www.ligsports.pw Open in urlscan Pro
2606:4700:3035::6818:70c5 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.ligsports.pw/ch18.php
Submission Tags: falconsandbox
Submission: On October 13 via api (October 13th 2020, 7:53:26 pm UTC) from US

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 11 domains to perform 17 HTTP transactions. The main IP is 2606:4700:3035::6818:70c5, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ligsports.pw.

This is the only time www.ligsports.pw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2606:4700:303... 2606:4700:3035::6818:70c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.86.245.5 99.86.245.5	16509 (AMAZON-02) (AMAZON-02)
1 1	67.202.94.93 67.202.94.93	32748 (STEADFAST) (STEADFAST)
1	2606:4700:10:... 2606:4700:10::6816:4aab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.243.59.20 192.243.59.20	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	99.86.7.28 99.86.7.28	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3035::ac43:a50a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
1	158.69.251.190 158.69.251.190	16276 (OVH) (OVH)
2	2606:4700::68... 2606:4700::6811:c26b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::ac43:8e31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.190.71.96 35.190.71.96	15169 (GOOGLE) (GOOGLE)
1	99.86.7.92 99.86.7.92	16509 (AMAZON-02) (AMAZON-02)
17	12

4 2606:4700:3035::6818:70c5 (United States)

ASN13335 (CLOUDFLARENET, US)

www.ligsports.pw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.245.5 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-245-5.vie50.r.cloudfront.net

d2va1d0hpla18n.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.94.93 (Chicago, United States) 1 redirects

ASN32748 (STEADFAST, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4aab (United States)

ASN13335 (CLOUDFLARENET, US)

widgets.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

timeruniversalreligious.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.7.28 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-28.fra6.r.cloudfront.net

nomicidenti.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:a50a (United States)

ASN13335 (CLOUDFLARENET, US)

wmsxx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 158.69.251.190 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns546644.ip-158-69-251.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:c26b (United States)

ASN13335 (CLOUDFLARENET, US)

fbcdn2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:8e31 (United States)

ASN13335 (CLOUDFLARENET, US)

ufpcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.71.96 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 96.71.190.35.bc.googleusercontent.com

onclickgenius.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.7.92 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-92.fra6.r.cloudfront.net

ssaffortyya.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	ligsports.pw www.ligsports.pw	27 KB
2	fbcdn2.com fbcdn2.com	21 KB
2	histats.com s10.histats.com s4.histats.com	5 KB
2	timeruniversalreligious.com timeruniversalreligious.com
2	amung.us 1 redirects whos.amung.us widgets.amung.us	3 KB
1	ssaffortyya.club ssaffortyya.club	501 B
1	onclickgenius.com onclickgenius.com	1 KB
1	ufpcdn.com ufpcdn.com
1	wmsxx.com wmsxx.com
1	nomicidenti.top nomicidenti.top
1	cloudfront.net d2va1d0hpla18n.cloudfront.net	23 KB
17	11

	Domain	Requested by
4	www.ligsports.pw	www.ligsports.pw
2	fbcdn2.com	www.ligsports.pw
2	timeruniversalreligious.com	www.ligsports.pw
1	ssaffortyya.club	www.ligsports.pw
1	onclickgenius.com	www.ligsports.pw
1	ufpcdn.com	www.ligsports.pw
1	s4.histats.com	s10.histats.com
1	s10.histats.com	www.ligsports.pw
1	wmsxx.com	www.ligsports.pw
1	nomicidenti.top	d2va1d0hpla18n.cloudfront.net
1	widgets.amung.us	www.ligsports.pw
1	whos.amung.us	1 redirects
1	d2va1d0hpla18n.cloudfront.net	www.ligsports.pw
17	13

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-12` - `2021-07-12`	a year	crt.sh
histats.com Let's Encrypt Authority X3	`2020-09-08` - `2020-12-07`	3 months	crt.sh

This page contains 4 frames:

