urlscan.io logo urlscan.io
SecurityTrails logo

lp.bttuu.xyz Open in urlscan Pro
2606:4700:3035::ac43:b49f  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://capitalcaone.com/
Effective URL: http://lp.bttuu.xyz/ins/?id=1634696493295&cid=16346964923118995387281136619137653
Submission: On October 20 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 15 HTTP transactions. The main IP is 2606:4700:3035::ac43:b49f, located in United States and belongs to CLOUDFLARENET, US. The main domain is lp.bttuu.xyz.
This is the only time lp.bttuu.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 212.32.237.92 60781 (LEASEWEB-...)
2 2 173.192.101.24 36351 (SOFTLAYER)
2 3 35.201.103.0 15169 (GOOGLE)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 14 2606:4700:303... 13335 (CLOUDFLAR...)
15 4
2    212.32.237.92 (Hoofddorp, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
capitalcaone.com
2    173.192.101.24 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com
mybetterdl.com
p185689.mybetterdl.com
3    35.201.103.0 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 0.103.201.35.bc.googleusercontent.com
www.greatdexchange.com
1    2606:4700:3031::6815:efe (United States)

ASN13335 (CLOUDFLARENET, US)
www.bfqcx.xyz
14    2606:4700:3035::ac43:b49f (United States)

ASN13335 (CLOUDFLARENET, US)
lp.bttuu.xyz
Apex Domain
Subdomains		 Transfer
14 bttuu.xyz
lp.bttuu.xyz
213 KB
3 greatdexchange.com
www.greatdexchange.com
3 KB
2 mybetterdl.com
mybetterdl.com
p185689.mybetterdl.com
1 KB
2 capitalcaone.com
capitalcaone.com
3 KB
1 bfqcx.xyz
www.bfqcx.xyz
948 B
15 5
Domain Requested by
14 lp.bttuu.xyz 1 redirects www.greatdexchange.com
lp.bttuu.xyz
3 www.greatdexchange.com 2 redirects capitalcaone.com
2 capitalcaone.com 1 redirects
1 www.bfqcx.xyz 1 redirects
1 p185689.mybetterdl.com 1 redirects
1 mybetterdl.com 1 redirects
15 6

This site contains links to these domains. Also see Links.

Domain
www.zingload.com
Subject Issuer Validity Valid
greatdexchange.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-18 -
2022-02-18		 a year crt.sh

This page contains 1 frames:

Primary Page: http://lp.bttuu.xyz/ins/?id=1634696493295&cid=16346964923118995387281136619137653
Frame ID: F9CBE0AF7E184F12EABD25C3EA85B622
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Installed Required

Page URL History Show full URLs

  1. http://capitalcaone.com/ Page URL
  2. http://capitalcaone.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYzNDc... HTTP 302
    https://mybetterdl.com/aS/feedclick?s=Un8YNmzNixpndAYfZXLGLStZ7ZClr2grXXYOCY6Emo1zYBFxsT_-rr1MrDN7N... HTTP 302
    https://p185689.mybetterdl.com/adServe/domainClick?ai=tMxzWfm12LrtkeXDOlL9LNKId4yj9-6uPc2_aYGZcLpAbJfpMBf0-... HTTP 302
    https://www.greatdexchange.com/jump/next.php?r=4152919&sub1=revenuehits&sub2={zoneid} Page URL
  3. https://www.greatdexchange.com/jump/next.php?stamat=m%257CYj9jf_oiaQdH8AH0dEdHP3xP.ad7%252C7H0PozvLiGV-YkDx... HTTP 302
    https://www.greatdexchange.com/script/i.php?stamat=m%257C%252C%252CQheTYiPyoGU3Bv-GH0dEdHP3xP.1e6%252CWYNjb... HTTP 302
    http://www.bfqcx.xyz/?s=1372512-1801477522-1554205996&cid=16346964923118995387281136619137653 HTTP 302
    http://lp.bttuu.xyz/verify.php?xx=100139&s=1372512-1801477522-1554205996&cid=1634696492311899538... HTTP 302
    http://lp.bttuu.xyz/ins/?id=1634696493295&cid=16346964923118995387281136619137653 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

