www.updatecovid.xyz.bakaradvertising.com Open in urlscan Pro
50.116.94.71 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.updatecovid.xyz.bakaradvertising.com/
Submission: On October 25 via automatic, source certstream-suspicious (October 25th 2023, 12:38:44 pm UTC) — Scanned from DE

Summary HTTP 18 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 18 HTTP transactions. The main IP is 50.116.94.71, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is www.updatecovid.xyz.bakaradvertising.com.
TLS certificate: Issued by R3 on October 25th 2023. Valid for: 3 months.

This is the only time www.updatecovid.xyz.bakaradvertising.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	50.116.94.71 50.116.94.71	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
4	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:e0:... 2606:4700:e0::ac40:6b12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700:303... 2606:4700:3031::ac43:8bbf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	4

5 50.116.94.71 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: setipower.com

www.updatecovid.xyz.bakaradvertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e0::ac40:6b12 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.rbtasset.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3031::ac43:8bbf (United States)

ASN13335 (CLOUDFLARENET, US)

bkrsport.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	bkrsport.shop bkrsport.shop	2 MB
5	bakaradvertising.com www.updatecovid.xyz.bakaradvertising.com	524 KB
4	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 379	91 KB
1	rbtasset.com cdn.rbtasset.com — Cisco Umbrella Rank: 56359	884 KB
18	4

	Domain	Requested by
8	bkrsport.shop	www.updatecovid.xyz.bakaradvertising.com
5	www.updatecovid.xyz.bakaradvertising.com	www.updatecovid.xyz.bakaradvertising.com
4	cdn.ampproject.org	www.updatecovid.xyz.bakaradvertising.com cdn.ampproject.org
1	cdn.rbtasset.com	www.updatecovid.xyz.bakaradvertising.com
18	4

This site contains links to these domains. Also see Links.

Domain
societylink.org
updatecovid.xyz

Subject Issuer	Validity	Valid
updatecovid.xyz R3	`2023-10-25` - `2024-01-23`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
rbtasset.com GTS CA 1P5	`2023-10-16` - `2024-01-14`	3 months	crt.sh
bkrsport.shop GTS CA 1P5	`2023-09-04` - `2023-12-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.updatecovid.xyz.bakaradvertising.com/
Frame ID: B6A0DE7F670F0B9C7067D30E10DA7C98
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SLOT88 - DAFTAR NAMA 10 SITUS JUDI SLOT ONLINE TERPERCAYA GACOR TERBARU 2023 MUDAH MENANG

Detected technologies

Lightbox (JavaScript Libraries) Expand

Page Statistics

18
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

3517 kB
Transfer

3814 kB
Size

0
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://societylink.org/loginbang

Search URL Search Domain Scan URL

URL: https://societylink.org/promobang

Search URL Search Domain Scan URL

URL: https://societylink.org/daftarbang
Title: Daftar

Search URL Search Domain Scan URL

URL: https://updatecovid.xyz/
Title: Slot Online Terpercaya

Search URL Search Domain Scan URL

URL: https://societylink.org/WA-bang
Title: WHATSAPP

Search URL Search Domain Scan URL

URL: https://societylink.org/livechat-bang
Title: LIVECHAT

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.updatecovid.xyz.bakaradvertising.com/ 84 KB
25 KB 1803ms
332ms Document
text/html 50.116.94.71
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.updatecovid.xyz.bakaradvertising.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.116.94.71 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: setipower.com
Software: Apache /
Resource Hash: f03dde3f002c59e02ce16e546c21256e7e5e6af1ff0dd77cd5a603f6672e21ae

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html
date: Wed, 25 Oct 2023 12:38:37 GMT
last-modified: Wed, 25 Oct 2023 12:27:16 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
71 KB 189ms
60ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.updatecovid.xyz.bakaradvertising.com
URL: https://www.updatecovid.xyz.bakaradvertising.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c85c630601edab15e8aa2e0a5ab14ae6168816700c3b2a2bb4983cdc2b11acd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.updatecovid.xyz.bakaradvertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 25 Oct 2023 12:38:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73031
x-xss-protection: 0
server: sffe
etag: "aa4f775a8c339659"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 25 Oct 2023 12:38:37 GMT

