td-btc.com Open in urlscan Pro
2a06:98c1:3120::9 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://td-btc.com/
Effective URL:
https://td-btc.com/
Submission: On February 24 via api (February 24th 2024, 3:45:44 am UTC) from FI — Scanned from NL

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 24 HTTP transactions. The main IP is 2a06:98c1:3120::9, located in United States and belongs to CLOUDFLARENET, US. The main domain is td-btc.com.
TLS certificate: Issued by GTS CA 1P5 on January 14th 2024. Valid for: 3 months.

This is the only time td-btc.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

	IP Address	AS Autonomous System
3 21	2a06:98c1:312... 2a06:98c1:3120::9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
24	4

21 2a06:98c1:3120::9 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

td-btc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

api.td-btc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	td-btc.com 3 redirects td-btc.com	236 KB
4	td-btc.net api.td-btc.net	6 KB
1	gstatic.com fonts.gstatic.com	14 KB
0	aliyuncs.com Failed babaoss.oss-accelerate-overseas.aliyuncs.com Failed
24	4

	Domain	Requested by
21	td-btc.com	3 redirects td-btc.com
4	api.td-btc.net	td-btc.com
1	fonts.gstatic.com	td-btc.com
0	babaoss.oss-accelerate-overseas.aliyuncs.com Failed
24	4

This site contains no links.

Subject Issuer	Validity	Valid
td-btc.com GTS CA 1P5	`2024-01-14` - `2024-04-13`	3 months	crt.sh
td-btc.net GTS CA 1P5	`2024-01-14` - `2024-04-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://td-btc.com/
Frame ID: 611515F011551F27D46B85052577D1E5
Requests: 23 HTTP requests in this frame

Frame: https://td-btc.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js
Frame ID: 59D586386367ED3E82C33A912689D2BF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

https://td-btc.ltd

Page URL History Show full URLs

http://td-btc.com/ Page URL
http://td-btc.com/cdn-cgi/phish-bypass?atok=cNNG42o_ZkTUwR9zxGnYADdu_kX07pedqpzEbn4Oolc-170874... HTTP 301
http://td-btc.com/ HTTP 301
https://td-btc.com/ Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

24
Requests

79 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

255 kB
Transfer

676 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://td-btc.com/ Page URL
http://td-btc.com/cdn-cgi/phish-bypass?atok=cNNG42o_ZkTUwR9zxGnYADdu_kX07pedqpzEbn4Oolc-1708746333-0.0-%2F HTTP 301
http://td-btc.com/ HTTP 301
https://td-btc.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://td-btc.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://td-btc.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js

24 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
td-btc.com/ 4 KB
2 KB 105ms
37ms Document
text/html 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://td-btc.com/

Protocol

HTTP/1.1

Server

2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

143d830212a18b0ed5d5ecb80f83452a2d18d6f541e8a5ecdbefbcc22660729b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

CF-RAY: 85a4b766ea94d3e4-CDG
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 24 Feb 2024 03:45:33 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xLtcRUX9Y6Ogan287YWFsde0mbObKIMP7INqLkXTOgo8RmeYd1tP1dG3jUIyZWszehlX2gJP9NiULnorp5SdtVKd6jUgS2xuRlqlheKugSy2ZNQS6n9V8OuCMoALPUM%2FglXyiIq9gNcS"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK cf.errors.css
td-btc.com/cdn-cgi/styles/ 24 KB
5 KB 30ms
30ms Stylesheet
text/css 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://td-btc.com/cdn-cgi/styles/cf.errors.css

Requested by

Host: td-btc.com
URL: http://td-btc.com/

Protocol

HTTP/1.1

Server

2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://td-btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sat, 24 Feb 2024 03:45:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 16 Feb 2024 14:40:03 GMT
Server: cloudflare
ETag: W/"65cf73c3-5e44"
Transfer-Encoding: chunked
X-Frame-Options: DENY
Content-Type: text/css
Vary: Accept-Encoding
Cache-Control: max-age=7200, public
Connection: keep-alive
CF-RAY: 85a4b7672aabd3e4-CDG
Expires: Sat, 24 Feb 2024 05:45:33 GMT

GET
H/1.1 200
OK icon-exclamation.png
td-btc.com/cdn-cgi/images/ 452 B
889 B 29ms
29ms Image
image/png 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://td-btc.com/cdn-cgi/images/icon-exclamation.png?1376755637

Requested by

Host: td-btc.com
URL: http://td-btc.com/cdn-cgi/styles/cf.errors.css

Protocol

HTTP/1.1

Server

2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://td-btc.com/cdn-cgi/styles/cf.errors.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sat, 24 Feb 2024 03:45:33 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 16 Feb 2024 14:40:03 GMT
Server: cloudflare
ETag: "65cf73c3-1c4"
X-Frame-Options: DENY
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=7200, public
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 85a4b7675ac4d3e4-CDG
Content-Length: 452
Expires: Sat, 24 Feb 2024 05:45:33 GMT

GET
H2

200

Primary Request / Show response
td-btc.com/
Redirect Chain

http://td-btc.com/cdn-cgi/phish-bypass?atok=cNNG42o_ZkTUwR9zxGnYADdu_kX07pedqpzEbn4Oolc-1708746333-0.0-%2F
http://td-btc.com/
https://td-btc.com/

2 KB
1 KB

558ms
500ms

Document
text/html

2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://td-btc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3493f02e9132ad5e7d3a816c5e854d6e98e21042c065ba29d2497573be48162a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://td-btc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85a4b7895ffa22a9-CDG
content-encoding: br
content-type: text/html
date: Sat, 24 Feb 2024 03:45:39 GMT
last-modified: Wed, 15 Nov 2023 17:28:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CO3MwhGkEtAZsa9c4lxHbef5fdis%2F8U6nD4SSmT5YOg5%2FNqbbJKVb%2B77Aj54ZXcP4vomX0DsyNPDIw6glugUAID8zaa1jAyq770ntvgQWil58NzZHp2neri8DRFHFAYYq1g2jmFSZocW"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 85a4b786df2fd3e4-CDG
Connection: keep-alive
Content-Type: text/html
Date: Sat, 24 Feb 2024 03:45:38 GMT
Location: https://td-btc.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U1FHhIHfmcoFU7PiRqkntAy7mSYcihjif3AczfRUVpVgouUZTCll98fAAspbkL1Yy5OzwrOY%2FaOs7vvcaEJevV9ZQkezhQG%2BO4MylRtBzFXhuADcL4xHCTgcOcwnnQFOUUkfLCK1jaYF"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400

GET
H2 200 config.js Show response
td-btc.com/common/ 5 KB
978 B 492ms
491ms Script
application/javascript 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://td-btc.com/common/config.js?random=7215012

Requested by

Host: td-btc.com
URL: https://td-btc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9d76a17fb3c9d178fa3ff5928637daed711e79b184aebec8867947bcef09c10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://td-btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 03:45:39 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 17 Nov 2023 09:26:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"655731b7-120b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jajgNB9SwIPEVgXFl8hovoXFdDXeW0vEw4VigGFD8pD%2BKlXwCzP3XhaID%2BnADAJYE8Js%2B3Maw12ofBXJ8PJ%2Fb1YAc9xJW8%2FPDBxmjR7Upp%2FDtSa4fF4lzyf%2FPX2J6UZhbf%2Fp%2BRRXn5pR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 85a4b78c898d22a9-CDG
alt-svc: h3=":443"; ma=86400
expires: Mon, 25 Mar 2024 03:45:39 GMT

GET
H2 200 index-f8aed0f4.js Show response
td-btc.com/assets/ 292 KB
101 KB 955ms
955ms Script
application/javascript 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://td-btc.com/assets/index-f8aed0f4.js

Requested by

Host: td-btc.com
URL: https://td-btc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9875e58f1af4cc4a665800ec34842ac98dd9aeee3f81f31a8cb2936e50ca2f00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://td-btc.com/
Origin: https://td-btc.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 03:45:40 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 18 Sep 2023 06:01:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6507e7d1-49125"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fwGSkocDtHw9YZH0DwybYbcLe2RyYZo9RHGUbMi8ZNqgLdCLaXYe8TBlvIDTiZJ8UKSNm4JqVR5yOaWH88iw9%2B2NhLREjnCIkNiWW5i5jhW%2FuHuUvei8FaH7cN5IW0BzdtRu5UqTZMmQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 85a4b78c898e22a9-CDG
alt-svc: h3=":443"; ma=86400
expires: Mon, 25 Mar 2024 03:45:39 GMT

GET
H2 200 index-99ce1166.css
td-btc.com/assets/ 231 KB
60 KB 797ms
796ms Stylesheet
text/css 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://td-btc.com/assets/index-99ce1166.css

Requested by

Host: td-btc.com
URL: https://td-btc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

942e918ab26c08a3ceb4d68e472e11f6ffd3266d29edc1dfe3f283f664ea6835

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://td-btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 03:45:40 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 18 Sep 2023 06:01:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6507e7d1-39d08"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2BcPhoaiwlfF%2FGVdV6KUOD%2BrXO1XUbya7q4O9%2F17hbFsOV1m4H1mh6jinT4LVDx3fwpw%2Bt2DZNwDQ7SLwliRSI5gSAM7KYDrl4AAzK%2BrSA6xE22c028yp75Muz5FGQcxoUWHRLrIMaCi"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 85a4b78c898b22a9-CDG
alt-svc: h3=":443"; ma=86400
expires: Mon, 25 Mar 2024 03:45:39 GMT

OPTIONS
H2 200 get_lang_json
api.td-btc.net/api/public/ Frame 0
0 573ms
476ms Preflight
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.td-btc.net/api/public/get_lang_json?d=1708746340299&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: st-lang
Access-Control-Request-Method: GET
Origin: https://td-btc.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authori-zation,Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-Requested-With, Form-type,cache-control, St-Lang
access-control-allow-methods: GET,POST,PATCH,PUT,DELETE,OPTIONS,DELETE
access-control-allow-origin: https://td-btc.com
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85a4b7938f42661e-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 24 Feb 2024 03:45:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BVmLS8mCJi4nc6nVZSeUPhWbGBb70C6ba7I%2F8wgvQESrd%2FgKvVwRE6RSVZr%2FCu3jvpYwAxdNym8WZkNB%2BrTvorcC%2BCtLbu%2FLFKKawquWaqaEkhYwIogrVSNP%2BXo3rjUFSfJs2i3XYeresOlWXg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding

OPTIONS
H2 200 app_info
api.td-btc.net/api/user/ Frame 0
0 571ms
475ms Preflight
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.td-btc.net/api/user/app_info?d=1708746340300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: st-lang
Access-Control-Request-Method: GET
Origin: https://td-btc.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authori-zation,Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-Requested-With, Form-type,cache-control, St-Lang
access-control-allow-methods: GET,POST,PATCH,PUT,DELETE,OPTIONS,DELETE
access-control-allow-origin: https://td-btc.com
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85a4b7938f41661e-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 24 Feb 2024 03:45:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dBWFq3z8pZbTAJxSNwZKfBxWr%2Bepn4MOGh5oJv5C7tqZYIjuF7%2BSql9OJyOirBgZMGo2qUe4Xo%2FE0aw%2FeumvAXmklaZjR0b86FaKfpSdpEeMxSrbw3gK9GWmmT2%2FyMpChUjyG5roUuQLxn9JPA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H3 200 get_lang_json Show response
api.td-btc.net/api/public/ 12 KB
5 KB 713ms
654ms XHR
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.td-btc.net/api/public/get_lang_json?d=1708746340299&lang=en

Requested by

Host: td-btc.com
URL: https://td-btc.com/assets/index-f8aed0f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbda7df326a50a667e4e376fc86c898a973557712c89f25cdf73fffbdb0d6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

st-lang: en
Accept: application/json, text/plain, */*
Referer: https://td-btc.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 03:45:41 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET,POST,PATCH,PUT,DELETE,OPTIONS,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://td-btc.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NJGkzbqTeICcHsbptRAgyobQnzPl%2Fc0smY9jaus6nrP7Mhp%2FSAyroadnlAgvS8CAogyfGZeZUj5EaY6kBpDweLS1XY9VbimEtFYqSJISrxjfxjHx%2B7gJ4j4uGEriHPvswjn27IUhy%2BkF9GEg7g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 85a4b796ec5a0488-CDG
access-control-allow-headers: Authori-zation,Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-Requested-With, Form-type,cache-control, St-Lang
alt-svc: h3=":443"; ma=86400

GET
H3 200 app_info Show response
api.td-btc.net/api/user/ 2 KB
1 KB 592ms
532ms XHR
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.td-btc.net/api/user/app_info?d=1708746340300

Requested by

Host: td-btc.com
URL: https://td-btc.com/assets/index-f8aed0f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7e16ba11f1feb4021d7b6b5e48f5408fb6855207f27c2f4f78297c9bfad2ad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

st-lang: en
Accept: application/json, text/plain, */*
Referer: https://td-btc.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 03:45:41 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET,POST,PATCH,PUT,DELETE,OPTIONS,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://td-btc.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZjMSDCecoOXzGVxdtey2nHgFF4Ao6rIw8wEqr4%2BfZcbxNiykRxC0CdquYwNsKRglmDOyrrMx7V2N188dy7uTOIdvE0KgpBAIb1ZFQ6GmumdJQi%2FWDDfbrL5%2FdWKnT%2BxaQjoc4RIa0ZRRUbEe7g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 85a4b796ec5b0488-CDG
access-control-allow-headers: Authori-zation,Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-Requested-With, Form-type,cache-control, St-Lang
alt-svc: h3=":443"; ma=86400

GET
H3

200

main.js Show response
td-btc.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/ Frame 59D5
Redirect Chain

https://td-btc.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://td-btc.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js

8 KB
4 KB

34ms
34ms

Script
application/javascript

2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://td-btc.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js

Protocol

Server

2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5371fe45701acc855d387654dc20f475fbdd34595a3701cc6944b465f550716b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 03:45:40 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z36e2joki%2FXThU2dBr4d8Ll2NM4BuUpdtlyyAzEAnIXh%2B%2FTII5d4krsh3gghAowteAPjNFp1Y5%2BEbqequQayTxRKgtdqVqsxkteaM9LBvKQJrOndasM%2BhKPyEGIuA%2FiJjmSKrCl41nAx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 85a4b7932f837020-CDG
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sat, 24 Feb 2024 03:45:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wlEdBGXWCTONBqd4cZ8XNGXP52oS2ceoH0oEYJIqttMkZ78WeUD8XHYJpSklMQf%2BjMldC0F0%2FgakdGZtFW6zTaaAieMS0BDLtpXIWXQqbVA0GdhLuaQfhcrayWQhYF1UdHEg2xxHluI%2B"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js
cache-control: max-age=300, public
cf-ray: 85a4b792ff5e7020-CDG
alt-svc: h3=":443"; ma=86400

POST
H3 200 85a4b7895ffa22a9 Show response
td-btc.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 59D5 0
590 B 44ms
44ms XHR
text/plain 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://td-btc.com/cdn-cgi/challenge-platform/h/b/jsd/r/85a4b7895ffa22a9
Requested by: Host: td-btc.com
URL: https://td-btc.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 24 Feb 2024 03:45:40 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JBRzoElpE%2BlWeIYK4LwnGa9Dsllv9AASSoSB2e%2BoJ2QcaHAOrYjBMF2PXrHzhK5p7stiEfRApYSVnNwSx%2FKcKXIQV0Jmzg2LKVUnlumtwjChga4xCWUHAUHhgsxCjwbKW%2F6dWZ7SWNhB"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 85a4b793b8017020-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 login-584cdbf7.js Show response
td-btc.com/assets/ 14 KB
3 KB 494ms
493ms Script
application/javascript 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://td-btc.com/assets/login-584cdbf7.js

Requested by

Host: td-btc.com
URL: https://td-btc.com/assets/index-f8aed0f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0d390b4f2785502c2e09c47cdade23ea6287b0212fd4aa44a15dea03a469c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
Origin: https://td-btc.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 03:45:41 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 18 Sep 2023 06:01:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6507e7d1-39b4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LbZO1P6yXPfO2OaNpKLXzE5tdq0BlzWPlPAlGQ87QGEcyGy%2BCp2%2B%2FKaML4bMGaUaHfzfJ4g%2Bvw7JDIAsFuLJhoDugnuapNG4Zly8QEg9ft%2FtudUmRxzVHFfFNHOY6Mj%2BvnFf8vZkViKW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 85a4b79a4c5b7020-CDG
alt-svc: h3=":443"; ma=86400
expires: Mon, 25 Mar 2024 03:45:41 GMT

GET
H3 200 VCard-9984b766.js Show response
td-btc.com/assets/ 1 KB
967 B 492ms
492ms Script
application/javascript 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://td-btc.com/assets/VCard-9984b766.js

Requested by

Host: td-btc.com
URL: https://td-btc.com/assets/index-f8aed0f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1e029efec1e30755facbc24f9966a8782da6ba02e2df9922943ff23e9bee9d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
Origin: https://td-btc.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 03:45:41 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 18 Sep 2023 06:01:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6507e7d1-4de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3FnE5djEVsEPpg%2BQ9tfi2nKqvmfyavofXu97jyM2mMLRb%2BMCs59ti5dQQB3OyHxtx1v4gIbZNJ%2B4QJ1Y6lujGNPH2uCmCt92qc1BJ8Gaz9COIH%2BWChSaIyQZV0WOy5n1gu1hwNc4a4MM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 85a4b79a4c5c7020-CDG
alt-svc: h3=":443"; ma=86400
expires: Mon, 25 Mar 2024 03:45:41 GMT

GET
H3 200 VCard-7dd0db1d.css
td-btc.com/assets/ 423 B
707 B 495ms
494ms Stylesheet
text/css 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://td-btc.com/assets/VCard-7dd0db1d.css

Requested by

Host: td-btc.com
URL: https://td-btc.com/assets/index-f8aed0f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dd0db1dae944d581796d8c5d6e25173738a978a5b6db7eda2f396ef7e227cec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://td-btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 03:45:41 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 12 Sep 2023 09:55:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"650035a7-1a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bKi7szisQ8sy98fNoXdVnpi77XkfBYgDA41Ul7AagHQ1vUcxeaI9bsd1gvQYewcdLmQMw29kDfxevO5UIH0i6Qsw31jyV6Yr0kiauLtO9JU%2BFWPzwaBJZr%2BrJ2d6a5rl%2FZMx29UgJ3xx"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 85a4b79a4c5f7020-CDG
alt-svc: h3=":443"; ma=86400
expires: Mon, 25 Mar 2024 03:45:41 GMT

GET
H3 200 VPhoneSelect.vue_vue_type_script_setup_true_lang-e0f599e4.js Show response
td-btc.com/assets/ 2 KB
1 KB 501ms
500ms Script
application/javascript 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://td-btc.com/assets/VPhoneSelect.vue_vue_type_script_setup_true_lang-e0f599e4.js

Requested by

Host: td-btc.com
URL: https://td-btc.com/assets/index-f8aed0f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f972bae7a58340ede86a1efebdf31ba686868400b912ea2b1fca3e7c77afec3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
Origin: https://td-btc.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 03:45:41 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 18 Sep 2023 06:01:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6507e7d1-617"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OjR8iLd7vWo44lWf%2B8pljQQ0Thpt%2BR0DkWbOeR2P%2BdPV8mfxRnoAs6Vup1RIBj6lmF%2FLajSRil0kL1b5%2F6lg0E24eoGRdi5AAtOPxBlwvKhJ0zYg%2BD8UlmlY%2BhwF6MRR8dihQicEY6zw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 85a4b79a4c607020-CDG
alt-svc: h3=":443"; ma=86400
expires: Mon, 25 Mar 2024 03:45:41 GMT

GET
H3 200 VInput.vue_vue_type_script_setup_true_lang-b6f16ac6.js Show response
td-btc.com/assets/ 7 KB
2 KB 503ms
502ms Script
application/javascript 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://td-btc.com/assets/VInput.vue_vue_type_script_setup_true_lang-b6f16ac6.js

Requested by

Host: td-btc.com
URL: https://td-btc.com/assets/index-f8aed0f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e84cf0322938448e5ef61acef40d455275a425264f3dcbc033a422e1e657705

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
Origin: https://td-btc.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 03:45:41 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 18 Sep 2023 06:01:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6507e7d1-1d06"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zSh2%2FzVNAosJV5r8vMZnlh63u%2Fv%2Fpdji2%2FHttVdzEszfCuYxbgYNJz4NIU5E81Iw%2Bk5jibFeymibs0rIflrz0Zor%2BJUmzUrmJPB%2F2EoelvCYkL79ZBufU3UrwvPJrfBotqo3cA5K6kRA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 85a4b79a4c617020-CDG
alt-svc: h3=":443"; ma=86400
expires: Mon, 25 Mar 2024 03:45:41 GMT

GET
H3 200 theme1-auth-bg-d8e7f33b.js Show response
td-btc.com/assets/ 63 B
530 B 496ms
495ms Script
application/javascript 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://td-btc.com/assets/theme1-auth-bg-d8e7f33b.js