15
Requests

7 %
HTTPS

40 %
IPv6

5
Domains

6
Subdomains

4
IPs

3
Countries

215 kB
Transfer

557 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://capitalcaone.com/ Page URL
  2. http://capitalcaone.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYzNDcwMzY5MCwiaWF0IjoxNjM0Njk2NDkwLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycW5wbml2b29mY3ZnMXFqN28wNGJhODkiLCJuYmYiOjE2MzQ2OTY0OTAsInRzIjoxNjM0Njk2NDkwMTEyOTUzfQ.xnzeyGNGrvqmoBIxXZw7gmMLIV3ddkn6ldmus0mTF0I&sid=6f85dccc-314c-11ec-9a0f-8de9d7eab95a HTTP 302
    https://mybetterdl.com/aS/feedclick?s=Un8YNmzNixpndAYfZXLGLStZ7ZClr2grXXYOCY6Emo1zYBFxsT_-rr1MrDN7NPIWnIFjje5HrPodK7X5QIc3n0hfs9IVa7UGgGUtnOtrdEShwgPSYDeeRhYRq2NAfQ6SiUnMKG1xv31r6HPqc5_T5XfmENYXbWzNNl6RGTsBSkn3TAU5FotHo1mBt6xKMm8tXAdS5repKZl3PQvxXQKaBAvQMpfmfAVQLDZCMLMwkGYQJiMT4ZWuA0WVTti1Ql_QN4h9d0GawMY5Go07O-0RpYt5G8UK985fuUHP1tWnlv6cz6ezwCMv3jX0K8ie_KKkwX00u3uzXwxtDehG5KfKPsRdCv_zJAmnmMtsmlcLCDaBIwItbcY-yKWfuzYYqBSQPlAn8soXSABgwDMxa7g3qk-a2wx6qe2GhHNggDNUOHntUV3kr8riRw1NTIJSalnTbBgbArw20W0lUUGdmZ-u1PYW2i5YkBmZi1194u3Pm9cZsxTTUhzYy1PrmEt06kj7zX83I0yZsN0QaSax4XMDIW85yQYc1QDYHcpn_l-Emmzhj6f3pRXNKxOfSk_yV8ojPx7YC-oaHRsl4gaqfYgTIhaPfReLIMgJxqR6-Ks29t4yoEsnfWJ2gTEFJIxQhz5SYyQR55RahHDszgDpB0BF5-awJo9z5mow-eBleKGQoh9toA1eWNG_1n0gTH6cXiTu4CyYsh_FYitE7YZbfQV8udDpMgtm9uaVVRNNl5XgACjsV6mhbZm8l2UrMegqrQKDBS5qhMchHTlBHFpdXkbYKfP5WQbmOBVWa_WP-llhE8zvDql8cLunkkLZeorQ10zGKAq7SkKb5T7OfZCWiu90LKTH6-hcWktR1k-C2iWkGyAQUn63O6XpXc5HHClU1hriHRcTb6JN_RI2dejjvZicHWESf4bJn8Cm1s_6SN_9Bt4mSe6FKMq5X5lqUO9m3OLdcEGi8_Ap75fv_be6YXibX6UNITOBTyksiJGqZEBOcLFldolKFJRrN0dAmmzLFXubgxFd-pz25ktrh9EEVyRYA6KQmoHlboUAv3SPgwje0F5khLIYwmp7N1jgZepaCKXRrmIrP2lNhVXc1TJLY5jgsYGrivroMtcMcqnNvhGdhwxahSsPlvn6vuXaUOR19twEjAxabQaLByJ04f0I7Q8OuQ83I2JpU2-k1StMGW5Glm6eUdaZf__tADgnxy8-X2Cmmw63jC8uQnobbqCaz0ksLnFzqXYtjmj9EElDA_IaejpU5d-YCNcJteQZEfaHRz0RXRVMLWaZdS5Z5Olabl0WxwP5G2oPQOEnexY8SiHl0ntivroLKF6xJ2r6zd-ApTShHKSkqyXsvLav61O5UkK_kmr6zd-ApTShHKSkqyXsvLbp6t2Df9GS80LPhgVVyPA-wqtKQztrX1gAT39NMcUFz_QaTYYMFQxDEwrLEAaOW_hRReqfYBgBJyag7CnkP7JO HTTP 302
    https://p185689.mybetterdl.com/adServe/domainClick?ai=tMxzWfm12LrtkeXDOlL9LNKId4yj9-6uPc2_aYGZcLpAbJfpMBf0-BtS6hOXAdSCWnfdRJ-WmhcFthD195c5YTj-GPcsoI_bX2-RUHmZe-TbZh2vrFwOgYm5MP_LCEmt1_Hp8pLpejI7PQPk_awqCmJWdAgaDFAOJTu6AXYz7K44J8cvPl9gptHKZEHyH02J-IokKZjFQZ4E-iRLqG0EzkVhAWjsTWMQS3ae4tKUm21baMHjMW5FMVZ1q7sg30V1X0j3MVUJ4vmn3Zyn6-Rw-YR_ep3g43JQoLurTSybV3_zVVlMvpZOzxY7hA_5WLvNF7vPMElssBC8QYVDSNYmQ3hu-U9ACuKtcekCIShJdvtuB6OXN_rsgcmEGqekUBiPLxdLCBTbS2E-vcPMz4vkCyd1zPzveueCJsH1SbwuDg-j1HVaOgt_lw&ui=Un8YNmzNixpndAYfZXLGLZmqLhDpWjFVIaIc3yOo5HLp3e3ID8yS9YZH25jigI81EElDA_IaejpU5d-YCNcJteQZEfaHRz0RXRVMLWaZdS6IwgwvqxsoWQ&si=1&oref=64a1ee7cff666de182210d00930c0b5b&optunit=OCfHLz5fYKabDreMLy5CemWSQsQHXjql&rb=Rl_VhPiUh7k&rr=1&abtg=0 HTTP 302
    https://www.greatdexchange.com/jump/next.php?r=4152919&sub1=revenuehits&sub2={zoneid} Page URL
  3. https://www.greatdexchange.com/jump/next.php?stamat=m%257CYj9jf_oiaQdH8AH0dEdHP3xP.ad7%252C7H0PozvLiGV-YkDx825CHq53U2JaPZHWZ1WGii-ANIZSw3nvftIOMSYFIXWglK12xcKufKC52bKerRLh1DoDHO5APy4qO5bbME_ov76M_shpOJE6cer1LzoA5Xua7epU&cbur=0.9490374480115946&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=http%3A%2F%2Fcapitalcaone.com%2F HTTP 302
    https://www.greatdexchange.com/script/i.php?stamat=m%257C%252C%252CQheTYiPyoGU3Bv-GH0dEdHP3xP.1e6%252CWYNjbx92SXpouxd7mDs8A4ehp93L3zeKA7zDG7K9FCJuumgqEMOVz4Q3ewUMqQNoZm992d1OeDpmZCEI5a6BZYSszIdWOjplIWZSzUe12F0dnfpBPCd8jkXvSTyAi6xdeyvmSrX_CNsRxmMtOtrzebfEAq1T0XoFBEh766Bpi-TQ-dqC-kwaOj5r1OqsDjbdCRAgMzuMcUw6waUxihaEt9BvZr-QijIQssi7ZY42dlcO87gtwLt0xcR3fJXWPBA2eckzz3br8Gi6yfyDa2_At0UP-W7o7iE7Sai6QYQYhikUVuWir4LT_emz-nVLGstYpg1jSxp3ZFPDAalITI3s_VYcS8WinIPPYU9VZMjIq1NplzvqL4TI0wmaCqO9Hb3bwLbGvHmmBmh9EUMddN2jWGd9SIucqVjGTogK_WYpPvHwhPimxKLwm1g5O2-X8n7KXMo2iqZb5pfSIpTxwyBM0q_jEcHqJxuZkee_E09LSmKpYY63Ari-AYIsn8DdVvW_ HTTP 302
    http://www.bfqcx.xyz/?s=1372512-1801477522-1554205996&cid=16346964923118995387281136619137653 HTTP 302
    http://lp.bttuu.xyz/verify.php?xx=100139&s=1372512-1801477522-1554205996&cid=16346964923118995387281136619137653 HTTP 302
    http://lp.bttuu.xyz/ins/?id=1634696493295&cid=16346964923118995387281136619137653 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://capitalcaone.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYzNDcwMzY5MCwiaWF0IjoxNjM0Njk2NDkwLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycW5wbml2b29mY3ZnMXFqN28wNGJhODkiLCJuYmYiOjE2MzQ2OTY0OTAsInRzIjoxNjM0Njk2NDkwMTEyOTUzfQ.xnzeyGNGrvqmoBIxXZw7gmMLIV3ddkn6ldmus0mTF0I&sid=6f85dccc-314c-11ec-9a0f-8de9d7eab95a HTTP 302
  • https://mybetterdl.com/aS/feedclick?s=Un8YNmzNixpndAYfZXLGLStZ7ZClr2grXXYOCY6Emo1zYBFxsT_-rr1MrDN7NPIWnIFjje5HrPodK7X5QIc3n0hfs9IVa7UGgGUtnOtrdEShwgPSYDeeRhYRq2NAfQ6SiUnMKG1xv31r6HPqc5_T5XfmENYXbWzNNl6RGTsBSkn3TAU5FotHo1mBt6xKMm8tXAdS5repKZl3PQvxXQKaBAvQMpfmfAVQLDZCMLMwkGYQJiMT4ZWuA0WVTti1Ql_QN4h9d0GawMY5Go07O-0RpYt5G8UK985fuUHP1tWnlv6cz6ezwCMv3jX0K8ie_KKkwX00u3uzXwxtDehG5KfKPsRdCv_zJAmnmMtsmlcLCDaBIwItbcY-yKWfuzYYqBSQPlAn8soXSABgwDMxa7g3qk-a2wx6qe2GhHNggDNUOHntUV3kr8riRw1NTIJSalnTbBgbArw20W0lUUGdmZ-u1PYW2i5YkBmZi1194u3Pm9cZsxTTUhzYy1PrmEt06kj7zX83I0yZsN0QaSax4XMDIW85yQYc1QDYHcpn_l-Emmzhj6f3pRXNKxOfSk_yV8ojPx7YC-oaHRsl4gaqfYgTIhaPfReLIMgJxqR6-Ks29t4yoEsnfWJ2gTEFJIxQhz5SYyQR55RahHDszgDpB0BF5-awJo9z5mow-eBleKGQoh9toA1eWNG_1n0gTH6cXiTu4CyYsh_FYitE7YZbfQV8udDpMgtm9uaVVRNNl5XgACjsV6mhbZm8l2UrMegqrQKDBS5qhMchHTlBHFpdXkbYKfP5WQbmOBVWa_WP-llhE8zvDql8cLunkkLZeorQ10zGKAq7SkKb5T7OfZCWiu90LKTH6-hcWktR1k-C2iWkGyAQUn63O6XpXc5HHClU1hriHRcTb6JN_RI2dejjvZicHWESf4bJn8Cm1s_6SN_9Bt4mSe6FKMq5X5lqUO9m3OLdcEGi8_Ap75fv_be6YXibX6UNITOBTyksiJGqZEBOcLFldolKFJRrN0dAmmzLFXubgxFd-pz25ktrh9EEVyRYA6KQmoHlboUAv3SPgwje0F5khLIYwmp7N1jgZepaCKXRrmIrP2lNhVXc1TJLY5jgsYGrivroMtcMcqnNvhGdhwxahSsPlvn6vuXaUOR19twEjAxabQaLByJ04f0I7Q8OuQ83I2JpU2-k1StMGW5Glm6eUdaZf__tADgnxy8-X2Cmmw63jC8uQnobbqCaz0ksLnFzqXYtjmj9EElDA_IaejpU5d-YCNcJteQZEfaHRz0RXRVMLWaZdS5Z5Olabl0WxwP5G2oPQOEnexY8SiHl0ntivroLKF6xJ2r6zd-ApTShHKSkqyXsvLav61O5UkK_kmr6zd-ApTShHKSkqyXsvLbp6t2Df9GS80LPhgVVyPA-wqtKQztrX1gAT39NMcUFz_QaTYYMFQxDEwrLEAaOW_hRReqfYBgBJyag7CnkP7JO HTTP 302
  • https://p185689.mybetterdl.com/adServe/domainClick?ai=tMxzWfm12LrtkeXDOlL9LNKId4yj9-6uPc2_aYGZcLpAbJfpMBf0-BtS6hOXAdSCWnfdRJ-WmhcFthD195c5YTj-GPcsoI_bX2-RUHmZe-TbZh2vrFwOgYm5MP_LCEmt1_Hp8pLpejI7PQPk_awqCmJWdAgaDFAOJTu6AXYz7K44J8cvPl9gptHKZEHyH02J-IokKZjFQZ4E-iRLqG0EzkVhAWjsTWMQS3ae4tKUm21baMHjMW5FMVZ1q7sg30V1X0j3MVUJ4vmn3Zyn6-Rw-YR_ep3g43JQoLurTSybV3_zVVlMvpZOzxY7hA_5WLvNF7vPMElssBC8QYVDSNYmQ3hu-U9ACuKtcekCIShJdvtuB6OXN_rsgcmEGqekUBiPLxdLCBTbS2E-vcPMz4vkCyd1zPzveueCJsH1SbwuDg-j1HVaOgt_lw&ui=Un8YNmzNixpndAYfZXLGLZmqLhDpWjFVIaIc3yOo5HLp3e3ID8yS9YZH25jigI81EElDA_IaejpU5d-YCNcJteQZEfaHRz0RXRVMLWaZdS6IwgwvqxsoWQ&si=1&oref=64a1ee7cff666de182210d00930c0b5b&optunit=OCfHLz5fYKabDreMLy5CemWSQsQHXjql&rb=Rl_VhPiUh7k&rr=1&abtg=0 HTTP 302
  • https://www.greatdexchange.com/jump/next.php?r=4152919&sub1=revenuehits&sub2={zoneid}

