csport.xyz Open in urlscan Pro
2606:4700:30::6812:214d Public Scan

Go To Rescan
Add Verdict Report

URL:
http://csport.xyz/t/4/5.php?id\u003dssp
Submission: On October 02 via manual (October 2nd 2019, 11:35:46 am UTC) from GB

Summary HTTP 10 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 10 IPs in 5 countries across 9 domains to perform 10 HTTP transactions. The main IP is 2606:4700:30::6812:214d, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is csport.xyz.

This is the only time csport.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:30:... 2606:4700:30::6812:214d	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	37.187.146.152 37.187.146.152	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
1	95.142.100.25 95.142.100.25	8455 (ATOM86-AS...) (ATOM86-AS ATOM86)
1 2	2606:4700:20:... 2606:4700:20::681a:7c7	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700:30:... 2606:4700:30::681b:b2ac	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	212.124.117.187 212.124.117.187	47328 (TRI-AS Tr...) (TRI-AS True Records Inc.)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
1 1	67.202.94.86 67.202.94.86	32748 (STEADFAST) (STEADFAST - Steadfast)
1	185.225.208.133 185.225.208.133	13213 (UK2NET-AS) (UK2NET-AS)
1	192.99.8.27 192.99.8.27	16276 (OVH) (OVH)
10	10

1 2606:4700:30::6812:214d (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

csport.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.187.146.152 (France)

ASN16276 (OVH, FR)
PTR: ns3066279.ip-37-187-146.eu

tagbucket.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.142.100.25 (Netherlands)

ASN8455 (ATOM86-AS ATOM86, NL)

pubdirecte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:7c7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

b.imge.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681b:b2ac (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

nlive.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.124.117.187 (Germany)

ASN47328 (TRI-AS True Records Inc., ES)

adsrv4k.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.94.86 (Chicago, United States) 1 redirects

ASN32748 (STEADFAST - Steadfast, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.225.208.133 (Germany)

ASN13213 (UK2NET-AS, GB)

widgets.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.99.8.27 (Richmond Hill, Canada)

ASN16276 (OVH, FR)
PTR: ns500876.ip-192-99-8.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	amung.us 1 redirects whos.amung.us widgets.amung.us	2 KB
2	histats.com s10.histats.com s4.histats.com	5 KB
2	imge.to 1 redirects b.imge.to	9 KB
1	adsrv4k.com adsrv4k.com	803 B
1	nlive.club nlive.club
1	pubdirecte.com pubdirecte.com	2 KB
1	blogspot.com 1.bp.blogspot.com	2 KB
1	tagbucket.cc tagbucket.cc	5 KB
1	csport.xyz csport.xyz	10 KB
10	9

	Domain	Requested by
2	b.imge.to	1 redirects csport.xyz
1	s4.histats.com	s10.histats.com
1	widgets.amung.us	csport.xyz
1	whos.amung.us	1 redirects
1	s10.histats.com	csport.xyz
1	adsrv4k.com	csport.xyz
1	nlive.club	csport.xyz
1	pubdirecte.com	csport.xyz
1	1.bp.blogspot.com	csport.xyz
1	tagbucket.cc	csport.xyz
1	csport.xyz
10	11

This site contains links to these domains. Also see Links.

Domain
adsrv4k.com
ads.cafe

Subject Issuer	Validity	Valid
tagbucket.cc COMODO RSA Domain Validation Secure Server CA	`2018-03-13` - `2020-03-12`	2 years	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-09-18` - `2020-09-17`	a year	crt.sh
adsrv4k.com COMODO RSA Domain Validation Secure Server CA	`2017-08-28` - `2020-08-27`	3 years	crt.sh
whos.amung.us GeoTrust EV RSA CA 2018	`2018-03-09` - `2020-05-25`	2 years	crt.sh

This page contains 2 frames:

Primary Page: http://csport.xyz/t/4/5.php?id\u003dssp
Frame ID: 1BF726C6B93570E66B34AE6227A090F7
Requests: 9 HTTP requests in this frame

Frame: http://nlive.club/stream/1/38915.html
Frame ID: 3B08A39C80699BEBD5049312EBE702A0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

