bhtraff.com Open in urlscan Pro
185.114.22.205 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://to.purpleanemone.com/
Effective URL:
https://bhtraff.com/y3.php
Submission: On October 26 via api (October 26th 2021, 12:03:37 pm UTC) from US — Scanned from DE

Summary HTTP 4 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 4 IPs in 6 countries across 11 domains to perform 4 HTTP transactions. The main IP is 185.114.22.205, located in Istanbul, Turkey and belongs to OSBIL, CY. The main domain is bhtraff.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on October 24th 2021. Valid for: 3 months.

This is the only time bhtraff.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 3	104.248.51.205 104.248.51.205	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	185.239.172.98 185.239.172.98	55081 (24SHELLS) (24SHELLS)
1 1	51.161.115.163 51.161.115.163	16276 (OVH) (OVH)
2 2	23.235.251.114 23.235.251.114	19437 (SS-ASH) (SS-ASH)
1 1	142.93.244.143 142.93.244.143	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2 2	51.83.143.92 51.83.143.92	16276 (OVH) (OVH)
1 1	198.134.116.30 198.134.116.30	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 1	142.93.240.225 142.93.240.225	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	185.114.22.205 185.114.22.205	201978 (OSBIL) (OSBIL)
1	104.111.249.40 104.111.249.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.111.214.74 104.111.214.74	16625 (AKAMAI-AS) (AKAMAI-AS)
4	4

3 104.248.51.205 (North Bergen, United States) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

to.purpleanemone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
to.limeanemone.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.239.172.98 (United Kingdom) 1 redirects

ASN55081 (24SHELLS, US)

665495.xmlfeed.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.161.115.163 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ns572483.ip-51-161-115.net

g3.greysevenseas.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.235.251.114 (Ashburn, United States) 2 redirects

ASN19437 (SS-ASH, US)

8.us.whitewinds.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.93.244.143 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

stats.yeesshh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.83.143.92 (Poland) 2 redirects

ASN16276 (OVH, FR)
PTR: ns3155458.ip-51-83-143.eu

leon.trffcsource.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
coco.trffcsource.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.134.116.30 (Garden City, United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

go.whiteanemone.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.93.240.225 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

redir.whitewinds.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.114.22.205 (Istanbul, Turkey)

ASN201978 (OSBIL, CY)
PTR: 185-114-22-205.sunucu.name

bhtraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.249.40 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-249-40.deploy.static.akamaitechnologies.com

imgaz.staticbg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.214.74 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-214-74.deploy.static.akamaitechnologies.com

ae01.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	whitewinds.xyz 3 redirects 8.us.whitewinds.xyz redir.whitewinds.xyz	2 KB
2	limeanemone.net 1 redirects to.limeanemone.net	1 KB
2	trffcsource.com 2 redirects leon.trffcsource.com coco.trffcsource.com	707 B
1	alicdn.com ae01.alicdn.com	19 KB
1	staticbg.com imgaz.staticbg.com	134 KB
1	bhtraff.com bhtraff.com	856 B
1	whiteanemone.xyz 1 redirects go.whiteanemone.xyz	243 B
1	yeesshh.com 1 redirects stats.yeesshh.com	428 B
1	greysevenseas.net 1 redirects g3.greysevenseas.net	298 B
1	adtelligent.com 1 redirects 665495.xmlfeed.adtelligent.com	346 B
1	purpleanemone.com 1 redirects to.purpleanemone.com	309 B
4	11

	Domain	Requested by
2	to.limeanemone.net	1 redirects
2	8.us.whitewinds.xyz	2 redirects
1	ae01.alicdn.com	bhtraff.com
1	imgaz.staticbg.com	bhtraff.com
1	bhtraff.com	to.limeanemone.net
1	redir.whitewinds.xyz	1 redirects
1	coco.trffcsource.com	1 redirects
1	go.whiteanemone.xyz	1 redirects
1	leon.trffcsource.com	1 redirects
1	stats.yeesshh.com	1 redirects
1	g3.greysevenseas.net	1 redirects
1	665495.xmlfeed.adtelligent.com	1 redirects
1	to.purpleanemone.com	1 redirects
4	13

This site contains links to these domains. Also see Links.

