lp.bttuu.xyz Open in urlscan Pro
2606:4700:3035::ac43:b49f Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cbsspsrts.com/
Effective URL:
http://lp.bttuu.xyz/ins/?id=1634488262268&cid=16344882613257166867201509599216615
Submission: On October 17 via api (October 17th 2021, 4:31:07 pm UTC) from US — Scanned from DE

Summary HTTP 15 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 15 HTTP transactions. The main IP is 2606:4700:3035::ac43:b49f, located in United States and belongs to CLOUDFLARENET, US. The main domain is lp.bttuu.xyz.

This is the only time lp.bttuu.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	81.17.18.195 81.17.18.195	51852 (PLI-AS) (PLI-AS)
2 2	173.192.101.24 173.192.101.24	36351 (SOFTLAYER) (SOFTLAYER)
2 3	35.201.103.0 35.201.103.0	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:303... 2606:4700:3031::6815:efe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 14	2606:4700:303... 2606:4700:3035::ac43:b49f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	4

2 81.17.18.195 (Zurich, Switzerland) 1 redirects

ASN51852 (PLI-AS, PA)

cbsspsrts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.192.101.24 (Dallas, United States) 2 redirects

ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com

mybetterdl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p185689.mybetterdl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.103.0 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 0.103.201.35.bc.googleusercontent.com

www.greatdexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:efe (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.bfqcx.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:3035::ac43:b49f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

lp.bttuu.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	bttuu.xyz 1 redirects lp.bttuu.xyz	213 KB
3	greatdexchange.com 2 redirects www.greatdexchange.com	3 KB
2	mybetterdl.com 2 redirects mybetterdl.com p185689.mybetterdl.com	1 KB
2	cbsspsrts.com 1 redirects cbsspsrts.com	3 KB
1	bfqcx.xyz 1 redirects www.bfqcx.xyz	936 B
15	5

	Domain	Requested by
14	lp.bttuu.xyz	1 redirects www.greatdexchange.com lp.bttuu.xyz
3	www.greatdexchange.com	2 redirects cbsspsrts.com
2	cbsspsrts.com	1 redirects
1	www.bfqcx.xyz	1 redirects
1	p185689.mybetterdl.com	1 redirects
1	mybetterdl.com	1 redirects
15	6

This site contains links to these domains. Also see Links.

Domain
www.zingload.com

Subject Issuer	Validity	Valid
greatdexchange.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-18` - `2022-02-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://lp.bttuu.xyz/ins/?id=1634488262268&cid=16344882613257166867201509599216615
Frame ID: BCD3045F5655A0CCCEB76B8A5CB7120C
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Installed Required

Page URL History Show full URLs

http://cbsspsrts.com/ Page URL
http://cbsspsrts.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYzNDQ... HTTP 302
https://mybetterdl.com/aS/feedclick?s=mC6s-PqgY788QOXq6Hy-gI8uDhK_8R6jCY29K0cFIrT4jBE3612H-zZTiQMvA... HTTP 302
https://p185689.mybetterdl.com/adServe/domainClick?ai=tMxzWfm12LoqfQ4cSEAyB1AGrGY49m8wAgbZXEjLAsOQ4NFBCwWNa... HTTP 302
https://www.greatdexchange.com/jump/next.php?r=2714719&sub1=revenuehits&sub2={zoneid} Page URL
https://www.greatdexchange.com/jump/next.php?stamat=m%257C%252CgNhJ69jYrB1dAN0dEdHP3xP.bf3%252C7H0PozvLiGV-... HTTP 302
https://www.greatdexchange.com/script/i.php?stamat=m%257C%252C%252CwjI24jYnoGU3Bv-GH0dEdHP3xP.c08%252CDGbzh... HTTP 302
http://www.bfqcx.xyz/?s=1372512-1801477522-1554205996&cid=16344882613257166867201509599216615 HTTP 302
http://lp.bttuu.xyz/verify.php?xx=100139&s=1372512-1801477522-1554205996&cid=1634488261325716686... HTTP 302
http://lp.bttuu.xyz/ins/?id=1634488262268&cid=16344882613257166867201509599216615 Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

15
Requests

7 %
HTTPS

40 %
IPv6

5
Domains

6
Subdomains

4
IPs

2
Countries

215 kB
Transfer

557 kB
Size

14
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.zingload.com/indices/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.zingload.com/indices/terms
Title: EULA

