213123wd.tradeplatau.cloud Open in urlscan Pro
190.123.44.135 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://213123wd.tradeplatau.cloud/
Submission: On April 20 via manual (April 20th 2023, 8:44:50 am UTC) from NL — Scanned from NL

Summary HTTP 37 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 10 domains to perform 37 HTTP transactions. The main IP is 190.123.44.135, located in Panama and belongs to Panamaserver.com, PA. The main domain is 213123wd.tradeplatau.cloud.

This is the only time 213123wd.tradeplatau.cloud was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Shell (Extraction)

Domain & IP information

	IP Address	AS Autonomous System
10	190.123.44.135 190.123.44.135	52284 (Panamaser...) (Panamaserver.com)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1 2	2600:9000:239... 2600:9000:2394:e800:1:a3fa:7cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
8	2a04:4e42:200... 2a04:4e42:200::626	54113 (FASTLY) (FASTLY)
3 5	2600:9000:239... 2600:9000:2394:a000:1:a3fa:7cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.122.218.248 3.122.218.248	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a04:4e42:400... 2a04:4e42:400::626	54113 (FASTLY) (FASTLY)
3	2600:9000:238... 2600:9000:238d:ae00:3:37c9:30c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42::626 2a04:4e42::626	54113 (FASTLY) (FASTLY)
37	13

10 190.123.44.135 (Panama)

ASN52284 (Panamaserver.com, PA)

213123wd.tradeplatau.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2394:e800:1:a3fa:7cc0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cdn.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a04:4e42:200::626 (United States)

ASN54113 (FASTLY, US)

ssl.p.jwpcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets-jpcust.jwpsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2394:a000:1:a3fa:7cc0:93a1 (United States) 3 redirects

ASN16509 (AMAZON-02, US)

cdn.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.218.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-218-248.eu-central-1.compute.amazonaws.com

getyourapi.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::626 (United States)

ASN54113 (FASTLY, US)

assets-jpcust.jwpsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:238d:ae00:3:37c9:30c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

videos-cloudfront.jwpsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::626 (United States)

ASN54113 (FASTLY, US)

prd.jwpltx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	tradeplatau.cloud 213123wd.tradeplatau.cloud	230 KB
7	jwpsrv.com assets-jpcust.jwpsrv.com — Cisco Umbrella Rank: 3884 videos-cloudfront.jwpsrv.com	473 KB
7	jwplayer.com 4 redirects cdn.jwplayer.com — Cisco Umbrella Rank: 2945	45 KB
5	jwpcdn.com ssl.p.jwpcdn.com — Cisco Umbrella Rank: 2781	241 KB
5	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 344	151 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 189	31 KB
1	jwpltx.com prd.jwpltx.com — Cisco Umbrella Rank: 3204	208 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
1	getyourapi.site getyourapi.site	520 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	1 KB
37	10

	Domain	Requested by
10	213123wd.tradeplatau.cloud	213123wd.tradeplatau.cloud
7	cdn.jwplayer.com	4 redirects 213123wd.tradeplatau.cloud cdn.jwplayer.com ssl.p.jwpcdn.com
5	ssl.p.jwpcdn.com	cdn.jwplayer.com
5	cdnjs.cloudflare.com	213123wd.tradeplatau.cloud cdnjs.cloudflare.com
4	assets-jpcust.jwpsrv.com	213123wd.tradeplatau.cloud
3	videos-cloudfront.jwpsrv.com	ssl.p.jwpcdn.com
2	connect.facebook.net	213123wd.tradeplatau.cloud connect.facebook.net
1	prd.jwpltx.com
1	www.facebook.com	213123wd.tradeplatau.cloud
1	getyourapi.site	cdnjs.cloudflare.com
1	fonts.googleapis.com	213123wd.tradeplatau.cloud
37	11

This site contains no links.

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
jwplayer.com Amazon RSA 2048 M02	`2023-03-01` - `2023-12-25`	10 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-27` - `2023-04-27`	3 months	crt.sh
getyourapi.site R3	`2023-03-12` - `2023-06-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://213123wd.tradeplatau.cloud/
Frame ID: 8C2DFD4D68C9A70B5C36F4C808E50B0C
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Shell

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

37
Requests

30 %
HTTPS

83 %
IPv6

10
Domains

11
Subdomains

13
IPs

3
Countries

1171 kB
Transfer

2463 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

http://cdn.jwplayer.com/strips/ggh8tjYw-120.vtt HTTP 301
http://assets-jpcust.jwpsrv.com/strips/ggh8tjYw-120.vtt

Request Chain 27

http://cdn.jwplayer.com/v2/media/ggh8tjYw/poster.jpg?width=720 HTTP 302
http://assets-jpcust.jwpsrv.com/thumbnails/6i2u73al-720.jpg

Request Chain 28

https://cdn.jwplayer.com/v2/media/ggh8tjYw/poster.jpg?width=1280 HTTP 302
https://assets-jpcust.jwpsrv.com/thumbnails/6i2u73al-1280.jpg

Request Chain 30

http://cdn.jwplayer.com/strips/ggh8tjYw-120.jpg HTTP 301
http://assets-jpcust.jwpsrv.com/strips/ggh8tjYw-120.jpg

37 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
213123wd.tradeplatau.cloud/ 171 KB
53 KB 1087ms
871ms Document
text/html 190.123.44.135
Panamaserver.com

General

Check archive.org

Show headers Download Go to

Full URL: http://213123wd.tradeplatau.cloud/
Protocol: HTTP/1.1
Server: 190.123.44.135 , Panama, ASN52284 (Panamaserver.com, PA),
Reverse DNS
Software: openresty /
Resource Hash: b3284b041c5513b74880335176344435084279c2f285246a91d80a003eed7b01

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 20 Apr 2023 08:44:44 GMT
Server: openresty
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding Accept-Encoding

GET
H/1.1 200
OK app.css
213123wd.tradeplatau.cloud/css/ 13 KB
3 KB 721ms
555ms Stylesheet
text/css 190.123.44.135
Panamaserver.com

General

Check archive.org

Show headers Download Go to

Full URL: http://213123wd.tradeplatau.cloud/css/app.css
Requested by: Host: 213123wd.tradeplatau.cloud
URL: http://213123wd.tradeplatau.cloud/
Protocol: HTTP/1.1
Server: 190.123.44.135 , Panama, ASN52284 (Panamaserver.com, PA),
Reverse DNS
Software: openresty /
Resource Hash: 19a27ca7f2487d4cd8d099664b764fed9f484e039e362fbd0841909a665ac3a2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://213123wd.tradeplatau.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 08:44:45 GMT
Content-Encoding: gzip
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: text/css

