billtchasamproof.tk Open in urlscan Pro
2606:4700:3037::6812:3189 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://billtchasamproof.tk/
Submission: On September 09 via automatic, source certstream-suspicious (September 9th 2020, 10:59:47 pm UTC)

Summary HTTP 9 Redirects Links 48 Behaviour Indicators

Summary

This website contacted 4 IPs in 4 countries across 4 domains to perform 9 HTTP transactions. The main IP is 2606:4700:3037::6812:3189, located in United States and belongs to CLOUDFLARENET, US. The main domain is billtchasamproof.tk.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 18th 2020. Valid for: a year.

This is the only time billtchasamproof.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2606:4700:303... 2606:4700:3037::6812:3189	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.216 88.212.201.216	39134 (UNITEDNET) (UNITEDNET)
9	4

5 2606:4700:3037::6812:3189 (United States)

ASN13335 (CLOUDFLARENET, US)

billtchasamproof.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.216 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host216.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	billtchasamproof.tk billtchasamproof.tk	28 KB
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	gstatic.com fonts.gstatic.com	29 KB
1	jquery.com code.jquery.com
9	4

	Domain	Requested by
5	billtchasamproof.tk	billtchasamproof.tk
2	counter.yadro.ru	1 redirects billtchasamproof.tk
2	fonts.gstatic.com	billtchasamproof.tk
1	code.jquery.com	billtchasamproof.tk
9	4

This site contains links to these domains. Also see Links.

Domain
billerahighgcour.ml
taitabtedete.gq
onettripoxda.tk
descsimerona.ga
prechunturgecon.cf
propendikiri.tk
stonamvulmeare.tk
upgalrewasechoo.gq
reidimettiomopu.tk
dialenchutzjecnyma.tk
consagaffcribylin.gq
inrhinabobfox.tk
bivikaparchsouth.ga
komidpacompo.cf
edhohkirchbergtrus.tk
elunburpiri.tk
fracfootditasgale.tk
broodquarselfchartkirk.tk
intorwonoca.gq
worphelerapoora.tk
cimicoportmate.cf
supcicalcaruth.gq
secfolgbelabuking.cf
ovracamatorchwa.ml
kuppvelebshobriapros.tk
nimidinuris.cf
netdayculcepi.tk
railenchakethouwa.tk
cirecatertest.ga
apmamypcsarta.tk
rikibcartrygsubsme.gq
trowoktiodainali.ml
loygreeneagqueezo.ml
chiccheciforthalet.ga
campthonunbumudstrot.tk
riripoussaddnigh.tk
risighremotib.tk
dchendarfihorougta.tk
macumnyracsubc.tk
rossrenvithuthemu.tk
egolapicreara.ga
acexlywajeacti.ml
boibracalxigesig.ml
caucanimelnehy.tk
chyubaffciphotederw.gq
burenexratousli.gq
punccomefifor.tk
tranallalonbere.tk

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-18` - `2021-08-18`	a year	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
counter.yadro.ru GoGetSSL ECC DV CA	`2020-02-02` - `2022-05-02`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://billtchasamproof.tk/
Frame ID: F8A085A2092C7C7F929E20DDE30960F7
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

9
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

4
Countries

58 kB
Transfer

207 kB
Size

1
Cookies

48 Outgoing links

These are links going to different origins than the main page.

URL: https://billerahighgcour.ml/telecharger-createur-de-sonneries.html
Title: https://billerahighgcour.ml/telecharger-createur-de-sonneries.html

Search URL Search Domain Scan URL

URL: https://taitabtedete.gq/telecharger-mega-stockage.asp
Title: this hyperlink

Search URL Search Domain Scan URL

URL: https://onettripoxda.tk/zone-telechargement-le-prophete.pl
Title: Zone Telechargement Le Prophete

Search URL Search Domain Scan URL

URL: https://descsimerona.ga/telecharger-album-kiss.xhtm
Title: https://descsimerona.ga/telecharger-album-kiss.xhtm

Search URL Search Domain Scan URL

URL: https://prechunturgecon.cf/bruit-ville-de-paris-a-telecharger.asp
Title: click reference

Search URL Search Domain Scan URL

URL: https://propendikiri.tk/comment-telecharger-les-photos-sur-huawei-y6.phtml
Title: https://propendikiri.tk/comment-telecharger-les-photos-sur-huawei-y6.phtml

