sep0309.lamplynx.com Open in urlscan Pro
172.67.159.104 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://offers25942.xyz/
Effective URL:
https://sep0309.lamplynx.com/sbqptv9n?auie=eyJhbGciOiJIUzI1NiJ9.eyJ1YSI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NCkgQXBwbGVXZ...
Submission: On September 03 via manual (September 3rd 2024, 9:29:10 am UTC) from PH — Scanned from FI

Summary HTTP 10 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 2 IPs in 4 countries across 5 domains to perform 10 HTTP transactions. The main IP is 172.67.159.104, located in United States and belongs to CLOUDFLARENET, US. The main domain is sep0309.lamplynx.com.
TLS certificate: Issued by WE1 on August 14th 2024. Valid for: 3 months.

This is the only time sep0309.lamplynx.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	95.215.19.22 95.215.19.22	39287 (ABSTRACT) (ABSTRACT)
2	185.155.184.32 185.155.184.32	6898 (AS-6898 C...) (AS-6898 C41.CH SAGL - LUGANO Data Center)
1 1	185.155.186.25 185.155.186.25	203639 (TEKNOLOGY) (TEKNOLOGY)
2 2	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	172.67.159.104 172.67.159.104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2

1 95.215.19.22 (Finland) 1 redirects

ASN39287 (ABSTRACT, FI)

offers25942.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.155.184.32 (Switzerland)

ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH)

your-winrenew-cash.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.155.186.25 (Switzerland) 1 redirects

ASN203639 (TEKNOLOGY, CH)

cetpc1g.intobanhon.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.97.3 (Amsterdam, Netherlands) 2 redirects

ASN13335 (CLOUDFLARENET, US)

feed.altairfomalhaut.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssp-trk.altairfomalhaut.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.67.159.104 (United States)

ASN13335 (CLOUDFLARENET, US)

sep0309.lamplynx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	lamplynx.com sep0309.lamplynx.com	15 KB
2	altairfomalhaut.com 2 redirects feed.altairfomalhaut.com ssp-trk.altairfomalhaut.com	3 KB
2	your-winrenew-cash.top your-winrenew-cash.top	62 KB
1	intobanhon.live 1 redirects cetpc1g.intobanhon.live	428 B
1	offers25942.xyz 1 redirects offers25942.xyz	82 B
10	5

	Domain	Requested by
8	sep0309.lamplynx.com	your-winrenew-cash.top sep0309.lamplynx.com
2	your-winrenew-cash.top
1	ssp-trk.altairfomalhaut.com	1 redirects
1	feed.altairfomalhaut.com	1 redirects
1	cetpc1g.intobanhon.live	1 redirects
1	offers25942.xyz	1 redirects
10	6

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
support.cloudflare.com

Subject Issuer	Validity	Valid
your-winrenew-cash.top R11	`2024-08-04` - `2024-11-02`	3 months	crt.sh
lamplynx.com WE1	`2024-08-14` - `2024-11-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://sep0309.lamplynx.com/sbqptv9n?auie=eyJhbGciOiJIUzI1NiJ9.eyJ1YSI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyOC4wLjAuMCBTYWZhcmkvNTM3LjM2IiwiaXAiOiI4NC4yNDkuMjA4LjYwIiwicHMiOiIxMDAwMTQiLCJhaSI6IjBhZjk5YmU5ZmUyNjVmNTNlMzI5ZThmOThlMmYxOTdmIiwiYmlkIjowLjAwMzE5NiwiYyI6NCwibCI6NDkzMjc1OSwiZWFuIjotMSwicyI6ImJhNzUxZTY3MmMyY2QyOGZhODRmY2YwMDkzODM4MzRhYjM0ZGI3YzY2MDUwZTY0MDVhODQ2NmIxNTY0ZDI5ZTk5MWRiNzE1NjhiM2I4N2I1NmFkZDI5ZDQyNzQ5YTRhNjQ3NmZmYjNlMTVjNDIyYzFiNWUyZDUiLCJucmkiOiIxODktMEhONjc3UVY5TkRVQy1PNkJTIiwiZXQiOiIxNzI1MzU2MzQ3In0.wnu8dzmi91CFwBrv9ZkdPhw4mEO0NCMwmeijay4eCRM&key=950768115af60843bc4f81bdd6d39e0e&ap=${AUCTION_PRICE}&l=4932759&sub3=1725355747&pid=1172918&auid=0af99be9fe265f53e329e8f98e2f197f&
Frame ID: F84452F20EB68A9761CFCCF3EE7DC60B
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

sep0309.lamplynx.com | 521: Web server is down

Page URL History Show full URLs

http://offers25942.xyz/ HTTP 307
https://offers25942.xyz/ HTTP 302
http://your-winrenew-cash.top/?u=g1cptec&o=56kkgqf HTTP 307
https://your-winrenew-cash.top/?u=g1cptec&o=56kkgqf Page URL
https://cetpc1g.intobanhon.live/qpflpidr/?u=g1cptec&o=56kkgqf&f=1&sid=t2~wppdoww2qagf4grwfak3mfvj&fp=%2F2Fgv... HTTP 302
https://feed.altairfomalhaut.com/dc?pl=pUDXrZrnZkywHW1RPUuKlQ&cid=17657c88-e92a-4af1-ac6b-2a391c324b5c&sub_id... HTTP 302
https://ssp-trk.altairfomalhaut.com/trk?s1=Qk294AYB%2BwqRsomQYkDDXw5phXT%2F3Dva355wwPPkG7ySSNb9cKLYvlyeDQA4F6KST... HTTP 302
https://sep0309.lamplynx.com/sbqptv9n?auie=eyJhbGciOiJIUzI1NiJ9.eyJ1YSI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4I... Page URL

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

2
IPs

4
Countries

78 kB
Transfer

81 kB
Size

5
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cloudflare.com/5xx-error-landing?utm_source=errorcode_521&utm_campaign=sep0309.lamplynx.com
Title: cloudflare.com

Search URL Search Domain Scan URL

URL: https://support.cloudflare.com/hc/en-us/articles/200171916-Error-521
Title: Additional troubleshooting information

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://offers25942.xyz/ HTTP 307
https://offers25942.xyz/ HTTP 302
http://your-winrenew-cash.top/?u=g1cptec&o=56kkgqf HTTP 307
https://your-winrenew-cash.top/?u=g1cptec&o=56kkgqf Page URL
https://cetpc1g.intobanhon.live/qpflpidr/?u=g1cptec&o=56kkgqf&f=1&sid=t2~wppdoww2qagf4grwfak3mfvj&fp=%2F2Fgv1M9Moe7xw5C%2BWbekw%3D%3D HTTP 302
https://feed.altairfomalhaut.com/dc?pl=pUDXrZrnZkywHW1RPUuKlQ&cid=17657c88-e92a-4af1-ac6b-2a391c324b5c&sub_id=l136701&ccode=FI HTTP 302
https://ssp-trk.altairfomalhaut.com/trk?s1=Qk294AYB%2BwqRsomQYkDDXw5phXT%2F3Dva355wwPPkG7ySSNb9cKLYvlyeDQA4F6KSTlw9jYzO0u%2FH0jW%2BzgOtnwKWDr7RSsLKLOKJeaKHKP5u03wufN0rbjZ7g4SPTwC6zikdkpy%2Bg0XJSeN2tQZ%2BekPR6u5oW1zEVYTownbaXnNy%2FQTVBrd2wbZ9LL1gIuwxB8cV59VJ9tcLVuRxA9nAbfuF7Yrgi3OH6pVE2g5O4kzsj5RnozAFUsJn9%2BvUSfay5u%2FtSwV0MUrBUlGkJIav%2FdIt912pDVYtKztk%2Ff94mSXXLwfQCc28QxRcBjx6ojEjCM8VDJQBBxXueQzd1pW%2F24LRlwr3ZWEE0USyJpKihaaRf1XZ3q3EyYSgz5kbnkJnOuCpH2%2FyU9h4H0YUPkggFRNAwstkjeeIeXbUY%2BnrQaAvkwykmY2SEPLQtpxZkWYrDg3tFwyGdGFccib46JvQdPAhXonCirHOkYfI4LcEhUJfGWtz3kt%2BEaYX3ItyPOFy9Jvo9s8PUZ%2FESsHxwDR6oySt8tgQYub%2FaQug7ELJP0obV8xGXOgQzHlSDYXb1W1vZP36FWC87DAEdeytqzjHeT1gdQUO4qYyHxgLhcuzK%2F8La6oEJXRMHwI04rSMoWiZLw0RDBb%2F1DiCKjTL7cXDcjJSQ1I7anhxX%2Fk3qyYLTlEvl8YDlvT7%2FKHPgMJdxR3tFBoczLVOW0%2FVe7Vaojgv39eK7eDZSkr0yCUU894iqYakmDyUnQoxhZUaz%2FWvSDk7Hg1sEeXap2ZP79p8Uld1a1%2BN3RzKRcONQ39bBxsHDrRSfULOjSmi7ikQv9qkJWEEvjvNDzY%2B%2BMoIMNAxJZrp4Dd1Wsl4Fr12XzKwF%2FfCC2RuWoN5nGB9KMeAu1%2Ffy58rfB7pz2B2%2BPvqDWv3DIMHnwijTroV3%2BYD28TMcSVFJfvZEl%2Fn%2FOFOBHlcUKQvWqrEGjhClyVGM5AEdZx5%2FNyzL%2BSL6SqcmxF0FXeozgRoFt481FnwIpcCNrUkusnqZ2K0xQhtLtwxtvlQhbpGjYUoQg8TSe5ja7LJMUE6eYMocN9niyZxP0l0XJKus1qlaDmLfVYHfvqJsASWQ7StaapJ5FLfr5WnenR0GiYVEJwRoyyyGm5Q7rkdrAXAyyNS5g4PKq8XAc70PAoJXKBzI49otah%2FYY37PctK%2Bz9AwlXRu%2FiODcuDmabXJXgAbrknfzLqJNaduCn08x4AoAYICHKvBF8ED5a%2BMwiCs7kPv7byBnQIfHJcRzXgVa1iyWDsgeEhTm21T9LzkgsU4%2BjHzGPQjEjFsjJWdYhfpDWyFie3nliz11XtGw%3D%3D&type=2&brid=d1ba30adcbec493ab40ad110ed1072d2&nrid=ba53e3ab34089b1a9e0b9842e83016b2 HTTP 302
https://sep0309.lamplynx.com/sbqptv9n?auie=eyJhbGciOiJIUzI1NiJ9.eyJ1YSI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyOC4wLjAuMCBTYWZhcmkvNTM3LjM2IiwiaXAiOiI4NC4yNDkuMjA4LjYwIiwicHMiOiIxMDAwMTQiLCJhaSI6IjBhZjk5YmU5ZmUyNjVmNTNlMzI5ZThmOThlMmYxOTdmIiwiYmlkIjowLjAwMzE5NiwiYyI6NCwibCI6NDkzMjc1OSwiZWFuIjotMSwicyI6ImJhNzUxZTY3MmMyY2QyOGZhODRmY2YwMDkzODM4MzRhYjM0ZGI3YzY2MDUwZTY0MDVhODQ2NmIxNTY0ZDI5ZTk5MWRiNzE1NjhiM2I4N2I1NmFkZDI5ZDQyNzQ5YTRhNjQ3NmZmYjNlMTVjNDIyYzFiNWUyZDUiLCJucmkiOiIxODktMEhONjc3UVY5TkRVQy1PNkJTIiwiZXQiOiIxNzI1MzU2MzQ3In0.wnu8dzmi91CFwBrv9ZkdPhw4mEO0NCMwmeijay4eCRM&key=950768115af60843bc4f81bdd6d39e0e&ap=${AUCTION_PRICE}&l=4932759&sub3=1725355747&pid=1172918&auid=0af99be9fe265f53e329e8f98e2f197f& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://offers25942.xyz/ HTTP 307
https://offers25942.xyz/ HTTP 302
http://your-winrenew-cash.top/?u=g1cptec&o=56kkgqf HTTP 307
https://your-winrenew-cash.top/?u=g1cptec&o=56kkgqf

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/
your-winrenew-cash.top/
Redirect Chain

http://offers25942.xyz/
https://offers25942.xyz/
http://your-winrenew-cash.top/?u=g1cptec&o=56kkgqf
https://your-winrenew-cash.top/?u=g1cptec&o=56kkgqf