GET
H2 200 amp-carousel-0.1.js Show response
cdn.ampproject.org/v0/ 38 KB
12 KB 175ms
47ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-carousel-0.1.js

Requested by

Host: www.updatecovid.xyz.bakaradvertising.com
URL: https://www.updatecovid.xyz.bakaradvertising.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7be1be47bb958256a0ba9a9ab16d2e4a6a8a5b975081c35e081952abeae1d530

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.updatecovid.xyz.bakaradvertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 25 Oct 2023 12:38:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11509
x-xss-protection: 0
server: sffe
etag: "d8cc5bf129c79037"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 25 Oct 2023 12:38:37 GMT

GET
H2 200 logo.gif
cdn.rbtasset.com/assets/tpl/94da368ff5/images/ 883 KB
884 KB 829ms
761ms Image
image/gif 2606:4700:e0::ac40:6b12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.rbtasset.com/assets/tpl/94da368ff5/images/logo.gif
Requested by: Host: www.updatecovid.xyz.bakaradvertising.com
URL: https://www.updatecovid.xyz.bakaradvertising.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6b12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d7a989353f3f22cf830f5c3af578f2f0456aed76321a32538076d6b08057842

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.updatecovid.xyz.bakaradvertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:38:38 GMT
x-amz-version-id: .esjpuRdpUc1E2TvtVsBU27oTilLWnkq
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: NT1QW6E34KQRK5TX
alt-svc: h3=":443"; ma=86400
content-length: 903706
x-amz-id-2: EdVuX/FbolCGZ4yp0p/XNmxh5/IaIMw43EAT65YvLZiCe/9HYJh5zhuAdw86Mbw9dyGoRJrS610=
last-modified: Sat, 05 Aug 2023 03:47:35 GMT
server: cloudflare
etag: "9f5567cff9ab30d29806a1ac9e60ee30"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2BK%2Byqdd1OUNqz0kyMdvIl9zflOLX188%2BPtmikZH2hB2mgW8ZxXphkIGkzChGRTBEmpPmA%2FDZ0idDom2IbdeuJqghF4cSWlhsSovjffQCzlfR49njCKWYzg4Ap55JWsZHxe9M3v6B5ed2c0lmhWp"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81ba84868a65bb9d-FRA

GET
H2 200 BONUS-FREE-SPIN.jpg
bkrsport.shop/oktober/ 252 KB
253 KB 917ms
860ms Image
image/jpeg 2606:4700:3031::ac43:8bbf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bkrsport.shop/oktober/BONUS-FREE-SPIN.jpg

Requested by

Host: www.updatecovid.xyz.bakaradvertising.com
URL: https://www.updatecovid.xyz.bakaradvertising.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:8bbf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb15439617a578139e265d3951731809493bc8ccf9bbed38cc5037cc37ee4c3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.updatecovid.xyz.bakaradvertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:38:38 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 258172
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "c9cd33f993630708e55229bec35b3822"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wgvgqMzePMV1VWGDgW2N19pAAjRB8naq%2B1HGV1oe764FbOT1%2FKtVfzI0zMFLczCO1YzsMAT4ggRzWrJ436Sm830AojHOySqxi%2BadfR9P5Qh74q3nauNn%2FsFTG%2FNsiisTKAq1LxAll9zadrTn"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 81ba84867a579a3b-FRA

GET
H2 200 daftar.png
www.updatecovid.xyz.bakaradvertising.com/img/ 21 KB
21 KB 173ms
171ms Image
image/png 50.116.94.71
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.updatecovid.xyz.bakaradvertising.com/img/daftar.png
Requested by: Host: www.updatecovid.xyz.bakaradvertising.com
URL: https://www.updatecovid.xyz.bakaradvertising.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.116.94.71 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: setipower.com
Software: Apache /
Resource Hash: 981c34949636937794de717058ea63bdf340ca0871eef6cf04e255621d52307f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.updatecovid.xyz.bakaradvertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:38:37 GMT
last-modified: Wed, 25 Oct 2023 07:21:58 GMT
server: Apache
accept-ranges: bytes
content-length: 21940
content-type: image/png