Search URL Search Domain Scan URL

URL: https://stonamvulmeare.tk/telecharger-mp3-maitre-gims-hibamp3.htm
Title: https://stonamvulmeare.tk/telecharger-mp3-maitre-gims-hibamp3.htm

Search URL Search Domain Scan URL

URL: https://upgalrewasechoo.gq/the-curse-film-telecharger-torrent.html
Title: The curse film telecharger torrent

Search URL Search Domain Scan URL

URL: https://reidimettiomopu.tk/telecharger-speed-booster.shtm
Title: Telecharger Speed Booster

Search URL Search Domain Scan URL

URL: https://dialenchutzjecnyma.tk/la-jeune-fille-et-la-nuit-telecharger-gratuit.pl
Title: https://dialenchutzjecnyma.tk/la-jeune-fille-et-la-nuit-telecharger-gratuit.pl

Search URL Search Domain Scan URL

URL: https://consagaffcribylin.gq/jeux-fishdom-telecharger-gratuit.cgi
Title: Jeux Fishdom Telecharger Gratuit

Search URL Search Domain Scan URL

URL: https://inrhinabobfox.tk/telecharger-adobe-flash-player-pour-windows-xp-sp3.asp
Title: Telecharger Adobe flash player pour Windows xp Sp3

Search URL Search Domain Scan URL

URL: https://bivikaparchsouth.ga/the-young-pope-streaming-zone-telechargement.xhtml
Title: https://bivikaparchsouth.ga/the-young-pope-streaming-zone-telechargement.xhtml

Search URL Search Domain Scan URL

URL: https://komidpacompo.cf/meubles-element-sweet-home-a-telecharger.xhtml
Title: https://komidpacompo.cf/meubles-element-sweet-home-a-telecharger.xhtml

Search URL Search Domain Scan URL

URL: https://edhohkirchbergtrus.tk/the-con-artist-vostfr-telecharger.phtm
Title: The Con artist vostfr Telecharger

Search URL Search Domain Scan URL

URL: https://elunburpiri.tk/telecharger-logiciel-archos-5.xhtm
Title: Telecharger Logiciel archos 5

Search URL Search Domain Scan URL

URL: https://fracfootditasgale.tk/telecharger-roms-pour-retroarch.cgi
Title: Telecharger roms Pour retroarch

Search URL Search Domain Scan URL

URL: https://broodquarselfchartkirk.tk/impossible-d-executer-un-fichier-telecharger-avec-le-logo-explorer.phtm
Title: Impossible d executer Un Fichier telecharger Avec le Logo Explorer

Search URL Search Domain Scan URL

URL: https://intorwonoca.gq/telecharger-synology-drive-mac.cgi
Title: Telecharger Synology drive Mac

Search URL Search Domain Scan URL

URL: https://worphelerapoora.tk/telecharger-musique-android-gratuit-2015.shtm
Title: here

Search URL Search Domain Scan URL

URL: https://cimicoportmate.cf/telecharger-pilote-casque-bluetooth-philips-shb3175bk-00.pl
Title: official website

Search URL Search Domain Scan URL

URL: https://supcicalcaruth.gq/telecharger-saison-1-grey-s-anatomy-fr.xhtml
Title: this post

Search URL Search Domain Scan URL

URL: https://secfolgbelabuking.cf/ipseite-damso-telecharger-gratuit.xhtm
Title: this page

Search URL Search Domain Scan URL

URL: https://ovracamatorchwa.ml/telecharger-game-mobile-gratuit.cgi
Title: Telecharger game Mobile Gratuit

Search URL Search Domain Scan URL

URL: https://kuppvelebshobriapros.tk/telecharger-sims-4-saisons-jeuxvideo.pl
Title: read here

Search URL Search Domain Scan URL

URL: https://nimidinuris.cf/telecharger-les-mods-de-farming-simulator-2013.xhtml
Title: Bonuses

Search URL Search Domain Scan URL

URL: https://netdayculcepi.tk/american-bluff-telecharger-vostfr.jsp
Title: https://netdayculcepi.tk/american-bluff-telecharger-vostfr.jsp

