280.chishotopt.live Open in urlscan Pro
141.95.108.246 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tiktok_9f5.q3i.us/1b686a1
Effective URL:
https://280.chishotopt.live/rsqwqutc/article280.doc?u=xunwwwr&o=b08p0zy&cid=w08ui2cea6mtsnfqie1qkd70&f=1&sid=t6~0rg1j5gsg4wl...
Submission Tags: falconsandbox
Submission: On July 28 via api (July 28th 2023, 11:00:39 pm UTC) from US — Scanned from US

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 8 domains to perform 9 HTTP transactions. The main IP is 141.95.108.246, located in and belongs to . The main domain is 280.chishotopt.live.
TLS certificate: Issued by R3 on July 14th 2023. Valid for: 3 months.

This is the only time 280.chishotopt.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3036::6815:2dcb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700:303... 2606:4700:3031::6815:14db	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	64.227.23.114 64.227.23.114	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 3	99.198.108.194 99.198.108.194	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2	2606:4700:10:... 2606:4700:10::6816:4aab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.231.66.24 34.231.66.24	14618 (AMAZON-AES) (AMAZON-AES)
2	185.155.184.98 185.155.184.98	5398 (AS5398) (AS5398)
1	141.95.108.246 141.95.108.246	() ()
9	6

1 2606:4700:3036::6815:2dcb (United States)

ASN13335 (CLOUDFLARENET, US)

tiktok_9f5.q3i.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::6815:14db (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

alienfb.trade	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.227.23.114 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

country.contentrightnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.198.108.194 (United States) 1 redirects

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi

monkey.redirectmaster.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:4aab (United States)

ASN13335 (CLOUDFLARENET, US)

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.231.66.24 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-66-24.compute-1.amazonaws.com

cartining-specute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.155.184.98 (Switzerland)

ASN5398 (AS5398, CH)

winjackpot.life	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.108.246 (None, )

ASN- ()

280.chishotopt.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	redirectmaster.com 1 redirects monkey.redirectmaster.com	5 KB
2	winjackpot.life winjackpot.life — Cisco Umbrella Rank: 723143	89 KB
2	amung.us whos.amung.us — Cisco Umbrella Rank: 15894	63 B
2	alienfb.trade 1 redirects alienfb.trade	1 KB
1	chishotopt.live 280.chishotopt.live
1	cartining-specute.com 1 redirects cartining-specute.com	556 B
1	contentrightnow.com 1 redirects country.contentrightnow.com	295 B
1	q3i.us tiktok_9f5.q3i.us	680 B
9	8

	Domain	Requested by
3	monkey.redirectmaster.com	1 redirects alienfb.trade monkey.redirectmaster.com
2	winjackpot.life	monkey.redirectmaster.com winjackpot.life
2	whos.amung.us
2	alienfb.trade	1 redirects tiktok_9f5.q3i.us
1	280.chishotopt.live	winjackpot.life
1	cartining-specute.com	1 redirects
1	country.contentrightnow.com	1 redirects
1	tiktok_9f5.q3i.us
9	8

This site contains no links.