10
Requests

40 %
HTTPS

36 %
IPv6

9
Domains

11
Subdomains

10
IPs

5
Countries

35 kB
Transfer

48 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://adsrv4k.com/cr?b=311490&p=12865&c=9920&h=88417b6dcc938d1f6ab2b85d30fdeddf&l=NL&sh=800.0&sw=1280.0&ad.trans.id=q8om02t7lb59&UUID=bc3611f0-e508-11e9-b69c-f8bc12538e48&t=1570016129177&DC=WZ&u=https://c.media-dl.co/?c=22666&t1=ODQxIzk5MjAjMzI1IzEyODY1fDMxMTQ5MHxOTHwzfDN8fHxxOG9tMDJ0N2xiNTl8YmMzNjExZjAtZTUwOC0xMWU5LWI2OWMtZjhiYzEyNTM4ZTQ4fHw&subid=3044&l=169489
Title: Zie Match

Search URL Search Domain Scan URL

URL: https://ads.cafe/publisher-signup.html
Title: ads

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

http://b.imge.to/2019/09/17/v45ct1.png HTTP 301
https://b.imge.to/2019/09/17/v45ct1.png

Request Chain 7

https://whos.amung.us/cwidget/liveclubmzzz/000000ffffff.png HTTP 307
https://widgets.amung.us/draw/?w=colored&n=385&c=000000ffffff&p=

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set 5.php Show response
csport.xyz/t/4/ 17 KB
10 KB 89ms
57ms Document
text/html 2606:4700:30::6812:214d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://csport.xyz/t/4/5.php?id\u003dssp
Protocol: HTTP/1.1
Server: 2606:4700:30::6812:214d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bac4d74f9a95400b1b517e304f8f42ea225dd33bf4c06ab6ae49f630c0dc7137

Request headers

Host: csport.xyz
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 02 Oct 2019 11:35:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=dfad0a03cd0bc5f8051581359fc632c081570016128; expires=Thu, 01-Oct-20 11:35:28 GMT; path=/; domain=.csport.xyz; HttpOnly
Server: cloudflare
CF-RAY: 51f65f83db3fcb9c-VIE
Content-Encoding: gzip

GET
H/1.1 200
OK jstags.js Show response
tagbucket.cc/_tags/ 4 KB
5 KB 582ms
505ms Script
text/html 37.187.146.152
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://tagbucket.cc/_tags/jstags.js?s=fr/csport/300250

Requested by

Host: csport.xyz
URL: http://csport.xyz/t/4/5.php?id\u003dssp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

37.187.146.152 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3066279.ip-37-187-146.eu

Software

nginx /

Resource Hash

d02f5583f4e3f2d0d0d9ee6ed09ce4434963e8b2642666b922145548d5959625

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://csport.xyz/t/4/5.php?id\u003dssp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Oct 2019 11:53:35 GMT
Last-Modified: Wed, 02 Oct 2019 11:53:35 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubdomains
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK close.png
1.bp.blogspot.com/-9yI5UQQdjLo/Wr5sIe3_KTI/AAAAAAAAACY/4ir3yjU8Gc8sPXA5LNBcAKX3VNhs7R5XwCK4BGAYYCw/s400/ 1 KB
2 KB 12ms
5ms Image
image/png 2a00:1450:4001:800::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://1.bp.blogspot.com/-9yI5UQQdjLo/Wr5sIe3_KTI/AAAAAAAAACY/4ir3yjU8Gc8sPXA5LNBcAKX3VNhs7R5XwCK4BGAYYCw/s400/close.png

Requested by

Host: csport.xyz
URL: http://csport.xyz/t/4/5.php?id\u003dssp

Protocol

HTTP/1.1

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

fb9122075fe85d4e272f2a23307172fe484bda234ecbdcb071ea930e68bc5791

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://csport.xyz/t/4/5.php?id\u003dssp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 02 Oct 2019 09:17:24 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 8284
ETag: "v27"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="close.png"
Timing-Allow-Origin: *
Content-Length: 1402
X-XSS-Protection: 0
Expires: Wed, 02 Oct 2019 04:19:54 GMT

GET
H/1.1 200
OK pop.php Show response
pubdirecte.com/script/ 4 KB
2 KB 60ms
42ms Script
text/html 95.142.100.25
ATOM86-AS ATOM86

General

Check archive.org

Show headers Download Go to

Full URL: http://pubdirecte.com/script/pop.php?said=128332
Requested by: Host: csport.xyz
URL: http://csport.xyz/t/4/5.php?id\u003dssp
Protocol: HTTP/1.1
Server: 95.142.100.25 , Netherlands, ASN8455 (ATOM86-AS ATOM86, NL),
Reverse DNS
Software: Apache /
Resource Hash: 4ff74f49a1a4c2ad3b45600d6a94ffc63724c7e03138efb0c41f16a6fa00048d

