Submitted URL: http://russia-talk.com/
Effective URL: https://browserdownloadz.com/streama/opera-de.html?uclick=8w7vvcir&uclickhash=8w7vvcir-8w7vvcir-tl8n-0-b7ik-gxxife-17vc6o-f5ef86
Submission Tags: mail l4ing ru bank Search All
Submission: On April 01 via manual from UA — Scanned from DE

Summary

This website contacted 4 IPs in 3 countries across 6 domains to perform 6 HTTP transactions. The main IP is 2a06:98c1:3120::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is browserdownloadz.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 18th 2021. Valid for: a year.
This is the only time browserdownloadz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 162.210.199.87 30633 (LEASEWEB-...)
1 2 209.15.13.136 13768 (COGECO-PEER1)
1 2 108.168.193.189 36351 (SOFTLAYER)
1 1 149.28.51.13 20473 (AS-CHOOPA)
3 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
6 4
Apex Domain
Subdomains
Transfer
3 browserdownloadz.com
browserdownloadz.com
21 KB
2 mybetterck.com
mybetterck.com — Cisco Umbrella Rank: 41260
p274639.mybetterck.com — Cisco Umbrella Rank: 522449
1 KB
2 btpnative.com
btpnative.com — Cisco Umbrella Rank: 146043
4 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 280
30 KB
1 infinitytrk.com
infinitytrk.com
632 B
1 russia-talk.com
russia-talk.com
608 B
6 6
Domain Requested by
3 browserdownloadz.com p274639.mybetterck.com
browserdownloadz.com
2 btpnative.com 1 redirects
1 ajax.googleapis.com browserdownloadz.com
1 infinitytrk.com 1 redirects
1 p274639.mybetterck.com
1 mybetterck.com 1 redirects
1 russia-talk.com 1 redirects
6 7

This site contains no links.

Subject Issuer Validity Valid
*.mybetterck.com
Sectigo RSA Domain Validation Secure Server CA
2022-02-06 -
2023-02-06
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-12-18 -
2022-12-17
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh

This page contains 1 frames:

Primary Page: https://browserdownloadz.com/streama/opera-de.html?uclick=8w7vvcir&uclickhash=8w7vvcir-8w7vvcir-tl8n-0-b7ik-gxxife-17vc6o-f5ef86
Frame ID: 1574052CD242AE818B74C5854794C873
Requests: 6 HTTP requests in this frame

Screenshot

Page Title

Loading

Page URL History Show full URLs

  1. http://russia-talk.com/ HTTP 302
    http://btpnative.com/click?data=VU9BYmxxenpfOTZIX1lBMEFYOFNqRnhoanpibVJUNUpQdjN0eVJVeTNjeXdCUWlXT... Page URL
  2. http://btpnative.com/Redirect/ HTTP 302
    https://mybetterck.com/aS/feedclick?s=9XmSB6CFggS6IfcT-kj6SSYxhEJv8jhpXQaiCg3BLRsUJTuls6oPvZ1B-kb1v... HTTP 302
    https://p274639.mybetterck.com/adServe/domainClick?ai=gQySgi_KOatLUnDBCotF924TcO7O8gWyl0_r7tV4_j3xc9emXgUt3... Page URL
  3. https://infinitytrk.com/click.php?key=wn6k8ush47wfc9utr8yt&subid=88502674642&bid=0.0041&site=4219745... HTTP 302
    https://browserdownloadz.com/streama/opera-de.html?uclick=8w7vvcir&uclickhash=8w7vvcir-8w7vvcir-tl8n-0-b7... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