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
1 KB 81ms
30ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap

Requested by

Host: 213123wd.tradeplatau.cloud
URL: http://213123wd.tradeplatau.cloud/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1618bb84d193a8a16b6f49ba65cdbdf7e7eb9b3823da093d5de586272228bbec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://213123wd.tradeplatau.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Apr 2023 08:44:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 07:28:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Apr 2023 08:44:44 GMT

GET
H/1.1 200
OK logo.webp
213123wd.tradeplatau.cloud/img/ 39 KB
40 KB 633ms
633ms Image
image/webp 190.123.44.135
Panamaserver.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://213123wd.tradeplatau.cloud/img/logo.webp
Requested by: Host: 213123wd.tradeplatau.cloud
URL: http://213123wd.tradeplatau.cloud/
Protocol: HTTP/1.1
Server: 190.123.44.135 , Panama, ASN52284 (Panamaserver.com, PA),
Reverse DNS
Software: openresty /
Resource Hash: d69498534d4045a31fab1ec1d9fe9b4abbf15462df2cd25697d16db7b62bebce

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://213123wd.tradeplatau.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 08:44:45 GMT
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/webp

GET
H2 200 ggh8tjYw-voou8tK3.js Show response
cdn.jwplayer.com/players/ 108 KB
41 KB 244ms
201ms Script
text/javascript 2600:9000:2394:e800:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jwplayer.com/players/ggh8tjYw-voou8tK3.js
Requested by: Host: 213123wd.tradeplatau.cloud
URL: http://213123wd.tradeplatau.cloud/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2394:e800:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 86e788ee1fb5319164cfafcd1b37d1900cd2cf691d058b5a1b6d8b9f86cf4d10

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://213123wd.tradeplatau.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 08:44:44 GMT
content-encoding: gzip
via: 1.1 a4ca822be9cc438f72a2d23c1e665d80.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: AMS1-P2
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=180
x-robots-tag: noindex, indexifembedded
content-length: 41343
x-amz-cf-id: j6jwYsmbd07QzcSeiHlph9OV_juaNmqvEMQE3RCKcgMN_dL_LNzc-g==

GET
H/1.1 200
OK punkt-1.png
213123wd.tradeplatau.cloud/img/ 4 KB
4 KB 511ms
511ms Image
image/png 190.123.44.135
Panamaserver.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://213123wd.tradeplatau.cloud/img/punkt-1.png
Requested by: Host: 213123wd.tradeplatau.cloud
URL: http://213123wd.tradeplatau.cloud/
Protocol: HTTP/1.1
Server: 190.123.44.135 , Panama, ASN52284 (Panamaserver.com, PA),
Reverse DNS
Software: openresty /
Resource Hash: 3ce20fac5992d62d99bb2e5440a409f6feabd34e029b8f229880da83b2cef561

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://213123wd.tradeplatau.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 08:44:45 GMT
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK punkt-2.png
213123wd.tradeplatau.cloud/img/ 3 KB
3 KB 689ms
521ms Image
image/png 190.123.44.135
Panamaserver.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://213123wd.tradeplatau.cloud/img/punkt-2.png
Requested by: Host: 213123wd.tradeplatau.cloud
URL: http://213123wd.tradeplatau.cloud/
Protocol: HTTP/1.1
Server: 190.123.44.135 , Panama, ASN52284 (Panamaserver.com, PA),
Reverse DNS
Software: openresty /
Resource Hash: c0efcb40cae313f7595519329bf2cca0ae63fc8cfcdc83fc0f736cb9773db28c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://213123wd.tradeplatau.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 08:44:45 GMT
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK punkt-3.png
213123wd.tradeplatau.cloud/img/ 3 KB
4 KB 696ms
529ms Image
image/png 190.123.44.135
Panamaserver.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://213123wd.tradeplatau.cloud/img/punkt-3.png
Requested by: Host: 213123wd.tradeplatau.cloud
URL: http://213123wd.tradeplatau.cloud/
Protocol: HTTP/1.1
Server: 190.123.44.135 , Panama, ASN52284 (Panamaserver.com, PA),
Reverse DNS
Software: openresty /
Resource Hash: f1d6dbe937bf9cacc00287346c6658240c4c672be7ef64cda734057e90e9b9e7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://213123wd.tradeplatau.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 08:44:45 GMT
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK director1.webp
213123wd.tradeplatau.cloud/img/ 20 KB
20 KB 687ms
519ms Image
image/webp 190.123.44.135
Panamaserver.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://213123wd.tradeplatau.cloud/img/director1.webp
Requested by: Host: 213123wd.tradeplatau.cloud
URL: http://213123wd.tradeplatau.cloud/
Protocol: HTTP/1.1
Server: 190.123.44.135 , Panama, ASN52284 (Panamaserver.com, PA),
Reverse DNS
Software: openresty /
Resource Hash: 82081484d0e64ba5e5bd67a258866cc916340a8252569d8d11ea601f2707b6a4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://213123wd.tradeplatau.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 08:44:45 GMT
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/webp

GET
H/1.1 200
OK niz1.webp
213123wd.tradeplatau.cloud/img/ 21 KB
21 KB 723ms
555ms Image
image/webp 190.123.44.135
Panamaserver.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://213123wd.tradeplatau.cloud/img/niz1.webp
Requested by: Host: 213123wd.tradeplatau.cloud
URL: http://213123wd.tradeplatau.cloud/
Protocol: HTTP/1.1
Server: 190.123.44.135 , Panama, ASN52284 (Panamaserver.com, PA),
Reverse DNS
Software: openresty /
Resource Hash: 04474b3ce99ce23d11be847793c020dffd2334bd43cb4ed54a66b8a4c29a044e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://213123wd.tradeplatau.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 08:44:45 GMT
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/webp

GET
H/1.1 200
OK niz2.webp
213123wd.tradeplatau.cloud/img/ 42 KB
42 KB 588ms
588ms Image
image/webp 190.123.44.135
Panamaserver.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://213123wd.tradeplatau.cloud/img/niz2.webp
Requested by: Host: 213123wd.tradeplatau.cloud
URL: http://213123wd.tradeplatau.cloud/
Protocol: HTTP/1.1
Server: 190.123.44.135 , Panama, ASN52284 (Panamaserver.com, PA),
Reverse DNS
Software: openresty /
Resource Hash: 455833710fec302f0de3a73ed5529932269ace8a11d15edf793e921ffb7d9121