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
capitalcaone.com/ 		472 B
832 B 		Document
General
Check archive.org
Download Go to
Full URL
http://capitalcaone.com/
Protocol
HTTP/1.1
Server
212.32.237.92 Hoofddorp, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
capitalcaone.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
472
content-type
text/html; charset=utf-8
date
Wed, 20 Oct 2021 02:21:29 GMT
server
nginx
set-cookie
sid=6f85dccc-314c-11ec-9a0f-8de9d7eab95a; path=/; domain=.capitalcaone.com; expires=Mon, 07 Nov 2089 05:35:37 GMT; max-age=2147483647; HttpOnly
next.php
www.greatdexchange.com/jump/
Redirect Chain
  • http://capitalcaone.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYzNDcwMzY5MCwiaWF0IjoxNjM0Njk2NDkwLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycW5wbml2b29mY3ZnMXFqN28wNGJh...
  • https://mybetterdl.com/aS/feedclick?s=Un8YNmzNixpndAYfZXLGLStZ7ZClr2grXXYOCY6Emo1zYBFxsT_-rr1MrDN7NPIWnIFjje5HrPodK7X5QIc3n0hfs9IVa7UGgGUtnOtrdEShwgPSYDeeRhYRq2NAfQ6SiUnMKG1xv31r6HPqc5_T5XfmENYXbWz...
  • https://p185689.mybetterdl.com/adServe/domainClick?ai=tMxzWfm12LrtkeXDOlL9LNKId4yj9-6uPc2_aYGZcLpAbJfpMBf0-BtS6hOXAdSCWnfdRJ-WmhcFthD195c5YTj-GPcsoI_bX2-RUHmZe-TbZh2vrFwOgYm5MP_LCEmt1_Hp8pLpejI7PQP...
  • https://www.greatdexchange.com/jump/next.php?r=4152919&sub1=revenuehits&sub2={zoneid}
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.greatdexchange.com/jump/next.php?r=4152919&sub1=revenuehits&sub2={zoneid}
Requested by
Host: capitalcaone.com
URL: http://capitalcaone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.103.0 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
0.103.201.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

:method
GET
:authority
www.greatdexchange.com
:scheme
https
:path
/jump/next.php?r=4152919&sub1=revenuehits&sub2={zoneid}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://capitalcaone.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://capitalcaone.com/

Response headers

server
openresty
date
Wed, 20 Oct 2021 02:21:32 GMT
content-type
text/html; charset=utf-8
access-control-allow-origin
*
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

server
nginx
date
Wed, 20 Oct 2021 02:21:31 GMT
content-length
0
set-cookie
rhid=79914018307; Max-Age=15552000; Expires=Mon, 18-Apr-2022 02:21:31 GMT; Domain=mybetterdl.com; Path=/; SameSite=None; secure; loi=ad_1117288_off_562660_aff_87624_cid_185689-CAPITALCAONE.COM_ts_1634696491; Max-Age=3600; Expires=Wed, 20-Oct-2021 03:21:31 GMT; Domain=mybetterdl.com; Path=/; SameSite=None; secure;
location
https://www.greatdexchange.com/jump/next.php?r=4152919&sub1=revenuehits&sub2={zoneid}
Primary Request /
lp.bttuu.xyz/ins/
Redirect Chain
  • https://www.greatdexchange.com/jump/next.php?stamat=m%257CYj9jf_oiaQdH8AH0dEdHP3xP.ad7%252C7H0PozvLiGV-YkDx825CHq53U2JaPZHWZ1WGii-ANIZSw3nvftIOMSYFIXWglK12xcKufKC52bKerRLh1DoDHO5APy4qO5bbME_ov76M_s...
  • https://www.greatdexchange.com/script/i.php?stamat=m%257C%252C%252CQheTYiPyoGU3Bv-GH0dEdHP3xP.1e6%252CWYNjbx92SXpouxd7mDs8A4ehp93L3zeKA7zDG7K9FCJuumgqEMOVz4Q3ewUMqQNoZm992d1OeDpmZCEI5a6BZYSszIdWOjp...
  • http://www.bfqcx.xyz/?s=1372512-1801477522-1554205996&cid=16346964923118995387281136619137653
  • http://lp.bttuu.xyz/verify.php?xx=100139&s=1372512-1801477522-1554205996&cid=16346964923118995387281136619137653
  • http://lp.bttuu.xyz/ins/?id=1634696493295&cid=16346964923118995387281136619137653
32 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://lp.bttuu.xyz/ins/?id=1634696493295&cid=16346964923118995387281136619137653
Requested by
Host: www.greatdexchange.com
URL: https://www.greatdexchange.com/jump/next.php?r=4152919&sub1=revenuehits&sub2={zoneid}
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:b49f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.5.21
Resource Hash
ca4babdf9ef0d350e2cd41fcca864a1c88c404dcaa8e8353e839070e4d3e4ad2

Request headers

Host
lp.bttuu.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Cookie
vt=772b42b100cd1f4d1bea39f86dc1b81ba7e711fc3e; storeid=hdgbbekaglmmmfjghmkafebboajchblj; refurl=http%3A%2F%2Flp.bttuu.xyz%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16346964923118995387281136619137653; isjp=196780; taskid=100139
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.greatdexchange.com/jump/next.php?r=4152919&sub1=revenuehits&sub2={zoneid}

Response headers

Date
Wed, 20 Oct 2021 02:21:33 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
x-powered-by
PHP/5.5.21
set-cookie
isjp=234; expires=Wed, 20-Oct-2021 02:21:32 GMT; Max-Age=-1; path=/; domain=bttuu.xyz taskid=100139; expires=Wed, 18-May-2033 03:33:20 GMT; Max-Age=365303507; path=/; domain=bttuu.xyz subid=adsch1; expires=Wed, 18-May-2033 03:33:20 GMT; Max-Age=365303507; path=/; domain=lp.bttuu.xyz uid=u34696493616f7d2d839cb799228227; expires=Wed, 18-May-2033 03:33:20 GMT; Max-Age=365303507; path=/; domain=lp.bttuu.xyz ts=9c275473d00d9898c958680g1qbc6z3q0t1q2zdt7c; expires=Wed, 18-May-2033 03:33:20 GMT; Max-Age=365303507; path=/; domain=lp.bttuu.xyz p=100039; expires=Wed, 18-May-2033 03:33:20 GMT; Max-Age=365303507; path=/; domain=lp.bttuu.xyz rqp=%7B%22id%22%3A%221634696493295%22%2C%22cid%22%3A%2216346964923118995387281136619137653%22%7D; expires=Wed, 18-May-2033 03:33:20 GMT; Max-Age=365303507; path=/; domain=bttuu.xyz vs=lp.bttuu.xyz; expires=Wed, 20-Oct-2021 03:21:33 GMT; Max-Age=3600; path=/; domain=lp.bttuu.xyz
vary
Accept-Encoding
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MxHKqTbE9ehux0TIpzo9ObfJrE6fYsh9k%2FQCjHlf6nxLZSwGcsL9Ix97MT%2FKOeHV6aDjXec2Ykm%2B47wtZ4GMT7YO7ppH09w4iQsTVFEXbfkL6YpNPh319coVOU7%2Bimf2ogsvEtQm4NjG1GY%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6a0ec5fc9b2a3761-MXP
Content-Encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date
Wed, 20 Oct 2021 02:21:33 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
x-powered-by
PHP/5.5.21
set-cookie
vt=772b42b100cd1f4d1bea39f86dc1b81ba7e711fc3e; expires=Wed, 18-May-2033 03:33:20 GMT; Max-Age=365303507; path=/; domain=lp.bttuu.xyz storeid=hdgbbekaglmmmfjghmkafebboajchblj; expires=Wed, 18-May-2033 03:33:20 GMT; Max-Age=365303507; path=/; domain=bttuu.xyz refurl=http%3A%2F%2Flp.bttuu.xyz%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16346964923118995387281136619137653; expires=Wed, 18-May-2033 03:33:20 GMT; Max-Age=365303507; path=/; domain=bttuu.xyz isjp=196780; expires=Wed, 18-May-2033 03:33:20 GMT; Max-Age=365303507; path=/; domain=bttuu.xyz taskid=100139; expires=Wed, 18-May-2033 03:33:20 GMT; Max-Age=365303507; path=/; domain=bttuu.xyz
location
http://lp.bttuu.xyz/ins/?id=1634696493295&cid=16346964923118995387281136619137653#
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Isa1LqjqmYHFksRyYIuBTzBkfxTFbxII11DAcbhGTJgfTWRrtn9sVvX0Re%2Ftw31%2BWKd%2BsrrLsAfKkgXc0xuwnjo4HmkwPhk8BASlf3pMm7oBhX2T%2Bqn%2FykdPVxg%2Fkf2xokPTfsxWzJxjgZ0%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6a0ec5fb1ac43761-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
css.css
lp.bttuu.xyz/templates/flashsd/css/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://lp.bttuu.xyz/templates/flashsd/css/css.css
Requested by
Host: lp.bttuu.xyz
URL: http://lp.bttuu.xyz/ins/?id=1634696493295&cid=16346964923118995387281136619137653
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:b49f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a0619f7c978dc3e78e4774f56444184455d05868ce9950cda38d85299e01796

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
lp.bttuu.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://lp.bttuu.xyz/ins/?id=1634696493295&cid=16346964923118995387281136619137653
Cookie
vt=772b42b100cd1f4d1bea39f86dc1b81ba7e711fc3e; storeid=hdgbbekaglmmmfjghmkafebboajchblj; refurl=http%3A%2F%2Flp.bttuu.xyz%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16346964923118995387281136619137653; taskid=100139; subid=adsch1; uid=u34696493616f7d2d839cb799228227; ts=9c275473d00d9898c958680g1qbc6z3q0t1q2zdt7c; p=100039; rqp=%7B%22id%22%3A%221634696493295%22%2C%22cid%22%3A%2216346964923118995387281136619137653%22%7D; vs=lp.bttuu.xyz
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://lp.bttuu.xyz/ins/?id=1634696493295&cid=16346964923118995387281136619137653
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 20 Oct 2021 02:21:33 GMT
content-encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
5369
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 18 Aug 2021 10:30:56 GMT
Server
cloudflare
etag
W/"611ce160-1c80"
vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9jLH9jdOXcfD%2BB199LsQpfy3o0fhDfhyiKsOYqqC0wa9Tv%2F31a9eJiwDqOCfjVrdjEqJs7ZxK57ch8jzvoRooWVQwale8fqXeo%2FnkvYOY6qq8yy%2BHZmbKWzjPfvlKd%2FZ7MgPy2PQBbhjC8s%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
6a0ec5fe1b8d3761-MXP
jquery-1.12.4.min.js
lp.bttuu.xyz/templates/flashsd/js/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://lp.bttuu.xyz/templates/flashsd/js/jquery-1.12.4.min.js
Requested by
Host: lp.bttuu.xyz
URL: http://lp.bttuu.xyz/ins/?id=1634696493295&cid=16346964923118995387281136619137653
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:b49f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ae5d8b5a2806b811378107313b19f0b05baae4b2bbe85e19e9cd223391a0fe3

Request headers

Pragma
no-cache
Origin
http://lp.bttuu.xyz
Accept-Encoding
gzip, deflate
Host
lp.bttuu.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Cache-Control
no-cache
Referer
http://lp.bttuu.xyz/ins/?id=1634696493295&cid=16346964923118995387281136619137653
Cookie
vt=772b42b100cd1f4d1bea39f86dc1b81ba7e711fc3e; storeid=hdgbbekaglmmmfjghmkafebboajchblj; refurl=http%3A%2F%2Flp.bttuu.xyz%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16346964923118995387281136619137653; taskid=100139; subid=adsch1; uid=u34696493616f7d2d839cb799228227; ts=9c275473d00d9898c958680g1qbc6z3q0t1q2zdt7c; p=100039; rqp=%7B%22id%22%3A%221634696493295%22%2C%22cid%22%3A%2216346964923118995387281136619137653%22%7D; vs=lp.bttuu.xyz
Connection
keep-alive
Referer
http://lp.bttuu.xyz/ins/?id=1634696493295&cid=16346964923118995387281136619137653
Origin
http://lp.bttuu.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 20 Oct 2021 02:21:33 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2862
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 18 Aug 2021 10:30:56 GMT
Server
cloudflare
etag
W/"611ce160-17b8e"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nyNgP0VKyL0ykg65lyBT3ZESFuqqMFU0m7OFMCUCinJuhjFSPXszB337YlVAZv1VAsVwEWs6A0FQsjNyZGuGr%2B67MBvs59r4iEVu94pa1eo%2FywMhZLpC%2B2eYnewWCFRx2ibh0N5uYd1z%2FIg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=14400
CF-RAY
6a0ec5fe1b120e02-MXP
jquery-ui.js
lp.bttuu.xyz/templates/flashsd/js/ 		329 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://lp.bttuu.xyz/templates/flashsd/js/jquery-ui.js
Requested by
Host: lp.bttuu.xyz
URL: http://lp.bttuu.xyz/ins/?id=1634696493295&cid=16346964923118995387281136619137653
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:b49f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fc46b8f3182326b32709bfbfa1de2b831aa6ef6508914bbc0a187321c1584b2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
lp.bttuu.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://lp.bttuu.xyz/ins/?id=1634696493295&cid=16346964923118995387281136619137653
Cookie
vt=772b42b100cd1f4d1bea39f86dc1b81ba7e711fc3e; storeid=hdgbbekaglmmmfjghmkafebboajchblj; refurl=http%3A%2F%2Flp.bttuu.xyz%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16346964923118995387281136619137653; taskid=100139; subid=adsch1; uid=u34696493616f7d2d839cb799228227; ts=9c275473d00d9898c958680g1qbc6z3q0t1q2zdt7c; p=100039; rqp=%7B%22id%22%3A%221634696493295%22%2C%22cid%22%3A%2216346964923118995387281136619137653%22%7D; vs=lp.bttuu.xyz
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://lp.bttuu.xyz/ins/?id=1634696493295&cid=16346964923118995387281136619137653
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 20 Oct 2021 02:21:33 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
3824
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 18 Aug 2021 10:30:56 GMT
Server
cloudflare
etag
W/"611ce160-52380"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B61MqNzzWsQOGWoNrIY3tsc22KZdXRFeAOkNYuSLpaIRSLYolcynCIUEd%2BMytnkg6I%2BNjIrdbFHBqfODCyAIffVAqicWZLrjcAaNh50AgKPo42GEx%2BLhBbp0aRbIUWZQtKZB1%2BelFUvjkO0%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=14400
CF-RAY
6a0ec5fe6c2e0f4e-MXP
js.cookie.min.js
lp.bttuu.xyz/templates/flashsd/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://lp.bttuu.xyz/templates/flashsd/js/js.cookie.min.js
Requested by
Host: lp.bttuu.xyz
URL: http://lp.bttuu.xyz/ins/?id=1634696493295&cid=16346964923118995387281136619137653
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:b49f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3138064ce6d74b3a5fa2aed4f07ea29b2039cb745e94911d829cc6e5ef7fe531

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
lp.bttuu.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://lp.bttuu.xyz/ins/?id=1634696493295&cid=16346964923118995387281136619137653
Cookie
vt=772b42b100cd1f4d1bea39f86dc1b81ba7e711fc3e; storeid=hdgbbekaglmmmfjghmkafebboajchblj; refurl=http%3A%2F%2Flp.bttuu.xyz%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16346964923118995387281136619137653; taskid=100139; subid=adsch1; uid=u34696493616f7d2d839cb799228227; ts=9c275473d00d9898c958680g1qbc6z3q0t1q2zdt7c; p=100039; rqp=%7B%22id%22%3A%221634696493295%22%2C%22cid%22%3A%2216346964923118995387281136619137653%22%7D; vs=lp.bttuu.xyz
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://lp.bttuu.xyz/ins/?id=1634696493295&cid=16346964923118995387281136619137653
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 20 Oct 2021 02:21:33 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1332
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 18 Aug 2021 10:30:56 GMT
Server
cloudflare
etag
W/"611ce160-6d8"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tK04HlVIirhpc62c0TX9eHq3ZZoewSuo9tNqHYwio%2FQIPDj5aYoJCZ1nEqy1ajpc1Aw2a6AtrINbc%2BGvdsB3JEN5HRX5K8YPAo4Dsu2V%2FbtssIfgZZrDa8TyYWViaIKUrvw9lt6wVuJWjRM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=14400
CF-RAY
6a0ec5fecb530e02-MXP
main.min.js
lp.bttuu.xyz/templates/flashsd/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://lp.bttuu.xyz/templates/flashsd/js/main.min.js
Requested by
Host: lp.bttuu.xyz
URL: http://lp.bttuu.xyz/ins/?id=1634696493295&cid=16346964923118995387281136619137653
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:b49f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19460d606fd119668b99fc0755f899c81b551404ff26d3549fde6d1e5633013e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
lp.bttuu.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://lp.bttuu.xyz/ins/?id=1634696493295&cid=16346964923118995387281136619137653
Cookie
vt=772b42b100cd1f4d1bea39f86dc1b81ba7e711fc3e; storeid=hdgbbekaglmmmfjghmkafebboajchblj; refurl=http%3A%2F%2Flp.bttuu.xyz%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16346964923118995387281136619137653; taskid=100139; subid=adsch1; uid=u34696493616f7d2d839cb799228227; ts=9c275473d00d9898c958680g1qbc6z3q0t1q2zdt7c; p=100039; rqp=%7B%22id%22%3A%221634696493295%22%2C%22cid%22%3A%2216346964923118995387281136619137653%22%7D; vs=lp.bttuu.xyz
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://lp.bttuu.xyz/ins/?id=1634696493295&cid=16346964923118995387281136619137653
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 20 Oct 2021 02:21:34 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
last-modified
Wed, 18 Aug 2021 10:30:56 GMT
Server
cloudflare
etag
W/"611ce160-c5c"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NS5n%2BTnnA47AtUtuG36MvMiNfnEsjE0rpaQ8irTEP20wlaCcOVL0GSaXpkFRdtbjHzcao8mMB8p4uSryn8lkmqV7Bwq3ME39fRwAZ1X2NsZBwHAMjDwHBZN91kY%2FcV2J37GZpXu3fQXXm4Q%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
6a0ec5ff2b760e02-MXP
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
modernArrow5.png
lp.bttuu.xyz/templates/flashsd/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://lp.bttuu.xyz/templates/flashsd/img/modernArrow5.png
Requested by
Host: lp.bttuu.xyz
URL: http://lp.bttuu.xyz/ins/?id=1634696493295&cid=16346964923118995387281136619137653
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:b49f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb581c108e747e5625b80e92c27dc682a47ed4a2dc28a72684251a44c52c7518

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
lp.bttuu.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://lp.bttuu.xyz/ins/?id=1634696493295&cid=16346964923118995387281136619137653
Cookie
vt=772b42b100cd1f4d1bea39f86dc1b81ba7e711fc3e; storeid=hdgbbekaglmmmfjghmkafebboajchblj; refurl=http%3A%2F%2Flp.bttuu.xyz%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16346964923118995387281136619137653; taskid=100139; subid=adsch1; uid=u34696493616f7d2d839cb799228227; ts=9c275473d00d9898c958680g1qbc6z3q0t1q2zdt7c; p=100039; rqp=%7B%22id%22%3A%221634696493295%22%2C%22cid%22%3A%2216346964923118995387281136619137653%22%7D; vs=lp.bttuu.xyz
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://lp.bttuu.xyz/ins/?id=1634696493295&cid=16346964923118995387281136619137653
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 20 Oct 2021 02:21:34 GMT
CF-Cache-Status
HIT
last-modified
Wed, 18 Aug 2021 10:30:56 GMT
Server
cloudflare
etag
"611ce160-86b"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tSt2%2BBfXlH38KV7stbUl3KISQDYiS3n5yS8lBotTo8BzosWiw3su7kxAFk%2F%2BTDmX2tyCPE%2BiBlJ2xRMsjXfM9l7I2UpPoUoV6kkGCnB%2Bylw6OkqGKFoVKoYN6WKiQxlmJFaXCdgxZIn%2BQ5c%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
6a0ec5ff6c960f4e-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
2155
iconNotify.png
lp.bttuu.xyz/templates/flashsd/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://lp.bttuu.xyz/templates/flashsd/img/iconNotify.png
Requested by
Host: lp.bttuu.xyz
URL: http://lp.bttuu.xyz/ins/?id=1634696493295&cid=16346964923118995387281136619137653
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:b49f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63922506fdbfb3ae80fdd5f314480e13c69fec443b88aaa37f7784715a4c77c6

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
lp.bttuu.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://lp.bttuu.xyz/ins/?id=1634696493295&cid=16346964923118995387281136619137653
Cookie
vt=772b42b100cd1f4d1bea39f86dc1b81ba7e711fc3e; storeid=hdgbbekaglmmmfjghmkafebboajchblj; refurl=http%3A%2F%2Flp.bttuu.xyz%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16346964923118995387281136619137653; taskid=100139; subid=adsch1; uid=u34696493616f7d2d839cb799228227; ts=9c275473d00d9898c958680g1qbc6z3q0t1q2zdt7c; p=100039; rqp=%7B%22id%22%3A%221634696493295%22%2C%22cid%22%3A%2216346964923118995387281136619137653%22%7D; vs=lp.bttuu.xyz
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://lp.bttuu.xyz/ins/?id=1634696493295&cid=16346964923118995387281136619137653
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 20 Oct 2021 02:21:34 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1932
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
1384
last-modified
Wed, 18 Aug 2021 10:30:56 GMT
Server
cloudflare
etag
"611ce160-568"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rPUcalQ4fTnIRsPxj0nhTNj%2Bqj%2FWiLS%2BGR15aH0di7U4Mfm%2FL34GpjtaGo9sIUujis6LiHzJt9%2BQzMhgFr%2B6IXgbVtlmKpkasDXWCE2bsUVPmx7xTP4xhQL9eHdHhqzHvDx38a1xpcW1bV4%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
6a0ec5ff7bf93761-MXP
fav.png
lp.bttuu.xyz/templates/flashsd/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://lp.bttuu.xyz/templates/flashsd/img/fav.png
Requested by
Host: lp.bttuu.xyz
URL: http://lp.bttuu.xyz/ins/?id=1634696493295&cid=16346964923118995387281136619137653
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:b49f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6173e85de5ab45ef8a1894ff4b3edccd79add6ef47683aa7ee637750ac0de1ce

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
lp.bttuu.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://lp.bttuu.xyz/ins/?id=1634696493295&cid=16346964923118995387281136619137653
Cookie
vt=772b42b100cd1f4d1bea39f86dc1b81ba7e711fc3e; storeid=hdgbbekaglmmmfjghmkafebboajchblj; refurl=http%3A%2F%2Flp.bttuu.xyz%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16346964923118995387281136619137653; taskid=100139; subid=adsch1; uid=u34696493616f7d2d839cb799228227; ts=9c275473d00d9898c958680g1qbc6z3q0t1q2zdt7c; p=100039; rqp=%7B%22id%22%3A%221634696493295%22%2C%22cid%22%3A%2216346964923118995387281136619137653%22%7D; vs=lp.bttuu.xyz
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://lp.bttuu.xyz/ins/?id=1634696493295&cid=16346964923118995387281136619137653
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 20 Oct 2021 02:21:34 GMT
CF-Cache-Status
HIT
last-modified
Wed, 18 Aug 2021 10:30:56 GMT
Server
cloudflare
etag
"611ce160-b68"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5krasVUVEiKiQ%2FaxaeBaWFlXUVdj9PHYNleB8cMVk%2F5scqZnfaeEStBS6MsCxB%2FLWQNC56Oq6KCbg9gipxuNvHnfKNXaoD4uBIY9jn8EBTm1dQ4TQDNkXh1Bd4cWDC6LRHT%2BbaJUD2HEJf8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
6a0ec5ffce30d610-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
2920
addToChrome.png
lp.bttuu.xyz/templates/flashsd/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://lp.bttuu.xyz/templates/flashsd/img/addToChrome.png
Requested by
Host: lp.bttuu.xyz
URL: http://lp.bttuu.xyz/ins/?id=1634696493295&cid=16346964923118995387281136619137653
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:b49f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bd7f6b63ad65fa954268fecce982051c2a9cc4d45e48d6fd3940c543ca97906

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
lp.bttuu.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://lp.bttuu.xyz/ins/?id=1634696493295&cid=16346964923118995387281136619137653
Cookie
vt=772b42b100cd1f4d1bea39f86dc1b81ba7e711fc3e; storeid=hdgbbekaglmmmfjghmkafebboajchblj; refurl=http%3A%2F%2Flp.bttuu.xyz%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16346964923118995387281136619137653; taskid=100139; subid=adsch1; uid=u34696493616f7d2d839cb799228227; ts=9c275473d00d9898c958680g1qbc6z3q0t1q2zdt7c; p=100039; rqp=%7B%22id%22%3A%221634696493295%22%2C%22cid%22%3A%2216346964923118995387281136619137653%22%7D; vs=lp.bttuu.xyz
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://lp.bttuu.xyz/ins/?id=1634696493295&cid=16346964923118995387281136619137653
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 20 Oct 2021 02:21:34 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2979
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
2043
last-modified
Wed, 18 Aug 2021 10:30:56 GMT
Server
cloudflare
etag
"611ce160-7fb"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=APwrtOhwC8rw%2FWC5Jgty2TCIhmp2QaPVKRSI1tG2OCBi7eNqfiJ755wkYZ%2Bpt7Z0Jo6emdMGk1Z87w7Jv1fgxe9kZDIgmyVhhvh%2FOLQ6b5C1Hq97rnHhWfDGAfJOkOynw%2Bq3QRBKCLnHsZY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
6a0ec5ffcfa25995-MXP
cursor2.png
lp.bttuu.xyz/templates/flashsd/img/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://lp.bttuu.xyz/templates/flashsd/img/cursor2.png
Requested by
Host: lp.bttuu.xyz
URL: http://lp.bttuu.xyz/ins/?id=1634696493295&cid=16346964923118995387281136619137653
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:b49f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edb2c96a3b9ae8645ec31e00e23c7031aaa99681a8abc1c49de76bdcc702dd61

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
lp.bttuu.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://lp.bttuu.xyz/ins/?id=1634696493295&cid=16346964923118995387281136619137653
Cookie
vt=772b42b100cd1f4d1bea39f86dc1b81ba7e711fc3e; storeid=hdgbbekaglmmmfjghmkafebboajchblj; refurl=http%3A%2F%2Flp.bttuu.xyz%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16346964923118995387281136619137653; taskid=100139; subid=adsch1; uid=u34696493616f7d2d839cb799228227; ts=9c275473d00d9898c958680g1qbc6z3q0t1q2zdt7c; p=100039; rqp=%7B%22id%22%3A%221634696493295%22%2C%22cid%22%3A%2216346964923118995387281136619137653%22%7D; vs=lp.bttuu.xyz
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://lp.bttuu.xyz/ins/?id=1634696493295&cid=16346964923118995387281136619137653
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 20 Oct 2021 02:21:34 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2804
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
26643
last-modified
Wed, 18 Aug 2021 10:30:56 GMT
Server
cloudflare
etag
"611ce160-6813"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hf%2FPn0PyP0OH5yWQ3XM0%2Fl7bCveQGcAHflFN5XRtYZyt954yzR%2FtMc8lWuf%2FTyXmrx4lHYWDa06sqfc96tCR35vGrlOPZQqI6%2B6KjrmHm63qWJ77OZ2Puu%2BA2BRlGe%2F6DBJIkaUaQIO8hNg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
6a0ec5ffdc073761-MXP
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c063e621d5f28526faac2d9aa1db19fc40e65913f1e50ab55b6f9c6c45fc16b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://lp.bttuu.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
bg.png
lp.bttuu.xyz/templates/flashsd/img/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://lp.bttuu.xyz/templates/flashsd/img/bg.png
Requested by
Host: lp.bttuu.xyz
URL: http://lp.bttuu.xyz/ins/?id=1634696493295&cid=16346964923118995387281136619137653
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:b49f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d382a7c2f5a33274b2905b3245a7898d9af395decdb5211f4d8ce950524a2d05

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
lp.bttuu.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://lp.bttuu.xyz/ins/?id=1634696493295&cid=16346964923118995387281136619137653
Cookie
vt=772b42b100cd1f4d1bea39f86dc1b81ba7e711fc3e; storeid=hdgbbekaglmmmfjghmkafebboajchblj; refurl=http%3A%2F%2Flp.bttuu.xyz%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16346964923118995387281136619137653; taskid=100139; subid=adsch1; uid=u34696493616f7d2d839cb799228227; ts=9c275473d00d9898c958680g1qbc6z3q0t1q2zdt7c; p=100039; rqp=%7B%22id%22%3A%221634696493295%22%2C%22cid%22%3A%2216346964923118995387281136619137653%22%7D; vs=lp.bttuu.xyz
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://lp.bttuu.xyz/ins/?id=1634696493295&cid=16346964923118995387281136619137653
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 20 Oct 2021 02:21:34 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2979
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
29406
last-modified
Wed, 18 Aug 2021 10:30:56 GMT
Server
cloudflare
etag
"611ce160-72de"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2EXQPPpOT9gKtsZmsJ2r0b1xGo95wfr3iIbr3tahQ8UaI3RnGsmSctcyNhcnTZZfmC8frbHz0%2FJlOU5yuxHArwkKZ%2FVGLvFPHPhdOcngq%2B9mn0w%2BViaVkWAmA5FtHv6WWpLez8hHyk64sSE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
6a0ec5ffcddf374f-MXP
light.mp3
lp.bttuu.xyz/templates/flashsd/img/ 		16 KB
17 KB 		Media
General
Check archive.org
Download Go to
Full URL
http://lp.bttuu.xyz/templates/flashsd/img/light.mp3
Requested by
Host: lp.bttuu.xyz
URL: http://lp.bttuu.xyz/ins/?id=1634696493295&cid=16346964923118995387281136619137653
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:b49f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c4dbad2053699f8332ce40e0edbba0d72563a981950fd574a8f04450b97a63

Request headers

Pragma
no-cache
Accept-Encoding
identity;q=1, *;q=0
Host
lp.bttuu.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Cache-Control
no-cache
Referer
http://lp.bttuu.xyz/ins/?id=1634696493295&cid=16346964923118995387281136619137653
Cookie
vt=772b42b100cd1f4d1bea39f86dc1b81ba7e711fc3e; storeid=hdgbbekaglmmmfjghmkafebboajchblj; refurl=http%3A%2F%2Flp.bttuu.xyz%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16346964923118995387281136619137653; taskid=100139; subid=adsch1; uid=u34696493616f7d2d839cb799228227; ts=9c275473d00d9898c958680g1qbc6z3q0t1q2zdt7c; p=100039; rqp=%7B%22id%22%3A%221634696493295%22%2C%22cid%22%3A%2216346964923118995387281136619137653%22%7D; vs=lp.bttuu.xyz
Connection
keep-alive
Range
bytes=0-
Referer
http://lp.bttuu.xyz/ins/?id=1634696493295&cid=16346964923118995387281136619137653
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=0-

Response headers

Date
Wed, 20 Oct 2021 02:21:34 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2804
Content-Range
bytes 0-16761/16762
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
16762
last-modified
Wed, 18 Aug 2021 10:30:56 GMT
Server
cloudflare
etag
"611ce160-417a"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=spvu6L1LyiYEKQmyh48U91MuhPPRLhEZMUPWkkfNDt0Vd2JyphZMbg1upAOLb9Vh6IxrgvQGKq0n4v6kcexiaFytFfQEunAfr5nbi%2BTaOQAw9lsgVqIBJqtcniudridjOHMayFmWH2OGkP8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
audio/mpeg
Cache-Control
max-age=14400
CF-RAY
6a0ec6002fc85995-MXP
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ed032c432b28c2de618ed566378d9ccc4fa8f3a8ea255641eeac95e3d8a474d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://lp.bttuu.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery string| ver string| info string| hostnameDD function| AddmyTime function| AddmyTime1 boolean| isChrome boolean| cwswindowclosed undefined| oldCWSLeft undefined| oldCWSTop function| openInstall function| openInstall2 function| Yes function| No function| myMove function| myMove1 object| cursor object| canvas object| ctx undefined| cx undefined| cy undefined| x undefined| y object| animationDD function| animateDD object| addTimer object| myVar function| Cookies object| _$_41fc function| getCookie string| refurl number| Py number| px number| py

14 Cookies

Domain/Path Name / Value
.capitalcaone.com/ Name: sid
Value: 6f85dccc-314c-11ec-9a0f-8de9d7eab95a
.mybetterdl.com/ Name: rhid
Value: 79914018307
.mybetterdl.com/ Name: loi
Value: ad_1117288_off_562660_aff_87624_cid_185689-CAPITALCAONE.COM_ts_1634696491
.www.bfqcx.xyz/ Name: uid
Value: u34696492616f7d2cef4f0637820534
.lp.bttuu.xyz/ Name: vt
Value: 772b42b100cd1f4d1bea39f86dc1b81ba7e711fc3e
.bttuu.xyz/ Name: storeid
Value: hdgbbekaglmmmfjghmkafebboajchblj
.bttuu.xyz/ Name: refurl
Value: http%3A%2F%2Flp.bttuu.xyz%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16346964923118995387281136619137653
.bttuu.xyz/ Name: taskid
Value: 100139
.lp.bttuu.xyz/ Name: subid
Value: adsch1
.lp.bttuu.xyz/ Name: uid
Value: u34696493616f7d2d839cb799228227
.lp.bttuu.xyz/ Name: ts
Value: 9c275473d00d9898c958680g1qbc6z3q0t1q2zdt7c
.lp.bttuu.xyz/ Name: p
Value: 100039
.bttuu.xyz/ Name: rqp
Value: %7B%22id%22%3A%221634696493295%22%2C%22cid%22%3A%2216346964923118995387281136619137653%22%7D
.lp.bttuu.xyz/ Name: vs
Value: lp.bttuu.xyz