urlscan.io logo urlscan.io
SecurityTrails logo

zupr6k.arsrok1tjk.com Open in urlscan Pro
161.35.82.21  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ozon.ozon.avito.avito.pay.j4fyug5dtld8d2o.vpn.melbet-link.com/
Effective URL: https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_1429169546&clickid=1aa38fnqdy9...
Submission: On December 13 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 5 countries across 10 domains to perform 13 HTTP transactions. The main IP is 161.35.82.21, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN, US. The main domain is zupr6k.arsrok1tjk.com.
TLS certificate: Issued by R3 on December 3rd 2023. Valid for: 3 months.
This is the only time zupr6k.arsrok1tjk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 185.178.208.156 57724 (DDOS-GUARD)
1 2 204.152.214.30 8100 (ASN-QUADR...)
1 2 192.99.158.241 16276 (OVH)
1 1 142.93.240.225 14061 (DIGITALOC...)
1 2 104.200.67.55 8100 (ASN-QUADR...)
1 2 50.97.212.250 36351 (SOFTLAYER)
1 1 103.224.182.241 133618 (TRELLIAN-...)
1 6 103.224.182.206 133618 (TRELLIAN-...)
1 2 161.35.82.21 14061 (DIGITALOC...)
13 7
1    185.178.208.156 (Russian Federation)

ASN57724 (DDOS-GUARD, RU)
PTR: ddos-guard.net
ozon.ozon.avito.avito.pay.j4fyug5dtld8d2o.vpn.melbet-link.com
2    204.152.214.30 (Los Angeles, United States)

ASN8100 (ASN-QUADRANET-GLOBAL, US)
PTR: 204.152.214.30.static.rivalserver.com
melbetsport.club
2    192.99.158.241 (Canada)

ASN16276 (OVH, FR)
PTR: ip241.ip-192-99-158.net
btdnav.com
1    142.93.240.225 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
www.toromclick.com
2    104.200.67.55 (Los Angeles, United States)

ASN8100 (ASN-QUADRANET-GLOBAL, US)
PTR: aamhc-umc.info
264.litecher.xyz
2    50.97.212.250 (San Jose, United States)

ASN36351 (SOFTLAYER, US)
PTR: fa.d4.6132.ip4.static.sl-reverse.com
www.clkmg.com
1    103.224.182.241 (Australia)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-241.above.com
nordvpnserver.com
6    103.224.182.206 (Australia)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com
angossa.com
2    161.35.82.21 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: paying-adkela.plan-3
adsh0wpr0.site
zupr6k.arsrok1tjk.com
Apex Domain
Subdomains		 Transfer
6 angossa.com
angossa.com — Cisco Umbrella Rank: 273432
22 KB
2 clkmg.com
www.clkmg.com — Cisco Umbrella Rank: 316678
2 KB
2 litecher.xyz
264.litecher.xyz
2 KB
2 btdnav.com
btdnav.com
7 KB
2 melbetsport.club
melbetsport.club
1003 B
1 arsrok1tjk.com
zupr6k.arsrok1tjk.com
4 KB
1 adsh0wpr0.site
adsh0wpr0.site
635 B
1 nordvpnserver.com
nordvpnserver.com
1 KB
1 toromclick.com
www.toromclick.com — Cisco Umbrella Rank: 115246
513 B
1 melbet-link.com
ozon.ozon.avito.avito.pay.j4fyug5dtld8d2o.vpn.melbet-link.com
256 B
13 10
Domain Requested by
6 angossa.com 1 redirects angossa.com
2 www.clkmg.com 1 redirects melbetsport.club
2 264.litecher.xyz 1 redirects
2 btdnav.com 1 redirects melbetsport.club
2 melbetsport.club 1 redirects
1 zupr6k.arsrok1tjk.com angossa.com
zupr6k.arsrok1tjk.com
1 adsh0wpr0.site 1 redirects
1 nordvpnserver.com 1 redirects
1 www.toromclick.com 1 redirects
1 ozon.ozon.avito.avito.pay.j4fyug5dtld8d2o.vpn.melbet-link.com 1 redirects
13 10

This site contains no links.

Subject Issuer Validity Valid
melbetsport.club
R3		 2023-11-24 -
2024-02-22		 3 months crt.sh
*.clkmg.com
AlphaSSL CA - SHA256 - G4		 2023-02-23 -
2024-03-26		 a year crt.sh
zupr6k.arsrok1tjk.com
R3		 2023-12-03 -
2024-03-02		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_1429169546&clickid=1aa38fnqdy9a7947&t2=90
Frame ID: C1E1472DC1BC4EA433136464C4C6ECC9
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://ozon.ozon.avito.avito.pay.j4fyug5dtld8d2o.vpn.melbet-link.com/ HTTP 301
    https://melbetsport.club/ Page URL
  2. https://melbetsport.club/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MT... HTTP 302
    http://btdnav.com/click?data=T0VWQkhESTR4aUJGRDJhWGgyZ1ZSX254aWJLODRDSXR5cElWY0tpdTRXakpPVDJCZ... Page URL
  3. http://btdnav.com/Redirect/ HTTP 302
    http://www.toromclick.com/feed/click/?t1=128&tid=753&uid=191&subid=melbetsport.club&id=4b2a49c80d99613... HTTP 302
    http://264.litecher.xyz/match-264/87927/232533061/1702449474/mf_40ac2df8-2799-4062-9806-716664e430ae... Page URL
  4. http://264.litecher.xyz/match-264/87927/232533061/1702449474/mf_40ac2df8-2799-4062-9806-716664e430ae... HTTP 302
    https://www.clkmg.com/qvikar/SANORTON/apix69-753melbetsport.club HTTP 302
    https://www.clkmg.com/redir.cgi?url=http%3a%2f%2fnordvpnserver.com&pixel=0&lidc=1540193172 Page URL
  5. http://nordvpnserver.com/ HTTP 302
    http://angossa.com/r2.php?e=93LAAVDkyTX4rbN%2FR2L%2F3n49fk42d3ZZVE1YK0VFSUlyTCs2em85OVc5d2NCYi9... Page URL
  6. http://angossa.com/r.php?u=https%3A%2F%2Fadsh0wpr0.site%2Fcxzzl4k.php%3Fkey%3Djf7x0fmh4hkcma1t9... HTTP 302
    https://adsh0wpr0.site/cxzzl4k.php?key=jf7x0fmh4hkcma1t98z7&cpv=0.010&subid=1429169546&kw=.us.01.de... HTTP 302
    https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_1429169546... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • swfobject.*\.js