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://213123wd.tradeplatau.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 08:44:46 GMT
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/webp

GET
H/1.1 200
OK niz3.webp
213123wd.tradeplatau.cloud/img/ 40 KB
40 KB 520ms
520ms Image
image/webp 190.123.44.135
Panamaserver.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://213123wd.tradeplatau.cloud/img/niz3.webp
Requested by: Host: 213123wd.tradeplatau.cloud
URL: http://213123wd.tradeplatau.cloud/
Protocol: HTTP/1.1
Server: 190.123.44.135 , Panama, ASN52284 (Panamaserver.com, PA),
Reverse DNS
Software: openresty /
Resource Hash: dc137185bbc63f8e2a19242d6f336256274e5113a503474a4de435b6625fd80d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://213123wd.tradeplatau.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 08:44:46 GMT
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/webp

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 87 KB
28 KB 55ms
21ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: 213123wd.tradeplatau.cloud
URL: http://213123wd.tradeplatau.cloud/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: http://213123wd.tradeplatau.cloud
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 08:44:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 17317
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27938
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "603e8adc-15d9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hyu8tU48IRzlSG5CzO%2BfaWna%2FN8b1LX1cRITLG5gVd8CdAjM7PF54YUEePqIk8jl2Mu64jYwH%2BCv5rSt1U2sPWS0bYwBNovphSKjjXG7H4Hm2KPyvhodkRvPCLOF3aG1Y1oamaH6HPjNk3ld31pAH%2F9E"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7bac1b6c7fa80bd6-AMS
expires: Tue, 09 Apr 2024 08:44:44 GMT

GET
H2 200 intlTelInput.min.js Show response
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/js/ 29 KB
9 KB 20ms
20ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/js/intlTelInput.min.js

Requested by

Host: 213123wd.tradeplatau.cloud
URL: http://213123wd.tradeplatau.cloud/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b024339fe00039664fe9d06d5b49f9c7790fd3c0a49fe69b44f77360e71483ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: http://213123wd.tradeplatau.cloud
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 08:44:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4378178
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8967
last-modified: Sat, 13 Feb 2021 20:29:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "602836ba-7351"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wSTXale4%2BnC9UVmsnfzpXhr8EHqFlV7%2Bvhd%2FCQ%2F0AsT6GHXi0C8AyGGUJjSHh%2FeUxrTrUvxg8gCahQvmBLfhdYmWgiE4L1oyfHOedveuZAh1ug7cr4xatAnWdDEdn88qEZL6bZScGA9IoaFuwRwGwajy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7bac1b6c9fd40bd6-AMS
expires: Tue, 09 Apr 2024 08:44:44 GMT

GET
H2 200 intlTelInput.min.css
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/css/ 19 KB
2 KB 20ms
20ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/css/intlTelInput.min.css

Requested by

Host: 213123wd.tradeplatau.cloud
URL: http://213123wd.tradeplatau.cloud/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6956e8710cf477f7014440385ae16ee4b8cc7ecfd02fddd4d2f0c6c7fd15845

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: http://213123wd.tradeplatau.cloud
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 08:44:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1258255
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1820
last-modified: Sat, 13 Feb 2021 20:29:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "602836ba-4ad5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=urycUyxntwMzaIcGoo7W4dtaXS71l9hPPnA2MNjFVjQUQoxDExlFQpEczi8MfgzpTE1TMC6nbD%2FONf07LSTu8g9oKfQ6Vq7SB7jo1oAsDSKS8HXD%2FkobhcENr1AbmXWIRBSvquYQh0Ag%2Fmbajyip1LMU"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7bac1b6ccfed0bd6-AMS
expires: Tue, 09 Apr 2024 08:44:44 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 66ms
22ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 213123wd.tradeplatau.cloud
URL: http://213123wd.tradeplatau.cloud/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://213123wd.tradeplatau.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 20 Apr 2023 08:44:45 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27967
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: MPDaL0GMt3EyZdAVh+z/iqD6Q19HHRRSuj7Fx0hqeRHAJOZLyp/0SBg8U3lqd0f4YpxeA3X/e4wi6ivzYSnY/A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK jwpsrv.js Show response
ssl.p.jwpcdn.com/player/v/8.26.9/ 62 KB
19 KB 51ms
17ms Script
application/javascript 2a04:4e42:200::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://ssl.p.jwpcdn.com/player/v/8.26.9/jwpsrv.js
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/players/ggh8tjYw-voou8tK3.js
Protocol: HTTP/1.1
Server: 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 21ac25f1546e0756a9b2b8c5832d6a120653b60020b80aa69e15610a86c423d1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://213123wd.tradeplatau.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 08:44:45 GMT
Content-Encoding: gzip
Via: 1.1 varnish
Age: 206
X-Cache: HIT
Connection: keep-alive
Content-Length: 19095
X-Served-By: cache-ams21072-AMS
Last-Modified: Mon, 27 Mar 2023 20:13:27 GMT
Server: AmazonS3
X-Timer: S1681980285.271275,VS0,VE0
ETag: "b05c870fc5d7c7e6a5d7e5dde188b9e9"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=900, immutable
Accept-Ranges: bytes
X-Cache-Hits: 146

GET
H/1.1 200
OK jwplayer.core.controls.js Show response
ssl.p.jwpcdn.com/player/v/8.26.9/ 316 KB
83 KB 54ms
21ms Script
application/javascript 2a04:4e42:200::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://ssl.p.jwpcdn.com/player/v/8.26.9/jwplayer.core.controls.js
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/players/ggh8tjYw-voou8tK3.js
Protocol: HTTP/1.1
Server: 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 35334400bec8f4c230e7b91c17c4cc96e17caebb6e144bf43dab0e57c4cf90e5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://213123wd.tradeplatau.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 08:44:45 GMT
Content-Encoding: gzip
Via: 1.1 varnish
Age: 1944864
X-Cache: HIT
Connection: keep-alive
Content-Length: 84566
X-Served-By: cache-ams21037-AMS
Last-Modified: Mon, 27 Mar 2023 20:13:21 GMT
Server: AmazonS3
X-Timer: S1681980285.268607,VS0,VE0
ETag: "3c5ff110bccc0950103d3f24d854eac2"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, immutable
Accept-Ranges: bytes
X-Cache-Hits: 192733

