foxtrot.city Open in urlscan Pro
104.21.24.144 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pay-bet.fun/?target=3uaceptdiufk3kewkupahwlai+2vnbl8ngmj3bpatma0wh5xaqjduo/kko88tqkrm2tobsg+lqo+6nksuwfkm8po...
Effective URL:
https://foxtrot.city/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70M4cBog2UfEExcXtiyIJxqB6lk0Wnbe8s8grSyoC4u8DEHP93V...
Submission: On January 28 via api (January 28th 2024, 11:16:21 pm UTC) from US — Scanned from US

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 11 domains to perform 11 HTTP transactions. The main IP is 104.21.24.144, located in and belongs to . The main domain is foxtrot.city.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 27th 2023. Valid for: a year.

This is the only time foxtrot.city was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	172.67.202.154 172.67.202.154	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	172.67.174.147 172.67.174.147	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	172.67.137.77 172.67.137.77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	172.67.155.129 172.67.155.129	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.49.147 104.21.49.147	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.135.236 172.67.135.236	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.61.141 104.21.61.141	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.78.4 104.21.78.4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.5.216 104.21.5.216	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.25.41 104.21.25.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.21.24.144 104.21.24.144	() ()
11	8

2 172.67.202.154 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

pay-bet.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.174.147 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

pay-ecom.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.137.77 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

chopa.run	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.155.129 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

lima.mobi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.49.147 (None, )

ASN13335 (CLOUDFLARENET, US)

xray.mobi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.135.236 (United States)

ASN13335 (CLOUDFLARENET, US)

ecom-pay.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.61.141 (None, )

ASN13335 (CLOUDFLARENET, US)

ecom-pay.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.78.4 (None, )

ASN13335 (CLOUDFLARENET, US)

inda.run	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.5.216 (None, )

ASN13335 (CLOUDFLARENET, US)

pay-bet.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.25.41 (None, )

ASN13335 (CLOUDFLARENET, US)

pay-ecom.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.21.24.144 (None, )

ASN- ()

foxtrot.city	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	foxtrot.city foxtrot.city	2 KB
2	pay-bet.fun 2 redirects pay-bet.fun	1 KB
1	pay-ecom.fun pay-ecom.fun	833 B
1	pay-bet.tech pay-bet.tech	808 B
1	inda.run inda.run	771 B
1	ecom-pay.site ecom-pay.site	780 B
1	ecom-pay.tech ecom-pay.tech	746 B
1	xray.mobi xray.mobi	724 B
1	lima.mobi 1 redirects lima.mobi	524 B
1	chopa.run 1 redirects chopa.run	514 B
1	pay-ecom.xyz 1 redirects pay-ecom.xyz	498 B
11	11

	Domain	Requested by
4	foxtrot.city
2	pay-bet.fun	2 redirects
1	pay-ecom.fun
1	pay-bet.tech
1	inda.run
1	ecom-pay.site
1	ecom-pay.tech
1	xray.mobi
1	lima.mobi	1 redirects
1	chopa.run	1 redirects
1	pay-ecom.xyz	1 redirects
11	11

This site contains no links.

Subject Issuer	Validity	Valid
xray.mobi GTS CA 1P5	`2023-12-26` - `2024-03-25`	3 months	crt.sh
ecom-pay.tech GTS CA 1P5	`2023-12-25` - `2024-03-24`	3 months	crt.sh
ecom-pay.site GTS CA 1P5	`2023-12-25` - `2024-03-24`	3 months	crt.sh
inda.run GTS CA 1P5	`2024-01-16` - `2024-04-15`	3 months	crt.sh
pay-bet.tech E1	`2023-12-25` - `2024-03-24`	3 months	crt.sh
pay-ecom.fun GTS CA 1P5	`2023-12-25` - `2024-03-24`	3 months	crt.sh
foxtrot.city Cloudflare Inc ECC CA-3	`2023-12-27` - `2024-12-26`	a year	crt.sh

This page contains 1 frames:

Frame: https://foxtrot.city/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70M4cBog2UfEExcXtiyIJxqB6lk0Wnbe8s8grSyoC4u8DEHP93VSPeTMUlV%2BLxCmWgKwqvxot0YrMlcPu6CmPjkIyzfLdrdeGDAOPy5ErGmMn8aJigirJ7K7r25iAFKXVHMwCaaxsqovJRZ%2Bfczfyfg5Od9FXYroX%2B8Ljj6COttTHsUh9HONbjrqg%3D%3D
Frame ID: F6C96F14D29B7658CF880CED80FDBD43
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://pay-bet.fun/?target=3uaceptdiufk3kewkupahwlai+2vnbl8ngmj3bpatma0wh5xaqjduo/kko88tqkrm2to... HTTP 301
https://pay-bet.fun/?target=3uaceptdiufk3kewkupahwlai+2vnbl8ngmj3bpatma0wh5xaqjduo/kko88tqkrm2to... HTTP 302
https://pay-ecom.xyz/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70MkM46kWhXBQ0JAos%3D HTTP 302
https://chopa.run/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70M4cBog2UfEExcXtiyIJxqdqclynLO... HTTP 302
https://lima.mobi/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70M4cBog2UfEExcXtiyIJxqB6lk0Wnb... HTTP 302
https://xray.mobi/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70M4cBog2UfEExcXtiyIJxqB6lk0Wnb... Page URL
https://ecom-pay.tech/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70M4cBog2UfEExcXtiyIJxqB6lk0Wnb... Page URL
https://ecom-pay.site/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70M4cBog2UfEExcXtiyIJxqB6lk0Wnb... Page URL
https://inda.run/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70M4cBog2UfEExcXtiyIJxqB6lk0Wnb... Page URL
https://pay-bet.tech/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70M4cBog2UfEExcXtiyIJxqB6lk0Wnb... Page URL
https://pay-ecom.fun/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70M4cBog2UfEExcXtiyIJxqB6lk0Wnb... Page URL
https://foxtrot.city/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70M4cBog2UfEExcXtiyIJxqB6lk0Wnb... Page URL
https://foxtrot.city/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70M4cBog2UfEExcXtiyIJxqB6lk0Wnb... Page URL
https://foxtrot.city/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70M4cBog2UfEExcXtiyIJxqB6lk0Wnb... Page URL
https://foxtrot.city/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70M4cBog2UfEExcXtiyIJxqB6lk0Wnb... Page URL

Page Statistics

11
Requests

91 %
HTTPS

0 %
IPv6

11
Domains

11
Subdomains

8
IPs

2
Countries

7 kB
Transfer

5 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pay-bet.fun/?target=3uaceptdiufk3kewkupahwlai+2vnbl8ngmj3bpatma0wh5xaqjduo/kko88tqkrm2tobsg+lqo+6nksuwfkm8pot+6tj1hq HTTP 301
https://pay-bet.fun/?target=3uaceptdiufk3kewkupahwlai+2vnbl8ngmj3bpatma0wh5xaqjduo/kko88tqkrm2tobsg+lqo+6nksuwfkm8pot+6tj1hq HTTP 302
https://pay-ecom.xyz/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70MkM46kWhXBQ0JAos%3D HTTP 302
https://chopa.run/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70M4cBog2UfEExcXtiyIJxqdqclynLOasd0xac%3D HTTP 302
https://lima.mobi/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70M4cBog2UfEExcXtiyIJxqB6lk0Wnbe8s8grSy0SBg6igDYZKAGeM%3D HTTP 302
https://xray.mobi/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70M4cBog2UfEExcXtiyIJxqB6lk0Wnbe8s8grSyoC4u8DEHP93VSPeTQEcP%2BalexydflL8%3D Page URL
https://ecom-pay.tech/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70M4cBog2UfEExcXtiyIJxqB6lk0Wnbe8s8grSyoC4u8DEHP93VSPeTMUlV%2BLxCmWgKwqvx09NfvNJUY7zZ1Ks%3D Page URL
https://ecom-pay.site/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70M4cBog2UfEExcXtiyIJxqB6lk0Wnbe8s8grSyoC4u8DEHP93VSPeTMUlV%2BLxCmWgKwqvxot0YrMlcPu6CmPjkIyzfLavTP3DbMKHrSf71 Page URL
https://inda.run/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70M4cBog2UfEExcXtiyIJxqB6lk0Wnbe8s8grSyoC4u8DEHP93VSPeTMUlV%2BLxCmWgKwqvxot0YrMlcPu6CmPjkIyzfLdrdeGDAOPy5ErGmMn8aJihTotXX%2Frnn2E4TAg%3D%3D Page URL
https://pay-bet.tech/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70M4cBog2UfEExcXtiyIJxqB6lk0Wnbe8s8grSyoC4u8DEHP93VSPeTMUlV%2BLxCmWgKwqvxot0YrMlcPu6CmPjkIyzfLdrdeGDAOPy5ErGmMn8aJigirJ7K7r25iAFKXSDCkjSXjtjv8oJQ Page URL
https://pay-ecom.fun/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70M4cBog2UfEExcXtiyIJxqB6lk0Wnbe8s8grSyoC4u8DEHP93VSPeTMUlV%2BLxCmWgKwqvxot0YrMlcPu6CmPjkIyzfLdrdeGDAOPy5ErGmMn8aJigirJ7K7r25iAFKXVHMwCaaxsqovJRZ%2Bfczf1butvVwXWNq9Cvv Page URL
https://foxtrot.city/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70M4cBog2UfEExcXtiyIJxqB6lk0Wnbe8s8grSyoC4u8DEHP93VSPeTMUlV%2BLxCmWgKwqvxot0YrMlcPu6CmPjkIyzfLdrdeGDAOPy5ErGmMn8aJigirJ7K7r25iAFKXVHMwCaaxsqovJRZ%2Bfczfyfg5Od9FXYroX%2B8Ljj6COttTHsUh9HONbjrqg%3D%3D Page URL
https://foxtrot.city/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70M4cBog2UfEExcXtiyIJxqB6lk0Wnbe8s8grSyoC4u8DEHP93VSPeTMUlV%2BLxCmWgKwqvxot0YrMlcPu6CmPjkIyzfLdrdeGDAOPy5ErGmMn8aJigirJ7K7r25iAFKXVHMwCaaxsqovJRZ%2Bfczfyfg5Od9FXYroX%2B8Ljj6COttTHsUh9HONbjrqg%3D%3D Page URL
https://foxtrot.city/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70M4cBog2UfEExcXtiyIJxqB6lk0Wnbe8s8grSyoC4u8DEHP93VSPeTMUlV%2BLxCmWgKwqvxot0YrMlcPu6CmPjkIyzfLdrdeGDAOPy5ErGmMn8aJigirJ7K7r25iAFKXVHMwCaaxsqovJRZ%2Bfczfyfg5Od9FXYroX%2B8Ljj6COttTHsUh9HONbjrqg%3D%3D Page URL
https://foxtrot.city/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70M4cBog2UfEExcXtiyIJxqB6lk0Wnbe8s8grSyoC4u8DEHP93VSPeTMUlV%2BLxCmWgKwqvxot0YrMlcPu6CmPjkIyzfLdrdeGDAOPy5ErGmMn8aJigirJ7K7r25iAFKXVHMwCaaxsqovJRZ%2Bfczfyfg5Od9FXYroX%2B8Ljj6COttTHsUh9HONbjrqg%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://pay-bet.fun/?target=3uaceptdiufk3kewkupahwlai+2vnbl8ngmj3bpatma0wh5xaqjduo/kko88tqkrm2tobsg+lqo+6nksuwfkm8pot+6tj1hq HTTP 301
https://pay-bet.fun/?target=3uaceptdiufk3kewkupahwlai+2vnbl8ngmj3bpatma0wh5xaqjduo/kko88tqkrm2tobsg+lqo+6nksuwfkm8pot+6tj1hq HTTP 302
https://pay-ecom.xyz/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70MkM46kWhXBQ0JAos%3D HTTP 302
https://chopa.run/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70M4cBog2UfEExcXtiyIJxqdqclynLOasd0xac%3D HTTP 302
https://lima.mobi/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70M4cBog2UfEExcXtiyIJxqB6lk0Wnbe8s8grSy0SBg6igDYZKAGeM%3D HTTP 302
https://xray.mobi/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70M4cBog2UfEExcXtiyIJxqB6lk0Wnbe8s8grSyoC4u8DEHP93VSPeTQEcP%2BalexydflL8%3D

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ xray.mobi/ Redirect Chain http://pay-bet.fun/?target=3uaceptdiufk3kewkupahwlai+2vnbl8ngmj3bpatma0wh5xaqjduo/kko88tqkrm2tobsg+lqo+6nksuwfkm8pot+6tj1hq https://pay-bet.fun/?target=3uaceptdiufk3kewkupahwlai+2vnbl8ngmj3bpatma0wh5xaqjduo/kko88tqkrm2tobsg+lqo+6nksuwfkm8pot+6tj1hq https://pay-ecom.xyz/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70MkM46kWhXBQ0JAos%3D https://chopa.run/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70M4cBog2UfEExcXtiyIJxqdqclynLOasd0xac%3D https://lima.mobi/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70M4cBog2UfEExcXtiyIJxqB6lk0Wnbe8s8grSy0SBg6igDYZKAGeM%3D https://xray.mobi/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70M4cBog2UfEExcXtiyIJxqB6lk0Wnbe8s8grSyoC4u8DEHP93VSPeTQEcP%2BalexydflL8%3D	575 B 724 B	496ms 389ms	Document text/html	104.21.49.147 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xray.mobi/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70M4cBog2UfEExcXtiyIJxqB6lk0Wnbe8s8grSyoC4u8DEHP93VSPeTQEcP%2BalexydflL8%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.49.147 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.4.16 Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 84ccf1305ead5170-DEN content-encoding br content-type text/html date Sun, 28 Jan 2024 23:16:16 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z2gpca5WQsS93Auuao5szX6cEQTOrwMAu2yrI8L7%2FuSMoyXL5dA6utslXxxiHdSRe1KY1qHfP6DGHdqjDft8vxW2QxsrMYlgsf6ZjrO9aTulHa5ch6az6J5nNoM%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/5.4.16 Redirect headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 84ccf12c08921f29-DEN content-type text/html date Sun, 28 Jan 2024 23:16:15 GMT location https://xray.mobi?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70M4cBog2UfEExcXtiyIJxqB6lk0Wnbe8s8grSyoC4u8DEHP93VSPeTQEcP%2BalexydflL8%3D nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f82GAZ0lrTPRZ9kVPV0YcpzBtGUSl8NpLQd5qv8Orrh5oCDfV%2FDN%2BtLzxDh%2B07wAzX6qKtRW8tJSF%2FiZ4f1gwmetLLSPiH8BQ4HbHdpEJtBX%2BQyx1by6a%2F9I5ac%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/5.4.16
GET H2	200	/ ecom-pay.tech/	611 B 746 B	465ms 347ms	Document text/html	172.67.135.236 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ecom-pay.tech/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70M4cBog2UfEExcXtiyIJxqB6lk0Wnbe8s8grSyoC4u8DEHP93VSPeTMUlV%2BLxCmWgKwqvx09NfvNJUY7zZ1Ks%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.135.236 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.4.16 Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 84ccf134fd2d7989-DEN content-encoding br content-type text/html date Sun, 28 Jan 2024 23:16:17 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i6B1TsuJ7H4FxDdVIedVNu5TLcKinDuleYK%2Fe9TvyIb7JanaAZidZ7bnNMK4YDPGkj5ZlkXGyILTZGNv45IAp1xZhuxJsMRj615GxdZ53OM3ZREQY5uA%2FwLER4tzt0ht"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/5.4.16
GET H2	200	/ ecom-pay.site/	661 B 780 B	507ms 406ms	Document text/html	104.21.61.141 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ecom-pay.site/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70M4cBog2UfEExcXtiyIJxqB6lk0Wnbe8s8grSyoC4u8DEHP93VSPeTMUlV%2BLxCmWgKwqvxot0YrMlcPu6CmPjkIyzfLavTP3DbMKHrSf71 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.61.141 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.4.16 Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 84ccf1391ed6533c-DEN content-encoding br content-type text/html date Sun, 28 Jan 2024 23:16:17 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FL0E323iqZ%2F3QbCG3U1shwqvxtlM52vP3H%2FhWLfdl7mfTNwvkDQ8kVzqKEdTw%2FOPublVUVzGbfKI13YyTu9RnndmuEDeCpX4zFcGZVyt7tTHDncUgrxop16FbTrMKI23"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/5.4.16