Page Statistics

13
Requests

23 %
HTTPS

0 %
IPv6

10
Domains

10
Subdomains

7
IPs

5
Countries

35 kB
Transfer

71 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ozon.ozon.avito.avito.pay.j4fyug5dtld8d2o.vpn.melbet-link.com/ HTTP 301
    https://melbetsport.club/ Page URL
  2. https://melbetsport.club/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTcwMjQ1NjAzMiwiaWF0IjoxNzAyNDQ4ODMyLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydWc1MGNiM2czYWxoMXN2bDAwbDR0aTkiLCJuYmYiOjE3MDI0NDg4MzIsInRzIjoxNzAyNDQ4ODMyMTk4OTkzfQ.hzn2CJib0OfuYd2e_2QU9reoOnc0ymQRL9ZhF1mCGTc&sid=a66b4af3-9980-11ee-b3e4-c85550b8918a HTTP 302
    http://btdnav.com/click?data=T0VWQkhESTR4aUJGRDJhWGgyZ1ZSX254aWJLODRDSXR5cElWY0tpdTRXakpPVDJCZGcxTWctUUJ5ekpDQkZRWFVVVFVFRXNiWEJEM2VldENsNkZEZWVOcWFXejRYZHluWm8tVlIxWnBacW42UlFhZTU2cjQ3UktNcHpHVWl5Z2VXSURyZVRkV0QyMDlUREV1WjN3ZElBMg2&id=5631d51d-c0fe-4a79-a13b-6460528d7b1b Page URL
  3. http://btdnav.com/Redirect/ HTTP 302
    http://www.toromclick.com/feed/click/?t1=128&tid=753&uid=191&subid=melbetsport.club&id=4b2a49c80d996139a1944c6393a6fd74:d317acc88a54b821861bc6d5ccd142a1870cd0f5f765a3b0f3ca7ee3fdb44c50c7b795364538ab0ff8a2dec69faf01b4067dc3876db41dc4c985435ad1ef6caf8af79377768f8b74d1d24a01e9340ddd0c1641b025bdd2765d76dc15e936c8dedbd73b93a65dcb618d30ab9e71d429b161d44c6a7e51c242992631d3bbb73b1f321ab6679aa7e3ec0117559d91603b8a36765cf6af6698f2cf339f6c9e79a292146203a94e037255c73357d5b6171ac87860220c7b0950215afc828ebbf842e5938753604c06af505b6242662e03c7dad365eea11c94b559fec2390da63c1083cec72e792ae712b63dec034d134b367d5b754244bbd0a4ecf078c8a85147aab1f282e87697f4182c93311adc38550abbd71310cda81959fe646f984b489f5f388cf78330fa233c4cab53e0b729365c93931384e140622c34c639d1c719d9037981327a1e92537f5d24927ba23e0b93f289cb03e4f8ad1f71a30aa1890a1bc36b3c63036f3304fe62e8f8d48ecc35002e2e0435b617a6fb4616eebccda272caa81b42af0580ed07f38136005715bd734481ac3eed41c82946ff0bf75788274700ea0245d1900583d4d9e0201c98c3bd5e94b5b5ebe6caaa7064f24061b6ded71b5b865145352bb12cbbd7480b3909da70fa76130c837166a1b8b299166a0309ac HTTP 302
    http://264.litecher.xyz/match-264/87927/232533061/1702449474/mf_40ac2df8-2799-4062-9806-716664e430ae/YXBpeDY5LTc1M21lbGJldHNwb3J0LmNsdWJ8MTcwMjQ0OTQ3NC42MDk2ODEtMjMyNTMzMDYxLTg3OTI3/feed Page URL
  4. http://264.litecher.xyz/match-264/87927/232533061/1702449474/mf_40ac2df8-2799-4062-9806-716664e430ae/YXBpeDY5LTc1M21lbGJldHNwb3J0LmNsdWJ8MTcwMjQ0OTQ3NC42MDk2ODEtMjMyNTMzMDYxLTg3OTI3 HTTP 302
    https://www.clkmg.com/qvikar/SANORTON/apix69-753melbetsport.club HTTP 302
    https://www.clkmg.com/redir.cgi?url=http%3a%2f%2fnordvpnserver.com&pixel=0&lidc=1540193172 Page URL
  5. http://nordvpnserver.com/ HTTP 302
    http://angossa.com/r2.php?e=93LAAVDkyTX4rbN%2FR2L%2F3n49fk42d3ZZVE1YK0VFSUlyTCs2em85OVc5d2NCYi9vMGRCTlpJYThnc2VEU1RZRGxNVVgzZS9VWnRzWTJaVXhuTklyejNhcDZ0SFRaSnVTazJlMi9yWVpnTFc0VXEzVWxORzVFbzkvRUczRWZ1a3BISjVIQ3Z6MGdhMDN2dnRXUWRtV3RTbnVhQU45bzdmRWVYQmZRVGpWdWJUR1ZmdlkzT0h3amJiTGlPeTJlMm1tc1BBckdPM011N01OcC9RSVVaaWNmWERKbHplOHZhd2RNVGxpZjVQOHBMSUJGbm4wcWYxMmpRajVxTUovbXZ3NFVlOXhKZnJRSzZRV2xwL0VINm8vcDk1bHJ6dXExNGZxVFRXaEdqODRoeGVlRnR4UHVCQnNBSVlGRkNEQ0ZyVTdaNWRqT2dBKytuc3M0dXM1aVNkOXd2dnFlQzJSMWd0bGlyN0xHVU41c0hzdG1YTDgxWitIQ3FpTCtPTmdObDJKNUdITGIva0JrZnlITm5iM1F6NnFiSmtabHhPQnRBTnJVTWk0aTRoRVZ1d3Z1TFA2Z3czS0t5LzV3ckhtUTVVMFZtSjQxbkhyeEdXZVRHalJmOFBkajBJd0h6N3VnT0c4aDYyNmsxRzNkWnlhRml1OGVOUjdzNU5RTW5zVE1aMENjYTFrcTM2dW8zTDBPQzFrUjNiUy9NcStMdDNYYlJFV2U3dXpTS3NSNzhuWmlQMUVSd2Iwa2tEQ1FnQXdUbmVKcThWMmpwcjBBVnRJbDNCUE5sQzd5ZFplMFhKWGpENTgyU2U1Q2U0dW5VMytXVWRNdFdCMHVuOWFDMm1KR28ySWJoeWRFRnNuNzRoMGg1Z1YwempxczBEUVU1aDFEc1o5bkIwYVJyRDd3WDBJWm5BVm0zdGJDNG5ZQlRLMHR2UktYYS8rS1ZhSFc3Q1YxUjVzd3l0MmZQZkZPS2hWM1JCR3MzQkZOa0wza1Q5bVFySG55YitUenl5L1ZkWEtpb3dkNjRaMXM3VXYzQmJNS25YTzMwdnBZM3psUjdZWk45S3ludnkvWE5FcUVCMUNYU2RpRzRMTk5ZanRMWkhnYW1vRHF0MDJneGtXMldRVThKVVFSOEo0eklCc0p0U2llb3RyZG4reWJteHQybXRQNWpRaWVqUXBQNWhQcUR6aUNvaTJYQ0RnZGpUdDM1cEszYlN6eHRz Page URL
  6. http://angossa.com/r.php?u=https%3A%2F%2Fadsh0wpr0.site%2Fcxzzl4k.php%3Fkey%3Djf7x0fmh4hkcma1t98z7%26cpv%3D0.010%26subid%3D1429169546%26kw%3D.us.01.desktop.nonadult.windows.chrome&s=j&enc=%2Fmn0e4Qmc%2FeWmwxWBB9Rw349fjhlWmdNR3N4MVYwdW9kNUY2SXB4d3YvaithS1RaYlJWeFdxNGk3dnhoZVhlZ3NadHdqN0tONmUvb3pFU2xTUUkrc1J4ZXc3MzBNTFVidWpLWjZOeVZyS1lpZldpVXBXOHBaRDM5M2dRRVRGcmh0eHRTOVh6VTNoRWhCQ2JGYkF6NWoxSlZxQjJyM0pwVEk5VWpvcUxVZVpKbG5URW5mK0dNTTY1cHFNRlZ2Z1FIK0Q4bVRCbVFrWi9RTk85N3FRWE5kWVExZ2IwWWdtTHdONUhiSnl0d0VyTjl2NHd4bnZQRm54QTdpdmNObjUyRlJ2dnBQaXpDcjFQU2VwVFRJRFFWRkJrREsxVkRKRk5SLzhGc2FSY2VjTkxSeGlHUTdYNkREQ25aRzZlUXZnVE1ETmFSODhKOCtyODNLQmd5MFpZaFdjOHNzQm5xNEZHRGJ3UnYyRk5vcFJvYTdqamdTbks2RXVoalJZdGlqd00vZEYxWXcyU0xsOHUwdE9LdDBUUU1yM3BYZ1FXQTZxeVVQa05lVVpYaFBNNFRHUE9pSVdyYU1adlAzM3BtQ1dpM0w5eVlmNEJxd1RwZUNadDdkL25qRmYzaEFteUN2R2tkM01pdStzZTh6Y2E5QWxIR3UxSTRtTU1MVi82aXhSS2NtMXBFM2RCK2xVUUxIbXFJeURmQkVzWUx5WUpXYXBWbjgxZGZiS3ltQlBRK0lvUEVwemRmNHhDNHloUHBRcFZoVWtqbFBUejBHdVNadk4yRkVVQmEvL1dHR0pOWUk1WmszM2crVGRGT2pNUlM4QWFna0I2ekhrazQrMHIwcHFyNzJmVzZGMHh2V3I2dElxZUwxemJEam5rRi9OZTlKWDBOclBpZzQySUl2U0toMjdvZnBCTkErUFUwdmpMWXdXbktlWFY1RmExTk1sdnZyb0xEUUg3RWxVMGROWklJdVRScmVCWEx6dUNua3NITXpSSktOMXhWUVY1VHZBSDVGSkVMOHdqenhCRlIzL3EvYXByblB6MlZUN2pLVmhzOXZBc241M2RMWEhsd1N6OGsxMUNFNDUzQlR0RXl2RWh5aS8rYW1zSFhIUmpkZG90cStaU0ZuV05tRUZ1QmRtbXRoV2U5TDNzNi9iR1NadFBTWlJwZTA1K1B0TDVyNXZuZFVRTTBSTXJsQi8ycWRvYXdFdnhUOVFuWXNDVUJSV01kY0lGYjdTRlNZdTFrQW9LMDFZVG0vbzR5Qno0OFZJeEdDOVIwQWZqcGJtYUVidW5Wc3dIRVQwNndqSUVQbTFRdkFYN21DTUg2ZG5LVUVzTEgwMU1PVW1kdmdtNXhrUnRiYVlRVVVOTDhsc2ZPMWppWE9qci9NNjZXY1dWYlpXdUNZN2pma29sdk5PM2tnPT0%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine&fp=6a95b942a7ec833b7747f62ce94ceccf HTTP 302
    https://adsh0wpr0.site/cxzzl4k.php?key=jf7x0fmh4hkcma1t98z7&cpv=0.010&subid=1429169546&kw=.us.01.desktop.nonadult.windows.chrome HTTP 302
    https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_1429169546&clickid=1aa38fnqdy9a7947&t2=90 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://ozon.ozon.avito.avito.pay.j4fyug5dtld8d2o.vpn.melbet-link.com/ HTTP 301
  • https://melbetsport.club/
Request Chain 1
  • https://melbetsport.club/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTcwMjQ1NjAzMiwiaWF0IjoxNzAyNDQ4ODMyLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydWc1MGNiM2czYWxoMXN2bDAwbDR0aTkiLCJuYmYiOjE3MDI0NDg4MzIsInRzIjoxNzAyNDQ4ODMyMTk4OTkzfQ.hzn2CJib0OfuYd2e_2QU9reoOnc0ymQRL9ZhF1mCGTc&sid=a66b4af3-9980-11ee-b3e4-c85550b8918a HTTP 302
  • http://btdnav.com/click?data=T0VWQkhESTR4aUJGRDJhWGgyZ1ZSX254aWJLODRDSXR5cElWY0tpdTRXakpPVDJCZGcxTWctUUJ5ekpDQkZRWFVVVFVFRXNiWEJEM2VldENsNkZEZWVOcWFXejRYZHluWm8tVlIxWnBacW42UlFhZTU2cjQ3UktNcHpHVWl5Z2VXSURyZVRkV0QyMDlUREV1WjN3ZElBMg2&id=5631d51d-c0fe-4a79-a13b-6460528d7b1b
Request Chain 2
  • http://btdnav.com/Redirect/ HTTP 302
  • http://www.toromclick.com/feed/click/?t1=128&tid=753&uid=191&subid=melbetsport.club&id=4b2a49c80d996139a1944c6393a6fd74:d317acc88a54b821861bc6d5ccd142a1870cd0f5f765a3b0f3ca7ee3fdb44c50c7b795364538ab0ff8a2dec69faf01b4067dc3876db41dc4c985435ad1ef6caf8af79377768f8b74d1d24a01e9340ddd0c1641b025bdd2765d76dc15e936c8dedbd73b93a65dcb618d30ab9e71d429b161d44c6a7e51c242992631d3bbb73b1f321ab6679aa7e3ec0117559d91603b8a36765cf6af6698f2cf339f6c9e79a292146203a94e037255c73357d5b6171ac87860220c7b0950215afc828ebbf842e5938753604c06af505b6242662e03c7dad365eea11c94b559fec2390da63c1083cec72e792ae712b63dec034d134b367d5b754244bbd0a4ecf078c8a85147aab1f282e87697f4182c93311adc38550abbd71310cda81959fe646f984b489f5f388cf78330fa233c4cab53e0b729365c93931384e140622c34c639d1c719d9037981327a1e92537f5d24927ba23e0b93f289cb03e4f8ad1f71a30aa1890a1bc36b3c63036f3304fe62e8f8d48ecc35002e2e0435b617a6fb4616eebccda272caa81b42af0580ed07f38136005715bd734481ac3eed41c82946ff0bf75788274700ea0245d1900583d4d9e0201c98c3bd5e94b5b5ebe6caaa7064f24061b6ded71b5b865145352bb12cbbd7480b3909da70fa76130c837166a1b8b299166a0309ac HTTP 302
  • http://264.litecher.xyz/match-264/87927/232533061/1702449474/mf_40ac2df8-2799-4062-9806-716664e430ae/YXBpeDY5LTc1M21lbGJldHNwb3J0LmNsdWJ8MTcwMjQ0OTQ3NC42MDk2ODEtMjMyNTMzMDYxLTg3OTI3/feed
Request Chain 3
  • http://264.litecher.xyz/match-264/87927/232533061/1702449474/mf_40ac2df8-2799-4062-9806-716664e430ae/YXBpeDY5LTc1M21lbGJldHNwb3J0LmNsdWJ8MTcwMjQ0OTQ3NC42MDk2ODEtMjMyNTMzMDYxLTg3OTI3 HTTP 302
  • https://www.clkmg.com/qvikar/SANORTON/apix69-753melbetsport.club HTTP 302
  • https://www.clkmg.com/redir.cgi?url=http%3a%2f%2fnordvpnserver.com&pixel=0&lidc=1540193172
Request Chain 4
  • http://nordvpnserver.com/ HTTP 302
  • http://angossa.com/r2.php?e=93LAAVDkyTX4rbN%2FR2L%2F3n49fk42d3ZZVE1YK0VFSUlyTCs2em85OVc5d2NCYi9vMGRCTlpJYThnc2VEU1RZRGxNVVgzZS9VWnRzWTJaVXhuTklyejNhcDZ0SFRaSnVTazJlMi9yWVpnTFc0VXEzVWxORzVFbzkvRUczRWZ1a3BISjVIQ3Z6MGdhMDN2dnRXUWRtV3RTbnVhQU45bzdmRWVYQmZRVGpWdWJUR1ZmdlkzT0h3amJiTGlPeTJlMm1tc1BBckdPM011N01OcC9RSVVaaWNmWERKbHplOHZhd2RNVGxpZjVQOHBMSUJGbm4wcWYxMmpRajVxTUovbXZ3NFVlOXhKZnJRSzZRV2xwL0VINm8vcDk1bHJ6dXExNGZxVFRXaEdqODRoeGVlRnR4UHVCQnNBSVlGRkNEQ0ZyVTdaNWRqT2dBKytuc3M0dXM1aVNkOXd2dnFlQzJSMWd0bGlyN0xHVU41c0hzdG1YTDgxWitIQ3FpTCtPTmdObDJKNUdITGIva0JrZnlITm5iM1F6NnFiSmtabHhPQnRBTnJVTWk0aTRoRVZ1d3Z1TFA2Z3czS0t5LzV3ckhtUTVVMFZtSjQxbkhyeEdXZVRHalJmOFBkajBJd0h6N3VnT0c4aDYyNmsxRzNkWnlhRml1OGVOUjdzNU5RTW5zVE1aMENjYTFrcTM2dW8zTDBPQzFrUjNiUy9NcStMdDNYYlJFV2U3dXpTS3NSNzhuWmlQMUVSd2Iwa2tEQ1FnQXdUbmVKcThWMmpwcjBBVnRJbDNCUE5sQzd5ZFplMFhKWGpENTgyU2U1Q2U0dW5VMytXVWRNdFdCMHVuOWFDMm1KR28ySWJoeWRFRnNuNzRoMGg1Z1YwempxczBEUVU1aDFEc1o5bkIwYVJyRDd3WDBJWm5BVm0zdGJDNG5ZQlRLMHR2UktYYS8rS1ZhSFc3Q1YxUjVzd3l0MmZQZkZPS2hWM1JCR3MzQkZOa0wza1Q5bVFySG55YitUenl5L1ZkWEtpb3dkNjRaMXM3VXYzQmJNS25YTzMwdnBZM3psUjdZWk45S3ludnkvWE5FcUVCMUNYU2RpRzRMTk5ZanRMWkhnYW1vRHF0MDJneGtXMldRVThKVVFSOEo0eklCc0p0U2llb3RyZG4reWJteHQybXRQNWpRaWVqUXBQNWhQcUR6aUNvaTJYQ0RnZGpUdDM1cEszYlN6eHRz