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cbsspsrts.com/ Page URL
http://cbsspsrts.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYzNDQ5NTQ2MCwiaWF0IjoxNjM0NDg4MjYwLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycW5kc3FkNmVobGU0YmtiMDAwODMxaWMiLCJuYmYiOjE2MzQ0ODgyNjAsInRzIjoxNjM0NDg4MjYwMTI3NTkzfQ.va-aVzq3MNSXlvGxW5p5up84-UBM6LH5pPSRRt2z_74&sid=9cd6e342-2f67-11ec-9a4e-baf661172075 HTTP 302
https://mybetterdl.com/aS/feedclick?s=mC6s-PqgY788QOXq6Hy-gI8uDhK_8R6jCY29K0cFIrT4jBE3612H-zZTiQMvAXg5dnQ3qd4H7z-pbTnNK1c9Rxz0pbUsp-ySLp7WzEZyY0OuJgxs4iewhBk62mhAGgs4gS41QDYTbhAEysjXg8JANJjEIILW_3V7XWOpnxryNlwrjG0nSZQzsvsOLvSvIiQERWLHf8LmU76dqefgCc_N-puE-jhTvj7qYhCN3Wv1TP5AjU5WTO17ye21ZNJdWFp-9GSieB8_PBwFIrvk5gBu4JTycDFfVv6HQ0uBb4VmtZe9yRr3SM2YJZFhV1fZECpbrKKhhnPIaAV-hlQpKu0WJ4xz2xGAcUjoiYYPu-u1_JuTbPFTccHAWHp2GTXLy0n-x1wHU4bsAVCHvqdZ5pjBh82jcwJRTPB91H6ntOoCZwbRHFG7MyZsQxTqKl6tfYMCSw0s0PdG2qeAFaH7lV1DEAqwpzNF926RP7FuXRirZJ0B_U6Nyq35lG4SAjI7wCicLvFxOZ9sABeXJPvMqPF9-WOq5P3XeuDdAVlOuep1AxDHzE8yOd5BAeLgsQ8zx6YzJu9_qCHyIEmTvOYjycAxMEaWehW1ukLWQhSA3ZwPyx128yKejrK9FYMMMmVzwbwf_BrtjuO6_M6zVDLENSJ-uy4FmlDDcL7RuAMSnZNf5gcnb1MpwOEfFjtWvGnJSL-uCiQ-8j2YONmhr2fLa941az_JybozmxrYEYAlGHnnGVMsnziXPyepnSnuEALgM61iXMqjmfGmZLpyozCUfjZdo57HZyCs8T7VaFwBTvyHB1n28HBPd9g7WSg_gCM_MESdZ35Ugsr6oyuf9pVj7O8RjhQVhN6EHOU80255LGq8IIJgCyKLD0kCpWJo0Jei6ty3BEbZz_Lp3ymD31cqyVUrk4zCQyXWZ6N3s9xbQxkQpcN6vQWoNjHmadTJtvc7pjfZTaLNQqweRnr6oGk9Lw78qILa_IaeJHxXsWMdjomGDiq0Lnz3O4IhDPGjU3B-MoCGaxANo181rc6frzEtcswEFtivjCOVV277SIhDCMgJYu3czgL04a_sr9anIS7J_Ctdu2QYTkZKSr2Oh9ggYEPa6Pdz3MpoQKOx3V0myA7eGhV_wBi1iSbT8kn4GTFakxMBtSalxsyg6pPt0Tkfm4OGXUwJsbb7yPWlR1f9Fpb41ZHGc3tDj8iL6rwpU2d9IY3sNBoslyHHRWIc5KEDF2dP4hsD17YgbQROoTmsORDQ5xc4hGNc9WpuvYodmU2-Pc1RgE1U8v6iRXUFECJLTB_01qAHEuMyqgggu3yT36a6bn5Ksyw5VI6sUh6LB51TyPTJkY_vvHDi4uCv2i922LN2oBk7vmIyRw_kgLx3BguacjAbO7pWllwGdVGZXxgmhR3INz-QU0tQexjS1sjTSDdvxjTnBG6KLohwyqV7tETR7cP-o1a3gHjZa1GVWyseWWwK6c7oiDTpxDaQOdy-Ktbcd--YqskXimRCL7oeqEmQLKbq9IaY6LYxIZWMdLhVZ-b5zLjahusdwVKYSN0Fv1TlJAu7hkyFqwyBNbG1rwzn-Jt3bLTL01YKEEsFCu05RXqDLOARi2qV1rj3treNb_lCSZ5zJieQBimQDPFqumqk15R90gz_EJ3xBp5Y2mPrTfRnZ7uyRR2a6TZcfx0th3Q4kfPDoQ3HMIFuOXfgBOcIL6RMpmP5vUlKgZYCWRxhCsgh-H8h2A3bgVkbI89FF8c6XatS5WqdKghN2vfRjHHqv4QIEPb-npS33WFyUPKVLAfwsr2c4NwaA6AtcZocAEh1nfR4jSVlMKcuow3RYz8FWmX2PV_Dt94T8tr30Yxx6r-EIIj_OXnsGucssOxXHX7sJaKQPDH65AY0FmtFgB_Bw8YM6aSeFBfyojv6GLCm55UkM9RA5eZwW04Qz4clqbdarOYxZLUpQIJPDwrHwJFbU0gkfaqeOi0EF7ePjkr5RU_Daim3IUxdHwCg5vDxzc-Q9hMITJxBD3qBioQMnU0zufRPZw5EsxDMeCU7ugF2M-yucFCMeAGSIVqlqPp4eMVPf2q8kMewdb03zy-7zokGVYW4WubhVzjckfQ1q0TVydv1DlFQO5HpzDwPdOSTPmnyWuaHrLZE3F_n HTTP 302
https://p185689.mybetterdl.com/adServe/domainClick?ai=tMxzWfm12LoqfQ4cSEAyB1AGrGY49m8wAgbZXEjLAsOQ4NFBCwWNaNRI-MZGE8VbiRmqI_faTys-jPzo0hsSsI6fVyf7MMPyC_RGGe-dd6P72zKPJbQtxmR5T1IabWGPCKr_MmI3fm_78IKhi4l_bR6gjHvpmomchrwJfw6g3yPm3pnB6cyiz3WyOCRb-KWMN3kbyXTJYVmzIaubpMnolKMG6GJ-Io7IhV83Kxp0xqG0YkaAQt3yo2PTch9xR_9eX3kPxm8Vn-4swUrT0vH3YB225d-3qOOtqC3RxmPlgqVr9K-UQOhv9fvbMo8ltC3GMAr04G-qlpvsrMW8Z-yGVHOBtaX1w2oOGTu-YjJHD-SAvHcGC5pyMAW2EPX3lzlhOP4Y9yygj9tfb5FQeZl75NtmHa-sXA6BxAAtv54EftjqqQDp2AdinKtBqs4MHqzVN2aRlCqoFtRMpmP5vUlKgUkHTFTyunF3DwHvy-FgMa3u9mfDDgKSUI8wyRFS5jqhfEyKQ_wrfuhrXZ7fy64Z_MSDPhdk_SCbAOiOAfLKc3X6tVUHBRtKv-3MVfKXZeqnjZ1KsGQdcLbXy9rWOEYUYjyN2o-3EfhQIlDjxDeukss2V8Z1_cNyh9cIHqGMuP9gcBeRmJ93EJu5kygdpabC421p2h3hBQbn7HyBEOo_2tJ52jM6-Hyv0pcbEuzA2dlPEz-50Q8g6IZsn4eN_ol45A&ui=mC6s-PqgY788QOXq6Hy-gPbWwvziNp_1xLgNeF8Zj-j-_I4nlyW5irWskzkjM6TVME3NL15QgiYhXjhG3bUaidcslM4LUQbVvwwq4EIW2XY2BkhQ7T3Olg&si=1&oref=43106031856688e09231ce2f2946dac9&optunit=cFCMeAGSIVqO0AI8oCvAKg&rb=Rl_VhPiUh7k&rr=1&abtg=0 HTTP 302
https://www.greatdexchange.com/jump/next.php?r=2714719&sub1=revenuehits&sub2={zoneid} Page URL
https://www.greatdexchange.com/jump/next.php?stamat=m%257C%252CgNhJ69jYrB1dAN0dEdHP3xP.bf3%252C7H0PozvLiGV-YkDx825CHrFgJx87MG1axwbzL_O75Y5wHoev9Q-q0npNnB9WTriHfvXPuenO5sdBFCmdwvQvyE6-Ow620yQd1qL3NxlIJLc%252C&cbur=0.34350727847030194&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=http%3A%2F%2Fcbsspsrts.com%2F HTTP 302
https://www.greatdexchange.com/script/i.php?stamat=m%257C%252C%252CwjI24jYnoGU3Bv-GH0dEdHP3xP.c08%252CDGbzh8F7-xNg31MiHekYwglAJwZMdywWiWgGDZ54Fg_-K3ZRD8DvfZubYMP0l9_TuoKuTgsdxuWYwxrbMjaukrXE6nfxFKdDWWh17SoR18wYIKiOKM6iAGjBvg_LlKjM4t3LOkHlbEZPi7dJ8_5Iv2n8zsklM7ev4HfNCxH-ggMXorqjBfmfSbWNyr1_NZO0SsWSRMHoROkm5ri6D3RqZPXHQ1pr-_wrjgzQVY0xzhCcK2t3s_WdVhetbvJL3kW9_nGCdQcEs8LGEH3p_p5VbYenP0UOdYK6muR3ApCVVVWFtoGXLrzPbU6Xi71MV2UBllfCdtqRy8k5zGGMbfw-grw5zZ6uI33q3lm4c4D3oDiyCtZlQRFaP0sTkdXtFVYyKeJz4WtYdNoVKmI9ba_dPMEpKPB7c5JfWpeZyZEDAhZir9HnQ9zjLPenMxZyNBLtQSiP7EiYiIKrBrKzvfgyiBRO_gDYPhHhHAr1zmQBoezzjswhh3cAV-zE-lv1FDXR HTTP 302
http://www.bfqcx.xyz/?s=1372512-1801477522-1554205996&cid=16344882613257166867201509599216615 HTTP 302
http://lp.bttuu.xyz/verify.php?xx=100139&s=1372512-1801477522-1554205996&cid=16344882613257166867201509599216615 HTTP 302
http://lp.bttuu.xyz/ins/?id=1634488262268&cid=16344882613257166867201509599216615 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://cbsspsrts.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYzNDQ5NTQ2MCwiaWF0IjoxNjM0NDg4MjYwLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycW5kc3FkNmVobGU0YmtiMDAwODMxaWMiLCJuYmYiOjE2MzQ0ODgyNjAsInRzIjoxNjM0NDg4MjYwMTI3NTkzfQ.va-aVzq3MNSXlvGxW5p5up84-UBM6LH5pPSRRt2z_74&sid=9cd6e342-2f67-11ec-9a4e-baf661172075 HTTP 302
https://mybetterdl.com/aS/feedclick?s=mC6s-PqgY788QOXq6Hy-gI8uDhK_8R6jCY29K0cFIrT4jBE3612H-zZTiQMvAXg5dnQ3qd4H7z-pbTnNK1c9Rxz0pbUsp-ySLp7WzEZyY0OuJgxs4iewhBk62mhAGgs4gS41QDYTbhAEysjXg8JANJjEIILW_3V7XWOpnxryNlwrjG0nSZQzsvsOLvSvIiQERWLHf8LmU76dqefgCc_N-puE-jhTvj7qYhCN3Wv1TP5AjU5WTO17ye21ZNJdWFp-9GSieB8_PBwFIrvk5gBu4JTycDFfVv6HQ0uBb4VmtZe9yRr3SM2YJZFhV1fZECpbrKKhhnPIaAV-hlQpKu0WJ4xz2xGAcUjoiYYPu-u1_JuTbPFTccHAWHp2GTXLy0n-x1wHU4bsAVCHvqdZ5pjBh82jcwJRTPB91H6ntOoCZwbRHFG7MyZsQxTqKl6tfYMCSw0s0PdG2qeAFaH7lV1DEAqwpzNF926RP7FuXRirZJ0B_U6Nyq35lG4SAjI7wCicLvFxOZ9sABeXJPvMqPF9-WOq5P3XeuDdAVlOuep1AxDHzE8yOd5BAeLgsQ8zx6YzJu9_qCHyIEmTvOYjycAxMEaWehW1ukLWQhSA3ZwPyx128yKejrK9FYMMMmVzwbwf_BrtjuO6_M6zVDLENSJ-uy4FmlDDcL7RuAMSnZNf5gcnb1MpwOEfFjtWvGnJSL-uCiQ-8j2YONmhr2fLa941az_JybozmxrYEYAlGHnnGVMsnziXPyepnSnuEALgM61iXMqjmfGmZLpyozCUfjZdo57HZyCs8T7VaFwBTvyHB1n28HBPd9g7WSg_gCM_MESdZ35Ugsr6oyuf9pVj7O8RjhQVhN6EHOU80255LGq8IIJgCyKLD0kCpWJo0Jei6ty3BEbZz_Lp3ymD31cqyVUrk4zCQyXWZ6N3s9xbQxkQpcN6vQWoNjHmadTJtvc7pjfZTaLNQqweRnr6oGk9Lw78qILa_IaeJHxXsWMdjomGDiq0Lnz3O4IhDPGjU3B-MoCGaxANo181rc6frzEtcswEFtivjCOVV277SIhDCMgJYu3czgL04a_sr9anIS7J_Ctdu2QYTkZKSr2Oh9ggYEPa6Pdz3MpoQKOx3V0myA7eGhV_wBi1iSbT8kn4GTFakxMBtSalxsyg6pPt0Tkfm4OGXUwJsbb7yPWlR1f9Fpb41ZHGc3tDj8iL6rwpU2d9IY3sNBoslyHHRWIc5KEDF2dP4hsD17YgbQROoTmsORDQ5xc4hGNc9WpuvYodmU2-Pc1RgE1U8v6iRXUFECJLTB_01qAHEuMyqgggu3yT36a6bn5Ksyw5VI6sUh6LB51TyPTJkY_vvHDi4uCv2i922LN2oBk7vmIyRw_kgLx3BguacjAbO7pWllwGdVGZXxgmhR3INz-QU0tQexjS1sjTSDdvxjTnBG6KLohwyqV7tETR7cP-o1a3gHjZa1GVWyseWWwK6c7oiDTpxDaQOdy-Ktbcd--YqskXimRCL7oeqEmQLKbq9IaY6LYxIZWMdLhVZ-b5zLjahusdwVKYSN0Fv1TlJAu7hkyFqwyBNbG1rwzn-Jt3bLTL01YKEEsFCu05RXqDLOARi2qV1rj3treNb_lCSZ5zJieQBimQDPFqumqk15R90gz_EJ3xBp5Y2mPrTfRnZ7uyRR2a6TZcfx0th3Q4kfPDoQ3HMIFuOXfgBOcIL6RMpmP5vUlKgZYCWRxhCsgh-H8h2A3bgVkbI89FF8c6XatS5WqdKghN2vfRjHHqv4QIEPb-npS33WFyUPKVLAfwsr2c4NwaA6AtcZocAEh1nfR4jSVlMKcuow3RYz8FWmX2PV_Dt94T8tr30Yxx6r-EIIj_OXnsGucssOxXHX7sJaKQPDH65AY0FmtFgB_Bw8YM6aSeFBfyojv6GLCm55UkM9RA5eZwW04Qz4clqbdarOYxZLUpQIJPDwrHwJFbU0gkfaqeOi0EF7ePjkr5RU_Daim3IUxdHwCg5vDxzc-Q9hMITJxBD3qBioQMnU0zufRPZw5EsxDMeCU7ugF2M-yucFCMeAGSIVqlqPp4eMVPf2q8kMewdb03zy-7zokGVYW4WubhVzjckfQ1q0TVydv1DlFQO5HpzDwPdOSTPmnyWuaHrLZE3F_n HTTP 302
https://p185689.mybetterdl.com/adServe/domainClick?ai=tMxzWfm12LoqfQ4cSEAyB1AGrGY49m8wAgbZXEjLAsOQ4NFBCwWNaNRI-MZGE8VbiRmqI_faTys-jPzo0hsSsI6fVyf7MMPyC_RGGe-dd6P72zKPJbQtxmR5T1IabWGPCKr_MmI3fm_78IKhi4l_bR6gjHvpmomchrwJfw6g3yPm3pnB6cyiz3WyOCRb-KWMN3kbyXTJYVmzIaubpMnolKMG6GJ-Io7IhV83Kxp0xqG0YkaAQt3yo2PTch9xR_9eX3kPxm8Vn-4swUrT0vH3YB225d-3qOOtqC3RxmPlgqVr9K-UQOhv9fvbMo8ltC3GMAr04G-qlpvsrMW8Z-yGVHOBtaX1w2oOGTu-YjJHD-SAvHcGC5pyMAW2EPX3lzlhOP4Y9yygj9tfb5FQeZl75NtmHa-sXA6BxAAtv54EftjqqQDp2AdinKtBqs4MHqzVN2aRlCqoFtRMpmP5vUlKgUkHTFTyunF3DwHvy-FgMa3u9mfDDgKSUI8wyRFS5jqhfEyKQ_wrfuhrXZ7fy64Z_MSDPhdk_SCbAOiOAfLKc3X6tVUHBRtKv-3MVfKXZeqnjZ1KsGQdcLbXy9rWOEYUYjyN2o-3EfhQIlDjxDeukss2V8Z1_cNyh9cIHqGMuP9gcBeRmJ93EJu5kygdpabC421p2h3hBQbn7HyBEOo_2tJ52jM6-Hyv0pcbEuzA2dlPEz-50Q8g6IZsn4eN_ol45A&ui=mC6s-PqgY788QOXq6Hy-gPbWwvziNp_1xLgNeF8Zj-j-_I4nlyW5irWskzkjM6TVME3NL15QgiYhXjhG3bUaidcslM4LUQbVvwwq4EIW2XY2BkhQ7T3Olg&si=1&oref=43106031856688e09231ce2f2946dac9&optunit=cFCMeAGSIVqO0AI8oCvAKg&rb=Rl_VhPiUh7k&rr=1&abtg=0 HTTP 302
https://www.greatdexchange.com/jump/next.php?r=2714719&sub1=revenuehits&sub2={zoneid}

