urlscan.io logo urlscan.io
SecurityTrails logo

l0pay.info Open in urlscan Pro
190.115.26.222  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/3y4WwSC
Effective URL: https://l0pay.info/d/5e7238509fa71
Submission: On December 09 via manual from AU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 5 domains to perform 4 HTTP transactions. The main IP is 190.115.26.222, located in Belize City, Belize and belongs to DDOS-GUARD CORP., BZ. The main domain is l0pay.info.
TLS certificate: Issued by R3 on December 9th 2021. Valid for: 3 months.
This is the only time l0pay.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.11 396982 (GOOGLE-PR...)
1 2 162.0.209.39 22612 (NAMECHEAP...)
1 1 104.193.252.27 14576 (HOSTING-S...)
2 190.115.26.222 262254 (DDOS-GUAR...)
4 3
Apex Domain
Subdomains		 Transfer
2 l0pay.info
l0pay.info
30 KB
2 me-helpdesk7490146343386.com
me-helpdesk7490146343386.com
3 KB
1 jepyf.top
jepyf.top
605 B
1 bit.ly
bit.ly
257 B
0 lake-sewer.buzz Failed
lake-sewer.buzz Failed
4 5
Domain Requested by
2 l0pay.info l0pay.info
2 me-helpdesk7490146343386.com 1 redirects
1 jepyf.top 1 redirects
1 bit.ly 1 redirects
0 lake-sewer.buzz Failed me-helpdesk7490146343386.com
4 5

This site contains no links.

Subject Issuer Validity Valid
me-helpdesk7490146343386.com
R3		 2021-12-05 -
2022-03-05		 3 months crt.sh
l0pay.info
R3		 2021-12-09 -
2022-03-09		 3 months crt.sh

This page contains 1 frames:

Frame: https://lake-sewer.buzz/hrugame/
Frame ID: 2FB5B2EF40CD4EBEDB16030A488D496F
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://bit.ly/3y4WwSC HTTP 301
    http://me-helpdesk7490146343386.com/ HTTP 301
    https://me-helpdesk7490146343386.com/ Page URL
  2. https://jepyf.top/stream/bc12ddbf-4f79-4582-bc74-a8488d6504fa HTTP 301
    https://l0pay.info/d/5e7238509fa71 Page URL

Page Statistics

4
Requests

75 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

3
IPs

2
Countries

34 kB
Transfer

37 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/3y4WwSC HTTP 301
    http://me-helpdesk7490146343386.com/ HTTP 301
    https://me-helpdesk7490146343386.com/ Page URL
  2. https://jepyf.top/stream/bc12ddbf-4f79-4582-bc74-a8488d6504fa HTTP 301
    https://l0pay.info/d/5e7238509fa71 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://bit.ly/3y4WwSC HTTP 301
  • http://me-helpdesk7490146343386.com/ HTTP 301
  • https://me-helpdesk7490146343386.com/
Request Chain 2
  • https://l0pay.info/check-unique/index?unique_code=76a554d25920548e16c269257f1555e2&link_type=partner&code=5e7238509fa71&u=&url=https%3A%2F%2Flake-sewer.buzz%2Fhrugame%2F%3F&upgrade=c98dbbb023bdd HTTP 302
  • https://lake-sewer.buzz/hrugame/

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
me-helpdesk7490146343386.com/
Redirect Chain
  • https://bit.ly/3y4WwSC
  • http://me-helpdesk7490146343386.com/
  • https://me-helpdesk7490146343386.com/
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://me-helpdesk7490146343386.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.209.39 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium166-4.web-hosting.com
Software
LiteSpeed / PHP/7.2.30
Resource Hash
c8dac9f53a8accad7a8a46475469db833b08261690e38cc588456fc59dfa05de

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.2.30
content-length
3070
content-encoding
br
vary
Accept-Encoding
date
Thu, 09 Dec 2021 22:58:18 GMT
server
LiteSpeed
x-turbo-charged-by
LiteSpeed

Redirect headers

keep-alive
timeout=5, max=100
content-type
text/html
content-length
707
date
Thu, 09 Dec 2021 22:58:17 GMT
server
LiteSpeed
location
https://me-helpdesk7490146343386.com/
x-turbo-charged-by
LiteSpeed
Primary Request 5e7238509fa71
l0pay.info/d/
Redirect Chain
  • https://jepyf.top/stream/bc12ddbf-4f79-4582-bc74-a8488d6504fa
  • https://l0pay.info/d/5e7238509fa71
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://l0pay.info/d/5e7238509fa71
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.115.26.222 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
nginx /
Resource Hash
fac0d3f7e5caabcd05bfae5888be40774216bdf993eb14e796d81b47fb74b2f4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://me-helpdesk7490146343386.com/

Response headers

server
nginx
date
Thu, 09 Dec 2021 22:58:20 GMT
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=15768000; includeSubdomains; preload
x-content-type-options
nosniff
content-encoding
gzip

Redirect headers

Server
nginx/1.19.5
Date
Thu, 09 Dec 2021 22:58:21 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Location
https://l0pay.info/d/5e7238509fa71
fp21.min.js
l0pay.info/frontend/web/js/ 		29 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://l0pay.info/frontend/web/js/fp21.min.js
Requested by
Host: l0pay.info
URL: https://l0pay.info/d/5e7238509fa71
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.115.26.222 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
nginx /
Resource Hash
af4ac135cf575e46eb783d82f6c659d92afb5e31b647e2ac9d62530c3e371bdb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://l0pay.info/d/5e7238509fa71
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
public
date
Thu, 09 Dec 2021 22:58:20 GMT
last-modified
Thu, 15 Aug 2019 12:05:02 GMT
server
nginx
etag
"5d554a6e-7309"
content-type
application/javascript
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
29449
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
lake-sewer.buzz/hrugame/
Redirect Chain
  • https://l0pay.info/check-unique/index?unique_code=76a554d25920548e16c269257f1555e2&link_type=partner&code=5e7238509fa71&u=&url=https%3A%2F%2Flake-sewer.buzz%2Fhrugame%2F%3F&upgrade=c98dbbb023bdd
  • https://lake-sewer.buzz/hrugame/?
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
lake-sewer.buzz
URL
https://lake-sewer.buzz/hrugame/?

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler

3 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: lb9mWg-4b02781bbd687dae3f-00A
jepyf.top/ Name: csrf_cookie_name
Value: f8e0efc4dd80656647b0008c6e0611b7
jepyf.top/ Name: ci_session
Value: t2tt8r6ifsep9i90njoq44fb055rgudd