urlscan.io logo urlscan.io
SecurityTrails logo

csport.xyz Open in urlscan Pro
2606:4700:3035::6812:24d5  Public Scan

Go To Rescan Add Verdict Report
URL: http://csport.xyz/t/1/5.php
Submission: On November 11 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 5 countries across 11 domains to perform 15 HTTP transactions. The main IP is 2606:4700:3035::6812:24d5, located in United States and belongs to CLOUDFLARENET, US. The main domain is csport.xyz.
This is the only time csport.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 192.243.59.13 39572 (ADVANCEDH...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 95.142.100.25 8455 (ATOM86-AS...)
1 151.101.12.193 54113 (FASTLY)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 46.105.201.240 16276 (OVH)
3 3 67.202.94.94 32748 (STEADFAST)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 198.27.80.143 16276 (OVH)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 35.190.71.96 15169 (GOOGLE)
15 12
1    2606:4700:3035::6812:24d5 (United States)

ASN13335 (CLOUDFLARENET, US)
csport.xyz
1    192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
dissimilartongueoatmeal.com
1    2606:4700:3038::6815:eb15 (United States)

ASN13335 (CLOUDFLARENET, US)
embed.telerium.net
1    95.142.100.25 (Netherlands)

ASN8455 (ATOM86-AS ATOM86, NL)
pubdirecte.com
1    151.101.12.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.imgur.com
2    2606:4700:3032::6818:62e1 (United States)

ASN13335 (CLOUDFLARENET, US)
uptimecdn.com
2    2606:4700:3035::681c:704 (United States)

ASN13335 (CLOUDFLARENET, US)
telerium.live
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
3    67.202.94.94 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: amung.us
whos.amung.us
3    2606:4700:10::6816:4aab (United States)

ASN13335 (CLOUDFLARENET, US)
widgets.amung.us
1    198.27.80.143 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns558056.ip-198-27-80.net
s4.histats.com
1    2606:4700:3035::6812:3747 (United States)

ASN13335 (CLOUDFLARENET, US)
ufpcdn.com
1    35.190.71.96 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 96.71.190.35.bc.googleusercontent.com
onclickgenius.com
Domain Requested by
3 widgets.amung.us csport.xyz
3 whos.amung.us 3 redirects
2 telerium.live 1 redirects embed.telerium.net
2 uptimecdn.com csport.xyz
1 onclickgenius.com csport.xyz
1 ufpcdn.com csport.xyz
1 s4.histats.com s10.histats.com
1 s10.histats.com csport.xyz
1 i.imgur.com csport.xyz
1 pubdirecte.com csport.xyz
1 embed.telerium.net csport.xyz
1 dissimilartongueoatmeal.com csport.xyz
1 csport.xyz
15 13

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-11 -
2021-08-11		 a year crt.sh
*.imgur.com
DigiCert SHA2 Secure Server CA		 2020-01-15 -
2022-03-16		 2 years crt.sh
whos.amung.us
Sectigo RSA Domain Validation Secure Server CA		 2020-05-21 -
2022-05-21		 2 years crt.sh
histats.com
Let's Encrypt Authority X3		 2020-09-08 -
2020-12-07		 3 months crt.sh

This page contains 3 frames:

Primary Page: http://csport.xyz/t/1/5.php
Frame ID: 9744DD76B3619E16CB6AD9096B78863D
Requests: 13 HTTP requests in this frame

Frame: https://telerium.live/embed/27335.html
Frame ID: C6532279C15C5C039EB2E57AADD24AB0
Requests: 1 HTTP requests in this frame

Frame: http://ufpcdn.com/script/identify.html?frmt=0
Frame ID: 18E9E0F69FBCBF60F8C98FF56B506C18
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

15
Requests

47 %
HTTPS

46 %
IPv6

11
Domains

13
Subdomains

12
IPs

5
Countries

47 kB
Transfer

96 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • http://telerium.live/embed/27335.html HTTP 301
  • https://telerium.live/embed/27335.html
Request Chain 7
  • https://whos.amung.us/cwidget/liveclubmzzz/000000ffffff.png HTTP 307
  • https://widgets.amung.us/draw/?w=colored&n=741&c=000000ffffff&p=
Request Chain 12
  • https://whos.amung.us/cwidget/liveclubmzzz/000000ffffff.png HTTP 307
  • https://widgets.amung.us/draw/?w=colored&n=741&c=000000ffffff&p=
Request Chain 13
  • https://whos.amung.us/cwidget/liveclubmzzz/000000ffffff.png HTTP 307
  • https://widgets.amung.us/draw/?w=colored&n=741&c=000000ffffff&p=