Primary Page: http://www.ligsports.pw/ch18.php
Frame ID: 159C74E2A8607463E90E5871E994BC91
Requests: 14 HTTP requests in this frame

Frame: http://nomicidenti.top/ajJjcW8LUAAcUAsPAVcaGF5eVF0sF1E3C1hEAkALWloTHQ5bCg1fDAZdFhUJGF0NBUEEVxdUXSx0BzY1M30kNDcpZjkUNw1zMyEuPGgxQFYZdjU7PC5xFykrHWABNl9aYi4zJh9WCkFKWHQtMxdPACU+FSddJyNbPHYEOwMpWQAoLRBoBSkpI3YtHRsJYDYwWjJzLTs6BActMCoBfi1BJiN1Ih5aImQuCDpZayojKjBlADc6K3QUSV0+c1c5KwQCLzheLGcCNyo6cyI8XyJkLTQsEF4BIyowZS1BGy9gDygIImQtNDlYWg0kKisHASMpL2APKFo5cCYoLhMfWhUuEgozPS1bZi4dIRh2U0gnP3pTOjo8RS08Kh1/JDQhG1dTIyg8WDEjLAJ0JxAIDXUmIDoQZFMZPTx1CxMsO2spPzlbdzEYLQ1xU0gqOXUUOzo/VioTCAZ3MR02GGUyEjksdiYVOhB4NxAYU2IxQC1PACElOR1jNSYcJnMhOzkzZBMoKix3VTU+O2AiNRgrcCYnPQtFFDU9O3tbMgg/YCEwSQBBDB8fV3EWHyseRC09JDh2JCsoJGc
Frame ID: 6BDB5A5B0FFF926390F3681E11F9CCB9
Requests: 1 HTTP requests in this frame

Frame: https://wmsxx.com/ply1.php?live=SDsQgHfB&vw=100vw&vh=100vh
Frame ID: CFA0A6E1F5E7902AA869282E4E1A642A
Requests: 1 HTTP requests in this frame

Frame: http://ufpcdn.com/script/identify.html?frmt=0
Frame ID: 0C3BA49C6F44D19BEC30ED105C0FFFF9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

17
Requests

12 %
HTTPS

38 %
IPv6

11
Domains

13
Subdomains

12
IPs

3
Countries

80 kB
Transfer

275 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

http://whos.amung.us/cwidget/livesport/000000ffffff.png HTTP 307
http://widgets.amung.us/draw/?w=colored&n=4068&c=000000ffffff&p=

