urlscan.io logo urlscan.io
SecurityTrails logo

autoconfig.jiotvonline.com Open in urlscan Pro
45.87.41.89  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://autoconfig.jiotvonline.com/
Effective URL: http://autoconfig.jiotvonline.com/error.html
Submission: On October 28 via api from IN — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 15 domains to perform 29 HTTP transactions. The main IP is 45.87.41.89, located in Groningen, Netherlands and belongs to SPECTRAIP SpectraIP B.V., NL. The main domain is autoconfig.jiotvonline.com.
This is the only time autoconfig.jiotvonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 45.87.41.89 62068 (SPECTRAIP...)
5 142.250.185.104 15169 (GOOGLE)
1 1 172.67.174.11 13335 (CLOUDFLAR...)
1 1 104.21.88.78 13335 (CLOUDFLAR...)
4 188.114.97.3 13335 (CLOUDFLAR...)
4 172.67.135.38 13335 (CLOUDFLAR...)
2 178.63.97.71 24940 (HETZNER-AS)
2 142.250.185.110 15169 (GOOGLE)
1 185.162.85.2 39572 (ADVANCEDH...)
1 185.162.85.14 39572 (ADVANCEDH...)
1 142.250.181.226 15169 (GOOGLE)
1 185.162.85.4 39572 (ADVANCEDH...)
1 109.206.168.17 50245 (SERVEREL-AS)
4 4 109.206.162.121 50245 (SERVEREL-AS)
4 104.21.234.72 ()
29 13
3    45.87.41.89 (Groningen, Netherlands)

ASN62068 (SPECTRAIP SpectraIP B.V., NL)
PTR: 45-87-41-89.static.pwxs.net
autoconfig.jiotvonline.com
5    142.250.185.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f8.1e100.net
www.googletagmanager.com
1    172.67.174.11 (United States)

ASN13335 (CLOUDFLARENET, US)
fasty11.site
1    104.21.88.78 (None, )

ASN13335 (CLOUDFLARENET, US)
fasty11.site
4    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
www1.btc747.xyz
xdiwbc.com
4    172.67.135.38 (United States)

ASN13335 (CLOUDFLARENET, US)
1337x1.wb4.xyz
2    178.63.97.71 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.71.97.63.178.clients.your-server.de
ad.a-ads.com
static.a-ads.com
2    142.250.185.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f14.1e100.net
www.google-analytics.com
1    185.162.85.2 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
tdmrfw.com
1    185.162.85.14 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
wivyiz.com
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
pagead2.googlesyndication.com
1    185.162.85.4 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
ptxhzp.com
1    109.206.168.17 (United States)

ASN50245 (SERVEREL-AS, US)
PTR: 109.206.168.17.serverel.net
jswww.net
4    109.206.162.121 (United States)

ASN50245 (SERVEREL-AS, US)
PTR: 121.162.serverel.net
cdnid.net
4    104.21.234.72 (None, )

ASN- ()
imcdn.co
Apex Domain
Subdomains		 Transfer
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
335 KB
4 imcdn.co
imcdn.co
17 KB
4 cdnid.net
cdnid.net — Cisco Umbrella Rank: 26233
1 KB
4 wb4.xyz
1337x1.wb4.xyz
30 KB
3 btc747.xyz
www1.btc747.xyz
3 KB
3 jiotvonline.com
autoconfig.jiotvonline.com
4 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
41 KB
2 a-ads.com
ad.a-ads.com — Cisco Umbrella Rank: 34375
static.a-ads.com — Cisco Umbrella Rank: 45230
156 KB
2 fasty11.site
fasty11.site
1 KB
1 jswww.net
jswww.net — Cisco Umbrella Rank: 603951
19 KB
1 ptxhzp.com
ptxhzp.com — Cisco Umbrella Rank: 110531
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
1 wivyiz.com
wivyiz.com — Cisco Umbrella Rank: 100799
1 tdmrfw.com
tdmrfw.com — Cisco Umbrella Rank: 96098
157 B
1 xdiwbc.com
xdiwbc.com — Cisco Umbrella Rank: 253457
25 KB
29 15
Domain Requested by
5 www.googletagmanager.com autoconfig.jiotvonline.com
www1.btc747.xyz
www.googletagmanager.com
1337x1.wb4.xyz
4 imcdn.co srcdoc
4 cdnid.net 4 redirects
4 1337x1.wb4.xyz www1.btc747.xyz
1337x1.wb4.xyz
3 www1.btc747.xyz autoconfig.jiotvonline.com
3 autoconfig.jiotvonline.com 1 redirects autoconfig.jiotvonline.com
2 www.google-analytics.com www.googletagmanager.com
2 fasty11.site 2 redirects
1 jswww.net 1337x1.wb4.xyz
1 ptxhzp.com xdiwbc.com
1 pagead2.googlesyndication.com xdiwbc.com
1 wivyiz.com xdiwbc.com
1 tdmrfw.com xdiwbc.com
1 static.a-ads.com ad.a-ads.com
1 ad.a-ads.com www1.btc747.xyz
1 xdiwbc.com www1.btc747.xyz
29 16

This site contains no links.

Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
btc747.xyz
E1		 2023-09-30 -
2023-12-29		 3 months crt.sh
xdiwbc.com
GTS CA 1P5		 2023-10-02 -
2023-12-31		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-03-18 -
2024-03-17		 a year crt.sh
*.a-ads.com
Sectigo ECC Domain Validation Secure Server CA		 2022-12-21 -
2024-01-21		 a year crt.sh
tdmrfw.com
R3		 2023-09-20 -
2023-12-19		 3 months crt.sh
wivyiz.com
R3		 2023-09-21 -
2023-12-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
ptxhzp.com
R3		 2023-09-20 -
2023-12-19		 3 months crt.sh
jswww.net
R3		 2023-10-08 -
2024-01-06		 3 months crt.sh

This page contains 5 frames:

Primary Page: http://autoconfig.jiotvonline.com/error.html
Frame ID: E9187478FC8244A17B681FD8E12BD50D
Requests: 3 HTTP requests in this frame

Frame: https://www1.btc747.xyz/2023/10/heat-sign-guard-dru-smith.html
Frame ID: 7505EA6784AFCFDF93D9B526955BFACA
Requests: 12 HTTP requests in this frame

Frame: https://1337x1.wb4.xyz/2019/05/tukh-malanga-chia-seeds.html
Frame ID: A7CAC9A909880B111F5E89E3E2BCE868
Requests: 8 HTTP requests in this frame

Frame: https://ad.a-ads.com/2238604?size=300x250
Frame ID: E8D9AA098AF305880215C6DF8332C9DA
Requests: 3 HTTP requests in this frame

Frame: https://imcdn.co/C7yCeVzEPrIohRfaGQ9iouOV80bjBFe4BwmbZkVM.png
Frame ID: 07C3EED48ED9A5C18FFD953534869415
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

404 Page Not Found

Page URL History Show full URLs

  1. http://autoconfig.jiotvonline.com/ HTTP 302
    http://autoconfig.jiotvonline.com/error.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

