![](/screenshots/7cef0e40-8642-4807-a26b-e00c901c374a.png)
h0zi.linkforusers.com
Open in
urlscan Pro
66.195.197.27
Public Scan
Effective URL: https://h0zi.linkforusers.com/t/8f0d93c8664e/060fc930-4d72-11ee-adc1-7b0d564320ef/0619827c-4d72-11ee-8fba-9bef6eea36e7
Submission: On September 07 via api from US — Scanned from JP
Summary
TLS certificate: Issued by R3 on July 9th 2023. Valid for: 3 months.
This is the only time h0zi.linkforusers.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 172.105.201.99 172.105.201.99 | 63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud) | |
1 | 141.98.5.228 141.98.5.228 | 8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL) | |
1 12 | 66.195.197.27 66.195.197.27 | 11402 (CCCAS-1) (CCCAS-1) | |
1 | 172.217.175.74 172.217.175.74 | 15169 (GOOGLE) (GOOGLE) | |
1 | 142.251.222.42 142.251.222.42 | 15169 (GOOGLE) (GOOGLE) | |
1 | 69.16.175.10 69.16.175.10 | 20446 (STACKPATH...) (STACKPATH-CDN) | |
1 | 142.250.207.35 142.250.207.35 | 15169 (GOOGLE) (GOOGLE) | |
16 | 6 |
ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 172-105-201-99.ip.linodeusercontent.com
172-105-201-99.ip.linodeusercontent.com |
ASN11402 (CCCAS-1, US)
h0zi.arrangedclearlink.com | |
h0zi.linkforusers.com |
ASN15169 (GOOGLE, US)
PTR: nrt20s20-in-f10.1e100.net
fonts.googleapis.com |
ASN15169 (GOOGLE, US)
PTR: nrt13s72-in-f10.1e100.net
ajax.googleapis.com |
ASN15169 (GOOGLE, US)
PTR: nrt13s55-in-f3.1e100.net
fonts.gstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
linkforusers.com
h0zi.linkforusers.com |
543 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 58 ajax.googleapis.com — Cisco Umbrella Rank: 406 |
34 KB |
1 |
gstatic.com
fonts.gstatic.com |
11 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 820 |
33 KB |
1 |
arrangedclearlink.com
1 redirects
h0zi.arrangedclearlink.com |
695 B |
1 |
zoromangare.com
zoromangare.com |
409 B |
1 |
linodeusercontent.com
1 redirects
172-105-201-99.ip.linodeusercontent.com |
373 B |
16 | 7 |
Domain | Requested by | |
---|---|---|
11 | h0zi.linkforusers.com |
zoromangare.com
h0zi.linkforusers.com |
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | code.jquery.com |
h0zi.linkforusers.com
|
1 | ajax.googleapis.com |
h0zi.linkforusers.com
|
1 | fonts.googleapis.com |
h0zi.linkforusers.com
|
1 | h0zi.arrangedclearlink.com | 1 redirects |
1 | zoromangare.com | |
1 | 172-105-201-99.ip.linodeusercontent.com | 1 redirects |
16 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
zoromangare.com R3 |
2023-07-25 - 2023-10-23 |
3 months | crt.sh |
linkforusers.com R3 |
2023-07-09 - 2023-10-07 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://h0zi.linkforusers.com/t/8f0d93c8664e/060fc930-4d72-11ee-adc1-7b0d564320ef/0619827c-4d72-11ee-8fba-9bef6eea36e7
Frame ID: FEE98618AD44F6AF8514F87E25707458
Requests: 16 HTTP requests in this frame
Screenshot
![](/screenshots/7cef0e40-8642-4807-a26b-e00c901c374a.png)
Page Title
Congratulations!Page URL History Show full URLs
-
http://172-105-201-99.ip.linodeusercontent.com/aDFqYWJka0U4YjJaY3g3a3dHeVpZZGUyU0RvRlY1bENLOXd0N1doYndFTmZoWXZ3aStjSGxFUTQv...