Requested by

Host: td-btc.com
URL: https://td-btc.com/assets/index-f8aed0f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5445a7f810aedf5f6632650c0003fe4f6dd98dfe4ef936f959dd18b16214ae5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
Origin: https://td-btc.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 03:45:41 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 11 Jul 2023 03:05:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64acc6dc-3f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Io0vdQ4KfnhIbzOzWhCwr17gArY0ABaN7Srj5zu1oczEnR%2FPg7XQvglbuXi5qHvPqccQ5RCaF%2Ftx9upWXPPdzoL7gjTz2Vk0IJyxI%2FTSfs4z8qYQT5bcAMqDJWBfNRfy4njXkuWP4rwD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 85a4b79a4c627020-CDG
alt-svc: h3=":443"; ma=86400
expires: Mon, 25 Mar 2024 03:45:41 GMT

GET
H3 200 useAuth-28c0a63c.js Show response
td-btc.com/assets/ 7 KB
3 KB 503ms
503ms Script
application/javascript 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://td-btc.com/assets/useAuth-28c0a63c.js

Requested by

Host: td-btc.com
URL: https://td-btc.com/assets/index-f8aed0f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41b23a4f4b8aa8f4cb08ac70aafb2e5370513e1c6fe5810cd9ad286d86496a25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
Origin: https://td-btc.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 03:45:41 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 18 Sep 2023 06:01:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6507e7d1-1b3d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zlu%2Byi2q9TYhIO3UtlGqIXgkygCNzqmwNvM9j2U%2FWo9jPIXH612dJvY7JBhRM6I4gFITpJJ0i2MxtD6QXkshc5qPvCvgyxl70pfZTuqTPYnITrDfklVKCYwJddt4dX6yT5PZEKxClMRM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 85a4b79a4c637020-CDG
alt-svc: h3=":443"; ma=86400
expires: Mon, 25 Mar 2024 03:45:41 GMT

GET
H3 200 login-7d58783d.css
td-btc.com/assets/ 5 KB
3 KB 494ms
493ms Stylesheet
text/css 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://td-btc.com/assets/login-7d58783d.css

Requested by

Host: td-btc.com
URL: https://td-btc.com/assets/index-f8aed0f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d58783d0adb12e82e308db8a03769d4db843b030bc18fb577933c9304dcc729

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://td-btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 03:45:41 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 12 Sep 2023 09:55:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"650035a7-121b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FBvC%2FxfBCDH85nlw6X91E5THju1Hjw89ElYJxq5oMF%2B%2BIZlWmYDOyxROtK%2FcJsqNz0FfqGE3tRNNvO0xWYHLsvShDtdNxTUgTJppnWP1Vk78hpyLrSYe7LKuNn%2FfSLPfhh%2F%2FCjqsCx3H"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 85a4b79a4c647020-CDG
alt-svc: h3=":443"; ma=86400
expires: Mon, 25 Mar 2024 03:45:41 GMT

GET
DATA 200
OK truncated
/ 439 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 17fabeac620cf7026e0ba78567436538722298cbd5894dca34364e03a0fae6b2

Request headers

Referer
Origin: https://td-btc.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET 2bee2f7ccd69ed838ba07c3f2c0dfb10.jpg
babaoss.oss-accelerate-overseas.aliyuncs.com/upload/20231117/ 0
0

GET
H3 200 theme1-auth-bg-0ef6f814.jpeg
td-btc.com/assets/ 45 KB
45 KB 37ms
37ms Image
image/jpeg 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://td-btc.com/assets/theme1-auth-bg-0ef6f814.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

def4889edc346a48547937a560bd8e2a61c07ec4e8d166e445ac2d654d3d93d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://td-btc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 03:45:42 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 217835
alt-svc: h3=":443"; ma=86400
content-length: 45622
last-modified: Fri, 17 Nov 2023 09:23:33 GMT
server: cloudflare
etag: "65573115-b236"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kG2i6XeiIHVmQspcsENAccYmomZ2CLloEnVaoOqxBys7Xo%2BJVo2s9K%2BcUzB3udZZTxivvesRCj3pfqAEH9BNafCPBZoq94YjCs9hirRKgOiEZa04ipFFty4HLqoi2rzg89gc0JDKf6Dt"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 85a4b79dae647020-CDG
expires: Fri, 22 Mar 2024 15:15:07 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 933e6f65cc9fe32b8428bd31afb1c4f04a603690b373267ec6ffa0691378dff3

Request headers

Referer
Origin: https://td-btc.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 340 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9436f223f3ce6274bd772f7eb28249adc4a0723c7f0de8debb8f3833a73095e1

Request headers

Referer
Origin: https://td-btc.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAopxRSW32.woff2
fonts.gstatic.com/s/dmsans/v14/ 14 KB
14 KB 64ms
19ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v14/rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAopxRSW32.woff2

Requested by

Host: td-btc.com
URL: https://td-btc.com/assets/index-99ce1166.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b99e2ac0acd1e779f2db8aa9fc92e5901207ad6150689a5318163a70ee667157

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://td-btc.com/
Origin: https://td-btc.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 23:02:58 GMT
x-content-type-options: nosniff
age: 362564
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14132
x-xss-protection: 0
last-modified: Wed, 12 Jul 2023 22:06:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Feb 2025 23:02:58 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: babaoss.oss-accelerate-overseas.aliyuncs.com
URL: https://babaoss.oss-accelerate-overseas.aliyuncs.com/upload/20231117/2bee2f7ccd69ed838ba07c3f2c0dfb10.jpg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.td-btc.com/	1970-01-20 18:40:32	Name: __cf_mw_byp Value: cNNG42o_ZkTUwR9zxGnYADdu_kX07pedqpzEbn4Oolc-1708746333-0.0-/
			.td-btc.com/	1970-01-21 03:24:42	Name: cf_clearance Value: Al_stDTHcHYTOGQS_1uzsVkS52A77xpAh6pBPKY181I-1708746340-1.0-AQCEsqvJMah5Oi9x173WJFRXw1Ch+SVivpbJZDdx0Mt8zBrhp5BYd+tifMzZivrp0DX2OQPnSG2DxdxWQw3hziY=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.td-btc.net
babaoss.oss-accelerate-overseas.aliyuncs.com
fonts.gstatic.com
td-btc.com
babaoss.oss-accelerate-overseas.aliyuncs.com
2a00:1450:4001:82f::2003
2a06:98c1:3120::9
2a06:98c1:3121::3
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
143d830212a18b0ed5d5ecb80f83452a2d18d6f541e8a5ecdbefbcc22660729b
17fabeac620cf7026e0ba78567436538722298cbd5894dca34364e03a0fae6b2
3493f02e9132ad5e7d3a816c5e854d6e98e21042c065ba29d2497573be48162a
41b23a4f4b8aa8f4cb08ac70aafb2e5370513e1c6fe5810cd9ad286d86496a25
4e84cf0322938448e5ef61acef40d455275a425264f3dcbc033a422e1e657705
5371fe45701acc855d387654dc20f475fbdd34595a3701cc6944b465f550716b
7d58783d0adb12e82e308db8a03769d4db843b030bc18fb577933c9304dcc729
7dd0db1dae944d581796d8c5d6e25173738a978a5b6db7eda2f396ef7e227cec
933e6f65cc9fe32b8428bd31afb1c4f04a603690b373267ec6ffa0691378dff3
942e918ab26c08a3ceb4d68e472e11f6ffd3266d29edc1dfe3f283f664ea6835
9436f223f3ce6274bd772f7eb28249adc4a0723c7f0de8debb8f3833a73095e1
9875e58f1af4cc4a665800ec34842ac98dd9aeee3f81f31a8cb2936e50ca2f00
b99e2ac0acd1e779f2db8aa9fc92e5901207ad6150689a5318163a70ee667157
c0d390b4f2785502c2e09c47cdade23ea6287b0212fd4aa44a15dea03a469c40
d1e029efec1e30755facbc24f9966a8782da6ba02e2df9922943ff23e9bee9d7
d5445a7f810aedf5f6632650c0003fe4f6dd98dfe4ef936f959dd18b16214ae5
d7e16ba11f1feb4021d7b6b5e48f5408fb6855207f27c2f4f78297c9bfad2ad5
d9d76a17fb3c9d178fa3ff5928637daed711e79b184aebec8867947bcef09c10
dbda7df326a50a667e4e376fc86c898a973557712c89f25cdf73fffbdb0d6e3d
def4889edc346a48547937a560bd8e2a61c07ec4e8d166e445ac2d654d3d93d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f972bae7a58340ede86a1efebdf31ba686868400b912ea2b1fca3e7c77afec3b

td-btc.com Open in urlscan Pro 2a06:98c1:3120::9 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

79 %HTTPS

100 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

255 kBTransfer

676 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

td-btc.com Open in urlscan Pro
2a06:98c1:3120::9 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

79 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

255 kB
Transfer

676 kB
Size

2
Cookies

24 HTTP transactions
3 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!