29
Requests

76 %
HTTPS

0 %
IPv6

15
Domains

16
Subdomains

13
IPs

4
Countries

631 kB
Transfer

1407 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://autoconfig.jiotvonline.com/ HTTP 302
    http://autoconfig.jiotvonline.com/error.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • http://fasty11.site/red2.php?rand=jCcb127e60bfa28628b2fca4dffde3d66b&id=27 HTTP 301
  • https://fasty11.site/red2.php?rand=jCcb127e60bfa28628b2fca4dffde3d66b&id=27 HTTP 302
  • https://www1.btc747.xyz/submit.php
Request Chain 25
  • https://cdnid.net/b2/l/i/icon?cid=1&did=RXxHUGQ&eid=10592&n=74fdc9fe053e159751659329&nid=1&sid=GuVf4ioaRcctons%2FfAgS1nDu8ZKq68GsV648rgaGPDfbakQERVVV774ACKiBMteBZoTTngJRCx73CI5HQknXAEdqffDEyGpo6VkaujycQkswrkELBm%2FewIMqjXAWrqK9C59Co7hRRbkF%2Bs5hskm351JiQED1SI3ncqlaqmqel04tT2GDf9kR9QU1SUVfpsXUR0i0b%2FcfMFKz7iDb2qLC5dl6yM79UaoXGCt8bD0bP4BA9D74CYE8HkN0QTw1%2FbAcEUW2e4BLxoBSkvXcXOjoMMSsV3I44pF%2BJKpsBRIBz9ozJhSMssQz14RAZYXRQSiy%2BRlm1yGMXbUe5fxaDVN27N96%2FPsGi2arlg%2BcZ%2F255wT43p%2BzIiH5tDRes7M67Momn8BhPn0P2Nx6U%2FjqWkod09XXR%2FOKTe4ZL8Qd%2FRWX%2F5dW5ZBTvCLy%2FoiKHS1je8UQJPr1fBXG2EOjUpFFtDjpP7QAq%2BnyN%2BmcW2mLy7%2FkygBrg%2FHGmcYcV9t4hUJERjJdiNEL%2B%2BFwTP41W7Is04XHGaqxXZeOPnvqp9wqb63rTDAhh2PbyOxqm%2B19VblONdMx1SsIMvuTku3BCeNcFjldXeV6V2oXlpSEd7HI4Gj88I6xa9L3L2arf3K8sxAJZordQ7miuZpgiYT0KL70%2BhbJzI%2BuS%2Fz3NAqpO1ui55NEKsHiz%2Fj3zZZ17KMD0ZL%2BYl39wX8EFyiSsXd7EL2xNYsunNLiGsxWqNCNteTEXejikok1xrg0rT%2FdzryTo0EuWbmIF%2B1WpX3ZfN4dC%2B1yxP3vaAjXBg9gWcBgAN6Z9IYsRnYJIYi0DQbCPF48JN5vdPbq4RmZ%2F0hPv3kMB%2FTgy7Vnxou5G6WyTxNLhEbpC5o8XzBsFVKOU2zzFv8j4WFxPyQfxHZa%2Byrphif3bTeVEI%2FWS2zUfWnNlDV990zElTO%2BawK0QR6RqyXSMPtEXBgYFoKlPDPlkJKEDmnVohRnm3oEEwSdBrlRWzSEnYTJH5mOUOXKNLAVAnNtrIUAABFudpDZqnPxHmLyFpMVIs04HWz5KukFLLPixGZfWnbze9hdocwNmhpXRBVwURFh4fBkIZoOPEEBNTk%2Bu9EdugUBiqXPeA%2B4xDwN9EanOOFDb6DKptEbPWZupMFlKhWptDUhapePA40FCv8FwBAFG77Pn%2FJQ3S7QJmdiAg9IVij1sHU%2FXWqhpKk7IH6qJTXyqBdlGCdteLSsjZQYN%2BDbg6AO5jy9%2FI8Ki%2Br03wUmzWxq36ohZWU7d4KFVxoPlosmmHjppPoiazOazGdVvIVWtn%2FvXZRX%2FrtbgkYWu6q64rNNAP7zj4%2FkbMkkdI4dUUZ88mFh81qVE60x0fZkeQ1WDBqipEMViMxnB%2B%2FgBZPuT0XA9%2FYpIVe%2BzFG4hAaNyrGF%2BdEQnudA7%2BSLLZ0H5GCiOM4MyeoGpBGzpg8AJTffNe%2FfMIBib6W2KwGn1HukV13WlcQp5w%2BXfjjCmdpIin1sXPA1JJ2njx4zKMfEQl%2F93REiiGhBcwRK%2B8j8XFzZrLteDBzzDAtXyySeP935wgARpwZ3WOZIxISAejVYmWJTo4VzlvMR%2Fkm4sjoipPIl9PRWTQC3vH9kZT2qUrwZXWCL5SlN6ZRTJPjreUK0he%2BloaPL1J70%2BRRC3hGyK2qHiGeHt9W63lbkhR4GKD3rrSi%2BdyNyW2Z9vqDFoX0qTlC%2BNNFOvKLFFJmiN2Ff51PtriXQejOatfGSVez0wYAKMUg7lZ%2Ff8NHwnBQ94zNJH5GbFzRxEA9%2B0HCjRBw0%2Fc6tSl1otDxpkGhSXiwkNIrjeJhE0RlSsxGSbOJZPEYvpzLB9BnWmBOTJu%2FWu6fDJ1aKJM%2FD4iAinjln8yIXQ1HbbURBtAzesbDaAkChapomP%2BE&ssid=3301527076SeiMuGQg&ts=1698465724&ttl=7200&v=v5.8.5.1 HTTP 302
  • https://imcdn.co/C7yCeVzEPrIohRfaGQ9iouOV80bjBFe4BwmbZkVM.png
Request Chain 26