GET
H2 200 bonus.png
www.updatecovid.xyz.bakaradvertising.com/img/ 54 KB
54 KB 670ms
668ms Image
image/png 50.116.94.71
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.updatecovid.xyz.bakaradvertising.com/img/bonus.png
Requested by: Host: www.updatecovid.xyz.bakaradvertising.com
URL: https://www.updatecovid.xyz.bakaradvertising.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.116.94.71 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: setipower.com
Software: Apache /
Resource Hash: 49e65b2996ced3a8ae960a2d4f54b394cd4450ac96fe2a924200a5b6418fd12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.updatecovid.xyz.bakaradvertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:38:37 GMT
last-modified: Wed, 25 Oct 2023 07:22:10 GMT
server: Apache
accept-ranges: bytes
content-length: 55223
content-type: image/png

GET
H2 200 whatsapp.png
www.updatecovid.xyz.bakaradvertising.com/img/ 399 KB
399 KB 340ms
338ms Image
image/png 50.116.94.71
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.updatecovid.xyz.bakaradvertising.com/img/whatsapp.png
Requested by: Host: www.updatecovid.xyz.bakaradvertising.com
URL: https://www.updatecovid.xyz.bakaradvertising.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.116.94.71 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: setipower.com
Software: Apache /
Resource Hash: 8488e5fdb115e65dd75202f3c31beecbaa12b07f9103728e0f17de451added5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.updatecovid.xyz.bakaradvertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:38:37 GMT
last-modified: Wed, 25 Oct 2023 07:17:46 GMT
server: Apache
accept-ranges: bytes
content-length: 408424
content-type: image/png

GET
H2 200 livechat.png
www.updatecovid.xyz.bakaradvertising.com/img/ 24 KB
25 KB 176ms
174ms Image
image/png 50.116.94.71
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.updatecovid.xyz.bakaradvertising.com/img/livechat.png
Requested by: Host: www.updatecovid.xyz.bakaradvertising.com
URL: https://www.updatecovid.xyz.bakaradvertising.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.116.94.71 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: setipower.com
Software: Apache /
Resource Hash: 002ae9b21ea9434efd2e0c5301639aaaf2bcab0ef79195d5557a90226b34408e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.updatecovid.xyz.bakaradvertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:38:37 GMT
last-modified: Wed, 25 Oct 2023 07:18:56 GMT
server: Apache
accept-ranges: bytes
content-length: 25067
content-type: image/png

GET
H2 200 LOGIN-BONUS.jpg
bkrsport.shop/oktober/ 253 KB
253 KB 208ms
152ms Image
image/jpeg 2606:4700:3031::ac43:8bbf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bkrsport.shop/oktober/LOGIN-BONUS.jpg

Requested by

Host: www.updatecovid.xyz.bakaradvertising.com
URL: https://www.updatecovid.xyz.bakaradvertising.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:8bbf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3260eea98564387d1c8535a6c7636e350356614ed32d945af5423e11b0f6c973

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.updatecovid.xyz.bakaradvertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:38:37 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 258820
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "21d044a816ea492a574154804542a1ba"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pkIdRtOqA0fJdZIAuC1Yu%2BQ15%2FlCi20SbHwyVe4gba3RSd0o6i4AWpvPkFGNMr5EUeewoPs0hQbJvx62hKU2OkJ%2BFswpZC2u1d9HSu4H12QCNewrEWIWgsSlOzREcDkWC64hXsL5oon%2BDxqf"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 81ba84867a5c9a3b-FRA

GET
H2 200 EXTRA-BONUS-WD.jpg
bkrsport.shop/oktober/ 319 KB
319 KB 198ms
142ms Image
image/jpeg 2606:4700:3031::ac43:8bbf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bkrsport.shop/oktober/EXTRA-BONUS-WD.jpg