GET
H/1.1 200
OK ggh8tjYw Show response
cdn.jwplayer.com/v2/media/ 2 KB
1 KB 183ms
168ms XHR
application/json 2600:9000:2394:a000:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.jwplayer.com/v2/media/ggh8tjYw?recommendations_playlist_id=YYInJ1PL
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/players/ggh8tjYw-voou8tK3.js
Protocol: HTTP/1.1
Server: 2600:9000:2394:a000:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 80e05af6ee79328090e4071dd7b7314e2e6819b970f8e3417abcb76dee35204b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://213123wd.tradeplatau.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 08:44:45 GMT
Content-Encoding: gzip
Via: 1.1 d3a48a8630785a2a858cfdeb83e66c24.cloudfront.net (CloudFront)
Server: openresty
X-Amz-Cf-Pop: AMS1-P2
X-Cache: Miss from cloudfront
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=180, max-stale=180
Connection: keep-alive
x-robots-tag: noindex, indexifembedded
Content-Length: 625
X-Amz-Cf-Id: fak2RIpOstH3Kn3aUBkrE9BqD0HuAUrj1mQFvmYxuDkErzYsGGfV5A==
Expires: Thu, 20 Apr 2023 08:47:45

GET
H/1.1 200
OK ru.json Show response
ssl.p.jwpcdn.com/player/v/8.26.9/translations/ 5 KB
2 KB 46ms
15ms XHR
application/json 2a04:4e42:200::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://ssl.p.jwpcdn.com/player/v/8.26.9/translations/ru.json
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/players/ggh8tjYw-voou8tK3.js
Protocol: HTTP/1.1
Server: 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ebae3fbf20c53259110ea33f6a178f610f1c23dba9c4e66b33eb4fed33c7d0d5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://213123wd.tradeplatau.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 08:44:45 GMT
Content-Encoding: gzip
Via: 1.1 varnish
Age: 1406350
X-Cache: HIT
Connection: keep-alive
Content-Length: 1737
X-Served-By: cache-ams21043-AMS
Last-Modified: Mon, 27 Mar 2023 20:13:31 GMT
Server: AmazonS3
X-Timer: S1681980285.268917,VS0,VE0
ETag: "e906f5fce870249e71ed843a05f9939a"
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, immutable
Accept-Ranges: bytes
X-Cache-Hits: 3

GET
H2 200 geolocation Show response
getyourapi.site/api/ 107 B
520 B 120ms
30ms XHR
application/json 3.122.218.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://getyourapi.site/api/geolocation
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.122.218.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-218-248.eu-central-1.compute.amazonaws.com
Software: openresty / Express
Resource Hash: 06fe94e5d8cf42b82d77097098d7ffed1c28286be290e93b4e5aa542c25378ff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://213123wd.tradeplatau.cloud/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 08:44:45 GMT
server: openresty
x-powered-by: Express
etag: W/"6b-R/sRGNX3mIJAFUp+rm4lsRrfmEg"
access-control-max-age: 600
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: http://213123wd.tradeplatau.cloud
access-control-expose-headers: content-type, authorization, x-request-id
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization
content-length: 107
x-request-id: 5d9f9163-06e6-49ee-8d26-3f11dbf5cd8d

GET
H2 200 2321312123123 Show response
connect.facebook.net/signals/config/ 5 KB
3 KB 62ms
61ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2321312123123?v=2.9.102&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

599203970608b4b373b8982d265b06c03a4f25dfbcd0b16f40edc9003124ef60

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://213123wd.tradeplatau.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 20 Apr 2023 08:44:45 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Ofh0DJsC0g2NI6lZNuUnwQuhr4vFA4jxLIPZDu/W//iiOFjIeE1BhF3ak2n4NdXYbx+NtoaGuF4bWeQvCO1oJw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 67ms
22ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2321312123123&ev=PageView&dl=http%3A%2F%2F213123wd.tradeplatau.cloud%2F&rl=&if=false&ts=1681980285373&sw=1600&sh=1200&v=2.9.102&r=stable&ec=0&o=28&it=1681980285306&coo=false&rqm=GET

Requested by

Host: 213123wd.tradeplatau.cloud
URL: http://213123wd.tradeplatau.cloud/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://213123wd.tradeplatau.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 20 Apr 2023 08:44:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 flags.png
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/img/ 66 KB
67 KB 40ms
22ms Image
image/png 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/img/flags.png

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/css/intlTelInput.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ead4835bb034d3977fd4aa92437a20fac37b2c67e0c22a5debc61468151d08d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/css/intlTelInput.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 08:44:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 569376
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 67650
last-modified: Sat, 13 Feb 2021 20:30:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "602836d0-1083d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f3Qy3ptbCIJxI1YZDBKeDngDWvFgu%2BxbO4URyxnxhbPPQJnmnSs7ihYhO1EU2cjo%2FE%2BSGbLs7VxXsrOdQr5R%2BU1xklSkTe4FbUTz%2B6hSSxvA08Dsa4tWzztQPR8VkafnmUT2xQFs4dZi3CmDtlsTn2qf"}],"group":"cf-nel","max_age":604800}
content-type: image/png; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7bac1b6fcbc00ae0-AMS
expires: Tue, 09 Apr 2024 08:44:45 GMT

GET
H/1.1 200
OK provider.hlsjs.js Show response
ssl.p.jwpcdn.com/player/v/8.26.9/ 384 KB
112 KB 14ms
14ms Script
application/javascript 2a04:4e42:200::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://ssl.p.jwpcdn.com/player/v/8.26.9/provider.hlsjs.js
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/players/ggh8tjYw-voou8tK3.js
Protocol: HTTP/1.1
Server: 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8c5a33eaec1f774cc6795ae95883441e2b5a34794d5a7ac2780e3fd7e55a0544

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://213123wd.tradeplatau.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 08:44:45 GMT
Content-Encoding: gzip
Via: 1.1 varnish
Age: 809731
X-Cache: HIT
Connection: keep-alive
Content-Length: 114232
X-Served-By: cache-ams21037-AMS
Last-Modified: Mon, 27 Mar 2023 20:13:23 GMT
Server: AmazonS3
X-Timer: S1681980285.423466,VS0,VE0
ETag: "f8f2c425fdf03e4ff59fcf93935a5461"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, immutable
Accept-Ranges: bytes
X-Cache-Hits: 147430