  • https://cdnid.net/b2/l/i/icon?cid=1&did=e09laW4&eid=10592&n=fbce70426afb3b2a3bc05761&nid=1&sid=aVZn4jPVsuBjYRxmZ5UbnWYa6tTX9KMmV93bHwEWspwSaGTaAjm5QItE2nn%2BYhWRlib1zl%2BadEgNoe%2FYrvUpzDWfeK%2Fty6ITQSY7nFMzy%2BltQIRGL4x8GPQ1kPIAhr5vHKZbA2EHxeId0k%2FQCIaZL9lS4XXVSp%2F1GMD7auCVs9EBs5Mj%2FTIz12ryqZPe5DZ3i2yMInQNJTj1%2F6p3IjJjP4SofXPh4b%2FwmnaJ2WjVJsyoqnlpCV31pnoAS4AkVoTj8NGA4fDiNiR977vZFQ1dJAn%2BA67yModF0aCBiUy%2Bkr47Yx0ZM%2BzzvPtlehfXGskBwTXyFZTnX7PqYwUlc6WrpK3x5ziFE722H9HHR6Ob7hMwqpT4RcQZdIZPefUd26dvorjtXyK87Hw55Jtg8lwnEOgOC0fE%2FxjZrjSV8kwdk9RjS2dlXBmFwhKoDeEQRWJYwPl4w7%2B2xfg8ukhuAZhdEDjGeIpYvPU0FPt9HgfFnMq0eULbN%2B%2FsOa%2FBkugxjdRXM3soXjBS7XooiThAPSts8L4pGXY5oJK0%2F01foFbDQAbBQbEwJb%2BzYRdvHzCto%2FheGKTRTD3evPfMtLYhuRLugAOUVpsz8rgR%2BNdBn%2FIagihk9C7iIoMTadNv7sr3bDH1fW1CaAuOXD7WLbbYgHS4tJDYMWU%2BSeaI6yleavEa04j1FjulrdH%2BQpJQCD7vaS9orkDCBgnyQjR0YzKsl9GscTqEdFgH%2BODOz%2BZ%2BnUvQQktrXWzByUzG45OwnkKiwvA1BP1o6JgNiBVHk2mJMJ0fMjI0hFX8iCsFD0kYGU1EQvFIZLZckkXfFqKj08ZMDrs1yTM%2BDruZL6O9uxFrY63UnRnHwbU2ei35LSzN9ZXfnsDT3v8LnIJuVIXgVXpeDczfOwaG0cp3IWIaL%2FJDbY%2B6Uo0ynd1WX1Nnln1tLpXy7O4Km5V3xAhL9qJgLm3Q2LdkuIcDFeLI1AFME0u9wJkjTOKzOjJpBKBkCPgHwESW3VgZCyZYS8OmAYCICB52%2BC7mbUM9xape1ei2SB6QuRiolMX%2BYTMgjuVlL2NBZdb9wZIrdw%2FJd5GsNm76yfiyfcjNzq7m3qaJrLOo8wR9q5%2Beudi7EhT1iqR0w3jAaLQBXX%2B1d5e5AAFo%2BqsUVlQ8bS%2Fvbb7uJ2EZPKyb2cy8zSLfWVyfS3cfDtDGAZtQc5rshZ4Em9cObwC8aUIIF8mBAs%2FHkrrSvtsedWX6vnAHS02EZhEW0PFQU7PqU88%2FjSMwWskkH4vQTXbmJ9nbub8hKaW2tlFP9LIMIqAjjw4LE7fKT5Eds%2BSpAfPM6Miy153M%2FgUZLrjmE0aIUbvFIFg8zJV%2F5CQOzLUeZQK4YMjXHkMcrAZFA1zF%2BawFvo0hPvslM8OIPmsOatvbqsdfJfj9e99Wd%2FP1CzGNsyHvBPwoXN9taW7YJL71O1IDusCCS16zgGxW8ZiWOPXlux4LQI2eCEZjoxVOaX%2BYgNw2RFYW%2Bkiv%2BmX3AdQh8p8%2FI4zCGX2UnKY3n4ZuLXo6gJVJbyaI1g3yHoyxG5ll%2F9%2FmXH3z93ziKIvokViZ7zJ%2FhaXuV9AQ%2F4B54%2BtejSzgdQppN3NBXOG5edvD9plbfHTyJ7hd65XwrNLzMrN7ImYdrj6ADhp904ujhTkBk3ZNDv5t7oQuXZ0%2Bajy46PP6xxc%2F7RhM7rRaznWpV2UPcHA%2B9DQY333WqUc9IfP2mW4nWQmHVwGCc98NXCalFFenTfEEt5ftl%2FtIUI35WgHkYbnIyXREdyXbpY6BA05HkCPu17fWZ7wOyMphUSQRT9DJmke%2BxaskCH947e%2FXnFpyAWqY64z3OlMHMJEeBie7NukcjAham8yxtO1QfoL0WVc87hG7Rg5iQG2yb4JyNBcKVLA&ssid=3301527076JCNsFehm&ts=1698465724&ttl=7200&v=v5.8.5.1 HTTP 302
  • https://imcdn.co/ptbWgmjzFLnMOFJ6D7aDV0X6NmUQ9MLDVEbEeNUp.png
Request Chain 27
  • https://cdnid.net/b2/l/i/icon?cid=1&did=T3xDRUQ&eid=10592&n=abc4a1523be6be27f4696dfd&nid=1&sid=91j1eWIejPDpFcen31iyHzOo64L1iA%2Fi%2B2xosXI%2FijvrRs6%2FwUXJTDY%2B99S%2FhwRB2No7bOe0Tw7gAnElhCwMcCpX0OhXEndH%2FCnAzIhY8FaRzh1vO2qJmWfeyOWqF2n3lkkfuPl0FPzyYzIAlVcfVCgimjWoavlEUZcrHxSTGUVshKaSPO12oWQ63bygS8nvFCPY0EXnGswZmw5ifpz8DjnJWd0whRKgeQV81EbefgA4PPI81kZChFhcA9ElAVLvcZCMA30cwc%2Bnj3Z%2FbjyjrJYgeVr5xil3NKGcrU5yOCfyEIRWAHY8Cin4L3Ub1fRfZABux251n2AL9ggPoFEKTA5Pj8OZbudgy7xhFV6FRv9jfBFGUkroYCJMemZFcnUCkNgCRnNbHyW9CDEIXgbah%2F4zVwX26%2BDwh2g3g5i%2FjJvRfFKesZu0AVIfwRO5CK6rE6W%2BtNSNzqzzfsZ9Gt7k%2BZ%2BkiMq%2FmZKO%2F2%2BmBWuUtJVNoD3OlA0lgCR%2FWi9P327otwvhZmcpcAfd2EbQ8XTZ3kUsR4zX2AaSru9hpgBCI%2Fv7tzy696qDswCPXSd8fQI0u1ExFinxZN1jr4zJkpF8aolIo2XTdQFo5rDvfqfk%2Fk8BnxvexV6ACmWXb2uNI7fI%2FgyqTcM%2FrJVlMQnLw4wcyO5uxT9v5KUctfxGFjda1Uv3JYzCO2kwkZvNQBEVH0QENOaB%2B2HZAf1jIHHV2HqQjdFPRLudPGQ%2FC2QZhi%2FlO%2BRw9YvsQJ5Cfo0z2k7ZlhWLZ8hqvG4O4NCyfmaRs4Ec0ZtptMcnE1uKO2zFOYyVvlrg0QftaG4%2Bmic4lteROAmVb%2BrxUZvnt2ZDO%2F6O7NY76vwCrFn83jRgvN%2BZMWWWKeEko6%2BwSCYVbDK6SEqOVJlHbTnbF%2B7GTbZOeWzcuJaSw%2BV8770baAwQ04RBWAj2X%2BDDBRMgSLAjPmTtRNihr1O%2FTyOofscuA%2FNLcibfqrhy4aVcxFOFy4Rw2lqbM0jQxVNSkAsLSvCuYtrAgM5%2BgMWjYk6H%2BT40FvSwZzh13UIpa2W%2FLmiKLsYfSh62boURl0%2FNh69%2BhLczpbVBUKKyMwnOqznL%2Fi5kxvgGcWxf969nNROWFNUyNy4LZVz13%2B13csN%2BayCvEvg6OqlECnFkpMl4VaC%2B6xh8Ert09VGO6b5XZjKLGWyI6qiU6mWxOLxeY99mncWAYtzo0o5BtxzFzuumGnlKZ4SISiNKZ0rvJZRyLQqvMRv1WpdrFQiT0S7I3fI%2FgGOuBF37nwJMfBrKvrAR5a0QkCG291MbXhLF8AeRcD1aErZW8Rw3SqlqwERRfCZIqamZRtoMunUyfBxK6gCdC70s0I58mruBhb7QPhe1uyvqede3WP%2B9R0cW6TqwBWZYOOBjFFeV6My%2BfUIUvr7dgHbeNwlUG8bDnOLWXpQZqsdNctya2R9o%2FWReC9hdyUQqWzSBHusX2aCxjQYPzera%2BpToZpSKk27xfXGXOSByagADRNACTVWGNVNXxVcSQmFee0eV%2FYUrOcCDVN%2BTtditwn0Cl%2FoLZ5xpw%2FdD6nABew0ttZi1SJpk%2Bm0UzPSZp%2Fu%2FZoj5dn909nphrohd4XmtWzmHksINP8gE%2Fouv0QuzVr3EtWfVi9eruTyUEUJTspeFr9f8%2BBtjNApnbnhUK8JNnu%2B5hYDoAHBjkIHqAGsu5DXhRhPYUT1JlANAEiWttO8X6b2SzkMha3flCHBw%2BKtlmGpmNCyLVN2SJE8Qv%2BaYGhTibsv5gJfISq%2BJZcmDgHMljL4XgtJBzoCA5FgaPqrLownSc9KXVKCE5Ml5s0oS7256tP6b6tUTo%2B04Qb0KJiK05Ro%2BkC4%2FupBxtsQGFSMP0XO8DR2vynEIDN7DWKC%2Fs52sDdy8Fus&ssid=3301527076hVfGuCDG&ts=1698465724&ttl=7200&v=v5.8.5.1 HTTP 302
  • https://imcdn.co/317urqDu1FufnzaNFh4vUEsN6jaiUstzubSxWhhc.png
Request Chain 28
  • https://cdnid.net/b2/l/i/icon?cid=1&did=YE1XRUA&eid=10592&n=4c89e10c4c8c470c7680a7de&nid=1&sid=nGnh0dHR76lD%2B9aACHYyAMhncxAY491IAwXdN6E%2FZF8057m%2BMGkN4zHquPq%2F2k9WRG0nWLHdzFAW3vkHI6VelZ7TpaAa0sk9bdR28y9tFHZIayRFgSk%2FwGLvLWl8FqeGcsoiKELHAQLjF9pvqhNx40xcXGNC%2BgIHtgQZAUrBnBD%2BgTFXdm%2FLNdZt4jyl0coI76Hkx20t%2Bk6NvzBzkBBNTk2LMS72zeydaqJ%2FfdARmVmZ6TTw8uk2orp4yzA6tiIExs93guC%2Ftnt2AasCZ9lOpxzHJqZmAqDi3RkYersHgikSlmWRjkljO%2BzWj9mYEj1sx7KPK%2BMLoTn0BtFRjyvIrzuSCQc1QFlAWKOR0iI9pX0yZtldm69%2B7NUIqF3G5%2F1WsimK8bXwQ565Czr1s90UijhZ6hSFY7Poc4led2Z9vqjW8htWh5uPsl79bgK3vR9q33ByX%2B67uMh1yKpWCwG2zg9%2BYiqoE0bolRzHEszHEJWGG%2BrxoGYjgCX2QzxX2eG6Et%2BnCZoMbkrcraoNYFO1oFcutp1R%2Fl11PB5FzCbMXUqGs%2F1iPUR18tkQblWTJva3FZzjitMbPFUAx5vqoBTnk%2FoyecraOVv0pgR7YYsffi7mUORXd6FfnwWLdIDLKcmmjgrDUGoC6XEMMaDibqbeKkPryfUnEEOIKRQe9MIa67f2egsWICp8jqj1xes6aYD86o2s1YvemkscySsgB2VgkejNsPE9vwdi0uv1Ti%2Fz5TFXz7mFnCIK4ObQibh%2BhY5V%2F8tkpCna6GKxY8c%2FDh5Ug3k9AUT9tSjjxXPRvM6Rf8XmNobrOIekUCuQh7u8ktFMEMFNqjTfsNnCf%2BvMw2zKxzZ%2BR3md3Ho4%2BC0bjGisePpx4oPzMzI2e%2BBVK0u13MBob72TZxnbJMCdwIDDhg79u1tEadmhWdDVYBtryCFR4Gz4wK%2B8P0R4buKEvyAkQAHHOItX7MsPT3KrmGmDZ0aoJzyb%2BNx%2F7EWcY%2BTO7q262nsN97S7YXcbJOcZI4yCol%2BDiy7n1fbgSyPXm75aEuM7rYpHfWKl2qmtz05DJxVI7342OFfY0VQYhbKoEU5fVvgJ0NZW%2F9gvZ1dptkivqC47nkqNyXJbZlAO4g3Ejg69i%2BVmXv%2B5sJzBy86Frf18PtipITfV1FtXwVjvDZwH6i5VtYTmTd532RvRrXsJ1BSHNBI%2BUkTfdkDqWkgp0cmMyPTfPWCJhBqGk1X%2BXBGD8oyoJUXyjR%2BarNqDH6T5Gk9L9g68R%2B91Qz%2BDi7K%2BXMN5fXyEpyb9RClgIdvf3mEl7rg80d0PRI68MtX%2FjRswPKbKc3TxVMlVr2X4z%2BN4MDQIX3Gqr706VsJw3oJ3FKjAkCY8MhktX1sCm4f7AF7vUQHjszo871bVtfgEYShr3DA0I8Yv9f3NlqvSWjT3t1oxNvhNfFVuD9TAGdxPK%2BzI%2BwajfA3qKq7ni8OcQK0i0pJbwPpHdbIof9srQnPb9kQ6l8adgbXm2WJxb0DJOmWP5RHxIegedSOaXwYd3rv4E12IibSJSeULtlXlHb4FbmMWqPF2fBJLiTSCERMXlafRFAfA3W%2BSgP%2BbMD5JF0agsIs%2BII09OfI%2BggpATpKMR3svFSCMmDjuklm8xJ3%2Fmn5F7M1snOBAqu%2BmLXmMIybSpljVKnYc0QQpB5xNcy%2FDZymF5LJQdHinXrPDQmZbM51M8aSmNogtYPfKUgvqHNEZdcrZI7n6IQJdB7F%2BIFoyAoYo7s5X1RCPH9Z5h2Nd20InRA2%2BVE1LGj5m0tensiWLW0bnknCd7pvrs4MnESTyiVQy4xC%2BXU%2Flkw4aXlFLjB02sxPSew36bMg2x3NclPlNWsTT97vUlwrT2mYW%2F7%2F7UkBeAgbNqzV0mhQw&ssid=3301527076QTEhDWDC&ts=1698465724&ttl=7200&v=v5.8.5.1 HTTP 302
  • https://imcdn.co/mE3BkCCIfuFgEbjuGCMLXCzFW7ODRCOp8YxFTMYy.png