Domain
banggood.app.link
s.click.aliexpress.com

Subject Issuer	Validity	Valid
to.aurorapolaris.net R3	`2021-10-23` - `2022-01-21`	3 months	crt.sh
bhtraff.com ZeroSSL RSA Domain Secure Site CA	`2021-10-24` - `2022-01-22`	3 months	crt.sh
*.staticbg.com DigiCert SHA2 Secure Server CA	`2021-04-21` - `2022-04-25`	a year	crt.sh
img.alicdn.com DigiCert SHA2 Secure Server CA	`2021-04-02` - `2022-04-05`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://bhtraff.com/y3.php
Frame ID: 29BE73229380F1F1CD758594E23BAB02
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://to.purpleanemone.com/ HTTP 302
https://665495.xmlfeed.adtelligent.com/?ss=1&subid=665495-&domain=to.purpleanemone.com&site_page_url=to.purpleanemo... HTTP 302
https://g3.greysevenseas.net/b.php?p=c:ewuvqob33166djmno&d=616ff110d7bc0e61ec076704&s=adt-662731 HTTP 302
https://8.us.whitewinds.xyz/feed/?link=true&tid=8&subid=adt-662731&ref=&s1=6177ee90b58ebd09c84d6f2c HTTP 301
http://stats.yeesshh.com/click/invalid/?tid=8&subid=NaN HTTP 302
https://leon.trffcsource.com/l.php?p=c:3kijec0rrnwy_etgy&d=6169361e729eab799050af23 HTTP 302
https://to.limeanemone.net/?feed=352112-685750&url=https%3A%2F%2Fwww.cryptoweb.xyz%2F&query=https%3A%2F... Page URL
https://to.limeanemone.net/redirect.php?feed=352112-685750&url=to.limeanemone.net&query=https://www.cry... HTTP 302
https://go.whiteanemone.xyz/redirect?feed=352112&url=to.limeanemone.net&query=https://www.cryptoweb.xyz/... HTTP 302
https://coco.trffcsource.com/l.php?p=c:9qopki6xwqp78c2dg&d=603611c5b7eaf46891533240&s=352112&d2=to.limean... HTTP 302
https://8.us.whitewinds.xyz/feed/?link=true&tid=8&subid=352112&ref=https%3A%2F%2Fto.limeanemone.net%2F&s... HTTP 301
https://redir.whitewinds.xyz/feed/click/?t1=128&tid=8&uid=3&subid=352112&id=798759f953cfa831ed4e36c30a890... HTTP 302
https://bhtraff.com/y3.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

13
Subdomains

4
IPs

6
Countries

156 kB
Transfer

156 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://banggood.app.link/i8hEbODoe1

Search URL Search Domain Scan URL

URL: https://s.click.aliexpress.com/e/_sqydrc?bz=300*250

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://to.purpleanemone.com/ HTTP 302
https://665495.xmlfeed.adtelligent.com/?ss=1&subid=665495-&domain=to.purpleanemone.com&site_page_url=to.purpleanemone.com&click_id= HTTP 302
https://g3.greysevenseas.net/b.php?p=c:ewuvqob33166djmno&d=616ff110d7bc0e61ec076704&s=adt-662731 HTTP 302
https://8.us.whitewinds.xyz/feed/?link=true&tid=8&subid=adt-662731&ref=&s1=6177ee90b58ebd09c84d6f2c HTTP 301
http://stats.yeesshh.com/click/invalid/?tid=8&subid=NaN HTTP 302
https://leon.trffcsource.com/l.php?p=c:3kijec0rrnwy_etgy&d=6169361e729eab799050af23 HTTP 302
https://to.limeanemone.net/?feed=352112-685750&url=https%3A%2F%2Fwww.cryptoweb.xyz%2F&query=https%3A%2F%2Fwww.cryptoweb.xyz%2F&subid=unknown&pub_clickid=6177ee91771dc3206737cd38 Page URL
https://to.limeanemone.net/redirect.php?feed=352112-685750&url=to.limeanemone.net&query=https://www.cryptoweb.xyz/&subid=unknown&pub_clickid=6177ee91771dc3206737cd38&dt=1600|1200|0|0|1600|1200&r=0 HTTP 302
https://go.whiteanemone.xyz/redirect?feed=352112&url=to.limeanemone.net&query=https://www.cryptoweb.xyz/&subid=unknown&pub_clickid=6177ee91771dc3206737cd38 HTTP 302
https://coco.trffcsource.com/l.php?p=c:9qopki6xwqp78c2dg&d=603611c5b7eaf46891533240&s=352112&d2=to.limeanemone.net HTTP 302
https://8.us.whitewinds.xyz/feed/?link=true&tid=8&subid=352112&ref=https%3A%2F%2Fto.limeanemone.net%2F&s1=6177ee9359cb607d570e88e2 HTTP 301
https://redir.whitewinds.xyz/feed/click/?t1=128&tid=8&uid=3&subid=352112&id=798759f953cfa831ed4e36c30a890736:67bd2279f2ac8854ba59cf9d59295e5fc45075de1e82cc35250a650ce0699adcd708701d37b5d0c95d3745a8130ba55ab4d875999a5966ce9eb247bf7298bc4b7439011594e44c7224dd183f365e65540b7888a8af582fcaaa20ba79803e11726bd23b6d33127b96751cf8c3da5e8f09ce37865238d4bd1f1ba018d9ecbaa9ceb45cddbe168b1f54c8e598a3054dc87a6e497442ee81b38e8841c6b68d74f2149da1adfca2436cbb5c2300f5c97e71b01e8201ae2350663ad122341fa2854b2795ae23cf2323aab824948309b9df4606dc0b9f4ae4856948980ffc6666186e8b9367b592bf185ef406c471ce893723cb978994e05dbaa87e507f31e8514febfe21fc987d55fa66e2b8ea556c8742722b13e5c6b209653edf27cf65ff270881bd6a7e26fb8f4a58b1f41de9754ce9066a&s1=6177ee9359cb607d570e88e2 HTTP 302
https://bhtraff.com/y3.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://to.purpleanemone.com/ HTTP 302
https://665495.xmlfeed.adtelligent.com/?ss=1&subid=665495-&domain=to.purpleanemone.com&site_page_url=to.purpleanemone.com&click_id= HTTP 302
https://g3.greysevenseas.net/b.php?p=c:ewuvqob33166djmno&d=616ff110d7bc0e61ec076704&s=adt-662731 HTTP 302
https://8.us.whitewinds.xyz/feed/?link=true&tid=8&subid=adt-662731&ref=&s1=6177ee90b58ebd09c84d6f2c HTTP 301
http://stats.yeesshh.com/click/invalid/?tid=8&subid=NaN HTTP 302
https://leon.trffcsource.com/l.php?p=c:3kijec0rrnwy_etgy&d=6169361e729eab799050af23 HTTP 302
https://to.limeanemone.net/?feed=352112-685750&url=https%3A%2F%2Fwww.cryptoweb.xyz%2F&query=https%3A%2F%2Fwww.cryptoweb.xyz%2F&subid=unknown&pub_clickid=6177ee91771dc3206737cd38