GET
H/1.1

200
OK

ggh8tjYw-120.vtt Show response
assets-jpcust.jwpsrv.com/strips/
Redirect Chain

http://cdn.jwplayer.com/strips/ggh8tjYw-120.vtt
http://assets-jpcust.jwpsrv.com/strips/ggh8tjYw-120.vtt

5 KB
2 KB

125ms
111ms

XHR
text/vtt

2a04:4e42:200::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://assets-jpcust.jwpsrv.com/strips/ggh8tjYw-120.vtt
Requested by: Host: 213123wd.tradeplatau.cloud
URL: http://213123wd.tradeplatau.cloud/
Protocol: HTTP/1.1
Server: 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3c507bcb88b798a73d4d628a353415b8ab8a884d3c040a50a7ea30381d439136

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://213123wd.tradeplatau.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 08:44:45 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 0
x-amz-server-side-encryption: AES256
X-Cache: MISS, HIT
Connection: keep-alive
Content-Length: 905
X-Served-By: cache-iad-kjyo7100179-IAD, cache-ams21057-AMS
Last-Modified: Sat, 27 Aug 2022 16:13:49 GMT
Server: nginx
X-Timer: S1681980286.722903,VS0,VE96
ETag: "cc7c4d855162faa083ace56bac38d88b"
Vary: Accept-Encoding
Content-Type: text/vtt
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Access-Control-Allow-Headers: accept-encoding, cache-control, origin, dnt, accept-language
X-Cache-Hits: 0, 1

Redirect headers

Date: Thu, 20 Apr 2023 08:44:45 GMT
Via: 1.1 d3a48a8630785a2a858cfdeb83e66c24.cloudfront.net (CloudFront)
Server: openresty
X-Amz-Cf-Pop: AMS1-P2
X-Cache: Miss from cloudfront
Content-Type: text/html
Access-Control-Allow-Origin: *
Location: http://assets-jpcust.jwpsrv.com/strips/ggh8tjYw-120.vtt
Connection: keep-alive
x-robots-tag: noindex, indexifembedded
Content-Length: 166
X-Amz-Cf-Id: Qm1u7jheSkvcM3k39nLdRMR0mO3yp66e6PYlECVekydZodB1MeDPXA==

GET
H/1.1 200
OK related.js Show response
ssl.p.jwpcdn.com/player/v/8.26.9/ 102 KB
25 KB 14ms
14ms Script
application/javascript 2a04:4e42:200::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://ssl.p.jwpcdn.com/player/v/8.26.9/related.js
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/players/ggh8tjYw-voou8tK3.js
Protocol: HTTP/1.1
Server: 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd090578f949988d88531c0c98339766364ed6cdcfd7bca0d49905c44e56a260

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://213123wd.tradeplatau.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 08:44:45 GMT
Content-Encoding: gzip
Via: 1.1 varnish
Age: 1944861
X-Cache: HIT
Connection: keep-alive
Content-Length: 24956
X-Served-By: cache-ams21037-AMS
Last-Modified: Mon, 27 Mar 2023 20:13:25 GMT
Server: AmazonS3
X-Timer: S1681980286.512544,VS0,VE0
ETag: "49db87945be8198af9e0136a6ad75ba3"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, immutable
Accept-Ranges: bytes
X-Cache-Hits: 151614

GET
H/1.1 200
OK ggh8tjYw.m3u8 Show response
cdn.jwplayer.com/manifests/ 1 KB
916 B 267ms
252ms XHR
application/vnd.apple.mpegurl 2600:9000:2394:a000:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.jwplayer.com/manifests/ggh8tjYw.m3u8
Requested by: Host: ssl.p.jwpcdn.com
URL: http://ssl.p.jwpcdn.com/player/v/8.26.9/provider.hlsjs.js
Protocol: HTTP/1.1
Server: 2600:9000:2394:a000:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: d131914761fe23a918376881f0a617d65e87b629fdd1643f1ebefcbc78280492

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://213123wd.tradeplatau.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 08:44:45 GMT
Content-Encoding: gzip
Via: 1.1 01abec7ece24959c09067a58477de9ee.cloudfront.net (CloudFront)
Server: openresty
X-Amz-Cf-Pop: AMS1-P2
X-Cache: Miss from cloudfront
Content-Type: application/vnd.apple.mpegurl; charset=utf-8
access-control-allow-origin: *
Cache-Control: max-age=180
Connection: keep-alive
x-robots-tag: noindex, indexifembedded
Content-Length: 416
X-Amz-Cf-Id: bHSV06E3yGwt6jCB4_2UltkmNoaOAqzTt2Hr-K7DkBRw_rqbVq3puA==

GET
H/1.1

200
OK

6i2u73al-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain

http://cdn.jwplayer.com/v2/media/ggh8tjYw/poster.jpg?width=720
http://assets-jpcust.jwpsrv.com/thumbnails/6i2u73al-720.jpg

38 KB
38 KB

126ms
112ms

Image
image/jpeg

2a04:4e42:200::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://assets-jpcust.jwpsrv.com/thumbnails/6i2u73al-720.jpg
Requested by: Host: 213123wd.tradeplatau.cloud
URL: http://213123wd.tradeplatau.cloud/
Protocol: HTTP/1.1
Server: 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 944b94f7f4f0f8b74c7404a5013906e68388d53b53674775fda6d9070d607ca3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://213123wd.tradeplatau.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 08:44:45 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 0
x-amz-server-side-encryption: AES256
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 37848
X-Served-By: cache-iad-kiad7000138-IAD, cache-ams21025-AMS
Last-Modified: Sun, 28 Aug 2022 09:39:47 GMT
Server: nginx
X-Timer: S1681980286.670945,VS0,VE98
ETag: "cca29f2667b53adb42683d6e23f52484"
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=900
Accept-Ranges: bytes
Access-Control-Allow-Headers: accept-encoding, cache-control, origin, dnt, accept-language
X-Cache-Hits: 0, 1

