autoconfig.jiotvonline.com Open in urlscan Pro
2a0d:2787:1b:1f6::a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://autoconfig.jiotvonline.com/
Effective URL:
http://autoconfig.jiotvonline.com/error.html
Submission: On September 05 via api (September 5th 2023, 9:00:21 am UTC) from IN — Scanned from NL

Summary HTTP 27 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 16 domains to perform 27 HTTP transactions. The main IP is 2a0d:2787:1b:1f6::a, located in Amsterdam, Netherlands and belongs to SPECTRAIP SpectraIP B.V., NL. The main domain is autoconfig.jiotvonline.com.

This is the only time autoconfig.jiotvonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	2a0d:2787:1b:... 2a0d:2787:1b:1f6::a	62068 (SPECTRAIP...) (SPECTRAIP SpectraIP B.V.)
5	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:303... 2606:4700:3036::6815:4a59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3035::ac43:a802	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3035::ac43:8726	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	213.239.205.245 213.239.205.245	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:b4a:1:7:... 2a02:b4a:1:7::9166:1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2a02:b4a:1:7:... 2a02:b4a:1:7::9274:1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	109.206.162.211 109.206.162.211	50245 (SERVEREL-AS) (SERVEREL-AS)
1	109.206.168.17 109.206.168.17	50245 (SERVEREL-AS) (SERVEREL-AS)
4 4	109.206.162.121 109.206.162.121	50245 (SERVEREL-AS) (SERVEREL-AS)
1 1	2a02:b4a:1:6::5 2a02:b4a:1:6::5	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	45.133.44.32 45.133.44.32	() ()
3	2606:4700:303... 2606:4700:3038::6815:ea32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	14

3 2a0d:2787:1b:1f6::a (Amsterdam, Netherlands) 1 redirects

ASN62068 (SPECTRAIP SpectraIP B.V., NL)

autoconfig.jiotvonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:4a59 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

fastcdn111.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:a802 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

fastcdn111.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www1.btc747.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

xdiwbc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3035::ac43:8726 (United States)

ASN13335 (CLOUDFLARENET, US)

1337x1.wb4.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.239.205.245 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.213.239.205.245.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:b4a:1:7::9166:1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

prhzxq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:b4a:1:7::9274:1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

xngqoc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.206.162.211 (United States)

ASN50245 (SERVEREL-AS, US)
PTR: 211.162.serverel.net

js.cdnspace.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.206.168.17 (United States)

ASN50245 (SERVEREL-AS, US)
PTR: 109.206.168.17.serverel.net

jswww.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 109.206.162.121 (United States) 4 redirects

ASN50245 (SERVEREL-AS, US)
PTR: 121.162.serverel.net

icdns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:b4a:1:6::5 (Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

xpwbgf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.133.44.32 (None, )

ASN- ()

i.wmgtr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3038::6815:ea32 (United States)

ASN13335 (CLOUDFLARENET, US)

imcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	327 KB
4	icdns.net 4 redirects icdns.net — Cisco Umbrella Rank: 22771	1 KB
3	imcdn.co imcdn.co — Cisco Umbrella Rank: 83787	13 KB
3	wb4.xyz 1337x1.wb4.xyz	3 KB
3	btc747.xyz www1.btc747.xyz	3 KB
3	jiotvonline.com 1 redirects autoconfig.jiotvonline.com	4 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	41 KB
2	a-ads.com ad.a-ads.com — Cisco Umbrella Rank: 36521 static.a-ads.com — Cisco Umbrella Rank: 47376	156 KB
2	fastcdn111.site 2 redirects fastcdn111.site	1 KB
1	wmgtr.com i.wmgtr.com	20 KB
1	xpwbgf.com 1 redirects xpwbgf.com — Cisco Umbrella Rank: 79239	137 B
1	jswww.net jswww.net	21 KB
1	cdnspace.io js.cdnspace.io	27 KB
1	xngqoc.com xngqoc.com — Cisco Umbrella Rank: 91065
1	prhzxq.com prhzxq.com — Cisco Umbrella Rank: 81627	157 B
1	xdiwbc.com xdiwbc.com — Cisco Umbrella Rank: 183995	25 KB
27	16

	Domain	Requested by
5	www.googletagmanager.com	autoconfig.jiotvonline.com www1.btc747.xyz www.googletagmanager.com 1337x1.wb4.xyz
4	icdns.net	4 redirects
3	imcdn.co	srcdoc
3	1337x1.wb4.xyz	www1.btc747.xyz
3	www1.btc747.xyz	autoconfig.jiotvonline.com
3	autoconfig.jiotvonline.com	1 redirects autoconfig.jiotvonline.com
2	www.google-analytics.com	www.googletagmanager.com
2	fastcdn111.site	2 redirects
1	i.wmgtr.com	srcdoc
1	xpwbgf.com	1 redirects
1	jswww.net	js.cdnspace.io
1	js.cdnspace.io	1337x1.wb4.xyz
1	xngqoc.com	xdiwbc.com
1	static.a-ads.com	ad.a-ads.com
1	prhzxq.com	xdiwbc.com
1	ad.a-ads.com	www1.btc747.xyz
1	xdiwbc.com	www1.btc747.xyz
27	17

This site contains no links.

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
btc747.xyz E1	`2023-08-02` - `2023-10-31`	3 months	crt.sh
xdiwbc.com GTS CA 1P5	`2023-08-04` - `2023-11-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-18` - `2024-03-17`	a year	crt.sh
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA	`2022-12-21` - `2024-01-21`	a year	crt.sh
prhzxq.com R3	`2023-07-18` - `2023-10-16`	3 months	crt.sh
xngqoc.com R3	`2023-06-30` - `2023-09-28`	3 months	crt.sh
cdnspace.io R3	`2023-06-23` - `2023-09-21`	3 months	crt.sh
jswww.net R3	`2023-08-08` - `2023-11-06`	3 months	crt.sh

This page contains 5 frames:

Primary Page: http://autoconfig.jiotvonline.com/error.html
Frame ID: 4C759431C58442F36C905F7C49C5A133
Requests: 3 HTTP requests in this frame

Frame: https://www1.btc747.xyz/2023/08/boston-adds-svi-mykhailiuk-via-one-year.html
Frame ID: AEAEB31C52079BDF8AB599B915F40723
Requests: 10 HTTP requests in this frame

Frame: https://1337x1.wb4.xyz/2019/05/my-garden-beauty-there-are-many.html
Frame ID: 532B6EC7DC29D4CE934F05F0B68AA43D
Requests: 8 HTTP requests in this frame

Frame: https://ad.a-ads.com/2238604?size=300x250
Frame ID: A3A100E8EE051ECE842C1F98BE872604
Requests: 3 HTTP requests in this frame

Frame: https://i.wmgtr.com/cic/mdWKeDdB2bClwIe4GsGOuJ5WyEgBP4Rr.png
Frame ID: 35C3CBE9BBFCE3F33037DEBB1063498C
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

404 Page Not Found

Page URL History Show full URLs

http://autoconfig.jiotvonline.com/ HTTP 302
http://autoconfig.jiotvonline.com/error.html Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