62 KB
62 KB

365ms
125ms

Document
text/html

185.155.184.32
LUGANO Data Center

General

Check archive.org

Show headers Download Go to

Full URL: https://your-winrenew-cash.top/?u=g1cptec&o=56kkgqf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.155.184.32 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Cache-Control: no-transform
Connection: keep-alive
Content-Length: 63106
Content-Type: text/html
Date: Tue, 03 Sep 2024 09:29:06 GMT
Server: openresty
cache-control: private

Redirect headers

Location: https://your-winrenew-cash.top/?u=g1cptec&o=56kkgqf
Non-Authoritative-Reason: HttpsUpgrades

GET
H2

521

Primary Request sbqptv9n Show response
sep0309.lamplynx.com/
Redirect Chain

https://cetpc1g.intobanhon.live/qpflpidr/?u=g1cptec&o=56kkgqf&f=1&sid=t2~wppdoww2qagf4grwfak3mfvj&fp=%2F2Fgv1M9Moe7xw5C%2BWbekw%3D%3D
https://feed.altairfomalhaut.com/dc?pl=pUDXrZrnZkywHW1RPUuKlQ&cid=17657c88-e92a-4af1-ac6b-2a391c324b5c&sub_id=l136701&ccode=FI
https://ssp-trk.altairfomalhaut.com/trk?s1=Qk294AYB%2BwqRsomQYkDDXw5phXT%2F3Dva355wwPPkG7ySSNb9cKLYvlyeDQA4F6KSTlw9jYzO0u%2FH0jW%2BzgOtnwKWDr7RSsLKLOKJeaKHKP5u03wufN0rbjZ7g4SPTwC6zikdkpy%2Bg0XJSeN2...
https://sep0309.lamplynx.com/sbqptv9n?auie=eyJhbGciOiJIUzI1NiJ9.eyJ1YSI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyOC4wLjAuMCBTYWZhc...

7 KB
7 KB

1027ms
236ms

Document
text/html

172.67.159.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sep0309.lamplynx.com/sbqptv9n?auie=eyJhbGciOiJIUzI1NiJ9.eyJ1YSI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyOC4wLjAuMCBTYWZhcmkvNTM3LjM2IiwiaXAiOiI4NC4yNDkuMjA4LjYwIiwicHMiOiIxMDAwMTQiLCJhaSI6IjBhZjk5YmU5ZmUyNjVmNTNlMzI5ZThmOThlMmYxOTdmIiwiYmlkIjowLjAwMzE5NiwiYyI6NCwibCI6NDkzMjc1OSwiZWFuIjotMSwicyI6ImJhNzUxZTY3MmMyY2QyOGZhODRmY2YwMDkzODM4MzRhYjM0ZGI3YzY2MDUwZTY0MDVhODQ2NmIxNTY0ZDI5ZTk5MWRiNzE1NjhiM2I4N2I1NmFkZDI5ZDQyNzQ5YTRhNjQ3NmZmYjNlMTVjNDIyYzFiNWUyZDUiLCJucmkiOiIxODktMEhONjc3UVY5TkRVQy1PNkJTIiwiZXQiOiIxNzI1MzU2MzQ3In0.wnu8dzmi91CFwBrv9ZkdPhw4mEO0NCMwmeijay4eCRM&key=950768115af60843bc4f81bdd6d39e0e&ap=${AUCTION_PRICE}&l=4932759&sub3=1725355747&pid=1172918&auid=0af99be9fe265f53e329e8f98e2f197f&

Requested by

Host: your-winrenew-cash.top
URL: https://your-winrenew-cash.top/?u=g1cptec&o=56kkgqf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.159.104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21f3805619c78e1e869002c837c829b19ffb7a91b5a78ab3794484f3e8b29182

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://your-winrenew-cash.top/?u=g1cptec&o=56kkgqf
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8bd4b6b5fd085695-OSL
content-length: 6858
content-type: text/html; charset=UTF-8
date: Tue, 03 Sep 2024 09:29:08 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JKp7uF%2FLy67frs2Xt4%2Brp2YfSi2Z9SvtQ%2B8kvAvNUJlgc0YQs0tb7BKKW8SnydZ%2FuAtjbd2n8B92HiZBWWBC9vEFelt%2BI77f3DMA6hrvbzGzJfhBPLU5NNp4DDaJvz3mrF3hZl6ezQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8bd4b6b01d1b56b5-OSL
content-length: 0
date: Tue, 03 Sep 2024 09:29:07 GMT
location: https://sep0309.lamplynx.com/sbqptv9n?auie=eyJhbGciOiJIUzI1NiJ9.eyJ1YSI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyOC4wLjAuMCBTYWZhcmkvNTM3LjM2IiwiaXAiOiI4NC4yNDkuMjA4LjYwIiwicHMiOiIxMDAwMTQiLCJhaSI6IjBhZjk5YmU5ZmUyNjVmNTNlMzI5ZThmOThlMmYxOTdmIiwiYmlkIjowLjAwMzE5NiwiYyI6NCwibCI6NDkzMjc1OSwiZWFuIjotMSwicyI6ImJhNzUxZTY3MmMyY2QyOGZhODRmY2YwMDkzODM4MzRhYjM0ZGI3YzY2MDUwZTY0MDVhODQ2NmIxNTY0ZDI5ZTk5MWRiNzE1NjhiM2I4N2I1NmFkZDI5ZDQyNzQ5YTRhNjQ3NmZmYjNlMTVjNDIyYzFiNWUyZDUiLCJucmkiOiIxODktMEhONjc3UVY5TkRVQy1PNkJTIiwiZXQiOiIxNzI1MzU2MzQ3In0.wnu8dzmi91CFwBrv9ZkdPhw4mEO0NCMwmeijay4eCRM&key=950768115af60843bc4f81bdd6d39e0e&ap=${AUCTION_PRICE}&l=4932759&sub3=1725355747&pid=1172918&auid=0af99be9fe265f53e329e8f98e2f197f&
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nbQSQqvcZvnVCgJUScQJq9rNQPYsDR%2FU1i%2BGlLX4YnDrb8OPfvcbmk8aqwfGtwD%2FkX%2FX5p66it%2B4%2BNf5d4GrhZ9l8W1B4nyilKEe4QdZFdlJpTU0UyJyQ%2BWHWeDX55P7W5q8sY1CfLFYRwJapFg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H/1.1 204
No Content favicon.ico
your-winrenew-cash.top/ 0
136 B 135ms
133ms Other
text/plain 185.155.184.32
LUGANO Data Center

General

Check archive.org

Show headers Download Go to

Full URL: https://your-winrenew-cash.top/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.155.184.32 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

Referer: https://your-winrenew-cash.top/?u=g1cptec&o=56kkgqf
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Tue, 03 Sep 2024 09:29:06 GMT
Cache-Control: no-transform
Server: openresty
Connection: keep-alive

GET
H2 200 main.css
sep0309.lamplynx.com/cdn-cgi/styles/ 8 KB
2 KB 165ms
161ms Stylesheet
text/css 172.67.159.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sep0309.lamplynx.com/cdn-cgi/styles/main.css

Requested by

Host: sep0309.lamplynx.com
URL: https://sep0309.lamplynx.com/sbqptv9n?auie=eyJhbGciOiJIUzI1NiJ9.eyJ1YSI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyOC4wLjAuMCBTYWZhcmkvNTM3LjM2IiwiaXAiOiI4NC4yNDkuMjA4LjYwIiwicHMiOiIxMDAwMTQiLCJhaSI6IjBhZjk5YmU5ZmUyNjVmNTNlMzI5ZThmOThlMmYxOTdmIiwiYmlkIjowLjAwMzE5NiwiYyI6NCwibCI6NDkzMjc1OSwiZWFuIjotMSwicyI6ImJhNzUxZTY3MmMyY2QyOGZhODRmY2YwMDkzODM4MzRhYjM0ZGI3YzY2MDUwZTY0MDVhODQ2NmIxNTY0ZDI5ZTk5MWRiNzE1NjhiM2I4N2I1NmFkZDI5ZDQyNzQ5YTRhNjQ3NmZmYjNlMTVjNDIyYzFiNWUyZDUiLCJucmkiOiIxODktMEhONjc3UVY5TkRVQy1PNkJTIiwiZXQiOiIxNzI1MzU2MzQ3In0.wnu8dzmi91CFwBrv9ZkdPhw4mEO0NCMwmeijay4eCRM&key=950768115af60843bc4f81bdd6d39e0e&ap=${AUCTION_PRICE}&l=4932759&sub3=1725355747&pid=1172918&auid=0af99be9fe265f53e329e8f98e2f197f&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.159.104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d30b4ea6f68456672f5abb35e9dcf7d54226372b66e9d60a7ee26b7a52568e74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://sep0309.lamplynx.com/sbqptv9n?auie=eyJhbGciOiJIUzI1NiJ9.eyJ1YSI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyOC4wLjAuMCBTYWZhcmkvNTM3LjM2IiwiaXAiOiI4NC4yNDkuMjA4LjYwIiwicHMiOiIxMDAwMTQiLCJhaSI6IjBhZjk5YmU5ZmUyNjVmNTNlMzI5ZThmOThlMmYxOTdmIiwiYmlkIjowLjAwMzE5NiwiYyI6NCwibCI6NDkzMjc1OSwiZWFuIjotMSwicyI6ImJhNzUxZTY3MmMyY2QyOGZhODRmY2YwMDkzODM4MzRhYjM0ZGI3YzY2MDUwZTY0MDVhODQ2NmIxNTY0ZDI5ZTk5MWRiNzE1NjhiM2I4N2I1NmFkZDI5ZDQyNzQ5YTRhNjQ3NmZmYjNlMTVjNDIyYzFiNWUyZDUiLCJucmkiOiIxODktMEhONjc3UVY5TkRVQy1PNkJTIiwiZXQiOiIxNzI1MzU2MzQ3In0.wnu8dzmi91CFwBrv9ZkdPhw4mEO0NCMwmeijay4eCRM&key=950768115af60843bc4f81bdd6d39e0e&ap=${AUCTION_PRICE}&l=4932759&sub3=1725355747&pid=1172918&auid=0af99be9fe265f53e329e8f98e2f197f&
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 09:29:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 27 Aug 2024 19:10:22 GMT
server: cloudflare
etag: W/"66ce249e-1f4d"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 8bd4b6b79fcb5695-OSL
expires: Tue, 03 Sep 2024 11:29:09 GMT

GET
H2 200 cf-icon-browser.png
sep0309.lamplynx.com/cdn-cgi/images/ 484 B
573 B 249ms
248ms Image
image/png 172.67.159.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sep0309.lamplynx.com/cdn-cgi/images/cf-icon-browser.png

Requested by

Host: sep0309.lamplynx.com
URL: https://sep0309.lamplynx.com/cdn-cgi/styles/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.159.104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78a7d8b29cabf16831417dba1b9bbe36fae0d060a35a495e8f10e9663b3c9e65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://sep0309.lamplynx.com/cdn-cgi/styles/main.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 09:29:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Aug 2024 19:10:22 GMT
server: cloudflare
etag: "66ce249e-1e4"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 8bd4b6b8b9555695-OSL
content-length: 484
expires: Tue, 03 Sep 2024 11:29:09 GMT

GET
H2 200 cf-icon-ok.png
sep0309.lamplynx.com/cdn-cgi/images/ 946 B
1022 B 248ms
247ms Image
image/png 172.67.159.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sep0309.lamplynx.com/cdn-cgi/images/cf-icon-ok.png

Requested by

Host: sep0309.lamplynx.com
URL: https://sep0309.lamplynx.com/cdn-cgi/styles/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.159.104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed732380ee3ff0f2d841784da213c8c05d2b5ae187a5217b419d21cae5cedb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://sep0309.lamplynx.com/cdn-cgi/styles/main.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 09:29:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Aug 2024 19:10:22 GMT
server: cloudflare
etag: "66ce249e-3b2"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 8bd4b6b8b9565695-OSL
content-length: 946
expires: Tue, 03 Sep 2024 11:29:09 GMT

GET
H2 200 cf-icon-cloud.png
sep0309.lamplynx.com/cdn-cgi/images/ 1 KB
2 KB 254ms
254ms Image
image/png 172.67.159.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sep0309.lamplynx.com/cdn-cgi/images/cf-icon-cloud.png

Requested by

Host: sep0309.lamplynx.com
URL: https://sep0309.lamplynx.com/cdn-cgi/styles/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.159.104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a223426c67a0a33ff57af68a57fb589fea36af2a6e8f9dae7798c77471e0e58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://sep0309.lamplynx.com/cdn-cgi/styles/main.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 09:29:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Aug 2024 19:10:22 GMT
server: cloudflare
etag: "66ce249e-5cc"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 8bd4b6b8b9585695-OSL
content-length: 1484
expires: Tue, 03 Sep 2024 11:29:09 GMT

GET
H2 200 cf-icon-server.png
sep0309.lamplynx.com/cdn-cgi/images/ 1 KB
1 KB 258ms
258ms Image
image/png 172.67.159.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sep0309.lamplynx.com/cdn-cgi/images/cf-icon-server.png

Requested by

Host: sep0309.lamplynx.com
URL: https://sep0309.lamplynx.com/cdn-cgi/styles/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.159.104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41553a537f85839927155af093b7bfa1987215f474ed038714609cc48812ea3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://sep0309.lamplynx.com/cdn-cgi/styles/main.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 09:29:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Aug 2024 19:10:22 GMT
server: cloudflare
etag: "66ce249e-568"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 8bd4b6b8b9595695-OSL
content-length: 1384
expires: Tue, 03 Sep 2024 11:29:09 GMT

GET
H2 200 cf-icon-error.png
sep0309.lamplynx.com/cdn-cgi/images/ 854 B
930 B 261ms
260ms Image
image/png 172.67.159.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sep0309.lamplynx.com/cdn-cgi/images/cf-icon-error.png

Requested by

Host: sep0309.lamplynx.com
URL: https://sep0309.lamplynx.com/cdn-cgi/styles/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.159.104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67f70597a183fbca7fac55d609fbaac5c34bb4d4d32a0530bbbbb42591f2de2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://sep0309.lamplynx.com/cdn-cgi/styles/main.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 09:29:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Aug 2024 19:10:22 GMT
server: cloudflare
etag: "66ce249e-356"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 8bd4b6b8b95a5695-OSL
content-length: 854
expires: Tue, 03 Sep 2024 11:29:09 GMT

GET
H2 200 favicon.ico
sep0309.lamplynx.com/ 0
390 B 191ms
187ms Other
image/x-icon 172.67.159.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sep0309.lamplynx.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.159.104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://sep0309.lamplynx.com/sbqptv9n?auie=eyJhbGciOiJIUzI1NiJ9.eyJ1YSI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyOC4wLjAuMCBTYWZhcmkvNTM3LjM2IiwiaXAiOiI4NC4yNDkuMjA4LjYwIiwicHMiOiIxMDAwMTQiLCJhaSI6IjBhZjk5YmU5ZmUyNjVmNTNlMzI5ZThmOThlMmYxOTdmIiwiYmlkIjowLjAwMzE5NiwiYyI6NCwibCI6NDkzMjc1OSwiZWFuIjotMSwicyI6ImJhNzUxZTY3MmMyY2QyOGZhODRmY2YwMDkzODM4MzRhYjM0ZGI3YzY2MDUwZTY0MDVhODQ2NmIxNTY0ZDI5ZTk5MWRiNzE1NjhiM2I4N2I1NmFkZDI5ZDQyNzQ5YTRhNjQ3NmZmYjNlMTVjNDIyYzFiNWUyZDUiLCJucmkiOiIxODktMEhONjc3UVY5TkRVQy1PNkJTIiwiZXQiOiIxNzI1MzU2MzQ3In0.wnu8dzmi91CFwBrv9ZkdPhw4mEO0NCMwmeijay4eCRM&key=950768115af60843bc4f81bdd6d39e0e&ap=${AUCTION_PRICE}&l=4932759&sub3=1725355747&pid=1172918&auid=0af99be9fe265f53e329e8f98e2f197f&
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 09:29:09 GMT
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
x-request-id: f8fcd59c394d79d458831fcf15d14e69
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6u0eBy9nSMqjg9elifKwFdUIrqFsH3f8Wpc3WYMBODyU40JlGpVVasydkhJbSaX7xfXEi7T04MVvf5HKqLNNIPQWVaueXmis2FS8dQPtArliyFjsSSK6sxU61XyTpVYy%2BIPQXwWKtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: no-cache, max-age=0, private, no-cache
accept-ranges: bytes
cf-ray: 8bd4b6ba5b8a5695-OSL
expires: Thu, 01 Jan 1970 00:00:01 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
your-winrenew-cash.top/	1969-12-31 23:59:59	Name: sid Value: t2~wppdoww2qagf4grwfak3mfvj
your-winrenew-cash.top/	1969-12-31 23:59:59	Name: p1 Value: https://intobanhon.live/qpflpidr/
your-winrenew-cash.top/	1969-12-31 23:59:59	Name: s1 Value: 3xoq0kz3p05i5m8z
cetpc1g.intobanhon.live/	1970-01-20 23:17:22	Name: cookie1 Value: true
feed.altairfomalhaut.com/	1970-01-21 08:51:55	Name: __dcu Value: 4c2e78c3-cce6-4610-8526-acfc05460800

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sep0309.lamplynx.com/sbqptv9n?auie=eyJhbGciOiJIUzI1NiJ9.eyJ1YSI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyOC4wLjAuMCBTYWZhcmkvNTM3LjM2IiwiaXAiOiI4NC4yNDkuMjA4LjYwIiwicHMiOiIxMDAwMTQiLCJhaSI6IjBhZjk5YmU5ZmUyNjVmNTNlMzI5ZThmOThlMmYxOTdmIiwiYmlkIjowLjAwMzE5NiwiYyI6NCwibCI6NDkzMjc1OSwiZWFuIjotMSwicyI6ImJhNzUxZTY3MmMyY2QyOGZhODRmY2YwMDkzODM4MzRhYjM0ZGI3YzY2MDUwZTY0MDVhODQ2NmIxNTY0ZDI5ZTk5MWRiNzE1NjhiM2I4N2I1NmFkZDI5ZDQyNzQ5YTRhNjQ3NmZmYjNlMTVjNDIyYzFiNWUyZDUiLCJucmkiOiIxODktMEhONjc3UVY5TkRVQy1PNkJTIiwiZXQiOiIxNzI1MzU2MzQ3In0.wnu8dzmi91CFwBrv9ZkdPhw4mEO0NCMwmeijay4eCRM&key=950768115af60843bc4f81bdd6d39e0e&ap=${AUCTION_PRICE}&l=4932759&sub3=1725355747&pid=1172918&auid=0af99be9fe265f53e329e8f98e2f197f& Message: Failed to load resource: the server responded with a status of 521 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cetpc1g.intobanhon.live
feed.altairfomalhaut.com
offers25942.xyz
sep0309.lamplynx.com
ssp-trk.altairfomalhaut.com
your-winrenew-cash.top
172.67.159.104
185.155.184.32
185.155.186.25
188.114.97.3
95.215.19.22
21f3805619c78e1e869002c837c829b19ffb7a91b5a78ab3794484f3e8b29182
3a223426c67a0a33ff57af68a57fb589fea36af2a6e8f9dae7798c77471e0e58
41553a537f85839927155af093b7bfa1987215f474ed038714609cc48812ea3b
67f70597a183fbca7fac55d609fbaac5c34bb4d4d32a0530bbbbb42591f2de2f
78a7d8b29cabf16831417dba1b9bbe36fae0d060a35a495e8f10e9663b3c9e65
d30b4ea6f68456672f5abb35e9dcf7d54226372b66e9d60a7ee26b7a52568e74
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed732380ee3ff0f2d841784da213c8c05d2b5ae187a5217b419d21cae5cedb1b

sep0309.lamplynx.com Open in urlscan Pro 172.67.159.104 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

5 Domains

6 Subdomains

2 IPs

4 Countries

78 kBTransfer

81 kBSize

5 Cookies

2 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

5 Cookies

1 Console Messages

Indicators

sep0309.lamplynx.com Open in urlscan Pro
172.67.159.104 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

2
IPs

4
Countries

78 kB
Transfer

81 kB
Size

5
Cookies

10 HTTP transactions
0 data transactions