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set 5.php
csport.xyz/t/1/ 		12 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://csport.xyz/t/1/5.php
Protocol
HTTP/1.1
Server
2606:4700:3035::6812:24d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
038e58ec3f7ef05e7528ea407656440dc83e1864afeb38b70fb456ee31702f7e

Request headers

Host
csport.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 11 Nov 2020 19:03:34 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=ddd667e6113aa25220f204fd8dce343681605121414; expires=Fri, 11-Dec-20 19:03:34 GMT; path=/; domain=.csport.xyz; HttpOnly; SameSite=Lax
CF-Cache-Status
DYNAMIC
cf-request-id
065a4a2cc000002c52c4a14000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ctB0qDuVUvJGdMxzRxnA69aobwndxuwCzP63fVIUXDBdFy6zuCukjQqXNaGTzNoCr%2Fb5Pp9Uv5Z4re6CXpwaT%2B9jYJPclaSiSyzh7EA%2FDgyXdL%2BqeCGs"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
5f0a46279c2b2c52-FRA
Content-Encoding
gzip
44f03f02cbb3527e59598335596d333a.js
dissimilartongueoatmeal.com/44/f0/3f/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://dissimilartongueoatmeal.com/44/f0/3f/44f03f02cbb3527e59598335596d333a.js
Requested by
Host: csport.xyz
URL: http://csport.xyz/t/1/5.php
Protocol
HTTP/1.1
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
http://csport.xyz/t/1/5.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 11 Nov 2020 19:03:34 GMT
Server
nginx/1.17.6
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
embed2.js
embed.telerium.net/ 		380 B
838 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.telerium.net/embed2.js
Requested by
Host: csport.xyz
URL: http://csport.xyz/t/1/5.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c00a2c6ff994e3ecb263fb0d75cdc43565155a87b96d69fdae35cc32e7f23111

Request headers

Referer
http://csport.xyz/t/1/5.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 11 Nov 2020 19:03:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
219834
status
200
cf-request-id
065a4a2d1c00003248600db000000001
last-modified
Mon, 19 Oct 2020 02:01:13 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aNEF4ksjh4FM5Jca1las64agOCiof%2BOr1NgQT3hkGUY9SbALV02WlWgaJrmBpDO3mS7Co088RvRF34mOZFtSsCAnXET%2FJpvbsAYDpQn7Mm%2Fz4G2D9MsMYN6xgoR5rE4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31536000
cf-ray
5f0a46282e773248-FRA
expires
Sun, 07 Nov 2021 00:37:22 GMT
pop.php
pubdirecte.com/script/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pubdirecte.com/script/pop.php?said=128332
Requested by
Host: csport.xyz
URL: http://csport.xyz/t/1/5.php
Protocol
HTTP/1.1
Server
95.142.100.25 , Netherlands, ASN8455 (ATOM86-AS ATOM86, NL),
Reverse DNS
Software
Apache /
Resource Hash
492dd5566fc2e4dc95d9dc0eb72705941eb6a600f44dbdd90957debab3535b9b

Request headers

Referer
http://csport.xyz/t/1/5.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 11 Nov 2020 19:03:29 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.pubdirecte.com/P3P.XML",CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Connection
close
Content-Type
text/html; charset=ISO-8859-1
Expires
Wed, 11 Nov 2020 19:03:29 GMT
oF0vHqr.png
i.imgur.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/oF0vHqr.png
Requested by
Host: csport.xyz
URL: http://csport.xyz/t/1/5.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
5f3478030566b0f1df6691bd6291956102e6486e0d70f0888c34ca055961d672
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://csport.xyz/t/1/5.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 11 Nov 2020 19:03:34 GMT
x-content-type-options
nosniff
age
620087
x-cache
HIT, HIT
status
200
content-length
3086
x-served-by
cache-bwi5123-BWI, cache-fra19182-FRA
last-modified
Fri, 12 Jun 2020 16:23:44 GMT
server
cat factory 1.0
x-timer
S1605121414.489501,VS0,VE1
etag
"a4205ef3455e3910f0d861141772c20d"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
compatibility.js
uptimecdn.com/script/ 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://uptimecdn.com/script/compatibility.js
Requested by
Host: csport.xyz
URL: http://csport.xyz/t/1/5.php
Protocol
HTTP/1.1
Server
2606:4700:3032::6818:62e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03241a470052a86e3d0bc4c77894ae3f87a1452092fff62ff01d499ead7decac

