btc-time.store Open in urlscan Pro
2606:4700:3035::6815:20af  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request ncMFxV3L55c Show response btc-time.store/	3 KB 2 KB	422ms 393ms	Document text/html	2606:4700:3035::6815:20af CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://btc-time.store/ncMFxV3L55c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:20af , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a41163f48e4ec42661490d0bc0f6fc250558d1f65ffcf0057ebce345a7e18e0d Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Fri, 12 Nov 2021 06:26:07 GMT content-type text/html; charset=UTF-8 cache-control no-cache, no-store, must-revalidate,post-check=0,pre-check=0 expires 0 last-modified Fri, 12 Nov 2021 06:26:06 GMT pragma no-cache vary Accept-Encoding access-control-allow-origin * cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D0AprIKi1ltM%2FttyyUeRqC7sTFAtzgfGpdjd7NdgseZzyMDk7akNdxnrlCTrw4anUR2bJrkS%2FaWj0jzyrkSjpdGWVzjHSYTj%2F9hLpfUFqXZOdmRyR1gjzOImLwa08%2Fn%2Bl7kRnN1zwvnvX1d3DQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6acdafd80e4b4345-FRA content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	css2 fonts.googleapis.com/	7 KB 1 KB	38ms 16ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Open+Sans:wght@700&family=Roboto:wght@400;500&display=swap Requested by Host: btc-time.store URL: https://btc-time.store/ncMFxV3L55c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 15847088efb2b306cae812c6a5e66c0d2c2185c5994766b28a88e6c546fd258f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://btc-time.store/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 12 Nov 2021 06:26:07 GMT server ESF date Fri, 12 Nov 2021 06:26:07 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 12 Nov 2021 06:26:07 GMT
GET H2	200	intlTelInput.css btc-time.store/lander/7898_mon_1st_nb_st/intlTel/css/	18 KB 3 KB	24ms 23ms	Stylesheet text/css	2606:4700:3035::6815:20af CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://btc-time.store/lander/7898_mon_1st_nb_st/intlTel/css/intlTelInput.css Requested by Host: btc-time.store URL: https://btc-time.store/ncMFxV3L55c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:20af , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bbda619cb46d2dabb12b3b88c63cc2e22d3c0e475b4b6fe184d018194d4dda44 Request headers Accept-Language de-DE,de;q=0.9 Referer https://btc-time.store/ncMFxV3L55c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 12 Nov 2021 06:26:07 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 645343 cf-polished origSize=25261 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Wed, 29 Sep 2021 09:56:49 GMT server cloudflare etag W/"61543861-62ad" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T7Log9BcHT9Cxtn7op8NXd5kaGsFLMWmS6pg4V%2FA36EMf1y1TS6%2BSkwHNlDpee9v7WC3ivMaqnzkgmbrtVrGOhOT2%2BxNtPv7hL7tnTAkj0YH5wQYvLVRrRvyngBxh8hjVA45F0rgK%2Fj2%2BWZAMw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * expires Sun, 14 Nov 2021 19:10:24 GMT cache-control max-age=864000 cf-ray 6acdafdadb5f4345-FRA cf-bgj minify
GET H2	200	style.min.css btc-time.store/lander/7898_mon_1st_nb_st/css/	23 KB 5 KB	23ms 22ms	Stylesheet text/css	2606:4700:3035::6815:20af CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://btc-time.store/lander/7898_mon_1st_nb_st/css/style.min.css Requested by Host: btc-time.store URL: https://btc-time.store/ncMFxV3L55c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:20af , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5bfd50d80a0d2d9459284a3389d6198c7e9b72b9792f86b7bec66931e11b617f Request headers Accept-Language de-DE,de;q=0.9 Referer https://btc-time.store/ncMFxV3L55c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 12 Nov 2021 06:26:07 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 374160 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Wed, 29 Sep 2021 09:56:49 GMT server cloudflare etag W/"61543861-5d9b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HMKm6qig4CwT0B5rJupL4bMpIp6ApyX%2BzF%2FdJV2TwR0DmS%2B4wF38sYSXO4vCDYaLkKlL7gRNkogTk6qa%2FOK%2FvuZVvvzokjhcDYmyZUgUTznAgOybpx%2B5uWThDcCX%2Bnahf47lQwFFAIxcMIkyDw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=864000 cf-ray 6acdafdadb604345-FRA expires Wed, 17 Nov 2021 22:30:07 GMT
GET H/1.1	200 OK	reg-one-step.min.js Show response twisterfilestorage.blob.core.windows.net/twister/	277 KB 277 KB	211ms 23ms	Script application/javascript	52.239.243.68 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://twisterfilestorage.blob.core.windows.net/twister/reg-one-step.min.js Requested by Host: btc-time.store URL: https://btc-time.store/ncMFxV3L55c Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.239.243.68 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 5813d5c4b5603296146ec89d9777651ce066af483b8989802a3f080ce684355a Request headers Accept-Language de-DE,de;q=0.9 Referer https://btc-time.store/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob Date Fri, 12 Nov 2021 06:26:06 GMT Last-Modified Wed, 27 Oct 2021 19:12:28 GMT Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 ngQeqziUp/Nbg8y1yHw9Ww== ETag "0x8D9997DB7F22BDE" Content-Type application/javascript x-ms-request-id c153f310-f01e-001a-398e-d76f09000000 x-ms-version 2014-02-14 Content-Disposition Accept-Ranges bytes Content-Length 283622 x-ms-lease-state available
GET H2	200	main-bg.png btc-time.store/lander/7898_mon_1st_nb_st/img/	159 KB 160 KB	14ms 14ms	Image image/png	2606:4700:3035::6815:20af CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://btc-time.store/lander/7898_mon_1st_nb_st/img/main-bg.png Requested by Host: btc-time.store URL: https://btc-time.store/lander/7898_mon_1st_nb_st/css/style.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:20af , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f422c5c9eb095d415a793ca3d142c0a089c9c7cc08ab995e514c2aed8c8f669c Request headers Accept-Language de-DE,de;q=0.9 Referer https://btc-time.store/lander/7898_mon_1st_nb_st/css/style.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 12 Nov 2021 06:26:07 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 293359 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 163145 last-modified Wed, 29 Sep 2021 09:56:49 GMT server cloudflare etag "61543861-27d49" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4zHQQHGKm9yXvlCycRLQKyuTau%2FwvE7oggSbGyBUoo6BMyWFtZQXRbNUSvC9Ah2IWToRKqYD0kundP7U%2B%2BHM1HC4rQPYqL9bJ0MAvXYjkPIlqZF9hs5AAQoBQBSYTLfTcWyt18cUazxfPlvHHA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control max-age=864000 accept-ranges bytes cf-ray 6acdafdb0bba4345-FRA expires Thu, 18 Nov 2021 20:56:48 GMT
GET H2	200	memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2 fonts.gstatic.com/s/opensans/v27/	16 KB 17 KB	140ms 7ms	Font font/woff2	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@700&family=Roboto:wght@400;500&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a61d67250a5c36640e22099937af31613e68d6134439d5d4329efea0372aea79 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://btc-time.store Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 16:22:29 GMT x-content-type-options nosniff age 50618 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16408 x-xss-protection 0 last-modified Thu, 28 Oct 2021 00:30:39 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Fri, 11 Nov 2022 16:22:29 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v29/	15 KB 15 KB	144ms 10ms	Font font/woff2	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@700&family=Roboto:wght@400;500&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://btc-time.store Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Tue, 09 Nov 2021 05:32:01 GMT x-content-type-options nosniff age 262446 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15688 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:19 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 09 Nov 2022 05:32:01 GMT
POST H2	200	track Show response twister.nxportal.biz/api/stats/	15 B 814 B	514ms 482ms	XHR application/json	2606:4700:3037::6815:4047 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://twister.nxportal.biz/api/stats/track Requested by Host: twisterfilestorage.blob.core.windows.net URL: https://twisterfilestorage.blob.core.windows.net/twister/reg-one-step.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:4047 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://btc-time.store/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Fri, 12 Nov 2021 06:26:07 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by PHP/7.2.34 access-control-allow-methods GET, POST, OPTIONS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 pragma no-cache server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-ratelimit-remaining 59 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=izyVFmD84obYWH41a22ySVj6%2F%2FW7AxraVgwD73O9Hm27h0hXgFnky%2B61n1CSc9ZuOn%2Fx%2FSPy9O42YyQCd0zV0JD9G2guq4MdKxD7zWS0fBFYhCyXEfFBQEZ6inPbQj%2F2a0PCFk6nDohgqzGftVtTJjKqmQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range cache-control private, must-revalidate x-ratelimit-limit 60 cf-ray 6acdafdcc8db5b32-FRA access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range expires -1
POST H2	200	track Show response twister.nxportal.biz/api/stats/	15 B 349 B	418ms 387ms	XHR application/json	2606:4700:3037::6815:4047 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://twister.nxportal.biz/api/stats/track Requested by Host: twisterfilestorage.blob.core.windows.net URL: https://twisterfilestorage.blob.core.windows.net/twister/reg-one-step.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:4047 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://btc-time.store/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Fri, 12 Nov 2021 06:26:07 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by PHP/7.2.34 access-control-allow-methods GET, POST, OPTIONS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 pragma no-cache server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-ratelimit-remaining 58 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OB4sQySWV5wmomeEihsukTjN5LnDXE4W%2B7TE3jq7ZdjfUlMYLSb7GiPifvmIksOmIJhTYJMvMEOjfkijJ1BiOtpW5dWzXSRZMXbAnluRvIZ2bhjv2AmalizUSLTrwiqqkv08oKJPdWh17lRrlMHd8Sojnw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range cache-control private, must-revalidate x-ratelimit-limit 60 cf-ray 6acdafdcc8e15b32-FRA access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range expires -1
GET H2	200	7898 Show response twister.nxportal.biz/content/info/	166 B 1 KB	304ms 273ms	XHR application/json	2606:4700:3037::6815:4047 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://twister.nxportal.biz/content/info/7898 Requested by Host: twisterfilestorage.blob.core.windows.net URL: https://twisterfilestorage.blob.core.windows.net/twister/reg-one-step.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:4047 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash d6a95126097f0b69821604659be9117cd25b8409bb53d096305444da489633dc Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://btc-time.store/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 12 Nov 2021 06:26:07 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by PHP/7.2.34 access-control-allow-methods GET, POST, OPTIONS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 pragma no-cache server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0j6e7Ll6lMQylCPrLhMSxjnYxnAkF2gHStmnvclAc4F8JMFJURvVFWc%2F3OMd4hPGYxLhUDT%2BGW7%2Buvf1tS7Tv3Krgk%2BBSPor2poL1ff8ebctNSLZTYgMCMe501kbtRFlghpfuJonUg720xODWIYBtsVBCw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range cache-control private, must-revalidate cf-ray 6acdafdcc8e85b32-FRA access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range expires -1
GET H2	200	5248 Show response twister.nxportal.biz/content/info/	177 B 977 B	316ms 286ms	XHR application/json	2606:4700:3037::6815:4047 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://twister.nxportal.biz/content/info/5248 Requested by Host: twisterfilestorage.blob.core.windows.net URL: https://twisterfilestorage.blob.core.windows.net/twister/reg-one-step.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:4047 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash 8cfa7bec9e570c9b63ee700c6b59f149cb2aa94f5467e46bae8884f94bb0cbbd Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://btc-time.store/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 12 Nov 2021 06:26:07 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by PHP/7.2.34 access-control-allow-methods GET, POST, OPTIONS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 pragma no-cache server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DV%2Bi0F%2FqykYKzdcup94BKFyx5rf6VJna0DjJ%2FMZjSRJehpevlxI%2BCJ2R1ntvzsLf3V3u%2FUz%2FRNXb0aSIh3tlW0Qwfqd2js4kFLblqoqlyoVoGas1A%2FW4sIp76%2FtzCnq22gDFA6fe4j%2Bf%2FCx0jLS0hjtWbQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range cache-control private, must-revalidate cf-ray 6acdafdcc8e45b32-FRA access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range expires -1
GET H2	200	get-geo Show response twister.nxportal.biz/	16 B 845 B	129ms 128ms	XHR application/json	2606:4700:3037::6815:4047 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://twister.nxportal.biz/get-geo Requested by Host: twisterfilestorage.blob.core.windows.net URL: https://twisterfilestorage.blob.core.windows.net/twister/reg-one-step.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:4047 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://btc-time.store/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 12 Nov 2021 06:26:07 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by PHP/7.2.34 access-control-allow-methods GET, POST, OPTIONS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 pragma no-cache server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IBCaY6Nt3l1AqToi44wfn3bPyKZxDZ4acboGfx3DoFx8HDb7ou7O6cvACcmarTiOoOqgvvLW%2FoQmF1gl0117u4ZVz%2BcPmCu1KWesCtWfiUohp3DLIJmLsj%2Bd0j9lxdb5TBiOGQMOdh%2FjhHIVQx8SThDatA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range cache-control private, must-revalidate cf-ray 6acdafde8b735b32-FRA access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range expires -1
GET H2	200	5248 Show response twister.nxportal.biz/get-translate/en/	745 B 1 KB	245ms 244ms	XHR application/json	2606:4700:3037::6815:4047 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://twister.nxportal.biz/get-translate/en/5248?category=landingGeneral,landingService Requested by Host: twisterfilestorage.blob.core.windows.net URL: https://twisterfilestorage.blob.core.windows.net/twister/reg-one-step.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:4047 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash f8430141c24357f2f4e3c5bc56e1817f51976f5efc734028723ec774c0a0776d Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://btc-time.store/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 12 Nov 2021 06:26:08 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by PHP/7.2.34 access-control-allow-methods GET, POST, OPTIONS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 pragma no-cache server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fXXT9DjYFB7SFsq7SmXKRLM5OZI1XfKjp1CRquxQ5%2BYE4O4SS3FS5bAlHlckus%2BxU38dGSKtD93QkfZOUs3B2Yzr03UiABFDhCFGvmrAgB%2F74MTQIWJwaIsr3MZolaisl8LY971UiZIbvvQKVMBGd%2FhOsg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range cache-control private, must-revalidate cf-ray 6acdafde8b7f5b32-FRA access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range expires -1
GET H2	200	en Show response twister.nxportal.biz/get-translate/	7 KB 4 KB	235ms 235ms	XHR application/json	2606:4700:3037::6815:4047 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://twister.nxportal.biz/get-translate/en?category=landingForm Requested by Host: twisterfilestorage.blob.core.windows.net URL: https://twisterfilestorage.blob.core.windows.net/twister/reg-one-step.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:4047 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash bbfe418d90330a74761bba929c94f36e4d7c541dd46fb58f692d4b906a0adc7c Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://btc-time.store/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 12 Nov 2021 06:26:08 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by PHP/7.2.34 access-control-allow-methods GET, POST, OPTIONS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 pragma no-cache server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BydFa8UccTIYOJqup%2F9%2BmJqGytjqL3wr2Ep37qxNFSnu%2BQFQBVdZT%2B3ZKVIjLwNMrClHhk0joYDrlHTA9s8rrtoycRl%2F2er7baP7Wo1nOX1c3crJsUoVLQXiVb8RtuejlDo5Jela66DeWX%2B3Hwt%2BJ9uWqQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range cache-control private, must-revalidate cf-ray 6acdafdf5c815b32-FRA access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range expires -1
GET H2	200	flags.png btc-time.store/lander/7898_mon_1st_nb_st/intlTel/img/	69 KB 70 KB	15ms 14ms	Image image/png	2606:4700:3035::6815:20af CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://btc-time.store/lander/7898_mon_1st_nb_st/intlTel/img/flags.png Requested by Host: btc-time.store URL: https://btc-time.store/lander/7898_mon_1st_nb_st/intlTel/css/intlTelInput.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:20af , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55 Request headers Accept-Language de-DE,de;q=0.9 Referer https://btc-time.store/lander/7898_mon_1st_nb_st/intlTel/css/intlTelInput.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 12 Nov 2021 06:26:08 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 119261 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 70857 last-modified Wed, 29 Sep 2021 09:56:49 GMT server cloudflare etag "61543861-114c9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ctqSbyxaWDpGJTvm3%2BEIBt02cY9m4VeS6lbYofFTEpLHEOUNG%2FntkhUnvBIFWBsKV%2BqRi7HjtBKFdmey%2FfRUa9MUALG2j91sW%2B8PPOwZdEg5Ig0Mq%2Ft8YeqPi9F%2B5c3VNhRhaLvB6TBB%2BU5Hlw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control max-age=864000 accept-ranges bytes cf-ray 6acdafe0de2f4345-FRA expires Sat, 20 Nov 2021 21:18:27 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v29/	16 KB 16 KB	7ms 7ms	Font font/woff2	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@700&family=Roboto:wght@400;500&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://btc-time.store Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 05 Nov 2021 08:58:25 GMT x-content-type-options nosniff age 595663 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15920 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:21 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 05 Nov 2022 08:58:25 GMT
GET H2	200	utils.js Show response btc-time.store/lander/7898_mon_1st_nb_st/intlTel/js/	227 KB 53 KB	20ms 19ms	Script application/javascript	2606:4700:3035::6815:20af CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://btc-time.store/lander/7898_mon_1st_nb_st/intlTel/js/utils.js Requested by Host: twisterfilestorage.blob.core.windows.net URL: https://twisterfilestorage.blob.core.windows.net/twister/reg-one-step.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:20af , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7eb9d53626443ee85e2265a7a23b9dad49d7fdc77a818803120ca405d34d6db5 Request headers Accept-Language de-DE,de;q=0.9 Referer https://btc-time.store/ncMFxV3L55c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 12 Nov 2021 06:26:08 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 568596 cf-polished origSize=286962 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Wed, 29 Sep 2021 09:56:49 GMT server cloudflare etag W/"61543861-460f2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S2brGDjIgqr8zuNA1%2BkVjWWaGL1NgxOgwNY6Z24fdrM3fFlsMv%2B6UcAPYy6Wxxc6D1KdvHe4demh64%2FiRRySVaXRizR5do4SLtQkLJ5p3fdxuXC4GexOBkQQcHxa2wjUUhA%2BicDbxGmk02L6LA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * expires Mon, 15 Nov 2021 16:29:32 GMT cache-control max-age=864000 cf-ray 6acdafe0ee454345-FRA cf-bgj minify

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| _typeof function| ownKeys function| _objectSpread function| _defineProperty object| _countries_ function| settingRegisterForm function| settingTranslations function| $ function| jQuery object| intlTelInputGlobals function| intlTelInput string| srcUtils string| processIdVal object| intlTelInputUtils

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			btc-time.store/	1970-01-19 23:22:56	Name: _subid Value: 2njep3619smfm
			btc-time.store/	1970-01-19 23:22:56	Name: _token Value: uuid_2njep3619smfm_2njep3619smfm618e08ff042638.06598686
			btc-time.store/	1970-02-07 21:18:03	Name: 056ca Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjMwODlcIjoxNjM2Njk4MzY2fSxcImNhbXBhaWduc1wiOntcIjE3NThcIjoxNjM2Njk4MzY2fSxcInRpbWVcIjoxNjM2Njk4MzY2fSJ9.L8jO__rWNe1Zh0BpwJHG8D7qjxReW26M2JZdl--ysSA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

btc-time.store
fonts.googleapis.com
fonts.gstatic.com
twister.nxportal.biz
twisterfilestorage.blob.core.windows.net
2606:4700:3035::6815:20af
2606:4700:3037::6815:4047
2a00:1450:4001:810::200a
2a00:1450:4001:812::2003
52.239.243.68
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
15847088efb2b306cae812c6a5e66c0d2c2185c5994766b28a88e6c546fd258f
5813d5c4b5603296146ec89d9777651ce066af483b8989802a3f080ce684355a
5bfd50d80a0d2d9459284a3389d6198c7e9b72b9792f86b7bec66931e11b617f
7eb9d53626443ee85e2265a7a23b9dad49d7fdc77a818803120ca405d34d6db5
8cfa7bec9e570c9b63ee700c6b59f149cb2aa94f5467e46bae8884f94bb0cbbd
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a41163f48e4ec42661490d0bc0f6fc250558d1f65ffcf0057ebce345a7e18e0d
a61d67250a5c36640e22099937af31613e68d6134439d5d4329efea0372aea79
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bbda619cb46d2dabb12b3b88c63cc2e22d3c0e475b4b6fe184d018194d4dda44
bbfe418d90330a74761bba929c94f36e4d7c541dd46fb58f692d4b906a0adc7c
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d6a95126097f0b69821604659be9117cd25b8409bb53d096305444da489633dc
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
f422c5c9eb095d415a793ca3d142c0a089c9c7cc08ab995e514c2aed8c8f669c
f8430141c24357f2f4e3c5bc56e1817f51976f5efc734028723ec774c0a0776d