Search URL Search Domain Scan URL

URL: https://railenchakethouwa.tk/telecharger-on-ne-badine-pas-avec-l-amour-pdf.jsp
Title: website link

Search URL Search Domain Scan URL

URL: https://cirecatertest.ga/telecharger-logiciel-igo-primo.pl
Title: Telecharger logiciel Igo primo

Search URL Search Domain Scan URL

URL: https://apmamypcsarta.tk/telecharger-new-moon-jbj.xhtm
Title: https://apmamypcsarta.tk/telecharger-new-moon-jbj.xhtm

Search URL Search Domain Scan URL

URL: https://rikibcartrygsubsme.gq/na-american-crime-telechargement.aspx
Title: Na american Crime Telechargement

Search URL Search Domain Scan URL

URL: https://trowoktiodainali.ml/comment-telecharger-une-image-fortnite-dans-le-play-store.pl
Title: Comment telecharger Une image Fortnite dans Le play Store

Search URL Search Domain Scan URL

URL: https://loygreeneagqueezo.ml/telecharger-kali-live.pl
Title: https://loygreeneagqueezo.ml/telecharger-kali-live.pl

Search URL Search Domain Scan URL

URL: https://chiccheciforthalet.ga/jeux-de-probleme-a-telecharger.html
Title: Recommended Site

Search URL Search Domain Scan URL

URL: https://campthonunbumudstrot.tk/telecharger-fichier-midi-gratuit-le-passe-de-tal.html
Title: Telecharger fichier Midi gratuit Le passe de tal

Search URL Search Domain Scan URL

URL: https://riripoussaddnigh.tk/rush-french-telecharger-torrent.htm
Title: Rush French telecharger torrent

Search URL Search Domain Scan URL

URL: https://risighremotib.tk/comment-telecharger-mes-photos-sur-cle-usb.asp
Title: Comment Telecharger mes photos Sur cle Usb

Search URL Search Domain Scan URL

URL: https://dchendarfihorougta.tk/dossier-de-retraite-a-telecharger.pl
Title: webpage

Search URL Search Domain Scan URL

URL: https://macumnyracsubc.tk/telecharger-livre-remede-homeophatie.jsp
Title: Telecharger livre Remede Homeophatie

Search URL Search Domain Scan URL

URL: https://rossrenvithuthemu.tk/telechargement-automatique-mms-sur-huawei.phtm
Title: Telechargement Automatique Mms sur huawei

Search URL Search Domain Scan URL

URL: https://egolapicreara.ga/telecharger-dark-souls.php
Title: Telecharger dark souls

Search URL Search Domain Scan URL

URL: https://acexlywajeacti.ml/telecharger-jeu-de-rami.xhtm
Title: click resources

Search URL Search Domain Scan URL

URL: https://boibracalxigesig.ml/telecharger-tell-me-more-logiciel.cgi
Title: Telecharger Tell me more logiciel

Search URL Search Domain Scan URL

URL: https://caucanimelnehy.tk/telecharger-recuperer-sms-effacer-android.xhtml
Title: Telecharger recuperer sms Effacer android

Search URL Search Domain Scan URL

URL: https://chyubaffciphotederw.gq/telecharger-film-stream-complet-hd.phtml
Title: special info

Search URL Search Domain Scan URL

URL: https://burenexratousli.gq/telecharger-windows-7-familial-32bits-complet-crack.cgi
Title: navigate here

Search URL Search Domain Scan URL

URL: https://punccomefifor.tk/telecharger-minecraft-cracker-toute-les-version.php
Title: Home Page

Search URL Search Domain Scan URL

URL: https://tranallalonbere.tk/hunter-x-hunter-100-a-148-telecharger.phtm
Title: Hunter x hunter 100 A 148 telecharger

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://counter.yadro.ru/hit;counter___yadro__ru?r;s1600*1200*24;uhttps%3A//billtchasamproof.tk/;hT%E9L%E9CHARGEMENT%20DE%20PILOTES%20MICROTOUCH%20ADVANSYS%20PCI%20SCSI%20HOST%20ADAPTER%20METTRE%20%E0%20JOUR%20LE%20LOGICIEL%20MICROTOUCH%20T%E9L%E9CHARGEMENT%20DE%20PILOTES%20DIGITUS%20SCANNEUR%20ME;0.14898277449153885 HTTP 302
https://counter.yadro.ru/hit;counter___yadro__ru?q;r;s1600*1200*24;uhttps%3A//billtchasamproof.tk/;hT%E9L%E9CHARGEMENT%20DE%20PILOTES%20MICROTOUCH%20ADVANSYS%20PCI%20SCSI%20HOST%20ADAPTER%20METTRE%20%E0%20JOUR%20LE%20LOGICIEL%20MICROTOUCH%20T%E9L%E9CHARGEMENT%20DE%20PILOTES%20DIGITUS%20SCANNEUR%20ME;0.14898277449153885

