Submitted URL: https://tx.vc/r/3OvL6/1U5V9Z/7SVQQjY
Effective URL: https://lp.slotstoto.com/landingpages/ninja-en.php?btag=bayrwelbqlgpdykdvqdu&utm_source=015_uk&afp=trkyQXXlXURpXmf0Gvb2wC...
Submission: On April 28 via manual from GB — Scanned from GB

Summary

This website contacted 1 IPs in 3 countries across 3 domains to perform 2 HTTP transactions. The main IP is 2606:4700:3032::6815:adc, located in United States and belongs to CLOUDFLARENET, US. The main domain is lp.slotstoto.com.
TLS certificate: Issued by GTS CA 1P5 on April 13th 2023. Valid for: 3 months.
This is the only time lp.slotstoto.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 99.83.131.60 16509 (AMAZON-02)
1 1 165.227.161.24 14061 (DIGITALOC...)
1 1 54.72.90.158 16509 (AMAZON-02)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 1
Apex Domain
Subdomains
Transfer
3 slotstoto.com
go.aff.slotstoto.com
lp.slotstoto.com
2 MB
1 kongsaffiliates.com
trk.kongsaffiliates.com
308 B
1 tx.vc
tx.vc
225 B
2 3
Domain Requested by
2 lp.slotstoto.com lp.slotstoto.com
1 go.aff.slotstoto.com 1 redirects
1 trk.kongsaffiliates.com 1 redirects
1 tx.vc 1 redirects
2 4

This site contains links to these domains. Also see Links.

Domain
slotstoto.com
Subject Issuer Validity Valid
slotstoto.com
GTS CA 1P5
2023-04-13 -
2023-07-12
3 months crt.sh

This page contains 1 frames:

Primary Page: https://lp.slotstoto.com/landingpages/ninja-en.php?btag=bayrwelbqlgpdykdvqdu&utm_source=015_uk&afp=trkyQXXlXURpXmf0Gvb2wCWF0Vztrk
Frame ID: 3BBF20AE6E42D45BA26F9FC96611A462
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Slotstoto

Page URL History Show full URLs

  1. https://tx.vc/r/3OvL6/1U5V9Z/7SVQQjY HTTP 302
    https://trk.kongsaffiliates.com/trk.php?t=998&c=1196&clickid=Closing_UK_active1 HTTP 302
    https://go.aff.slotstoto.com/x5uwnrj9?utm_source=015_uk&afp=trkyQXXlXURpXmf0Gvb2wCWF0Vztrk HTTP 301
    https://lp.slotstoto.com/landingpages/ninja-en.php?btag=bayrwelbqlgpdykdvqdu&utm_source=015_uk&afp=tr... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

2
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

1
IPs

3
Countries

1755 kB
Transfer

1758 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tx.vc/r/3OvL6/1U5V9Z/7SVQQjY HTTP 302
    https://trk.kongsaffiliates.com/trk.php?t=998&c=1196&clickid=Closing_UK_active1 HTTP 302
    https://go.aff.slotstoto.com/x5uwnrj9?utm_source=015_uk&afp=trkyQXXlXURpXmf0Gvb2wCWF0Vztrk HTTP 301
    https://lp.slotstoto.com/landingpages/ninja-en.php?btag=bayrwelbqlgpdykdvqdu&utm_source=015_uk&afp=trkyQXXlXURpXmf0Gvb2wCWF0Vztrk Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request ninja-en.php
lp.slotstoto.com/landingpages/
Redirect Chain
  • https://tx.vc/r/3OvL6/1U5V9Z/7SVQQjY
  • https://trk.kongsaffiliates.com/trk.php?t=998&c=1196&clickid=Closing_UK_active1
  • https://go.aff.slotstoto.com/x5uwnrj9?utm_source=015_uk&afp=trkyQXXlXURpXmf0Gvb2wCWF0Vztrk
  • https://lp.slotstoto.com/landingpages/ninja-en.php?btag=bayrwelbqlgpdykdvqdu&utm_source=015_uk&afp=trkyQXXlXURpXmf0Gvb2wCWF0Vztrk
8 KB
2 KB
Document
General
Full URL
https://lp.slotstoto.com/landingpages/ninja-en.php?btag=bayrwelbqlgpdykdvqdu&utm_source=015_uk&afp=trkyQXXlXURpXmf0Gvb2wCWF0Vztrk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:adc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.3-4ubuntu2.18
Resource Hash
acec16a1f70c8f2bf2f3a8ef72118a8744c2f434e085f7c9458b3f081dd5d677