GET H2	200	/ inda.run/	681 B 771 B	449ms 353ms	Document text/html	104.21.78.4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://inda.run/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70M4cBog2UfEExcXtiyIJxqB6lk0Wnbe8s8grSyoC4u8DEHP93VSPeTMUlV%2BLxCmWgKwqvxot0YrMlcPu6CmPjkIyzfLdrdeGDAOPy5ErGmMn8aJihTotXX%2Frnn2E4TAg%3D%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.78.4 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.4.16 Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 84ccf13eead01f29-DEN content-encoding br content-type text/html date Sun, 28 Jan 2024 23:16:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m7Cnl7eWkxaulic4ROmwAIyXdKVuwc6fwin%2FFJT5jeikCv%2BeOP2fHpnI7U93BbKPUedtxomx05VycM7Vyb9DOK1TcrfvMeEZOEwoDLgLXKtKVtp518obcgdHcQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/5.4.16
GET H2	200	/ pay-bet.tech/	725 B 808 B	478ms 383ms	Document text/html	104.21.5.216 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pay-bet.tech/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70M4cBog2UfEExcXtiyIJxqB6lk0Wnbe8s8grSyoC4u8DEHP93VSPeTMUlV%2BLxCmWgKwqvxot0YrMlcPu6CmPjkIyzfLdrdeGDAOPy5ErGmMn8aJigirJ7K7r25iAFKXSDCkjSXjtjv8oJQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.5.216 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.4.16 Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 84ccf1429ae951df-DEN content-encoding br content-type text/html date Sun, 28 Jan 2024 23:16:19 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YQHj%2BtuNTcPAzpjLGDv0SaV5lpKu1K39e%2FSKyhYzSh9%2BdFGf17bJZb%2FurcDozZus7b4%2FTTYgyYhPqT1KynMcy3%2BKF4Z9hZWPEnUmmk53wWLdRk0gHPseAinMc1chxfQ%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/5.4.16
GET H2	200	/ pay-ecom.fun/	785 B 833 B	428ms 335ms	Document text/html	104.21.25.41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pay-ecom.fun/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70M4cBog2UfEExcXtiyIJxqB6lk0Wnbe8s8grSyoC4u8DEHP93VSPeTMUlV%2BLxCmWgKwqvxot0YrMlcPu6CmPjkIyzfLdrdeGDAOPy5ErGmMn8aJigirJ7K7r25iAFKXVHMwCaaxsqovJRZ%2Bfczf1butvVwXWNq9Cvv Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.25.41 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.4.16 Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 84ccf145ad62519a-DEN content-encoding br content-type text/html date Sun, 28 Jan 2024 23:16:19 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F6dX7ywxDWINgEgu1HyTKOtmjeEJC%2Fk1cG8K2YqBvz%2FXKIVjwKzLzY%2F%2BQtyPFJqiQC%2BkcTIkmLNNDplt%2FgcfdciJZISdIm0yzJ91CsF%2FGrXgJoAcKbCLniuj%2FCuDZ00%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/5.4.16
GET H2	200	/ foxtrot.city/	261 B 591 B	407ms 218ms	Document text/html	104.21.24.144
General Check archive.org Show headers Download Go to Full URL https://foxtrot.city/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70M4cBog2UfEExcXtiyIJxqB6lk0Wnbe8s8grSyoC4u8DEHP93VSPeTMUlV%2BLxCmWgKwqvxot0YrMlcPu6CmPjkIyzfLdrdeGDAOPy5ErGmMn8aJigirJ7K7r25iAFKXVHMwCaaxsqovJRZ%2Bfczfyfg5Od9FXYroX%2B8Ljj6COttTHsUh9HONbjrqg%3D%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.24.144 -, , ASN (), Reverse DNS Software cloudflare / PHP/5.4.16 Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 84ccf1490f8b5207-DEN content-encoding br content-type text/html date Sun, 28 Jan 2024 23:16:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B5zMr%2F7CoojLE0ZVRbmRSkBdBQeatMUkJFhxX9333YoV3o%2Fiqdj7EMg%2FakVpSX8UDWYrl6KDZSTb19Gy9d%2FfP5gynaCwkAORsVmV8poa6oP25pZyCbK8O6EqQhQOv%2BM%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/5.4.16
GET H2	200	/ foxtrot.city/	261 B 400 B	217ms 215ms	Document text/html	104.21.24.144