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request error.html
autoconfig.jiotvonline.com/
Redirect Chain
  • http://autoconfig.jiotvonline.com/
  • http://autoconfig.jiotvonline.com/error.html
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://autoconfig.jiotvonline.com/error.html
Protocol
HTTP/1.1
Server
45.87.41.89 Groningen, Netherlands, ASN62068 (SPECTRAIP SpectraIP B.V., NL),
Reverse DNS
45-87-41-89.static.pwxs.net
Software
nginx /
Resource Hash
9684b032107c042837bd4fb21eeb41e94d1ae25fe1c31314c35e6ff863842e69

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 28 Oct 2023 04:02:01 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding Accept-Encoding

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Sat, 28 Oct 2023 04:02:01 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
location
/error.html
style.css
autoconfig.jiotvonline.com/theme/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://autoconfig.jiotvonline.com/theme/style.css
Requested by
Host: autoconfig.jiotvonline.com
URL: http://autoconfig.jiotvonline.com/error.html
Protocol
HTTP/1.1
Server
45.87.41.89 Groningen, Netherlands, ASN62068 (SPECTRAIP SpectraIP B.V., NL),
Reverse DNS
45-87-41-89.static.pwxs.net
Software
nginx /
Resource Hash
a0271d5518cf46a6d41147226cd4d79f6541e0190824cb35a01225008f5ab114

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://autoconfig.jiotvonline.com/error.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Sat, 28 Oct 2023 04:02:01 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Aug 2020 22:34:53 GMT
Server
nginx
ETag
"118a-5adf7a954fd40-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1350
js
www.googletagmanager.com/gtag/ 		110 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=%gcode%
Requested by
Host: autoconfig.jiotvonline.com
URL: http://autoconfig.jiotvonline.com/error.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
83158abe9fbeeca5ad604a91b6cd85f9ca72e74742ea7de3ef12f8c2bc0b1910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://autoconfig.jiotvonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 04:02:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43782
x-xss-protection
0
last-modified
Sat, 28 Oct 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 28 Oct 2023 04:02:01 GMT
submit.php
www1.btc747.xyz/ Frame 7505
Redirect Chain
  • http://fasty11.site/red2.php?rand=jCcb127e60bfa28628b2fca4dffde3d66b&id=27
  • https://fasty11.site/red2.php?rand=jCcb127e60bfa28628b2fca4dffde3d66b&id=27
  • https://www1.btc747.xyz/submit.php
338 B
609 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www1.btc747.xyz/submit.php
Requested by
Host: autoconfig.jiotvonline.com
URL: http://autoconfig.jiotvonline.com/error.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
ac03b241013f29a29e2960d28b74ac3a15da00d084cc70fbb4595a0e4b734a3d

Request headers

Referer
http://autoconfig.jiotvonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81d047eeac7b9b8f-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 28 Oct 2023 04:02:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OBAD40pqvkPVI8q0WBhQ2iOj00lYT4hlo9h0YE%2FWw9j1tsXIZRo1RkT4Wwxhzn2Uxr8kKmy7ss05f4WASTxjJlGrUS1ZClKSyx%2BeKVl63Q3joU09P5Xfq%2Ff9VqrO7qtgqFI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
81d047ec0e7065a5-FRA
content-type
text/html; charset=UTF-8
date
Sat, 28 Oct 2023 04:02:02 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://www1.btc747.xyz/submit.php
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4mpidU8PFpQOQnVhsZ7XVBDueCtW4r2ura%2B9UW%2Fi5pm8%2Fwoi65pz%2F%2B%2BXFps4tZl0kHaqF4374o3hJs01T62GzyXGYFeDg7lDVlJNMTYayucF8jtDJYNo1JbpBBtjF78%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
/
www1.btc747.xyz/ Frame 7505 		377 B
545 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www1.btc747.xyz/
Requested by
Host: autoconfig.jiotvonline.com
URL: http://autoconfig.jiotvonline.com/error.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
7423a1f77e344824dc7e8a8a4fd4956a3d0c78f1552b141a338203b54dd09262

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www1.btc747.xyz
Referer
https://www1.btc747.xyz/submit.php
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81d047eefcac9b8f-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 28 Oct 2023 04:02:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2Fa57m0jF%2F3g1LWgtpu3HphWlw4AQSXhGg10DQs27q9EURh7FMATvhd0HtJyVfdUexw3RgHvQQvY%2BrfkkTthEashPZQKe28z4FHn7g31%2B6pgGNipX34dpQ6Zc%2BEkChjfFTs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
heat-sign-guard-dru-smith.html
www1.btc747.xyz/2023/10/ Frame 7505 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www1.btc747.xyz/2023/10/heat-sign-guard-dru-smith.html
Requested by
Host: autoconfig.jiotvonline.com
URL: http://autoconfig.jiotvonline.com/error.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
5cf5a47b185515c06e3f112055f3b21fbaed678aaeeeb5c1d65aec5cca5ba2b7

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www1.btc747.xyz
Referer
https://www1.btc747.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81d047ef3ce69b8f-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 28 Oct 2023 04:02:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lGtAb3RDcDqDFtwDFyiMcQGQmycpJ3la1Z8gEFb6TqTHMk8gOZEu3oPYXB%2BwuQcqAZ7y2sQvjMevB%2BWJdiW2v19dXytfJ56cGLKkTQEOGn3hGEbhOcgqzKRMyXj8Gip4cwM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
js
www.googletagmanager.com/gtag/ Frame 7505 		185 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-46789381-59
Requested by
Host: www1.btc747.xyz
URL: https://www1.btc747.xyz/2023/10/heat-sign-guard-dru-smith.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
62c7ba6bd99ff372731aeb96a47064758990819ef4642fdfac664384f09f1bbe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.btc747.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 04:02:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68656
x-xss-protection
0
last-modified
Sat, 28 Oct 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 28 Oct 2023 04:02:02 GMT
waWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsInNyYyI6Mn0=eyJ.js
xdiwbc.com/pw/ Frame 7505 		66 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xdiwbc.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsInNyYyI6Mn0=eyJ.js
Requested by
Host: www1.btc747.xyz
URL: https://www1.btc747.xyz/2023/10/heat-sign-guard-dru-smith.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b69c86367c2201d34fee810ea69c37396905c36c9a44ad91d304d345a6b4001a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.btc747.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 04:02:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 28 Oct 2023 02:55:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
e-tag
af805219530f56f58dc5c36614479d79
age
3971
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9rPaKyzkbeYYX%2F2YIhNFGyJUMI7e8o3TLbsCYcdbXAKkpBkuwetgp6VAz5iK6nr0ayw%2Bx6zu9w2yW6ksdzs1r%2FTAI8rXFCE4bszzZYTILjnDTLua9KBZT0pO5Il6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://www2.btcx.sbs
cache-control
max-age=14400
cf-ray
81d047f1be7a3605-FRA
alt-svc
h3=":443"; ma=86400
submit.php
1337x1.wb4.xyz/ Frame A7CA 		1 KB
928 B 		Document
General
Check archive.org
Download Go to
Full URL
https://1337x1.wb4.xyz/submit.php
Requested by
Host: www1.btc747.xyz
URL: https://www1.btc747.xyz/2023/10/heat-sign-guard-dru-smith.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.135.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
99262cf14b9cc66dc28995a10253b7025649240b73a10bbc57f8d0cfd471bf56