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
melbetsport.club/
Redirect Chain
  • https://ozon.ozon.avito.avito.pay.j4fyug5dtld8d2o.vpn.melbet-link.com/
  • https://melbetsport.club/
478 B
760 B 		Document
General
Check archive.org
Download Go to
Full URL
https://melbetsport.club/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.152.214.30 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
204.152.214.30.static.rivalserver.com
Software
Cowboy /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control
max-age=0, private, must-revalidate
content-length
478
content-type
text/html; charset=utf-8
date
Wed, 13 Dec 2023 06:27:11 GMT
server
Cowboy

Redirect headers

content-encoding
br
content-security-policy
upgrade-insecure-requests;
content-type
text/html; charset=iso-8859-1
date
Wed, 13 Dec 2023 06:37:53 GMT
location
https://melbetsport.club/
server
ddos-guard
strict-transport-security
max-age=31536000; preload
vary
Accept-Encoding
click
btdnav.com/
Redirect Chain
  • https://melbetsport.club/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTcwMjQ1NjAzMiwiaWF0IjoxNzAyNDQ4ODMyLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydWc1MGNiM2czYWxoMXN2bD...
  • http://btdnav.com/click?data=T0VWQkhESTR4aUJGRDJhWGgyZ1ZSX254aWJLODRDSXR5cElWY0tpdTRXakpPVDJCZGcxTWctUUJ5ekpDQkZRWFVVVFVFRXNiWEJEM2VldENsNkZEZWVOcWFXejRYZHluWm8tVlIxWnBacW42UlFhZTU2cjQ3UktNcHpHVWl5...
5 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://btdnav.com/click?data=T0VWQkhESTR4aUJGRDJhWGgyZ1ZSX254aWJLODRDSXR5cElWY0tpdTRXakpPVDJCZGcxTWctUUJ5ekpDQkZRWFVVVFVFRXNiWEJEM2VldENsNkZEZWVOcWFXejRYZHluWm8tVlIxWnBacW42UlFhZTU2cjQ3UktNcHpHVWl5Z2VXSURyZVRkV0QyMDlUREV1WjN3ZElBMg2&id=5631d51d-c0fe-4a79-a13b-6460528d7b1b
Requested by
Host: melbetsport.club
URL: https://melbetsport.club/
Protocol
HTTP/1.1
Server
192.99.158.241 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip241.ip-192-99-158.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer
https://melbetsport.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
*
Cache-Control
private
Content-Length
5470
Content-Type
text/html; charset=utf-8
Date
Wed, 13 Dec 2023 06:35:18 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Powered-By
ASP.NET

Redirect headers

cache-control
max-age=0, private, must-revalidate
content-length
11
date
Wed, 13 Dec 2023 06:27:11 GMT
location
http://btdnav.com/click?data=T0VWQkhESTR4aUJGRDJhWGgyZ1ZSX254aWJLODRDSXR5cElWY0tpdTRXakpPVDJCZGcxTWctUUJ5ekpDQkZRWFVVVFVFRXNiWEJEM2VldENsNkZEZWVOcWFXejRYZHluWm8tVlIxWnBacW42UlFhZTU2cjQ3UktNcHpHVWl5Z2VXSURyZVRkV0QyMDlUREV1WjN3ZElBMg2&id=5631d51d-c0fe-4a79-a13b-6460528d7b1b
server
Cowboy
feed
264.litecher.xyz/match-264/87927/232533061/1702449474/mf_40ac2df8-2799-4062-9806-716664e430ae/YXBpeDY5LTc1M21lbGJldHNwb3J0LmNsdWJ8MTcwMjQ0OTQ3NC42MDk2ODEtMjMyNTMzMDYxLTg3OTI3/
Redirect Chain
  • http://btdnav.com/Redirect/
  • http://www.toromclick.com/feed/click/?t1=128&tid=753&uid=191&subid=melbetsport.club&id=4b2a49c80d996139a1944c6393a6fd74:d317acc88a54b821861bc6d5ccd142a1870cd0f5f765a3b0f3ca7ee3fdb44c50c7b795364538a...
  • http://264.litecher.xyz/match-264/87927/232533061/1702449474/mf_40ac2df8-2799-4062-9806-716664e430ae/YXBpeDY5LTc1M21lbGJldHNwb3J0LmNsdWJ8MTcwMjQ0OTQ3NC42MDk2ODEtMjMyNTMzMDYxLTg3OTI3/feed
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://264.litecher.xyz/match-264/87927/232533061/1702449474/mf_40ac2df8-2799-4062-9806-716664e430ae/YXBpeDY5LTc1M21lbGJldHNwb3J0LmNsdWJ8MTcwMjQ0OTQ3NC42MDk2ODEtMjMyNTMzMDYxLTg3OTI3/feed
Protocol
HTTP/1.1
Server
104.200.67.55 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
aamhc-umc.info
Software
nginx/1.14.2 /
Resource Hash

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
http://btdnav.com
Referer
http://btdnav.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Wed, 13 Dec 2023 06:37:55 GMT
server
nginx/1.14.2
transfer-encoding
chunked

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
416
Content-Type
text/html; charset=utf-8
Date
Wed, 13 Dec 2023 06:37:55 GMT
Expires
0
Keep-Alive
timeout=5
Location
http://264.litecher.xyz/match-264/87927/232533061/1702449474/mf_40ac2df8-2799-4062-9806-716664e430ae/YXBpeDY5LTc1M21lbGJldHNwb3J0LmNsdWJ8MTcwMjQ0OTQ3NC42MDk2ODEtMjMyNTMzMDYxLTg3OTI3/feed
Surrogate-Control
no-store
Vary
Accept
X-Powered-By
Express
redir.cgi
www.clkmg.com/
Redirect Chain
  • http://264.litecher.xyz/match-264/87927/232533061/1702449474/mf_40ac2df8-2799-4062-9806-716664e430ae/YXBpeDY5LTc1M21lbGJldHNwb3J0LmNsdWJ8MTcwMjQ0OTQ3NC42MDk2ODEtMjMyNTMzMDYxLTg3OTI3
  • https://www.clkmg.com/qvikar/SANORTON/apix69-753melbetsport.club
  • https://www.clkmg.com/redir.cgi?url=http%3a%2f%2fnordvpnserver.com&pixel=0&lidc=1540193172
116 B
810 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.clkmg.com/redir.cgi?url=http%3a%2f%2fnordvpnserver.com&pixel=0&lidc=1540193172
Requested by
Host: melbetsport.club
URL: https://melbetsport.club/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.97.212.250 San Jose, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
fa.d4.6132.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://264.litecher.xyz/match-264/87927/232533061/1702449474/mf_40ac2df8-2799-4062-9806-716664e430ae/YXBpeDY5LTc1M21lbGJldHNwb3J0LmNsdWJ8MTcwMjQ0OTQ3NC42MDk2ODEtMjMyNTMzMDYxLTg3OTI3/feed
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
undefined-origin
Access-Control-Max-Age
300
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 13 Dec 2023 06:37:56 GMT
P3P
CP="This is not a P3P policy! See http://www.clkmg.com for more info."
Server
nginx
Transfer-Encoding
chunked
X-CM-FE
httpfe-01.clickmagick.com
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
1; mode=block

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
undefined-origin
Access-Control-Max-Age
300
Connection
keep-alive
Content-Length
282
Content-Type
text/html; charset=iso-8859-1
Date
Wed, 13 Dec 2023 06:37:56 GMT
Location
https://www.clkmg.com/redir.cgi?url=http%3a%2f%2fnordvpnserver.com&pixel=0&lidc=1540193172
P3P
CP="This is not a P3P policy! See https://www.clkmg.com for more info."
Server
nginx
X-CM-FE
httpfe-01.clickmagick.com
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
1; mode=block
r2.php
angossa.com/
Redirect Chain
  • http://nordvpnserver.com/
  • http://angossa.com/r2.php?e=93LAAVDkyTX4rbN%2FR2L%2F3n49fk42d3ZZVE1YK0VFSUlyTCs2em85OVc5d2NCYi9vMGRCTlpJYThnc2VEU1RZRGxNVVgzZS9VWnRzWTJaVXhuTklyejNhcDZ0SFRaSnVTazJlMi9yWVpnTFc0VXEzVWxORzVFbzkvRUczR...
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://angossa.com/r2.php?e=93LAAVDkyTX4rbN%2FR2L%2F3n49fk42d3ZZVE1YK0VFSUlyTCs2em85OVc5d2NCYi9vMGRCTlpJYThnc2VEU1RZRGxNVVgzZS9VWnRzWTJaVXhuTklyejNhcDZ0SFRaSnVTazJlMi9yWVpnTFc0VXEzVWxORzVFbzkvRUczRWZ1a3BISjVIQ3Z6MGdhMDN2dnRXUWRtV3RTbnVhQU45bzdmRWVYQmZRVGpWdWJUR1ZmdlkzT0h3amJiTGlPeTJlMm1tc1BBckdPM011N01OcC9RSVVaaWNmWERKbHplOHZhd2RNVGxpZjVQOHBMSUJGbm4wcWYxMmpRajVxTUovbXZ3NFVlOXhKZnJRSzZRV2xwL0VINm8vcDk1bHJ6dXExNGZxVFRXaEdqODRoeGVlRnR4UHVCQnNBSVlGRkNEQ0ZyVTdaNWRqT2dBKytuc3M0dXM1aVNkOXd2dnFlQzJSMWd0bGlyN0xHVU41c0hzdG1YTDgxWitIQ3FpTCtPTmdObDJKNUdITGIva0JrZnlITm5iM1F6NnFiSmtabHhPQnRBTnJVTWk0aTRoRVZ1d3Z1TFA2Z3czS0t5LzV3ckhtUTVVMFZtSjQxbkhyeEdXZVRHalJmOFBkajBJd0h6N3VnT0c4aDYyNmsxRzNkWnlhRml1OGVOUjdzNU5RTW5zVE1aMENjYTFrcTM2dW8zTDBPQzFrUjNiUy9NcStMdDNYYlJFV2U3dXpTS3NSNzhuWmlQMUVSd2Iwa2tEQ1FnQXdUbmVKcThWMmpwcjBBVnRJbDNCUE5sQzd5ZFplMFhKWGpENTgyU2U1Q2U0dW5VMytXVWRNdFdCMHVuOWFDMm1KR28ySWJoeWRFRnNuNzRoMGg1Z1YwempxczBEUVU1aDFEc1o5bkIwYVJyRDd3WDBJWm5BVm0zdGJDNG5ZQlRLMHR2UktYYS8rS1ZhSFc3Q1YxUjVzd3l0MmZQZkZPS2hWM1JCR3MzQkZOa0wza1Q5bVFySG55YitUenl5L1ZkWEtpb3dkNjRaMXM3VXYzQmJNS25YTzMwdnBZM3psUjdZWk45S3ludnkvWE5FcUVCMUNYU2RpRzRMTk5ZanRMWkhnYW1vRHF0MDJneGtXMldRVThKVVFSOEo0eklCc0p0U2llb3RyZG4reWJteHQybXRQNWpRaWVqUXBQNWhQcUR6aUNvaTJYQ0RnZGpUdDM1cEszYlN6eHRz
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache /
Resource Hash
74f71c81970e431b395f03aa652f045a9f6bf397352df93908a35a1f5210cf25

