urlscan.io logo urlscan.io
SecurityTrails logo

browserdownloadz.com Open in urlscan Pro
2a06:98c1:3120::7  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.locationcapitalone.com/
Effective URL: https://browserdownloadz.com/streama/opera-de.html?uclick=8woj37kt&uclickhash=8woj37kt-8woj37kt-tl8n-0-b7ik-gxxife-17vc6o-02dd3d
Submission: On April 02 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 6 domains to perform 7 HTTP transactions. The main IP is 2a06:98c1:3120::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is browserdownloadz.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 18th 2021. Valid for: a year.
This is the only time browserdownloadz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 81.171.28.43 60781 (LEASEWEB-...)
1 2 209.15.13.136 13768 (COGECO-PEER1)
1 2 108.168.193.189 36351 (SOFTLAYER)
1 1 149.28.51.13 20473 (AS-CHOOPA)
3 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
7 5
2    81.171.28.43 (Edegem, Belgium)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
www.locationcapitalone.com
2    209.15.13.136 (Toronto, Canada)

ASN13768 (COGECO-PEER1, CA)
btpnative.com
2    108.168.193.189 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: bd.c1.a86c.ip4.static.sl-reverse.com
mybetterck.com
p274639.mybetterck.com
1    149.28.51.13 (United States)

ASN20473 (AS-CHOOPA, US)
PTR: 149.28.51.13.vultrusercontent.com
infinitytrk.com
3    2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)
browserdownloadz.com
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
Apex Domain
Subdomains		 Transfer
3 browserdownloadz.com
browserdownloadz.com
21 KB
2 mybetterck.com
mybetterck.com — Cisco Umbrella Rank: 41260
p274639.mybetterck.com — Cisco Umbrella Rank: 522449
2 KB
2 btpnative.com
btpnative.com — Cisco Umbrella Rank: 146043
5 KB
2 locationcapitalone.com
www.locationcapitalone.com
1 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 280
30 KB
1 infinitytrk.com
infinitytrk.com
632 B
7 6
Domain Requested by
3 browserdownloadz.com p274639.mybetterck.com
browserdownloadz.com
2 btpnative.com 1 redirects www.locationcapitalone.com
2 www.locationcapitalone.com 1 redirects
1 ajax.googleapis.com browserdownloadz.com
1 infinitytrk.com 1 redirects
1 p274639.mybetterck.com
1 mybetterck.com 1 redirects
7 7

This site contains no links.

Subject Issuer Validity Valid
*.mybetterck.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-06 -
2023-02-06		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-12-18 -
2022-12-17		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://browserdownloadz.com/streama/opera-de.html?uclick=8woj37kt&uclickhash=8woj37kt-8woj37kt-tl8n-0-b7ik-gxxife-17vc6o-02dd3d
Frame ID: B001242A3DBEB92E5C1B0E8912390140
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Loading

Page URL History Show full URLs

  1. http://www.locationcapitalone.com/ Page URL
  2. http://www.locationcapitalone.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY0ODg... HTTP 302
    http://btpnative.com/click?data=UXhqdUZnbGRkUFZrakc0VjJhalBNV1ZoTHRITFFKREE4S2xqRm9yZEpHSXQzcktmb... Page URL
  3. http://btpnative.com/Redirect/ HTTP 302
    https://mybetterck.com/aS/feedclick?s=7BsrmHcakyKTjXt548WSd63dDnCBF-q5sugYwu5NDczCwZlXIoBlthG_6U4hq... HTTP 302
    https://p274639.mybetterck.com/adServe/domainClick?ai=gQySgi_KOatLUnDBCotF9_--QeSoB2CZKlrK9W18d7Pphvpt4P5qo... Page URL
  4. https://infinitytrk.com/click.php?key=wn6k8ush47wfc9utr8yt&subid=88503275524&bid=0.0041&site=4342187... HTTP 302
    https://browserdownloadz.com/streama/opera-de.html?uclick=8woj37kt&uclickhash=8woj37kt-8woj37kt-tl8n-0-b7... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