Request headers

Referer
https://www1.btc747.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81d047f1afecb790-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 28 Oct 2023 04:02:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RqiZ3wgHR%2B%2FcLGFdc2w1H1ISmsLGvblakDBniOgeE3gRsNFy%2BX2ZsS7D0N%2FNfCf%2FPHFzeuLzzz9NVYKHB3AVSi8A9ogCXAEG7qNgraBefMcHZThwrNgOnh4W0il%2B5Go79Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
2238604
ad.a-ads.com/ Frame E8D9 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/2238604?size=300x250
Requested by
Host: www1.btc747.xyz
URL: https://www1.btc747.xyz/2023/10/heat-sign-guard-dru-smith.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.97.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.71.97.63.178.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
12eb58c1b41a3549eae7919876d0abf4e0669263e30f57015c799c2a5e6be529
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www1.btc747.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Sat, 28 Oct 2023 04:02:02 GMT
server
nginx
status
200 OK
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-original-referer
https://www1.btc747.xyz/
x-powered-by
Phusion Passenger(R)
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ Frame 7505 		222 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4SD8J57M3L&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46789381-59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
a09c3861cdd1efedb1cf03d206452f767572fd79a2d758ecad14fb2f291a802d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.btc747.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 04:02:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80627
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 28 Oct 2023 04:02:02 GMT
analytics.js
www.google-analytics.com/ Frame 7505 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46789381-59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.btc747.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 28 Oct 2023 03:51:32 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
631
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 28 Oct 2023 05:51:32 GMT
300x250
static.a-ads.com/a-ads-banners/117603/ Frame E8D9 		151 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/117603/300x250?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/2238604?size=300x250
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.97.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.71.97.63.178.clients.your-server.de
Software
nginx /
Resource Hash
56979661e60a2854395bfa60af743f37f059f7974e404fa38fc459952b8b09b4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 04:02:02 GMT
x-amz-version-id
MDRGnyw9kCruRlqmS7AytZ4Es5dbIgC4
last-modified
Sun, 19 Apr 2020 16:05:30 GMT
server
nginx
x-amz-request-id
E0M6444QCK5DH7EJ
etag
"e611891876c203f494097807a9a1ed33"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
content-length
154540
x-amz-id-2
7TY2MJTtiD0GBpRiha1k5420dDTQ4OtdGfsHccTzr6Vt7JUFvqkVWxAwdarQeHT0GycWkG4Oecg=
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ Frame E8D9 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
1337x1.wb4.xyz/ Frame A7CA 		1 KB
825 B 		Document
General
Check archive.org
Download Go to
Full URL
https://1337x1.wb4.xyz/
Requested by
Host: www1.btc747.xyz
URL: https://www1.btc747.xyz/2023/10/heat-sign-guard-dru-smith.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.135.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
725ebd8bf9e6f8daad044ffcd93cb76f463b22e3f29e3ab78844e860a75e6ce1

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://1337x1.wb4.xyz
Referer
https://1337x1.wb4.xyz/submit.php
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81d047f21fffb790-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 28 Oct 2023 04:02:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PyfFiispHAFb02LsrlwgZeCIG6HdctC7%2FGgbGSfblNYcyE3ooXx8mIPb8mQDzWXIK5qCui87aLGTJPm5Q2cOkUBWq%2F240ipHUag5ofwMXc7zxtCiFzQqHVtyt%2BqX%2BIDSsw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
e146a111-408c-4d59-98c3-8685aa066e25
https://www1.btc747.xyz/ Frame 7505 		91 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www1.btc747.xyz/e146a111-408c-4d59-98c3-8685aa066e25
Requested by
Host: www1.btc747.xyz
URL: https://www1.btc747.xyz/2023/10/heat-sign-guard-dru-smith.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Length
91
Content-Type
application/javascript
wnload
tdmrfw.com/ Frame 7505 		0
157 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tdmrfw.com/wnload?a=1&e=aeyJwaWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsImQiOiJ3d3cyLmJ0Y3guc2JzIiwibGkiOjJ9&tz=2&if=1&u=aHR0cHM6Ly93d3cxLmJ0Yzc0Ny54eXovMjAyMy8xMC9oZWF0LXNpZ24tZ3VhcmQtZHJ1LXNtaXRoLmh0bWw=&inc=0
Requested by
Host: xdiwbc.com
URL: https://xdiwbc.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsInNyYyI6Mn0=eyJ.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.162.85.2 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.btc747.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 28 Oct 2023 04:02:03 GMT
access-control-allow-credentials
true
server
nginx/1.18.0
accept-ch
Sec-CH-UA-Platform-Version
content-length
0
content-type
application/javascript; charset=utf-8
admc
wivyiz.com/ Frame 7505 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wivyiz.com/admc?a=2&pid=1051205&sid=1224016&wid=465053&fp=8aa49d19e79912b338eaba246804089b&f=8&tz=2
Requested by
Host: xdiwbc.com
URL: https://xdiwbc.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsInNyYyI6Mn0=eyJ.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.162.85.14 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.btc747.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin
https://www1.btc747.xyz
date
Sat, 28 Oct 2023 04:02:03 GMT
access-control-allow-credentials
true
server
nginx/1.18.0
accept-ch
Sec-CH-UA-Platform-Version
content-length
0
tukh-malanga-chia-seeds.html
1337x1.wb4.xyz/2019/05/ Frame A7CA 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1337x1.wb4.xyz/2019/05/tukh-malanga-chia-seeds.html
Requested by
Host: www1.btc747.xyz
URL: https://www1.btc747.xyz/2023/10/heat-sign-guard-dru-smith.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.135.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
70c98c1223cf4e1d32749651acf3d293ac9ca8087927d6fb9066ddf455b05c8e