Request headers

Referer: http://csport.xyz/t/4/5.php?id\u003dssp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 02 Oct 2019 11:35:28 GMT
Content-Encoding: gzip
Server: Apache
Vary: User-Agent,Accept-Encoding
P3P: policyref="http://www.pubdirecte.com/P3P.XML",CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Connection: close
Content-Type: text/html
Content-Length: 1392
Expires: Wed, 02 Oct 2019 11:35:28 GMT

GET
H2

200

v45ct1.png
b.imge.to/2019/09/17/
Redirect Chain

http://b.imge.to/2019/09/17/v45ct1.png
https://b.imge.to/2019/09/17/v45ct1.png

9 KB
9 KB

49ms
19ms

Image
image/png

2606:4700:20::681a:7c7
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.imge.to/2019/09/17/v45ct1.png

Requested by

Host: csport.xyz
URL: http://csport.xyz/t/4/5.php?id\u003dssp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7c7 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c04293a985d792c097459cfce8e8023d0e6a251abe8788e406616ccc7d4bce13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://csport.xyz/t/4/5.php?id\u003dssp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 11:35:28 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1310
status: 200
content-length: 8978
last-modified: Mon, 16 Sep 2019 19:37:15 GMT
server: cloudflare
etag: "5d7fe46b-2312"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 51f65f84be9acbc8-VIE
expires: Wed, 02 Oct 2019 12:05:28 GMT

Redirect headers

Date: Wed, 02 Oct 2019 11:35:28 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://b.imge.to/2019/09/17/v45ct1.png
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 51f65f846e355952-VIE
Expires: Wed, 02 Oct 2019 12:35:28 GMT

GET
H/1.1 200
OK Cookie set 38915.html
nlive.club/stream/1/ Frame 3B08 0
0 312ms
258ms Document
text/html 2606:4700:30::681b:b2ac
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://nlive.club/stream/1/38915.html
Requested by: Host: csport.xyz
URL: http://csport.xyz/t/4/5.php?id\u003dssp
Protocol: HTTP/1.1
Server: 2606:4700:30::681b:b2ac , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: nlive.club
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://csport.xyz/t/4/5.php?id\u003dssp
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://csport.xyz/t/4/5.php?id\u003dssp

Response headers

Date: Wed, 02 Oct 2019 11:35:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d1ab20b8fad07d459f29f7593653ccb401570016128; expires=Thu, 01-Oct-20 11:35:28 GMT; path=/; domain=.nlive.club; HttpOnly
X-Proxy-Cache: EXPIRED
Server: cloudflare
CF-RAY: 51f65f849cb58c92-VIE
Content-Encoding: gzip

GET
H/1.1 200
OK impression.gif
adsrv4k.com/ 43 B
803 B 503ms
182ms Image
image/gif 212.124.117.187
TRI-AS True Recor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adsrv4k.com/impression.gif?b=311490&p=12865&c=9920&h=88417b6dcc938d1f6ab2b85d30fdeddf&l=NL&sh=800&sw=1280&ad.trans.id=q8om02t7lb59&s=e189b5b4c0e616ca598a6683048f771c&t=1570016129177&DC=WZ
Requested by: Host: csport.xyz
URL: http://csport.xyz/t/4/5.php?id\u003dssp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.124.117.187 , Germany, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://csport.xyz/t/4/5.php?id\u003dssp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Oct 2019 11:35:29 GMT
server: Apache-Coyote/1.1
p3p: CP="CAO PSA OUR"
cache-control: no-cache
accept-ranges: bytes
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 48ms
30ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://s10.histats.com/js15_as.js
Requested by: Host: csport.xyz
URL: http://csport.xyz/t/4/5.php?id\u003dssp
Protocol: HTTP/1.1
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 1f730c8b78091c3479abc2fb805b9093138f05acd0de421b8da96389cbbb9668

Request headers

Referer: http://csport.xyz/t/4/5.php?id\u003dssp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 02 Oct 2019 11:28:31 GMT
Content-Encoding: gzip
Last-Modified: Thu, 06 Dec 2018 14:12:12 GMT
X-CDN-Pop-IP: 51.254.41.128/26
ETag: "-139234964"
X-Cacheable: Matched cache
Vary: Accept-Encoding
X-IPLB-Instance: 32090
Content-Type: text/javascript
X-CDN-Pop: rbx1
Accept-Ranges: bytes
Content-Length: 4525
X-Request-ID: 66610707