17 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set ch18.php Show response www.ligsports.pw/	9 KB 4 KB	132ms 115ms	Document text/html	2606:4700:3035::6818:70c5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://www.ligsports.pw/ch18.php Protocol HTTP/1.1 Server 2606:4700:3035::6818:70c5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.22 Resource Hash `60c3866f637fbfe0a4f0f28235b65743407959e2305a8e1dca2ef0d2a555cd7b` Request headers Host www.ligsports.pw Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 13 Oct 2020 19:53:08 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=d51c9c70094d543440b91a44afcad63431602618788; expires=Thu, 12-Nov-20 19:53:08 GMT; path=/; domain=.ligsports.pw; HttpOnly; SameSite=Lax Vary Accept-Encoding X-Powered-By PHP/7.3.22 CF-Cache-Status DYNAMIC cf-request-id 05c51f22410000d6e56ea43200000001 Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602618789"}],"group":"cf-nel","max_age":604800} NEL {"report_to":"cf-nel","max_age":604800} Server cloudflare CF-RAY 5e1b9ae39a04d6e5-FRA Content-Encoding gzip
GET H/1.1	200 OK	origin.css www.ligsports.pw/css/	3 KB 2 KB	90ms 89ms	Stylesheet text/css	2606:4700:3035::6818:70c5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://www.ligsports.pw/css/origin.css Requested by Host: www.ligsports.pw URL: http://www.ligsports.pw/ch18.php Protocol HTTP/1.1 Server 2606:4700:3035::6818:70c5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9c5c8fd9b986b3038f8da707e5a4e6ce5a5a165f926bb04ad54a898b4c4c3081` Request headers Referer http://www.ligsports.pw/ch18.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 13 Oct 2020 19:53:08 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"report_to":"cf-nel","max_age":604800} Transfer-Encoding chunked Connection keep-alive cf-request-id 05c51f22ba0000d6e56ea48200000001 Last-Modified Tue, 28 Apr 2020 16:51:27 GMT Server cloudflare ETag W/"5ea85f0f-c88" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602618789"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=315360000 CF-RAY 5e1b9ae45bf9d6e5-FRA Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	bootstrap.min.css www.ligsports.pw/vendor/bootstrap/css/	124 KB 20 KB	179ms 173ms	Stylesheet text/css	2606:4700:3035::6818:70c5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://www.ligsports.pw/vendor/bootstrap/css/bootstrap.min.css Requested by Host: www.ligsports.pw URL: http://www.ligsports.pw/ch18.php Protocol HTTP/1.1 Server 2606:4700:3035::6818:70c5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `917c68894cf24e326db3ccc259b02493e9c25dcecb7103829b9e551264ac2df1` Request headers Referer http://www.ligsports.pw/ch18.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 13 Oct 2020 19:53:08 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"report_to":"cf-nel","max_age":604800} Transfer-Encoding chunked Connection keep-alive cf-request-id 05c51f22bf0000d72d09ab4200000001 Last-Modified Fri, 27 Mar 2020 21:03:43 GMT Server cloudflare ETag W/"5e7e6a2f-1f173" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602618789"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=315360000 CF-RAY 5e1b9ae468e6d72d-FRA Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	/ Show response d2va1d0hpla18n.cloudfront.net/	64 KB 23 KB	315ms 279ms	Script text/plain	99.86.245.5 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://d2va1d0hpla18n.cloudfront.net/?hdavd=767172 Requested by Host: www.ligsports.pw URL: http://www.ligsports.pw/ch18.php Protocol HTTP/1.1 Server 99.86.245.5 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-245-5.vie50.r.cloudfront.net Software / Resource Hash `9795f21f6dd84cca91aaf232cfe60a336d853bff7ebecaa9d991235ad477ceff` Request headers Referer http://www.ligsports.pw/ch18.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Tue, 13 Oct 2020 19:53:08 GMT content-encoding gzip X-Amz-Cf-Pop VIE50-C1 X-Cache Miss from cloudfront access-control-allow-origin * cache-control no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform Connection keep-alive Content-Length 23434 Via 1.1 e6726d8c260dc6d0bdf74050840f4b1b.cloudfront.net (CloudFront) X-Amz-Cf-Id AUeh3flew0i_jlCvrI5AMPNwGuJ6ca3pjFFNGM_CKL2ONYXgWyxpdA==