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://1337x1.wb4.xyz
Referer
https://1337x1.wb4.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81d047f2a826b790-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 28 Oct 2023 04:02:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nGLTkKLeXGhMJ6d%2B5Ik9Z8OaYUqovpRn5UO9CpXjplerfmY2z9Iba1%2F%2FUzBLWj54ikNs3OAta8rKTiNPR2zFPoblTo%2BhgpI5ir3WkBLVFuNbxK2ZgDiSbaEyIPx%2FILS2sQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
js
www.googletagmanager.com/gtag/ Frame A7CA 		185 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-46789381-49
Requested by
Host: 1337x1.wb4.xyz
URL: https://1337x1.wb4.xyz/2019/05/tukh-malanga-chia-seeds.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
cabb7daed2a87b13f2837f8710d91fefaa9dd76c924d805606c484baf393a083
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1337x1.wb4.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 04:02:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68655
x-xss-protection
0
last-modified
Sat, 28 Oct 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 28 Oct 2023 04:02:03 GMT
script.js
1337x1.wb4.xyz/ Frame A7CA 		90 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1337x1.wb4.xyz/script.js?t=20239284
Requested by
Host: 1337x1.wb4.xyz
URL: https://1337x1.wb4.xyz/2019/05/tukh-malanga-chia-seeds.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.135.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
bb81c521c328cf4dce09e15b0f34795e68d447f46a0c4007084689d10b6f20e1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1337x1.wb4.xyz/2019/05/tukh-malanga-chia-seeds.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 04:02:03 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Sat, 28 Oct 2023 04:01:39 GMT
server
cloudflare
age
24
x-powered-by
PHP/7.4.33
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2Bq%2FUPmGZzwN%2FFdP7W89cTxkkpLTKySV6kdvnf6v6S5a4dMelC5WPZvc4hMT1ynGlDF3KIQghI5lx6buVeE%2Bb0y%2FQUZp3MYnVoEXXEEbI3FoM85cdrEsR1JgaWU7hQFzNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
81d047f2e833b790-AMS
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/ Frame A7CA 		222 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-32THDDHNK8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46789381-49
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
c54237667ac6ad9e7e9d7f8cf6fbebb157dc8e35654615c3590582611dbda803
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1337x1.wb4.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 04:02:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80651
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 28 Oct 2023 04:02:03 GMT
analytics.js
www.google-analytics.com/ Frame A7CA 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46789381-49
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1337x1.wb4.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 28 Oct 2023 03:51:32 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
631
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 28 Oct 2023 05:51:32 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 7505 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: xdiwbc.com
URL: https://xdiwbc.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsInNyYyI6Mn0=eyJ.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.btc747.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 04:02:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51007
x-xss-protection
0
server
cafe
etag
5649156532169294144
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 28 Oct 2023 04:02:03 GMT
abs
ptxhzp.com/ Frame 7505 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ptxhzp.com/abs?f=8&wid=465053&di=xdiwbc.com&dl=tdmrfw.com&d=www1.btc747.xyz&lok=1&abf=0
Requested by
Host: xdiwbc.com
URL: https://xdiwbc.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsInNyYyI6Mn0=eyJ.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.162.85.4 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.btc747.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 28 Oct 2023 04:02:04 GMT
access-control-allow-credentials
true
server
nginx/1.18.0
accept-ch
Sec-CH-UA-Platform-Version
content-length
0
w.js
jswww.net/ Frame A7CA 		19 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jswww.net/w.js?isr=1&wtoken=98963dc7-1c2d-49d5-bc4b-859b47dfca0e&u=950444&t=2064&sid=1337x1.wb4.xyz&r=0.5066916474396359
Requested by
Host: 1337x1.wb4.xyz
URL: https://1337x1.wb4.xyz/script.js?t=20239284
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
109.206.168.17 , United States, ASN50245 (SERVEREL-AS, US),
Reverse DNS
109.206.168.17.serverel.net
Software
binder-v5.8.5.1 /
Resource Hash
59a4fac7342f6853c8a22321b87732aa5cf819c085a1d9ae0b9cc4ed220f6dc3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1337x1.wb4.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 04:02:03 GMT
x-response-code
20200
server
binder-v5.8.5.1
access-control-allow-methods
GET, POST
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
access-control-allow-headers
*
content-length
19647
C7yCeVzEPrIohRfaGQ9iouOV80bjBFe4BwmbZkVM.png
imcdn.co/ Frame 07C3
Redirect Chain
  • https://cdnid.net/b2/l/i/icon?cid=1&did=RXxHUGQ&eid=10592&n=74fdc9fe053e159751659329&nid=1&sid=GuVf4ioaRcctons%2FfAgS1nDu8ZKq68GsV648rgaGPDfbakQERVVV774ACKiBMteBZoTTngJRCx73CI5HQknXAEdqffDEyGpo6Vka...
  • https://imcdn.co/C7yCeVzEPrIohRfaGQ9iouOV80bjBFe4BwmbZkVM.png
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imcdn.co/C7yCeVzEPrIohRfaGQ9iouOV80bjBFe4BwmbZkVM.png
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
104.21.234.72 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e4be01a163246691ecf0cdebed0e5620e8679e25ce2d3b457f5c1eafae413eeb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 04:02:05 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Oct 2023 14:57:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
306263
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WSAGc6vGHAmSEG%2FVWl2QQ7nt7WYeJloj8uN%2FSx9vgC3f%2BVsmCHEaRdPy4LFImyIPXlJEL1yNh19dqEKwFLlDMn3I0gTlzy14gi1HBPbZ0EGSlYcR915rZrDmwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
81d04802ecc93a70-FRA
alt-svc
h3=":443"; ma=86400
content-length
4028
expires
Thu, 23 Nov 2023 14:57:42 GMT

Redirect headers

location
https://imcdn.co/C7yCeVzEPrIohRfaGQ9iouOV80bjBFe4BwmbZkVM.png
date
Sat, 28 Oct 2023 04:02:04 GMT
referrer-policy
no-referrer, no-referrer
server
dspclick-v3.9.0
content-length
0
ptbWgmjzFLnMOFJ6D7aDV0X6NmUQ9MLDVEbEeNUp.png
imcdn.co/ Frame 07C3
Redirect Chain
  • https://cdnid.net/b2/l/i/icon?cid=1&did=e09laW4&eid=10592&n=fbce70426afb3b2a3bc05761&nid=1&sid=aVZn4jPVsuBjYRxmZ5UbnWYa6tTX9KMmV93bHwEWspwSaGTaAjm5QItE2nn%2BYhWRlib1zl%2BadEgNoe%2FYrvUpzDWfeK%2Fty6...
  • https://imcdn.co/ptbWgmjzFLnMOFJ6D7aDV0X6NmUQ9MLDVEbEeNUp.png
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imcdn.co/ptbWgmjzFLnMOFJ6D7aDV0X6NmUQ9MLDVEbEeNUp.png
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
104.21.234.72 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 04:02:05 GMT
cf-cache-status
HIT
last-modified
Fri, 29 Sep 2023 03:22:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2507988
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x7qTHA6fCDt29mTMmERx%2Bs%2B1l1MhgW10ZfAXLRBAVmHVDfCbf3xHP%2FH8ssr4y%2FnEXY7TjpSU9nv747BWXpzcGECicZNclosZB0HmIDmZ%2FSeNx2zvcxQ2%2FfKtgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
81d04802ecca3a70-FRA
alt-svc
h3=":443"; ma=86400
content-length
3970
expires
Sun, 29 Oct 2023 03:22:17 GMT

Redirect headers

location
https://imcdn.co/ptbWgmjzFLnMOFJ6D7aDV0X6NmUQ9MLDVEbEeNUp.png
date
Sat, 28 Oct 2023 04:02:04 GMT
referrer-policy
no-referrer, no-referrer
server
dspclick-v3.9.0
content-length
0
317urqDu1FufnzaNFh4vUEsN6jaiUstzubSxWhhc.png
imcdn.co/ Frame 07C3
Redirect Chain
  • https://cdnid.net/b2/l/i/icon?cid=1&did=T3xDRUQ&eid=10592&n=abc4a1523be6be27f4696dfd&nid=1&sid=91j1eWIejPDpFcen31iyHzOo64L1iA%2Fi%2B2xosXI%2FijvrRs6%2FwUXJTDY%2B99S%2FhwRB2No7bOe0Tw7gAnElhCwMcCpX0O...
  • https://imcdn.co/317urqDu1FufnzaNFh4vUEsN6jaiUstzubSxWhhc.png
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imcdn.co/317urqDu1FufnzaNFh4vUEsN6jaiUstzubSxWhhc.png
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
104.21.234.72 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
375c4282102066862504f7dfc6bebdcae26b2f71f79854b9a35afb201f84cdb0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 04:02:05 GMT
cf-cache-status
HIT
last-modified
Fri, 13 Oct 2023 16:55:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1249595
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8kavgn1kde18q7pLpDQb1Ir2pwY9DLtaWEFV8KnDgKRQm9GQ9unLlpnGwYK2Z%2BeEtxt8ebQ2YPOfyYhN%2Byt27OGXI9ezBbLSmPO0elrlggnYrGsTlL69pJkDKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
81d04802eccc3a70-FRA
alt-svc
h3=":443"; ma=86400
content-length
4102
expires
Sun, 12 Nov 2023 16:55:30 GMT

Redirect headers

location
https://imcdn.co/317urqDu1FufnzaNFh4vUEsN6jaiUstzubSxWhhc.png
date
Sat, 28 Oct 2023 04:02:05 GMT
referrer-policy
no-referrer, no-referrer
server
dspclick-v3.9.0
content-length
0
mE3BkCCIfuFgEbjuGCMLXCzFW7ODRCOp8YxFTMYy.png
imcdn.co/ Frame 07C3
Redirect Chain
  • https://cdnid.net/b2/l/i/icon?cid=1&did=YE1XRUA&eid=10592&n=4c89e10c4c8c470c7680a7de&nid=1&sid=nGnh0dHR76lD%2B9aACHYyAMhncxAY491IAwXdN6E%2FZF8057m%2BMGkN4zHquPq%2F2k9WRG0nWLHdzFAW3vkHI6VelZ7TpaAa0s...
  • https://imcdn.co/mE3BkCCIfuFgEbjuGCMLXCzFW7ODRCOp8YxFTMYy.png
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imcdn.co/mE3BkCCIfuFgEbjuGCMLXCzFW7ODRCOp8YxFTMYy.png
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
104.21.234.72 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
58482e88e0ba0e82a1196036c48a0678f5dc1a071a1663b5ee34da815445ef28

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 04:02:05 GMT
cf-cache-status
HIT
last-modified
Fri, 29 Sep 2023 03:24:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2507882
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2BV5v25dfu35G3LFyaXOpcp%2BbT9xJdUe%2B2eFwugLW6VgqxLGtc0frlvkNy7RWzZupX5ZNgfeiTMWJINpK0A0yepdB%2FtPQJMKTipbWXkQbqpcubHNn0wPvkseYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
81d04802eccb3a70-FRA
alt-svc
h3=":443"; ma=86400
content-length
3906
expires
Sun, 29 Oct 2023 03:24:03 GMT

Redirect headers

location
https://imcdn.co/mE3BkCCIfuFgEbjuGCMLXCzFW7ODRCOp8YxFTMYy.png
date
Sat, 28 Oct 2023 04:02:04 GMT
referrer-policy
no-referrer, no-referrer
server
dspclick-v3.9.0
content-length
0

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| gtag object| dataLayer object| google_tag_manager object| google_tag_data

1 Cookies

Domain/Path Name / Value
.autoconfig.jiotvonline.com/ Name: autoconfig_jiotvonline_com
Value: o5t4luddcdh0fa47o6nnrtsvn0

1 Console Messages

Source Level URL
Text
network error URL: http://autoconfig.jiotvonline.com/error.html
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1337x1.wb4.xyz
ad.a-ads.com
autoconfig.jiotvonline.com
cdnid.net
fasty11.site
imcdn.co
jswww.net
pagead2.googlesyndication.com
ptxhzp.com
static.a-ads.com
tdmrfw.com
wivyiz.com
www.google-analytics.com
www.googletagmanager.com
www1.btc747.xyz
xdiwbc.com
104.21.234.72
104.21.88.78
109.206.162.121
109.206.168.17
142.250.181.226
142.250.185.104
142.250.185.110
172.67.135.38
172.67.174.11
178.63.97.71
185.162.85.14
185.162.85.2
185.162.85.4
188.114.97.3
45.87.41.89
12eb58c1b41a3549eae7919876d0abf4e0669263e30f57015c799c2a5e6be529
2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384
375c4282102066862504f7dfc6bebdcae26b2f71f79854b9a35afb201f84cdb0
56979661e60a2854395bfa60af743f37f059f7974e404fa38fc459952b8b09b4
58482e88e0ba0e82a1196036c48a0678f5dc1a071a1663b5ee34da815445ef28
59a4fac7342f6853c8a22321b87732aa5cf819c085a1d9ae0b9cc4ed220f6dc3
5cf5a47b185515c06e3f112055f3b21fbaed678aaeeeb5c1d65aec5cca5ba2b7
62c7ba6bd99ff372731aeb96a47064758990819ef4642fdfac664384f09f1bbe
70c98c1223cf4e1d32749651acf3d293ac9ca8087927d6fb9066ddf455b05c8e
725ebd8bf9e6f8daad044ffcd93cb76f463b22e3f29e3ab78844e860a75e6ce1
7423a1f77e344824dc7e8a8a4fd4956a3d0c78f1552b141a338203b54dd09262
83158abe9fbeeca5ad604a91b6cd85f9ca72e74742ea7de3ef12f8c2bc0b1910
9684b032107c042837bd4fb21eeb41e94d1ae25fe1c31314c35e6ff863842e69
99262cf14b9cc66dc28995a10253b7025649240b73a10bbc57f8d0cfd471bf56
a0271d5518cf46a6d41147226cd4d79f6541e0190824cb35a01225008f5ab114
a09c3861cdd1efedb1cf03d206452f767572fd79a2d758ecad14fb2f291a802d
ac03b241013f29a29e2960d28b74ac3a15da00d084cc70fbb4595a0e4b734a3d
b69c86367c2201d34fee810ea69c37396905c36c9a44ad91d304d345a6b4001a
bb81c521c328cf4dce09e15b0f34795e68d447f46a0c4007084689d10b6f20e1
c54237667ac6ad9e7e9d7f8cf6fbebb157dc8e35654615c3590582611dbda803
cabb7daed2a87b13f2837f8710d91fefaa9dd76c924d805606c484baf393a083
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4be01a163246691ecf0cdebed0e5620e8679e25ce2d3b457f5c1eafae413eeb