7
Requests

71 %
HTTPS

33 %
IPv6

6
Domains

7
Subdomains

5
IPs

4
Countries

56 kB
Transfer

147 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.locationcapitalone.com/ Page URL
  2. http://www.locationcapitalone.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY0ODg2NTE1NiwiaWF0IjoxNjQ4ODU3OTU2LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycmd1bjRxMXZmaWE2amFvbjAxZWQxbzMiLCJuYmYiOjE2NDg4NTc5NTYsInRzIjoxNjQ4ODU3OTU2Mjk0MDAyfQ.0E9NJjNh3dXQQgIh_qIpbYUmDe3EiR8A4guQVWud9Ss&sid=ab31f844-b218-11ec-b7bb-54c6f1de4219 HTTP 302
    http://btpnative.com/click?data=UXhqdUZnbGRkUFZrakc0VjJhalBNV1ZoTHRITFFKREE4S2xqRm9yZEpHSXQzcktmbWpKTDJ4dXdETDNFN2VwU29qeWxKSjc4WldiWklPSGlWWnBTdDZRcjNvenJiNl9LRkpkU2F3d1I1WkJYTl8zRi0tdUVrRzZ5WkxiQnIxN2sxWUtLTi1uUEtmU3kxbHEzSy0yb0ZDXzQtNkdqa0NtMWY3azFpbEZSY0lRMQ2&id=b767e68a-515b-4bc4-b647-8ff604793d00 Page URL
  3. http://btpnative.com/Redirect/ HTTP 302
    https://mybetterck.com/aS/feedclick?s=7BsrmHcakyKTjXt548WSd63dDnCBF-q5sugYwu5NDczCwZlXIoBlthG_6U4hqQTcO4eq_lgR48_oiQJuDuwoS9gcFc4_-stlp2aWWne-fJxz6OB2fa3dyjLjUA9b7ozAqWfap4yUt_iPH1TzciB1Qg6AZUDRz9bjOEX4iGGchU3y5e_nBQiXE69I7p5NwyIoWyB2hvtYBpihXsuIoFFBFl20l964OMEun11vpakHsG5evnc4jKJQtJ1an0kq7ERM_Wh8mAgRidcix-dhF7ZqFCZCc97G1LPuMon5NU6962c2i6jo3VvIFzdsV_5ryx9G5uS8SykrzuJc8QADyJZJC5Atj8_FDS3jxH1A2XNPJd9rynkt1oWgd1cGmC_RvP0Lk2erCqPirX1Mz3P6y039qbmSQqIEUZtcIAjhigKtqA8jxJWx-2JTDyMyRDqq4F7-ARHAU0My4EIBR6LoEy-VXAmjfAy3CHVzWMRcEUapIYPK5N7ST0DC4QcM6EmwxfZLhpz4UqWU1XF5LwCeCqUfVGZOR4yHnvMo1MlZVFxflQJziI5NNjXtbEdMmBrkTgL2pRShVWTkAiJVYWySHz1zHVDKvRE0ZeZDUfqpGmxFMpPzzZNrDXhdAgdaSPoWfkVHIb-magzcXDiYWi4YLJYTRv-a9VfbXtfbiVp3rbLk3Bx8JCihvcEr_uBjgAa6WlFfLqbQv54DklxMYviShwtlIanORqGgfngBBapjjs0AuIEbwxnxlM3GeMHs-R4XM_s8St6mXD_8f_evnW59CVyb5X_fkv9hTmtO1UwbvqbJcLp4dWNn0AERy6Hy0plXHi70W-Rsr7d0njhPBN_zxCu4fKI09evibBFsHxLf-gkVHKgTwZI5ETJkxodGY0NkW1K5ElxrxmO0dhKyPTjIEOrxwmdV7_sRrPYBKPoSVoOsi71F-5mayXR4EmHn6tgeC21ftL1iuneI-itZrLXu3KZCppCF3I3FxiOtPmLTe6gBFQi2ZLhQU9ymn5MEQ1IxiNxR4q6IqVNdEVfDItkAarj9vgAWfo5W9loB5N6IUOyA08TZTnIDdQKMMTAhjQD3X8WMCCuU1poW-xMnBzUN1dLFCF8bYiODRFrhbgkF8Es7A6BOebq4XSX0iyYvDgcFze6AaStISf6hrN6Ah2aAlvMypr6uBy42sD8p3plMmTV-x4h52jM6-Hyv0qWx6t6hyPOehOz4ZaXrrQmrMpOsADnH7XQ_3TB5vaPsP_CDFFuVtd9eNb6bCQzadcxH8h1QGNryBcOXOXXX02vHCrywrprEsRs7ulaWXAZ1UZlfGCaFHcg3P5BTS1B7GNLWyNNIN2_GNOcEboouiHDKpXu0RNHtw_6jVreAeNlrUZVbKx5ZbArpzuiINOnENpA53L4q1tx375iqyReKZEIvuh6oSZAspur0hpjotjEhlYx0uFVn5vnpkTo7HOXby7dWCfM-6cTM6vExwgzEZnwN3qSGDDXGLCiOFNe-e8i9ZSSUY_yuRn9A0tSVl6xq8mGKtkyD3Tx4czwMTfKmMBUMKEewjFPRDF34AU4uKqFk8kV_qMu4iImWZ0yM9MpzEUoagJJHRQPFT1j93BkXyM_Efv9waokaOSBSv9m5Ws7o7kaU-rzuHfyPPDEC2kaWhmKeC3D9p_z2j8rNiJ27NQFNWK0i_ruOsfi7OCGZSdLvOk-IBidm-uQRIeHHkKG21aXq5KvoFTnu83vXWFYro4TDuat3JEJnFGS-WsXFHvS3fX4nlATgz8LyzC5Xl_2xlzzqsNiCTA1RZSSUY_yuRn9A0tSVl6xq8m1NYJhrG_A262sZiVsa0RKkwRfBdOO3p_iwSrH6XsdjGh7r2i-9nTAM_amyZKphinnaMzr4fK_StFQGXFXk516rLefQnNmjuA HTTP 302