Redirect headers

Date: Thu, 20 Apr 2023 08:44:45 GMT
Via: 1.1 b3ca057e9cdd89c43806ec06db3b4046.cloudfront.net (CloudFront)
Server: openresty
X-Amz-Cf-Pop: AMS1-P2
access-control-allow-methods: GET
Content-Type: image/jpeg
access-control-allow-origin: *
Location: http://assets-jpcust.jwpsrv.com/thumbnails/6i2u73al-720.jpg
Cache-Control: max-age=180, max-stale=180
X-Cache: Miss from cloudfront
Connection: keep-alive
x-robots-tag: noindex, indexifembedded
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
Content-Length: 0
X-Amz-Cf-Id: 1q9KtLKZLMLQ3ytxRISgmP4_Iz-nIDFsu7leU6mEwdcWsnGeor-RCw==

GET
H2

200

6i2u73al-1280.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain

https://cdn.jwplayer.com/v2/media/ggh8tjYw/poster.jpg?width=1280
https://assets-jpcust.jwpsrv.com/thumbnails/6i2u73al-1280.jpg

70 KB
66 KB

163ms
118ms

Image
image/jpeg

2a04:4e42:400::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-jpcust.jwpsrv.com/thumbnails/6i2u73al-1280.jpg
Requested by: Host: 213123wd.tradeplatau.cloud
URL: http://213123wd.tradeplatau.cloud/
Protocol: H2
Server: 2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e95316d512eebbcfc62fc79a4622d514323991f7c8d1e159f4fdf8dfb5ba0e05

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://213123wd.tradeplatau.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 08:44:45 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, HIT
content-length: 67221
x-served-by: cache-iad-kiad7000101-IAD, cache-ams21060-AMS
last-modified: Sun, 28 Aug 2022 09:39:47 GMT
server: nginx
x-timer: S1681980286.697759,VS0,VE101
etag: "dac6a7495df55ea23eace6277f9dd5eb"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits: 0, 1

Redirect headers

date: Thu, 20 Apr 2023 08:44:45 GMT
via: 1.1 a4ca822be9cc438f72a2d23c1e665d80.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: AMS1-P2
access-control-allow-methods: GET
content-type: image/jpeg
location: https://assets-jpcust.jwpsrv.com/thumbnails/6i2u73al-1280.jpg
access-control-allow-origin: *
cache-control: max-age=180, max-stale=180
x-cache: Miss from cloudfront
x-robots-tag: noindex, indexifembedded
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
content-length: 0
x-amz-cf-id: x60ectaIdyWz9kNZGZbCS_UN1-l5hnwTdXSLPqYlv4ur71PnjbSuCA==

GET
H/1.1 200
OK ggh8tjYw-34415633.mp4.m3u8 Show response
videos-cloudfront.jwpsrv.com/6441a43d_a75956d425da9199e06a41b6204ec5b0c461d465/content/conversions/panm0rVT/videos/ 2 KB
1 KB 52ms
26ms XHR
application/x-mpegurl 2600:9000:238d:ae00:3:37c9:30c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://videos-cloudfront.jwpsrv.com/6441a43d_a75956d425da9199e06a41b6204ec5b0c461d465/content/conversions/panm0rVT/videos/ggh8tjYw-34415633.mp4.m3u8
Requested by: Host: ssl.p.jwpcdn.com
URL: http://ssl.p.jwpcdn.com/player/v/8.26.9/provider.hlsjs.js
Protocol: HTTP/1.1
Server: 2600:9000:238d:ae00:3:37c9:30c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: otfp /
Resource Hash: 6d756150755de03c94a49bc00ff347b77868d5aa05c32c02a80d5c424e3c091d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://213123wd.tradeplatau.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 08:44:45 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish, 1.1 37bca31d9c7de06b67b2363770e065b4.cloudfront.net (CloudFront)
X-Backend: https://s3-external-1.amazonaws.com
X-Amz-Cf-Pop: AMS1-P1
X-Cache: RefreshHit from cloudfront
Connection: keep-alive
Fastly-Stats: otfp=1
Content-Length: 266
X-Served-By: cache-iad-kcgs7200143-IAD, cache-fra-eddf8230084-FRA
Server: otfp
X-Timer: S1681975375.281720,VS0,VE1
ETag: "aCyAmzxFO_KiiTO9Fae7LQjTYw3-M8T5Y_06eh8wSEa1E5aJ6-f2n3NqbOlvIq7rLlA2a7SE0SCEADr_A4WrKZGXFQ"
Vary: Accept-Encoding
Content-Type: application/x-mpegurl
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Access-Control-Allow-Headers: accept-encoding, cache-control, origin, dnt
X-Amz-Cf-Id: Nr9Sk0j_Y9cb0sFxCBSmLdk_oMJZzIZYzVcX_XzOGtP87yMYPJI6ow==
X-Cache-Hits: 9, 1

GET
H/1.1

200
OK

ggh8tjYw-120.jpg
assets-jpcust.jwpsrv.com/strips/
Redirect Chain

http://cdn.jwplayer.com/strips/ggh8tjYw-120.jpg
http://assets-jpcust.jwpsrv.com/strips/ggh8tjYw-120.jpg

182 KB
182 KB

186ms
185ms

Image
image/jpeg

2a04:4e42:200::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://assets-jpcust.jwpsrv.com/strips/ggh8tjYw-120.jpg
Requested by: Host: 213123wd.tradeplatau.cloud
URL: http://213123wd.tradeplatau.cloud/
Protocol: HTTP/1.1
Server: 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e620b26800e30f5d37c9b8a97e5830edc3e509324f66ba726981b3b716707a07

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://213123wd.tradeplatau.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 08:44:46 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 0
x-amz-server-side-encryption: AES256
X-Cache: MISS, MISS
Connection: keep-alive
Content-Length: 186109
X-Served-By: cache-iad-kjyo7100054-IAD, cache-ams21025-AMS
Last-Modified: Sat, 27 Aug 2022 16:13:49 GMT
Server: nginx
X-Timer: S1681980286.952795,VS0,VE171
ETag: "681e865baaf99031ef13f6aa93e5aac1"
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=900
Accept-Ranges: bytes
Access-Control-Allow-Headers: accept-encoding, cache-control, origin, dnt, accept-language
X-Cache-Hits: 0, 0