GET
H2

200

/
widgets.amung.us/draw/
Redirect Chain

https://whos.amung.us/cwidget/liveclubmzzz/000000ffffff.png
https://widgets.amung.us/draw/?w=colored&n=385&c=000000ffffff&p=

2 KB
2 KB

87ms
28ms

Image
image/png

185.225.208.133
UK2NET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.amung.us/draw/?w=colored&n=385&c=000000ffffff&p=
Requested by: Host: csport.xyz
URL: http://csport.xyz/t/4/5.php?id\u003dssp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.225.208.133 , Germany, ASN13213 (UK2NET-AS, GB),
Reverse DNS
Software: /
Resource Hash: 71b745f0bb8118fc0d42f1e85dfc5ed433c1e2289b97be9bccbf50c43a5d26cd

Request headers

Referer: http://csport.xyz/t/4/5.php?id\u003dssp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Wed, 02 Oct 2019 11:35:29 GMT
cache-control: max-age=86400, private
content-disposition: filename=wau-widget.png
access-control-allow-origin: *
content-type: image/png
expires: Thu, 03 Oct 2019 11:35:29 GMT

Redirect headers

status: 307
date: Wed, 02 Oct 2019 11:35:29 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://widgets.amung.us/draw/?w=colored&n=385&c=000000ffffff&p=
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 117 B
389 B 204ms
187ms Script
text/html 192.99.8.27
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://s4.histats.com/stats/0.php?3423044&@f16&@g1&@h1&@i1&@j1570016129301&@k0&@l1&@m&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-111337346&@b3:1570016129&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttp%3A%2F%2Fcsport.xyz%2Ft%2F4%2F5.php%3Fid%5Cu003dssp&@w
Requested by: Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Server: 192.99.8.27 Richmond Hill, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns500876.ip-192-99-8.net
Software: /
Resource Hash: 1bfef30ecd7e6f37b64690d60b6d1f92bb1e45ef98c1ee21739cd4cbdf48f58e

Request headers

Referer: http://csport.xyz/t/4/5.php?id\u003dssp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 02 Oct 2019 11:35:29 GMT
Connection: close
Content-Length: 117
Content-Type: text/html;charset=UTF-8

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
adsrv4k.com
b.imge.to
csport.xyz
nlive.club
pubdirecte.com
s10.histats.com
s4.histats.com
tagbucket.cc
whos.amung.us
widgets.amung.us
185.225.208.133
192.99.8.27
212.124.117.187
2606:4700:20::681a:7c7
2606:4700:30::6812:214d
2606:4700:30::681b:b2ac
2a00:1450:4001:800::2001
37.187.146.152
46.105.201.240
67.202.94.86
95.142.100.25
1bfef30ecd7e6f37b64690d60b6d1f92bb1e45ef98c1ee21739cd4cbdf48f58e
1f730c8b78091c3479abc2fb805b9093138f05acd0de421b8da96389cbbb9668
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ff74f49a1a4c2ad3b45600d6a94ffc63724c7e03138efb0c41f16a6fa00048d
71b745f0bb8118fc0d42f1e85dfc5ed433c1e2289b97be9bccbf50c43a5d26cd
bac4d74f9a95400b1b517e304f8f42ea225dd33bf4c06ab6ae49f630c0dc7137
c04293a985d792c097459cfce8e8023d0e6a251abe8788e406616ccc7d4bce13
d02f5583f4e3f2d0d0d9ee6ed09ce4434963e8b2642666b922145548d5959625
fb9122075fe85d4e272f2a23307172fe484bda234ecbdcb071ea930e68bc5791

csport.xyz Open in urlscan Pro 2606:4700:30::6812:214d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

10 Requests

40 %HTTPS

36 %IPv6

9 Domains

11 Subdomains

10 IPs

5 Countries

35 kBTransfer

48 kBSize

0 Cookies

2 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

0 Cookies

Indicators

csport.xyz Open in urlscan Pro
2606:4700:30::6812:214d Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

40 %
HTTPS

36 %
IPv6

9
Domains

11
Subdomains

10
IPs

5
Countries

35 kB
Transfer

48 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions