urlscan.io logo urlscan.io
SecurityTrails logo

theornamental.shop Open in urlscan Pro
162.62.54.172  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://tinyurl.com/dscn9e5t/4NjxTn10837wlvb76rjsvmqriwp3445WQANGLXUFDRYRRE338/9571U12#x9l1tagrf2l8jq7bii
Effective URL: http://theornamental.shop/t/4NjxTn10837wlvb76rjsvmqriwp3445WQANGLXUFDRYRRE338/9571U12
Submission Tags: @phish_report
Submission: On November 25 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 7 domains to perform 3 HTTP transactions. The main IP is 162.62.54.172, located in Frankfurt am Main, Germany and belongs to TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN. The main domain is theornamental.shop.
This is the only time theornamental.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 162.62.54.172 132203 (TENCENT-N...)
1 1 134.195.89.160 63473 (HOSTHATCH)
2 2 38.170.82.244 ()
1 1 52.71.247.114 ()
1 1 185.230.63.171 ()
1 34.149.87.45 ()
3 2
1    2606:4700:10::6814:8a41 (United States)

ASN13335 (CLOUDFLARENET, US)
tinyurl.com
2    162.62.54.172 (Frankfurt am Main, Germany)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
theornamental.shop
1    134.195.89.160 (Chicago, United States)

ASN63473 (HOSTHATCH, US)
PTR: madarox.com
www.dt2dt.com
2    38.170.82.244 (None, )

ASN- ()
aazo3.hitchyouroffers.com
aazo3.quickassignmentnow.com
1    52.71.247.114 (None, )

ASN- ()
m.revolutionaffiliates.com
1    185.230.63.171 (None, )

ASN- ()
revolution-lps.com
1    34.149.87.45 (None, )

ASN- ()
www.revolution-lps.com
Apex Domain
Subdomains		 Transfer
2 revolution-lps.com
revolution-lps.com
www.revolution-lps.com
729 B
2 theornamental.shop
theornamental.shop
1 KB
1 revolutionaffiliates.com
m.revolutionaffiliates.com
349 B
1 quickassignmentnow.com
aazo3.quickassignmentnow.com
708 B
1 hitchyouroffers.com
aazo3.hitchyouroffers.com
707 B
1 dt2dt.com
www.dt2dt.com
333 B
1 tinyurl.com
tinyurl.com — Cisco Umbrella Rank: 16391
611 B
3 7
Domain Requested by
2 theornamental.shop theornamental.shop
1 www.revolution-lps.com theornamental.shop
1 revolution-lps.com 1 redirects
1 m.revolutionaffiliates.com 1 redirects
1 aazo3.quickassignmentnow.com 1 redirects
1 aazo3.hitchyouroffers.com 1 redirects
1 www.dt2dt.com 1 redirects
1 tinyurl.com 1 redirects
3 8

This site contains no links.

Subject Issuer Validity Valid
revolution-lps.com
Sectigo RSA Domain Validation Secure Server CA		 2023-11-01 -
2024-01-30		 3 months crt.sh

This page contains 1 frames:

Frame: https://www.revolution-lps.com/casino/live/fi?mtag=6ga16cidb8702958-8bbb-11ee-8a63-af6bcf4e9c31pid74651var1var2var3var4var5affid16tid35030
Frame ID: 42662AD34DB84CE83298042D8B8DDAE1
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://tinyurl.com/dscn9e5t/4NjxTn10837wlvb76rjsvmqriwp3445WQANGLXUFDRYRRE338/9571U12 HTTP 301
    http://theornamental.shop/4NjxTn10837wlvb76rjsvmqriwp3445WQANGLXUFDRYRRE338/9571U12 Page URL
  2. http://theornamental.shop/t/4NjxTn10837wlvb76rjsvmqriwp3445WQANGLXUFDRYRRE338/9571U12 Page URL