GET H/1.1	200 OK	/ widgets.amung.us/draw/ Redirect Chain http://whos.amung.us/cwidget/livesport/000000ffffff.png http://widgets.amung.us/draw/?w=colored&n=4068&c=000000ffffff&p=	2 KB 2 KB	26ms 20ms	Image image/png	2606:4700:10::6816:4aab CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://widgets.amung.us/draw/?w=colored&n=4068&c=000000ffffff&p= Requested by Host: www.ligsports.pw URL: http://www.ligsports.pw/ch18.php Protocol HTTP/1.1 Server 2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `540224aa77de03eb1d5b54d72b99ceaba2b3798f1df882284fb884b8ce7aeb16` Request headers Referer http://www.ligsports.pw/ch18.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 13 Oct 2020 19:53:08 GMT CF-Cache-Status HIT Server cloudflare Age 3425 Vary Accept-Encoding Content-Type image/png access-control-allow-origin * cache-control max-age=432000 Transfer-Encoding chunked content-disposition filename=wau-widget.png Connection keep-alive CF-RAY 5e1b9ae65c189778-FRA cf-request-id 05c51f23f4000097784c37e200000001 expires Wed, 14 Oct 2020 18:56:03 GMT Redirect headers location http://widgets.amung.us/draw/?w=colored&n=4068&c=000000ffffff&p= date Tue, 13 Oct 2020 19:53:08 GMT cache-control no-cache, no-store, must-revalidate transfer-encoding chunked content-type text/html; charset=UTF-8
GET H/1.1	403 Forbidden	b5d5e2cbaa884029b13637009b94e342.js timeruniversalreligious.com/b5/d5/e2/	0 0	282ms 252ms	Script application/javascript	192.243.59.20 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL http://timeruniversalreligious.com/b5/d5/e2/b5d5e2cbaa884029b13637009b94e342.js Requested by Host: www.ligsports.pw URL: http://www.ligsports.pw/ch18.php Protocol HTTP/1.1 Server 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.9 / Resource Hash Request headers Referer http://www.ligsports.pw/ch18.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Tue, 13 Oct 2020 19:53:08 GMT Server nginx/1.17.9 Connection keep-alive Content-Type application/javascript Content-Length 0 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H/1.1	200 OK	YCEwSQBBDB8fV3EWHyseRC09JDh2JCsoJGc nomicidenti.top/ajJjcW8LUAAcUAsPAVcaGF5eVF0sF1E3C1hEAkALWloTHQ5bCg1fDAZdFhUJGF0NBUEEVxdUXSx0BzY1M30kNDcpZjkUNw1zMyEuPGgxQFYZdjU7PC5xFykrHWABNl9aYi4zJh9WCkFKWHQtMxdPACU+FSddJyNbPHYEOwMpWQAoLRBoBSkpI... Frame 6BDB	0 0	205ms 173ms	Document text/html	99.86.7.28 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://nomicidenti.top/ajJjcW8LUAAcUAsPAVcaGF5eVF0sF1E3C1hEAkALWloTHQ5bCg1fDAZdFhUJGF0NBUEEVxdUXSx0BzY1M30kNDcpZjkUNw1zMyEuPGgxQFYZdjU7PC5xFykrHWABNl9aYi4zJh9WCkFKWHQtMxdPACU+FSddJyNbPHYEOwMpWQAoLRBoBSkpI3YtHRsJYDYwWjJzLTs6BActMCoBfi1BJiN1Ih5aImQuCDpZayojKjBlADc6K3QUSV0+c1c5KwQCLzheLGcCNyo6cyI8XyJkLTQsEF4BIyowZS1BGy9gDygIImQtNDlYWg0kKisHASMpL2APKFo5cCYoLhMfWhUuEgozPS1bZi4dIRh2U0gnP3pTOjo8RS08Kh1/JDQhG1dTIyg8WDEjLAJ0JxAIDXUmIDoQZFMZPTx1CxMsO2spPzlbdzEYLQ1xU0gqOXUUOzo/VioTCAZ3MR02GGUyEjksdiYVOhB4NxAYU2IxQC1PACElOR1jNSYcJnMhOzkzZBMoKix3VTU+O2AiNRgrcCYnPQtFFDU9O3tbMgg/YCEwSQBBDB8fV3EWHyseRC09JDh2JCsoJGc Requested by Host: d2va1d0hpla18n.cloudfront.net URL: http://d2va1d0hpla18n.cloudfront.net/?hdavd=767172 Protocol HTTP/1.1 Server 99.86.7.28 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-7-28.fra6.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash Request headers Host nomicidenti.top Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://www.ligsports.pw/ch18.php Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://www.ligsports.pw/ch18.php Response headers Content-Type text/html Content-Length 1255 Connection keep-alive Date Tue, 13 Oct 2020 19:53:10 GMT Server openresty/1.17.8.2 cache-control no-store, no-cache, must-revalidate, no-transform Pragma no-cache P3P CP="NID DSP ALL COR" content-encoding gzip X-Cache Miss from cloudfront Via 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA6-C1 X-Amz-Cf-Id euhvBvfOnfFjSes3mUJpxyYYl_5iU13k_S50fCY84Gj_9D8I0kAmQw==
GET H2	200	ply1.php wmsxx.com/ Frame CFA0	0 0	87ms 62ms	Document text/html	2606:4700:3035::ac43:a50a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wmsxx.com/ply1.php?live=SDsQgHfB&vw=100vw&vh=100vh Requested by Host: www.ligsports.pw URL: http://www.ligsports.pw/ch18.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:a50a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.3.3 Resource Hash Request headers :method GET :authority wmsxx.com :scheme https :path /ply1.php?live=SDsQgHfB&vw=100vw&vh=100vh pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://www.ligsports.pw/ch18.php accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://www.ligsports.pw/ch18.php Response headers status 200 date Tue, 13 Oct 2020 19:53:10 GMT content-type text/html set-cookie __cfduid=d4960b03ba9c6dcdefbcd7715e3a782281602618790; expires=Thu, 12-Nov-20 19:53:10 GMT; path=/; domain=.wmsxx.com; HttpOnly; SameSite=Lax; Secure x-powered-by PHP/5.3.3 cf-cache-status DYNAMIC cf-request-id 05c51f29b2000005c813238200000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602618790"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 5e1b9aef8a0905c8-FRA content-encoding br
GET H/1.1	200 OK	js15_as.js Show response s10.histats.com/	11 KB 5 KB	104ms 72ms	Script text/javascript	46.105.201.240 OVH
General Check archive.org Show headers Download Go to Full URL http://s10.histats.com/js15_as.js Requested by Host: www.ligsports.pw URL: http://www.ligsports.pw/ch18.php Protocol HTTP/1.1 Server 46.105.201.240 , France, ASN16276 (OVH, FR), Reverse DNS Software / Resource Hash `2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede` Request headers Referer http://www.ligsports.pw/ch18.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 13 Oct 2020 19:45:49 GMT Content-Encoding gzip Last-Modified Thu, 16 Apr 2020 10:44:16 GMT X-CDN-Pop-IP 137.74.120.32/27 ETag "-375139978" X-Cacheable Matched cache Vary Accept-Encoding X-IPLB-Instance 4747 Content-Type text/javascript X-CDN-Pop sbg Accept-Ranges bytes X-IPLB-Request-ID C2636963:F8F8_2E69C9F0:0050_5F8605A6_C5F36:1822 Content-Length 4547 X-Request-ID 878708521
GET H/1.1	403 Forbidden	b5d5e2cbaa884029b13637009b94e342.js timeruniversalreligious.com/b5/d5/e2/	0 0	143ms 142ms	Script application/javascript	192.243.59.20 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL http://timeruniversalreligious.com/b5/d5/e2/b5d5e2cbaa884029b13637009b94e342.js Requested by Host: www.ligsports.pw URL: http://www.ligsports.pw/ch18.php Protocol HTTP/1.1 Server 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.9 / Resource Hash Request headers Referer http://www.ligsports.pw/ch18.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Tue, 13 Oct 2020 19:53:10 GMT Server nginx/1.17.9 Connection keep-alive Content-Type application/javascript Content-Length 0 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H/1.1	200 OK	xclose.png www.ligsports.pw/img/	820 B 1 KB	109ms 109ms	Image image/png	2606:4700:3035::6818:70c5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://www.ligsports.pw/img/xclose.png Requested by Host: www.ligsports.pw URL: http://www.ligsports.pw/css/origin.css Protocol HTTP/1.1 Server 2606:4700:3035::6818:70c5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d866b53b42cab9ab12eab829552d60ebfedb10489b7385d78c5da9a50272c749` Request headers Referer http://www.ligsports.pw/css/origin.