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
billtchasamproof.tk/ 21 KB
8 KB 243ms
183ms Document
text/html 2606:4700:3037::6812:3189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://billtchasamproof.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6812:3189 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f39dde07d4837c2781092fe7361866116aa63b91b1e462975ac668f770b1da91

Request headers

:method: GET
:authority: billtchasamproof.tk
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 09 Sep 2020 22:59:30 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dc4c9a82ad7134d7e45d69fbb9a8cfa921599692370; expires=Fri, 09-Oct-20 22:59:30 GMT; path=/; domain=.billtchasamproof.tk; HttpOnly; SameSite=Lax
expires: Wed, 16 Sep 2020 22:59:31 GMT
cache-control: max-age=691200
cf-cache-status: MISS
cf-request-id: 0516b18aa90000d70919962200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 5d0485244a98d709-FRA
content-encoding: br

GET
H2 200 style.css
billtchasamproof.tk/ 148 KB
18 KB 73ms
72ms Stylesheet
text/css 2606:4700:3037::6812:3189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://billtchasamproof.tk/style.css
Requested by: Host: billtchasamproof.tk
URL: https://billtchasamproof.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6812:3189 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f091f6dbb7277db7da93746f39634cabb9f2aebf668bd0646300d7ab962362f

Request headers

Referer: https://billtchasamproof.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Sep 2020 22:59:30 GMT
content-encoding: br
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
status: 200
cache-control: max-age=691200
cf-ray: 5d0485256b9ad709-FRA
cf-request-id: 0516b18b640000d70919965200000001
expires: Wed, 16 Sep 2020 22:59:31 GMT

GET
H2 404 jquery-1.12.4
code.jquery.com/ 0
0 24ms
8ms Script
text/html 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.12.4
Requested by: Host: billtchasamproof.tk
URL: https://billtchasamproof.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://billtchasamproof.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 jquery.min.js Show response
billtchasamproof.tk/js/ 9 KB
3 KB 69ms
69ms Script
text/html 2606:4700:3037::6812:3189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://billtchasamproof.tk/js/jquery.min.js
Requested by: Host: billtchasamproof.tk
URL: https://billtchasamproof.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6812:3189 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3d5618b01b88ab845a19a57199e8786b8c248cb4439675f1ee92f7371ea81d3

Request headers

Referer: https://billtchasamproof.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Sep 2020 22:59:30 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 09 Sep 2020 22:59:31GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=604800
cf-ray: 5d0485256b9cd709-FRA
cf-request-id: 0516b18b640000d70919966200000001
expires: Wed, 16 Sep 2020 22:59:31 GMT

GET
H2 200 lzoehx.woff
billtchasamproof.tk/webfonts/ 43 B
201 B 70ms
70ms Font
image/gif 2606:4700:3037::6812:3189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://billtchasamproof.tk/webfonts/lzoehx.woff
Requested by: Host: billtchasamproof.tk
URL: https://billtchasamproof.tk/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6812:3189 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Origin: https://billtchasamproof.tk
Referer: https://billtchasamproof.tk/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Sep 2020 22:59:30 GMT
cf-cache-status: MISS
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5d0485260c39d709-FRA
content-length: 43
cf-request-id: 0516b18bc00000d70919967200000001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v16/ 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v16/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: billtchasamproof.tk
URL: https://billtchasamproof.tk/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://billtchasamproof.tk
Referer: https://billtchasamproof.tk/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 09:06:40 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:11:29 GMT
server: sffe
age: 222770
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Tue, 07 Sep 2021 09:06:40 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v16/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: billtchasamproof.tk
URL: https://billtchasamproof.tk/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://billtchasamproof.tk
Referer: https://billtchasamproof.tk/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 09:06:39 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:12:24 GMT
server: sffe
age: 222771
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15056
x-xss-protection: 0
expires: Tue, 07 Sep 2021 09:06:39 GMT

