%26vrd%3DIntel%2BIris%2BOpenGL%2BEngine%26pnt%3Dprompt%26bch%3D1%26blv%3D1%26cnvs%3D80808080%26mmd_ao%3D3%26mmd_ai%3D3%26mmd_vi%3D1 HTTP 302
  • https://iovia-pmj.com/zclkvisitor/cb6f2382-2c7c-11ef-bccd-125918c042ad/8d5a31e0-4096-11e7-ab4f-0a85d6ab2dfa?campaignid=cb74a1c1-2c7c-11ef-bccd-125918c042ad
Request Chain 8
  • http://xml-v4.mpds-smart2.online/click?seat=2898311&i=RobmR4ghE0o_0 HTTP 307
  • https://xml-v4.mpds-smart2.online/click?seat=2898311&i=RobmR4ghE0o_0 HTTP 302
  • https://lure24.teammkt.com/visit/bb2fbca3-82e4-4cf6-91ea-9ca4cad193d5?cost=0.002&src_clid=SiZyaQBG0NA&source_subid=13879731922&campaign=1361249&search_referrer_domain=filter.sedodna.com&pubfeed=397304&query=siamgo&carrier=Global+Router&state=25&banner=6411065&ip=185.198.62.155&keyword=* HTTP 302
  • https://bestexpertbonus.life/?u=ccnnu1y&o=kaa85y6&cid=lxio0s3cqqsqmlaiwckq4iwlmf

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
jili-games-login.siamgo.com/
Redirect Chain
  • http://jili-games-login.siamgo.com/
  • https://jili-games-login.siamgo.com/
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jili-games-login.siamgo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.195.240.122 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software
Parking/1.0 /
Resource Hash
1e8b82c98de62a2780ef5ee854dbdbfb60a8f506a7faa1263fcae8fbfa879413

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 17 Jun 2024 07:39:57 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Mon, 17 Jun 2024 07:39:57 GMT
pragma
no-cache
server
Parking/1.0
vary
Accept-Encoding
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_hN8Z1TanaRs3N62MnDsXQEjcAz7kSWbAVN8fCF4qs1++HMAevPLeiudhbqEy7Va4FZU+gyh74OP74KKkLs/dPQ==
x-cache-miss-from
parking-6887b75b49-2dgds