27
Requests

74 %
HTTPS

71 %
IPv6

16
Domains

17
Subdomains

14
IPs

3
Countries

642 kB
Transfer

1401 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://autoconfig.jiotvonline.com/ HTTP 302
http://autoconfig.jiotvonline.com/error.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

http://fastcdn111.site/red2.php?rand=kO591a655cc67fd9745685f8b9431d101f&id=27 HTTP 301
https://fastcdn111.site/red2.php?rand=kO591a655cc67fd9745685f8b9431d101f&id=27 HTTP 302
https://www1.btc747.xyz/submit.php

Request Chain 23

https://icdns.net/b2/l/i/icon?cid=1&did=emVIel0&eid=10592&n=094033e73293b2bb57a61e50&nid=1&sid=Qy0vHgBvL8VKYd6Z54SFRD78pcGzeXgAykGxxscVDj%2B57QTga%2FAM9k41dZnOsK5VWmCewtHoFEHa%2BRNAdPqSCXhrPIS6w8mEZHRUsfC5cmxflytRM28GAAAKgFuVBhiahpE%2B4b7kXKtpKipELQ0r3ByhtE0uAH2%2BMU8EtYaMq7OjfF6QJMp1XCDEqjMyKMIgdVjYaVS5fBw3xJaN44kO4xL3%2BIQzliYskgTSUUA41FCc9JsguUJPR2H3Ui1KFN3rFxSlD4FerjoK7vWeqzxgaZMJ%2BNFcuT%2BzJvG%2FTKxeZfFAKq%2Fm7kttPN5RJylCNZlFjMxRUkCockowz%2FLRAYw8JkqXM4ALtBFApatnaufT4ojJh556mIE2TxBEoqdCUi3FH2ojnCeRs%2FuAM9hkOUBpZ%2FEd%2FpqPLOQX%2BgOJt2yMN1dCaix95gsauZx9b8xDwWclZHA8edu79mtlk552GNk17JjwgMRdimshNEagbjgSgD822J5CNsUwpWWDfQokLHteRWt9PggNHKXw%2FvspwJ35A7vR%2BmfFLTdQOph32vZuAfXZ7aZR5HH2tl38ysTzqbFsd9oyBfS3RPqUVScu%2FnrcGtlJ5eVIkQBfIlyKB16RroDM5P5XSbgeC9bXU1MCT1iGd4hWXVEI25gFw%2F4eaoLVda%2FlPqS1H8lQyQDTG3y4UCJq8R3tDQPFffzxQvZkMc1asTHPLhJFomIxtn67Tczfvhd22zcZ%2BT2ZL2MNe%2BWuB2Ptrooc%2FZRrdjGpGf2%2BPd8fiFDjtz64bQrXw1w8cgia9eu2V%2Bz3UrErT57ajzb2VI%2FuQypauoHg9w8tP5WfzdnzHYrFrjBwFzFA9ds9Pa4i3wbB7zG4LemYdLOkl3401PXXtbXMUrLyGWp7ISFZKLUycR9gQqRJylIjfqQu6TSwFXx4yfzIXk54zTj5TSv7XZwbn8KK4nyeOpW86NaavLoJWY5v5BvdR4BWXNuYc4Lgo2qtQiTtX%2BbXccBQgGObrb5zCU4Kdfo88twq7ZIwlHesRh9UtFZsDnrqtd%2BVpx8om66whl4qQlylAjeCN4mhkR6V%2B%2Bpzt19pIH8vvnmNkOIiN0KWgmZXQqKsNAa8XD4rrNY00kCwjD%2B%2FBweNeQx7fRQvbAg2jkp33rx1Oh%2FNkpRfiZyp4h7LzajEYQeYVRSQFoua8wmhiC713y9qphYeC1aFE3P1000mibgPpzWuHzct1hAWoKLqdCVetMQ0zlr7JC9489yjy60gcaRC%2BgX9pQrLABUFEA%2BAsmgobBefJIBEXsP2%2FQnpASNcd1rJ1wkX%2BEe5494NZ32cJBGG0gQ9lZD9HxSH68gLel18K8AkZ7tjAfjb63jIx%2BqTHs07yBOWYT7LwOCEApZs6G964Tl2x0Ojrrn8LqlAXofvYVeg1M22P4AtnUr6auE10PbIBRFC2DfHIBenwKVYWYRDK7PwPqS7orkMt1q5Z6ufapqJDwnBT1q3%2BLysO7mbZ9d8UPlWwOaYnKoRO9%2BC96l9u46GbpMhUxCsMbyPaXPbvKLg5rRU5GNqfz89SWhmvl%2FCxRm2XLcBVbZLNJ%2Fu6Vqs7Mu7Ad52ItmroQ4fRU%2FGaS40l07NjrHE5ybjKuTg6MXt4zCxr6jUPw39DZREwMlaLmo4%2BrlTLXX9J2Y6O8SdqOU1zeoRs3WywgIaOoFQMpooEnffoGGKkpyBeyYdhVXo%2B0b8RPPHh5ez174b7y2sACEk06B6zPMislHUvNcz%2BZkm63XIrWEUrSSN3uJzbEMmre%2FficNr6Vpm5fcmk5H9S4jhGtrOGZq66%2FD4aeKg4Z%2FUk%2B%2FUkK%2FOwSw7RIYm%2FsMoN1941vsu6DCng4vTi9OdqO5H6gAVRAwfZPbXYH9Hgpocp2QLf0wnYTMAFvh9kWJzV4M3&ssid=3306088381vHkrlLsX&ts=1693904419&ttl=7200&v=v5.8.1.1 HTTP 302
https://xpwbgf.com/dsp/ph/icm?aid=630399061344733543&mid=0&sid=435&t=1693904419&subid=330659848487 HTTP 302
https://i.wmgtr.com/cic/mdWKeDdB2bClwIe4GsGOuJ5WyEgBP4Rr.png