Redirect headers

Date: Thu, 20 Apr 2023 08:44:45 GMT
Via: 1.1 b3ca057e9cdd89c43806ec06db3b4046.cloudfront.net (CloudFront)
Server: openresty
X-Amz-Cf-Pop: AMS1-P2
X-Cache: Miss from cloudfront
Content-Type: text/html
Access-Control-Allow-Origin: *
Location: http://assets-jpcust.jwpsrv.com/strips/ggh8tjYw-120.jpg
Connection: keep-alive
x-robots-tag: noindex, indexifembedded
Content-Length: 166
X-Amz-Cf-Id: VWIn_B0iHjVXpHzUnJ8JbvzYJMoncakcfIx7BbRMCAcSRcRrFjPE8w==

GET
H/1.1 200
OK ggh8tjYw-34415633.mp4-1.ts Show response
videos-cloudfront.jwpsrv.com/6441a43d_a75956d425da9199e06a41b6204ec5b0c461d465/content/conversions/panm0rVT/videos/ 182 KB
183 KB 38ms
38ms XHR
video/mp2t 2600:9000:238d:ae00:3:37c9:30c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://videos-cloudfront.jwpsrv.com/6441a43d_a75956d425da9199e06a41b6204ec5b0c461d465/content/conversions/panm0rVT/videos/ggh8tjYw-34415633.mp4-1.ts
Requested by: Host: ssl.p.jwpcdn.com
URL: http://ssl.p.jwpcdn.com/player/v/8.26.9/provider.hlsjs.js
Protocol: HTTP/1.1
Server: 2600:9000:238d:ae00:3:37c9:30c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: otfp /
Resource Hash: b31e28247eafeafa7e21e67b988f02f384e015cfe95b4d6b48ebdc570be6a578

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://213123wd.tradeplatau.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 08:44:45 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 37bca31d9c7de06b67b2363770e065b4.cloudfront.net (CloudFront)
X-Backend: https://s3-external-1.amazonaws.com
X-Amz-Cf-Pop: AMS1-P1
X-Cache: RefreshHit from cloudfront
Connection: keep-alive
Fastly-Stats: otfp=1
Content-Length: 186872
X-Served-By: cache-iad-kcgs7200058-IAD, cache-hhn-etou8220053-HHN
Server: otfp
X-Timer: S1681975375.401385,VS0,VE3
ETag: "71A8eJemDtUT01HNxaLsh5kzr55X7cLVhYhuzdVQpAloAN0Qd-GuDiO0p3TjxSxi58AvNhDD-U6exjqedlKZJeNbiQ"
Vary: Accept-Encoding
Content-Type: video/mp2t
X-Fastly-Otfp-Info: ss=0.000 sl=4.000 vl=176.600 rs=320x180
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Access-Control-Allow-Headers: accept-encoding, cache-control, origin, dnt
X-Amz-Cf-Id: uS7x-77Fml_qoINvZ8oUKxEkX7NOgX6o4dl-wcEtmjxwvHNgW4x-Jg==
X-Cache-Hits: 11, 1

GET
BLOB 200
OK f2b40468-c636-48ac-b849-4893f48c8f74
http://213123wd.tradeplatau.cloud/ 84 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://213123wd.tradeplatau.cloud/f2b40468-c636-48ac-b849-4893f48c8f74
Requested by: Host: 213123wd.tradeplatau.cloud
URL: http://213123wd.tradeplatau.cloud/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 38e33cb66d9e6c0ebb591c68943277b0c0f243f3137490010da38c701d0304cc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://213123wd.tradeplatau.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 86284
Content-Type: text/javascript

GET
H/1.1 200
OK ggh8tjYw-34415639.mp4.m3u8 Show response
videos-cloudfront.jwpsrv.com/6441a43d_43dab6b065dec4ec19c16b49339282b8844f934a/content/conversions/panm0rVT/videos/ 2 KB
1 KB 26ms
26ms XHR
application/x-mpegurl 2600:9000:238d:ae00:3:37c9:30c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://videos-cloudfront.jwpsrv.com/6441a43d_43dab6b065dec4ec19c16b49339282b8844f934a/content/conversions/panm0rVT/videos/ggh8tjYw-34415639.mp4.m3u8
Requested by: Host: ssl.p.jwpcdn.com
URL: http://ssl.p.jwpcdn.com/player/v/8.26.9/provider.hlsjs.js
Protocol: HTTP/1.1
Server: 2600:9000:238d:ae00:3:37c9:30c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: otfp /
Resource Hash: 2a317b2c74cf2adeb96199d7b58929e7500528b11d1483b62d207382e3f8f2e3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://213123wd.tradeplatau.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 08:44:45 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish, 1.1 37bca31d9c7de06b67b2363770e065b4.cloudfront.net (CloudFront)
X-Backend: https://s3-external-1.amazonaws.com
X-Amz-Cf-Pop: AMS1-P1
X-Cache: RefreshHit from cloudfront
Connection: keep-alive
Fastly-Stats: otfp=1
Content-Length: 266
X-Served-By: cache-iad-kjyo7100049-IAD, cache-hhn-etou8220056-HHN
Server: otfp
X-Timer: S1681975160.362636,VS0,VE1
ETag: "f0z31WahqA2v4Tqazwi4GAVppxsx_w0h4nULC4kgyR8WjfoRS6-gWA1sUNO_AJhZhnrPvEj0xa_rKuXpk7MAp34bDe-D"
Vary: Accept-Encoding
Content-Type: application/x-mpegurl
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Access-Control-Allow-Headers: accept-encoding, cache-control, origin, dnt
X-Amz-Cf-Id: -HYg1E3B5xG_qPEewDGBuCraGuYr_6g6EiK95ZFOSkE8NZa_mzTNNA==
X-Cache-Hits: 5, 1

GET
H/1.1 204
No Content ping.gif
prd.jwpltx.com/v1/jwplayer6/ 0
208 B 139ms
109ms Image
text/plain 2a04:4e42::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=-493027780&e=e&n=4649679317588340&aid=P_jn6CYIEe2V__I2JL23XA&amp=0&at=1&c=-1&ccp=0&cp=0&d=0&eb=0&ed=9&emi=1tydvbd1nr1m&i=0&id=ggh8tjYw&lid=152zsxu3h7yc&lsa=set&mt=0&pbd=1&pbr=1&pgi=1mi4j4sd1fu9&ph=3&pid=voou8tK3&pii=0&pl=475&plc=1&pli=1bsvkuf1hc3u&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Shell&pu=http%3A%2F%2F213123wd.tradeplatau.cloud%2F&pv=8.26.9&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=Shell%20Pl&tv=3.42.1&vb=1&vi=1&vl=90&wd=845&ab=1&cae=0&cb=0&cdid=botr_ggh8tjYw_voou8tK3_div&cme=0&dd=1&flc=0&fv=&ga=0&lng=ru&mk=hls&mu=http%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2Fggh8tjYw.m3u8&pbc=0&pd=2&pdr=&plng=ru&plt=2100&pni=0&po=0&pogt=Zapraszamy!&sp=0&st=280&sa=1681980285507
Protocol: HTTP/1.1
Server: 2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://213123wd.tradeplatau.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