Redirect headers

Location
https://jili-games-login.siamgo.com/
Non-Authoritative-Reason
HttpsUpgrades
js_preloader.gif
jili-games-login.siamgo.com/img.sedoparking.com/images/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jili-games-login.siamgo.com/img.sedoparking.com/images/js_preloader.gif
Requested by
Host: jili-games-login.siamgo.com
URL: https://jili-games-login.siamgo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.195.240.122 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software
Parking/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://jili-games-login.siamgo.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 07:39:57 GMT
content-length
0
server
Parking/1.0
tsc.php
jili-games-login.siamgo.com/search/ 		0
15 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jili-games-login.siamgo.com/search/tsc.php?200=NTg3NDgxMjY1&21=MTg1LjE5OC42Mi4xNTU=&681=MTcxODYwOTk5Nzg2Mjc1ZTIzZTYxZjU1NzNmODViOGY3MTgxYmU1YTBm&crc=cc2aace262557a2f2b08811616be0eff17b84518&cv=1
Requested by
Host: jili-games-login.siamgo.com
URL: https://jili-games-login.siamgo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.195.240.122 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software
Parking/1.0 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://jili-games-login.siamgo.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 07:39:57 GMT
x-cache-miss-from
parking-6887b75b49-2dgds
server
Parking/1.0
content-length
0
content-type
text/html; charset=UTF-8
sedo_logo.png
img.sedoparking.com/templates/logos/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://img.sedoparking.com/templates/logos/sedo_logo.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://jili-games-login.siamgo.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 07:39:58 GMT
x-cf-tsc
1710898907
x-cf3
H
cf4ttl
31536000.000
x-cf1
11696:fE.fra2:cf:nom:cacheN.fra2-01:H
x-cf-reqid
f8f9d3de1ca1a11ed3a0fbf221158bb7
content-length
15086
x-cf2
M
last-modified
Mon, 11 Jan 2021 07:44:34 GMT
server
CFS 0215
x-cff
B
content-type
image/png
access-control-allow-origin
*
x-cfhash
"def00c11b1596db4efee6a9fbe64fc27"
cache-control
max-age=604800
cf4age
0
accept-ranges
bytes
expires
Mon, 24 Jun 2024 07:39:58 GMT
filter
filter.sedodna.com/
Redirect Chain
  • https://jili-games-login.siamgo.com/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DcTqsDyBy42o_0&v=OTI4MDY5MTU4YjgyZjI2MzhiMWI0ZjE1ZDAwN2Y4MmEJMQlqaWxpLWdhbWVzLWxvZ2luLnNpYW1nby5...
  • https://jili-games-login.siamgo.com/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DcTqsDyBy42o_0&v=OTI4MDY5MTU4YjgyZjI2MzhiMWI0ZjE1ZDAwN2Y4MmEJMQlqaWxpLWdhbWVzLWxvZ2luLnNpYW1nby5...
  • https://xml.sedodna.com/click?i=cTqsDyBy42o_0
  • https://filter.sedodna.com/filter?q=siamgo&i=cTqsDyBy42o_0&ci=-6522433627439061500&t=353034666
13 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://filter.sedodna.com/filter?q=siamgo&i=cTqsDyBy42o_0&ci=-6522433627439061500&t=353034666
Requested by
Host: jili-games-login.siamgo.com
URL: https://jili-games-login.siamgo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.239.53.32 New York, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
cecaa312ec3e47f45078ec242bb68aee0110092ef9fe88a60f2e7bc9b6115270

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
https://jili-games-login.siamgo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
12887
Content-Type
text/html; charset=utf-8
Date
Mon, 17 Jun 2024 07:39:59 GMT
Referrer-Policy
unsafe-url
Server
nginx

Redirect headers

Accept-CH
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model
Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Mon, 17 Jun 2024 07:39:58 GMT
Location
https://filter.sedodna.com/filter?q=siamgo&i=cTqsDyBy42o_0&ci=-6522433627439061500&t=353034666
Server
nginx
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
https://filter.sedodna.com/filter?q=siamgo&i=cTqsDyBy42o_0&ci=-6522433627439061500&t=353034666
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
8d5a31e0-4096-11e7-ab4f-0a85d6ab2dfa
iovia-pmj.com/zclkvisitor/cb6f2382-2c7c-11ef-bccd-125918c042ad/
Redirect Chain
  • https://xml.sedodna.com/click2?i=cTqsDyBy42o_0&ci=-6522433627439061500&j=rv%3Db%26ss%3D1600x1200%26ws%3D1600x1200%26wp%3D50x50%26ce%3D1%26ck%3Djc%26cv%3D7826%26cs%3D1%26fr%3D0%26hc%3D0%26fl%3Dnull%...
  • https://iovia-pmj.com/zclkvisitor/cb6f2382-2c7c-11ef-bccd-125918c042ad/8d5a31e0-4096-11e7-ab4f-0a85d6ab2dfa?campaignid=cb74a1c1-2c7c-11ef-bccd-125918c042ad
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://iovia-pmj.com/zclkvisitor/cb6f2382-2c7c-11ef-bccd-125918c042ad/8d5a31e0-4096-11e7-ab4f-0a85d6ab2dfa?campaignid=cb74a1c1-2c7c-11ef-bccd-125918c042ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.236.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-236-194.compute-1.amazonaws.com
Software
/
Resource Hash
fc2cff7a43276583276a20d189c1cb2bb79cede8b0007eb8c4c5a0b97e06b8e4
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
https://filter.sedodna.com/filter?q=siamgo&i=cTqsDyBy42o_0&ci=-6522433627439061500&t=353034666
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-mobile
?0
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"
sec-ch-ua-platform-version
"10.0.0"