6
Requests

83 %
HTTPS

33 %
IPv6

6
Domains

7
Subdomains

4
IPs

3
Countries

55 kB
Transfer

146 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://russia-talk.com/ HTTP 302
    http://btpnative.com/click?data=VU9BYmxxenpfOTZIX1lBMEFYOFNqRnhoanpibVJUNUpQdjN0eVJVeTNjeXdCUWlXTS05TGhITkplNzVjampiZjVCMUNBZ19VRURZVU9vYWVwNF9TOFctYWFkWHJscC1EVTJydnZkYkxSdmltRURQRENuUHN2ZW1KeGYyaTJZZmxJb2RuMG95cndxTTJwYmU3ZTQ4VUlRMg2&id=0061c780-fcc4-4fef-931f-12e09c20d58b Page URL
  2. http://btpnative.com/Redirect/ HTTP 302
    https://mybetterck.com/aS/feedclick?s=9XmSB6CFggS6IfcT-kj6SSYxhEJv8jhpXQaiCg3BLRsUJTuls6oPvZ1B-kb1vwChg2RvEwrk2eqQ6BMJcmqdpAoJK3xbPSEhd2LPsaOBUpnMeznlVyQsER1lVC9oF4FMmrbARTGkk3NUUOUcZEDwassk593LVzcvTPeVWLNsY8QclQlvNKfr_CGwpR2OrOriPCTJBlOFa_J3KMdSOkHQ44RSkf1GI7q_m_rPZffgqz8lWCL0vKtADW0Zz-mwPNBrS9J9T0k09kQbc92kRO8g36D39WSEJ7-Bu5oLiNLZzj7BiJVPGnWpTzg334p-H41xWJ-1drX-DXmUSVtFFu1fHfCUZuvxPLUg2ZZqA3EhxFCzWnXivSF98-WZ0L3gt7gmtuGYwAkq9OmvK6JcInj-OHNQu42bzt3pTtkYKK17K3IkPYmsdDVv1qbzXX_4A0xFsFrNHOaTHa3QF6v2vwzQupz0RrchFQhuZz2KaU_yr01xrWvZDlKY6_Ufb7SXHcAefHAFKRH0wsJ-rcM0THb3dYXREilEIyDqvRty7xed9tYG97zE38Si2LpuW8PnNiNLxFRxveKlC-OgEdBQdmsEFqnJWH1dxpQvNS_x7tQlee9msTN020b5J8Lx_uAdQ_WH7gJ0i706yLpXmxGeplAwoHtY0Ikwesosr8T2_tU5gf27rRAyykWB8gUnJknnVIVCuwmFDA7_PlgUr3ao6-Jv1m4ll1zb3I62Mq1KMq-DexH08VihOmCp4YCQtQ8_zXgKANe3qAlXVv_blLSQMrym7lO_pW1NXLsQ4dKUQ7H9Fcm8iHh57qDXgX_G-ItBDSpFeeG3kydRjuB_vojspoo4LcwbwgBJhrZMXqn9CjO8piVE_INBYz2GSIzOQNTVVIjLfP_-XtsIE5MTFYwmNapsnI_0HfS2VCWf5fyIcz-AtP2Ao6v4zrbI7qpBUexaVUjLLoWM9Ln807OOpShHPJqE7gES0W5pC94FJA-1dwlN5xAdicX-4YoiF-VV07i0JW9pt9oJT4xtXMt464Mcjg6E9Mz8vxrI4dzZjMOpFS2hGP0IEgIgN_pz2RX4Ak3VUnMTeHbiUgm97K5HQJpsyxV7m4MRXfqc9uZLa4fRBFckWAOikJqB5W6FAL90j4MI3tBeZISyGMJqezdY4GXqWgil0a5iKz9pTYVV3NUyS2OY4LGBq4r66DLXDHKpzb4RnYcMWoUrD5b5-r7l2lDkdfbcBI3p5qNoq8FW2NyehYNQimgEe0shlvGmdYYUYJddZNGEFHmQcG0kBTrRazBmKmTdrpS7bUo7lhvJ1mFXzahTYDKmCQNT590JxYTeZZ4uPSgCkxfFFq4AUu1Fi-Kv__J-mYC5PG8zzK1zVCxg0EPiymED-RtqD0DhJ8WALWEa8dEDKMtLahO6hNJBKVLAulVWh7kOWAnGWS-ZXnWo5OCnb2WwCMoixrppYmjy8Yn9MY1dlLttSjuWG8np6t2Df9GS89FrMGYqZN2ulLttSjuWG8mBSmFNEBSB46Llvi3QV835Pr3DzM-L5Ask9MFDrkuzTMYjFXZ7VyMb HTTP 302
    https://p274639.mybetterck.com/adServe/domainClick?ai=gQySgi_KOatLUnDBCotF924TcO7O8gWyl0_r7tV4_j3xc9emXgUt3HTgGnZxstzZvGKp5qEFv1qctFBSpoS30g8brB9cARBRBp8N1Cqk3GlqgEE0f5Fjh8XnLiFpVgC8Bvf4RIcbQkeDZG8TCuTZ6lsLtTfRMmnZAZPyyMJy9UaUu21KO5Ybyfr4nvPsKvQNOYwwqJPWDKxuE3DuzvIFspdP6-7VeP49doruvxllkdd7nq_Xt56_41OOBY6gwgGc1JtN1qzO9R_d-O5n4YDW8Wbgyvg5NtHkJVURRJLUAVgWn-F8pn0nQEDhknBrSU708Kx46MHlupAU0YSU699U-rM-hOHySnRLaygrY9BHdw_UdqdcHeTAytQNy0EHlsrgDOnEXZ7OoQkIboGF1GlCpFWQdFTAZXOx7j-HGqYGJ1nfj8RQEHtPdbkcEcAYjxpLBclqq8lAHC8IkPBQqCWQCUtmYKASQYnklDxzDs_cUls&ui=9XmSB6CFggTENzPKQVSHVYBVNmK1S2tVeGUbXnMwJ9Zg1mF7bpovmG5X5rnVdI2gjwQmvB6G_fc_eg2Tgg159LZM5qpgGriMm6QKR7fZZ-Uer238DaZYkA&si=1&oref=4082baa642a37f379601d39001ef82ae&optunit=pSCw7u_mU2noqZ001Tmq-A&rb=xZlwZvBqH8I&rr=0&abtg=0 Page URL
  3. https://infinitytrk.com/click.php?key=wn6k8ush47wfc9utr8yt&subid=88502674642&bid=0.0041&site=421974533&source=421974533&clickid=88502674642&browser=Chrome+100&geo=DE&campaign_name=FEB2022-DE-DSK-DOM+1&device=Desktop&os=Windows+10 HTTP 302
    https://browserdownloadz.com/streama/opera-de.html?uclick=8w7vvcir&uclickhash=8w7vvcir-8w7vvcir-tl8n-0-b7ik-gxxife-17vc6o-f5ef86 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://russia-talk.com/ HTTP 302
  • http://btpnative.com/click?data=VU9BYmxxenpfOTZIX1lBMEFYOFNqRnhoanpibVJUNUpQdjN0eVJVeTNjeXdCUWlXTS05TGhITkplNzVjampiZjVCMUNBZ19VRURZVU9vYWVwNF9TOFctYWFkWHJscC1EVTJydnZkYkxSdmltRURQRENuUHN2ZW1KeGYyaTJZZmxJb2RuMG95cndxTTJwYmU3ZTQ4VUlRMg2&id=0061c780-fcc4-4fef-931f-12e09c20d58b
Request Chain 1
  • http://btpnative.com/Redirect/ HTTP 302
  • https://mybetterck.com/aS/feedclick?s=9XmSB6CFggS6IfcT-kj6SSYxhEJv8jhpXQaiCg3BLRsUJTuls6oPvZ1B-kb1vwChg2RvEwrk2eqQ6BMJcmqdpAoJK3xbPSEhd2LPsaOBUpnMeznlVyQsER1lVC9oF4FMmrbARTGkk3NUUOUcZEDwassk593LVzcvTPeVWLNsY8QclQlvNKfr_CGwpR2OrOriPCTJBlOFa_J3KMdSOkHQ44RSkf1GI7q_m_rPZffgqz8lWCL0vKtADW0Zz-mwPNBrS9J9T0k09kQbc92kRO8g36D39WSEJ7-Bu5oLiNLZzj7BiJVPGnWpTzg334p