General Check archive.org Show headers Download Go to Full URL https://foxtrot.city/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70M4cBog2UfEExcXtiyIJxqB6lk0Wnbe8s8grSyoC4u8DEHP93VSPeTMUlV%2BLxCmWgKwqvxot0YrMlcPu6CmPjkIyzfLdrdeGDAOPy5ErGmMn8aJigirJ7K7r25iAFKXVHMwCaaxsqovJRZ%2Bfczfyfg5Od9FXYroX%2B8Ljj6COttTHsUh9HONbjrqg%3D%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.24.144 -, , ASN (), Reverse DNS Software cloudflare / PHP/5.4.16 Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 84ccf14bdc2a5207-DEN content-encoding br content-type text/html date Sun, 28 Jan 2024 23:16:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3etCCwNoIL8G85ZI0bhP6KhQNQUAu1WRMxSx7dphUQmpY4YXslsRyZvPRs9HVbdrQyMkloNMq32Sit4dIt5vNyy3nnok%2BDaDhaV9z47JiVRgGDU2sAntdt5lW6WWwCY%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/5.4.16
GET H3	200	/ foxtrot.city/	261 B 601 B	231ms 230ms	Document text/html	104.21.24.144
General Check archive.org Show headers Download Go to Full URL https://foxtrot.city/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70M4cBog2UfEExcXtiyIJxqB6lk0Wnbe8s8grSyoC4u8DEHP93VSPeTMUlV%2BLxCmWgKwqvxot0YrMlcPu6CmPjkIyzfLdrdeGDAOPy5ErGmMn8aJigirJ7K7r25iAFKXVHMwCaaxsqovJRZ%2Bfczfyfg5Od9FXYroX%2B8Ljj6COttTHsUh9HONbjrqg%3D%3D Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.24.144 -, , ASN (), Reverse DNS Software cloudflare / PHP/5.4.16 Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 84ccf14d4859519e-DEN content-encoding br content-type text/html date Sun, 28 Jan 2024 23:16:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QIP8y2R4%2FvK0NhLtR2GzRORDBFqe6uUArGblZZjWdgz56wo%2Fxzdbsp9w3%2FTjDGoLtj73vDP9nBlE%2BNjPCkNKJkF9LPQcZvwl3WdsZWGu7komYOEwEWzr2JXHPIR1T8M%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/5.4.16
GET H3	200	Primary Request / foxtrot.city/	261 B 562 B	224ms 223ms	Document text/html	104.21.24.144
General Check archive.org Show headers Download Go to Full URL https://foxtrot.city/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70M4cBog2UfEExcXtiyIJxqB6lk0Wnbe8s8grSyoC4u8DEHP93VSPeTMUlV%2BLxCmWgKwqvxot0YrMlcPu6CmPjkIyzfLdrdeGDAOPy5ErGmMn8aJigirJ7K7r25iAFKXVHMwCaaxsqovJRZ%2Bfczfyfg5Od9FXYroX%2B8Ljj6COttTHsUh9HONbjrqg%3D%3D Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.24.144 -, , ASN (), Reverse DNS Software cloudflare / PHP/5.4.16 Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 84ccf14ed9d3519e-DEN content-encoding br content-type text/html date Sun, 28 Jan 2024 23:16:21 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g3XNZtzCofe6WPwdsQ%2BB1M38tbjVB8OFVlUvLVuTFeumYfnCz%2B%2FcPf6C0zctLAnYOk1jJKLDQzA6wGS9q9g%2BIA3uK28uF7Br0NAuhuvABX4bgs21wyhjGlHHfLU27Qs%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/5.4.16
GET		/ foxtrot.city/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: foxtrot.city
URL: https://foxtrot.city/?target=3UAcEPTDiUFK3KeWkUPAhwLAPeOa1B37J1XBy70M4cBog2UfEExcXtiyIJxqB6lk0Wnbe8s8grSyoC4u8DEHP93VSPeTMUlV%2BLxCmWgKwqvxot0YrMlcPu6CmPjkIyzfLdrdeGDAOPy5ErGmMn8aJigirJ7K7r25iAFKXVHMwCaaxsqovJRZ%2Bfczfyfg5Od9FXYroX%2B8Ljj6COttTHsUh9HONbjrqg%3D%3D

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

chopa.run
ecom-pay.site
ecom-pay.tech
foxtrot.city
inda.run
lima.mobi
pay-bet.fun
pay-bet.tech
pay-ecom.fun
pay-ecom.xyz
xray.mobi
foxtrot.city
104.21.24.144
104.21.25.41
104.21.49.147
104.21.5.216
104.21.61.141
104.21.78.4
172.67.135.236
172.67.137.77
172.67.155.129
172.67.174.147
172.67.202.154

foxtrot.city Open in urlscan Pro 104.21.24.144 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

11 Requests

91 %HTTPS

0 %IPv6

11 Domains

11 Subdomains

8 IPs

2 Countries

7 kBTransfer

5 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

Indicators

foxtrot.city Open in urlscan Pro
104.21.24.144 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

91 %
HTTPS

0 %
IPv6

11
Domains

11
Subdomains

8
IPs

2
Countries

7 kB
Transfer

5 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions