diluter-defile.click Open in urlscan Pro
2606:4700:3030::6815:58f5 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://diluter-defile.click/?shiny
Effective URL:
https://diluter-defile.click/?shiny
Submission Tags: shiny c290acadafe6362a fc6b18fd85158e2b Search All
Submission: On October 26 via api (October 26th 2022, 10:19:23 pm UTC) from JP — Scanned from JP

Summary HTTP 15 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 5 IPs in 4 countries across 5 domains to perform 15 HTTP transactions. The main IP is 2606:4700:3030::6815:58f5, located in United States and belongs to CLOUDFLARENET, US. The main domain is diluter-defile.click.
TLS certificate: Issued by E1 on October 17th 2022. Valid for: 3 months.

This is the only time diluter-defile.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	2606:4700:303... 2606:4700:3030::6815:58f5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f05... 2a03:2880:f05a:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	23.195.89.49 23.195.89.49	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	164.90.114.1 164.90.114.1	10122 (BIGO-AS-A...) (BIGO-AS-AP BIGO TECHNOLOGY PTE. LTD.)
1	2001:67c:4e8:... 2001:67c:4e8:f004::9	62041 (TELEGRAM) (TELEGRAM)
15	5

5 2606:4700:3030::6815:58f5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

diluter-defile.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.diluter-defile.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f05a:100:face:b00c:0:3 (Tai Wan, Hong Kong)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.195.89.49 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-195-89-49.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 164.90.114.1 (Hong Kong)

ASN10122 (BIGO-AS-AP BIGO TECHNOLOGY PTE. LTD., SG)

api.imotech.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:67c:4e8:f004::9 (Virgin Islands (British))

ASN62041 (TELEGRAM, VG)

t.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	imotech.video api.imotech.video — Cisco Umbrella Rank: 36780	9 KB
5	diluter-defile.click 1 redirects diluter-defile.click api.diluter-defile.click	10 KB
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 872	89 KB
1	t.me t.me — Cisco Umbrella Rank: 12196	1 KB
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	27 KB
15	5

	Domain	Requested by
5	api.imotech.video	api.diluter-defile.click api.imotech.video
4	analytics.tiktok.com	diluter-defile.click analytics.tiktok.com
3	api.diluter-defile.click	diluter-defile.click api.diluter-defile.click
2	diluter-defile.click	1 redirects
1	t.me	api.diluter-defile.click
1	connect.facebook.net	diluter-defile.click
15	6

This site contains links to these domains. Also see Links.

Domain
telegram.org
api.diluter-defile.click

Subject Issuer	Validity	Valid
*.diluter-defile.click E1	`2022-10-17` - `2023-01-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-05` - `2022-11-03`	3 months	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
*.imotech.video AlphaSSL CA - SHA256 - G2	`2022-07-05` - `2023-08-06`	a year	crt.sh
*.t.me Go Daddy Secure Certificate Authority - G2	`2022-10-08` - `2023-11-09`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://diluter-defile.click/?shiny
Frame ID: 2265770CA73C083D3B9DD6E66514D7E2
Requests: 14 HTTP requests in this frame

Frame: https://api.imotech.video/ad/pixelfile.html
Frame ID: 8CDA9237250E87828CE2114F3677CFF1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Вам исполнилось 18 лет?

Page URL History Show full URLs

http://diluter-defile.click/?shiny HTTP 301
https://diluter-defile.click/?shiny Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

15
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

6
Subdomains

5
IPs

4
Countries

135 kB
Transfer

435 kB
Size

5
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://telegram.org/
Title: Скачать Telegram

Search URL Search Domain Scan URL

URL: https://api.diluter-defile.click/?_lp=1&_token=uuid_19rq3d15bdjp_19rq3d15bdjp6359b267b929f8.09580964
Title: НЕТ

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://diluter-defile.click/?shiny HTTP 301
https://diluter-defile.click/?shiny Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
diluter-defile.click/
Redirect Chain

http://diluter-defile.click/?shiny
https://diluter-defile.click/?shiny

4 KB
2 KB

551ms
540ms

Document
text/html

2606:4700:3030::6815:58f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://diluter-defile.click/?shiny
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:58f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 654df1e84600e05e4d193ba9de7f4c0a1c11304f0dcd36eeb3536d922de46d39

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 760692a01f95f8b7-NRT
content-encoding: br
content-type: text/html
date: Wed, 26 Oct 2022 22:19:18 GMT
last-modified: Mon, 17 Oct 2022 10:41:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vzFViamiA9MrvQxsy16Rb10UYFO7vMEADzAYbS%2FvS3U4XCiRqVx3HOHkVt9HiVmH3cHLBxlQZ3dCw%2BmwhxNIqN2vlhIRT4bb9mdA6KAIiOarqFyk%2FrmeFqQ%2BUe9qD9f6O0SqrM7sqyE0x%2FPU8y9XIfVRLw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

CF-RAY: 7606929fed40af8b-NRT
Cache-Control: max-age=3600
Connection: keep-alive
Date: Wed, 26 Oct 2022 22:19:18 GMT
Expires: Wed, 26 Oct 2022 23:19:18 GMT
Location: https://diluter-defile.click/?shiny
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2BBg2BfYqAIpedv9Bjo0RNyKrF%2Bl%2FkyObvTr9G4h6EsuxURC7x9%2FqNzu4yixHwdeLjmWLILub7hvjn9s%2BL5sE4shukuJIwwQ1w4xhs%2Bo38yIkxSL%2F3YEy0gMa%2BcC2JpUHnGyER3bJZlv0vzDDrfjxrftdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 634d30896dad5 Show response
api.diluter-defile.click/ 8 KB
5 KB 824ms
812ms Script
application/javascript 2606:4700:3030::6815:58f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.diluter-defile.click/634d30896dad5?return=js.client&shiny&se_referrer=&default_keyword=diluter-defile.click&landing_url=diluter-defile.click%2F&name=_VhIcf37zHNAYebUr&host=https%3A%2F%2Fapi.diluter-defile.click%2F634d30896dad5
Requested by: Host: diluter-defile.click
URL: https://diluter-defile.click/?shiny
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:58f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f21d64a77339c30d0a202bc3e6825d409bcc46ee09fd64cb645e2296272957fd

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://diluter-defile.click/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 22:19:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vp2rqCqhVZms58x1IT4cTkEdhPWMxcS%2Bka51MugjKuYqlkjS9h75bgJRTMl3oG%2FX5XfG2OvesRtLrfFK218ZjtG4VtQCsRU5nTIwUfZ7LdLf0f8tl4p%2FqSX4Vuisr2e8k0AKjOFgw74CWHFqMJ%2BuMewMjbGtSoU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 760692a3d8d4f8b7-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 102 KB
27 KB 357ms
55ms Script
application/x-javascript 2a03:2880:f05a:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: diluter-defile.click
URL: https://diluter-defile.click/?shiny

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f05a:100:face:b00c:0:3 Tai Wan, Hong Kong, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

18a899ae93d683c1e44173b7ba70e1025532cfeef1417889ae22aa78a11ee3be

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://diluter-defile.click/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 26 Oct 2022 22:19:20 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27076
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 0URHHorY/naFRBjqKp86nwzUjpSZPMLxzcJ53uvXIiCgHIH8bX4ho4UjaRN7Q5DfQ7BI8Q1mKw7eZYof3zp0Pg==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 124 KB
37 KB 248ms
212ms Script
application/javascript 23.195.89.49
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid={ttpix}&lib=ttq
Requested by: Host: diluter-defile.click
URL: https://diluter-defile.click/?shiny
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.195.89.49 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-195-89-49.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6a32184eb2b67b3e70a10339b38a1de6296e3cb34588f048e429a43789ae6bc4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://diluter-defile.click/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-akamai-request-id: adb63709.36862e8f
date: Wed, 26 Oct 2022 22:19:20 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-195-89-45.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
x-parent-response-time: 180,23.195.89.45
server-timing: cdn-cache; desc=MISS, edge; dur=188, origin; dur=15, inner; dur=3
pragma: no-cache
server: nginx
x-tt-logid: 2022102622191901831FA9D7D69984656F
x-cache-remote: TCP_MISS from a23-194-131-61.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 15,23.194.131.61
x-tt-trace-host: 01d4b37dd24696b5e87f245450f62fc1812c51d1afe2d30162236515750828ed284943ec0efcbdf4322274e1750e277d999b22cddf965c1e97e7ceea5ee2750d248f03beb4cafc39d87af1e1934a486364dc7b5823b955b162819b0f5f97c5ccbd
expires: Wed, 26 Oct 2022 22:19:20 GMT

GET
H2 200 events.js Show response
api.imotech.video/ad/ 19 KB
7 KB 298ms
132ms Script
application/javascript 164.90.114.1
BIGO-AS-AP BIGO T...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.imotech.video/ad/events.js?pixel_id=902856177247261184
Requested by: Host: api.diluter-defile.click
URL: https://api.diluter-defile.click/634d30896dad5?return=js.client&shiny&se_referrer=&default_keyword=diluter-defile.click&landing_url=diluter-defile.click%2F&name=_VhIcf37zHNAYebUr&host=https%3A%2F%2Fapi.diluter-defile.click%2F634d30896dad5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 164.90.114.1 , Hong Kong, ASN10122 (BIGO-AS-AP BIGO TECHNOLOGY PTE. LTD., SG),
Reverse DNS
Software: openresty/1.13.6.1 /
Resource Hash: 4291b2040521c336d587b8901dee5c3f7d7bab5d6783f0f3ef59f2a0006a4365

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://diluter-defile.click/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin: *
date: Wed, 26 Oct 2022 22:19:20 GMT
content-encoding: gzip
cache-control: private, max-age=900
server: openresty/1.13.6.1
content-length: 6582
content-type: application/json,application/javascript;charset=utf-8

GET
H2 200 style.css
api.diluter-defile.click/lander/1701-bot-rus-18--new/ 684 B
697 B 778ms
775ms Stylesheet
text/css 2606:4700:3030::6815:58f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.diluter-defile.click/lander/1701-bot-rus-18--new/style.css
Requested by: Host: api.diluter-defile.click
URL: https://api.diluter-defile.click/634d30896dad5?return=js.client&shiny&se_referrer=&default_keyword=diluter-defile.click&landing_url=diluter-defile.click%2F&name=_VhIcf37zHNAYebUr&host=https%3A%2F%2Fapi.diluter-defile.click%2F634d30896dad5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:58f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32c4034da8ac911f4943fd8748f530983f9b5645b7b0945d9992e13ff873f02f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://diluter-defile.click/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 26 Oct 2022 22:19:20 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 17 Aug 2021 16:15:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"611be0a0-2ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yFSQLpl%2FPhGLCisnRfAWwqYHbP04xr%2BvRAGNWY67qE7Vov1RK65WqEZ7WvDMl5xmgsfmmJYq8vHNJqFyqEN6ivWZDFXzRygsfGVtuhS8OCYGBWirkfTpLu75FmhEjRKJntzBB4MQ%2B1ygf4brlIXEfJDFnF%2BT%2Fw8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 760692a90a21f8b7-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 05 Nov 2022 22:19:20 GMT

GET
H2 200 logo.svg
api.diluter-defile.click/lander/1701-bot-rus-18--new/ 4 KB
2 KB 796ms
795ms Image
image/svg+xml 2606:4700:3030::6815:58f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.diluter-defile.click/lander/1701-bot-rus-18--new/logo.svg
Requested by: Host: api.diluter-defile.click
URL: https://api.diluter-defile.click/634d30896dad5?return=js.client&shiny&se_referrer=&default_keyword=diluter-defile.click&landing_url=diluter-defile.click%2F&name=_VhIcf37zHNAYebUr&host=https%3A%2F%2Fapi.diluter-defile.click%2F634d30896dad5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:58f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 773b8e2167621cf7d67f1c7673da9be972cfa1ffa9aebcc6ce83deabeb8e7d53

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://diluter-defile.click/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 26 Oct 2022 22:19:20 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 17 Aug 2021 16:12:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"611bdff0-e3c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ys9tLWHNeiV%2BQ4JtGnteS75UdkZFKwyHKfN9OKS%2FGdzEpScJrpNHOP9d6yLdch%2Fo5eXF4qPMKYySGoXRgL24MZqqq8wCPU4qeHJM7CXQeGsrXBiXTaV3mZH9U2pibq%2FciP%2BQ10BSpCu9%2BTFaJ%2FFzhchepn7q9F0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 760692a90a23f8b7-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 05 Nov 2022 22:19:20 GMT

GET
H2 200 Arrow_1x.png
t.me/img/tgme/ 988 B
1 KB 800ms
264ms Image
image/png 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.me/img/tgme/Arrow_1x.png
Requested by: Host: api.diluter-defile.click
URL: https://api.diluter-defile.click/634d30896dad5?return=js.client&shiny&se_referrer=&default_keyword=diluter-defile.click&landing_url=diluter-defile.click%2F&name=_VhIcf37zHNAYebUr&host=https%3A%2F%2Fapi.diluter-defile.click%2F634d30896dad5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 3b2212ef1c4d336fbd7983a732d88fa83423a25453209f02f18ab878218d505d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://diluter-defile.click/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 26 Oct 2022 22:19:20 GMT
last-modified: Fri, 10 Nov 2017 17:54:14 GMT
server: nginx/1.18.0
etag: "5a05e7c6-3dc"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=345600
accept-ranges: bytes
content-length: 988
expires: Sun, 30 Oct 2022 22:19:20 GMT

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 168ms
168ms Script
application/javascript 23.195.89.49
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid={ttpix}&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.195.89.49 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-195-89-49.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 83cf8149ef742c4af7261b8fb4029470a341d867454da9f8fc145042cc1e5c52

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://diluter-defile.click/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-akamai-request-id: 25f6e549.368630e4
date: Wed, 26 Oct 2022 22:19:20 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-195-89-45.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
x-parent-response-time: 160,23.195.89.45
server-timing: cdn-cache; desc=MISS, edge; dur=151, origin; dur=9, inner; dur=3
pragma: no-cache
server: nginx
x-tt-logid: 2022102622192082D2CB1AE6C5C985DFEC
x-cache-remote: TCP_MISS from a23-218-223-73.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 9,23.218.223.73
x-tt-trace-host: 01d4b37dd24696b5e87f245450f62fc1812c51d1afe2d30162236515750828ed28d7749b729e3fd2b8010abe55cb03f64db02e54eaa0826514df57727b1d3f0dafe77889622fb303ac44382d514f94d3522206e8f4d26bd475f709fa2b702e1dfa
expires: Wed, 26 Oct 2022 22:19:20 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 58 KB
20 KB 181ms
181ms Script
application/javascript 23.195.89.49
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid={ttpix}&hostname=diluter-defile.click
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid={ttpix}&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.195.89.49 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-195-89-49.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 86550a71948f0c76842876223943d607d59a1303ad66ea829ad8b9d329662d96

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://diluter-defile.click/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-akamai-request-id: 3706da7a.3686313a
date: Wed, 26 Oct 2022 22:19:20 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-195-89-45.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
x-parent-response-time: 177,23.195.89.45
server-timing: cdn-cache; desc=MISS, edge; dur=157, origin; dur=20, inner; dur=7
content-length: 19578
pragma: no-cache
server: nginx
x-tt-logid: 202210262219208903599E1A12D63CF064
x-cache-remote: TCP_MISS from a23-218-223-80.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 20,23.218.223.80
x-tt-trace-host: 01d4b37dd24696b5e87f245450f62fc1812c51d1afe2d30162236515750828ed28002a65d2e43928f12956537c1704f98016941e7dd6b6e6fa36fa7e7676e910ad5c7be88a087708545af8b37db6f05323d82f5987cafc143e7a664d057b504d0b
expires: Wed, 26 Oct 2022 22:19:20 GMT

GET
H2 200 pixelfile.html Show response
api.imotech.video/ad/ Frame 8CDA 2 KB
2 KB 125ms
125ms Document
text/html 164.90.114.1
BIGO-AS-AP BIGO T...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.imotech.video/ad/pixelfile.html
Requested by: Host: api.imotech.video
URL: https://api.imotech.video/ad/events.js?pixel_id=902856177247261184
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 164.90.114.1 , Hong Kong, ASN10122 (BIGO-AS-AP BIGO TECHNOLOGY PTE. LTD., SG),
Reverse DNS
Software: openresty/1.13.6.1 /
Resource Hash: 906f6effab44b23ce90ce63d03fea117c7a9346983bd27972b37f4085d561869

Request headers

Referer: https://diluter-defile.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: jp-JP,jp;q=0.9

Response headers

content-length: 1888
content-type: application/json,text/html;charset=utf-8
date: Wed, 26 Oct 2022 22:19:20 GMT
server: openresty/1.13.6.1

POST
H2 200 trackingview
api.imotech.video/bigoad/ 104 B
180 B 86ms
85ms Ping
application/json 164.90.114.1
BIGO-AS-AP BIGO T...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.imotech.video/bigoad/trackingview?it=1666822760190&title=%D0%92%D0%B0%D0%BC%20%D0%B8%D1%81%D0%BF%D0%BE%D0%BB%D0%BD%D0%B8%D0%BB%D0%BE%D1%81%D1%8C%2018%20%D0%BB%D0%B5%D1%82%3F&referer=&resolution=1200*1600&lang=en-US&url=https%3A%2F%2Fdiluter-defile.click%2F%3Fshiny&host=diluter-defile.click&cookie_id=BA1.1.7496701177.1666822760&session_id=BA1.1.887589030.1666822760&pixel_id=%7Bbigopix%7D&ts=1666822760193&extra=%7B%22action%22%3A%22init%22%2C%22wst%22%3A574%2C%22drt%22%3A634%2C%22lgt%22%3A1816%7D
Requested by: Host: api.imotech.video
URL: https://api.imotech.video/ad/events.js?pixel_id=902856177247261184
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 164.90.114.1 , Hong Kong, ASN10122 (BIGO-AS-AP BIGO TECHNOLOGY PTE. LTD., SG),
Reverse DNS
Software: openresty/1.13.6.1 /
Resource Hash: acebe89e1d6df91995a35e04d8ac384315bc26598df60bc5a339141d9e752f27

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://diluter-defile.click/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 26 Oct 2022 22:19:20 GMT
server: openresty/1.13.6.1
content-length: 104
content-type: application/json

POST
H2 200 trackingview
api.imotech.video/bigoad/ 104 B
180 B 89ms
89ms Ping
application/json 164.90.114.1
BIGO-AS-AP BIGO T...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.imotech.video/bigoad/trackingview?it=1666822760190&title=%D0%92%D0%B0%D0%BC%20%D0%B8%D1%81%D0%BF%D0%BE%D0%BB%D0%BD%D0%B8%D0%BB%D0%BE%D1%81%D1%8C%2018%20%D0%BB%D0%B5%D1%82%3F&referer=&resolution=1200*1600&lang=en-US&url=https%3A%2F%2Fdiluter-defile.click%2F%3Fshiny&host=diluter-defile.click&cookie_id=BA1.1.7496701177.1666822760&session_id=BA1.1.887589030.1666822760&pixel_id=%7Bbigopix%7D&ts=1666822760193&extra=%7B%22action%22%3A%22page_view%22%2C%22wst%22%3A574%2C%22drt%22%3A634%2C%22lgt%22%3A1816%7D
Requested by: Host: api.imotech.video
URL: https://api.imotech.video/ad/events.js?pixel_id=902856177247261184
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 164.90.114.1 , Hong Kong, ASN10122 (BIGO-AS-AP BIGO TECHNOLOGY PTE. LTD., SG),
Reverse DNS
Software: openresty/1.13.6.1 /
Resource Hash: ceb23e41d9bfa6d93c0f553fd13a096d8a92a2ddeac05d83d8d86cd656576e62

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://diluter-defile.click/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 26 Oct 2022 22:19:20 GMT
server: openresty/1.13.6.1
content-length: 104
content-type: application/json

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
691 B 186ms
186ms Ping
application/octet-stream 23.195.89.49
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid={ttpix}&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.195.89.49 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-195-89-49.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://diluter-defile.click/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 95e5b41a.36863310
date: Wed, 26 Oct 2022 22:19:20 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-195-89-45.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
x-parent-response-time: 175,23.195.89.45
server-timing: cdn-cache; desc=MISS, edge; dur=154, origin; dur=27, inner; dur=13
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20221026221920F18162F63A8D95856CB8
x-cache-remote: TCP_MISS from a23-218-223-91.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 27,23.218.223.91
x-tt-trace-host: 01d4b37dd24696b5e87f245450f62fc1812c51d1afe2d30162236515750828ed2819da2a845a3a0743cc51268ec7563a3a59e663c653adb0b4a4de325d3e1d32c376ce0ccc20fcc451e210564d14f9db9a319a9694da691d4f0ee5e7473a0182bf
expires: Wed, 26 Oct 2022 22:19:20 GMT

POST
H2 200 trackingview
api.imotech.video/bigoad/ 104 B
180 B 89ms
88ms Ping
application/json 164.90.114.1
BIGO-AS-AP BIGO T...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.imotech.video/bigoad/trackingview?it=1666822760190&title=%D0%92%D0%B0%D0%BC%20%D0%B8%D1%81%D0%BF%D0%BE%D0%BB%D0%BD%D0%B8%D0%BB%D0%BE%D1%81%D1%8C%2018%20%D0%BB%D0%B5%D1%82%3F&referer=&resolution=1200*1600&lang=en-US&url=https%3A%2F%2Fdiluter-defile.click%2F%3Fshiny&host=diluter-defile.click&cookie_id=BA1.1.7496701177.1666822760&session_id=BA1.1.887589030.1666822760&pixel_id=%7Bbigopix%7D&ts=1666822760624&extra=%7B%22action%22%3A%22page_view%22%2C%22wst%22%3A574%2C%22drt%22%3A634%2C%22lgt%22%3A2247%7D
Requested by: Host: api.imotech.video
URL: https://api.imotech.video/ad/events.js?pixel_id=902856177247261184
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 164.90.114.1 , Hong Kong, ASN10122 (BIGO-AS-AP BIGO TECHNOLOGY PTE. LTD., SG),
Reverse DNS
Software: openresty/1.13.6.1 /
Resource Hash: 2c81756ff8d1805b7befcc6e95d20be60fde60715defcbacc230fab9500b4f88

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://diluter-defile.click/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 26 Oct 2022 22:19:20 GMT
server: openresty/1.13.6.1
content-length: 104
content-type: application/json

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
api.diluter-defile.click/634d30896dad5	1970-01-20 16:36:22	Name: _subid Value: 19rq3d15bdjp
api.diluter-defile.click/634d30896dad5	1970-01-20 16:36:22	Name: f5771 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjIxMjIwXCI6MTY2NjgyMjc1OX0sXCJjYW1wYWlnbnNcIjp7XCIxNzU4NlwiOjE2NjY4MjI3NTl9LFwidGltZVwiOjE2NjY4MjI3NTl9In0.QJtAqqSK6xB8tHLfdCcY6m_pz8XsSiUvpcrAZGglopU
api.diluter-defile.click/634d30896dad5	1970-01-20 16:36:22	Name: _token Value: uuid_19rq3d15bdjp_19rq3d15bdjp6359b267b929f8.09580964
diluter-defile.click/	1970-01-20 16:36:22	Name: _bge_ci Value: BA1.1.7496701177.1666822760
.tiktok.com/	1970-01-20 16:21:58	Name: _ttp Value: 2GgutJb8wzuyqZo4BWMn4QAMYGG

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
api.diluter-defile.click
api.imotech.video
connect.facebook.net
diluter-defile.click
t.me
164.90.114.1
2001:67c:4e8:f004::9
23.195.89.49
2606:4700:3030::6815:58f5
2a03:2880:f05a:100:face:b00c:0:3
18a899ae93d683c1e44173b7ba70e1025532cfeef1417889ae22aa78a11ee3be
2c81756ff8d1805b7befcc6e95d20be60fde60715defcbacc230fab9500b4f88
32c4034da8ac911f4943fd8748f530983f9b5645b7b0945d9992e13ff873f02f
3b2212ef1c4d336fbd7983a732d88fa83423a25453209f02f18ab878218d505d
4291b2040521c336d587b8901dee5c3f7d7bab5d6783f0f3ef59f2a0006a4365
654df1e84600e05e4d193ba9de7f4c0a1c11304f0dcd36eeb3536d922de46d39
6a32184eb2b67b3e70a10339b38a1de6296e3cb34588f048e429a43789ae6bc4
773b8e2167621cf7d67f1c7673da9be972cfa1ffa9aebcc6ce83deabeb8e7d53
83cf8149ef742c4af7261b8fb4029470a341d867454da9f8fc145042cc1e5c52
86550a71948f0c76842876223943d607d59a1303ad66ea829ad8b9d329662d96
906f6effab44b23ce90ce63d03fea117c7a9346983bd27972b37f4085d561869
acebe89e1d6df91995a35e04d8ac384315bc26598df60bc5a339141d9e752f27
ceb23e41d9bfa6d93c0f553fd13a096d8a92a2ddeac05d83d8d86cd656576e62
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f21d64a77339c30d0a202bc3e6825d409bcc46ee09fd64cb645e2296272957fd

diluter-defile.click Open in urlscan Pro 2606:4700:3030::6815:58f5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

60 %IPv6

5 Domains

6 Subdomains

5 IPs

4 Countries

135 kBTransfer

435 kBSize

5 Cookies

2 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

5 Cookies

Indicators

diluter-defile.click Open in urlscan Pro
2606:4700:3030::6815:58f5 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

6
Subdomains

5
IPs

4
Countries

135 kB
Transfer

435 kB
Size

5
Cookies

15 HTTP transactions
0 data transactions