-H41xWJ-1drX-DXmUSVtFFu1fHfCUZuvxPLUg2ZZqA3EhxFCzWnXivSF98-WZ0L3gt7gmtuGYwAkq9OmvK6JcInj-OHNQu42bzt3pTtkYKK17K3IkPYmsdDVv1qbzXX_4A0xFsFrNHOaTHa3QF6v2vwzQupz0RrchFQhuZz2KaU_yr01xrWvZDlKY6_Ufb7SXHcAefHAFKRH0wsJ-rcM0THb3dYXREilEIyDqvRty7xed9tYG97zE38Si2LpuW8PnNiNLxFRxveKlC-OgEdBQdmsEFqnJWH1dxpQvNS_x7tQlee9msTN020b5J8Lx_uAdQ_WH7gJ0i706yLpXmxGeplAwoHtY0Ikwesosr8T2_tU5gf27rRAyykWB8gUnJknnVIVCuwmFDA7_PlgUr3ao6-Jv1m4ll1zb3I62Mq1KMq-DexH08VihOmCp4YCQtQ8_zXgKANe3qAlXVv_blLSQMrym7lO_pW1NXLsQ4dKUQ7H9Fcm8iHh57qDXgX_G-ItBDSpFeeG3kydRjuB_vojspoo4LcwbwgBJhrZMXqn9CjO8piVE_INBYz2GSIzOQNTVVIjLfP_-XtsIE5MTFYwmNapsnI_0HfS2VCWf5fyIcz-AtP2Ao6v4zrbI7qpBUexaVUjLLoWM9Ln807OOpShHPJqE7gES0W5pC94FJA-1dwlN5xAdicX-4YoiF-VV07i0JW9pt9oJT4xtXMt464Mcjg6E9Mz8vxrI4dzZjMOpFS2hGP0IEgIgN_pz2RX4Ak3VUnMTeHbiUgm97K5HQJpsyxV7m4MRXfqc9uZLa4fRBFckWAOikJqB5W6FAL90j4MI3tBeZISyGMJqezdY4GXqWgil0a5iKz9pTYVV3NUyS2OY4LGBq4r66DLXDHKpzb4RnYcMWoUrD5b5-r7l2lDkdfbcBI3p5qNoq8FW2NyehYNQimgEe0shlvGmdYYUYJddZNGEFHmQcG0kBTrRazBmKmTdrpS7bUo7lhvJ1mFXzahTYDKmCQNT590JxYTeZZ4uPSgCkxfFFq4AUu1Fi-Kv__J-mYC5PG8zzK1zVCxg0EPiymED-RtqD0DhJ8WALWEa8dEDKMtLahO6hNJBKVLAulVWh7kOWAnGWS-ZXnWo5OCnb2WwCMoixrppYmjy8Yn9MY1dlLttSjuWG8np6t2Df9GS89FrMGYqZN2ulLttSjuWG8mBSmFNEBSB46Llvi3QV835Pr3DzM-L5Ask9MFDrkuzTMYjFXZ7VyMb HTTP 302
  • https://p274639.mybetterck.com/adServe/domainClick?ai=gQySgi_KOatLUnDBCotF924TcO7O8gWyl0_r7tV4_j3xc9emXgUt3HTgGnZxstzZvGKp5qEFv1qctFBSpoS30g8brB9cARBRBp8N1Cqk3GlqgEE0f5Fjh8XnLiFpVgC8Bvf4RIcbQkeDZG8TCuTZ6lsLtTfRMmnZAZPyyMJy9UaUu21KO5Ybyfr4nvPsKvQNOYwwqJPWDKxuE3DuzvIFspdP6-7VeP49doruvxllkdd7nq_Xt56_41OOBY6gwgGc1JtN1qzO9R_d-O5n4YDW8Wbgyvg5NtHkJVURRJLUAVgWn-F8pn0nQEDhknBrSU708Kx46MHlupAU0YSU699U-rM-hOHySnRLaygrY9BHdw_UdqdcHeTAytQNy0EHlsrgDOnEXZ7OoQkIboGF1GlCpFWQdFTAZXOx7j-HGqYGJ1nfj8RQEHtPdbkcEcAYjxpLBclqq8lAHC8IkPBQqCWQCUtmYKASQYnklDxzDs_cUls&ui=9XmSB6CFggTENzPKQVSHVYBVNmK1S2tVeGUbXnMwJ9Zg1mF7bpovmG5X5rnVdI2gjwQmvB6G_fc_eg2Tgg159LZM5qpgGriMm6QKR7fZZ-Uer238DaZYkA&si=1&oref=4082baa642a37f379601d39001ef82ae&optunit=pSCw7u_mU2noqZ001Tmq-A&rb=xZlwZvBqH8I&rr=0&abtg=0