    https://p274639.mybetterck.com/adServe/domainClick?ai=gQySgi_KOatLUnDBCotF9_--QeSoB2CZKlrK9W18d7Pphvpt4P5qoCnouEMCCxB8nB9qImDdzYK9CZ3CxTLNDqLuZIqj-vmeaTjnenHdukxgMHJ_rnz4TAIL9V7r3hcMhXKYRqPRnKhpOOd6cd26TOWyAedv68xs83JEZJQRRnjrxhox4fRodfGJ1088Scxcpw68eeqCaRKZMba7wrHzGAafDdQqpNxpaoBBNH-RY4fF5y4haVYAvAb3-ESHG0JHg2RvEwrk2epbC7U30TJp2TPwd-AvkBL4EEfuGy_R0QZ8x8pDnDERMAFIIXioy0OisAjKIsa6aWIjpHiQr83ishBH7hsv0dEGfMfKQ5wxETAO9LAo7hxx0b_yS7JgSltpAV81XZcD-Errp-oqeuCqZCZggkaL9NJRZN_F-zUlvRWh8HfcFb6b2kMb4Do7y-b-De0rL-F5kimWV6YBZNo-eHvK0TihL_ekkvgqc45ggkUpG405w9CXKFq5LhImb3BCguu2D-tqLGlSrIfnXI3KxIHnFzGHl1X9FtGHlaE3QDF6P_CYCJRt6hYEa7djHvbYgympmTj71qsw29zu2xI9xl4x93hclJgSlNKykvgARudlkkLEB146pQ&ui=7BsrmHcakyKTjXt548WSd1Y37AsT2Aew7m_wPj9vKQeXhKYdzT3ddLmygAkq-j9vuA0wnMrh005MFtffv8A3KWHvYUSbCM6THrvlL6zR8Ukg7ENbdZbjYA&si=1&oref=99793f00dea005190cabc4dde7685f06&optunit=OJbvAFnHgBSjc-iF9ZFlJLFYMJOAKZgp&rb=xZlwZvBqH8I&rr=1&abtg=0 Page URL
  4. https://infinitytrk.com/click.php?key=wn6k8ush47wfc9utr8yt&subid=88503275524&bid=0.0041&site=434218717&source=434218717&clickid=88503275524&browser=Chrome+100&geo=DE&campaign_name=FEB2022-DE-DSK-DOM+1&device=Desktop&os=Windows+10 HTTP 302
    https://browserdownloadz.com/streama/opera-de.html?uclick=8woj37kt&uclickhash=8woj37kt-8woj37kt-tl8n-0-b7ik-gxxife-17vc6o-02dd3d Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://www.locationcapitalone.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY0ODg2NTE1NiwiaWF0IjoxNjQ4ODU3OTU2LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycmd1bjRxMXZmaWE2amFvbjAxZWQxbzMiLCJuYmYiOjE2NDg4NTc5NTYsInRzIjoxNjQ4ODU3OTU2Mjk0MDAyfQ.0E9NJjNh3dXQQgIh_qIpbYUmDe3EiR8A4guQVWud9Ss&sid=ab31f844-b218-11ec-b7bb-54c6f1de4219 HTTP 302
  • http://btpnative.com/click?data=UXhqdUZnbGRkUFZrakc0VjJhalBNV1ZoTHRITFFKREE4S2xqRm9yZEpHSXQzcktmbWpKTDJ4dXdETDNFN2VwU29qeWxKSjc4WldiWklPSGlWWnBTdDZRcjNvenJiNl9LRkpkU2F3d1I1WkJYTl8zRi0tdUVrRzZ5WkxiQnIxN2sxWUtLTi1uUEtmU3kxbHEzSy0yb0ZDXzQtNkdqa0NtMWY3azFpbEZSY0lRMQ2&id=b767e68a-515b-4bc4-b647-8ff604793d00
Request Chain 2
  • http://btpnative.com/Redirect/ HTTP 302
  • https://mybetterck.com/aS/feedclick?s=7BsrmHcakyKTjXt548WSd63dDnCBF-q5sugYwu5NDczCwZlXIoBlthG_6U4hqQTcO4eq_lgR48_oiQJuDuwoS9gcFc4_-stlp2aWWne-fJxz6OB2fa3dyjLjUA9b7ozAqWfap4yUt_iPH1TzciB1Qg6AZUDRz9bjOEX4iGGchU3y5e_nBQiXE69I7p5NwyIoWyB2hvtYBpihXsuIoFFBFl20l964OMEun11vpakHsG5evnc4jKJQtJ1an0kq7ERM_Wh8mAgRidcix-dhF7ZqFCZCc97G1LPuMon5NU6962c2i6jo3VvIFzdsV_5ryx9G5uS8SykrzuJc8QADyJZJC5Atj8_FDS3jxH1A2XNPJd9rynkt1oWgd1cGmC_RvP0Lk2erCqPirX1Mz3P6y039qbmSQqIEUZtcIAjhigKtqA8jxJWx-2JTDyMyRDqq4F7-ARHAU0My4EIBR6LoEy-VXAmjfAy3CHVzWMRcEUapIYPK5N7ST0DC4QcM6EmwxfZLhpz4UqWU1XF5LwCeCqUfVGZOR4yHnvMo1MlZVFxflQJziI5NNjXtbEdMmBrkTgL2pRShVWTkAiJVYWySHz1zHVDKvRE0ZeZDUfqpGmxFMpPzzZNrDXhdAgdaSPoWfkVHIb-magzcXDiYWi4YLJYTRv-a9VfbXtfbiVp3rbLk3Bx8JCihvcEr_uBjgAa6WlFfLqbQv54DklxMYviShwtlIanORqGgfngBBapjjs0AuIEbwxnxlM3GeMHs-R4XM_s8St6mXD_8f_evnW59CVyb5X_fkv9hTmtO1UwbvqbJcLp4dWNn0AERy6Hy0plXHi70W-Rsr7d0njhPBN_zxCu4fKI09evibBFsHxLf-gkVHKgTwZI5ETJkxodGY0NkW1K5ElxrxmO0dhKyPTjIEOrxwmdV7_sRrPYBKPoSVoOsi71F-5mayXR4EmHn6tgeC21ftL1iuneI-itZrLXu3KZCppCF3I3FxiOtPmLTe6gBFQi2ZLhQU9ymn5MEQ1IxiNxR4q6IqVNdEVfDItkAarj9vgAWfo5W9loB5N6IUOyA08TZTnIDdQKMMTAhjQD3X8WMCCuU1poW-xMnBzUN1dLFCF8bYiODRFrhbgkF8Es7A6BOebq4XSX0iyYvDgcFze6AaStISf6hrN6Ah2aAlvMypr6uBy42sD8p3plMmTV-x4h52jM6-Hyv0qWx6t6hyPOehOz4ZaXrrQmrMpOsADnH7XQ_3TB5vaPsP_CDFFuVtd9eNb6bCQzadcxH8h1QGNryBcOXOXXX02vHCrywrprEsRs7ulaWXAZ1UZlfGCaFHcg3P5BTS1B7GNLWyNNIN2_GNOcEboouiHDKpXu0RNHtw_6jVreAeNlrUZVbKx5ZbArpzuiINOnENpA53L4q1tx375iqyReKZEIvuh6oSZAspur0hpjotjEhlYx0uFVn5vnpkTo7HOXby7dWCfM-6cTM6vExwgzEZnwN3qSGDDXGLCiOFNe-e8i9ZSSUY_yuRn9A0tSVl6xq8mGKtkyD3Tx4czwMTfKmMBUMKEewjFPRDF34AU4uKqFk8kV_qMu4iImWZ0yM9MpzEUoagJJHRQPFT1j93BkXyM_Efv9waokaOSBSv9m5Ws7o7kaU-rzuHfyPPDEC2kaWhmKeC3D9p_z2j8rNiJ27NQFNWK0i_ruOsfi7OCGZSdLvOk-IBidm-uQRIeHHkKG21aXq5KvoFTnu83vXWFYro4TDuat3JEJnFGS-WsXFHvS3fX4nlATgz8LyzC5Xl_2xlzzqsNiCTA1RZSSUY_yuRn9A0tSVl6xq8m1NYJhrG_A262sZiVsa0RKkwRfBdOO3p_iwSrH6XsdjGh7r2i-9nTAM_amyZKphinnaMzr4fK_StFQGXFXk516rLefQnNmjuA HTTP 302
  • https://p274639.mybetterck.com/adServe/domainClick?ai=gQySgi_KOatLUnDBCotF9_--QeSoB2CZKlrK9W18d7Pphvpt4P5qoCnouEMCCxB8nB9qImDdzYK9CZ3CxTLNDqLuZIqj-vmeaTjnenHdukxgMHJ_rnz4TAIL9V7r3hcMhXKYRqPRnKhpOOd6cd26TOWyAedv68xs83JEZJQRRnjrxhox4fRodfGJ1088Scxcpw68eeqCaRKZMba7wrHzGAafDdQqpNxpaoBBNH-RY4fF5y4haVYAvAb3-ESHG0JHg2RvEwrk2epbC7U30TJp2TPwd-AvkBL4EEfuGy_R0QZ8x8pDnDERMAFIIXioy0OisAjKIsa6aWIjpHiQr83ishBH7hsv0dEGfMfKQ5wxETAO9LAo7hxx0b_yS7JgSltpAV81XZcD-Errp-oqeuCqZCZggkaL9NJRZN_F-zUlvRWh8HfcFb6b2kMb4Do7y-b-De0rL-F5kimWV6YBZNo-eHvK0TihL_ekkvgqc45ggkUpG405w9CXKFq5LhImb3BCguu2D-tqLGlSrIfnXI3KxIHnFzGHl1X9FtGHlaE3QDF6P_CYCJRt6hYEa7djHvbYgympmTj71qsw29zu2xI9xl4x93hclJgSlNKykvgARudlkkLEB146pQ&ui=7BsrmHcakyKTjXt548WSd1Y37AsT2Aew7m_wPj9vKQeXhKYdzT3ddLmygAkq-j9vuA0wnMrh005MFtffv8A3KWHvYUSbCM6THrvlL6zR8Ukg7ENbdZbjYA&si=1&oref=99793f00dea005190cabc4dde7685f06&optunit=OJbvAFnHgBSjc-iF9ZFlJLFYMJOAKZgp&rb=xZlwZvBqH8I&rr=1&abtg=0

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.locationcapitalone.com/ 		482 B
848 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.locationcapitalone.com/
Protocol
HTTP/1.1
Server
81.171.28.43 Edegem, Belgium, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
482
content-type
text/html; charset=utf-8
date
Sat, 02 Apr 2022 00:05:55 GMT
server
nginx
click
btpnative.com/
Redirect Chain
  • http://www.locationcapitalone.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY0ODg2NTE1NiwiaWF0IjoxNjQ4ODU3OTU2LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycmd1bjRxMXZmaWE2am...
  • http://btpnative.com/click?data=UXhqdUZnbGRkUFZrakc0VjJhalBNV1ZoTHRITFFKREE4S2xqRm9yZEpHSXQzcktmbWpKTDJ4dXdETDNFN2VwU29qeWxKSjc4WldiWklPSGlWWnBTdDZRcjNvenJiNl9LRkpkU2F3d1I1WkJYTl8zRi0tdUVrRzZ5WkxiQ...
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://btpnative.com/click?data=UXhqdUZnbGRkUFZrakc0VjJhalBNV1ZoTHRITFFKREE4S2xqRm9yZEpHSXQzcktmbWpKTDJ4dXdETDNFN2VwU29qeWxKSjc4WldiWklPSGlWWnBTdDZRcjNvenJiNl9LRkpkU2F3d1I1WkJYTl8zRi0tdUVrRzZ5WkxiQnIxN2sxWUtLTi1uUEtmU3kxbHEzSy0yb0ZDXzQtNkdqa0NtMWY3azFpbEZSY0lRMQ2&id=b767e68a-515b-4bc4-b647-8ff604793d00
Requested by
Host: www.locationcapitalone.com
URL: http://www.locationcapitalone.com/
Protocol
HTTP/1.1
Server
209.15.13.136 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
7b225b006341b84c9c25f9e5c60ee168ff5288d3a1d99bd62ec2f212997d9ddc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.locationcapitalone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
*
Cache-Control
private
Content-Encoding
gzip
Content-Length
2151
Content-Type
text/html; charset=utf-8
Date
Sat, 02 Apr 2022 00:05:55 GMT
Server
Microsoft-IIS/8.5
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Server
web02

Redirect headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
11
date
Sat, 02 Apr 2022 00:05:56 GMT
location
http://btpnative.com/click?data=UXhqdUZnbGRkUFZrakc0VjJhalBNV1ZoTHRITFFKREE4S2xqRm9yZEpHSXQzcktmbWpKTDJ4dXdETDNFN2VwU29qeWxKSjc4WldiWklPSGlWWnBTdDZRcjNvenJiNl9LRkpkU2F3d1I1WkJYTl8zRi0tdUVrRzZ5WkxiQnIxN2sxWUtLTi1uUEtmU3kxbHEzSy0yb0ZDXzQtNkdqa0NtMWY3azFpbEZSY0lRMQ2&id=b767e68a-515b-4bc4-b647-8ff604793d00
server
nginx
domainClick
p274639.mybetterck.com/adServe/
Redirect Chain
  • http://btpnative.com/Redirect/
  • https://mybetterck.com/aS/feedclick?s=7BsrmHcakyKTjXt548WSd63dDnCBF-q5sugYwu5NDczCwZlXIoBlthG_6U4hqQTcO4eq_lgR48_oiQJuDuwoS9gcFc4_-stlp2aWWne-fJxz6OB2fa3dyjLjUA9b7ozAqWfap4yUt_iPH1TzciB1Qg6AZUDRz9b...
  • https://p274639.mybetterck.com/adServe/domainClick?ai=gQySgi_KOatLUnDBCotF9_--QeSoB2CZKlrK9W18d7Pphvpt4P5qoCnouEMCCxB8nB9qImDdzYK9CZ3CxTLNDqLuZIqj-vmeaTjnenHdukxgMHJ_rnz4TAIL9V7r3hcMhXKYRqPRnKhpOOd...
425 B
698 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p274639.mybetterck.com/adServe/domainClick?ai=gQySgi_KOatLUnDBCotF9_--QeSoB2CZKlrK9W18d7Pphvpt4P5qoCnouEMCCxB8nB9qImDdzYK9CZ3CxTLNDqLuZIqj-vmeaTjnenHdukxgMHJ_rnz4TAIL9V7r3hcMhXKYRqPRnKhpOOd6cd26TOWyAedv68xs83JEZJQRRnjrxhox4fRodfGJ1088Scxcpw68eeqCaRKZMba7wrHzGAafDdQqpNxpaoBBNH-RY4fF5y4haVYAvAb3-ESHG0JHg2RvEwrk2epbC7U30TJp2TPwd-AvkBL4EEfuGy_R0QZ8x8pDnDERMAFIIXioy0OisAjKIsa6aWIjpHiQr83ishBH7hsv0dEGfMfKQ5wxETAO9LAo7hxx0b_yS7JgSltpAV81XZcD-Errp-oqeuCqZCZggkaL9NJRZN_F-zUlvRWh8HfcFb6b2kMb4Do7y-b-De0rL-F5kimWV6YBZNo-eHvK0TihL_ekkvgqc45ggkUpG405w9CXKFq5LhImb3BCguu2D-tqLGlSrIfnXI3KxIHnFzGHl1X9FtGHlaE3QDF6P_CYCJRt6hYEa7djHvbYgympmTj71qsw29zu2xI9xl4x93hclJgSlNKykvgARudlkkLEB146pQ&ui=7BsrmHcakyKTjXt548WSd1Y37AsT2Aew7m_wPj9vKQeXhKYdzT3ddLmygAkq-j9vuA0wnMrh005MFtffv8A3KWHvYUSbCM6THrvlL6zR8Ukg7ENbdZbjYA&si=1&oref=99793f00dea005190cabc4dde7685f06&optunit=OJbvAFnHgBSjc-iF9ZFlJLFYMJOAKZgp&rb=xZlwZvBqH8I&rr=1&abtg=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.168.193.189 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
bd.c1.a86c.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Content-Type
application/x-www-form-urlencoded
Origin
http://btpnative.com
Referer
http://btpnative.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Sat, 02 Apr 2022 00:05:57 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

content-length
0
date
Sat, 02 Apr 2022 00:05:57 GMT
location
https://p274639.mybetterck.com/adServe/domainClick?ai=gQySgi_KOatLUnDBCotF9_--QeSoB2CZKlrK9W18d7Pphvpt4P5qoCnouEMCCxB8nB9qImDdzYK9CZ3CxTLNDqLuZIqj-vmeaTjnenHdukxgMHJ_rnz4TAIL9V7r3hcMhXKYRqPRnKhpOOd6cd26TOWyAedv68xs83JEZJQRRnjrxhox4fRodfGJ1088Scxcpw68eeqCaRKZMba7wrHzGAafDdQqpNxpaoBBNH-RY4fF5y4haVYAvAb3-ESHG0JHg2RvEwrk2epbC7U30TJp2TPwd-AvkBL4EEfuGy_R0QZ8x8pDnDERMAFIIXioy0OisAjKIsa6aWIjpHiQr83ishBH7hsv0dEGfMfKQ5wxETAO9LAo7hxx0b_yS7JgSltpAV81XZcD-Errp-oqeuCqZCZggkaL9NJRZN_F-zUlvRWh8HfcFb6b2kMb4Do7y-b-De0rL-F5kimWV6YBZNo-eHvK0TihL_ekkvgqc45ggkUpG405w9CXKFq5LhImb3BCguu2D-tqLGlSrIfnXI3KxIHnFzGHl1X9FtGHlaE3QDF6P_CYCJRt6hYEa7djHvbYgympmTj71qsw29zu2xI9xl4x93hclJgSlNKykvgARudlkkLEB146pQ&ui=7BsrmHcakyKTjXt548WSd1Y37AsT2Aew7m_wPj9vKQeXhKYdzT3ddLmygAkq-j9vuA0wnMrh005MFtffv8A3KWHvYUSbCM6THrvlL6zR8Ukg7ENbdZbjYA&si=1&oref=99793f00dea005190cabc4dde7685f06&optunit=OJbvAFnHgBSjc-iF9ZFlJLFYMJOAKZgp&rb=xZlwZvBqH8I&rr=1&abtg=0
server
nginx
Primary Request opera-de.html
browserdownloadz.com/streama/
Redirect Chain
  • https://infinitytrk.com/click.php?key=wn6k8ush47wfc9utr8yt&subid=88503275524&bid=0.0041&site=434218717&source=434218717&clickid=88503275524&browser=Chrome+100&geo=DE&campaign_name=FEB2022-DE-DSK-DO...
  • https://browserdownloadz.com/streama/opera-de.html?uclick=8woj37kt&uclickhash=8woj37kt-8woj37kt-tl8n-0-b7ik-gxxife-17vc6o-02dd3d
17 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://browserdownloadz.com/streama/opera-de.html?uclick=8woj37kt&uclickhash=8woj37kt-8woj37kt-tl8n-0-b7ik-gxxife-17vc6o-02dd3d
Requested by
Host: p274639.mybetterck.com
URL: https://p274639.mybetterck.com/adServe/domainClick?ai=gQySgi_KOatLUnDBCotF9_--QeSoB2CZKlrK9W18d7Pphvpt4P5qoCnouEMCCxB8nB9qImDdzYK9CZ3CxTLNDqLuZIqj-vmeaTjnenHdukxgMHJ_rnz4TAIL9V7r3hcMhXKYRqPRnKhpOOd6cd26TOWyAedv68xs83JEZJQRRnjrxhox4fRodfGJ1088Scxcpw68eeqCaRKZMba7wrHzGAafDdQqpNxpaoBBNH-RY4fF5y4haVYAvAb3-ESHG0JHg2RvEwrk2epbC7U30TJp2TPwd-AvkBL4EEfuGy_R0QZ8x8pDnDERMAFIIXioy0OisAjKIsa6aWIjpHiQr83ishBH7hsv0dEGfMfKQ5wxETAO9LAo7hxx0b_yS7JgSltpAV81XZcD-Errp-oqeuCqZCZggkaL9NJRZN_F-zUlvRWh8HfcFb6b2kMb4Do7y-b-De0rL-F5kimWV6YBZNo-eHvK0TihL_ekkvgqc45ggkUpG405w9CXKFq5LhImb3BCguu2D-tqLGlSrIfnXI3KxIHnFzGHl1X9FtGHlaE3QDF6P_CYCJRt6hYEa7djHvbYgympmTj71qsw29zu2xI9xl4x93hclJgSlNKykvgARudlkkLEB146pQ&ui=7BsrmHcakyKTjXt548WSd1Y37AsT2Aew7m_wPj9vKQeXhKYdzT3ddLmygAkq-j9vuA0wnMrh005MFtffv8A3KWHvYUSbCM6THrvlL6zR8Ukg7ENbdZbjYA&si=1&oref=99793f00dea005190cabc4dde7685f06&optunit=OJbvAFnHgBSjc-iF9ZFlJLFYMJOAKZgp&rb=xZlwZvBqH8I&rr=1&abtg=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8532fb533962049a6b580453ac4bfc77e394a3da34412f1a47be3a1383d74e33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p274639.mybetterck.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
6f5550dede62375c-MXP
content-encoding
br
content-type
text/html
date
Sat, 02 Apr 2022 00:05:58 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Sat, 18 Dec 2021 20:57:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=42CTNhlD%2Bl0PqIwvyLrVwTXXJkV0%2FiK3btZMA%2Bc99Sqdo7inzJZZ6GpJRzxUQThs4dyvPuEIjqz6h%2BXyaU4h2ORRlUEuQOXTVFBptyGIduLSMk%2FW4IFh2HzgTU3ddD8yFgEFFvoRUEnGokqI2q8fzssTVA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Sat, 02 Apr 2022 00:05:58 GMT
Location
https://browserdownloadz.com/streama/opera-de.html?uclick=8woj37kt&uclickhash=8woj37kt-8woj37kt-tl8n-0-b7ik-gxxife-17vc6o-02dd3d
Server
nginx/1.20.1
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
jquery-ui.css
browserdownloadz.com/streama/ 		29 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://browserdownloadz.com/streama/jquery-ui.css
Requested by
Host: browserdownloadz.com
URL: https://browserdownloadz.com/streama/opera-de.html?uclick=8woj37kt&uclickhash=8woj37kt-8woj37kt-tl8n-0-b7ik-gxxife-17vc6o-02dd3d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80102742065493e6149cb7eb0cfc14c8022437c88548217b87e3204b414f2cb3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://browserdownloadz.com/streama/opera-de.html?uclick=8woj37kt&uclickhash=8woj37kt-8woj37kt-tl8n-0-b7ik-gxxife-17vc6o-02dd3d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 00:05:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1216195
cf-polished
origSize=36464
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 18 Dec 2021 20:57:50 GMT
server
cloudflare
etag
W/"61be4b4e-8e70"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=711GUiOR2dqHtugT3G%2Bk85e6JPHZwyUpu9n5lB0YJvWYmSbN6YSWUqOsCFJPFm%2Fh0viiFStGEns2xGRWPZIoRnq0GZipCAt0nLTQIejtNeCVX8lAGch5nKAu6tvbgpcQsu2Dd9ucdiTUkKlBO47ok47iiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6f5550e03f51375c-MXP
expires
Sun, 17 Apr 2022 22:16:03 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: browserdownloadz.com
URL: https://browserdownloadz.com/streama/opera-de.html?uclick=8woj37kt&uclickhash=8woj37kt-8woj37kt-tl8n-0-b7ik-gxxife-17vc6o-02dd3d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://browserdownloadz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 20:51:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11673
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 01 Apr 2023 20:51:25 GMT
loading.gif
browserdownloadz.com/streama/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://browserdownloadz.com/streama/loading.gif
Requested by
Host: browserdownloadz.com
URL: https://browserdownloadz.com/streama/opera-de.html?uclick=8woj37kt&uclickhash=8woj37kt-8woj37kt-tl8n-0-b7ik-gxxife-17vc6o-02dd3d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26331b1448903c2f21bea5c9a72bb79846d56685dfe6e99d2e5fb7b472920eeb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://browserdownloadz.com/streama/opera-de.html?uclick=8woj37kt&uclickhash=8woj37kt-8woj37kt-tl8n-0-b7ik-gxxife-17vc6o-02dd3d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 00:05:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
688542
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9921
last-modified
Sat, 18 Dec 2021 20:57:42 GMT
server
cloudflare
etag
"61be4b46-26c1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gr21xZlKcvMNp6HhTwtn8Y5K2Scznxifo1mzt8PmyFXo92PYsUmp4lIsky1hY8sIZ%2FGJjWWGCvTX12BDMkR4I%2B9j2HEAmg4%2FdSevRv2ALOpdC6llBfgUX2p%2Brmw4D1x0EXDynlGzYpD9wsAlV%2FdxRETkNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6f5550e05ba983ac-MXP
expires
Sun, 24 Apr 2022 00:50:16 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| $ function| jQuery function| getURLParameter string| clickURL function| go_click

6 Cookies

Domain/Path Name / Value
.locationcapitalone.com/ Name: sid
Value: ab31f844-b218-11ec-b7bb-54c6f1de4219
btpnative.com/ Name: XtDgVCTNhcumrgy
Value: XtDgVCTNhcumrgy
.mybetterck.com/ Name: rhid
Value: 81008997230
.mybetterck.com/ Name: loi
Value: ad_1152039_off_596083_aff_1417_cid_274639-577859800-LOCATIONCAPITALONE.COM_ts_1648857957
infinitytrk.com/ Name: uclick
Value: 8woj37kt
infinitytrk.com/ Name: uclickhash
Value: 8woj37kt-8woj37kt-tl8n-0-b7ik-gxxife-17vc6o-02dd3d