X-Cache-Hits: 0
Date: Thu, 20 Apr 2023 08:44:46 GMT
Via: 1.1 varnish
Server: nginx
X-Cache: MISS
Connection: keep-alive
Accept-Ranges: bytes
X-Served-By: cache-ams21022-AMS

GET
H3 200 utils.min.js Show response
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.13/js/ 241 KB
45 KB 27ms
26ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.13/js/utils.min.js

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/js/intlTelInput.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c12974e57214220bcb73be737375acda6842b9c6b22ac8352a2302849685b9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://213123wd.tradeplatau.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 08:44:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 11996041
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45080
last-modified: Fri, 11 Jun 2021 08:48:05 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60c32345-b018"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NWLYzXpbXar2VujXUf6dqYbLOrtaMXVMUR%2Fen4%2FAC0h3hroXWQmiKMDME9CLpeSSeyBeVw5sNdaHsbPicwW4KcZ4RDmyOC9%2B%2FVLCdmAmCak99eF6bucE7sZi4612wLE1VP8I2dDKj%2FpBTzJJxwuqQOF2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7bac1b779d2c0ae0-AMS
expires: Tue, 09 Apr 2024 08:44:46 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Shell (Extraction)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

213123wd.tradeplatau.cloud
assets-jpcust.jwpsrv.com
cdn.jwplayer.com
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
getyourapi.site
prd.jwpltx.com
ssl.p.jwpcdn.com
videos-cloudfront.jwpsrv.com
www.facebook.com
190.123.44.135
2600:9000:238d:ae00:3:37c9:30c0:93a1
2600:9000:2394:a000:1:a3fa:7cc0:93a1
2600:9000:2394:e800:1:a3fa:7cc0:93a1
2606:4700::6811:190e
2a00:1450:4001:830::200a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:200::626
2a04:4e42:400::626
2a04:4e42::626
3.122.218.248
04474b3ce99ce23d11be847793c020dffd2334bd43cb4ed54a66b8a4c29a044e
06fe94e5d8cf42b82d77097098d7ffed1c28286be290e93b4e5aa542c25378ff
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
1618bb84d193a8a16b6f49ba65cdbdf7e7eb9b3823da093d5de586272228bbec
19a27ca7f2487d4cd8d099664b764fed9f484e039e362fbd0841909a665ac3a2
21ac25f1546e0756a9b2b8c5832d6a120653b60020b80aa69e15610a86c423d1
2a317b2c74cf2adeb96199d7b58929e7500528b11d1483b62d207382e3f8f2e3
35334400bec8f4c230e7b91c17c4cc96e17caebb6e144bf43dab0e57c4cf90e5
38e33cb66d9e6c0ebb591c68943277b0c0f243f3137490010da38c701d0304cc
3c507bcb88b798a73d4d628a353415b8ab8a884d3c040a50a7ea30381d439136
3ce20fac5992d62d99bb2e5440a409f6feabd34e029b8f229880da83b2cef561
455833710fec302f0de3a73ed5529932269ace8a11d15edf793e921ffb7d9121
599203970608b4b373b8982d265b06c03a4f25dfbcd0b16f40edc9003124ef60
6c12974e57214220bcb73be737375acda6842b9c6b22ac8352a2302849685b9d
6d756150755de03c94a49bc00ff347b77868d5aa05c32c02a80d5c424e3c091d
80e05af6ee79328090e4071dd7b7314e2e6819b970f8e3417abcb76dee35204b
82081484d0e64ba5e5bd67a258866cc916340a8252569d8d11ea601f2707b6a4
86e788ee1fb5319164cfafcd1b37d1900cd2cf691d058b5a1b6d8b9f86cf4d10
8c5a33eaec1f774cc6795ae95883441e2b5a34794d5a7ac2780e3fd7e55a0544
944b94f7f4f0f8b74c7404a5013906e68388d53b53674775fda6d9070d607ca3
b024339fe00039664fe9d06d5b49f9c7790fd3c0a49fe69b44f77360e71483ef
b31e28247eafeafa7e21e67b988f02f384e015cfe95b4d6b48ebdc570be6a578
b3284b041c5513b74880335176344435084279c2f285246a91d80a003eed7b01
c0efcb40cae313f7595519329bf2cca0ae63fc8cfcdc83fc0f736cb9773db28c
c6956e8710cf477f7014440385ae16ee4b8cc7ecfd02fddd4d2f0c6c7fd15845
cd090578f949988d88531c0c98339766364ed6cdcfd7bca0d49905c44e56a260
d131914761fe23a918376881f0a617d65e87b629fdd1643f1ebefcbc78280492
d69498534d4045a31fab1ec1d9fe9b4abbf15462df2cd25697d16db7b62bebce
dc137185bbc63f8e2a19242d6f336256274e5113a503474a4de435b6625fd80d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e620b26800e30f5d37c9b8a97e5830edc3e509324f66ba726981b3b716707a07
e95316d512eebbcfc62fc79a4622d514323991f7c8d1e159f4fdf8dfb5ba0e05
ead4835bb034d3977fd4aa92437a20fac37b2c67e0c22a5debc61468151d08d7
ebae3fbf20c53259110ea33f6a178f610f1c23dba9c4e66b33eb4fed33c7d0d5
f1d6dbe937bf9cacc00287346c6658240c4c672be7ef64cda734057e90e9b9e7
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

213123wd.tradeplatau.cloud Open in urlscan Pro 190.123.44.135 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

37 Requests

30 %HTTPS

83 %IPv6

10 Domains

11 Subdomains

13 IPs

3 Countries

1171 kBTransfer

2463 kBSize

0 Cookies

0 Outgoing links

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

213123wd.tradeplatau.cloud Open in urlscan Pro
190.123.44.135 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

30 %
HTTPS

83 %
IPv6

10
Domains

11
Subdomains

13
IPs

3
Countries

1171 kB
Transfer

2463 kB
Size

0
Cookies

37 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!