6 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
click
btpnative.com/
Redirect Chain
  • http://russia-talk.com/
  • http://btpnative.com/click?data=VU9BYmxxenpfOTZIX1lBMEFYOFNqRnhoanpibVJUNUpQdjN0eVJVeTNjeXdCUWlXTS05TGhITkplNzVjampiZjVCMUNBZ19VRURZVU9vYWVwNF9TOFctYWFkWHJscC1EVTJydnZkYkxSdmltRURQRENuUHN2ZW1KeGYya...
5 KB
3 KB
Document
General
Full URL
http://btpnative.com/click?data=VU9BYmxxenpfOTZIX1lBMEFYOFNqRnhoanpibVJUNUpQdjN0eVJVeTNjeXdCUWlXTS05TGhITkplNzVjampiZjVCMUNBZ19VRURZVU9vYWVwNF9TOFctYWFkWHJscC1EVTJydnZkYkxSdmltRURQRENuUHN2ZW1KeGYyaTJZZmxJb2RuMG95cndxTTJwYmU3ZTQ4VUlRMg2&id=0061c780-fcc4-4fef-931f-12e09c20d58b
Protocol
HTTP/1.1
Server
209.15.13.136 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
1ce62b1e343e84184b5c64b4e417ef54d60d8290f8e293d5f2da260e941f3522