Subject Issuer	Validity	Valid
q3i.us GTS CA 1P5	`2023-07-28` - `2023-10-26`	3 months	crt.sh
alienfb.trade E1	`2023-06-08` - `2023-09-06`	3 months	crt.sh
monkey.redirectmaster.com R3	`2023-06-04` - `2023-09-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-06-11` - `2024-06-09`	a year	crt.sh
winjackpot.life R3	`2023-06-20` - `2023-09-18`	3 months	crt.sh
*.chishotopt.live R3	`2023-07-14` - `2023-10-12`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://280.chishotopt.live/rsqwqutc/article280.doc?u=xunwwwr&o=b08p0zy&cid=w08ui2cea6mtsnfqie1qkd70&f=1&sid=t6~0rg1j5gsg4wlbavs41madpjm&fp=7jUeyVyPI9xi1kzr5AMtpo6L5d%2FrxkP%2B5IYirAO9Z4Qc53XqM0wQy5qdUnWfwkrNZWXGO6VYGajNCLIAGtkQHkyEqKcf6iRlXhHpnScLnZJfbFuPHR1ypx%2BDqs9MxFBIb1Kl5W7b8fW1uYP%2B2xB87Hh%2BImE6km261MpNdPJc4dtbs0Pc9Y0tErFNKmvj9kV4HYyDqIOPtmzTDthy5fcTsgP2I4M0iyznjqo4fdH8SuKA4fNKwO2AoWhWf%2FLs96DHNsXeWKvWE5DR4gmMzTGAovuMT6TkAQMZiMGo05POkqEqUWdFrKTdKZ%2BeavlX17M7Ghscx%2Fuee7U9QD6PeWX5ByLVGICS848vIg88O10trwhK2VO9yAvJ9mS30uim2vGFiVQFQ2mn5SAwPhNICXRh5dC%2F8ACEdsn50XrDNi7OXFOVspylUVlJzsQa6oDUDxkQb%2FsX%2FpyYxvjjPGYUcTyKmU1k1h59zJoMQWQZlmFVzorGQaGEuuzQloy8wVke5Gj9vWFT6Jieb8XNhW8p0XgWqYuo9zaUkF%2FZ1QskBIIo6b%2F0ynzBMmRhUHNzGcSTBCdm8wCBPN7Oo9AlMQa9MRJlQVfmKSlB4%2Fzt%2FBdXCBYFp0fadA%2BNQc7MWTYZP4fbajR7C6mlIVIy1XC6UkBK8J9mCZfMPi%2F6S%2FJK9C7dgjX4pzN3sz0BqhHShOOFRJ0kJICyBKkeJz%2BJvei7gBhFqDJ7DrdQDR9dDgixLYSxcS2PPXFB%2B10hfP%2FTFGM69iT2MJmjCX922kgiTPg5ZyJsgmSNe3WmiWReZvp%2Bthk%2FmWIREZgALJrB3Ym%2BoO1JU94EFqI4ACS%2FX7NKeZ5MmIp621ezG25ck%2FwE4DVZETdb62lnkN%2FMrNwImSitS%2BfkqH7z3JLL5uOAQzcr2KgFRpNPMm9fuCyKJup%2BZ8%2FtuhiIhIogBED726OfapRgG8hM2tSl41AUIx4BBES1BZnVWNw0qNdgmL1WhOuaxDakIDQh5FOjs9GAI7VR0ggK6hDh4K8p9hLB0O%2Bxgs31Rv6rAxqrXp8OKejE7ckQEAmx45M64m5BAFWTzRlvtDXilOb%2FHLWLZgtqLa%2BGCDYGmPEx90VXwaobjGk02UhmS1d%2FrVrPEs0oomQc53j7MEhvmuRqxWHghE2wUBV49L56ebJUh%2BqGbiqKY0QVRbjCR491CZ3GXLJVqM2xaU8MOnoMXRCoHqaWw7MSIddUHTKcQ5UhW6ySBjU27WBQN5JcxrzAAChy9nfB1OLAx8SLusSVoLkGGTvqShHC%2FWJwNB6FGmu8mSbBuYkD1CNDSF%2FzP3wTQiM6e5KR%2F7NqZHKsoxadJIEVLxyIaxtg4BNKJmrl%2BFZCld6UuOvEkcQ8994dKYvEk1TyvXkmSELi2zr3FlnTVVsjnP%2BR81QW64TUYVndODvEQGm3bgPvorJYxwt2VKk9nKaaG%2BgkMxz%2FuS%2BlXlo8150nmypUAhW3fRPkv18LaWFuit0XnTJb2ewDCcce%2FwLkSYNiP%2FPzW7sO25KD8F8yPkscTG%2FE%2B1QBuNv7u9ju2I1V%2F4nRz9UWN%2BhXGBHxh0x2VazqfYRjPu%2F%2FYCYxLmntsFmBEXDWD0%2F%2FiOmjdbbougnUaZRC8gXiFHHCeHj%2FCNhOAu4izfZ2wy%2FefwB2UJfA3rbUIcpJy0UiWGV4aohE6u52%2BnoRXXq7yzwb6qox4i6UwkU4Z69MMVx4ypPjcpcrJheQ1l%2FFuhUOisiij3TPsb8rM0rq6HgB7%2Be%2Fk2RaD7%2FqUoF2DJgBZ4rcYsdB0w055Uv8u8t485GYYOTtlxIuovb77oG9dkTucWCh81LfydaevghxAxZJsGZj9Au%2BntvVjfwvvXsDHmjTi2FLLwKMZOCAT9C5sm0psHosgscDUmfEBw%2B8ZDPBgtwBwL7JBz8%2FMgs3VaQQef3b8KXubW05R6DD9fvzColEhvNOdXpYCseCzNgzE5PgPXQze1qbgUd4UGO4IVY%2B%2BIvUmBhiOCCX8y9JqaaUFY%2BKRS0rEDYATsqHmtb%2BZt4nZqw%3D
Frame ID: DC26192FF4F5F9FB8C2FB97046168F4C
Requests: 8 HTTP requests in this frame