Request headers

Referer
https://www.clkmg.com/redir.cgi?url=http%3a%2f%2fnordvpnserver.com&pixel=0&lidc=1540193172
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

connection
close
content-encoding
gzip
content-length
2568
content-type
text/html; charset=UTF-8
date
Wed, 13 Dec 2023 06:37:57 GMT
server
Apache
vary
Accept-Encoding

Redirect headers

connection
close
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 13 Dec 2023 06:37:56 GMT
location
http://angossa.com/r2.php?e=93LAAVDkyTX4rbN%2FR2L%2F3n49fk42d3ZZVE1YK0VFSUlyTCs2em85OVc5d2NCYi9vMGRCTlpJYThnc2VEU1RZRGxNVVgzZS9VWnRzWTJaVXhuTklyejNhcDZ0SFRaSnVTazJlMi9yWVpnTFc0VXEzVWxORzVFbzkvRUczRWZ1a3BISjVIQ3Z6MGdhMDN2dnRXUWRtV3RTbnVhQU45bzdmRWVYQmZRVGpWdWJUR1ZmdlkzT0h3amJiTGlPeTJlMm1tc1BBckdPM011N01OcC9RSVVaaWNmWERKbHplOHZhd2RNVGxpZjVQOHBMSUJGbm4wcWYxMmpRajVxTUovbXZ3NFVlOXhKZnJRSzZRV2xwL0VINm8vcDk1bHJ6dXExNGZxVFRXaEdqODRoeGVlRnR4UHVCQnNBSVlGRkNEQ0ZyVTdaNWRqT2dBKytuc3M0dXM1aVNkOXd2dnFlQzJSMWd0bGlyN0xHVU41c0hzdG1YTDgxWitIQ3FpTCtPTmdObDJKNUdITGIva0JrZnlITm5iM1F6NnFiSmtabHhPQnRBTnJVTWk0aTRoRVZ1d3Z1TFA2Z3czS0t5LzV3ckhtUTVVMFZtSjQxbkhyeEdXZVRHalJmOFBkajBJd0h6N3VnT0c4aDYyNmsxRzNkWnlhRml1OGVOUjdzNU5RTW5zVE1aMENjYTFrcTM2dW8zTDBPQzFrUjNiUy9NcStMdDNYYlJFV2U3dXpTS3NSNzhuWmlQMUVSd2Iwa2tEQ1FnQXdUbmVKcThWMmpwcjBBVnRJbDNCUE5sQzd5ZFplMFhKWGpENTgyU2U1Q2U0dW5VMytXVWRNdFdCMHVuOWFDMm1KR28ySWJoeWRFRnNuNzRoMGg1Z1YwempxczBEUVU1aDFEc1o5bkIwYVJyRDd3WDBJWm5BVm0zdGJDNG5ZQlRLMHR2UktYYS8rS1ZhSFc3Q1YxUjVzd3l0MmZQZkZPS2hWM1JCR3MzQkZOa0wza1Q5bVFySG55YitUenl5L1ZkWEtpb3dkNjRaMXM3VXYzQmJNS25YTzMwdnBZM3psUjdZWk45S3ludnkvWE5FcUVCMUNYU2RpRzRMTk5ZanRMWkhnYW1vRHF0MDJneGtXMldRVThKVVFSOEo0eklCc0p0U2llb3RyZG4reWJteHQybXRQNWpRaWVqUXBQNWhQcUR6aUNvaTJYQ0RnZGpUdDM1cEszYlN6eHRz
server
Apache
jscheck.js
angossa.com/javascript/ 		927 B
706 B 		Script
General
Check archive.org
Download Go to
Full URL
http://angossa.com/javascript/jscheck.js
Requested by
Host: angossa.com
URL: http://angossa.com/r2.php?e=93LAAVDkyTX4rbN%2FR2L%2F3n49fk42d3ZZVE1YK0VFSUlyTCs2em85OVc5d2NCYi9vMGRCTlpJYThnc2VEU1RZRGxNVVgzZS9VWnRzWTJaVXhuTklyejNhcDZ0SFRaSnVTazJlMi9yWVpnTFc0VXEzVWxORzVFbzkvRUczRWZ1a3BISjVIQ3Z6MGdhMDN2dnRXUWRtV3RTbnVhQU45bzdmRWVYQmZRVGpWdWJUR1ZmdlkzT0h3amJiTGlPeTJlMm1tc1BBckdPM011N01OcC9RSVVaaWNmWERKbHplOHZhd2RNVGxpZjVQOHBMSUJGbm4wcWYxMmpRajVxTUovbXZ3NFVlOXhKZnJRSzZRV2xwL0VINm8vcDk1bHJ6dXExNGZxVFRXaEdqODRoeGVlRnR4UHVCQnNBSVlGRkNEQ0ZyVTdaNWRqT2dBKytuc3M0dXM1aVNkOXd2dnFlQzJSMWd0bGlyN0xHVU41c0hzdG1YTDgxWitIQ3FpTCtPTmdObDJKNUdITGIva0JrZnlITm5iM1F6NnFiSmtabHhPQnRBTnJVTWk0aTRoRVZ1d3Z1TFA2Z3czS0t5LzV3ckhtUTVVMFZtSjQxbkhyeEdXZVRHalJmOFBkajBJd0h6N3VnT0c4aDYyNmsxRzNkWnlhRml1OGVOUjdzNU5RTW5zVE1aMENjYTFrcTM2dW8zTDBPQzFrUjNiUy9NcStMdDNYYlJFV2U3dXpTS3NSNzhuWmlQMUVSd2Iwa2tEQ1FnQXdUbmVKcThWMmpwcjBBVnRJbDNCUE5sQzd5ZFplMFhKWGpENTgyU2U1Q2U0dW5VMytXVWRNdFdCMHVuOWFDMm1KR28ySWJoeWRFRnNuNzRoMGg1Z1YwempxczBEUVU1aDFEc1o5bkIwYVJyRDd3WDBJWm5BVm0zdGJDNG5ZQlRLMHR2UktYYS8rS1ZhSFc3Q1YxUjVzd3l0MmZQZkZPS2hWM1JCR3MzQkZOa0wza1Q5bVFySG55YitUenl5L1ZkWEtpb3dkNjRaMXM3VXYzQmJNS25YTzMwdnBZM3psUjdZWk45S3ludnkvWE5FcUVCMUNYU2RpRzRMTk5ZanRMWkhnYW1vRHF0MDJneGtXMldRVThKVVFSOEo0eklCc0p0U2llb3RyZG4reWJteHQybXRQNWpRaWVqUXBQNWhQcUR6aUNvaTJYQ0RnZGpUdDM1cEszYlN6eHRz
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache /
Resource Hash
02442cca87680cfbeeb93d90b6a399ede1ed07e3309722c90b6cc9c278700323