Request headers

Accept-Language
de-DE,de;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
*
Cache-Control
private
Content-Encoding
gzip
Content-Length
2187
Content-Type
text/html; charset=utf-8
Date
Fri, 01 Apr 2022 21:14:29 GMT
Server
Microsoft-IIS/8.5
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Server
web02

Redirect headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
11
date
Fri, 01 Apr 2022 21:14:29 GMT
location
http://btpnative.com/click?data=VU9BYmxxenpfOTZIX1lBMEFYOFNqRnhoanpibVJUNUpQdjN0eVJVeTNjeXdCUWlXTS05TGhITkplNzVjampiZjVCMUNBZ19VRURZVU9vYWVwNF9TOFctYWFkWHJscC1EVTJydnZkYkxSdmltRURQRENuUHN2ZW1KeGYyaTJZZmxJb2RuMG95cndxTTJwYmU3ZTQ4VUlRMg2&id=0061c780-fcc4-4fef-931f-12e09c20d58b
server
nginx
domainClick
p274639.mybetterck.com/adServe/
Redirect Chain
  • http://btpnative.com/Redirect/
  • https://mybetterck.com/aS/feedclick?s=9XmSB6CFggS6IfcT-kj6SSYxhEJv8jhpXQaiCg3BLRsUJTuls6oPvZ1B-kb1vwChg2RvEwrk2eqQ6BMJcmqdpAoJK3xbPSEhd2LPsaOBUpnMeznlVyQsER1lVC9oF4FMmrbARTGkk3NUUOUcZEDwassk593LVzc...
  • https://p274639.mybetterck.com/adServe/domainClick?ai=gQySgi_KOatLUnDBCotF924TcO7O8gWyl0_r7tV4_j3xc9emXgUt3HTgGnZxstzZvGKp5qEFv1qctFBSpoS30g8brB9cARBRBp8N1Cqk3GlqgEE0f5Fjh8XnLiFpVgC8Bvf4RIcbQkeDZG8...
425 B
691 B
Document
General
Full URL
https://p274639.mybetterck.com/adServe/domainClick?ai=gQySgi_KOatLUnDBCotF924TcO7O8gWyl0_r7tV4_j3xc9emXgUt3HTgGnZxstzZvGKp5qEFv1qctFBSpoS30g8brB9cARBRBp8N1Cqk3GlqgEE0f5Fjh8XnLiFpVgC8Bvf4RIcbQkeDZG8TCuTZ6lsLtTfRMmnZAZPyyMJy9UaUu21KO5Ybyfr4nvPsKvQNOYwwqJPWDKxuE3DuzvIFspdP6-7VeP49doruvxllkdd7nq_Xt56_41OOBY6gwgGc1JtN1qzO9R_d-O5n4YDW8Wbgyvg5NtHkJVURRJLUAVgWn-F8pn0nQEDhknBrSU708Kx46MHlupAU0YSU699U-rM-hOHySnRLaygrY9BHdw_UdqdcHeTAytQNy0EHlsrgDOnEXZ7OoQkIboGF1GlCpFWQdFTAZXOx7j-HGqYGJ1nfj8RQEHtPdbkcEcAYjxpLBclqq8lAHC8IkPBQqCWQCUtmYKASQYnklDxzDs_cUls&ui=9XmSB6CFggTENzPKQVSHVYBVNmK1S2tVeGUbXnMwJ9Zg1mF7bpovmG5X5rnVdI2gjwQmvB6G_fc_eg2Tgg159LZM5qpgGriMm6QKR7fZZ-Uer238DaZYkA&si=1&oref=4082baa642a37f379601d39001ef82ae&optunit=pSCw7u_mU2noqZ001Tmq-A&rb=xZlwZvBqH8I&rr=0&abtg=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.168.193.189 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
bd.c1.a86c.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Content-Type
application/x-www-form-urlencoded
Origin
http://btpnative.com
Referer
http://btpnative.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Fri, 01 Apr 2022 21:14:31 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

content-length
0
date
Fri, 01 Apr 2022 21:14:31 GMT
location
https://p274639.mybetterck.com/adServe/domainClick?ai=gQySgi_KOatLUnDBCotF924TcO7O8gWyl0_r7tV4_j3xc9emXgUt3HTgGnZxstzZvGKp5qEFv1qctFBSpoS30g8brB9cARBRBp8N1Cqk3GlqgEE0f5Fjh8XnLiFpVgC8Bvf4RIcbQkeDZG8TCuTZ6lsLtTfRMmnZAZPyyMJy9UaUu21KO5Ybyfr4nvPsKvQNOYwwqJPWDKxuE3DuzvIFspdP6-7VeP49doruvxllkdd7nq_Xt56_41OOBY6gwgGc1JtN1qzO9R_d-O5n4YDW8Wbgyvg5NtHkJVURRJLUAVgWn-F8pn0nQEDhknBrSU708Kx46MHlupAU0YSU699U-rM-hOHySnRLaygrY9BHdw_UdqdcHeTAytQNy0EHlsrgDOnEXZ7OoQkIboGF1GlCpFWQdFTAZXOx7j-HGqYGJ1nfj8RQEHtPdbkcEcAYjxpLBclqq8lAHC8IkPBQqCWQCUtmYKASQYnklDxzDs_cUls&ui=9XmSB6CFggTENzPKQVSHVYBVNmK1S2tVeGUbXnMwJ9Zg1mF7bpovmG5X5rnVdI2gjwQmvB6G_fc_eg2Tgg159LZM5qpgGriMm6QKR7fZZ-Uer238DaZYkA&si=1&oref=4082baa642a37f379601d39001ef82ae&optunit=pSCw7u_mU2noqZ001Tmq-A&rb=xZlwZvBqH8I&rr=0&abtg=0
server
nginx
Primary Request opera-de.html
browserdownloadz.com/streama/
Redirect Chain
  • https://infinitytrk.com/click.php?key=wn6k8ush47wfc9utr8yt&subid=88502674642&bid=0.0041&site=421974533&source=421974533&clickid=88502674642&browser=Chrome+100&geo=DE&campaign_name=FEB2022-DE-DSK-DO...
  • https://browserdownloadz.com/streama/opera-de.html?uclick=8w7vvcir&uclickhash=8w7vvcir-8w7vvcir-tl8n-0-b7ik-gxxife-17vc6o-f5ef86
17 KB
5 KB
Document
General
Full URL
https://browserdownloadz.com/streama/opera-de.html?uclick=8w7vvcir&uclickhash=8w7vvcir-8w7vvcir-tl8n-0-b7ik-gxxife-17vc6o-f5ef86
Requested by
Host: p274639.mybetterck.com
URL: https://p274639.mybetterck.com/adServe/domainClick?ai=gQySgi_KOatLUnDBCotF924TcO7O8gWyl0_r7tV4_j3xc9emXgUt3HTgGnZxstzZvGKp5qEFv1qctFBSpoS30g8brB9cARBRBp8N1Cqk3GlqgEE0f5Fjh8XnLiFpVgC8Bvf4RIcbQkeDZG8TCuTZ6lsLtTfRMmnZAZPyyMJy9UaUu21KO5Ybyfr4nvPsKvQNOYwwqJPWDKxuE3DuzvIFspdP6-7VeP49doruvxllkdd7nq_Xt56_41OOBY6gwgGc1JtN1qzO9R_d-O5n4YDW8Wbgyvg5NtHkJVURRJLUAVgWn-F8pn0nQEDhknBrSU708Kx46MHlupAU0YSU699U-rM-hOHySnRLaygrY9BHdw_UdqdcHeTAytQNy0EHlsrgDOnEXZ7OoQkIboGF1GlCpFWQdFTAZXOx7j-HGqYGJ1nfj8RQEHtPdbkcEcAYjxpLBclqq8lAHC8IkPBQqCWQCUtmYKASQYnklDxzDs_cUls&ui=9XmSB6CFggTENzPKQVSHVYBVNmK1S2tVeGUbXnMwJ9Zg1mF7bpovmG5X5rnVdI2gjwQmvB6G_fc_eg2Tgg159LZM5qpgGriMm6QKR7fZZ-Uer238DaZYkA&si=1&oref=4082baa642a37f379601d39001ef82ae&optunit=pSCw7u_mU2noqZ001Tmq-A&rb=xZlwZvBqH8I&rr=0&abtg=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8532fb533962049a6b580453ac4bfc77e394a3da34412f1a47be3a1383d74e33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p274639.mybetterck.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
6f5455bd6c9159c5-MXP
content-encoding
br
content-type
text/html
date
Fri, 01 Apr 2022 21:14:32 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Sat, 18 Dec 2021 20:57:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K9%2Fm605VSg9d95VfY0TCKDeqT0WeJ5NJaAwGF6czj%2B%2BP6%2FeaqJhrppjrPU1tzXXtVw140JMc%2BEWej0dcoZ3RQcZcp%2BvwTex%2FEVQ3cElsIbELEVictexsSCB1tfnAnDw9JGeR%2BDRSgKSXOIvvg%2FfwAC06ag%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Fri, 01 Apr 2022 21:14:31 GMT
Location
https://browserdownloadz.com/streama/opera-de.html?uclick=8w7vvcir&uclickhash=8w7vvcir-8w7vvcir-tl8n-0-b7ik-gxxife-17vc6o-f5ef86
Server
nginx/1.20.1
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
jquery-ui.css
browserdownloadz.com/streama/
29 KB
6 KB
Stylesheet
General
Full URL
https://browserdownloadz.com/streama/jquery-ui.css
Requested by
Host: browserdownloadz.com
URL: https://browserdownloadz.com/streama/opera-de.html?uclick=8w7vvcir&uclickhash=8w7vvcir-8w7vvcir-tl8n-0-b7ik-gxxife-17vc6o-f5ef86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80102742065493e6149cb7eb0cfc14c8022437c88548217b87e3204b414f2cb3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://browserdownloadz.com/streama/opera-de.html?uclick=8w7vvcir&uclickhash=8w7vvcir-8w7vvcir-tl8n-0-b7ik-gxxife-17vc6o-f5ef86
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 21:14:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1205909
cf-polished
origSize=36464
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 18 Dec 2021 20:57:50 GMT
server
cloudflare
etag
W/"61be4b4e-8e70"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FlDIIfFWauUlEOsl96HwHgg%2FppVnemb5r%2FbhvmlvB6zfjpMOm9skYzOApzTbCDh9aRNgDJXmVwXCUh5bJTUUXiS%2BdIdkJe71OjzlKMvhlId1Jf1DYfEHbem0Ll4P%2FaWDyujBRPdbhcmP6abDgD97ddUstA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6f5455bedfc859c5-MXP
expires
Sun, 17 Apr 2022 22:16:03 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: browserdownloadz.com
URL: https://browserdownloadz.com/streama/opera-de.html?uclick=8w7vvcir&uclickhash=8w7vvcir-8w7vvcir-tl8n-0-b7ik-gxxife-17vc6o-f5ef86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://browserdownloadz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 20:51:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1387
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 01 Apr 2023 20:51:25 GMT
loading.gif
browserdownloadz.com/streama/
10 KB
10 KB
Image
General
Full URL
https://browserdownloadz.com/streama/loading.gif
Requested by
Host: browserdownloadz.com
URL: https://browserdownloadz.com/streama/opera-de.html?uclick=8w7vvcir&uclickhash=8w7vvcir-8w7vvcir-tl8n-0-b7ik-gxxife-17vc6o-f5ef86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26331b1448903c2f21bea5c9a72bb79846d56685dfe6e99d2e5fb7b472920eeb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://browserdownloadz.com/streama/opera-de.html?uclick=8w7vvcir&uclickhash=8w7vvcir-8w7vvcir-tl8n-0-b7ik-gxxife-17vc6o-f5ef86
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 21:14:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
678256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9921
last-modified
Sat, 18 Dec 2021 20:57:42 GMT
server
cloudflare
etag
"61be4b46-26c1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fjhm%2FD32k3zLVHzAGddG%2FfMKv4XqoVw%2BHixl8gEy6V0C6%2BpPTjJh7yVZenBC6uZirvCi2uA3F9LWygJ1nPHWx0ir%2FfkK0GVMILsdFoGszUiQ8nZb8o0uQGQYBmtCbZAZ7Ax83U1S4Pq0726Cdi1c20kDig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6f5455bf185759c5-MXP
expires
Sun, 24 Apr 2022 00:50:16 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| $ function| jQuery function| getURLParameter string| clickURL function| go_click

6 Cookies

Domain/Path Name / Value
.russia-talk.com/ Name: sid
Value: b73a7480-b200-11ec-99fd-6093331f4df0
btpnative.com/ Name: GyMVEEPvQCbdFaX
Value: GyMVEEPvQCbdFaX
.mybetterck.com/ Name: rhid
Value: 81008500760
.mybetterck.com/ Name: loi
Value: ad_1152039_off_596083_aff_1417_cid_274639-576692111-RUSSIA0TALK.COM_ts_1648847671
infinitytrk.com/ Name: uclick
Value: 8w7vvcir
infinitytrk.com/ Name: uclickhash
Value: 8w7vvcir-8w7vvcir-tl8n-0-b7ik-gxxife-17vc6o-f5ef86