Frame: https://winjackpot.life/media/mainstream/frame.html
Frame ID: E6F527C1B3327C3E6BA044C8C8C9B699
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://tiktok_9f5.q3i.us/1b686a1 Page URL
https://alienfb.trade/Geo/index.php HTTP 302
https://country.contentrightnow.com/?k=07c26007ab94bc677c4d0102a4c46279&type=mainstream&subtype=global HTTP 302
https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb Page URL
https://monkey.redirectmaster.com/?utm_term=7261008299737219075 Page URL
https://monkey.redirectmaster.com/proc.php?3e114ddf7f7ebfb741f182ecff3b101d5be3445f HTTP 302
https://cartining-specute.com/a90de009-8218-431e-8c7c-a2b328ff4985?partner_id=4400&click_cost=0&subid=M726... HTTP 302
https://winjackpot.life/?u=xunwwwr&o=b08p0zy&cid=w08ui2cea6mtsnfqie1qkd70 Page URL
https://280.chishotopt.live/rsqwqutc/article280.doc?u=xunwwwr&o=b08p0zy&cid=w08ui2cea6mtsnfqie1qkd70&f=1... Page URL

Page Statistics

9
Requests

100 %
HTTPS

38 %
IPv6

8
Domains

8
Subdomains

6
IPs

2
Countries

95 kB
Transfer

100 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tiktok_9f5.q3i.us/1b686a1 Page URL
https://alienfb.trade/Geo/index.php HTTP 302
https://country.contentrightnow.com/?k=07c26007ab94bc677c4d0102a4c46279&type=mainstream&subtype=global HTTP 302
https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb Page URL
https://monkey.redirectmaster.com/?utm_term=7261008299737219075 Page URL
https://monkey.redirectmaster.com/proc.php?3e114ddf7f7ebfb741f182ecff3b101d5be3445f HTTP 302
https://cartining-specute.com/a90de009-8218-431e-8c7c-a2b328ff4985?partner_id=4400&click_cost=0&subid=M7261008299737219075 HTTP 302
https://winjackpot.life/?u=xunwwwr&o=b08p0zy&cid=w08ui2cea6mtsnfqie1qkd70 Page URL
https://280.chishotopt.live/rsqwqutc/article280.doc?u=xunwwwr&o=b08p0zy&cid=w08ui2cea6mtsnfqie1qkd70&f=1&sid=t6~0rg1j5gsg4wlbavs41madpjm&fp=7jUeyVyPI9xi1kzr5AMtpo6L5d%2FrxkP%2B5IYirAO9Z4Qc53XqM0wQy5qdUnWfwkrNZWXGO6VYGajNCLIAGtkQHkyEqKcf6iRlXhHpnScLnZJfbFuPHR1ypx%2BDqs9MxFBIb1Kl5W7b8fW1uYP%2B2xB87Hh%2BImE6km261MpNdPJc4dtbs0Pc9Y0tErFNKmvj9kV4HYyDqIOPtmzTDthy5fcTsgP2I4M0iyznjqo4fdH8SuKA4fNKwO2AoWhWf%2FLs96DHNsXeWKvWE5DR4gmMzTGAovuMT6TkAQMZiMGo05POkqEqUWdFrKTdKZ%2BeavlX17M7Ghscx%2Fuee7U9QD6PeWX5ByLVGICS848vIg88O10trwhK2VO9yAvJ9mS30uim2vGFiVQFQ2mn5SAwPhNICXRh5dC%2F8ACEdsn50XrDNi7OXFOVspylUVlJzsQa6oDUDxkQb%2FsX%2FpyYxvjjPGYUcTyKmU1k1h59zJoMQWQZlmFVzorGQaGEuuzQloy8wVke5Gj9vWFT6Jieb8XNhW8p0XgWqYuo9zaUkF%2FZ1QskBIIo6b%2F0ynzBMmRhUHNzGcSTBCdm8wCBPN7Oo9AlMQa9MRJlQVfmKSlB4%2Fzt%2FBdXCBYFp0fadA%2BNQc7MWTYZP4fbajR7C6mlIVIy1XC6UkBK8J9mCZfMPi%2F6S%2FJK9C7dgjX4pzN3sz0BqhHShOOFRJ0kJICyBKkeJz%2BJvei7gBhFqDJ7DrdQDR9dDgixLYSxcS2PPXFB%2B10hfP%2FTFGM69iT2MJmjCX922kgiTPg5ZyJsgmSNe3WmiWReZvp%2Bthk%2FmWIREZgALJrB3Ym%2BoO1JU94EFqI4ACS%2FX7NKeZ5MmIp621ezG25ck%2FwE4DVZETdb62lnkN%2FMrNwImSitS%2BfkqH7z3JLL5uOAQzcr2KgFRpNPMm9fuCyKJup%2BZ8%2FtuhiIhIogBED726OfapRgG8hM2tSl41AUIx4BBES1BZnVWNw0qNdgmL1WhOuaxDakIDQh5FOjs9GAI7VR0ggK6hDh4K8p9hLB0O%2Bxgs31Rv6rAxqrXp8OKejE7ckQEAmx45M64m5BAFWTzRlvtDXilOb%2FHLWLZgtqLa%2BGCDYGmPEx90VXwaobjGk02UhmS1d%2FrVrPEs0oomQc53j7MEhvmuRqxWHghE2wUBV49L56ebJUh%2BqGbiqKY0QVRbjCR491CZ3GXLJVqM2xaU8MOnoMXRCoHqaWw7MSIddUHTKcQ5UhW6ySBjU27WBQN5JcxrzAAChy9nfB1OLAx8SLusSVoLkGGTvqShHC%2FWJwNB6FGmu8mSbBuYkD1CNDSF%2FzP3wTQiM6e5KR%2F7NqZHKsoxadJIEVLxyIaxtg4BNKJmrl%2BFZCld6UuOvEkcQ8994dKYvEk1TyvXkmSELi2zr3FlnTVVsjnP%2BR81QW64TUYVndODvEQGm3bgPvorJYxwt2VKk9nKaaG%2BgkMxz%2FuS%2BlXlo8150nmypUAhW3fRPkv18LaWFuit0XnTJb2ewDCcce%2FwLkSYNiP%2FPzW7sO25KD8F8yPkscTG%2FE%2B1QBuNv7u9ju2I1V%2F4nRz9UWN%2BhXGBHxh0x2VazqfYRjPu%2F%2FYCYxLmntsFmBEXDWD0%2F%2FiOmjdbbougnUaZRC8gXiFHHCeHj%2FCNhOAu4izfZ2wy%2FefwB2UJfA3rbUIcpJy0UiWGV4aohE6u52%2BnoRXXq7yzwb6qox4i6UwkU4Z69MMVx4ypPjcpcrJheQ1l%2FFuhUOisiij3TPsb8rM0rq6HgB7%2Be%2Fk2RaD7%2FqUoF2DJgBZ4rcYsdB0w055Uv8u8t485GYYOTtlxIuovb77oG9dkTucWCh81LfydaevghxAxZJsGZj9Au%2BntvVjfwvvXsDHmjTi2FLLwKMZOCAT9C5sm0psHosgscDUmfEBw%2B8ZDPBgtwBwL7JBz8%2FMgs3VaQQef3b8KXubW05R6DD9fvzColEhvNOdXpYCseCzNgzE5PgPXQze1qbgUd4UGO4IVY%2B%2BIvUmBhiOCCX8y9JqaaUFY%2BKRS0rEDYATsqHmtb%2BZt4nZqw%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://alienfb.trade/Geo/index.php HTTP 302
https://country.contentrightnow.com/?k=07c26007ab94bc677c4d0102a4c46279&type=mainstream&subtype=global HTTP 302
https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb

Request Chain 6

https://monkey.redirectmaster.com/proc.php?3e114ddf7f7ebfb741f182ecff3b101d5be3445f HTTP 302
https://cartining-specute.com/a90de009-8218-431e-8c7c-a2b328ff4985?partner_id=4400&click_cost=0&subid=M7261008299737219075 HTTP 302
https://winjackpot.life/?u=xunwwwr&o=b08p0zy&cid=w08ui2cea6mtsnfqie1qkd70

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 1b686a1 Show response
tiktok_9f5.q3i.us/ 384 B
680 B 360ms
262ms Document
text/html 2606:4700:3036::6815:2dcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tiktok_9f5.q3i.us/1b686a1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2dcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 597373c1caf14dc30aabf46030572ec6309dad66225011bc2cbf28d69341c5c1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7ee0bd354a4e7fac-ORD
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 28 Jul 2023 23:00:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v3I2I%2BoVHVHED9E81o7VbGOEGrcvt58j6WeyPLQfJi5%2FLBg6XJ8zzCw6AfEc%2F7xWwClj9nG%2FRd2KplbQNgO1TGBNc%2FxZ7XbNYV596UC%2BfOuzlj5MbJZiNsJ9gVI%2FB8%2B%2FkFcF24vZBxJOYduavJaHxg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin

GET
H2 200 index.php Show response
alienfb.trade/h/ 807 B
923 B 400ms
305ms Script
application/javascript 2606:4700:3031::6815:14db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://alienfb.trade/h/index.php?username=wyndyfb
Requested by: Host: tiktok_9f5.q3i.us
URL: https://tiktok_9f5.q3i.us/1b686a1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:14db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ad816138db43e59ce14a6cfad6eb7622e2d10cc97cfb098281a2f0b1cdbe2250

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
pragma: no-cache
date: Fri, 28 Jul 2023 23:00:35 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rE2Gdweb3YZqfGzShVXmavpqz41eGzkGMZjiXDVb0FitN8e9uTKLKJjZV7AUwp3crpPbgsyeeQBQCO2veh%2FixpDXPnQUQsHUuQl5uMdXZjFw7g9QPgdHQEJpuzVjJK34q%2FShKB4NizWY8mtG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0,post-check=0, pre-check=0
cf-ray: 7ee0bd378c13233e-ORD
alt-svc: h3=":443"; ma=86400

GET
H2

200

/
monkey.redirectmaster.com/
Redirect Chain

https://alienfb.trade/Geo/index.php
https://country.contentrightnow.com/?k=07c26007ab94bc677c4d0102a4c46279&type=mainstream&subtype=global
https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb

1 KB
939 B

177ms
31ms

Document
text/html

99.198.108.194
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Requested by: Host: alienfb.trade
URL: https://alienfb.trade/h/index.php?username=wyndyfb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.198.108.194 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: server04.com-2.mobi
Software: nginx / PHP/8.2.0
Resource Hash

Request headers

Referer: https://tiktok_9f5.q3i.us/1b686a1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 28 Jul 2023 23:00:36 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://monkey.redirectmaster.com/?utm_term=7261008299737219075
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.2.0

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Fri, 28 Jul 2023 23:00:35 GMT
Location: https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Server: nginx/1.16.1 (Ubuntu)

GET
H2 200 /
whos.amung.us/pingjs/ 32 B
32 B 131ms
46ms Image
text/javascript 2606:4700:10::6816:4aab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://whos.amung.us/pingjs/?k=alienfbpanel&t=CASH&x=https://www.cashbycashapp.com/eneroli28xx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 23:00:35 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7ee0bd3abee92d5e-ORD
content-type: text/javascript;charset=UTF-8

GET
H2 200 /
whos.amung.us/pingjs/ 31 B
31 B 132ms
48ms Image
text/javascript 2606:4700:10::6816:4aab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://whos.amung.us/pingjs/?k=eneroli28xx&t=CASH&x=https://www.cashbycashapp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 23:00:35 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7ee0bd3abeeb2d5e-ORD
content-type: text/javascript;charset=UTF-8

GET
H2 200 / Show response
monkey.redirectmaster.com/ 8 KB
3 KB 34ms
33ms Document
text/html 99.198.108.194
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://monkey.redirectmaster.com/?utm_term=7261008299737219075
Requested by: Host: monkey.redirectmaster.com
URL: https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.198.108.194 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: server04.com-2.mobi
Software: nginx / PHP/8.2.0
Resource Hash: e8eaebbf1e38d050ddba989430aa02f8ccdf3d5689fe2fd01300b6b9e2394c59

Request headers

Referer: https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 28 Jul 2023 23:00:36 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.2.0

GET
H/1.1

200
OK

/ Show response
winjackpot.life/
Redirect Chain

https://monkey.redirectmaster.com/proc.php?3e114ddf7f7ebfb741f182ecff3b101d5be3445f
https://cartining-specute.com/a90de009-8218-431e-8c7c-a2b328ff4985?partner_id=4400&click_cost=0&subid=M7261008299737219075
https://winjackpot.life/?u=xunwwwr&o=b08p0zy&cid=w08ui2cea6mtsnfqie1qkd70

88 KB
88 KB

582ms
208ms

Document
text/html

185.155.184.98
AS5398

General

Check archive.org

Show headers Download Go to

Full URL: https://winjackpot.life/?u=xunwwwr&o=b08p0zy&cid=w08ui2cea6mtsnfqie1qkd70
Requested by: Host: monkey.redirectmaster.com
URL: https://monkey.redirectmaster.com/?utm_term=7261008299737219075
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 185.155.184.98 , Switzerland, ASN5398 (AS5398, CH),
Reverse DNS
Software: nginx /
Resource Hash: 4d9b86da5a954ec3a6e94ff3f512636fc93a6e75b0e649896cc830bb7e2aafe0

Request headers

Referer: https://monkey.redirectmaster.com/?utm_term=7261008299737219075#0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-transform
Connection: keep-alive
Content-Length: 89781
Content-Type: text/html
Date: Fri, 28 Jul 2023 23:00:36 GMT
Server: nginx
cache-control: private

Redirect headers

cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 0
date: Fri, 28 Jul 2023 23:00:36 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://winjackpot.life/?u=xunwwwr&o=b08p0zy&cid=w08ui2cea6mtsnfqie1qkd70
pragma: no-cache
server: nginx

GET
H/1.1 200
OK frame.html
winjackpot.life/media/mainstream/ Frame E6F5 39 B
825 B 1318ms
136ms Document
text/html 185.155.184.98
AS5398

General

Check archive.org

Show headers Download Go to

Full URL

https://winjackpot.life/media/mainstream/frame.html

Requested by

Host: winjackpot.life
URL: https://winjackpot.life/?u=xunwwwr&o=b08p0zy&cid=w08ui2cea6mtsnfqie1qkd70

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.184.98 , Switzerland, ASN5398 (AS5398, CH),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://winjackpot.life/?u=xunwwwr&o=b08p0zy&cid=w08ui2cea6mtsnfqie1qkd70
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=31536000 no-transform
Connection: keep-alive
Content-Length: 39
Content-Security-Policy: block-all-mixed-content
Content-Type: text/html
Date: Fri, 28 Jul 2023 23:00:38 GMT
ETag: "086707e4369f60afedcafb16050a7618"
Expires: Sat, 27 Jul 2024 23:00:38 GMT
Last-Modified: Mon, 20 Feb 2023 09:34:05 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin Accept-Encoding
X-Amz-Request-Id: 17762A0B1FC1DACF
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843338#351669788/gid:0/gname:root/mode:33279/mtime:1655387452#842583333/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:50:52.842583333Z

GET
H/1.1 200
OK Primary Request article280.doc
280.chishotopt.live/rsqwqutc/ 2 KB
0 1263ms
208ms Document
text/html 141.95.108.246

General

Check archive.org

Show headers Download Go to

Full URL: https://280.chishotopt.live/rsqwqutc/article280.doc?u=xunwwwr&o=b08p0zy&cid=w08ui2cea6mtsnfqie1qkd70&f=1&sid=t6~0rg1j5gsg4wlbavs41madpjm&fp=7jUeyVyPI9xi1kzr5AMtpo6L5d%2FrxkP%2B5IYirAO9Z4Qc53XqM0wQy5qdUnWfwkrNZWXGO6VYGajNCLIAGtkQHkyEqKcf6iRlXhHpnScLnZJfbFuPHR1ypx%2BDqs9MxFBIb1Kl5W7b8fW1uYP%2B2xB87Hh%2BImE6km261MpNdPJc4dtbs0Pc9Y0tErFNKmvj9kV4HYyDqIOPtmzTDthy5fcTsgP2I4M0iyznjqo4fdH8SuKA4fNKwO2AoWhWf%2FLs96DHNsXeWKvWE5DR4gmMzTGAovuMT6TkAQMZiMGo05POkqEqUWdFrKTdKZ%2BeavlX17M7Ghscx%2Fuee7U9QD6PeWX5ByLVGICS848vIg88O10trwhK2VO9yAvJ9mS30uim2vGFiVQFQ2mn5SAwPhNICXRh5dC%2F8ACEdsn50XrDNi7OXFOVspylUVlJzsQa6oDUDxkQb%2FsX%2FpyYxvjjPGYUcTyKmU1k1h59zJoMQWQZlmFVzorGQaGEuuzQloy8wVke5Gj9vWFT6Jieb8XNhW8p0XgWqYuo9zaUkF%2FZ1QskBIIo6b%2F0ynzBMmRhUHNzGcSTBCdm8wCBPN7Oo9AlMQa9MRJlQVfmKSlB4%2Fzt%2FBdXCBYFp0fadA%2BNQc7MWTYZP4fbajR7C6mlIVIy1XC6UkBK8J9mCZfMPi%2F6S%2FJK9C7dgjX4pzN3sz0BqhHShOOFRJ0kJICyBKkeJz%2BJvei7gBhFqDJ7DrdQDR9dDgixLYSxcS2PPXFB%2B10hfP%2FTFGM69iT2MJmjCX922kgiTPg5ZyJsgmSNe3WmiWReZvp%2Bthk%2FmWIREZgALJrB3Ym%2BoO1JU94EFqI4ACS%2FX7NKeZ5MmIp621ezG25ck%2FwE4DVZETdb62lnkN%2FMrNwImSitS%2BfkqH7z3JLL5uOAQzcr2KgFRpNPMm9fuCyKJup%2BZ8%2FtuhiIhIogBED726OfapRgG8hM2tSl41AUIx4BBES1BZnVWNw0qNdgmL1WhOuaxDakIDQh5FOjs9GAI7VR0ggK6hDh4K8p9hLB0O%2Bxgs31Rv6rAxqrXp8OKejE7ckQEAmx45M64m5BAFWTzRlvtDXilOb%2FHLWLZgtqLa%2BGCDYGmPEx90VXwaobjGk02UhmS1d%2FrVrPEs0oomQc53j7MEhvmuRqxWHghE2wUBV49L56ebJUh%2BqGbiqKY0QVRbjCR491CZ3GXLJVqM2xaU8MOnoMXRCoHqaWw7MSIddUHTKcQ5UhW6ySBjU27WBQN5JcxrzAAChy9nfB1OLAx8SLusSVoLkGGTvqShHC%2FWJwNB6FGmu8mSbBuYkD1CNDSF%2FzP3wTQiM6e5KR%2F7NqZHKsoxadJIEVLxyIaxtg4BNKJmrl%2BFZCld6UuOvEkcQ8994dKYvEk1TyvXkmSELi2zr3FlnTVVsjnP%2BR81QW64TUYVndODvEQGm3bgPvorJYxwt2VKk9nKaaG%2BgkMxz%2FuS%2BlXlo8150nmypUAhW3fRPkv18LaWFuit0XnTJb2ewDCcce%2FwLkSYNiP%2FPzW7sO25KD8F8yPkscTG%2FE%2B1QBuNv7u9ju2I1V%2F4nRz9UWN%2BhXGBHxh0x2VazqfYRjPu%2F%2FYCYxLmntsFmBEXDWD0%2F%2FiOmjdbbougnUaZRC8gXiFHHCeHj%2FCNhOAu4izfZ2wy%2FefwB2UJfA3rbUIcpJy0UiWGV4aohE6u52%2BnoRXXq7yzwb6qox4i6UwkU4Z69MMVx4ypPjcpcrJheQ1l%2FFuhUOisiij3TPsb8rM0rq6HgB7%2Be%2Fk2RaD7%2FqUoF2DJgBZ4rcYsdB0w055Uv8u8t485GYYOTtlxIuovb77oG9dkTucWCh81LfydaevghxAxZJsGZj9Au%2BntvVjfwvvXsDHmjTi2FLLwKMZOCAT9C5sm0psHosgscDUmfEBw%2B8ZDPBgtwBwL7JBz8%2FMgs3VaQQef3b8KXubW05R6DD9fvzColEhvNOdXpYCseCzNgzE5PgPXQze1qbgUd4UGO4IVY%2B%2BIvUmBhiOCCX8y9JqaaUFY%2BKRS0rEDYATsqHmtb%2BZt4nZqw%3D
Requested by: Host: winjackpot.life
URL: https://winjackpot.life/?u=xunwwwr&o=b08p0zy&cid=w08ui2cea6mtsnfqie1qkd70
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.95.108.246 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://winjackpot.life/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-transform
Connection: keep-alive
Content-Length: 1578
Content-Type: text/html
Date: Fri, 28 Jul 2023 23:00:39 GMT
Server: nginx
cache-control: private

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cartining-specute.com/	1970-01-20 13:37:51	Name: a90de009-8218-431e-8c7c-a2b328ff4985-v4 Value: lwgdqDTWoQBMJ1p49HNWWJHccbmD_heZxE1b0ZKMUGY
.cartining-specute.com/	1970-01-20 22:22:01	Name: voluum-cid-v4 Value: %7B%22cid%22%3A%22w08ui2cea6mtsnfqie1qkd70%22%2C%22caid%22%3A%22a90de009-8218-431e-8c7c-a2b328ff4985%22%7D
winjackpot.life/	1969-12-31 23:59:59	Name: sid Value: t6~0rg1j5gsg4wlbavs41madpjm
winjackpot.life/	1969-12-31 23:59:59	Name: p1 Value: https://chishotopt.live/rsqwqutc/
winjackpot.life/	1969-12-31 23:59:59	Name: s1 Value: p0csbhbe1m8gcahc

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

280.chishotopt.live
alienfb.trade
cartining-specute.com
country.contentrightnow.com
monkey.redirectmaster.com
tiktok_9f5.q3i.us
whos.amung.us
winjackpot.life
141.95.108.246
185.155.184.98
2606:4700:10::6816:4aab
2606:4700:3031::6815:14db
2606:4700:3036::6815:2dcb
34.231.66.24
64.227.23.114
99.198.108.194
4d9b86da5a954ec3a6e94ff3f512636fc93a6e75b0e649896cc830bb7e2aafe0
597373c1caf14dc30aabf46030572ec6309dad66225011bc2cbf28d69341c5c1
ad816138db43e59ce14a6cfad6eb7622e2d10cc97cfb098281a2f0b1cdbe2250
e8eaebbf1e38d050ddba989430aa02f8ccdf3d5689fe2fd01300b6b9e2394c59

280.chishotopt.live Open in urlscan Pro 141.95.108.246 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

9 Requests

100 %HTTPS

38 %IPv6

8 Domains

8 Subdomains

6 IPs

2 Countries

95 kBTransfer

100 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

5 Cookies

Indicators

280.chishotopt.live Open in urlscan Pro
141.95.108.246 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

38 %
IPv6

8
Domains

8
Subdomains

6
IPs

2
Countries

95 kB
Transfer

100 kB
Size

5
Cookies

9 HTTP transactions
0 data transactions