URL: http://csport.xyz/t/4/5.php?id\u003dssp
Submission: On September 30 via manual from GB

Summary

This website contacted 11 IPs in 5 countries across 10 domains to perform 11 HTTP transactions. The main IP is 2606:4700:30::6812:214d, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is csport.xyz.
This is the only time csport.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 213.196.2.2 7979 (SERVERS)
1 149.202.215.52 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
1 95.142.100.25 8455 (ATOM86-AS...)
1 2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 74.117.181.95 40824 (WZCOM-US)
1 46.105.201.240 16276 (OVH)
1 1 67.202.94.93 32748 (STEADFAST)
1 185.225.208.133 13213 (UK2NET-AS)
1 198.27.67.198 16276 (OVH)
11 11
Domain Requested by
2 b.imge.to 1 redirects csport.xyz
1 s4.histats.com s10.histats.com
1 widgets.amung.us csport.xyz
1 whos.amung.us 1 redirects
1 s10.histats.com csport.xyz
1 adsrv4k.com csport.xyz
1 nlive.club csport.xyz
1 pubdirecte.com csport.xyz
1 1.bp.blogspot.com csport.xyz
1 tagbucket.cc csport.xyz
1 pl15048563.pvclouds.com csport.xyz
1 csport.xyz
11 12

This site contains links to these domains. Also see Links.

Domain
adsrv4k.com
ads.cafe
Subject Issuer Validity Valid
tagbucket.cc
COMODO RSA Domain Validation Secure Server CA
2018-03-13 -
2020-03-12
2 years crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2019-09-18 -
2020-09-17
a year crt.sh
adsrv4k.com
COMODO RSA Domain Validation Secure Server CA
2017-08-28 -
2020-08-27
3 years crt.sh
whos.amung.us
GeoTrust EV RSA CA 2018
2018-03-09 -
2020-05-25
2 years crt.sh

This page contains 2 frames:

Primary Page: http://csport.xyz/t/4/5.php?id\u003dssp
Frame ID: D5CA1BAA9D483CEB221CAE40A7DBAFCC
Requests: 10 HTTP requests in this frame

Frame: http://nlive.club/stream/1/38915.html
Frame ID: B4A5DDA73B13D69FF5C5F2263B380083
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

11
Requests

36 %
HTTPS

33 %
IPv6

10
Domains

12
Subdomains

11
IPs

5
Countries

35 kB
Transfer

48 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • http://b.imge.to/2019/09/17/v45ct1.png HTTP 301
  • https://b.imge.to/2019/09/17/v45ct1.png
Request Chain 8
  • https://whos.amung.us/cwidget/liveclubmzzz/000000ffffff.png HTTP 307
  • https://widgets.amung.us/draw/?w=colored&n=86&c=000000ffffff&p=

11 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set 5.php
csport.xyz/t/4/
17 KB
10 KB
Document
General
Full URL
http://csport.xyz/t/4/5.php?id\u003dssp
Protocol
HTTP/1.1
Server
2606:4700:30::6812:214d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
50da9f024812cd8f40d4f474bb8d9aa7e35cacef33252323e101bb39378d82d4

Request headers

Host
csport.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 30 Sep 2019 12:22:07 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=db3c7d95f1b65ffdd1937354664a3270f1569846125; expires=Tue, 29-Sep-20 12:22:05 GMT; path=/; domain=.csport.xyz; HttpOnly
Server
cloudflare
CF-RAY
51e6290e98e58c9e-VIE
Content-Encoding
gzip
44f03f02cbb3527e59598335596d333a.js
pl15048563.pvclouds.com/44/f0/3f/
0
0
Script
General
Full URL
http://pl15048563.pvclouds.com/44/f0/3f/44f03f02cbb3527e59598335596d333a.js
Requested by
Host: csport.xyz
URL: http://csport.xyz/t/4/5.php?id\u003dssp
Protocol
HTTP/1.1
Server
213.196.2.2 , Netherlands, ASN7979 (SERVERS - Servers.com, Inc., US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash

Request headers

Referer
http://csport.xyz/t/4/5.php?id\u003dssp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 30 Sep 2019 12:22:07 GMT
Server
nginx/1.16.0
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
jstags.js
tagbucket.cc/_tags/
4 KB
5 KB
Script
General
Full URL
https://tagbucket.cc/_tags/jstags.js?s=fr/csport/300250
Requested by
Host: csport.xyz
URL: http://csport.xyz/t/4/5.php?id\u003dssp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
149.202.215.52 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3065683.ip-149-202-215.eu
Software
nginx /
Resource Hash
c7fe3ebff35f854408bf9a3d0e1065974ad8279bd1797aea298f929c12f0a185
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://csport.xyz/t/4/5.php?id\u003dssp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Sep 2019 12:11:39 GMT
Last-Modified
Mon, 30 Sep 2019 12:11:39 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubdomains
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
close.png
1.bp.blogspot.com/-9yI5UQQdjLo/Wr5sIe3_KTI/AAAAAAAAACY/4ir3yjU8Gc8sPXA5LNBcAKX3VNhs7R5XwCK4BGAYYCw/s400/
1 KB
2 KB
Image
General
Full URL
http://1.bp.blogspot.com/-9yI5UQQdjLo/Wr5sIe3_KTI/AAAAAAAAACY/4ir3yjU8Gc8sPXA5LNBcAKX3VNhs7R5XwCK4BGAYYCw/s400/close.png
Requested by
Host: csport.xyz
URL: http://csport.xyz/t/4/5.php?id\u003dssp
Protocol
HTTP/1.1
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
fb9122075fe85d4e272f2a23307172fe484bda234ecbdcb071ea930e68bc5791
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://csport.xyz/t/4/5.php?id\u003dssp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 30 Sep 2019 09:09:51 GMT
X-Content-Type-Options
nosniff
Server
fife
Age
11536
ETag
"v27"
Vary
Origin
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
public, max-age=86400, no-transform
Content-Disposition
inline;filename="close.png"
Timing-Allow-Origin
*
Content-Length
1402
X-XSS-Protection
0
Expires
Sun, 29 Sep 2019 11:47:06 GMT
pop.php
pubdirecte.com/script/
4 KB
2 KB
Script
General
Full URL
http://pubdirecte.com/script/pop.php?said=128332
Requested by
Host: csport.xyz
URL: http://csport.xyz/t/4/5.php?id\u003dssp
Protocol
HTTP/1.1
Server
95.142.100.25 , Netherlands, ASN8455 (ATOM86-AS ATOM86, NL),
Reverse DNS
Software
Apache /
Resource Hash
b32afba3226caf229ce47ab3a7d25df7485f431d7f5a00f1253edc3ffe13cd30

Request headers

Referer
http://csport.xyz/t/4/5.php?id\u003dssp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 30 Sep 2019 12:22:07 GMT
Content-Encoding
gzip
Server
Apache
Vary
User-Agent,Accept-Encoding
P3P
policyref="http://www.pubdirecte.com/P3P.XML",CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Connection
close
Content-Type
text/html
Content-Length
1390
Expires
Mon, 30 Sep 2019 12:22:07 GMT
v45ct1.png
b.imge.to/2019/09/17/
Redirect Chain
  • http://b.imge.to/2019/09/17/v45ct1.png
  • https://b.imge.to/2019/09/17/v45ct1.png
9 KB
9 KB
Image
General
Full URL
https://b.imge.to/2019/09/17/v45ct1.png
Requested by
Host: csport.xyz
URL: http://csport.xyz/t/4/5.php?id\u003dssp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6c7 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c04293a985d792c097459cfce8e8023d0e6a251abe8788e406616ccc7d4bce13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://csport.xyz/t/4/5.php?id\u003dssp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 12:22:07 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
4681
status
200
content-length
8978
last-modified
Mon, 16 Sep 2019 19:37:15 GMT
server
cloudflare
etag
"5d7fe46b-2312"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
public, max-age=1800
accept-ranges
bytes
cf-ray
51e6291a6d2ccb98-VIE
expires
Mon, 30 Sep 2019 12:52:07 GMT

Redirect headers

Date
Mon, 30 Sep 2019 12:22:07 GMT
Server
cloudflare
Vary
Accept-Encoding
Location
https://b.imge.to/2019/09/17/v45ct1.png
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
51e6291a183b59b2-VIE
Expires
Mon, 30 Sep 2019 13:22:07 GMT
Cookie set 38915.html
nlive.club/stream/1/ Frame B4A5
0
0
Document
General
Full URL
http://nlive.club/stream/1/38915.html
Requested by
Host: csport.xyz
URL: http://csport.xyz/t/4/5.php?id\u003dssp
Protocol
HTTP/1.1
Server
2606:4700:30::681b:b3ac , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
nlive.club
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://csport.xyz/t/4/5.php?id\u003dssp
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://csport.xyz/t/4/5.php?id\u003dssp

Response headers

Date
Mon, 30 Sep 2019 12:22:07 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d4c51469f304091b8fd258c176d61c5ac1569846127; expires=Tue, 29-Sep-20 12:22:07 GMT; path=/; domain=.nlive.club; HttpOnly
X-Proxy-Cache
HIT
Server
cloudflare
CF-RAY
51e6291a6d258cb0-VIE
Content-Encoding
gzip
impression.gif
adsrv4k.com/
43 B
793 B
Image
General
Full URL
https://adsrv4k.com/impression.gif?b=311489&p=12865&c=9920&h=3cd7cd1f288c1bd6830e97bb2061a547&l=NL&sh=800&sw=1280&ad.trans.id=mne0s1ascoro&s=50474138a3c4ce82f00aba1af44f348a&t=1569846128031&DC=DO
Requested by
Host: csport.xyz
URL: http://csport.xyz/t/4/5.php?id\u003dssp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.117.181.95 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
c-p200-u2464-95.webazilla.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://csport.xyz/t/4/5.php?id\u003dssp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Sep 2019 12:22:07 GMT
P3P
CP="CAO PSA OUR"
Cache-Control
no-cache
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
js15_as.js
s10.histats.com/
11 KB
5 KB
Script
General
Full URL
http://s10.histats.com/js15_as.js
Requested by
Host: csport.xyz
URL: http://csport.xyz/t/4/5.php?id\u003dssp
Protocol
HTTP/1.1
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
1f730c8b78091c3479abc2fb805b9093138f05acd0de421b8da96389cbbb9668

Request headers

Referer
http://csport.xyz/t/4/5.php?id\u003dssp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 30 Sep 2019 12:13:28 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Dec 2018 14:12:12 GMT
X-CDN-Pop-IP
51.254.41.128/26
ETag
"-139234964"
X-Cacheable
Matched cache
Vary
Accept-Encoding
X-IPLB-Instance
17365
Content-Type
text/javascript
X-CDN-Pop
rbx1
Accept-Ranges
bytes
Content-Length
4525
X-Request-ID
684673004
/
widgets.amung.us/draw/
Redirect Chain
  • https://whos.amung.us/cwidget/liveclubmzzz/000000ffffff.png
  • https://widgets.amung.us/draw/?w=colored&n=86&c=000000ffffff&p=
1 KB
2 KB
Image
General
Full URL
https://widgets.amung.us/draw/?w=colored&n=86&c=000000ffffff&p=
Requested by
Host: csport.xyz
URL: http://csport.xyz/t/4/5.php?id\u003dssp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.225.208.133 , Germany, ASN13213 (UK2NET-AS, GB),
Reverse DNS
Software
/
Resource Hash
5e9521ca8ab948480bf7d7bf066f3bde49f4965b3355e2ec3f0a1c9dbd82c74d

Request headers

Referer
http://csport.xyz/t/4/5.php?id\u003dssp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 30 Sep 2019 12:22:08 GMT
cache-control
max-age=86400, private
content-disposition
filename=wau-widget.png
access-control-allow-origin
*
content-type
image/png
expires
Tue, 01 Oct 2019 12:22:08 GMT

Redirect headers

status
307
date
Mon, 30 Sep 2019 12:22:08 GMT
cache-control
no-cache, no-store, must-revalidate
location
https://widgets.amung.us/draw/?w=colored&n=86&c=000000ffffff&p=
content-type
text/html; charset=UTF-8
0.php
s4.histats.com/stats/
117 B
389 B
Script
General
Full URL
http://s4.histats.com/stats/0.php?3423044&@f16&@g1&@h1&@i1&@j1569846128138&@k0&@l1&@m&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:7104552&@b3:1569846128&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttp%3A%2F%2Fcsport.xyz%2Ft%2F4%2F5.php%3Fid%5Cu003dssp&@w
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Server
198.27.67.198 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns517352.ip-198-27-67.net
Software
/
Resource Hash
53a7374a429481d261feee390bbfcd0bbeb25722ee830e165c905911f5ba4db6

Request headers

Referer
http://csport.xyz/t/4/5.php?id\u003dssp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 30 Sep 2019 12:22:08 GMT
Connection
close
Content-Length
117
Content-Type
text/html;charset=UTF-8

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| GRNlsKllhTis string| oyoGaNEyrb number| cemEIfyWjD number| AarJiIAwxo number| TQuwhMswmG number| pkDsNjgIEk function| JkDILsPqKe object| sfDqsVpznS number| c2 number| c1 object| ou5yQ6Daycew function| VMjiqRnPNw object| referenceNode560426779 object| newNode560426779 object| _Hasync number| x function| f boolean| puShown number| PopWidth number| PopHeight number| PopFocus object| _Top function| GetWindowHeight function| GetWindowWidth function| GetWindowTop function| GetWindowLeft function| doOpen function| PubdirecteSetCook function| PubdirecteSetCookOpen function| PubdirecteGetCook function| initPu function| checkTarget function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues

13 Cookies

Domain/Path Name / Value
.revrtb.net/ Name: __cfduid
Value: de1282643066c0cd21f1088153c08ff761569846128
.dailydeports.pw/ Name: __cfduid
Value: d6693956d007cece20f3d590802bda54e1569846128
csport.xyz/ Name: HstPt3423044
Value: 1
csport.xyz/ Name: HstCnv3423044
Value: 1
csport.xyz/ Name: HstCns3423044
Value: 1
csport.xyz/ Name: HstPn3423044
Value: 1
csport.xyz/ Name: HstCmu3423044
Value: 1569846128138
.nlive.club/ Name: __cfduid
Value: d4c51469f304091b8fd258c176d61c5ac1569846127
csport.xyz/ Name: HstCla3423044
Value: 1569846128138
csport.xyz/ Name: brsc
Value: 311489-1569849728030-317890-1--
csport.xyz/ Name: HstCfa3423044
Value: 1569846128138
csport.xyz/ Name: UUID
Value: eba28fa0-e37c-11e9-a352-02423a4a3fbe
.csport.xyz/ Name: __cfduid
Value: db3c7d95f1b65ffdd1937354664a3270f1569846125