Response headers

access-control-allow-headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
2732
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
content-type
text/html;charset=UTF-8
date
Mon, 17 Jun 2024 07:40:00 GMT
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp
default-src 'self'; script-src 'self' 'unsafe-inline'

Redirect headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Mon, 17 Jun 2024 07:39:59 GMT
Location
https://iovia-pmj.com/zclkvisitor/cb6f2382-2c7c-11ef-bccd-125918c042ad/8d5a31e0-4096-11e7-ab4f-0a85d6ab2dfa?campaignid=cb74a1c1-2c7c-11ef-bccd-125918c042ad
Server
nginx
zclkredirect
iovia-pmj.com/ 		316 B
778 B 		Document
General
Check archive.org
Download Go to
Full URL
https://iovia-pmj.com/zclkredirect?visitid=cb6f2382-2c7c-11ef-bccd-125918c042ad&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B02%3A00&timezoneName=Europe%2FRome
Requested by
Host: iovia-pmj.com
URL: https://iovia-pmj.com/zclkvisitor/cb6f2382-2c7c-11ef-bccd-125918c042ad/8d5a31e0-4096-11e7-ab4f-0a85d6ab2dfa?campaignid=cb74a1c1-2c7c-11ef-bccd-125918c042ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.236.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-236-194.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
https://iovia-pmj.com/zclkvisitor/cb6f2382-2c7c-11ef-bccd-125918c042ad/8d5a31e0-4096-11e7-ab4f-0a85d6ab2dfa?campaignid=cb74a1c1-2c7c-11ef-bccd-125918c042ad
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
316
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
content-type
text/html;charset=UTF-8
date
Mon, 17 Jun 2024 07:40:00 GMT
redirected
JS
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp
default-src 'self'; script-src 'self' 'unsafe-inline'
/
bestexpertbonus.life/
Redirect Chain
  • http://xml-v4.mpds-smart2.online/click?seat=2898311&i=RobmR4ghE0o_0
  • https://xml-v4.mpds-smart2.online/click?seat=2898311&i=RobmR4ghE0o_0
  • https://lure24.teammkt.com/visit/bb2fbca3-82e4-4cf6-91ea-9ca4cad193d5?cost=0.002&src_clid=SiZyaQBG0NA&source_subid=13879731922&campaign=1361249&search_referrer_domain=filter.sedodna.com&pubfeed=397...
  • https://bestexpertbonus.life/?u=ccnnu1y&o=kaa85y6&cid=lxio0s3cqqsqmlaiwckq4iwlmf
60 KB
61 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bestexpertbonus.life/?u=ccnnu1y&o=kaa85y6&cid=lxio0s3cqqsqmlaiwckq4iwlmf
Requested by
Host: iovia-pmj.com
URL: https://iovia-pmj.com/zclkredirect?visitid=cb6f2382-2c7c-11ef-bccd-125918c042ad&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B02%3A00&timezoneName=Europe%2FRome
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.155.184.32 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),
Reverse DNS
Software
nginx /
Resource Hash
b8c7ae88dad2e0ce0f68a4c9275785a9735457e0ed8bbee75505fbc150001a12

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
https://iovia-pmj.com/zclkredirect?visitid=cb6f2382-2c7c-11ef-bccd-125918c042ad&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B02%3A00&timezoneName=Europe%2FRome
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control
no-transform
Connection
keep-alive
Content-Length
61572
Content-Type
text/html
Date
Mon, 17 Jun 2024 07:40:01 GMT
Server
nginx
cache-control
private