Request headers

accept-language
en-US,en;q=0.9
Referer
http://angossa.com/r2.php?e=93LAAVDkyTX4rbN%2FR2L%2F3n49fk42d3ZZVE1YK0VFSUlyTCs2em85OVc5d2NCYi9vMGRCTlpJYThnc2VEU1RZRGxNVVgzZS9VWnRzWTJaVXhuTklyejNhcDZ0SFRaSnVTazJlMi9yWVpnTFc0VXEzVWxORzVFbzkvRUczRWZ1a3BISjVIQ3Z6MGdhMDN2dnRXUWRtV3RTbnVhQU45bzdmRWVYQmZRVGpWdWJUR1ZmdlkzT0h3amJiTGlPeTJlMm1tc1BBckdPM011N01OcC9RSVVaaWNmWERKbHplOHZhd2RNVGxpZjVQOHBMSUJGbm4wcWYxMmpRajVxTUovbXZ3NFVlOXhKZnJRSzZRV2xwL0VINm8vcDk1bHJ6dXExNGZxVFRXaEdqODRoeGVlRnR4UHVCQnNBSVlGRkNEQ0ZyVTdaNWRqT2dBKytuc3M0dXM1aVNkOXd2dnFlQzJSMWd0bGlyN0xHVU41c0hzdG1YTDgxWitIQ3FpTCtPTmdObDJKNUdITGIva0JrZnlITm5iM1F6NnFiSmtabHhPQnRBTnJVTWk0aTRoRVZ1d3Z1TFA2Z3czS0t5LzV3ckhtUTVVMFZtSjQxbkhyeEdXZVRHalJmOFBkajBJd0h6N3VnT0c4aDYyNmsxRzNkWnlhRml1OGVOUjdzNU5RTW5zVE1aMENjYTFrcTM2dW8zTDBPQzFrUjNiUy9NcStMdDNYYlJFV2U3dXpTS3NSNzhuWmlQMUVSd2Iwa2tEQ1FnQXdUbmVKcThWMmpwcjBBVnRJbDNCUE5sQzd5ZFplMFhKWGpENTgyU2U1Q2U0dW5VMytXVWRNdFdCMHVuOWFDMm1KR28ySWJoeWRFRnNuNzRoMGg1Z1YwempxczBEUVU1aDFEc1o5bkIwYVJyRDd3WDBJWm5BVm0zdGJDNG5ZQlRLMHR2UktYYS8rS1ZhSFc3Q1YxUjVzd3l0MmZQZkZPS2hWM1JCR3MzQkZOa0wza1Q5bVFySG55YitUenl5L1ZkWEtpb3dkNjRaMXM3VXYzQmJNS25YTzMwdnBZM3psUjdZWk45S3ludnkvWE5FcUVCMUNYU2RpRzRMTk5ZanRMWkhnYW1vRHF0MDJneGtXMldRVThKVVFSOEo0eklCc0p0U2llb3RyZG4reWJteHQybXRQNWpRaWVqUXBQNWhQcUR6aUNvaTJYQ0RnZGpUdDM1cEszYlN6eHRz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 06:37:57 GMT
content-encoding
gzip
last-modified
Fri, 10 Nov 2023 00:39:11 GMT
server
Apache
etag
"39f-609c18c8309c0-gzip"
vary
Accept-Encoding
content-type
application/javascript
connection
close
accept-ranges
bytes
content-length
409
swfobject.js
angossa.com/javascript/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://angossa.com/javascript/swfobject.js
Requested by
Host: angossa.com
URL: http://angossa.com/r2.php?e=93LAAVDkyTX4rbN%2FR2L%2F3n49fk42d3ZZVE1YK0VFSUlyTCs2em85OVc5d2NCYi9vMGRCTlpJYThnc2VEU1RZRGxNVVgzZS9VWnRzWTJaVXhuTklyejNhcDZ0SFRaSnVTazJlMi9yWVpnTFc0VXEzVWxORzVFbzkvRUczRWZ1a3BISjVIQ3Z6MGdhMDN2dnRXUWRtV3RTbnVhQU45bzdmRWVYQmZRVGpWdWJUR1ZmdlkzT0h3amJiTGlPeTJlMm1tc1BBckdPM011N01OcC9RSVVaaWNmWERKbHplOHZhd2RNVGxpZjVQOHBMSUJGbm4wcWYxMmpRajVxTUovbXZ3NFVlOXhKZnJRSzZRV2xwL0VINm8vcDk1bHJ6dXExNGZxVFRXaEdqODRoeGVlRnR4UHVCQnNBSVlGRkNEQ0ZyVTdaNWRqT2dBKytuc3M0dXM1aVNkOXd2dnFlQzJSMWd0bGlyN0xHVU41c0hzdG1YTDgxWitIQ3FpTCtPTmdObDJKNUdITGIva0JrZnlITm5iM1F6NnFiSmtabHhPQnRBTnJVTWk0aTRoRVZ1d3Z1TFA2Z3czS0t5LzV3ckhtUTVVMFZtSjQxbkhyeEdXZVRHalJmOFBkajBJd0h6N3VnT0c4aDYyNmsxRzNkWnlhRml1OGVOUjdzNU5RTW5zVE1aMENjYTFrcTM2dW8zTDBPQzFrUjNiUy9NcStMdDNYYlJFV2U3dXpTS3NSNzhuWmlQMUVSd2Iwa2tEQ1FnQXdUbmVKcThWMmpwcjBBVnRJbDNCUE5sQzd5ZFplMFhKWGpENTgyU2U1Q2U0dW5VMytXVWRNdFdCMHVuOWFDMm1KR28ySWJoeWRFRnNuNzRoMGg1Z1YwempxczBEUVU1aDFEc1o5bkIwYVJyRDd3WDBJWm5BVm0zdGJDNG5ZQlRLMHR2UktYYS8rS1ZhSFc3Q1YxUjVzd3l0MmZQZkZPS2hWM1JCR3MzQkZOa0wza1Q5bVFySG55YitUenl5L1ZkWEtpb3dkNjRaMXM3VXYzQmJNS25YTzMwdnBZM3psUjdZWk45S3ludnkvWE5FcUVCMUNYU2RpRzRMTk5ZanRMWkhnYW1vRHF0MDJneGtXMldRVThKVVFSOEo0eklCc0p0U2llb3RyZG4reWJteHQybXRQNWpRaWVqUXBQNWhQcUR6aUNvaTJYQ0RnZGpUdDM1cEszYlN6eHRz
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache /
Resource Hash
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed

Request headers

accept-language
en-US,en;q=0.9
Referer
http://angossa.com/r2.php?e=93LAAVDkyTX4rbN%2FR2L%2F3n49fk42d3ZZVE1YK0VFSUlyTCs2em85OVc5d2NCYi9vMGRCTlpJYThnc2VEU1RZRGxNVVgzZS9VWnRzWTJaVXhuTklyejNhcDZ0SFRaSnVTazJlMi9yWVpnTFc0VXEzVWxORzVFbzkvRUczRWZ1a3BISjVIQ3Z6MGdhMDN2dnRXUWRtV3RTbnVhQU45bzdmRWVYQmZRVGpWdWJUR1ZmdlkzT0h3amJiTGlPeTJlMm1tc1BBckdPM011N01OcC9RSVVaaWNmWERKbHplOHZhd2RNVGxpZjVQOHBMSUJGbm4wcWYxMmpRajVxTUovbXZ3NFVlOXhKZnJRSzZRV2xwL0VINm8vcDk1bHJ6dXExNGZxVFRXaEdqODRoeGVlRnR4UHVCQnNBSVlGRkNEQ0ZyVTdaNWRqT2dBKytuc3M0dXM1aVNkOXd2dnFlQzJSMWd0bGlyN0xHVU41c0hzdG1YTDgxWitIQ3FpTCtPTmdObDJKNUdITGIva0JrZnlITm5iM1F6NnFiSmtabHhPQnRBTnJVTWk0aTRoRVZ1d3Z1TFA2Z3czS0t5LzV3ckhtUTVVMFZtSjQxbkhyeEdXZVRHalJmOFBkajBJd0h6N3VnT0c4aDYyNmsxRzNkWnlhRml1OGVOUjdzNU5RTW5zVE1aMENjYTFrcTM2dW8zTDBPQzFrUjNiUy9NcStMdDNYYlJFV2U3dXpTS3NSNzhuWmlQMUVSd2Iwa2tEQ1FnQXdUbmVKcThWMmpwcjBBVnRJbDNCUE5sQzd5ZFplMFhKWGpENTgyU2U1Q2U0dW5VMytXVWRNdFdCMHVuOWFDMm1KR28ySWJoeWRFRnNuNzRoMGg1Z1YwempxczBEUVU1aDFEc1o5bkIwYVJyRDd3WDBJWm5BVm0zdGJDNG5ZQlRLMHR2UktYYS8rS1ZhSFc3Q1YxUjVzd3l0MmZQZkZPS2hWM1JCR3MzQkZOa0wza1Q5bVFySG55YitUenl5L1ZkWEtpb3dkNjRaMXM3VXYzQmJNS25YTzMwdnBZM3psUjdZWk45S3ludnkvWE5FcUVCMUNYU2RpRzRMTk5ZanRMWkhnYW1vRHF0MDJneGtXMldRVThKVVFSOEo0eklCc0p0U2llb3RyZG4reWJteHQybXRQNWpRaWVqUXBQNWhQcUR6aUNvaTJYQ0RnZGpUdDM1cEszYlN6eHRz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 06:37:57 GMT
content-encoding
gzip
last-modified
Fri, 10 Nov 2023 00:39:11 GMT
server
Apache
etag
"27ef-609c18c8309c0-gzip"
vary
Accept-Encoding
content-type
application/javascript
connection
close
accept-ranges
bytes
content-length
3949
iife.min.js
angossa.com/javascript/fingerprint/ 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://angossa.com/javascript/fingerprint/iife.min.js
Requested by
Host: angossa.com
URL: http://angossa.com/r2.php?e=93LAAVDkyTX4rbN%2FR2L%2F3n49fk42d3ZZVE1YK0VFSUlyTCs2em85OVc5d2NCYi9vMGRCTlpJYThnc2VEU1RZRGxNVVgzZS9VWnRzWTJaVXhuTklyejNhcDZ0SFRaSnVTazJlMi9yWVpnTFc0VXEzVWxORzVFbzkvRUczRWZ1a3BISjVIQ3Z6MGdhMDN2dnRXUWRtV3RTbnVhQU45bzdmRWVYQmZRVGpWdWJUR1ZmdlkzT0h3amJiTGlPeTJlMm1tc1BBckdPM011N01OcC9RSVVaaWNmWERKbHplOHZhd2RNVGxpZjVQOHBMSUJGbm4wcWYxMmpRajVxTUovbXZ3NFVlOXhKZnJRSzZRV2xwL0VINm8vcDk1bHJ6dXExNGZxVFRXaEdqODRoeGVlRnR4UHVCQnNBSVlGRkNEQ0ZyVTdaNWRqT2dBKytuc3M0dXM1aVNkOXd2dnFlQzJSMWd0bGlyN0xHVU41c0hzdG1YTDgxWitIQ3FpTCtPTmdObDJKNUdITGIva0JrZnlITm5iM1F6NnFiSmtabHhPQnRBTnJVTWk0aTRoRVZ1d3Z1TFA2Z3czS0t5LzV3ckhtUTVVMFZtSjQxbkhyeEdXZVRHalJmOFBkajBJd0h6N3VnT0c4aDYyNmsxRzNkWnlhRml1OGVOUjdzNU5RTW5zVE1aMENjYTFrcTM2dW8zTDBPQzFrUjNiUy9NcStMdDNYYlJFV2U3dXpTS3NSNzhuWmlQMUVSd2Iwa2tEQ1FnQXdUbmVKcThWMmpwcjBBVnRJbDNCUE5sQzd5ZFplMFhKWGpENTgyU2U1Q2U0dW5VMytXVWRNdFdCMHVuOWFDMm1KR28ySWJoeWRFRnNuNzRoMGg1Z1YwempxczBEUVU1aDFEc1o5bkIwYVJyRDd3WDBJWm5BVm0zdGJDNG5ZQlRLMHR2UktYYS8rS1ZhSFc3Q1YxUjVzd3l0MmZQZkZPS2hWM1JCR3MzQkZOa0wza1Q5bVFySG55YitUenl5L1ZkWEtpb3dkNjRaMXM3VXYzQmJNS25YTzMwdnBZM3psUjdZWk45S3ludnkvWE5FcUVCMUNYU2RpRzRMTk5ZanRMWkhnYW1vRHF0MDJneGtXMldRVThKVVFSOEo0eklCc0p0U2llb3RyZG4reWJteHQybXRQNWpRaWVqUXBQNWhQcUR6aUNvaTJYQ0RnZGpUdDM1cEszYlN6eHRz
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache /
Resource Hash
c6bc28686490aba34a53ab3b709afa1fd73c21e60feb25608b09f23efe170089

Request headers

accept-language
en-US,en;q=0.9
Referer
http://angossa.com/r2.php?e=93LAAVDkyTX4rbN%2FR2L%2F3n49fk42d3ZZVE1YK0VFSUlyTCs2em85OVc5d2NCYi9vMGRCTlpJYThnc2VEU1RZRGxNVVgzZS9VWnRzWTJaVXhuTklyejNhcDZ0SFRaSnVTazJlMi9yWVpnTFc0VXEzVWxORzVFbzkvRUczRWZ1a3BISjVIQ3Z6MGdhMDN2dnRXUWRtV3RTbnVhQU45bzdmRWVYQmZRVGpWdWJUR1ZmdlkzT0h3amJiTGlPeTJlMm1tc1BBckdPM011N01OcC9RSVVaaWNmWERKbHplOHZhd2RNVGxpZjVQOHBMSUJGbm4wcWYxMmpRajVxTUovbXZ3NFVlOXhKZnJRSzZRV2xwL0VINm8vcDk1bHJ6dXExNGZxVFRXaEdqODRoeGVlRnR4UHVCQnNBSVlGRkNEQ0ZyVTdaNWRqT2dBKytuc3M0dXM1aVNkOXd2dnFlQzJSMWd0bGlyN0xHVU41c0hzdG1YTDgxWitIQ3FpTCtPTmdObDJKNUdITGIva0JrZnlITm5iM1F6NnFiSmtabHhPQnRBTnJVTWk0aTRoRVZ1d3Z1TFA2Z3czS0t5LzV3ckhtUTVVMFZtSjQxbkhyeEdXZVRHalJmOFBkajBJd0h6N3VnT0c4aDYyNmsxRzNkWnlhRml1OGVOUjdzNU5RTW5zVE1aMENjYTFrcTM2dW8zTDBPQzFrUjNiUy9NcStMdDNYYlJFV2U3dXpTS3NSNzhuWmlQMUVSd2Iwa2tEQ1FnQXdUbmVKcThWMmpwcjBBVnRJbDNCUE5sQzd5ZFplMFhKWGpENTgyU2U1Q2U0dW5VMytXVWRNdFdCMHVuOWFDMm1KR28ySWJoeWRFRnNuNzRoMGg1Z1YwempxczBEUVU1aDFEc1o5bkIwYVJyRDd3WDBJWm5BVm0zdGJDNG5ZQlRLMHR2UktYYS8rS1ZhSFc3Q1YxUjVzd3l0MmZQZkZPS2hWM1JCR3MzQkZOa0wza1Q5bVFySG55YitUenl5L1ZkWEtpb3dkNjRaMXM3VXYzQmJNS25YTzMwdnBZM3psUjdZWk45S3ludnkvWE5FcUVCMUNYU2RpRzRMTk5ZanRMWkhnYW1vRHF0MDJneGtXMldRVThKVVFSOEo0eklCc0p0U2llb3RyZG4reWJteHQybXRQNWpRaWVqUXBQNWhQcUR6aUNvaTJYQ0RnZGpUdDM1cEszYlN6eHRz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 06:37:57 GMT
content-encoding
gzip
last-modified
Fri, 10 Nov 2023 00:39:11 GMT
server
Apache
etag
"85c0-609c18c8309c0-gzip"
vary
Accept-Encoding
content-type
application/javascript
connection
close
accept-ranges
bytes
content-length
14345
jscheck.php
angossa.com/ 		0
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://angossa.com/jscheck.php?enc=%2Fmn0e4Qmc%2FeWmwxWBB9Rw349fjhlWmdNR3N4MVYwdW9kNUY2SXB4d3YvaithS1RaYlJWeFdxNGk3dnhoZVhlZ3NadHdqN0tONmUvb3pFU2xTUUkrc1J4ZXc3MzBNTFVidWpLWjZOeVZyS1lpZldpVXBXOHBaRDM5M2dRRVRGcmh0eHRTOVh6VTNoRWhCQ2JGYkF6NWoxSlZxQjJyM0pwVEk5VWpvcUxVZVpKbG5URW5mK0dNTTY1cHFNRlZ2Z1FIK0Q4bVRCbVFrWi9RTk85N3FRWE5kWVExZ2IwWWdtTHdONUhiSnl0d0VyTjl2NHd4bnZQRm54QTdpdmNObjUyRlJ2dnBQaXpDcjFQU2VwVFRJRFFWRkJrREsxVkRKRk5SLzhGc2FSY2VjTkxSeGlHUTdYNkREQ25aRzZlUXZnVE1ETmFSODhKOCtyODNLQmd5MFpZaFdjOHNzQm5xNEZHRGJ3UnYyRk5vcFJvYTdqamdTbks2RXVoalJZdGlqd00vZEYxWXcyU0xsOHUwdE9LdDBUUU1yM3BYZ1FXQTZxeVVQa05lVVpYaFBNNFRHUE9pSVdyYU1adlAzM3BtQ1dpM0w5eVlmNEJxd1RwZUNadDdkL25qRmYzaEFteUN2R2tkM01pdStzZTh6Y2E5QWxIR3UxSTRtTU1MVi82aXhSS2NtMXBFM2RCK2xVUUxIbXFJeURmQkVzWUx5WUpXYXBWbjgxZGZiS3ltQlBRK0lvUEVwemRmNHhDNHloUHBRcFZoVWtqbFBUejBHdVNadk4yRkVVQmEvL1dHR0pOWUk1WmszM2crVGRGT2pNUlM4QWFna0I2ekhrazQrMHIwcHFyNzJmVzZGMHh2V3I2dElxZUwxemJEam5rRi9OZTlKWDBOclBpZzQySUl2U0toMjdvZnBCTkErUFUwdmpMWXdXbktlWFY1RmExTk1sdnZyb0xEUUg3RWxVMGROWklJdVRScmVCWEx6dUNua3NITXpSSktOMXhWUVY1VHZBSDVGSkVMOHdqenhCRlIzL3EvYXByblB6MlZUN2pLVmhzOXZBc241M2RMWEhsd1N6OGsxMUNFNDUzQlR0RXl2RWh5aS8rYW1zSFhIUmpkZG90cStaU0ZuV05tRUZ1QmRtbXRoV2U5TDNzNi9iR1NadFBTWlJwZTA1K1B0TDVyNXZuZFVRTTBSTXJsQi8ycWRvYXdFdnhUOVFuWXNDVUJSV01kY0lGYjdTRlNZdTFrQW9LMDFZVG0vbzR5Qno0OFZJeEdDOVIwQWZqcGJtYUVidW5Wc3dIRVQwNndqSUVQbTFRdkFYN21DTUg2ZG5LVUVzTEgwMU1PVW1kdmdtNXhrUnRiYVlRVVVOTDhsc2ZPMWppWE9qci9NNjZXY1dWYlpXdUNZN2pma29sdk5PM2tnPT0%3D&rand=0.6706529407177264&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine&fp=6a95b942a7ec833b7747f62ce94ceccf
Requested by
Host: angossa.com
URL: http://angossa.com/javascript/jscheck.js
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://angossa.com/r2.php?e=93LAAVDkyTX4rbN%2FR2L%2F3n49fk42d3ZZVE1YK0VFSUlyTCs2em85OVc5d2NCYi9vMGRCTlpJYThnc2VEU1RZRGxNVVgzZS9VWnRzWTJaVXhuTklyejNhcDZ0SFRaSnVTazJlMi9yWVpnTFc0VXEzVWxORzVFbzkvRUczRWZ1a3BISjVIQ3Z6MGdhMDN2dnRXUWRtV3RTbnVhQU45bzdmRWVYQmZRVGpWdWJUR1ZmdlkzT0h3amJiTGlPeTJlMm1tc1BBckdPM011N01OcC9RSVVaaWNmWERKbHplOHZhd2RNVGxpZjVQOHBMSUJGbm4wcWYxMmpRajVxTUovbXZ3NFVlOXhKZnJRSzZRV2xwL0VINm8vcDk1bHJ6dXExNGZxVFRXaEdqODRoeGVlRnR4UHVCQnNBSVlGRkNEQ0ZyVTdaNWRqT2dBKytuc3M0dXM1aVNkOXd2dnFlQzJSMWd0bGlyN0xHVU41c0hzdG1YTDgxWitIQ3FpTCtPTmdObDJKNUdITGIva0JrZnlITm5iM1F6NnFiSmtabHhPQnRBTnJVTWk0aTRoRVZ1d3Z1TFA2Z3czS0t5LzV3ckhtUTVVMFZtSjQxbkhyeEdXZVRHalJmOFBkajBJd0h6N3VnT0c4aDYyNmsxRzNkWnlhRml1OGVOUjdzNU5RTW5zVE1aMENjYTFrcTM2dW8zTDBPQzFrUjNiUy9NcStMdDNYYlJFV2U3dXpTS3NSNzhuWmlQMUVSd2Iwa2tEQ1FnQXdUbmVKcThWMmpwcjBBVnRJbDNCUE5sQzd5ZFplMFhKWGpENTgyU2U1Q2U0dW5VMytXVWRNdFdCMHVuOWFDMm1KR28ySWJoeWRFRnNuNzRoMGg1Z1YwempxczBEUVU1aDFEc1o5bkIwYVJyRDd3WDBJWm5BVm0zdGJDNG5ZQlRLMHR2UktYYS8rS1ZhSFc3Q1YxUjVzd3l0MmZQZkZPS2hWM1JCR3MzQkZOa0wza1Q5bVFySG55YitUenl5L1ZkWEtpb3dkNjRaMXM3VXYzQmJNS25YTzMwdnBZM3psUjdZWk45S3ludnkvWE5FcUVCMUNYU2RpRzRMTk5ZanRMWkhnYW1vRHF0MDJneGtXMldRVThKVVFSOEo0eklCc0p0U2llb3RyZG4reWJteHQybXRQNWpRaWVqUXBQNWhQcUR6aUNvaTJYQ0RnZGpUdDM1cEszYlN6eHRz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 06:37:57 GMT
server
Apache
connection
close
content-length
0
content-type
text/html; charset=UTF-8
Primary Request Play.html
zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/
Redirect Chain
  • http://angossa.com/r.php?u=https%3A%2F%2Fadsh0wpr0.site%2Fcxzzl4k.php%3Fkey%3Djf7x0fmh4hkcma1t98z7%26cpv%3D0.010%26subid%3D1429169546%26kw%3D.us.01.desktop.nonadult.windows.chrome&s=j&enc=%2Fmn0e4Q...
  • https://adsh0wpr0.site/cxzzl4k.php?key=jf7x0fmh4hkcma1t98z7&cpv=0.010&subid=1429169546&kw=.us.01.desktop.nonadult.windows.chrome
  • https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_1429169546&clickid=1aa38fnqdy9a7947&t2=90
11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_1429169546&clickid=1aa38fnqdy9a7947&t2=90
Requested by
Host: angossa.com
URL: http://angossa.com/javascript/jscheck.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
161.35.82.21 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
paying-adkela.plan-3
Software
nginx/1.22.0 /
Resource Hash
fa29fd0079b20b120f3a081f783200c1b29f9c9d1b1974fbe3c6996c4f28d5d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://angossa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 13 Dec 2023 06:37:58 GMT
ETag
W/"6531403c-2b14"
Last-Modified
Thu, 19 Oct 2023 14:42:04 GMT
Server
nginx/1.22.0
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 13 Dec 2023 06:37:58 GMT
Location
https://ZuPR6K.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_1429169546&clickid=1aa38fnqdy9a7947&t2=90
Server
nginx/1.22.0
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
styles.css
zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play_files/ 		0
0
jquery-3.4.1.min.js.download
zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play_files/ 		0
0
translations.js.download
zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play_files/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
zupr6k.arsrok1tjk.com
URL
https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play_files/styles.css
Domain
zupr6k.arsrok1tjk.com
URL
https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play_files/jquery-3.4.1.min.js.download
Domain
zupr6k.arsrok1tjk.com
URL
https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play_files/translations.js.download

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

10 Cookies

Domain/Path Name / Value
.melbet-link.com/ Name: __ddg1_
Value: TQpVpqA6oC55u5S4pJzF
.melbetsport.club/ Name: sid
Value: a66b4af3-9980-11ee-b3e4-c85550b8918a
btdnav.com/ Name: YipfXvulsUUwFSu
Value: YipfXvulsUUwFSu
.clkmg.com/ Name: alc
Value: 1
.clkmg.com/ Name: lids
Value: 1743766-164061+
.clkmg.com/ Name: vid
Value: 930833435
nordvpnserver.com/ Name: __tad
Value: 1702449476.2496859
.angossa.com/ Name: __dsnsid
Value: 2023121317375613b21c3858770e6d30
adsh0wpr0.site/ Name: uclick
Value: fnqdy9a7
adsh0wpr0.site/ Name: uclickhash
Value: fnqdy9a7-fnqdy9a7-oc-ej-xs0-ho8n-howj-04a936