15 HTTP transactions
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ cbsspsrts.com/	469 B 826 B	91ms 46ms	Document text/html	81.17.18.195 PLI-AS
General Check archive.org Show headers Download Go to Full URL http://cbsspsrts.com/ Protocol HTTP/1.1 Server 81.17.18.195 Zurich, Switzerland, ASN51852 (PLI-AS, PA), Reverse DNS Software nginx / Resource Hash Request headers Host cbsspsrts.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers cache-control max-age=0, private, must-revalidate connection close content-length 469 content-type text/html; charset=utf-8 date Sun, 17 Oct 2021 16:30:59 GMT server nginx set-cookie sid=9cd6e342-2f67-11ec-9a4e-baf661172075; path=/; domain=.cbsspsrts.com; expires=Fri, 04 Nov 2089 19:45:07 GMT; max-age=2147483647; HttpOnly
GET H2	200	next.php Show response www.greatdexchange.com/jump/ Redirect Chain http://cbsspsrts.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYzNDQ5NTQ2MCwiaWF0IjoxNjM0NDg4MjYwLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycW5kc3FkNmVobGU0YmtiMDAwODMxaWM... https://mybetterdl.com/aS/feedclick?s=mC6s-PqgY788QOXq6Hy-gI8uDhK_8R6jCY29K0cFIrT4jBE3612H-zZTiQMvAXg5dnQ3qd4H7z-pbTnNK1c9Rxz0pbUsp-ySLp7WzEZyY0OuJgxs4iewhBk62mhAGgs4gS41QDYTbhAEysjXg8JANJjEIILW_3V... https://p185689.mybetterdl.com/adServe/domainClick?ai=tMxzWfm12LoqfQ4cSEAyB1AGrGY49m8wAgbZXEjLAsOQ4NFBCwWNaNRI-MZGE8VbiRmqI_faTys-jPzo0hsSsI6fVyf7MMPyC_RGGe-dd6P72zKPJbQtxmR5T1IabWGPCKr_MmI3fm_78IK... https://www.greatdexchange.com/jump/next.php?r=2714719&sub1=revenuehits&sub2={zoneid}	7 KB 3 KB	156ms 120ms	Document text/html	35.201.103.0 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.greatdexchange.com/jump/next.php?r=2714719&sub1=revenuehits&sub2={zoneid} Requested by Host: cbsspsrts.com URL: http://cbsspsrts.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.201.103.0 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 0.103.201.35.bc.googleusercontent.com Software openresty / Resource Hash `1ede6357af251b2df152e6cca1b9700c840ef596d56647308db205ff1b7db8f3` Request headers :method GET :authority www.greatdexchange.com :scheme https :path /jump/next.php?r=2714719&sub1=revenuehits&sub2={zoneid} pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest document referer http://cbsspsrts.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://cbsspsrts.com/ Response headers server openresty date Sun, 17 Oct 2021 16:31:01 GMT content-type text/html; charset=utf-8 access-control-allow-origin * content-encoding gzip via 1.1 google alt-svc clear Redirect headers server nginx date Sun, 17 Oct 2021 16:31:01 GMT content-length 0 set-cookie rhid=79891955690; Max-Age=15552000; Expires=Fri, 15-Apr-2022 16:31:01 GMT; Domain=mybetterdl.com; Path=/; SameSite=None; secure; loi=ad_1117289_off_562661_aff_87624_cid_185689-CBSSPSRTS.COM_ts_1634488261; Max-Age=3600; Expires=Sun, 17-Oct-2021 17:31:01 GMT; Domain=mybetterdl.com; Path=/; SameSite=None; secure; location https://www.greatdexchange.com/jump/next.php?r=2714719&sub1=revenuehits&sub2={zoneid}
GET H/1.1	200 OK	Primary Request / Show response lp.bttuu.xyz/ins/ Redirect Chain https://www.greatdexchange.com/jump/next.php?stamat=m%257C%252CgNhJ69jYrB1dAN0dEdHP3xP.bf3%252C7H0PozvLiGV-YkDx825CHrFgJx87MG1axwbzL_O75Y5wHoev9Q-q0npNnB9WTriHfvXPuenO5sdBFCmdwvQvyE6-Ow620yQd1qL3Nx... https://www.greatdexchange.com/script/i.php?stamat=m%257C%252C%252CwjI24jYnoGU3Bv-GH0dEdHP3xP.c08%252CDGbzh8F7-xNg31MiHekYwglAJwZMdywWiWgGDZ54Fg_-K3ZRD8DvfZubYMP0l9_TuoKuTgsdxuWYwxrbMjaukrXE6nfxFKd... http://www.bfqcx.xyz/?s=1372512-1801477522-1554205996&cid=16344882613257166867201509599216615 http://lp.bttuu.xyz/verify.php?xx=100139&s=1372512-1801477522-1554205996&cid=16344882613257166867201509599216615 http://lp.bttuu.xyz/ins/?id=1634488262268&cid=16344882613257166867201509599216615	32 KB 9 KB	226ms 225ms	Document text/html	2606:4700:3035::ac43:b49f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://lp.bttuu.xyz/ins/?id=1634488262268&cid=16344882613257166867201509599216615 Requested by Host: www.greatdexchange.com URL: https://www.greatdexchange.com/jump/next.php?r=2714719&sub1=revenuehits&sub2={zoneid} Protocol HTTP/1.1 Server 2606:4700:3035::ac43:b49f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.5.21 Resource Hash `ca4babdf9ef0d350e2cd41fcca864a1c88c404dcaa8e8353e839070e4d3e4ad2` Request headers Host lp.bttuu.xyz Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Cookie vt=a5d793822f79c7b0b884a29e41d548f7380062be9a; storeid=hdgbbekaglmmmfjghmkafebboajchblj; refurl=http%3A%2F%2Flp.bttuu.xyz%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16344882613257166867201509599216615; isjp=148316; taskid=100139 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.greatdexchange.com/jump/next.php?r=2714719&sub1=revenuehits&sub2={zoneid} Response headers Date Sun, 17 Oct 2021 16:31:02 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive x-powered-by PHP/5.5.21 set-cookie isjp=234; expires=Sun, 17-Oct-2021 16:31:01 GMT; Max-Age=-1; path=/; domain=bttuu.xyz taskid=100139; expires=Wed, 18-May-2033 03:33:20 GMT; Max-Age=365511738; path=/; domain=bttuu.xyz subid=adsch1; expires=Wed, 18-May-2033 03:33:20 GMT; Max-Age=365511738; path=/; domain=lp.bttuu.xyz uid=u34488262616c4fc6763be465370788; expires=Wed, 18-May-2033 03:33:20 GMT; Max-Age=365511738; path=/; domain=lp.bttuu.xyz ts=19ff45f4f705950d8b12c5fgdqdcez4zdb6bdo5qbo; expires=Wed, 18-May-2033 03:33:20 GMT; Max-Age=365511738; path=/; domain=lp.bttuu.xyz p=100039; expires=Wed, 18-May-2033 03:33:20 GMT; Max-Age=365511738; path=/; domain=lp.bttuu.xyz rqp=%7B%22id%22%3A%221634488262268%22%2C%22cid%22%3A%2216344882613257166867201509599216615%22%7D; expires=Wed, 18-May-2033 03:33:20 GMT; Max-Age=365511738; path=/; domain=bttuu.xyz vs=lp.bttuu.xyz; expires=Sun, 17-Oct-2021 17:31:02 GMT; Max-Age=3600; path=/; domain=lp.bttuu.xyz vary Accept-Encoding CF-Cache-Status DYNAMIC Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YmBxl3DLZjWdPFII%2B%2BoNvBHFbOshvXwU1BjFYXj8G1sXoGGOm0SEKdgHaO1kfoOTRKxKghSKyVcMzyKdtZmpMLcspgJ4utOztVkINbcNQuNpq1%2FGjktj7yAB%2F7SAreIPr0ympjpN5XcYlXo%3D"}],"group":"cf-nel","max_age":604800} NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare CF-RAY 69faea380a6659ef-MXP Content-Encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Redirect headers Date Sun, 17 Oct 2021 16:31:02 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive x-powered-by PHP/5.5.21 set-cookie vt=a5d793822f79c7b0b884a29e41d548f7380062be9a; expires=Wed, 18-May-2033 03:33:20 GMT; Max-Age=365511738; path=/; domain=lp.bttuu.xyz storeid=hdgbbekaglmmmfjghmkafebboajchblj; expires=Wed, 18-May-2033 03:33:20 GMT; Max-Age=365511738; path=/; domain=bttuu.xyz refurl=http%3A%2F%2Flp.bttuu.xyz%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16344882613257166867201509599216615; expires=Wed, 18-May-2033 03:33:20 GMT; Max-Age=365511738; path=/; domain=bttuu.xyz isjp=148316; expires=Wed, 18-May-2033 03:33:20 GMT; Max-Age=365511738; path=/; domain=bttuu.xyz taskid=100139; expires=Wed, 18-May-2033 03:33:20 GMT; Max-Age=365511738; path=/; domain=bttuu.xyz location http://lp.bttuu.xyz/ins/?id=1634488262268&cid=16344882613257166867201509599216615# CF-Cache-Status DYNAMIC Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQGhtugOn6Ov8c1%2BOFo02xGrsmFXeX4RCay0rmKXCUrjmPf5Blsx7XHzZp8jkobC7SnvCieaoFfXe0pwOyifW8WsNaFlm3WwgvTUnyMqIrNHMSBafJWRo1VoJuQP8LEtQCg9c8YVx4PnMZY%3D"}],"group":"cf-nel","max_age":604800} NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare CF-RAY 69faea367d9659ef-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	css.css lp.bttuu.xyz/templates/flashsd/css/	7 KB 1 KB	36ms 35ms	Stylesheet text/css	2606:4700:3035::ac43:b49f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://lp.bttuu.xyz/templates/flashsd/css/css.css Requested by Host: lp.bttuu.xyz URL: http://lp.bttuu.xyz/ins/?id=1634488262268&cid=16344882613257166867201509599216615 Protocol HTTP/1.1 Server 2606:4700:3035::ac43:b49f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0a0619f7c978dc3e78e4774f56444184455d05868ce9950cda38d85299e01796` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host lp.bttuu.xyz Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept text/css,/;q=0.1 Referer http://lp.bttuu.xyz/ins/?id=1634488262268&cid=16344882613257166867201509599216615 Cookie vt=a5d793822f79c7b0b884a29e41d548f7380062be9a; storeid=hdgbbekaglmmmfjghmkafebboajchblj; refurl=http%3A%2F%2Flp.bttuu.xyz%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16344882613257166867201509599216615; taskid=100139; subid=adsch1; uid=u34488262616c4fc6763be465370788; ts=19ff45f4f705950d8b12c5fgdqdcez4zdb6bdo5qbo; p=100039; rqp=%7B%22id%22%3A%221634488262268%22%2C%22cid%22%3A%2216344882613257166867201509599216615%22%7D; vs=lp.bttuu.xyz Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://lp.bttuu.xyz/ins/?id=1634488262268&cid=16344882613257166867201509599216615 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 17 Oct 2021 16:31:02 GMT content-encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 1583 Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Wed, 18 Aug 2021 10:30:56 GMT Server cloudflare etag W/"611ce160-1c80" vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ozqDgjH95sSyF2u5h4FTL1V7RrgvbcL1yMRlSKqZZksUXAIvuMlfBMQZwewzmxpItR6auRjgFun1mN%2FAcKv4nWXYIMafp3waLdFY6BRqOGE4dzeq89%2BFgf0WtWDl6Tv8cejmmtQ5SuWgLU%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=14400 CF-RAY 69faea398f0959ef-MXP
GET H/1.1	200 OK	jquery-1.12.4.min.js Show response lp.bttuu.xyz/templates/flashsd/js/	95 KB 34 KB	131ms 125ms	Script application/javascript	2606:4700:3035::ac43:b49f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://lp.bttuu.xyz/templates/flashsd/js/jquery-1.12.4.min.js Requested by Host: lp.bttuu.xyz URL: http://lp.bttuu.xyz/ins/?id=1634488262268&cid=16344882613257166867201509599216615 Protocol HTTP/1.1 Server 2606:4700:3035::ac43:b49f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3ae5d8b5a2806b811378107313b19f0b05baae4b2bbe85e19e9cd223391a0fe3` Request headers Pragma no-cache Origin http://lp.bttuu.xyz Accept-Encoding gzip, deflate Host lp.bttuu.xyz Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept / Cache-Control no-cache Referer http://lp.bttuu.xyz/ins/?id=1634488262268&cid=16344882613257166867201509599216615 Cookie vt=a5d793822f79c7b0b884a29e41d548f7380062be9a; storeid=hdgbbekaglmmmfjghmkafebboajchblj; refurl=http%3A%2F%2Flp.bttuu.xyz%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16344882613257166867201509599216615; taskid=100139; subid=adsch1; uid=u34488262616c4fc6763be465370788; ts=19ff45f4f705950d8b12c5fgdqdcez4zdb6bdo5qbo; p=100039; rqp=%7B%22id%22%3A%221634488262268%22%2C%22cid%22%3A%2216344882613257166867201509599216615%22%7D; vs=lp.bttuu.xyz Connection keep-alive Referer http://lp.bttuu.xyz/ins/?id=1634488262268&cid=16344882613257166867201509599216615 Origin http://lp.bttuu.xyz Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 17 Oct 2021 16:31:02 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 1456 Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Wed, 18 Aug 2021 10:30:56 GMT Server cloudflare etag W/"611ce160-17b8e" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ynk0n2YmhjdRGLluis5L7Zi2yzIk%2Fct7i6UufVasg37Wou3qP203ZVrk5IsuiXjeP4cccIQb48xRalV76sjGcBQzBQIYIIQ%2BxU32M%2FWiHvfA2sqoxssgT867HQbUwD1tf%2B1ZVT%2BAv8z94%2B0%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript; charset=utf-8 Cache-Control max-age=14400 CF-RAY 69faea39ac33375a-MXP
GET H/1.1	200 OK	jquery-ui.js Show response lp.bttuu.xyz/templates/flashsd/js/	329 KB 79 KB	33ms 27ms	Script application/javascript	2606:4700:3035::ac43:b49f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://lp.bttuu.xyz/templates/flashsd/js/jquery-ui.js Requested by Host: lp.bttuu.xyz URL: http://lp.bttuu.xyz/ins/?id=1634488262268&cid=16344882613257166867201509599216615 Protocol HTTP/1.1 Server 2606:4700:3035::ac43:b49f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5fc46b8f3182326b32709bfbfa1de2b831aa6ef6508914bbc0a187321c1584b2` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host lp.bttuu.xyz Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept / Referer http://lp.bttuu.xyz/ins/?id=1634488262268&cid=16344882613257166867201509599216615 Cookie vt=a5d793822f79c7b0b884a29e41d548f7380062be9a; storeid=hdgbbekaglmmmfjghmkafebboajchblj; refurl=http%3A%2F%2Flp.bttuu.xyz%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16344882613257166867201509599216615; taskid=100139; subid=adsch1; uid=u34488262616c4fc6763be465370788; ts=19ff45f4f705950d8b12c5fgdqdcez4zdb6bdo5qbo; p=100039; rqp=%7B%22id%22%3A%221634488262268%22%2C%22cid%22%3A%2216344882613257166867201509599216615%22%7D; vs=lp.bttuu.xyz Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://lp.bttuu.xyz/ins/?id=1634488262268&cid=16344882613257166867201509599216615 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 17 Oct 2021 16:31:02 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 444 Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Wed, 18 Aug 2021 10:30:56 GMT Server cloudflare etag W/"611ce160-52380" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3bIycPDm4oupDYz99RB9%2BqadMcFWV7uncxfyIwixFHX51A8chjRDmHGEj706a3WFfKKeReG2Bq%2B0Prelptmo4Qlg%2BJhGqYKOrEQrxNDN3FoFvd%2BDJRUk81Xa60dBx%2FsvpbIvVMGZdF6%2F%2Be0%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript; charset=utf-8 Cache-Control max-age=14400 CF-RAY 69faea398ff94a74-FRA
GET H/1.1	200 OK	js.cookie.min.js Show response lp.bttuu.xyz/templates/flashsd/js/	2 KB 2 KB	18ms 17ms	Script application/javascript	2606:4700:3035::ac43:b49f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://lp.bttuu.xyz/templates/flashsd/js/js.cookie.min.js Requested by Host: lp.bttuu.xyz URL: http://lp.bttuu.xyz/ins/?id=1634488262268&cid=16344882613257166867201509599216615 Protocol HTTP/1.1 Server 2606:4700:3035::ac43:b49f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3138064ce6d74b3a5fa2aed4f07ea29b2039cb745e94911d829cc6e5ef7fe531` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host lp.bttuu.xyz Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept / Referer http://lp.bttuu.xyz/ins/?id=1634488262268&cid=16344882613257166867201509599216615 Cookie vt=a5d793822f79c7b0b884a29e41d548f7380062be9a; storeid=hdgbbekaglmmmfjghmkafebboajchblj; refurl=http%3A%2F%2Flp.bttuu.xyz%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16344882613257166867201509599216615; taskid=100139; subid=adsch1; uid=u34488262616c4fc6763be465370788; ts=19ff45f4f705950d8b12c5fgdqdcez4zdb6bdo5qbo; p=100039; rqp=%7B%22id%22%3A%221634488262268%22%2C%22cid%22%3A%2216344882613257166867201509599216615%22%7D; vs=lp.bttuu.xyz Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://lp.bttuu.xyz/ins/?id=1634488262268&cid=16344882613257166867201509599216615 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 17 Oct 2021 16:31:02 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 444 Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Wed, 18 Aug 2021 10:30:56 GMT Server cloudflare etag W/"611ce160-6d8" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OwMN8EA83Ybs0bkwUumV3hut4RQ3NPPoTy84uf%2FEmfDkz2VcKYqMWdd47%2BlcNNNEvTldUXo8i7k9B0SrrqCBiEJfYsNrOFJUsR78dld9D%2Fig5n%2BobfGELM%2FcDFekyCLeZpAz0fSaf7w2OxA%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript; charset=utf-8 Cache-Control max-age=14400 CF-RAY 69faea39c8634a74-FRA
GET H/1.1	200 OK	main.min.js Show response lp.bttuu.xyz/templates/flashsd/js/	3 KB 2 KB	18ms 17ms	Script application/javascript	2606:4700:3035::ac43:b49f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://lp.bttuu.xyz/templates/flashsd/js/main.min.js Requested by Host: lp.bttuu.xyz URL: http://lp.bttuu.xyz/ins/?id=1634488262268&cid=16344882613257166867201509599216615 Protocol HTTP/1.1 Server 2606:4700:3035::ac43:b49f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `19460d606fd119668b99fc0755f899c81b551404ff26d3549fde6d1e5633013e` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host lp.bttuu.xyz Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept / Referer http://lp.bttuu.xyz/ins/?id=1634488262268&cid=16344882613257166867201509599216615 Cookie vt=a5d793822f79c7b0b884a29e41d548f7380062be9a; storeid=hdgbbekaglmmmfjghmkafebboajchblj; refurl=http%3A%2F%2Flp.bttuu.xyz%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16344882613257166867201509599216615; taskid=100139; subid=adsch1; uid=u34488262616c4fc6763be465370788; ts=19ff45f4f705950d8b12c5fgdqdcez4zdb6bdo5qbo; p=100039; rqp=%7B%22id%22%3A%221634488262268%22%2C%22cid%22%3A%2216344882613257166867201509599216615%22%7D; vs=lp.bttuu.xyz Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://lp.bttuu.xyz/ins/?id=1634488262268&cid=16344882613257166867201509599216615 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 17 Oct 2021 16:31:02 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 444 Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Wed, 18 Aug 2021 10:30:56 GMT Server cloudflare etag W/"611ce160-c5c" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CMoACK3E%2Br3wdBDj%2FcfDQn1CIm94VdAn%2FBRB6qeo%2BBWYvWGeLAUPmicpFhgYFNs5iOY%2F20ls9cYZWm%2BIrZs%2BaeIU528%2FdAErswnPBJreYNAtx5%2B9SDRJ0%2Fn40uDsHWWDZRqgkG0XTvaJKQY%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript; charset=utf-8 Cache-Control max-age=14400 CF-RAY 69faea39e89e4a74-FRA
GET H/1.1	200 OK	modernArrow5.png lp.bttuu.xyz/templates/flashsd/img/	2 KB 3 KB	14ms 13ms	Image image/png	2606:4700:3035::ac43:b49f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://lp.bttuu.xyz/templates/flashsd/img/modernArrow5.png Requested by Host: lp.bttuu.xyz URL: http://lp.bttuu.xyz/ins/?id=1634488262268&cid=16344882613257166867201509599216615 Protocol HTTP/1.1 Server 2606:4700:3035::ac43:b49f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `cb581c108e747e5625b80e92c27dc682a47ed4a2dc28a72684251a44c52c7518` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host lp.bttuu.xyz Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 Referer* http://lp.bttuu.xyz/ins/?id=1634488262268&cid=16344882613257166867201509599216615 Cookie vt=a5d793822f79c7b0b884a29e41d548f7380062be9a; storeid=hdgbbekaglmmmfjghmkafebboajchblj; refurl=http%3A%2F%2Flp.bttuu.xyz%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16344882613257166867201509599216615; taskid=100139; subid=adsch1; uid=u34488262616c4fc6763be465370788; ts=19ff45f4f705950d8b12c5fgdqdcez4zdb6bdo5qbo; p=100039; rqp=%7B%22id%22%3A%221634488262268%22%2C%22cid%22%3A%2216344882613257166867201509599216615%22%7D; vs=lp.bttuu.xyz Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://lp.bttuu.xyz/ins/?id=1634488262268&cid=16344882613257166867201509599216615 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 17 Oct 2021 16:31:02 GMT CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 444 Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 2155 last-modified Wed, 18 Aug 2021 10:30:56 GMT Server cloudflare etag "611ce160-86b" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AzwG5ShbSAw1PcHf2VHbueWF7kgw61oPdBUyFnUIMkkemppzM0zjSEhpfSQwb3gS%2BeXckBxmvnk8%2FWD4jwIH49RBqPi7HH83A36RT86090ZJD6faLe9W7FtirSC7xIfeFeErCVZapGmU%2FC8%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 69faea3a08ca4a74-FRA
GET H/1.1	200 OK	iconNotify.png lp.bttuu.xyz/templates/flashsd/img/	1 KB 2 KB	16ms 16ms	Image image/png	2606:4700:3035::ac43:b49f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://lp.bttuu.xyz/templates/flashsd/img/iconNotify.png Requested by Host: lp.bttuu.xyz URL: http://lp.bttuu.xyz/ins/?id=1634488262268&cid=16344882613257166867201509599216615 Protocol HTTP/1.1 Server 2606:4700:3035::ac43:b49f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `63922506fdbfb3ae80fdd5f314480e13c69fec443b88aaa37f7784715a4c77c6` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host lp.bttuu.xyz Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 Referer* http://lp.bttuu.xyz/ins/?id=1634488262268&cid=16344882613257166867201509599216615 Cookie vt=a5d793822f79c7b0b884a29e41d548f7380062be9a; storeid=hdgbbekaglmmmfjghmkafebboajchblj; refurl=http%3A%2F%2Flp.bttuu.xyz%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16344882613257166867201509599216615; taskid=100139; subid=adsch1; uid=u34488262616c4fc6763be465370788; ts=19ff45f4f705950d8b12c5fgdqdcez4zdb6bdo5qbo; p=100039; rqp=%7B%22id%22%3A%221634488262268%22%2C%22cid%22%3A%2216344882613257166867201509599216615%22%7D; vs=lp.bttuu.xyz Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://lp.bttuu.xyz/ins/?id=1634488262268&cid=16344882613257166867201509599216615 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 17 Oct 2021 16:31:02 GMT CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 444 Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 1384 last-modified Wed, 18 Aug 2021 10:30:56 GMT Server cloudflare etag "611ce160-568" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t0KjSqXcg3xl3siesV%2BTawP37LX8vp6y7rkDcSEy30vx%2FZWbiYWQVAU%2F0vGI6dDX%2BNIqhlOWvr0QgTeugPg2Si43uyBJBPwWakRFZKFpV%2F4sfOpHcRcOFiQxRi5JeZm3qUvXqbVwVllSCtk%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 69faea3a29104a74-FRA
GET H/1.1	200 OK	fav.png lp.bttuu.xyz/templates/flashsd/img/	3 KB 4 KB	33ms 33ms	Image image/png	2606:4700:3035::ac43:b49f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://lp.bttuu.xyz/templates/flashsd/img/fav.png Requested by Host: lp.bttuu.xyz URL: http://lp.bttuu.xyz/ins/?id=1634488262268&cid=16344882613257166867201509599216615 Protocol HTTP/1.1 Server 2606:4700:3035::ac43:b49f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6173e85de5ab45ef8a1894ff4b3edccd79add6ef47683aa7ee637750ac0de1ce` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host lp.bttuu.xyz Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 Referer* http://lp.bttuu.xyz/ins/?id=1634488262268&cid=16344882613257166867201509599216615 Cookie vt=a5d793822f79c7b0b884a29e41d548f7380062be9a; storeid=hdgbbekaglmmmfjghmkafebboajchblj; refurl=http%3A%2F%2Flp.bttuu.xyz%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16344882613257166867201509599216615; taskid=100139; subid=adsch1; uid=u34488262616c4fc6763be465370788; ts=19ff45f4f705950d8b12c5fgdqdcez4zdb6bdo5qbo; p=100039; rqp=%7B%22id%22%3A%221634488262268%22%2C%22cid%22%3A%2216344882613257166867201509599216615%22%7D; vs=lp.bttuu.xyz Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://lp.bttuu.xyz/ins/?id=1634488262268&cid=16344882613257166867201509599216615 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 17 Oct 2021 16:31:02 GMT CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 444 Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 2920 last-modified Wed, 18 Aug 2021 10:30:56 GMT Server cloudflare etag "611ce160-b68" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zit2wgC7hD0z2sdUVnui5CCyQGI10en7X5ZvwXbG8TkEIJqsTa5HzaxkBBg%2B0zNfmr3cy59Ghm%2BOJNZsYziD7KBItFqhj3M5w%2BiX1YnXsb4%2Bs%2FW7e%2B9oFBhMEuJmm%2F%2BCr4%2BplOw%2BqF1vzcg%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 69faea3a39474a74-FRA
GET H/1.1	200 OK	addToChrome.png lp.bttuu.xyz/templates/flashsd/img/	2 KB 3 KB	266ms 265ms	Image image/png	2606:4700:3035::ac43:b49f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://lp.bttuu.xyz/templates/flashsd/img/addToChrome.png Requested by Host: lp.bttuu.xyz URL: http://lp.bttuu.xyz/ins/?id=1634488262268&cid=16344882613257166867201509599216615 Protocol HTTP/1.1 Server 2606:4700:3035::ac43:b49f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5bd7f6b63ad65fa954268fecce982051c2a9cc4d45e48d6fd3940c543ca97906` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host lp.bttuu.xyz Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 Referer* http://lp.bttuu.xyz/ins/?id=1634488262268&cid=16344882613257166867201509599216615 Cookie vt=a5d793822f79c7b0b884a29e41d548f7380062be9a; storeid=hdgbbekaglmmmfjghmkafebboajchblj; refurl=http%3A%2F%2Flp.bttuu.xyz%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16344882613257166867201509599216615; taskid=100139; subid=adsch1; uid=u34488262616c4fc6763be465370788; ts=19ff45f4f705950d8b12c5fgdqdcez4zdb6bdo5qbo; p=100039; rqp=%7B%22id%22%3A%221634488262268%22%2C%22cid%22%3A%2216344882613257166867201509599216615%22%7D; vs=lp.bttuu.xyz Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://lp.bttuu.xyz/ins/?id=1634488262268&cid=16344882613257166867201509599216615 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 17 Oct 2021 16:31:03 GMT CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 1352 Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 2043 last-modified Wed, 18 Aug 2021 10:30:56 GMT Server cloudflare etag "611ce160-7fb" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UFJsfjOtuJjBm1%2FsAnx2TbKpd8nZMR3Wav13cIzhqMmeb%2F%2BxYrn7eioY8pWKf1b4DL0K15%2B88qQk8L%2Bu79%2FimDMDOqqnRBbtsOmR9M9jLLsN5zgJ4aBgn7UHVc%2BDmzNvK8E1hnVhtLdsZQ4%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 69faea3b687e375a-MXP
GET H/1.1	200 OK	cursor2.png lp.bttuu.xyz/templates/flashsd/img/	26 KB 27 KB	26ms 26ms	Image image/png	2606:4700:3035::ac43:b49f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://lp.bttuu.xyz/templates/flashsd/img/cursor2.png Requested by Host: lp.bttuu.xyz URL: http://lp.bttuu.xyz/ins/?id=1634488262268&cid=16344882613257166867201509599216615 Protocol HTTP/1.1 Server 2606:4700:3035::ac43:b49f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `edb2c96a3b9ae8645ec31e00e23c7031aaa99681a8abc1c49de76bdcc702dd61` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host lp.bttuu.xyz Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 Referer* http://lp.bttuu.xyz/ins/?id=1634488262268&cid=16344882613257166867201509599216615 Cookie vt=a5d793822f79c7b0b884a29e41d548f7380062be9a; storeid=hdgbbekaglmmmfjghmkafebboajchblj; refurl=http%3A%2F%2Flp.bttuu.xyz%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16344882613257166867201509599216615; taskid=100139; subid=adsch1; uid=u34488262616c4fc6763be465370788; ts=19ff45f4f705950d8b12c5fgdqdcez4zdb6bdo5qbo; p=100039; rqp=%7B%22id%22%3A%221634488262268%22%2C%22cid%22%3A%2216344882613257166867201509599216615%22%7D; vs=lp.bttuu.xyz Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://lp.bttuu.xyz/ins/?id=1634488262268&cid=16344882613257166867201509599216615 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 17 Oct 2021 16:31:02 GMT CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 444 Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 26643 last-modified Wed, 18 Aug 2021 10:30:56 GMT Server cloudflare etag "611ce160-6813" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vmcqRb3qzqJmM13zp9Iv261dZCV%2BluuhrZDilndxa1d6n8Pa6MbLif5nu%2FYxcebfn1r8EUT23JMqDpKI5uT%2BUHIT0hB2eb4ygrsY%2BR4W55nF3auKPUWxt%2B9HxycomhvY38nUQh1g%2FfmgSK0%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 69faea3a89ed4a74-FRA
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `0c063e621d5f28526faac2d9aa1db19fc40e65913f1e50ab55b6f9c6c45fc16b` Request headers Accept-Language de-DE,de;q=0.9 Referer http://lp.bttuu.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	bg.png lp.bttuu.xyz/templates/flashsd/img/	29 KB 30 KB	43ms 42ms	Image image/png	2606:4700:3035::ac43:b49f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://lp.bttuu.xyz/templates/flashsd/img/bg.png Requested by Host: lp.bttuu.xyz URL: http://lp.bttuu.xyz/ins/?id=1634488262268&cid=16344882613257166867201509599216615 Protocol HTTP/1.1 Server 2606:4700:3035::ac43:b49f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d382a7c2f5a33274b2905b3245a7898d9af395decdb5211f4d8ce950524a2d05` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host lp.bttuu.xyz Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 Referer* http://lp.bttuu.xyz/ins/?id=1634488262268&cid=16344882613257166867201509599216615 Cookie vt=a5d793822f79c7b0b884a29e41d548f7380062be9a; storeid=hdgbbekaglmmmfjghmkafebboajchblj; refurl=http%3A%2F%2Flp.bttuu.xyz%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16344882613257166867201509599216615; taskid=100139; subid=adsch1; uid=u34488262616c4fc6763be465370788; ts=19ff45f4f705950d8b12c5fgdqdcez4zdb6bdo5qbo; p=100039; rqp=%7B%22id%22%3A%221634488262268%22%2C%22cid%22%3A%2216344882613257166867201509599216615%22%7D; vs=lp.bttuu.xyz Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://lp.bttuu.xyz/ins/?id=1634488262268&cid=16344882613257166867201509599216615 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 17 Oct 2021 16:31:02 GMT CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 1182 Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 29406 last-modified Wed, 18 Aug 2021 10:30:56 GMT Server cloudflare etag "611ce160-72de" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C5jnsZt%2BLEVvL%2BTjkaQ8p29L9eMnFsGSVmjyugDE3q0Z%2F4HOOCl2WlUUGJRA8SLYA4jYtuZoMKP%2Bertk0roOsnBv%2F%2F7aN8GsuKYosawn7jFjaVQZoeezN4Hq1oVeTziFdJONXmIQez6%2F9ms%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 69faea3a8a2659ef-MXP
GET H/1.1	206 Partial Content	light.mp3 lp.bttuu.xyz/templates/flashsd/img/	16 KB 17 KB	45ms 39ms	Media audio/mpeg	2606:4700:3035::ac43:b49f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://lp.bttuu.xyz/templates/flashsd/img/light.mp3 Requested by Host: lp.bttuu.xyz URL: http://lp.bttuu.xyz/ins/?id=1634488262268&cid=16344882613257166867201509599216615 Protocol HTTP/1.1 Server 2606:4700:3035::ac43:b49f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `33c4dbad2053699f8332ce40e0edbba0d72563a981950fd574a8f04450b97a63` Request headers Pragma no-cache Accept-Encoding identity;q=1, ;q=0 Host* lp.bttuu.xyz Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept / Cache-Control no-cache Referer http://lp.bttuu.xyz/ins/?id=1634488262268&cid=16344882613257166867201509599216615 Cookie vt=a5d793822f79c7b0b884a29e41d548f7380062be9a; storeid=hdgbbekaglmmmfjghmkafebboajchblj; refurl=http%3A%2F%2Flp.bttuu.xyz%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16344882613257166867201509599216615; taskid=100139; subid=adsch1; uid=u34488262616c4fc6763be465370788; ts=19ff45f4f705950d8b12c5fgdqdcez4zdb6bdo5qbo; p=100039; rqp=%7B%22id%22%3A%221634488262268%22%2C%22cid%22%3A%2216344882613257166867201509599216615%22%7D; vs=lp.bttuu.xyz Connection keep-alive Range bytes=0- Referer http://lp.bttuu.xyz/ins/?id=1634488262268&cid=16344882613257166867201509599216615 Accept-Encoding identity;q=1, ;q=0 Accept-Language* de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Range bytes=0- Response headers Date Sun, 17 Oct 2021 16:31:02 GMT CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 4885 Content-Range bytes 0-16761/16762 Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 16762 last-modified Wed, 18 Aug 2021 10:30:56 GMT Server cloudflare etag "611ce160-417a" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XQl1XMvrwTV5yPrLYsnpshdNgQjomTAnXc%2BYw2%2BoaGnio4ws4lpVvs8GCbTZX%2FoMTFQHvydJyHB4LnbBVw7Q0nUgabjfyOEJVgUj%2BU%2B3Wvr%2FrEeH6yXw1mS6z18o8KSbIq6T%2FQNtRUL84Fo%3D"}],"group":"cf-nel","max_age":604800} Content-Type audio/mpeg Cache-Control max-age=14400 CF-RAY 69faea3ab8c30f6e-MXP
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `7ed032c432b28c2de618ed566378d9ccc4fa8f3a8ea255641eeac95e3d8a474d` Request headers Accept-Language de-DE,de;q=0.9 Referer http://lp.bttuu.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/png

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cbsspsrts.com/	1970-02-13 18:32:51	Name: sid Value: 9cd6e342-2f67-11ec-9a4e-baf661172075
.mybetterdl.com/	1970-01-20 02:20:40	Name: rhid Value: 79891955690
.mybetterdl.com/	1970-01-19 22:01:31	Name: loi Value: ad_1117289_off_562661_aff_87624_cid_185689-CBSSPSRTS.COM_ts_1634488261
.www.bfqcx.xyz/	1970-01-24 03:33:20	Name: uid Value: u34488261616c4fc5f369b345815114
.lp.bttuu.xyz/	1970-01-24 03:33:20	Name: vt Value: a5d793822f79c7b0b884a29e41d548f7380062be9a
.bttuu.xyz/	1970-01-24 03:33:20	Name: storeid Value: hdgbbekaglmmmfjghmkafebboajchblj
.bttuu.xyz/	1970-01-24 03:33:20	Name: refurl Value: http%3A%2F%2Flp.bttuu.xyz%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16344882613257166867201509599216615
.bttuu.xyz/	1970-01-24 03:33:20	Name: taskid Value: 100139
.lp.bttuu.xyz/	1970-01-24 03:33:20	Name: subid Value: adsch1
.lp.bttuu.xyz/	1970-01-24 03:33:20	Name: uid Value: u34488262616c4fc6763be465370788
.lp.bttuu.xyz/	1970-01-24 03:33:20	Name: ts Value: 19ff45f4f705950d8b12c5fgdqdcez4zdb6bdo5qbo
.lp.bttuu.xyz/	1970-01-24 03:33:20	Name: p Value: 100039
.bttuu.xyz/	1970-01-24 03:33:20	Name: rqp Value: %7B%22id%22%3A%221634488262268%22%2C%22cid%22%3A%2216344882613257166867201509599216615%22%7D
.lp.bttuu.xyz/	1970-01-19 22:01:31	Name: vs Value: lp.bttuu.xyz

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cbsspsrts.com
lp.bttuu.xyz
mybetterdl.com
p185689.mybetterdl.com
www.bfqcx.xyz
www.greatdexchange.com
173.192.101.24
2606:4700:3031::6815:efe
2606:4700:3035::ac43:b49f
35.201.103.0
81.17.18.195
0a0619f7c978dc3e78e4774f56444184455d05868ce9950cda38d85299e01796
0c063e621d5f28526faac2d9aa1db19fc40e65913f1e50ab55b6f9c6c45fc16b
19460d606fd119668b99fc0755f899c81b551404ff26d3549fde6d1e5633013e
1ede6357af251b2df152e6cca1b9700c840ef596d56647308db205ff1b7db8f3
3138064ce6d74b3a5fa2aed4f07ea29b2039cb745e94911d829cc6e5ef7fe531
33c4dbad2053699f8332ce40e0edbba0d72563a981950fd574a8f04450b97a63
3ae5d8b5a2806b811378107313b19f0b05baae4b2bbe85e19e9cd223391a0fe3
5bd7f6b63ad65fa954268fecce982051c2a9cc4d45e48d6fd3940c543ca97906
5fc46b8f3182326b32709bfbfa1de2b831aa6ef6508914bbc0a187321c1584b2
6173e85de5ab45ef8a1894ff4b3edccd79add6ef47683aa7ee637750ac0de1ce
63922506fdbfb3ae80fdd5f314480e13c69fec443b88aaa37f7784715a4c77c6
7ed032c432b28c2de618ed566378d9ccc4fa8f3a8ea255641eeac95e3d8a474d
ca4babdf9ef0d350e2cd41fcca864a1c88c404dcaa8e8353e839070e4d3e4ad2
cb581c108e747e5625b80e92c27dc682a47ed4a2dc28a72684251a44c52c7518
d382a7c2f5a33274b2905b3245a7898d9af395decdb5211f4d8ce950524a2d05
edb2c96a3b9ae8645ec31e00e23c7031aaa99681a8abc1c49de76bdcc702dd61

lp.bttuu.xyz Open in urlscan Pro 2606:4700:3035::ac43:b49f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

7 %HTTPS

40 %IPv6

5 Domains

6 Subdomains

4 IPs

2 Countries

215 kBTransfer

557 kBSize

14 Cookies

2 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

14 Cookies

Indicators

lp.bttuu.xyz Open in urlscan Pro
2606:4700:3035::ac43:b49f Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

7 %
HTTPS

40 %
IPv6

5
Domains

6
Subdomains

4
IPs

2
Countries

215 kB
Transfer

557 kB
Size

14
Cookies

15 HTTP transactions
2 data transactions