Request headers

Referer
http://csport.xyz/t/1/5.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=6TBdZQ==, md5=wrvB4lRAScsDXDIZGb7yvA==
Date
Wed, 11 Nov 2020 19:03:34 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
1722
X-GUploader-UploadID
ABg5-UxCO6fLqx8AIvIEkCa53eWpeX--gB_PM6slmpeFKm2SzITnGKTPyS-Hmj0HnuvwI5vmyMJKYzfeHqYBzS3_mwUNMWNULw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
Connection
keep-alive
Content-Type
application/javascript
cf-request-id
065a4a2de70000d7059f152000000001
Last-Modified
Tue, 15 Sep 2020 12:10:32 GMT
Server
cloudflare
ETag
W/"c2bbc1e2544049cb035c321919bef2bc"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EHxzXUeGfhpaxCRuJwWf2GRIC1N5oAMUiP7%2Bmu%2BGDLZLSGBxzrMfIfA6CkzxA0HtR2L2m4VE9SgmIgwJuR%2BhFkWgBZvTI81K4dSQsKWq0b%2FcKqOBfLSByKXC"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1600171832181211
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
x-goog-stored-content-length
20647
CF-RAY
5f0a46296e6ad705-FRA
Expires
Wed, 11 Nov 2020 19:34:52 GMT
27335.html
telerium.live/embed/ Frame C653
Redirect Chain
  • http://telerium.live/embed/27335.html
  • https://telerium.live/embed/27335.html
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://telerium.live/embed/27335.html
Requested by
Host: embed.telerium.net
URL: https://embed.telerium.net/embed2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681c:704 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
telerium.live
:scheme
https
:path
/embed/27335.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://csport.xyz/t/1/5.php
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://csport.xyz/t/1/5.php

Response headers

status
200
date
Wed, 11 Nov 2020 19:03:34 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=de94e43962c2a1fcdb53b6358cd462adc1605121414; expires=Fri, 11-Dec-20 19:03:34 GMT; path=/; domain=.telerium.live; HttpOnly; SameSite=Lax; Secure
x-proxy-cache
HIT
cache-control
public, max-age=1800, s-maxage=30
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
age
227
cf-request-id
065a4a2e2900001f316c88f000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1IyL1ZTzt6NnMO%2BZnf3bWYCorugypaZW8EYPg%2BA0mbtnv9vEKHcFqH5B1VzusvDh1j6XScNYxF0PcQO5jVknjMkpafP8HX1hXd7JeTvblql74nPp9INxpEIS"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
5f0a4629dd481f31-FRA
content-encoding
br

Redirect headers

Date
Wed, 11 Nov 2020 19:03:34 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Wed, 11 Nov 2020 20:03:34 GMT
Location
https://telerium.live/embed/27335.html
cf-request-id
065a4a2dfb000097fc383c4000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9OPxyOdjubIcUHvK33HLONOIhsi1AmdHU%2BKhYTr9Q5g3mesmXOaGc2wRd1qzJghEBBYU3BN5r9Zq9dC5uLT02KFkkYznz4b79bnRa7NPeGhEfT12slUZakxU"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
5f0a4629985c97fc-FRA
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s10.histats.com/js15_as.js
Requested by
Host: csport.xyz
URL: http://csport.xyz/t/1/5.php
Protocol
HTTP/1.1
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Referer
http://csport.xyz/t/1/5.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 11 Nov 2020 19:01:45 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Apr 2020 10:44:16 GMT
X-CDN-Pop-IP
137.74.120.32/27
ETag
"-375139978"
X-Cacheable
Matched cache
Vary
Accept-Encoding
X-IPLB-Instance
4747
Content-Type
text/javascript
X-CDN-Pop
sbg
Accept-Ranges
bytes
X-IPLB-Request-ID
59F940AB:6544_2E69C9F0:0050_5FAC3586_5B287:F8A2
Content-Length
4547
X-Request-ID
715129026
/
widgets.amung.us/draw/
Redirect Chain
  • https://whos.amung.us/cwidget/liveclubmzzz/000000ffffff.png
  • https://widgets.amung.us/draw/?w=colored&n=741&c=000000ffffff&p=
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/draw/?w=colored&n=741&c=000000ffffff&p=
Requested by
Host: csport.xyz
URL: http://csport.xyz/t/1/5.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2c7a102761003419fbb00ba83fe9fb6afca0ed320673a9c378b4b1e2761ce0a

Request headers

Referer
http://csport.xyz/t/1/5.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 11 Nov 2020 19:03:34 GMT
cf-cache-status
HIT
server
cloudflare
age
10014
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=432000
content-disposition
filename=wau-widget.png
cf-ray
5f0a462bac5197c6-FRA
cf-request-id
065a4a2f49000097c65fa2b000000001
expires
Thu, 12 Nov 2020 16:16:40 GMT

