![](/screenshots/c6055d4d-7f60-45c3-910e-dd9faf4bab17.png)
zupr6k.arsrok1tjk.com
Open in
urlscan Pro
161.35.82.21
Public Scan
Effective URL: https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_1429169546&clickid=1aa38fnqdy9...
Submission: On December 13 via api from US — Scanned from US
Summary
TLS certificate: Issued by R3 on December 3rd 2023. Valid for: 3 months.
This is the only time zupr6k.arsrok1tjk.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 185.178.208.156 185.178.208.156 | 57724 (DDOS-GUARD) (DDOS-GUARD) | |
1 2 | 204.152.214.30 204.152.214.30 | 8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL) | |
1 2 | 192.99.158.241 192.99.158.241 | 16276 (OVH) (OVH) | |
1 1 | 142.93.240.225 142.93.240.225 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
1 2 | 104.200.67.55 104.200.67.55 | 8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL) | |
1 2 | 50.97.212.250 50.97.212.250 | 36351 (SOFTLAYER) (SOFTLAYER) | |
1 1 | 103.224.182.241 103.224.182.241 | 133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited) | |
1 6 | 103.224.182.206 103.224.182.206 | 133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited) | |
1 2 | 161.35.82.21 161.35.82.21 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
13 | 7 |
ASN57724 (DDOS-GUARD, RU)
PTR: ddos-guard.net
ozon.ozon.avito.avito.pay.j4fyug5dtld8d2o.vpn.melbet-link.com |
ASN8100 (ASN-QUADRANET-GLOBAL, US)
PTR: 204.152.214.30.static.rivalserver.com
melbetsport.club |
ASN8100 (ASN-QUADRANET-GLOBAL, US)
PTR: aamhc-umc.info
264.litecher.xyz |
ASN36351 (SOFTLAYER, US)
PTR: fa.d4.6132.ip4.static.sl-reverse.com
www.clkmg.com |
ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-241.above.com
nordvpnserver.com |
ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com
angossa.com |
ASN14061 (DIGITALOCEAN-ASN, US)
PTR: paying-adkela.plan-3
adsh0wpr0.site | |
zupr6k.arsrok1tjk.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
angossa.com
1 redirects
angossa.com — Cisco Umbrella Rank: 273432 |
22 KB |
2 |
clkmg.com
1 redirects
www.clkmg.com — Cisco Umbrella Rank: 316678 |
2 KB |
2 |
litecher.xyz
1 redirects
264.litecher.xyz |
2 KB |
2 |
btdnav.com
1 redirects
btdnav.com |
7 KB |
2 |
melbetsport.club
1 redirects
melbetsport.club |
1003 B |
1 |
arsrok1tjk.com
zupr6k.arsrok1tjk.com |
4 KB |
1 |
adsh0wpr0.site
1 redirects
adsh0wpr0.site |
635 B |
1 |
nordvpnserver.com
1 redirects
nordvpnserver.com |
1 KB |
1 |
toromclick.com
1 redirects
www.toromclick.com — Cisco Umbrella Rank: 115246 |
513 B |
1 |
melbet-link.com
1 redirects
ozon.ozon.avito.avito.pay.j4fyug5dtld8d2o.vpn.melbet-link.com |
256 B |
13 | 10 |
Domain | Requested by | |
---|---|---|
6 | angossa.com |
1 redirects
angossa.com
|
2 | www.clkmg.com |
1 redirects
melbetsport.club
|
2 | 264.litecher.xyz | 1 redirects |
2 | btdnav.com |
1 redirects
melbetsport.club
|
2 | melbetsport.club | 1 redirects |
1 | zupr6k.arsrok1tjk.com |
angossa.com
zupr6k.arsrok1tjk.com |
1 | adsh0wpr0.site | 1 redirects |
1 | nordvpnserver.com | 1 redirects |
1 | www.toromclick.com | 1 redirects |
1 | ozon.ozon.avito.avito.pay.j4fyug5dtld8d2o.vpn.melbet-link.com | 1 redirects |
13 | 10 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
melbetsport.club R3 |
2023-11-24 - 2024-02-22 |
3 months | crt.sh |
*.clkmg.com AlphaSSL CA - SHA256 - G4 |
2023-02-23 - 2024-03-26 |
a year | crt.sh |
zupr6k.arsrok1tjk.com R3 |
2023-12-03 - 2024-03-02 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_1429169546&clickid=1aa38fnqdy9a7947&t2=90
Frame ID: C1E1472DC1BC4EA433136464C4C6ECC9
Requests: 13 HTTP requests in this frame
Screenshot
![](/screenshots/c6055d4d-7f60-45c3-910e-dd9faf4bab17.png)
Page URL History Show full URLs
-
https://ozon.ozon.avito.avito.pay.j4fyug5dtld8d2o.vpn.melbet-link.com/
HTTP 301
https://melbetsport.club/ Page URL
-
https://melbetsport.club/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MT...
HTTP 302
http://btdnav.com/click?data=T0VWQkhESTR4aUJGRDJhWGgyZ1ZSX254aWJLODRDSXR5cElWY0tpdTRXakpPVDJCZ... Page URL
-
http://btdnav.com/Redirect/
HTTP 302
http://www.toromclick.com/feed/click/?t1=128&tid=753&uid=191&subid=melbetsport.club&id=4b2a49c80d99613... HTTP 302
http://264.litecher.xyz/match-264/87927/232533061/1702449474/mf_40ac2df8-2799-4062-9806-716664e430ae... Page URL
-
http://264.litecher.xyz/match-264/87927/232533061/1702449474/mf_40ac2df8-2799-4062-9806-716664e430ae...
HTTP 302
https://www.clkmg.com/qvikar/SANORTON/apix69-753melbetsport.club HTTP 302
https://www.clkmg.com/redir.cgi?url=http%3a%2f%2fnordvpnserver.com&pixel=0&lidc=1540193172 Page URL
-
http://nordvpnserver.com/
HTTP 302
http://angossa.com/r2.php?e=93LAAVDkyTX4rbN%2FR2L%2F3n49fk42d3ZZVE1YK0VFSUlyTCs2em85OVc5d2NCYi9... Page URL
-
http://angossa.com/r.php?u=https%3A%2F%2Fadsh0wpr0.site%2Fcxzzl4k.php%3Fkey%3Djf7x0fmh4hkcma1t9...
HTTP 302
https://adsh0wpr0.site/cxzzl4k.php?key=jf7x0fmh4hkcma1t98z7&cpv=0.010&subid=1429169546&kw=.us.01.de... HTTP 302
https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_1429169546... Page URL
Detected technologies
![](/vendor/wappa/icons/SWFObject.png)
Detected patterns
- swfobject.*\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://ozon.ozon.avito.avito.pay.j4fyug5dtld8d2o.vpn.melbet-link.com/
HTTP 301
https://melbetsport.club/ Page URL
-
https://melbetsport.club/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTcwMjQ1NjAzMiwiaWF0IjoxNzAyNDQ4ODMyLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydWc1MGNiM2czYWxoMXN2bDAwbDR0aTkiLCJuYmYiOjE3MDI0NDg4MzIsInRzIjoxNzAyNDQ4ODMyMTk4OTkzfQ.hzn2CJib0OfuYd2e_2QU9reoOnc0ymQRL9ZhF1mCGTc&sid=a66b4af3-9980-11ee-b3e4-c85550b8918a
HTTP 302
http://btdnav.com/click?data=T0VWQkhESTR4aUJGRDJhWGgyZ1ZSX254aWJLODRDSXR5cElWY0tpdTRXakpPVDJCZGcxTWctUUJ5ekpDQkZRWFVVVFVFRXNiWEJEM2VldENsNkZEZWVOcWFXejRYZHluWm8tVlIxWnBacW42UlFhZTU2cjQ3UktNcHpHVWl5Z2VXSURyZVRkV0QyMDlUREV1WjN3ZElBMg2&id=5631d51d-c0fe-4a79-a13b-6460528d7b1b Page URL
-
http://btdnav.com/Redirect/
HTTP 302
http://www.toromclick.com/feed/click/?t1=128&tid=753&uid=191&subid=melbetsport.club&id=4b2a49c80d996139a1944c6393a6fd74:d317acc88a54b821861bc6d5ccd142a1870cd0f5f765a3b0f3ca7ee3fdb44c50c7b795364538ab0ff8a2dec69faf01b4067dc3876db41dc4c985435ad1ef6caf8af79377768f8b74d1d24a01e9340ddd0c1641b025bdd2765d76dc15e936c8dedbd73b93a65dcb618d30ab9e71d429b161d44c6a7e51c242992631d3bbb73b1f321ab6679aa7e3ec0117559d91603b8a36765cf6af6698f2cf339f6c9e79a292146203a94e037255c73357d5b6171ac87860220c7b0950215afc828ebbf842e5938753604c06af505b6242662e03c7dad365eea11c94b559fec2390da63c1083cec72e792ae712b63dec034d134b367d5b754244bbd0a4ecf078c8a85147aab1f282e87697f4182c93311adc38550abbd71310cda81959fe646f984b489f5f388cf78330fa233c4cab53e0b729365c93931384e140622c34c639d1c719d9037981327a1e92537f5d24927ba23e0b93f289cb03e4f8ad1f71a30aa1890a1bc36b3c63036f3304fe62e8f8d48ecc35002e2e0435b617a6fb4616eebccda272caa81b42af0580ed07f38136005715bd734481ac3eed41c82946ff0bf75788274700ea0245d1900583d4d9e0201c98c3bd5e94b5b5ebe6caaa7064f24061b6ded71b5b865145352bb12cbbd7480b3909da70fa76130c837166a1b8b299166a0309ac HTTP 302
http://264.litecher.xyz/match-264/87927/232533061/1702449474/mf_40ac2df8-2799-4062-9806-716664e430ae/YXBpeDY5LTc1M21lbGJldHNwb3J0LmNsdWJ8MTcwMjQ0OTQ3NC42MDk2ODEtMjMyNTMzMDYxLTg3OTI3/feed Page URL
-
http://264.litecher.xyz/match-264/87927/232533061/1702449474/mf_40ac2df8-2799-4062-9806-716664e430ae/YXBpeDY5LTc1M21lbGJldHNwb3J0LmNsdWJ8MTcwMjQ0OTQ3NC42MDk2ODEtMjMyNTMzMDYxLTg3OTI3
HTTP 302
https://www.clkmg.com/qvikar/SANORTON/apix69-753melbetsport.club HTTP 302
https://www.clkmg.com/redir.cgi?url=http%3a%2f%2fnordvpnserver.com&pixel=0&lidc=1540193172 Page URL
-
http://nordvpnserver.com/
HTTP 302
http://angossa.com/r2.php?e=93LAAVDkyTX4rbN%2FR2L%2F3n49fk42d3ZZVE1YK0VFSUlyTCs2em85OVc5d2NCYi9vMGRCTlpJYThnc2VEU1RZRGxNVVgzZS9VWnRzWTJaVXhuTklyejNhcDZ0SFRaSnVTazJlMi9yWVpnTFc0VXEzVWxORzVFbzkvRUczRWZ1a3BISjVIQ3Z6MGdhMDN2dnRXUWRtV3RTbnVhQU45bzdmRWVYQmZRVGpWdWJUR1ZmdlkzT0h3amJiTGlPeTJlMm1tc1BBckdPM011N01OcC9RSVVaaWNmWERKbHplOHZhd2RNVGxpZjVQOHBMSUJGbm4wcWYxMmpRajVxTUovbXZ3NFVlOXhKZnJRSzZRV2xwL0VINm8vcDk1bHJ6dXExNGZxVFRXaEdqODRoeGVlRnR4UHVCQnNBSVlGRkNEQ0ZyVTdaNWRqT2dBKytuc3M0dXM1aVNkOXd2dnFlQzJSMWd0bGlyN0xHVU41c0hzdG1YTDgxWitIQ3FpTCtPTmdObDJKNUdITGIva0JrZnlITm5iM1F6NnFiSmtabHhPQnRBTnJVTWk0aTRoRVZ1d3Z1TFA2Z3czS0t5LzV3ckhtUTVVMFZtSjQxbkhyeEdXZVRHalJmOFBkajBJd0h6N3VnT0c4aDYyNmsxRzNkWnlhRml1OGVOUjdzNU5RTW5zVE1aMENjYTFrcTM2dW8zTDBPQzFrUjNiUy9NcStMdDNYYlJFV2U3dXpTS3NSNzhuWmlQMUVSd2Iwa2tEQ1FnQXdUbmVKcThWMmpwcjBBVnRJbDNCUE5sQzd5ZFplMFhKWGpENTgyU2U1Q2U0dW5VMytXVWRNdFdCMHVuOWFDMm1KR28ySWJoeWRFRnNuNzRoMGg1Z1YwempxczBEUVU1aDFEc1o5bkIwYVJyRDd3WDBJWm5BVm0zdGJDNG5ZQlRLMHR2UktYYS8rS1ZhSFc3Q1YxUjVzd3l0MmZQZkZPS2hWM1JCR3MzQkZOa0wza1Q5bVFySG55YitUenl5L1ZkWEtpb3dkNjRaMXM3VXYzQmJNS25YTzMwdnBZM3psUjdZWk45S3ludnkvWE5FcUVCMUNYU2RpRzRMTk5ZanRMWkhnYW1vRHF0MDJneGtXMldRVThKVVFSOEo0eklCc0p0U2llb3RyZG4reWJteHQybXRQNWpRaWVqUXBQNWhQcUR6aUNvaTJYQ0RnZGpUdDM1cEszYlN6eHRz Page URL
-
http://angossa.com/r.php?u=https%3A%2F%2Fadsh0wpr0.site%2Fcxzzl4k.php%3Fkey%3Djf7x0fmh4hkcma1t98z7%26cpv%3D0.010%26subid%3D1429169546%26kw%3D.us.01.desktop.nonadult.windows.chrome&s=j&enc=%2Fmn0e4Qmc%2FeWmwxWBB9Rw349fjhlWmdNR3N4MVYwdW9kNUY2SXB4d3YvaithS1RaYlJWeFdxNGk3dnhoZVhlZ3NadHdqN0tONmUvb3pFU2xTUUkrc1J4ZXc3MzBNTFVidWpLWjZOeVZyS1lpZldpVXBXOHBaRDM5M2dRRVRGcmh0eHRTOVh6VTNoRWhCQ2JGYkF6NWoxSlZxQjJyM0pwVEk5VWpvcUxVZVpKbG5URW5mK0dNTTY1cHFNRlZ2Z1FIK0Q4bVRCbVFrWi9RTk85N3FRWE5kWVExZ2IwWWdtTHdONUhiSnl0d0VyTjl2NHd4bnZQRm54QTdpdmNObjUyRlJ2dnBQaXpDcjFQU2VwVFRJRFFWRkJrREsxVkRKRk5SLzhGc2FSY2VjTkxSeGlHUTdYNkREQ25aRzZlUXZnVE1ETmFSODhKOCtyODNLQmd5MFpZaFdjOHNzQm5xNEZHRGJ3UnYyRk5vcFJvYTdqamdTbks2RXVoalJZdGlqd00vZEYxWXcyU0xsOHUwdE9LdDBUUU1yM3BYZ1FXQTZxeVVQa05lVVpYaFBNNFRHUE9pSVdyYU1adlAzM3BtQ1dpM0w5eVlmNEJxd1RwZUNadDdkL25qRmYzaEFteUN2R2tkM01pdStzZTh6Y2E5QWxIR3UxSTRtTU1MVi82aXhSS2NtMXBFM2RCK2xVUUxIbXFJeURmQkVzWUx5WUpXYXBWbjgxZGZiS3ltQlBRK0lvUEVwemRmNHhDNHloUHBRcFZoVWtqbFBUejBHdVNadk4yRkVVQmEvL1dHR0pOWUk1WmszM2crVGRGT2pNUlM4QWFna0I2ekhrazQrMHIwcHFyNzJmVzZGMHh2V3I2dElxZUwxemJEam5rRi9OZTlKWDBOclBpZzQySUl2U0toMjdvZnBCTkErUFUwdmpMWXdXbktlWFY1RmExTk1sdnZyb0xEUUg3RWxVMGROWklJdVRScmVCWEx6dUNua3NITXpSSktOMXhWUVY1VHZBSDVGSkVMOHdqenhCRlIzL3EvYXByblB6MlZUN2pLVmhzOXZBc241M2RMWEhsd1N6OGsxMUNFNDUzQlR0RXl2RWh5aS8rYW1zSFhIUmpkZG90cStaU0ZuV05tRUZ1QmRtbXRoV2U5TDNzNi9iR1NadFBTWlJwZTA1K1B0TDVyNXZuZFVRTTBSTXJsQi8ycWRvYXdFdnhUOVFuWXNDVUJSV01kY0lGYjdTRlNZdTFrQW9LMDFZVG0vbzR5Qno0OFZJeEdDOVIwQWZqcGJtYUVidW5Wc3dIRVQwNndqSUVQbTFRdkFYN21DTUg2ZG5LVUVzTEgwMU1PVW1kdmdtNXhrUnRiYVlRVVVOTDhsc2ZPMWppWE9qci9NNjZXY1dWYlpXdUNZN2pma29sdk5PM2tnPT0%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine&fp=6a95b942a7ec833b7747f62ce94ceccf
HTTP 302
https://adsh0wpr0.site/cxzzl4k.php?key=jf7x0fmh4hkcma1t98z7&cpv=0.010&subid=1429169546&kw=.us.01.desktop.nonadult.windows.chrome HTTP 302
https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_1429169546&clickid=1aa38fnqdy9a7947&t2=90 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://ozon.ozon.avito.avito.pay.j4fyug5dtld8d2o.vpn.melbet-link.com/ HTTP 301
- https://melbetsport.club/
- https://melbetsport.club/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTcwMjQ1NjAzMiwiaWF0IjoxNzAyNDQ4ODMyLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydWc1MGNiM2czYWxoMXN2bDAwbDR0aTkiLCJuYmYiOjE3MDI0NDg4MzIsInRzIjoxNzAyNDQ4ODMyMTk4OTkzfQ.hzn2CJib0OfuYd2e_2QU9reoOnc0ymQRL9ZhF1mCGTc&sid=a66b4af3-9980-11ee-b3e4-c85550b8918a HTTP 302
- http://btdnav.com/click?data=T0VWQkhESTR4aUJGRDJhWGgyZ1ZSX254aWJLODRDSXR5cElWY0tpdTRXakpPVDJCZGcxTWctUUJ5ekpDQkZRWFVVVFVFRXNiWEJEM2VldENsNkZEZWVOcWFXejRYZHluWm8tVlIxWnBacW42UlFhZTU2cjQ3UktNcHpHVWl5Z2VXSURyZVRkV0QyMDlUREV1WjN3ZElBMg2&id=5631d51d-c0fe-4a79-a13b-6460528d7b1b
- http://btdnav.com/Redirect/ HTTP 302
- http://www.toromclick.com/feed/click/?t1=128&tid=753&uid=191&subid=melbetsport.club&id=4b2a49c80d996139a1944c6393a6fd74:d317acc88a54b821861bc6d5ccd142a1870cd0f5f765a3b0f3ca7ee3fdb44c50c7b795364538ab0ff8a2dec69faf01b4067dc3876db41dc4c985435ad1ef6caf8af79377768f8b74d1d24a01e9340ddd0c1641b025bdd2765d76dc15e936c8dedbd73b93a65dcb618d30ab9e71d429b161d44c6a7e51c242992631d3bbb73b1f321ab6679aa7e3ec0117559d91603b8a36765cf6af6698f2cf339f6c9e79a292146203a94e037255c73357d5b6171ac87860220c7b0950215afc828ebbf842e5938753604c06af505b6242662e03c7dad365eea11c94b559fec2390da63c1083cec72e792ae712b63dec034d134b367d5b754244bbd0a4ecf078c8a85147aab1f282e87697f4182c93311adc38550abbd71310cda81959fe646f984b489f5f388cf78330fa233c4cab53e0b729365c93931384e140622c34c639d1c719d9037981327a1e92537f5d24927ba23e0b93f289cb03e4f8ad1f71a30aa1890a1bc36b3c63036f3304fe62e8f8d48ecc35002e2e0435b617a6fb4616eebccda272caa81b42af0580ed07f38136005715bd734481ac3eed41c82946ff0bf75788274700ea0245d1900583d4d9e0201c98c3bd5e94b5b5ebe6caaa7064f24061b6ded71b5b865145352bb12cbbd7480b3909da70fa76130c837166a1b8b299166a0309ac HTTP 302
- http://264.litecher.xyz/match-264/87927/232533061/1702449474/mf_40ac2df8-2799-4062-9806-716664e430ae/YXBpeDY5LTc1M21lbGJldHNwb3J0LmNsdWJ8MTcwMjQ0OTQ3NC42MDk2ODEtMjMyNTMzMDYxLTg3OTI3/feed
- http://264.litecher.xyz/match-264/87927/232533061/1702449474/mf_40ac2df8-2799-4062-9806-716664e430ae/YXBpeDY5LTc1M21lbGJldHNwb3J0LmNsdWJ8MTcwMjQ0OTQ3NC42MDk2ODEtMjMyNTMzMDYxLTg3OTI3 HTTP 302
- https://www.clkmg.com/qvikar/SANORTON/apix69-753melbetsport.club HTTP 302
- https://www.clkmg.com/redir.cgi?url=http%3a%2f%2fnordvpnserver.com&pixel=0&lidc=1540193172
- http://nordvpnserver.com/ HTTP 302
- http://angossa.com/r2.php?e=93LAAVDkyTX4rbN%2FR2L%2F3n49fk42d3ZZVE1YK0VFSUlyTCs2em85OVc5d2NCYi9vMGRCTlpJYThnc2VEU1RZRGxNVVgzZS9VWnRzWTJaVXhuTklyejNhcDZ0SFRaSnVTazJlMi9yWVpnTFc0VXEzVWxORzVFbzkvRUczRWZ1a3BISjVIQ3Z6MGdhMDN2dnRXUWRtV3RTbnVhQU45bzdmRWVYQmZRVGpWdWJUR1ZmdlkzT0h3amJiTGlPeTJlMm1tc1BBckdPM011N01OcC9RSVVaaWNmWERKbHplOHZhd2RNVGxpZjVQOHBMSUJGbm4wcWYxMmpRajVxTUovbXZ3NFVlOXhKZnJRSzZRV2xwL0VINm8vcDk1bHJ6dXExNGZxVFRXaEdqODRoeGVlRnR4UHVCQnNBSVlGRkNEQ0ZyVTdaNWRqT2dBKytuc3M0dXM1aVNkOXd2dnFlQzJSMWd0bGlyN0xHVU41c0hzdG1YTDgxWitIQ3FpTCtPTmdObDJKNUdITGIva0JrZnlITm5iM1F6NnFiSmtabHhPQnRBTnJVTWk0aTRoRVZ1d3Z1TFA2Z3czS0t5LzV3ckhtUTVVMFZtSjQxbkhyeEdXZVRHalJmOFBkajBJd0h6N3VnT0c4aDYyNmsxRzNkWnlhRml1OGVOUjdzNU5RTW5zVE1aMENjYTFrcTM2dW8zTDBPQzFrUjNiUy9NcStMdDNYYlJFV2U3dXpTS3NSNzhuWmlQMUVSd2Iwa2tEQ1FnQXdUbmVKcThWMmpwcjBBVnRJbDNCUE5sQzd5ZFplMFhKWGpENTgyU2U1Q2U0dW5VMytXVWRNdFdCMHVuOWFDMm1KR28ySWJoeWRFRnNuNzRoMGg1Z1YwempxczBEUVU1aDFEc1o5bkIwYVJyRDd3WDBJWm5BVm0zdGJDNG5ZQlRLMHR2UktYYS8rS1ZhSFc3Q1YxUjVzd3l0MmZQZkZPS2hWM1JCR3MzQkZOa0wza1Q5bVFySG55YitUenl5L1ZkWEtpb3dkNjRaMXM3VXYzQmJNS25YTzMwdnBZM3psUjdZWk45S3ludnkvWE5FcUVCMUNYU2RpRzRMTk5ZanRMWkhnYW1vRHF0MDJneGtXMldRVThKVVFSOEo0eklCc0p0U2llb3RyZG4reWJteHQybXRQNWpRaWVqUXBQNWhQcUR6aUNvaTJYQ0RnZGpUdDM1cEszYlN6eHRz
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
melbetsport.club/ Redirect Chain
|
478 B 760 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
click
btdnav.com/ Redirect Chain
|
5 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
feed
264.litecher.xyz/match-264/87927/232533061/1702449474/mf_40ac2df8-2799-4062-9806-716664e430ae/YXBpeDY5LTc1M21lbGJldHNwb3J0LmNsdWJ8MTcwMjQ0OTQ3NC42MDk2ODEtMjMyNTMzMDYxLTg3OTI3/ Redirect Chain
|
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
redir.cgi
www.clkmg.com/ Redirect Chain
|
116 B 810 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
r2.php
angossa.com/ Redirect Chain
|
6 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jscheck.js
angossa.com/javascript/ |
927 B 706 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
swfobject.js
angossa.com/javascript/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iife.min.js
angossa.com/javascript/fingerprint/ |
33 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jscheck.php
angossa.com/ |
0 150 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
Play.html
zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/ Redirect Chain
|
11 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
styles.css
zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play_files/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
jquery-3.4.1.min.js.download
zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play_files/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
translations.js.download
zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play_files/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- zupr6k.arsrok1tjk.com
- URL
- https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play_files/styles.css
- Domain
- zupr6k.arsrok1tjk.com
- URL
- https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play_files/jquery-3.4.1.min.js.download
- Domain
- zupr6k.arsrok1tjk.com
- URL
- https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play_files/translations.js.download
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.melbet-link.com/ | Name: __ddg1_ Value: TQpVpqA6oC55u5S4pJzF |
|
.melbetsport.club/ | Name: sid Value: a66b4af3-9980-11ee-b3e4-c85550b8918a |
|
btdnav.com/ | Name: YipfXvulsUUwFSu Value: YipfXvulsUUwFSu |
|
.clkmg.com/ | Name: alc Value: 1 |
|
.clkmg.com/ | Name: lids Value: 1743766-164061+ |
|
.clkmg.com/ | Name: vid Value: 930833435 |
|
nordvpnserver.com/ | Name: __tad Value: 1702449476.2496859 |
|
.angossa.com/ | Name: __dsnsid Value: 2023121317375613b21c3858770e6d30 |
|
adsh0wpr0.site/ | Name: uclick Value: fnqdy9a7 |
|
adsh0wpr0.site/ | Name: uclickhash Value: fnqdy9a7-fnqdy9a7-oc-ej-xs0-ho8n-howj-04a936 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
264.litecher.xyz
adsh0wpr0.site
angossa.com
btdnav.com
melbetsport.club
nordvpnserver.com
ozon.ozon.avito.avito.pay.j4fyug5dtld8d2o.vpn.melbet-link.com
www.clkmg.com
www.toromclick.com
zupr6k.arsrok1tjk.com
zupr6k.arsrok1tjk.com
103.224.182.206
103.224.182.241
104.200.67.55
142.93.240.225
161.35.82.21
185.178.208.156
192.99.158.241
204.152.214.30
50.97.212.250
02442cca87680cfbeeb93d90b6a399ede1ed07e3309722c90b6cc9c278700323
74f71c81970e431b395f03aa652f045a9f6bf397352df93908a35a1f5210cf25
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed
c6bc28686490aba34a53ab3b709afa1fd73c21e60feb25608b09f23efe170089
fa29fd0079b20b120f3a081f783200c1b29f9c9d1b1974fbe3c6996c4f28d5d4