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 13 Oct 2020 19:53:10 GMT CF-Cache-Status MISS NEL {"report_to":"cf-nel","max_age":604800} Connection keep-alive Content-Length 820 cf-request-id 05c51f299a0000d72d09b1e200000001 Last-Modified Fri, 27 Mar 2020 20:54:51 GMT Server cloudflare ETag "5e7e681b-334" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602618790"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=315360000 Accept-Ranges bytes CF-RAY 5e1b9aef5943d72d-FRA Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	0.php Show response s4.histats.com/stats/	52 B 323 B	437ms 142ms	Script text/html	158.69.251.190 OVH
General Check archive.org Show headers Download Go to Full URL https://s4.histats.com/stats/0.php?3681769&@f16&@g1&@h1&@i1&@j1602618790401&@k0&@l1&@mLive%20Sports&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-65937605&@b3:1602618790&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttp%3A%2F%2Fwww.ligsports.pw%2Fch18.php&@w Requested by Host: s10.histats.com URL: http://s10.histats.com/js15_as.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 158.69.251.190 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns546644.ip-158-69-251.net Software / Resource Hash `0f8d41f2c72e661f1f986adce7f20a2b2291ca119d21b83ec86087a4ad406544` Request headers Referer http://www.ligsports.pw/ch18.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 13 Oct 2020 19:53:10 GMT Connection close Content-Length 52 Content-Type text/html;charset=UTF-8
GET H/1.1	200 OK	compatibility.js Show response fbcdn2.com/script/	20 KB 9 KB	25ms 19ms	Script application/javascript	2606:4700::6811:c26b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://fbcdn2.com/script/compatibility.js Requested by Host: www.ligsports.pw URL: http://www.ligsports.pw/ch18.php Protocol HTTP/1.1 Server 2606:4700::6811:c26b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `03241a470052a86e3d0bc4c77894ae3f87a1452092fff62ff01d499ead7decac` Request headers Referer http://www.ligsports.pw/ch18.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 13 Oct 2020 19:53:10 GMT Content-Encoding gzip CF-Cache-Status HIT Age 2737 X-GUploader-UploadID ABg5-UyXKWc-JA_GJLbZwBHft0FEsJDQwoEuMws-rQ0I_ZWVkqcl7OqXz0FGIs7Hmexb6ubOwdZ4hZILhw0Ovwnzy5o x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity Connection keep-alive Content-Type application/javascript cf-request-id 05c51f2a30000097de312c3200000001 Last-Modified Tue, 15 Sep 2020 12:10:32 GMT Server cloudflare ETag W/"c2bbc1e2544049cb035c321919bef2bc" Vary Accept-Encoding x-goog-hash crc32c=6TBdZQ==, md5=wrvB4lRAScsDXDIZGb7yvA== x-goog-generation 1600171832181211 Access-Control-Allow-Origin * Cache-Control public, max-age=14400 Transfer-Encoding chunked x-goog-stored-content-length 20647 CF-RAY 5e1b9af04c3297de-FRA Expires Tue, 13 Oct 2020 23:53:10 GMT
GET H/1.1	200 OK	Cookie set identify.html ufpcdn.com/script/ Frame 0C3B	0 0	180ms 174ms	Document text/html	2606:4700:3037::ac43:8e31 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://ufpcdn.com/script/identify.html?frmt=0 Requested by Host: www.ligsports.pw URL: http://www.ligsports.pw/ch18.php Protocol HTTP/1.1 Server 2606:4700:3037::ac43:8e31 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Host ufpcdn.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://www.ligsports.pw/ch18.php Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://www.ligsports.pw/ch18.php Response headers Date Tue, 13 Oct 2020 19:53:10 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=d65ee53c3356f5222b26af047f7168a431602618790; expires=Thu, 12-Nov-20 19:53:10 GMT; path=/; domain=.ufpcdn.com; HttpOnly; SameSite=Lax __cf_bm=304e2b0fbdb5c49226c520ecbcb5549464526a0e-1602618790-1800-AQqGzStsEm57tUTtGfwuJWo22zSSeV1AcjqDC+1Gzq0xE/HsA42IoneBC8pmhTg8JTfA1NsulHvcpmNYGyQXxbk=; path=/; expires=Tue, 13-Oct-20 20:23:10 GMT; domain=.ufpcdn.com; HttpOnly; SameSite=None Last-Modified Tue, 15 May 2018 06:39:25 GMT CF-Cache-Status DYNAMIC cf-request-id 05c51f2a550000dfa525983200000001 Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602618791"}],"group":"cf-nel","max_age":604800} NEL {"report_to":"cf-nel","max_age":604800} Server cloudflare CF-RAY 5e1b9af08e74dfa5-FRA Content-Encoding gzip