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Full-Version,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Mon, 17 Jun 2024 07:40:01 GMT
expires
0
location
https://bestexpertbonus.life/?u=ccnnu1y&o=kaa85y6&cid=lxio0s3cqqsqmlaiwckq4iwlmf
pragma
no-cache
server
nginx
x-robots-tag
noindex, nofollow, noarchive
favicon.ico
bestexpertbonus.life/ 		0
132 B 		Other
General
Check archive.org
Download Go to
Full URL
https://bestexpertbonus.life/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.155.184.32 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bestexpertbonus.life/?u=ccnnu1y&o=kaa85y6&cid=lxio0s3cqqsqmlaiwckq4iwlmf
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 17 Jun 2024 07:40:02 GMT
Cache-Control
no-transform
Server
nginx
Connection
keep-alive
Primary Request /
y1unncc.knowpacenine.live/bqecjyqf/ 		32 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://y1unncc.knowpacenine.live/bqecjyqf/?u=ccnnu1y&o=kaa85y6&cid=lxio0s3cqqsqmlaiwckq4iwlmf&f=1&sid=t3~1hsuvgqvyarhselwweu2j101&fp=SqI%2BI85MDeHL5A0Z39ZUaw%3D%3D
Requested by
Host: bestexpertbonus.life
URL: https://bestexpertbonus.life/?u=ccnnu1y&o=kaa85y6&cid=lxio0s3cqqsqmlaiwckq4iwlmf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
185.155.184.55 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),
Reverse DNS
Software
openresty /
Resource Hash
43aa43ed1a19bf8ac525016cf6baa214f0f4e71fbbcd1150e84d94e966db040d

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
https://bestexpertbonus.life/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
keep-alive
Content-Length
32
Content-Type
text/html
Date
Mon, 17 Jun 2024 07:40:02 GMT
Server
openresty
cache-control
private
favicon.ico
y1unncc.knowpacenine.live/ 		0
107 B 		Other
General
Check archive.org
Download Go to
Full URL
https://y1unncc.knowpacenine.live/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
185.155.184.55 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://y1unncc.knowpacenine.live/bqecjyqf/?u=ccnnu1y&o=kaa85y6&cid=lxio0s3cqqsqmlaiwckq4iwlmf&f=1&sid=t3~1hsuvgqvyarhselwweu2j101&fp=SqI%2BI85MDeHL5A0Z39ZUaw%3D%3D
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Connection
keep-alive
Date
Mon, 17 Jun 2024 07:40:02 GMT
Server
openresty

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage

8 Cookies

Domain/Path Name / Value
.sedodna.com/ Name: x3332491
Value: 692914147
filter.sedodna.com/ Name: c-1582540361
Value: 692914147
filter.sedodna.com/ Name: jc
Value: 7826
lure24.teammkt.com/ Name: mc_attr
Value: c%253Dbb2fbca3-82e4-4cf6-91ea-9ca4cad193d5..m%253Dlxio0s3cqqsqmlaiwckq4iwlmf..d%253D0-0-0--0..l%253D17186100014..e%253DSiZyaQBG0NA..t1%253D13879731922..t2%253D1361249..t3%253Dfilter.sedodna.com..t4%253D397304..t5%253Dsiamgo..t6%253DGlobal%2BRouter..t7%253D25..t8%253D6411065..t9%253D185.198.62.155..t10%253D%252A
.teammkt.com/ Name: mc_clid
Value: lxio0s3cqqsqmlaiwckq4iwlmf
bestexpertbonus.life/ Name: sid
Value: t3~1hsuvgqvyarhselwweu2j101
bestexpertbonus.life/ Name: p1
Value: https://knowpacenine.live/bqecjyqf/
bestexpertbonus.life/ Name: s1
Value: prjpsw2c63f58wgd

1 Console Messages

Source Level URL
Text
network error URL: https://jili-games-login.siamgo.com/img.sedoparking.com/images/js_preloader.gif
Message:
Failed to load resource: the server responded with a status of 441 ()