Page Statistics

3
Requests

33 %
HTTPS

14 %
IPv6

7
Domains

8
Subdomains

2
IPs

2
Countries

1 kB
Transfer

1 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tinyurl.com/dscn9e5t/4NjxTn10837wlvb76rjsvmqriwp3445WQANGLXUFDRYRRE338/9571U12 HTTP 301
    http://theornamental.shop/4NjxTn10837wlvb76rjsvmqriwp3445WQANGLXUFDRYRRE338/9571U12 Page URL
  2. http://theornamental.shop/t/4NjxTn10837wlvb76rjsvmqriwp3445WQANGLXUFDRYRRE338/9571U12 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://tinyurl.com/dscn9e5t/4NjxTn10837wlvb76rjsvmqriwp3445WQANGLXUFDRYRRE338/9571U12 HTTP 301
  • http://theornamental.shop/4NjxTn10837wlvb76rjsvmqriwp3445WQANGLXUFDRYRRE338/9571U12
Request Chain 1
  • https://www.dt2dt.com/r2Q0RBjTF2iUo5Ga59ieMBA7cutlBqb-yWFbd5YOceM--b0Qsx77yg7W9viGJhXPrMNP2j0_NQ0wPk1ZB7dbRA~~/12/76-10837/3445-338-9571 HTTP 302
  • https://aazo3.hitchyouroffers.com/?kw=821726&s1=746235972 HTTP 302
  • https://aazo3.quickassignmentnow.com/o/PS8A1A71/b7ecfac4-8bbb-11ee-bc41-c7d784ef6232/b8118baa-8bbb-11ee-8700-cf48752ec33e HTTP 302
  • https://m.revolutionaffiliates.com/Redirect.aspx?mid=6&sid=16&cid=b8702958-8bbb-11ee-8a63-af6bcf4e9c31&pid=74651&affid=16& HTTP 302
  • https://revolution-lps.com/casino/live/fi?mtag=6ga16cidb8702958-8bbb-11ee-8a63-af6bcf4e9c31pid74651var1var2var3var4var5affid16tid35030 HTTP 301
  • https://www.revolution-lps.com/casino/live/fi?mtag=6ga16cidb8702958-8bbb-11ee-8a63-af6bcf4e9c31pid74651var1var2var3var4var5affid16tid35030

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
9571U12
theornamental.shop/4NjxTn10837wlvb76rjsvmqriwp3445WQANGLXUFDRYRRE338/
Redirect Chain
  • https://tinyurl.com/dscn9e5t/4NjxTn10837wlvb76rjsvmqriwp3445WQANGLXUFDRYRRE338/9571U12
  • http://theornamental.shop/4NjxTn10837wlvb76rjsvmqriwp3445WQANGLXUFDRYRRE338/9571U12
458 B
711 B 		Document
General
Check archive.org
Download Go to
Full URL
http://theornamental.shop/4NjxTn10837wlvb76rjsvmqriwp3445WQANGLXUFDRYRRE338/9571U12
Protocol
HTTP/1.1
Server
162.62.54.172 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash
0f3a07f36d6bddee418f7d7548bc165b09817e10764a359d2773388cdec9ff8a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

Content-Length
458
Content-Type
text/html; charset=utf-8
Date
Sat, 25 Nov 2023 17:54:41 GMT
X-Address
gin_throttle_mw_7200000000_185.204.1.185
X-Ratelimit-Limit
500
X-Ratelimit-Remaining
499
X-Ratelimit-Reset
1700938481

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, must-revalidate, no-cache, no-store, private
cf-cache-status
DYNAMIC
cf-ray
82bbc21db8354c7e-HEL
content-type
text/html; charset=UTF-8
date
Sat, 25 Nov 2023 17:54:41 GMT
location
http://theornamental.shop/4NjxTn10837wlvb76rjsvmqriwp3445WQANGLXUFDRYRRE338/9571U12
referrer-policy
unsafe-url
server
cloudflare
x-content-type-options
nosniff
x-robots-tag
noindex
x-tinyurl-redirect
eyJpdiI6IjVBaWxRVHMxcDJoMEszTkFCZzhBa0E9PSIsInZhbHVlIjoiNkhudGR4cVRORndSUTlvYWE5WlNGRE9oYlRFMVFseUs4RTNvSUYwcUFrZnA1dHhMZjFSTEZkRXIySEZtVTJkN2ZhQVpVYUNzMFU5WTcrb1NERE1ya3c9PSIsIm1hYyI6IjRmNjgxNTcwMDJlMjBhNmM3NmQxNDZkMWJiZTUzY2JlM2VjYjUwY2U3Njg4MTRlZTlmNGYzMzJiOWY3ODIxNzkiLCJ0YWciOiIifQ==
x-tinyurl-redirect-type
redirect
x-xss-protection
1; mode=block
Primary Request 9571U12
theornamental.shop/t/4NjxTn10837wlvb76rjsvmqriwp3445WQANGLXUFDRYRRE338/ 		398 B
651 B 		Document
General
Check archive.org
Download Go to
Full URL
http://theornamental.shop/t/4NjxTn10837wlvb76rjsvmqriwp3445WQANGLXUFDRYRRE338/9571U12
Requested by
Host: theornamental.shop
URL: http://theornamental.shop/4NjxTn10837wlvb76rjsvmqriwp3445WQANGLXUFDRYRRE338/9571U12
Protocol
HTTP/1.1
Server
162.62.54.172 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash
185322b8ad9926653000809804e5c1b29a28a5bec7cfcaaaff666ebeb72cf81e

Request headers

Referer
http://theornamental.shop/4NjxTn10837wlvb76rjsvmqriwp3445WQANGLXUFDRYRRE338/9571U12
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

Content-Length
398
Content-Type
text/html; charset=utf-8
Date
Sat, 25 Nov 2023 17:54:42 GMT
X-Address
gin_throttle_mw_7200000000_185.204.1.185
X-Ratelimit-Limit
500
X-Ratelimit-Remaining
498
X-Ratelimit-Reset
1700938481
fi
www.revolution-lps.com/casino/live/
Redirect Chain
  • https://www.dt2dt.com/r2Q0RBjTF2iUo5Ga59ieMBA7cutlBqb-yWFbd5YOceM--b0Qsx77yg7W9viGJhXPrMNP2j0_NQ0wPk1ZB7dbRA~~/12/76-10837/3445-338-9571
  • https://aazo3.hitchyouroffers.com/?kw=821726&s1=746235972
  • https://aazo3.quickassignmentnow.com/o/PS8A1A71/b7ecfac4-8bbb-11ee-bc41-c7d784ef6232/b8118baa-8bbb-11ee-8700-cf48752ec33e
  • https://m.revolutionaffiliates.com/Redirect.aspx?mid=6&sid=16&cid=b8702958-8bbb-11ee-8a63-af6bcf4e9c31&pid=74651&affid=16&
  • https://revolution-lps.com/casino/live/fi?mtag=6ga16cidb8702958-8bbb-11ee-8a63-af6bcf4e9c31pid74651var1var2var3var4var5affid16tid35030
  • https://www.revolution-lps.com/casino/live/fi?mtag=6ga16cidb8702958-8bbb-11ee-8a63-af6bcf4e9c31pid74651var1var2var3var4var5affid16tid35030
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.revolution-lps.com/casino/live/fi?mtag=6ga16cidb8702958-8bbb-11ee-8a63-af6bcf4e9c31pid74651var1var2var3var4var5affid16tid35030
Requested by
Host: theornamental.shop
URL: http://theornamental.shop/t/4NjxTn10837wlvb76rjsvmqriwp3445WQANGLXUFDRYRRE338/9571U12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.87.45 -, , ASN (),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff

Request headers

Referer
http://theornamental.shop/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private,max-age=0,must-revalidate
content-encoding
br
content-language
fi-FI
content-type
text/html; charset=UTF-8
date
Sat, 25 Nov 2023 17:54:48 GMT
link
<https://static.parastorage.com/>; rel=preconnect; crossorigin;,<https://static.parastorage.com/>; rel=preconnect;,<https://static.wixstatic.com/>; rel=preconnect; crossorigin;,<https://static.wixstatic.com/>; rel=preconnect;,<https://siteassets.parastorage.com>; rel=preconnect; crossorigin;,
server
Pepyaka/1.19.10
server-timing
cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_84_g
strict-transport-security
max-age=3600
vary
Accept-Encoding
via
1.1 google
x-cache
MISS
x-content-type-options
nosniff
x-seen-by
yvSunuo/8ld62ehjr5B7kA==,yI4PPEXc3bvXNWfpzSkUarxkNjrXdwdgtu6E0yACibU=,m0j2EEknGIVUW/liY8BLLrjAMl1QewRKjWjp2YfgqGDDa2gaReObvoMyILa0JRsy,2d58ifebGbosy5xc+FRalsQQ5CR9yv20EFCh8MwJ1rlZL4jm6wYrj7jSp+hMawahXHmNFZub4xcCdGTI7sBzoQ==,2UNV7KOq4oGjA5+PKsX47Cg755O8fLEx1hgoEuTbRMxYgeUJqUXtid+86vZww+nL,TS34kuST9obNjEce7TllBjB+hmhIxHV2c7dScv+rpnQ=,4EmzKGKKpFffqfFwZRPY8aVxGL6MzyZOMvGYekpIOm/uX+wpbqPR1ANxBgJ71+juDnZP+NkpHsg0Sy4rbcg8Lg==,dszuT9zpVdzUyXR0Y9vuIQfOkgBIdG1LUCYbpkl7Mfc=,8oKPAgWJ1WOsd7+2NEdIKug1jl9mXBpAH7TxXXU2dwo=,LoUK8/saGAmOxZWtpubo2mQm50IYQmKm3CB7TUi9YiRdjXvyXBzelY3Uv1VZS7IgjTFNuCPG0m1os5piqSZslg==,8oKPAgWJ1WOsd7+2NEdIKug1jl9mXBpAH7TxXXU2dwo=,NLg79dPdkPxyRLcKi4HPgON9d1HX2h9FdAoYVnA+nCE=,/a5ccLSK1HEmwPNg/x6OurqJpgDikUMcdVpgyXB8NTLoMl0rUYpTikUe2G9uCeTnXkhQvPsy9RRQ4IqSzxO+C+Uly6KmvKnzbixiTJY+Ats=
x-served-by
cache-hel1410024-HEL
x-wix-request-id
1700934888.773714144023361930

Redirect headers

age
0
cache-control
no-cache
content-length
0
date
Sat, 25 Nov 2023 17:54:48 GMT
location
https://www.revolution-lps.com/casino/live/fi?mtag=6ga16cidb8702958-8bbb-11ee-8a63-af6bcf4e9c31pid74651var1var2var3var4var5affid16tid35030
server
Pepyaka/1.19.10
server-timing
cache;desc=miss, varnish;desc=miss, dc;desc=84
strict-transport-security
max-age=3600
x-content-type-options
nosniff
x-seen-by
wmgbEcS9zOENaefw7bU4YQOBTkESduCWp/foeI/bG2o=,W1c2/pqHBqplxcWufHCkILxkNjrXdwdgtu6E0yACibU=,m0j2EEknGIVUW/liY8BLLtHnbYLb6Ed40iVY63+O2cnJftmKrOReD3ukbbas4YDo,2d58ifebGbosy5xc+FRalnwQa/lh1rL7IgBpd5EePWbg57sUg2bD78XMO2dxTL5g4O9r5Ldaemvp17Dn+QqdWA==,2UNV7KOq4oGjA5+PKsX47ColFAsYHzhwVraIJxv2pmy8ZDY613cHYLbuhNMgAom1,TS34kuST9obNjEce7TllBjB+hmhIxHV2c7dScv+rpnQ=,TPr4xk727auqSViWEHgtc+hjMjsfeej0dORbtFLPre0=,4EmzKGKKpFffqfFwZRPY8T063V5eLkyB2jiEy4k20VM66ULM9jT+x+rr0JQERogeSY8/Cu8BbL7uamu6UICktg==
x-wix-request-id
1700934888.55671621952819056

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

1 Cookies

Domain/Path Name / Value
.dt2dt.com/ Name: uid10862
Value: 746235972-20231125125444-dd3bde6a7363c5869fe4dd327257da5d-