HTTP 302
https://zoromangare.com/0/2/14730/ce6e79e34b29fddf5e355cd6a73dab25/1/8890_17/30_5603_610_81687_md Page URL
-
https://h0zi.arrangedclearlink.com/?kw=31&s2=1049307067
HTTP 302
https://h0zi.linkforusers.com/t/8f0d93c8664e/060fc930-4d72-11ee-adc1-7b0d564320ef/0619827c-4d72-11ee-8fba-... Page URL
Detected technologies
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://172-105-201-99.ip.linodeusercontent.com/aDFqYWJka0U4YjJaY3g3a3dHeVpZZGUyU0RvRlY1bENLOXd0N1doYndFTmZoWXZ3aStjSGxFUTQvQXBhcHlka3FiaXpQb0hhQzlFMmlUejhSVUh6eEE9PQ__
HTTP 302
https://zoromangare.com/0/2/14730/ce6e79e34b29fddf5e355cd6a73dab25/1/8890_17/30_5603_610_81687_md Page URL
-
https://h0zi.arrangedclearlink.com/?kw=31&s2=1049307067
HTTP 302
https://h0zi.linkforusers.com/t/8f0d93c8664e/060fc930-4d72-11ee-adc1-7b0d564320ef/0619827c-4d72-11ee-8fba-9bef6eea36e7 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://172-105-201-99.ip.linodeusercontent.com/aDFqYWJka0U4YjJaY3g3a3dHeVpZZGUyU0RvRlY1bENLOXd0N1doYndFTmZoWXZ3aStjSGxFUTQvQXBhcHlka3FiaXpQb0hhQzlFMmlUejhSVUh6eEE9PQ__ HTTP 302
- https://zoromangare.com/0/2/14730/ce6e79e34b29fddf5e355cd6a73dab25/1/8890_17/30_5603_610_81687_md
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
30_5603_610_81687_md
zoromangare.com/0/2/14730/ce6e79e34b29fddf5e355cd6a73dab25/1/8890_17/ Redirect Chain
|
118 B 409 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
0619827c-4d72-11ee-8fba-9bef6eea36e7
h0zi.linkforusers.com/t/8f0d93c8664e/060fc930-4d72-11ee-adc1-7b0d564320ef/ Redirect Chain
|
14 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
8 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
h0zi.linkforusers.com/templates/templates/spin-casino_MASTER/css/ |
25 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ |
91 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
push_na_push.js
h0zi.linkforusers.com/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
overlay.png
h0zi.linkforusers.com/templates/templates/spin-casino_MASTER/images/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
overlay2.png
h0zi.linkforusers.com/templates/templates/spin-casino_MASTER/images/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dollar_reel.fs8.png
h0zi.linkforusers.com/templates/templates/spin-casino_MASTER/images/ |
253 KB 253 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spin1.png
h0zi.linkforusers.com/templates/templates/spin-casino_MASTER/images/ |
83 KB 83 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spin2.png
h0zi.linkforusers.com/templates/templates/spin-casino_MASTER/images/ |
86 KB 86 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader.gif
h0zi.linkforusers.com/templates/templates/spin-casino_MASTER/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.11.3.min.js
code.jquery.com/ |
94 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
push_proxnapush.js
h0zi.linkforusers.com/ |
17 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gratorama-progjackpot-v3.gif
h0zi.linkforusers.com/templates/templates/spin-casino_MASTER/images/ |
23 KB 23 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
fonts.gstatic.com/s/robotocondensed/v25/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
92 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| $ function| jQuery string| raw_prize_value function| formatPrizeValue function| initLiveJackpot string| currency object| _at function| _NeptuneAdsPushDeferred function| getUrlVars function| urlBase64ToUint8Array function| _NeptuneAdsPushGetDeviceType function| _NeptuneAdsPushGetPageDetails function| _NeptuneAdsPushGetReferrer function| _NeptuneAdsPushGetLanguage function| _NeptuneAdsPushGetResolution function| _NeptuneAdsPushGetBrowserInfo function| _NeptuneAdsPushGetSystemInfo function| _NeptuneAdsPushInitialize function| _NeptuneAdsPushGetSiteConfig function| _NeptuneAdsPushLoadPrompt function| _NeptuneAdsPushPromptApprove function| _NeptuneAdsPushPromptDeny function| _NeptuneAdsPushPromptCancel function| _NeptuneAdsPushRemovePoweredBy function| _NeptuneAdsPushShowPoweredBy function| _NeptuneAdsPushGetSubscriberID function| _NeptuneAdsPushSendTrackData function| _NeptuneAdsPushGetSubscriberIDFromToken function| _NeptuneAdsPushGenerateID function| _NeptuneAdsPushGetCookie function| _NeptuneAdsPushSetCookie function| _NeptuneAdsPushDeleteCookie function| _NeptuneAdsPushTrackAttributes function| _NeptuneAdsPushOptInResponse function| _NeptuneAdsPushPrompt function| _NeptuneAdsPushTrackEvent function| _NeptuneAdsPushAbandonedCart function| _NeptuneAdsPushGetPushToken function| _NeptuneAdsPushSupportsPush function| _NeptuneAdsPushCheckHTTPS function| _NeptuneAdsPushCheckPermissions function| _NeptuneAdsPushRunNative function| _NeptuneAdsPushSafariRun function| _NeptuneAdsPushChromeRun function| _NeptuneAdsPushSubscribe function| _NeptuneAdsPushExtractSubscriptionId function| _NeptuneAdsPushSendSubscriptionToServer function| _NeptuneAdsPushRegisterWorker function| _NeptuneAdsPushFetchSubscriberIDFromWorker function| _NeptuneAdsPushConsoleOutput function| _NeptuneAdsPushSendWorkerMessage function| _NeptuneAdsPushLoad string| domain string| owner string| idSite boolean| showDebug boolean| subscriberID_existed undefined| _NeptuneAdsPushPushToken string| _NeptuneAdsPushSubscriberID undefined| _NeptuneAdsPushCallResponse object| trackData string| currentPage string| _NeptuneAdsPushAPI boolean| _NeptuneAdsPushRanScript undefined| webURL undefined| logid string| uid number| width number| height object| browserInfo object| systemInfo string| refUrl string| refName object| referrer string| pageTitle string| pageURL object| pageDetails string| curPageURL string| configPageURL number| promptId number| auto_prompt function| stepOne function| stepTwo function| stepThree function| spinsCount object| $jackpot_display object| e object| powered_browserinfo string| powered_devicetype string| powered_top string| powered_left4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
zoromangare.com/ | Name: uid31 Value: 1049307067-20230907073059-77dccd89933c504db74a6a4f6aba4139- |
|
h0zi.arrangedclearlink.com/ | Name: yredir_session Value: eyJpdiI6IlpNNjNhWEQySElKRmo4dWw3Z0VIdFE9PSIsInZhbHVlIjoiMHNjb2lkV004UlVYQXExUDNvQS9kbk84bUU4d1BORDduaUpIbTIxV0lXcE1RTWJBK1lUcVFlSHpXL0tWSk96TW1RdTFWREJmeHVqZEdGSE1ZclhWRHpSSFYrWGsvWmJlMnZmOEpCMW9HVkVLR3dOOWxPOXpoNkFtSWFsUHpuNC8iLCJtYWMiOiJlNTZhMzAwYTY3N2Q1MWYzMWZhOGM4ODBkNTVkZDhlYjIwNGYwNjcwZmNjODlmOTZiNzcyYzRlNzA0NmEzNWExIiwidGFnIjoiIn0%3D |
|
h0zi.linkforusers.com/ | Name: yredir_session Value: eyJpdiI6ImxYVTdGSW1Sbk51WVlrVlRpWFdTQXc9PSIsInZhbHVlIjoibFR4aEZxcnV6VVQwa25rWE94b3pvYm1XUDZZTnRXUjZzdXNTZ1NrSThSUUxPRlgxNFg3RXdSTXZOcTZ1RldBNHpOSTV0cVNHNXI3YlkrbFVVekdqNFJ1cHBYd3VnNWRDM1djYXFKdnlRbVRzN2h1ckN0cFZpTmVWaEhNSWJZc0YiLCJtYWMiOiI2ZGEzZDMxYTIxMWJiNDkwYjczNWI2NjZmNThmYjIwNTUwM2YzMDhjMjQxMWZkZmQzYjlkNzc0NmJmYzgzMWY5IiwidGFnIjoiIn0%3D |
|
h0zi.linkforusers.com/ | Name: _NeptuneAdsPushSubscriberID Value: ed254ae7-ec5d-c35c-b8a4-c69a97ad03f3 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
172-105-201-99.ip.linodeusercontent.com
ajax.googleapis.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
h0zi.arrangedclearlink.com
h0zi.linkforusers.com
zoromangare.com
141.98.5.228
142.250.207.35
142.251.222.42
172.105.201.99
172.217.175.74
66.195.197.27
69.16.175.10
2a020670608060e8f05776815edaa0696f1dd553545ee49946e24be7741433f5
677aebad5741b57c1a3a51f8a65cd295a7aae1d656958313a882ef199f046418
6c5b308105a56865b61e908aa0eb53cb7d84937429462f95b0a5dec1c9b8d874
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8c40f530a22a982117388d12fd3d0cd3ef96762aed2cde710b086d6c34e7912d
ada8eb4421bf605c058c123aa95bd5e4590b4507c68809f563c921e4db31ea8a
b9e962e0f9810e278130875315423d3205bbe90b01a19137b738d378ddda7bad
bc50750cd41cbabc77efc8143fb1b210c983a23e5c954b65b02562958b922e63
bd03836c50a13a9d0c5868a5656f4112f69909cc52c50ca21de772da164e13a2
bdc936e847facab60f4b4a9153dc8145ebccdeca49becc4cd684e007cd0459ca
cbb35e1bf577e547b7e14888f498596f26806405ccc232714eda67bdc323d4a6
cc83c0e40f17d466aa3406b372b0e7630b60090f8afd7935619b347bf15dd043
d97140baac38de7446121bd7fd8c6fd76194281fa0a9e4f1c636ce1cc1a0babe
ead5b789486a1fa24ab94689b256053be2c9fea300850d1205168950cf8ab110
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8