4 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ to.limeanemone.net/ Redirect Chain http://to.purpleanemone.com/ https://665495.xmlfeed.adtelligent.com/?ss=1&subid=665495-&domain=to.purpleanemone.com&site_page_url=to.purpleanemone.com&click_id= https://g3.greysevenseas.net/b.php?p=c:ewuvqob33166djmno&d=616ff110d7bc0e61ec076704&s=adt-662731 https://8.us.whitewinds.xyz/feed/?link=true&tid=8&subid=adt-662731&ref=&s1=6177ee90b58ebd09c84d6f2c http://stats.yeesshh.com/click/invalid/?tid=8&subid=NaN https://leon.trffcsource.com/l.php?p=c:3kijec0rrnwy_etgy&d=6169361e729eab799050af23 https://to.limeanemone.net/?feed=352112-685750&url=https%3A%2F%2Fwww.cryptoweb.xyz%2F&query=https%3A%2F%2Fwww.cryptoweb.xyz%2F&subid=unknown&pub_clickid=6177ee91771dc3206737cd38	3 KB 1 KB	284ms 89ms	Document text/html	104.248.51.205 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://to.limeanemone.net/?feed=352112-685750&url=https%3A%2F%2Fwww.cryptoweb.xyz%2F&query=https%3A%2F%2Fwww.cryptoweb.xyz%2F&subid=unknown&pub_clickid=6177ee91771dc3206737cd38 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.248.51.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash Request headers :method GET :authority to.limeanemone.net :scheme https :path /?feed=352112-685750&url=https%3A%2F%2Fwww.cryptoweb.xyz%2F&query=https%3A%2F%2Fwww.cryptoweb.xyz%2F&subid=unknown&pub_clickid=6177ee91771dc3206737cd38 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers server nginx date Tue, 26 Oct 2021 12:03:30 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding set-cookie 352112-685750_0=1635249810; expires=Tue, 26-Oct-2021 12:04:00 GMT; Max-Age=30; path=/ content-encoding gzip Redirect headers Server nginx Date Tue, 26 Oct 2021 12:03:29 GMT Content-Type text/html; charset=UTF-8 Content-Length 0 Connection keep-alive Round 11yr28auve Raund 1n5 Location https://to.limeanemone.net/?feed=352112-685750&url=https%3A%2F%2Fwww.cryptoweb.xyz%2F&query=https%3A%2F%2Fwww.cryptoweb.xyz%2F&subid=unknown&pub_clickid=6177ee91771dc3206737cd38
GET H/1.1	200 OK	Primary Request y3.php Show response bhtraff.com/ Redirect Chain https://to.limeanemone.net/redirect.php?feed=352112-685750&url=to.limeanemone.net&query=https://www.cryptoweb.xyz/&subid=unknown&pub_clickid=6177ee91771dc3206737cd38&dt=1600\|1200\|0\|0\|1600\|1200&r=0 https://go.whiteanemone.xyz/redirect?feed=352112&url=to.limeanemone.net&query=https://www.cryptoweb.xyz/&subid=unknown&pub_clickid=6177ee91771dc3206737cd38 https://coco.trffcsource.com/l.php?p=c:9qopki6xwqp78c2dg&d=603611c5b7eaf46891533240&s=352112&d2=to.limeanemone.net https://8.us.whitewinds.xyz/feed/?link=true&tid=8&subid=352112&ref=https%3A%2F%2Fto.limeanemone.net%2F&s1=6177ee9359cb607d570e88e2 https://redir.whitewinds.xyz/feed/click/?t1=128&tid=8&uid=3&subid=352112&id=798759f953cfa831ed4e36c30a890736:67bd2279f2ac8854ba59cf9d59295e5fc45075de1e82cc35250a650ce0699adcd708701d37b5d0c95d3745a8... https://bhtraff.com/y3.php	631 B 856 B	227ms 73ms	Document text/html	185.114.22.205 OSBIL
General Check archive.org Show headers Download Go to Full URL https://bhtraff.com/y3.php Requested by Host: to.limeanemone.net URL: https://to.limeanemone.net/?feed=352112-685750&url=https%3A%2F%2Fwww.cryptoweb.xyz%2F&query=https%3A%2F%2Fwww.cryptoweb.xyz%2F&subid=unknown&pub_clickid=6177ee91771dc3206737cd38 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.114.22.205 Istanbul, Turkey, ASN201978 (OSBIL, CY), Reverse DNS 185-114-22-205.sunucu.name Software nginx / PHP/7.3.31 PleskLin Resource Hash `8c90ac2e847b21183a52b72ca72934e0b3fb25e588f955d862a4305c8cba9db8` Request headers Host bhtraff.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest document Referer https://to.limeanemone.net/ Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://to.limeanemone.net/?feed=352112-685750&url=https%3A%2F%2Fwww.cryptoweb.xyz%2F&query=https%3A%2F%2Fwww.cryptoweb.xyz%2F&subid=unknown&pub_clickid=6177ee91771dc3206737cd38 Response headers Server nginx Date Tue, 26 Oct 2021 12:03:32 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive X-Powered-By PHP/7.3.31 PleskLin Redirect headers X-Powered-By Express Surrogate-Control no-store Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate Pragma no-cache Expires 0 Location https://bhtraff.com/y3.php Vary Accept Content-Type text/html; charset=utf-8 Content-Length 96 Date Tue, 26 Oct 2021 12:03:31 GMT Connection keep-alive Keep-Alive timeout=5
GET H2	200	0d905b0f-38dd-42e1-a3d3-a0acc648a797.jpg imgaz.staticbg.com/images/oaupload/banggood/images/7B/22/	134 KB 134 KB	48ms 8ms	Image image/jpeg	104.111.249.40 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://imgaz.staticbg.com/images/oaupload/banggood/images/7B/22/0d905b0f-38dd-42e1-a3d3-a0acc648a797.jpg Requested by Host: bhtraff.com URL: https://bhtraff.com/y3.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.249.40 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-249-40.deploy.static.akamaitechnologies.com Software openresty / Resource Hash `21f5285f79abb355603d350bf3928977f415210f524a957886d92784e9bf104f` Request headers Accept-Language de-DE,de;q=0.9 Referer https://bhtraff.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 26 Oct 2021 12:03:32 GMT last-modified Sat, 21 Dec 2019 07:42:22 GMT server openresty x-amz-request-id c5701c44-884c-47ba-8199-9083a949a04b x-clv-request-id c5701c44-884c-47ba-8199-9083a949a04b etag "44211e50249f9cc9a43565003f85737a" access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * cache-control max-age=6323635 x-clv-s3-version 2.5 accept-ranges bytes content-length 136953 expires Fri, 07 Jan 2022 16:37:27 GMT
GET H2	200	EN_300_250.png ae01.alicdn.com/kf/HTB1fopbov9TBuNjy1zb760pepXaT/	19 KB 19 KB	431ms 16ms	Image image/webp	104.111.214.74 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ae01.alicdn.com/kf/HTB1fopbov9TBuNjy1zb760pepXaT/EN_300_250.png Requested by Host: bhtraff.com URL: https://bhtraff.com/y3.php Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 104.111.214.74 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-214-74.deploy.static.akamaitechnologies.com Software Akamai Image Manager / Resource Hash `0f553893c3f87e27252e704ee7e2365fae1d73937a67d70aa6bf75d12a5088e7` Request headers Accept-Language de-DE,de;q=0.9 Referer https://bhtraff.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 26 Oct 2021 12:03:33 GMT x-check-cacheable YES x-serial 789 content-type image/webp access-control-allow-origin * expires Wed, 27 Oct 2021 00:03:33 GMT cache-control private, no-transform, max-age=43200 last-modified Thu, 17 Dec 2020 10:35:02 GMT content-length 19576 timing-allow-origin * network_info DE_FRANKFURT_62651 from-req-dns-type NA server Akamai Image Manager served-from 2.16.187.151