Request Chain 24

https://icdns.net/b2/l/i/icon?cid=1&did=T1hEdUc&eid=10592&n=8b3260af5c1da7621838b9ee&nid=1&sid=jcRElrwnmF9wyF%2F6az9nk2gRaeJNrTRSkre%2BQrb52Gcxk%2BfYl8BwqYot%2FoTNcVi1sen2KFQXjU%2Bj6Xfr5PQt%2FnbtFMk2841w%2BAWb2H4YIYhG5cUNRiTODIWbBQfNVrDtsjzfi9pPeZqsmF%2BGoKXY1vyYjb83aQNUa3wxOqiedEeEdL7nyQxUbfT54TvDnFKGZkdBkRrMfdgCz9MiTfhxhirYxUxljW%2BLRaMi1vYMM%2BX%2FbkdL%2BXD9uqqv6GWcrsZKPmP%2BixjgA2yBI%2Bk7IZOX9Lt8x%2BbqBEH63CCFsCRLGodmtUtp7owGaG%2BJuB8LbRdHvd1Ow2tzJhFAlpdL3QleaPmqKA4GMJpsKPaURCJ862etK3XzScKiexi8GoyXEtH2ryyvNuvGClD1mV56DQVk6Q0%2BSeNJT4ZULJ1vayGyg6IP0Ui6Tg2%2BoI1HVdREJdROdB2kuJLJzA76%2B6V1KuayPJgDRjpokDkqCKtqDF0BuVBCK2UA3WJ5uYwJW5kYWSXj3kYGzZvbKch9ShrO7xD6nqQA65BGapWVaY8K07nafqBfQBWYoa11z0ZAjbOdRIMLNP%2B440SRFsHt26ozDb9h%2F3DSI%2F2FVzbfBvPOc%2FKcpF3%2FjTxqNL3p6jA%2BvTrlMzXY4cCZrtp09k4BhC1EJ1vpnrHZiW17%2BKnoDIHTgd1RCwCxYX9GaiTxXRXdWPmxehFXQoYFG3jivj3VmEFmFZ0Kk9ZSt8f9xqJnolO%2Bwevv%2Baxpc1sPSaYyAZ5l%2FAccGkxTVN%2F0brgQdLECFicTAdQKonMjwhD2Edp%2FGLSa9LCNTUmlRfkveu6v3aeU%2F%2Bgmc27Uv14aj6Z1pl2JY%2FLwTJNVevAfmiHYTO%2B1mdPkiqzOm0%2FgDiozuhshRK6ZYAICT3r%2BV7SFfpzNkVUQRQLVoSWEcjpkj6s0XraJv9RI6skFgh2zIzzwNn08NOES5RRcg0p7tPpMjN7rKp8PMp0FDIzpJrDt1J6SftBp4NKLjkX0ess2NC13qA51PmOmeLE%2FmxYhgpZOKI9bF481GXC17l%2FectoN8PxZSCz09SpabU%2Fl5GKLKkjvoJrEy%2BixQRW2CMhrmRUtCrEC0clCFzdMqM%2BKoghLqgk2ZndW%2BKLxNov32EdSv9pf2HxaYpeBLa8NZbb3mJrCwJ%2BxvFwiV7DhMmQCeamh4ZcC08%2BoZhf6jufjcnmLVvig%2F3fovdgm8%2BkoBuJGq181dlBPtecXwCyuhXWtPRP96gD17WLHtccmPgeeVEGAujElNW8GgWlg4n%2BnxWU8fwdqlg2xi7I1%2FyzfCob41TNupuMjLRcTUFg3%2FKZ4w9W4St1PqWO5n7s5QN%2FoIiKP%2B7d4UxA4DQjgaWM2UIWB8ruEW7dtCgEMbKv6yiMgVSbxk4NCouxfXPHp8AFbPk4cdYfnTEcn8Ut14FlhR4einwwcCw67uLUCjbM63GZpXOWPZmQUim99NpmpnI4tSaCymh%2BbWAWSutL4cNyyfTvtrolHEg9RVpRAAqBwQT48FiDkY0HVfkq9wUWqvN91fZKxU5ZfHYygTcIuxYSSOitSZDzC954wDsx9zOdy4FP0hRWRdqYdhRkKiJFIibZEglkfP%2Brhmz7USATAniADKeUBB4cv0xnSbqcilIKG2omCS4QZIJolW4C%2Bm4Je55cgLXkyfb5XqyjDI3myLzt4ikPNrFmiRaJMSm4%2FJ1nuRe3ss9MuvNBhTNrYWmaAI2YB1sdc4VgPP%2B82TWzW%2BpMhQcAWABO9yUXqKnZXpG%2BWsp%2BKlRdehjJCllX1NYpVGDrN8op1zBZk%2F0EvkJ0W17dOzMxNCS659Fg4VykaD%2FNFG4hxC%2BKKPVzlLOhMLaHaod%2FM5rYZkPtEWJoNlX16fjzP3LOlYoYjeSoSvzuzWq9oyN9zIyDgrZrCiEDTFD9ekFtWCiVZIo5Q&ssid=3306088381vJKGQDtD&ts=1693904419&ttl=7200&v=v5.8.1.1 HTTP 302
https://imcdn.co/317urqDu1FufnzaNFh4vUEsN6jaiUstzubSxWhhc.png

Request Chain 25

https://icdns.net/b2/l/i/icon?cid=1&did=UnFrV3Q&eid=10592&n=b9d73bbe29762d0af9a82816&nid=1&sid=QvNtexb2SOJ9%2Fny1E6Bor2EIW3P2YxeW54zk4CWY0uFfMsD4AlBWyyMfRIgLUyS7NlEIA7ekx9fH7i3AvMEwnH7K%2Fnvg31XlYIWrSAadvlQfaDk9GxFc4MW%2FaoEf00P9%2BJNnTnOMryup8%2Bv2s4vqbtPPzSjOrUKhp9PZ2K0yohiHKu5sERRr2t1fghSmP18SM3Kj3%2B%2BtKXtlMbfaE%2Fni0ZGlv20hoIYUnz921gnrFqnsmb3yb4HTcpgud7ATf5IwdJA3bQgnGpiSlZzyNfEIEfjgzh6zcrCdu5YkEpwOZkjCdvKQSI5eezWt1kLD5JZU9erDQEc%2FC4FNWYTZOKkeS1ngdxkSYNdhoZ%2F7DrND%2BM4nwJxSI6suIFtOmGyPk9CBCMejffAVvs%2FSGWm07NDRXjGc%2FkpBKSn4%2B6D0LZHKeLXwEdE%2B3OKSTxkzeWgD%2F7WxcdbX%2BOC56VZva%2FmMHttQouJwGHBPbwhKW81oqVsvmCv0aB9a1Wwrsuiq65DJOXumqyA5AjhTTE11rOs%2FkFovzgP2tlnB%2F6KBhc8YxtmVEv%2BAsfT23NShZnQakLP%2FArEpK8ukqNZ03RKFTN%2FHv5%2Fj7ofvnk%2Bps2DVr0csEGVAuXrH%2Br3Y55LNNZLsMxcOUVDBd0yk8ypf80BuSF8f9hPfHU2cx22gGONSjPz7U82k7GsBm%2FldBNFxJxDnw1fvzlmBDGRtDXwfsgpFQ6pVb6ZZSHi0de10sJeNKYf%2FDOTrnMrfOUXAiK9ey9cL4TlGdQfm0pc2gn8qFNtX3Hj3sKcyB9WbBWipTnPzffLdIzgcgOQL6p0BePi9voirzV%2F0e%2FXZ%2BeONWlauwSxVOnkW%2BowlFaO5o6VqDyetiYVtzJTK6nP2O55N1MXvfkVglQjpZOZprt6nqPt545C6jlKBIcK%2B3SqKUSTNqlMO9t7SJ6s1ycJYyas%2FqrJm4%2FHRSqy10nMjvo0ZnH6AiNM9hhj7EhcAmKAFezMeypjxaHkqFCgILbrWGv1i%2FcdCbvheXhtOqJcNfP4VtV%2FrlIX8HYKXvAj%2FgyL9WFC1nTF2ayAkMkUD2%2FPVKo0kZKw%2FJuQJZF1lgoZdwO%2FtczO%2F6vq0SMzDK%2B9t4r8MStDMg%2Fx8%2FaoCtsjaT598UW%2Fi2b3TV%2FarzuyM2l41dKFwk61sTDeuOmaSH5tLN1NYX0hQh92xMVqThli4tHYOOWBB9br3ERXP1GHRFUsmJZdIxb%2FDKDxmZyUfb1V6Ikn6RQfwayaWK6Yq5R97NUOpIq48x5%2Buyhw1FBwpwTeXykFgnp4v1vZvrkueMGNUuCHpiPOqn7QER7OAVyIELwkYHMzG3YcpURR6Nsrw47Y%2FkVvv6rdVy1Jp5BL2%2BB7vlzLkECFmxvXQUsGOIS8I0Iy2jZ%2FGZ4U4K3K6lKpzcM3BT0uV%2BvKFuaxDPSv3QyU95HDPCFAmtax6pArsVADEK2eR7z%2Fc%2F%2F0qhtQs15tvq6FL2TrE%2FH0C8iZHO11UpBvGyfc8c3zFh%2FgP3Af4D6wcVlrV%2BEtZ04cbccBi6QpMxMwBNnsK2rRdGjeds6w9TG3m3EJPkNyljdmkntdJC%2FYL2dmHyFmVnv8VTCtDLI5cc0ZCGxdYGk0TBB6OtRzEh7ANAaNJB2W6YgIO5OWlD%2FvX3Bs%2FSmRPJ4mbUnxg7E9eQ5VtmSfwOUE2MPf%2FkFxhOfnDYHds8Kj1JwXsQtdWRpog1pCF3wmpW%2FjrGqOM9HPGU7jwgSjItUp6I363ob7Ivjum3Fr34k012SCWnJFY84TEco%2BnyCKXcxzMI0xrdQB4Sid4RJucAx0jslCC9bVLpucgl3sTjxk9uCODny1ssZv9q9AVDz%2Be%2BrEvTCs9TdcZR%2FJ6GotS2eGrdIhxIjpVFQB57f0PifxqBpJXyLQrjdeyt1jFijkp7Crgk%2FYRYBXXRC6cClmX&ssid=3306088381nnMZxkVw&ts=1693904419&ttl=7200&v=v5.8.1.1 HTTP 302
https://imcdn.co/C7yCeVzEPrIohRfaGQ9iouOV80bjBFe4BwmbZkVM.png

Request Chain 26

https://icdns.net/b2/l/i/icon?cid=1&did=SXFsUlo&eid=10592&n=5b22123585febd648a112cb9&nid=1&sid=KzJh1qRZd9iNxmYPFnA4KuTzFE8Ax9mI1tW7zu1LCXcFmjS1oM1oFEWkdYmPxcZJ5xZlWYnnAxa0hYb8YgTBEWSjJew2uhXJTI7rRMfL9N4gbi3JH6FaOe6OcYdoqgajebCjb8aL4KOOMonCHMVH1dviWgbJthRrjNm0U15QjSWd2jOM%2Bs9tKKPcDbstOt1%2B0xHXToIempCA3v414m7rsS2LDQctPV%2F%2FzMFdlwX8EVZqjaViFUm6KB4uCnswtN9hRpxo844o%2FRjSXJv4pwZCee2EZnKJOy7KoUY4gteCRBKinPCt7oJNfsWk4z6yrkdxzkFC9TdTYfW4kQPTAxBGU2FltREulT2PoazVjd6ITVYIEjEjZD0a9STQgrAWA03dtYoOtw8JsqqEuKIgExMqkCBELlImQ0aMSgZWdf6zxZ3xpBNVebkFonn8lFitimItW1Ff1tK33g6%2FywkQgizcWuRNd4u4hyOZPqfGYIXP3w4nFtI35l0MOkmLofOVJ5AAyX4cQqwL8AwFxACnGAQhQi9UgELVbgN0f20U%2FdsZpt2bnXsyDb7QMFp8sYopR7pIg5OGDYCTW38yWz4Pb%2Bap5JiQE9Gp7bZH9Pc2b%2BfxPSsdsrolWmGuvzk4xaxnxD3ZeylA2dWa%2BcA1HQK9BcG5m5UU1OltedY19jYvbVLItJAvpZsMtRxmcp1DeFeriA6RSV9J2P2L1mtS1ThLpVYFvol8qIpT0K6wZNx6aDM%2BGUP7pGGgDo6agdwHjfwqNwJ%2FrNBx2m9tPJC4u4q9VGnQlyiXVaJOub5L1Ck9rHi%2Flrgd%2FwjWZYfx4u1LUNXHQiH%2BVYOZ7qnW4qiyhmqRUJ0WGPFMBd9k6GOiE%2BtWt22AXKMVrVYQs7MlmaAFl1LG3UMDmTy5uLFDbEBS0JUQuKaTh0ywXpP7a86TdgMpJFRbcjt%2F67Aljh0ELumECB7B5mvjn%2ByzBKcSa5DzDwcz69%2B2VsF83Xjxuwnk34RMrPA%2B5unDngQ59hplGfmW8r3ccNoF3UCobmNCNXmVrMbnXfMOvShVz946Lj6bXkg8164PFpoxoyRGIImD%2FxS1nakCv6K%2FqH%2BjVuLu3NmfCxLVw7x4AIR2xHcDp7KwyFXnaLK6jhoovaamEye48yLFfClBaLO28BiROOW9fGGg%2FEf7tsptMWzd5I1tVP%2B1t9CCcikqlvS2RbJEEeKW4YFVg4%2BLpWs4HhErYk6ME17DqEQTXXUCk27A6qPgM3g%2F75hSzI0mmaoG%2FyTcqI%2BcjZEcAfVELWiN1RYgwTaWWMHymhQrt6p%2F8vhnw3AUPUc2qMU5WcgmqYkzVkQ47fKfYOcwfmnq7P8001%2BjoHUP%2BjkYY5lWTqGUnKEP76QlCTEvFuR6KZ9wqbcqVrnEhKKuopjUpAP6dQkW%2FAGLAykQLBwyOGMtLBlYQ95msqkuEOaU49NkppftexHqvJ6M0soUfQXhsEza1%2FrP3AkT9zDgCBN8pRDbWiwMEw2ChFQy3m6aymTySOSD70aFwlA0c9NZWQ%2BtgVwWZeq456Q%2FOhyiEFiKBLhbah%2FA5CJDPRQQ%2Btju0v2f%2FEDBkWPPNApkWUhegjXf5TTLEC7bh%2FUhOqzlNiOiyCfcai6CV%2BbFa4HllN7r2%2BvW%2B7CRK9fPLF9l7R8GPljC3%2F3fPP%2FP8%2BbXi31p1ZSIFnzANfRTWOJXSqFU6C1gYJcXfCN0WfeNmf4nTeiyZ5LbsoSPBRZXLvNpRRBpAAQfDickhVyp%2BRunQC6ADvJcM7ZFkVjAv3AEJUNHyC%2BEgCIFu7r2k3xapjM7uDrNvQLAyCUeh7SVOmh14KCpau3bSQVux3nqTx53kbAERwSICN7BGlHYlwkR%2Ba8o1efMB%2F1hBCx2g8geIBvthNf3pMYCOlTncO1%2Fc7%2BWxwbWo62yqaJWnXupniIMGsUd&ssid=3306088381onBAxlSY&ts=1693904419&ttl=7200&v=v5.8.1.1 HTTP 302
https://imcdn.co/ptbWgmjzFLnMOFJ6D7aDV0X6NmUQ9MLDVEbEeNUp.png

27 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

404
Not Found

Primary Request error.html Show response
autoconfig.jiotvonline.com/
Redirect Chain

http://autoconfig.jiotvonline.com/
http://autoconfig.jiotvonline.com/error.html

3 KB
2 KB

220ms
220ms

Document
text/html

2a0d:2787:1b:1f6::a
SPECTRAIP Spectra...

General

Check archive.org

Show headers Download Go to

Full URL: http://autoconfig.jiotvonline.com/error.html
Protocol: HTTP/1.1
Server: 2a0d:2787:1b:1f6::a Amsterdam, Netherlands, ASN62068 (SPECTRAIP SpectraIP B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c50e7319e2d5726f9ec02ccb50a828668040e13c2f0e487c86ef179275d1308

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 05 Sep 2023 09:00:17 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Tue, 05 Sep 2023 09:00:17 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
location: /error.html

GET
H/1.1 200
OK style.css
autoconfig.jiotvonline.com/theme/ 4 KB
2 KB 40ms
40ms Stylesheet
text/css 2a0d:2787:1b:1f6::a
SPECTRAIP Spectra...

General

Check archive.org

Show headers Download Go to

Full URL: http://autoconfig.jiotvonline.com/theme/style.css
Requested by: Host: autoconfig.jiotvonline.com
URL: http://autoconfig.jiotvonline.com/error.html
Protocol: HTTP/1.1
Server: 2a0d:2787:1b:1f6::a Amsterdam, Netherlands, ASN62068 (SPECTRAIP SpectraIP B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: a0271d5518cf46a6d41147226cd4d79f6541e0190824cb35a01225008f5ab114

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://autoconfig.jiotvonline.com/error.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Tue, 05 Sep 2023 09:00:17 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Aug 2020 22:34:53 GMT
Server: nginx
ETag: "118a-5adf7a954fd40-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1350

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 107 KB
42 KB 184ms
58ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=%gcode%

Requested by

Host: autoconfig.jiotvonline.com
URL: http://autoconfig.jiotvonline.com/error.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d519aa15269eea255143912d5fbd5488549435bfaac6dd1101c081c5cddffdce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://autoconfig.jiotvonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 09:00:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 42772
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Sep 2023 09:00:17 GMT

GET
H2

200

submit.php Show response
www1.btc747.xyz/ Frame AEAE
Redirect Chain

http://fastcdn111.site/red2.php?rand=kO591a655cc67fd9745685f8b9431d101f&id=27
https://fastcdn111.site/red2.php?rand=kO591a655cc67fd9745685f8b9431d101f&id=27
https://www1.btc747.xyz/submit.php

338 B
630 B

140ms
61ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www1.btc747.xyz/submit.php
Requested by: Host: autoconfig.jiotvonline.com
URL: http://autoconfig.jiotvonline.com/error.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: ac03b241013f29a29e2960d28b74ac3a15da00d084cc70fbb4595a0e4b734a3d

Request headers

Referer: http://autoconfig.jiotvonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 801d47f39d4c0df3-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 05 Sep 2023 09:00:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2B3qMKw6HkpPMZVkeJyN7Quz%2FYb0i%2B2hrcI1rvJYTd4MZDzIOBrxTgrKvmkViiFuZBnUU5%2FSMW2kwxyF4aWWsKG66hNpBvFtjdBHjnRTjvw7%2FPtzGxUrJJwSf5a%2F0%2Fp87fbMQvkZHYrNztqEmW4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 801d47f2cd020b54-AMS
content-type: text/html; charset=UTF-8
date: Tue, 05 Sep 2023 09:00:17 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://www1.btc747.xyz/submit.php
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ncypSxrGtojMa5OKWPEbu1ZXbc7DxSx%2Bzs9Ktg78glmOrKPlBitogIGZiek4sIVFGUnP6QFCW23MSc4zQaOolphS%2FBCe2LhLVI0fEMu3QgChujF2UTvNacdkxPuyGLEdJ8u3sj%2BeH9Zu5un%2BHls%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33

POST
H2 200 / Show response
www1.btc747.xyz/ Frame AEAE 391 B
564 B 49ms
48ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www1.btc747.xyz/
Requested by: Host: autoconfig.jiotvonline.com
URL: http://autoconfig.jiotvonline.com/error.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 8e26f0c2be728fde5640c77820fd9a24261eb6b23025a109abc97693b3482fb9

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www1.btc747.xyz
Referer: https://www1.btc747.xyz/submit.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 801d47f42e190df3-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 05 Sep 2023 09:00:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B4ohAzKqbHfk2%2FeCkAiYIpRIMISQNnnnb%2FcceDLSkyp41SXJKTav4QlMj9Aif3toLT9cwaE8mGh%2BaY80QAR5G%2B%2BTptkUhZ0lUhrBbyeNLHGu7ktAxkDdWZYLWl5kep0shFnY7Q%2BN3q5ba6yMVzM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

POST
H3 200 boston-adds-svi-mykhailiuk-via-one-year.html Show response
www1.btc747.xyz/2023/08/ Frame AEAE 4 KB
2 KB 45ms
45ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www1.btc747.xyz/2023/08/boston-adds-svi-mykhailiuk-via-one-year.html
Requested by: Host: autoconfig.jiotvonline.com
URL: http://autoconfig.jiotvonline.com/error.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 93e2c9bcf65515394649a7dde52feeb95184ff27d571754f7d5ac48a0490d2b2

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www1.btc747.xyz
Referer: https://www1.btc747.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 801d47f48bfc0b30-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 05 Sep 2023 09:00:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TgIgMXA2babCgVQLHsbPsbs6qrlo2QTjlKElZl6nE5xw%2FOzyefSF8c8h6gOSax4dPXSk5x0LOVC06Qw8ulPwpaJX3z64vEG4l2r2YR6lRZm%2FoCWqI4FrbG4jgvhTfz6fS1NOROjORIGqrDnnXP0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame AEAE 180 KB
65 KB 46ms
45ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-46789381-59

Requested by

Host: www1.btc747.xyz
URL: https://www1.btc747.xyz/2023/08/boston-adds-svi-mykhailiuk-via-one-year.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2d55054d72f4a6aed08dbae259480155202e9b467afc727125de608562950e28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.btc747.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 09:00:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 66649
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Sep 2023 09:00:18 GMT

GET
H2 200 waWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsInNyYyI6Mn0=eyJ.js Show response
xdiwbc.com/pw/ Frame AEAE 65 KB
25 KB 109ms
39ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xdiwbc.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsInNyYyI6Mn0=eyJ.js
Requested by: Host: www1.btc747.xyz
URL: https://www1.btc747.xyz/2023/08/boston-adds-svi-mykhailiuk-via-one-year.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba9e395b188fccd28b0b94d995077e4c826b7f36c392ab4fdc2d7c580657e6a7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.btc747.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 09:00:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Sep 2023 07:50:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
e-tag: 387ebfe854e39bbb60f6fa1485b19a85
age: 4177
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qh%2B6Ne0M3oC5Fdw76drhKxFh47G9nR5pmKlwi5RWMs9bgXzNp72XvBywKJ%2FJ2P%2B3yqOTIcEAzPjZ0pUYvK%2FpspJKJx6Cj08X7%2Bg0URL1mXCCQoMOe0WEMmlnvudUx2V37P2LydRKfxxF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://www1.btc747.xyz
cache-control: max-age=14400
cf-ray: 801d47f54aadb963-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 submit.php Show response
1337x1.wb4.xyz/ Frame 532B 1 KB
942 B 108ms
43ms Document
text/html 2606:4700:3035::ac43:8726
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1337x1.wb4.xyz/submit.php
Requested by: Host: www1.btc747.xyz
URL: https://www1.btc747.xyz/2023/08/boston-adds-svi-mykhailiuk-via-one-year.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:8726 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 99262cf14b9cc66dc28995a10253b7025649240b73a10bbc57f8d0cfd471bf56

Request headers

Referer: https://www1.btc747.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 801d47f54a000e90-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 05 Sep 2023 09:00:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VFGPxUtdzypk2uC3kTz%2F7miDDfWCj3rezu%2FWPOjKOZQoa%2BCGhNM9uiDm27AI7MTwFg4bV4ddiXuCg4%2Fu25UqGtxLAKY%2FvzrEbgZk7QTd03IZ9Z%2BgFdGBbS89Prrgiw7fFAjeWc7XTxC6O1I2CQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 2238604 Show response
ad.a-ads.com/ Frame A3A1 12 KB
5 KB 171ms
60ms Document
text/html 213.239.205.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/2238604?size=300x250

Requested by

Host: www1.btc747.xyz
URL: https://www1.btc747.xyz/2023/08/boston-adds-svi-mykhailiuk-via-one-year.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.213.239.205.245.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

64d3e36812e0daee651bfdd1e94c2c9b473ce5f5b6bd07bfa4b3ae8dfd4bb2a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www1.btc747.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Tue, 05 Sep 2023 09:00:18 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://www1.btc747.xyz/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame AEAE 218 KB
77 KB 51ms
51ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4SD8J57M3L&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46789381-59

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6b6ffb9ae8037f7a24a8327c099d6e705f319ac6ceeccae5f6e73474d71a83b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.btc747.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 09:00:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79060
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Sep 2023 09:00:18 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame AEAE 52 KB
21 KB 110ms
32ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46789381-59

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.btc747.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 05 Sep 2023 07:44:23 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4555
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 05 Sep 2023 09:44:23 GMT

POST
H2 200 / Show response
1337x1.wb4.xyz/ Frame 532B 1 KB
849 B 44ms
44ms Document
text/html 2606:4700:3035::ac43:8726
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1337x1.wb4.xyz/
Requested by: Host: www1.btc747.xyz
URL: https://www1.btc747.xyz/2023/08/boston-adds-svi-mykhailiuk-via-one-year.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:8726 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 9e48e01954b2145e162f90bf5011554d77823627afef00a3b83ded2c50e7bc85

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://1337x1.wb4.xyz
Referer: https://1337x1.wb4.xyz/submit.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 801d47f5aa8e0e90-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 05 Sep 2023 09:00:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qmqK7N%2F8JXKaC4ENKWN3t6vHY4y4NvLxpHwIP5povWUbtuTKtW69pLaCJY%2FMWww6%2BUoJ388cZwOTEBRMd%2B%2BIxHGCJazqdo58JIvU0GSEVcIWr85pQUfXF5iZgACbloO6UzwjnyBON%2B4C3NOdjw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
BLOB 200
OK 1bd2c4bd-5bc3-43b6-a3da-47a6e476148a
https://www1.btc747.xyz/ Frame AEAE 91 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www1.btc747.xyz/1bd2c4bd-5bc3-43b6-a3da-47a6e476148a
Requested by: Host: www1.btc747.xyz
URL: https://www1.btc747.xyz/2023/08/boston-adds-svi-mykhailiuk-via-one-year.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Length: 91
Content-Type: application/javascript

GET
H2 200 wnload Show response
prhzxq.com/ Frame AEAE 0
157 B 95ms
29ms Fetch
application/javascript 2a02:b4a:1:7::9166:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://prhzxq.com/wnload?a=1&e=aeyJwaWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsImQiOiJ3d3cxLmJ0Yzc0Ny54eXoiLCJsaSI6Mn0=&tz=2&if=1&u=aHR0cHM6Ly93d3cxLmJ0Yzc0Ny54eXovMjAyMy8wOC9ib3N0b24tYWRkcy1zdmktbXlraGFpbGl1ay12aWEtb25lLXllYXIuaHRtbA==&inc=0
Requested by: Host: xdiwbc.com
URL: https://xdiwbc.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9166:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.btc747.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 05 Sep 2023 09:00:18 GMT
access-control-allow-credentials: true
server: nginx/1.18.0
accept-ch: Sec-CH-UA-Platform-Version
content-length: 0
content-type: application/javascript; charset=utf-8

GET
H2 200 300x250
static.a-ads.com/a-ads-banners/117603/ Frame A3A1 151 KB
151 KB 109ms
46ms Image
image/gif 213.239.205.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/117603/300x250?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/2238604?size=300x250
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.239.205.245.clients.your-server.de
Software: nginx /
Resource Hash: 56979661e60a2854395bfa60af743f37f059f7974e404fa38fc459952b8b09b4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 09:00:18 GMT
x-amz-version-id: MDRGnyw9kCruRlqmS7AytZ4Es5dbIgC4
last-modified: Sun, 19 Apr 2020 16:05:30 GMT
server: nginx
x-amz-request-id: 17QHZRHVS3GB9DVX
etag: "e611891876c203f494097807a9a1ed33"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 154540
x-amz-id-2: 4yNVvipbOHsoLwAoFaBSvNyD1ht9h8cZPQmVX1j5MIR/N0GNoMXXS9GBJ17JXm/gCCdFICeA59g=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame A3A1 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3 200 my-garden-beauty-there-are-many.html Show response
1337x1.wb4.xyz/2019/05/ Frame 532B 3 KB
2 KB 48ms
48ms Document
text/html 2606:4700:3035::ac43:8726
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1337x1.wb4.xyz/2019/05/my-garden-beauty-there-are-many.html
Requested by: Host: www1.btc747.xyz
URL: https://www1.btc747.xyz/2023/08/boston-adds-svi-mykhailiuk-via-one-year.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8726 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: a43ec92cc34816236ffce3ac68fdeb296dbf004ef7a7fd324b56ee14ed375db5

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://1337x1.wb4.xyz
Referer: https://1337x1.wb4.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 801d47f75bc80e20-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 05 Sep 2023 09:00:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YAv0bbqvohiz18S7QG3TNUUQEoXXdsa2nCtN0AjLvh63mBN8urBimDadgjAyhwG%2BBFiVupSW2PFENl7MW8pd82FU8DkHbS2YVmhAmd9yg90lJupW%2BLsQPFoPcNbE5E4hYTJ8piS1vkpdtQdaqw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 532B 180 KB
65 KB 47ms
46ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-46789381-49

Requested by

Host: 1337x1.wb4.xyz
URL: https://1337x1.wb4.xyz/2019/05/my-garden-beauty-there-are-many.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4aadb7c72d0213c601f61693bdafa501938bec2fe31fa92bc6cd3c94f7153a32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1337x1.wb4.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 09:00:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 66742
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Sep 2023 09:00:18 GMT

GET
H2 200 admc
xngqoc.com/ Frame AEAE 0
0 100ms
26ms Fetch 2a02:b4a:1:7::9274:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xngqoc.com/admc?a=2&pid=1051205&sid=1224016&wid=465053&fp=8aa49d19e79912b338eaba246804089b&f=8&tz=2
Requested by: Host: xdiwbc.com
URL: https://xdiwbc.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9274:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.btc747.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin: https://www1.btc747.xyz
date: Tue, 05 Sep 2023 09:00:18 GMT
access-control-allow-credentials: true
server: nginx/1.18.0
accept-ch: Sec-CH-UA-Platform-Version
content-length: 0

GET
H/1.1 200
OK script.js Show response
js.cdnspace.io/1/ Frame 532B 90 KB
27 KB 126ms
54ms Script
application/javascript 109.206.162.211
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.cdnspace.io/1/script.js?t=2023859
Requested by: Host: 1337x1.wb4.xyz
URL: https://1337x1.wb4.xyz/2019/05/my-garden-beauty-there-are-many.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 109.206.162.211 , United States, ASN50245 (SERVEREL-AS, US),
Reverse DNS: 211.162.serverel.net
Software: nginx /
Resource Hash: bb81c521c328cf4dce09e15b0f34795e68d447f46a0c4007084689d10b6f20e1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1337x1.wb4.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Tue, 05 Sep 2023 09:00:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Aug 2023 09:26:42 GMT
Server: nginx
ETag: W/"64d0b8d2-1673e"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1800, public
Connection: keep-alive
Expires: Tue, 05 Sep 2023 09:30:18 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 532B 218 KB
77 KB 45ms
45ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-32THDDHNK8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46789381-49

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e98f8808e0b10efadddd07f6d436ed5e00ce24810485f5baff389fd588a66eee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1337x1.wb4.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 09:00:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79048
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Sep 2023 09:00:18 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 532B 52 KB
21 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46789381-49

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1337x1.wb4.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 05 Sep 2023 07:44:23 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4555
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 05 Sep 2023 09:44:23 GMT

GET
H/1.1 200
OK w.js Show response
jswww.net/ Frame 532B 21 KB
21 KB 221ms
154ms Script
text/javascript 109.206.168.17
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jswww.net/w.js?isr=1&wtoken=98963dc7-1c2d-49d5-bc4b-859b47dfca0e&u=869633&t=2045&sid=1337x1.wb4.xyz&r=0.6500859451279366
Requested by: Host: js.cdnspace.io
URL: https://js.cdnspace.io/1/script.js?t=2023859
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 109.206.168.17 , United States, ASN50245 (SERVEREL-AS, US),
Reverse DNS: 109.206.168.17.serverel.net
Software: binder-v5.8.1.1 /
Resource Hash: 6c2948a9297f1d9e5d6ca4134b0064f628136f344509113881f64c6f8e89a61b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1337x1.wb4.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 09:00:19 GMT
x-response-code: 20200
server: binder-v5.8.1.1
access-control-allow-methods: GET, POST
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
access-control-allow-headers: *
content-length: 21705

GET
H2

200

mdWKeDdB2bClwIe4GsGOuJ5WyEgBP4Rr.png
i.wmgtr.com/cic/ Frame 35C3
Redirect Chain

https://icdns.net/b2/l/i/icon?cid=1&did=emVIel0&eid=10592&n=094033e73293b2bb57a61e50&nid=1&sid=Qy0vHgBvL8VKYd6Z54SFRD78pcGzeXgAykGxxscVDj%2B57QTga%2FAM9k41dZnOsK5VWmCewtHoFEHa%2BRNAdPqSCXhrPIS6w8mE...
https://xpwbgf.com/dsp/ph/icm?aid=630399061344733543&mid=0&sid=435&t=1693904419&subid=330659848487
https://i.wmgtr.com/cic/mdWKeDdB2bClwIe4GsGOuJ5WyEgBP4Rr.png

20 KB
20 KB

107ms
25ms

Image
image/jpeg

45.133.44.32

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.wmgtr.com/cic/mdWKeDdB2bClwIe4GsGOuJ5WyEgBP4Rr.png

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Server

45.133.44.32 -, , ASN (),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

2df6d6501288176ad4c500c56c9291676930f7ecf9734e5c4f39617c60cbf7d6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Wed, 06 Sep 2023 08:00:21 GMT
date: Tue, 05 Sep 2023 09:00:21 GMT
server: nginx/1.19.0
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=82800
x-content-type-option: nosniff
x-xss-protection: 1; mode=block
x-proxy-cache: HIT

Redirect headers

location: https://i.wmgtr.com/cic/mdWKeDdB2bClwIe4GsGOuJ5WyEgBP4Rr.png
date: Tue, 05 Sep 2023 09:00:21 GMT
accept-ch: Sec-CH-UA-Platform-Version
server: nginx/1.18.0
content-length: 0

GET
H2

200

317urqDu1FufnzaNFh4vUEsN6jaiUstzubSxWhhc.png
imcdn.co/ Frame 35C3
Redirect Chain

https://icdns.net/b2/l/i/icon?cid=1&did=T1hEdUc&eid=10592&n=8b3260af5c1da7621838b9ee&nid=1&sid=jcRElrwnmF9wyF%2F6az9nk2gRaeJNrTRSkre%2BQrb52Gcxk%2BfYl8BwqYot%2FoTNcVi1sen2KFQXjU%2Bj6Xfr5PQt%2FnbtFM...
https://imcdn.co/317urqDu1FufnzaNFh4vUEsN6jaiUstzubSxWhhc.png

4 KB
4 KB

104ms
37ms

Image
image/webp

2606:4700:3038::6815:ea32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imcdn.co/317urqDu1FufnzaNFh4vUEsN6jaiUstzubSxWhhc.png
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Server: 2606:4700:3038::6815:ea32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 375c4282102066862504f7dfc6bebdcae26b2f71f79854b9a35afb201f84cdb0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 09:00:20 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Aug 2023 16:57:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1872145
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ki%2BKlM5dqEMITBdZgFmp3%2F6phKwZZwYoSuK96c%2BoPeTDiFXc%2Bn2wgXcok4QI2UYgumWamTisUj%2FlCy7s1Tb0EVJKMaqTqtys%2B%2FVxTUhaHDGYHR1IDMhU5k4CFIPiia0dr5gJuvC6ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 801d48066baeb8e8-AMS
alt-svc: h3=":443"; ma=86400
content-length: 4102
expires: Wed, 13 Sep 2023 16:57:55 GMT

Redirect headers

location: https://imcdn.co/317urqDu1FufnzaNFh4vUEsN6jaiUstzubSxWhhc.png
date: Tue, 05 Sep 2023 09:00:20 GMT
referrer-policy: no-referrer, no-referrer
server: dspclick-v3.9.0
content-length: 0

GET
H2

200

C7yCeVzEPrIohRfaGQ9iouOV80bjBFe4BwmbZkVM.png
imcdn.co/ Frame 35C3
Redirect Chain

https://icdns.net/b2/l/i/icon?cid=1&did=UnFrV3Q&eid=10592&n=b9d73bbe29762d0af9a82816&nid=1&sid=QvNtexb2SOJ9%2Fny1E6Bor2EIW3P2YxeW54zk4CWY0uFfMsD4AlBWyyMfRIgLUyS7NlEIA7ekx9fH7i3AvMEwnH7K%2Fnvg31XlYI...
https://imcdn.co/C7yCeVzEPrIohRfaGQ9iouOV80bjBFe4BwmbZkVM.png

4 KB
4 KB

101ms
34ms

Image
image/webp

2606:4700:3038::6815:ea32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imcdn.co/C7yCeVzEPrIohRfaGQ9iouOV80bjBFe4BwmbZkVM.png
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Server: 2606:4700:3038::6815:ea32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4be01a163246691ecf0cdebed0e5620e8679e25ce2d3b457f5c1eafae413eeb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 09:00:20 GMT
cf-cache-status: HIT
last-modified: Thu, 17 Aug 2023 19:54:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1602359
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OfKKxN1XqEk8y%2Bu7e8oFdpqeR9hriW4BUbCh4XIVfclAKvcCmZ7r%2B%2FF5a32W36h4mWGO3D5ybjjF%2FA6pOO6uJQ2Ji2VEB6IAAbuywbn%2Bm67GWuCLajrWt8fijqJBQg8XeM9LXBNdcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 801d48066badb8e8-AMS
alt-svc: h3=":443"; ma=86400
content-length: 4028
expires: Sat, 16 Sep 2023 19:54:21 GMT

Redirect headers

location: https://imcdn.co/C7yCeVzEPrIohRfaGQ9iouOV80bjBFe4BwmbZkVM.png
date: Tue, 05 Sep 2023 09:00:19 GMT
referrer-policy: no-referrer, no-referrer
server: dspclick-v3.9.0
content-length: 0

GET
H2

200

ptbWgmjzFLnMOFJ6D7aDV0X6NmUQ9MLDVEbEeNUp.png
imcdn.co/ Frame 35C3
Redirect Chain

https://icdns.net/b2/l/i/icon?cid=1&did=SXFsUlo&eid=10592&n=5b22123585febd648a112cb9&nid=1&sid=KzJh1qRZd9iNxmYPFnA4KuTzFE8Ax9mI1tW7zu1LCXcFmjS1oM1oFEWkdYmPxcZJ5xZlWYnnAxa0hYb8YgTBEWSjJew2uhXJTI7rRM...
https://imcdn.co/ptbWgmjzFLnMOFJ6D7aDV0X6NmUQ9MLDVEbEeNUp.png

4 KB
4 KB

103ms
36ms

Image
image/webp

2606:4700:3038::6815:ea32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imcdn.co/ptbWgmjzFLnMOFJ6D7aDV0X6NmUQ9MLDVEbEeNUp.png
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Server: 2606:4700:3038::6815:ea32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92587924074928fb8370914c5721fe0719e52727f8f49b7fcc978eb8a52da78e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 09:00:20 GMT
cf-cache-status: HIT
last-modified: Wed, 30 Aug 2023 17:44:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 486925
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JM9s2%2BEcK6J8JQ7EQQmynN01PxK8OiZNLDZzE2ds44ZuzecNYiPCjktaS8xMksSJ5qqKiiam7ImPjBUyzmAcKGz9BMrN3Zlvu%2F6mfjI7AG2f%2BycYFZpOixpV8L8E%2F178yJSCcL2j6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 801d48066bb0b8e8-AMS
alt-svc: h3=":443"; ma=86400
content-length: 3970
expires: Fri, 29 Sep 2023 17:44:55 GMT

Redirect headers

location: https://imcdn.co/ptbWgmjzFLnMOFJ6D7aDV0X6NmUQ9MLDVEbEeNUp.png
date: Tue, 05 Sep 2023 09:00:19 GMT
referrer-policy: no-referrer, no-referrer
server: dspclick-v3.9.0
content-length: 0

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.autoconfig.jiotvonline.com/	1969-12-31 23:59:59	Name: autoconfig_jiotvonline_com Value: o57mgsjsv61crj6e14o04nkc4v

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://autoconfig.jiotvonline.com/error.html Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1337x1.wb4.xyz
ad.a-ads.com
autoconfig.jiotvonline.com
fastcdn111.site
i.wmgtr.com
icdns.net
imcdn.co
js.cdnspace.io
jswww.net
prhzxq.com
static.a-ads.com
www.google-analytics.com
www.googletagmanager.com
www1.btc747.xyz
xdiwbc.com
xngqoc.com
xpwbgf.com
109.206.162.121
109.206.162.211
109.206.168.17
213.239.205.245
2606:4700:3035::ac43:8726
2606:4700:3035::ac43:a802
2606:4700:3036::6815:4a59
2606:4700:3038::6815:ea32
2a00:1450:4001:811::2008
2a00:1450:4001:813::200e
2a02:b4a:1:6::5
2a02:b4a:1:7::9166:1
2a02:b4a:1:7::9274:1
2a06:98c1:3120::3
2a06:98c1:3121::3
2a0d:2787:1b:1f6::a
45.133.44.32
1c50e7319e2d5726f9ec02ccb50a828668040e13c2f0e487c86ef179275d1308
2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384
2d55054d72f4a6aed08dbae259480155202e9b467afc727125de608562950e28
2df6d6501288176ad4c500c56c9291676930f7ecf9734e5c4f39617c60cbf7d6
375c4282102066862504f7dfc6bebdcae26b2f71f79854b9a35afb201f84cdb0
4aadb7c72d0213c601f61693bdafa501938bec2fe31fa92bc6cd3c94f7153a32
56979661e60a2854395bfa60af743f37f059f7974e404fa38fc459952b8b09b4
64d3e36812e0daee651bfdd1e94c2c9b473ce5f5b6bd07bfa4b3ae8dfd4bb2a1
6b6ffb9ae8037f7a24a8327c099d6e705f319ac6ceeccae5f6e73474d71a83b7
6c2948a9297f1d9e5d6ca4134b0064f628136f344509113881f64c6f8e89a61b
8e26f0c2be728fde5640c77820fd9a24261eb6b23025a109abc97693b3482fb9
92587924074928fb8370914c5721fe0719e52727f8f49b7fcc978eb8a52da78e
93e2c9bcf65515394649a7dde52feeb95184ff27d571754f7d5ac48a0490d2b2
99262cf14b9cc66dc28995a10253b7025649240b73a10bbc57f8d0cfd471bf56
9e48e01954b2145e162f90bf5011554d77823627afef00a3b83ded2c50e7bc85
a0271d5518cf46a6d41147226cd4d79f6541e0190824cb35a01225008f5ab114
a43ec92cc34816236ffce3ac68fdeb296dbf004ef7a7fd324b56ee14ed375db5
ac03b241013f29a29e2960d28b74ac3a15da00d084cc70fbb4595a0e4b734a3d
ba9e395b188fccd28b0b94d995077e4c826b7f36c392ab4fdc2d7c580657e6a7
bb81c521c328cf4dce09e15b0f34795e68d447f46a0c4007084689d10b6f20e1
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da
d519aa15269eea255143912d5fbd5488549435bfaac6dd1101c081c5cddffdce
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4be01a163246691ecf0cdebed0e5620e8679e25ce2d3b457f5c1eafae413eeb
e98f8808e0b10efadddd07f6d436ed5e00ce24810485f5baff389fd588a66eee

autoconfig.jiotvonline.com Open in urlscan Pro 2a0d:2787:1b:1f6::a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

27 Requests

74 %HTTPS

71 %IPv6

16 Domains

17 Subdomains

14 IPs

3 Countries

642 kBTransfer

1401 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

autoconfig.jiotvonline.com Open in urlscan Pro
2a0d:2787:1b:1f6::a Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

74 %
HTTPS

71 %
IPv6

16
Domains

17
Subdomains

14
IPs

3
Countries

642 kB
Transfer

1401 kB
Size

1
Cookies

27 HTTP transactions
1 data transactions