GET
H/1.1

200
OK

hit;counter___yadro__ru
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit;counter___yadro__ru?r;s1600*1200*24;uhttps%3A//billtchasamproof.tk/;hT%E9L%E9CHARGEMENT%20DE%20PILOTES%20MICROTOUCH%20ADVANSYS%20PCI%20SCSI%20HOST%20ADAPTER%20METTRE%20...
https://counter.yadro.ru/hit;counter___yadro__ru?q;r;s1600*1200*24;uhttps%3A//billtchasamproof.tk/;hT%E9L%E9CHARGEMENT%20DE%20PILOTES%20MICROTOUCH%20ADVANSYS%20PCI%20SCSI%20HOST%20ADAPTER%20METTRE%...

43 B
496 B

54ms
54ms

Image
image/gif

88.212.201.216
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;counter___yadro__ru?q;r;s1600*1200*24;uhttps%3A//billtchasamproof.tk/;hT%E9L%E9CHARGEMENT%20DE%20PILOTES%20MICROTOUCH%20ADVANSYS%20PCI%20SCSI%20HOST%20ADAPTER%20METTRE%20%E0%20JOUR%20LE%20LOGICIEL%20MICROTOUCH%20T%E9L%E9CHARGEMENT%20DE%20PILOTES%20DIGITUS%20SCANNEUR%20ME;0.14898277449153885

Requested by

Host: billtchasamproof.tk
URL: https://billtchasamproof.tk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host216.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://billtchasamproof.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Sep 2020 22:59:31 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 10 Sep 2019 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 09 Sep 2020 22:59:31 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit;counter___yadro__ru?q;r;s1600*1200*24;uhttps%3A//billtchasamproof.tk/;hT%E9L%E9CHARGEMENT%20DE%20PILOTES%20MICROTOUCH%20ADVANSYS%20PCI%20SCSI%20HOST%20ADAPTER%20METTRE%20%E0%20JOUR%20LE%20LOGICIEL%20MICROTOUCH%20T%E9L%E9CHARGEMENT%20DE%20PILOTES%20DIGITUS%20SCANNEUR%20ME;0.14898277449153885
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Tue, 10 Sep 2019 21:00:00 GMT

GET
H2 200 vwbcszucxt.ttf
billtchasamproof.tk/webfonts/ 43 B
148 B 77ms
76ms Font
image/gif 2606:4700:3037::6812:3189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://billtchasamproof.tk/webfonts/vwbcszucxt.ttf
Requested by: Host: billtchasamproof.tk
URL: https://billtchasamproof.tk/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6812:3189 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Origin: https://billtchasamproof.tk
Referer: https://billtchasamproof.tk/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Sep 2020 22:59:31 GMT
cf-cache-status: MISS
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5d0485267ce6d709-FRA
content-length: 43
cf-request-id: 0516b18c080000d7091996a200000001
expires: Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.billtchasamproof.tk/	1970-01-19 13:04:44	Name: __cfduid Value: dc4c9a82ad7134d7e45d69fbb9a8cfa921599692370

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

billtchasamproof.tk
code.jquery.com
counter.yadro.ru
fonts.gstatic.com
2001:4de0:ac19::1:b:1a
2606:4700:3037::6812:3189
2a00:1450:4001:819::2003
88.212.201.216
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9f091f6dbb7277db7da93746f39634cabb9f2aebf668bd0646300d7ab962362f
a3d5618b01b88ab845a19a57199e8786b8c248cb4439675f1ee92f7371ea81d3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
f39dde07d4837c2781092fe7361866116aa63b91b1e462975ac668f770b1da91

billtchasamproof.tk Open in urlscan Pro 2606:4700:3037::6812:3189 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

75 %IPv6

4 Domains

4 Subdomains

4 IPs

4 Countries

58 kBTransfer

207 kBSize

1 Cookies

48 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

1 Cookies

Indicators

billtchasamproof.tk Open in urlscan Pro
2606:4700:3037::6812:3189 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

4
Countries

58 kB
Transfer

207 kB
Size

1
Cookies

9 HTTP transactions
0 data transactions