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			to.limeanemone.net/	1970-01-19 22:14:09	Name: 352112-685750_0 Value: 1635249810

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

665495.xmlfeed.adtelligent.com
8.us.whitewinds.xyz
ae01.alicdn.com
bhtraff.com
coco.trffcsource.com
g3.greysevenseas.net
go.whiteanemone.xyz
imgaz.staticbg.com
leon.trffcsource.com
redir.whitewinds.xyz
stats.yeesshh.com
to.limeanemone.net
to.purpleanemone.com
104.111.214.74
104.111.249.40
104.248.51.205
142.93.240.225
142.93.244.143
185.114.22.205
185.239.172.98
198.134.116.30
23.235.251.114
51.161.115.163
51.83.143.92
0f553893c3f87e27252e704ee7e2365fae1d73937a67d70aa6bf75d12a5088e7
21f5285f79abb355603d350bf3928977f415210f524a957886d92784e9bf104f
8c90ac2e847b21183a52b72ca72934e0b3fb25e588f955d862a4305c8cba9db8

bhtraff.com Open in urlscan Pro 185.114.22.205 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

4 Requests

100 %HTTPS

0 %IPv6

11 Domains

13 Subdomains

4 IPs

6 Countries

156 kBTransfer

156 kBSize

1 Cookies

2 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

1 Cookies

Indicators

bhtraff.com Open in urlscan Pro
185.114.22.205 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

13
Subdomains

4
IPs

6
Countries

156 kB
Transfer

156 kB
Size

1
Cookies

4 HTTP transactions
0 data transactions