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
7befdf724cf62400-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 28 Apr 2023 14:07:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=whcqF0QT8ngUs0w9fEvrFH8Fxh42NUYR%2BszeyZlgDEQmWT9uIe%2BLI85lwmzY5VLsHJAq76aEGjBrH3056wQ%2Bz6LML4l%2Bjf3O6zJp1bVnTS8ce7NX41nzQP51aoXQfnnhMnr8ZmYrw90hX83n0PuG"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.3-4ubuntu2.18

Redirect headers

_sr
affiliate02
_t
0
cache-control
no-store, no-cache, must-revalidate
content-length
0
country
DE
date
Fri, 28 Apr 2023 14:07:39 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
ip
82.199.130.39
location
https://lp.slotstoto.com/landingpages/ninja-en.php?btag=bayrwelbqlgpdykdvqdu&utm_source=015_uk&afp=trkyQXXlXURpXmf0Gvb2wCWF0Vztrk
image_2022_12_15T14_05_14_020Z.png
lp.slotstoto.com/landingpages/
2 MB
2 MB
Image
General
Full URL
https://lp.slotstoto.com/landingpages/image_2022_12_15T14_05_14_020Z.png
Requested by
Host: lp.slotstoto.com
URL: https://lp.slotstoto.com/landingpages/ninja-en.php?btag=bayrwelbqlgpdykdvqdu&utm_source=015_uk&afp=trkyQXXlXURpXmf0Gvb2wCWF0Vztrk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:adc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
776a451b4342e5a6b12c95c6e94e53e04465c1d4a8e591632a1881b5ac1c90bf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://lp.slotstoto.com/landingpages/ninja-en.php?btag=bayrwelbqlgpdykdvqdu&utm_source=015_uk&afp=trkyQXXlXURpXmf0Gvb2wCWF0Vztrk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 14:07:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
253
etag
"1b580f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X51qfgPdAxntBHYURYhBFo33Q0WI1XFpJDCLVnxWfuZQg1Cg7JhfRrqdzwRe2ycn4ZLdaDmpqt6APq2R3Va0Lf1h%2BsW%2B%2FqBm0hScbJk1XKB0HYqepgGnOS%2FiV7gtS1CXSuKoS9lTfoETWvscAvEY"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7befdf735f002400-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1792015
expires
Fri, 28 Apr 2023 14:03:27 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

4 Cookies

Domain/Path Name / Value
go.aff.slotstoto.com/ Name: AWSALBTG
Value: O1cL9epBA5AHkrwxbrRrU6Iqg1pE6lCEMoIq9iAJ22ps4Q8MGRsNPUDZkoGeTvfOzk+oJTUNKaXN3RmD3FXuUFMgxswo58UmnQ3ssOKDi8DWuCzqRrSgJ0KPglQy29+s1yKIMkjdGJumkVtR5vcbT98Kw57eJNTbP5L9VEFO6iOR8lmzTq8=
go.aff.slotstoto.com/ Name: AWSALBTGCORS
Value: O1cL9epBA5AHkrwxbrRrU6Iqg1pE6lCEMoIq9iAJ22ps4Q8MGRsNPUDZkoGeTvfOzk+oJTUNKaXN3RmD3FXuUFMgxswo58UmnQ3ssOKDi8DWuCzqRrSgJ0KPglQy29+s1yKIMkjdGJumkVtR5vcbT98Kw57eJNTbP5L9VEFO6iOR8lmzTq8=
.slotstoto.com/ Name: __tr
Value: bayrwelbqlgpdykdvqdu
lp.slotstoto.com/ Name: LBSS
Value: web3

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

go.aff.slotstoto.com
lp.slotstoto.com
trk.kongsaffiliates.com
tx.vc
165.227.161.24
2606:4700:3032::6815:adc
54.72.90.158
99.83.131.60
776a451b4342e5a6b12c95c6e94e53e04465c1d4a8e591632a1881b5ac1c90bf
acec16a1f70c8f2bf2f3a8ef72118a8744c2f434e085f7c9458b3f081dd5d677