GET H/1.1	200 OK	suurl.php Show response onclickgenius.com/script/	5 KB 1 KB	305ms 275ms	Script application/javascript	35.190.71.96 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://onclickgenius.com/script/suurl.php?r=2278415&cbrandom=0.5734140430137653&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=Live%20Sports&cbref=&cbdescription=&cbkeywords=&cbcdn=fbcdn2.com&ufp=1698752736298758336515864 Requested by Host: www.ligsports.pw URL: http://www.ligsports.pw/ch18.php Protocol HTTP/1.1 Server 35.190.71.96 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 96.71.190.35.bc.googleusercontent.com Software openresty / Resource Hash `928d254df89abf4f4817ccd3f3cd34e008411d2afee300c83399ef11d0642ea1` Request headers Referer http://www.ligsports.pw/ch18.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Tue, 13 Oct 2020 19:53:10 GMT Content-Encoding gzip Transfer-Encoding chunked Server openresty Via 1.1 google Content-Type application/javascript; charset=utf-8
GET H/1.1	200 OK	chrome.js Show response fbcdn2.com/script/	36 KB 12 KB	14ms 14ms	Script application/javascript	2606:4700::6811:c26b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://fbcdn2.com/script/chrome.js Requested by Host: www.ligsports.pw URL: http://www.ligsports.pw/ch18.php Protocol HTTP/1.1 Server 2606:4700::6811:c26b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `59f4d7efe6da31323c45da80772acec8cd177a21530c2de576f86ee3fcefd946` Request headers Referer http://www.ligsports.pw/ch18.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 13 Oct 2020 19:53:10 GMT Content-Encoding gzip CF-Cache-Status HIT Age 1371 X-GUploader-UploadID ABg5-UzjdAhGvQK2XT7EqUMQ0h8TtggLA284hfvePTwegnuGVGTu-5C9Tv5kRLeA57rkuqI3C-TTPniuONITlOrjN9fAqlU3Sg x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity Connection keep-alive Content-Type application/javascript cf-request-id 05c51f2b0e000097de312cb200000001 Last-Modified Mon, 14 Sep 2020 09:15:29 GMT Server cloudflare ETag W/"ef6565ab259dafbc08468b4d0bb46762" Vary Accept-Encoding x-goog-hash crc32c=KoLUvQ==, md5=72VlqyWdr7wIRotNC7RnYg== x-goog-generation 1600074929755781 Access-Control-Allow-Origin * Cache-Control public, max-age=14400 Transfer-Encoding chunked x-goog-stored-content-length 37300 CF-RAY 5e1b9af1bd1c97de-FRA Expires Tue, 13 Oct 2020 23:53:10 GMT
GET H/1.1	200 OK	popunder.gif ssaffortyya.club/	35 B 501 B	292ms 262ms	Image image/gif	99.86.7.92 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://ssaffortyya.club/popunder.gif Requested by Host: www.ligsports.pw URL: http://www.ligsports.pw/ch18.php Protocol HTTP/1.1 Server 99.86.7.92 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-7-92.fra6.r.cloudfront.net Software / Resource Hash `8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015` Request headers Referer http://www.ligsports.pw/ch18.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma public Date Tue, 13 Oct 2020 19:53:10 GMT content-encoding gzip X-Amz-Cf-Pop FRA6-C1 X-Cache Miss from cloudfront Content-Type image/gif access-control-allow-origin * cache-control public, max-age=604800, immutable Connection keep-alive Content-Length 58 Via 1.1 2f0580a0593ad9d3fb82aee9226d8179.cloudfront.net (CloudFront) X-Amz-Cf-Id 6roszBo0kRPmiUqJWdyYku5fuBXp0Eapxhq2q9TY5uJraxuQtHradA==

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.ligsports.pw/	1970-01-19 21:55:54	Name: HstCns3681769 Value: 1
www.ligsports.pw/	1970-01-19 21:55:54	Name: HstPt3681769 Value: 1
www.ligsports.pw/	1970-01-19 21:55:54	Name: HstPn3681769 Value: 1
www.ligsports.pw/	1970-01-19 14:36:42	Name: adcashufpv3 Value: 1488508841630115101523973170
www.ligsports.pw/	1970-01-19 21:55:54	Name: HstCnv3681769 Value: 1
www.ligsports.pw/	1970-01-19 21:55:54	Name: HstCmu3681769 Value: 1602618790401
www.ligsports.pw/	1970-01-19 21:55:54	Name: HstCla3681769 Value: 1602618790401
www.ligsports.pw/	1970-01-19 21:55:54	Name: HstCfa3681769 Value: 1602618790401
.ligsports.pw/	1970-01-19 13:53:30	Name: __cfduid Value: d51c9c70094d543440b91a44afcad63431602618788

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d2va1d0hpla18n.cloudfront.net
fbcdn2.com
nomicidenti.top
onclickgenius.com
s10.histats.com
s4.histats.com
ssaffortyya.club
timeruniversalreligious.com
ufpcdn.com
whos.amung.us
widgets.amung.us
wmsxx.com
www.ligsports.pw
158.69.251.190
192.243.59.20
2606:4700:10::6816:4aab
2606:4700:3035::6818:70c5
2606:4700:3035::ac43:a50a
2606:4700:3037::ac43:8e31
2606:4700::6811:c26b
35.190.71.96
46.105.201.240
67.202.94.93
99.86.245.5
99.86.7.28
99.86.7.92
03241a470052a86e3d0bc4c77894ae3f87a1452092fff62ff01d499ead7decac
0f8d41f2c72e661f1f986adce7f20a2b2291ca119d21b83ec86087a4ad406544
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
540224aa77de03eb1d5b54d72b99ceaba2b3798f1df882284fb884b8ce7aeb16
59f4d7efe6da31323c45da80772acec8cd177a21530c2de576f86ee3fcefd946
60c3866f637fbfe0a4f0f28235b65743407959e2305a8e1dca2ef0d2a555cd7b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
917c68894cf24e326db3ccc259b02493e9c25dcecb7103829b9e551264ac2df1
928d254df89abf4f4817ccd3f3cd34e008411d2afee300c83399ef11d0642ea1
9795f21f6dd84cca91aaf232cfe60a336d853bff7ebecaa9d991235ad477ceff
9c5c8fd9b986b3038f8da707e5a4e6ce5a5a165f926bb04ad54a898b4c4c3081
d866b53b42cab9ab12eab829552d60ebfedb10489b7385d78c5da9a50272c749

www.ligsports.pw Open in urlscan Pro 2606:4700:3035::6818:70c5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

17 Requests

12 %HTTPS

38 %IPv6

11 Domains

13 Subdomains

12 IPs

3 Countries

80 kBTransfer

275 kBSize

9 Cookies

0 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

9 Cookies

Indicators

www.ligsports.pw Open in urlscan Pro
2606:4700:3035::6818:70c5 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

12 %
HTTPS

38 %
IPv6

11
Domains

13
Subdomains

12
IPs

3
Countries

80 kB
Transfer

275 kB
Size

9
Cookies

17 HTTP transactions
0 data transactions