Redirect headers

status
307
date
Wed, 11 Nov 2020 19:03:34 GMT
cache-control
no-cache, no-store, must-revalidate
location
https://widgets.amung.us/draw/?w=colored&n=741&c=000000ffffff&p=
content-type
text/html; charset=UTF-8
0.php
s4.histats.com/stats/ 		118 B
390 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?3423044&@f16&@g1&@h1&@i1&@j1605121414648&@k0&@l1&@m&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-117984318&@b3:1605121415&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttp%3A%2F%2Fcsport.xyz%2Ft%2F1%2F5.php&@w
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.27.80.143 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns558056.ip-198-27-80.net
Software
/
Resource Hash
427852a2e681c99fb8346e19b6a598ac1f1901c9913768c108dd9cdf104034c9

Request headers

Referer
http://csport.xyz/t/1/5.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 11 Nov 2020 19:03:34 GMT
Connection
close
Content-Length
118
Content-Type
text/html;charset=UTF-8
Cookie set identify.html
ufpcdn.com/script/ Frame 18E9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://ufpcdn.com/script/identify.html?frmt=0
Requested by
Host: csport.xyz
URL: http://csport.xyz/t/1/5.php
Protocol
HTTP/1.1
Server
2606:4700:3035::6812:3747 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
ufpcdn.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://csport.xyz/t/1/5.php
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://csport.xyz/t/1/5.php

Response headers

Date
Wed, 11 Nov 2020 19:03:34 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=dc5b8153160ba20e5e208172fec28ae011605121414; expires=Fri, 11-Dec-20 19:03:34 GMT; path=/; domain=.ufpcdn.com; HttpOnly; SameSite=Lax __cf_bm=999fdaaaf5ff863a00c1f0fe9c7b38647de3e500-1605121414-1800-Ab/JdF6KqqUfPvUCLEZeHOoEhbbPET2Ppk2WkSkYjnh73W0H3ncgnCVeRnw9sL05Kta4HsBXHiEbT2maWf8vQhY=; path=/; expires=Wed, 11-Nov-20 19:33:34 GMT; domain=.ufpcdn.com; HttpOnly; SameSite=None
Last-Modified
Tue, 15 May 2018 06:39:25 GMT
CF-Cache-Status
DYNAMIC
cf-request-id
065a4a2e5800002c52ad27f000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=R0iiGa4s2rKaB5FTwhQEVnShAYgdlzSDDejfLZ%2BSKqltGBioH%2Fk92vjBgUbT7Aqgvaw%2FXakc2wb5BKKgmIZ%2FoWBXrIHewqfHREnzJK%2BeNK%2Fkfi3AsErr"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
5f0a462a2b132c52-FRA
Content-Encoding
gzip
suurl.php
onclickgenius.com/script/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://onclickgenius.com/script/suurl.php?r=3004907&cbrandom=0.4905992364535905&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=&cbref=&cbdescription=&cbkeywords=&cbcdn=uptimecdn.com
Requested by
Host: csport.xyz
URL: http://csport.xyz/t/1/5.php
Protocol
HTTP/1.1
Server
35.190.71.96 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.71.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
e6e5941c8b7e7d6c6dcdd23e3d1760ce7ca92a9e8db358bf6aecceff5443844b

Request headers

Referer
http://csport.xyz/t/1/5.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 11 Nov 2020 19:03:35 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
openresty
Via
1.1 google
Content-Type
application/javascript; charset=utf-8
chrome.js
uptimecdn.com/script/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://uptimecdn.com/script/chrome.js
Requested by
Host: csport.xyz
URL: http://csport.xyz/t/1/5.php
Protocol
HTTP/1.1
Server
2606:4700:3032::6818:62e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59f4d7efe6da31323c45da80772acec8cd177a21530c2de576f86ee3fcefd946

Request headers

Referer
http://csport.xyz/t/1/5.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=KoLUvQ==, md5=72VlqyWdr7wIRotNC7RnYg==
Date
Wed, 11 Nov 2020 19:03:34 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
916
X-GUploader-UploadID
ABg5-UztoczZdTIapBXVw8rebuUaLE7_QNwdcx2cMIc-BLkBzWxn-nE0L3cfPxSS1LQw2z_XSi3wORhNXtyL6a4Hb9fPA8rDrQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
Connection
keep-alive
Content-Type
application/javascript
cf-request-id
065a4a2f190000d7059a274000000001
Last-Modified
Mon, 14 Sep 2020 09:15:29 GMT
Server
cloudflare
ETag
W/"ef6565ab259dafbc08468b4d0bb46762"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uMi0nK71gAHXhsNZdyAxN4GaXZd1Dc%2B3gyf%2BI3HNNLLFB5V3mC9mzEyRQ8nH57%2B3xyH0FXPAzfSHgvG6Mfgk6thVeaZQBjc%2Becf7%2BCxHUR9UaBo8But%2FE9sP"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1600074929755781
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
x-goog-stored-content-length
37300
CF-RAY
5f0a462b5b60d705-FRA
Expires
Wed, 11 Nov 2020 19:48:18 GMT
/
widgets.amung.us/draw/
Redirect Chain
  • https://whos.amung.us/cwidget/liveclubmzzz/000000ffffff.png
  • https://widgets.amung.us/draw/?w=colored&n=741&c=000000ffffff&p=
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/draw/?w=colored&n=741&c=000000ffffff&p=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2c7a102761003419fbb00ba83fe9fb6afca0ed320673a9c378b4b1e2761ce0a

Request headers

Referer
http://csport.xyz/t/1/5.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 11 Nov 2020 19:03:37 GMT
cf-cache-status
HIT
server
cloudflare
age
10017
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=432000
content-disposition
filename=wau-widget.png
cf-ray
5f0a4639df7d97c6-FRA
cf-request-id
065a4a382c000097c65b1fb000000001
expires
Thu, 12 Nov 2020 16:16:40 GMT

Redirect headers

status
307
date
Wed, 11 Nov 2020 19:03:37 GMT
cache-control
no-cache, no-store, must-revalidate
location
https://widgets.amung.us/draw/?w=colored&n=741&c=000000ffffff&p=
content-type
text/html; charset=UTF-8
/
widgets.amung.us/draw/
Redirect Chain
  • https://whos.amung.us/cwidget/liveclubmzzz/000000ffffff.png
  • https://widgets.amung.us/draw/?w=colored&n=741&c=000000ffffff&p=
1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/draw/?w=colored&n=741&c=000000ffffff&p=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2c7a102761003419fbb00ba83fe9fb6afca0ed320673a9c378b4b1e2761ce0a

Request headers

Referer
http://csport.xyz/t/1/5.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 11 Nov 2020 19:03:37 GMT
cf-cache-status
HIT
server
cloudflare
age
10017
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=432000
content-disposition
filename=wau-widget.png
cf-ray
5f0a463ab8b297c6-FRA
cf-request-id
065a4a38b4000097c65b208000000001
expires
Thu, 12 Nov 2020 16:16:40 GMT

Redirect headers

status
307
date
Wed, 11 Nov 2020 19:03:37 GMT
cache-control
no-cache, no-store, must-revalidate
location
https://widgets.amung.us/draw/?w=colored&n=741&c=000000ffffff&p=
content-type
text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| trustedTypes object| _0x3f76 function| _0x5339 object| adcashMacros object| zoneSett object| urls object| iceConfig object| _0x585b function| _0x1442 function| runAdblock object| _0x4c8a function| _0xddae function| acPrefetch object| CTABPu string| id string| width string| height object| _Hasync number| x function| f boolean| puShown number| PopWidth number| PopHeight number| PopFocus object| _Top function| GetWindowHeight function| GetWindowWidth function| GetWindowTop function| GetWindowLeft function| doOpen function| PubdirecteSetCook function| PubdirecteSetCookOpen function| PubdirecteGetCook function| initPu function| checkTarget object| tc7e function| chfh function| chfh2 string| _HST_cntval object| Histats object| _0x30a0 function| ufpAttach object| CTAMAT number| delay object| adcashUfp object| _0x756f object| Cnac object| stamat function| NqPnfu34184826836622406 function| NqPnfu object| NqpnfuVfNOrggreArgjbex boolean| _0x90aa object| _HistatsCounterGraphics_0_setValues object| _adas_v211fa function| jonIUBFjnvJDNvluc0.4773581687797315

10 Cookies

Domain/Path Name / Value
telerium.live/ Name: volume
Value: 100
csport.xyz/ Name: adcashufpv3
Value: 1884021421347117019788624857
csport.xyz/ Name: HstCns3423044
Value: 1
csport.xyz/ Name: HstPt3423044
Value: 1
csport.xyz/ Name: HstCnv3423044
Value: 1
csport.xyz/ Name: HstPn3423044
Value: 1
csport.xyz/ Name: HstCla3423044
Value: 1605121414648
csport.xyz/ Name: HstCfa3423044
Value: 1605121414648
csport.xyz/ Name: HstCmu3423044
Value: 1605121414648
.csport.xyz/ Name: __cfduid
Value: ddd667e6113aa25220f204fd8dce343681605121414