Requested by

Host: www.updatecovid.xyz.bakaradvertising.com
URL: https://www.updatecovid.xyz.bakaradvertising.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:8bbf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

303d96bd381e468eb63f8c742a48f66ede34e7c7c82616bd041aa238e7be7856

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.updatecovid.xyz.bakaradvertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:38:37 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 326166
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "0ac27ea43d50a5d118cc5053c05e2c59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5jYG6whtyZhBKARzvH80MBA26KxnxKxI5mQebo4zxAQ54zJ3B3ZkGtyu4xTKv8jESjJ48DE6yphEwx%2FwITNjyoCOK9PmUG%2FMb8UNj3CgkPhQmA%2BWBmW97gR%2FY22r%2BCIRUQsQOZ3k%2FdiS9QJk"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 81ba84867a589a3b-FRA

GET
H2 200 WHEEL-OF-FORTUNE.jpg
bkrsport.shop/oktober/ 249 KB
249 KB 373ms
317ms Image
image/jpeg 2606:4700:3031::ac43:8bbf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bkrsport.shop/oktober/WHEEL-OF-FORTUNE.jpg

Requested by

Host: www.updatecovid.xyz.bakaradvertising.com
URL: https://www.updatecovid.xyz.bakaradvertising.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:8bbf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0e88247bb85e7fb71dffb41b2062ed9f0bfa935ecc791cb9c64ca3a20d3c1b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.updatecovid.xyz.bakaradvertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:38:38 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 254766
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "2cfc44e3b86912efa5e2ebd8c3a21b89"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AFZ6POADh0KSjoW6fvSdmPV5936YWaRMXAkV%2FpHcHKbqZz77w%2Fyh3pE9CzEXAtWlrOwWZmQVx%2BRcynGMg%2BpBvI8xfokJrLZtc1dGgSxHjtWqNhWPucwzUjRst6t9HB5lfwwmcT2pjGAkLi%2Bm"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 81ba84867a5a9a3b-FRA

GET
H2 200 AJAK-TEMAN.jpg
bkrsport.shop/oktober/ 290 KB
290 KB 217ms
162ms Image
image/jpeg 2606:4700:3031::ac43:8bbf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bkrsport.shop/oktober/AJAK-TEMAN.jpg

Requested by

Host: www.updatecovid.xyz.bakaradvertising.com
URL: https://www.updatecovid.xyz.bakaradvertising.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:8bbf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0dbe0ba4fcf65726be1062e76e869def45512b011a5caf04ab2397f07d01c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.updatecovid.xyz.bakaradvertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:38:37 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 296554
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "cd155fc7308499c9dd188245b451fb5a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1NuSg235%2Bv7hyqOnIabqRnGFyGfOy9fwY6DbbGfmrOvDaT2D4R2J3KSf2%2FcmHabwlFS1v4d8caVPtfnrc3XOKTx0juExuv%2BQIKnYxepoSJAivmY3J9UkHaMTXQK4cZ2WnqYInyDLEIX3CMB6"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 81ba84867a5b9a3b-FRA

GET
H2 200 claim-bonus-rungkad.jpg
bkrsport.shop/asset/bkr/ 156 KB
157 KB 168ms
113ms Image
image/jpeg 2606:4700:3031::ac43:8bbf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bkrsport.shop/asset/bkr/claim-bonus-rungkad.jpg

Requested by

Host: www.updatecovid.xyz.bakaradvertising.com
URL: https://www.updatecovid.xyz.bakaradvertising.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:8bbf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56a00ca7e15d4f0affad3976e8e70785d5780ad511e5fbf5f5827d9829223f07

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.updatecovid.xyz.bakaradvertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:38:37 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 160163
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "2476178f76981e4e31316dd223d214df"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K7mW65zULyJ8qDuNXQ6TdEPX5jeJDLCHna7f3w9vvAytenTPa5KTxByuiHzHtdTFfi6D55AeaCE%2BHODeBMU88viMneOqhySLHy0q5ezGDuFQX11xYzkHKlEklCi2bD%2B0ipdZfMaZzsWrWgVN"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 81ba84867a5e9a3b-FRA

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012310111731000/v0/ 8 KB
3 KB 109ms
36ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310111731000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29cc53c94045f5992fe796c8c978b1c06e691ad2509afcbbf9fcccd09a748944

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.updatecovid.xyz.bakaradvertising.com/
Origin: https://www.updatecovid.xyz.bakaradvertising.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 24 Oct 2023 18:02:49 GMT
age: 66948
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2971
x-xss-protection: 0
server: sffe
etag: "d3318576b6061a39"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 23 Oct 2024 18:02:49 GMT

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012310111731000/v0/ 12 KB
4 KB 100ms
38ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310111731000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ccb468c058da5e92426f3a868dbe38245e3e4ed71985f96264ae1407c130ff9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.updatecovid.xyz.bakaradvertising.com/
Origin: https://www.updatecovid.xyz.bakaradvertising.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 24 Oct 2023 18:02:50 GMT
age: 66947
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3951
x-xss-protection: 0
server: sffe
etag: "e11a2f49b1f47e4c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 23 Oct 2024 18:02:50 GMT

GET
H2 200 NEW-MEMBER.jpg
bkrsport.shop/oktober/ 242 KB
243 KB 155ms
128ms Image
image/jpeg 2606:4700:3031::ac43:8bbf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bkrsport.shop/oktober/NEW-MEMBER.jpg

Requested by

Host: www.updatecovid.xyz.bakaradvertising.com
URL: https://www.updatecovid.xyz.bakaradvertising.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:8bbf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f48b73c8cd954eab010a8531d7c9b431e40430592166b001f04462bee0b0549c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.updatecovid.xyz.bakaradvertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:38:37 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 248089
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "024ace966fa7e01b87d06c71baac5cd7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FeZ5HdbU28pFWzYnN6QrdRLx527x8x%2FxGIJMScMM353Hwrb1ETh57mabxXJmypa%2FqvY97zAweuQLoCB30SMuYkXMDn0CKYBpRd3E6hIUrVFcb9DusOA%2BHN%2F1nqxUATI%2BCVjKdu578r%2F75s9g"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 81ba84867a559a3b-FRA

GET
H2 200 LOGIN-BONUS.jpg
bkrsport.shop/oktober/ 253 KB
253 KB 32ms
31ms Image
image/jpeg 2606:4700:3031::ac43:8bbf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bkrsport.shop/oktober/LOGIN-BONUS.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:8bbf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3260eea98564387d1c8535a6c7636e350356614ed32d945af5423e11b0f6c973

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.updatecovid.xyz.bakaradvertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:38:42 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 258820
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "21d044a816ea492a574154804542a1ba"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pkIdRtOqA0fJdZIAuC1Yu%2BQ15%2FlCi20SbHwyVe4gba3RSd0o6i4AWpvPkFGNMr5EUeewoPs0hQbJvx62hKU2OkJ%2BFswpZC2u1d9HSu4H12QCNewrEWIWgsSlOzREcDkWC64hXsL5oon%2BDxqf"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 81ba84a64dce9a3b-FRA

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bkrsport.shop
cdn.ampproject.org
cdn.rbtasset.com
www.updatecovid.xyz.bakaradvertising.com
2606:4700:3031::ac43:8bbf
2606:4700:e0::ac40:6b12
2a00:1450:4001:831::2001
50.116.94.71
002ae9b21ea9434efd2e0c5301639aaaf2bcab0ef79195d5557a90226b34408e
0c85c630601edab15e8aa2e0a5ab14ae6168816700c3b2a2bb4983cdc2b11acd
29cc53c94045f5992fe796c8c978b1c06e691ad2509afcbbf9fcccd09a748944
303d96bd381e468eb63f8c742a48f66ede34e7c7c82616bd041aa238e7be7856
3260eea98564387d1c8535a6c7636e350356614ed32d945af5423e11b0f6c973
49e65b2996ced3a8ae960a2d4f54b394cd4450ac96fe2a924200a5b6418fd12b
56a00ca7e15d4f0affad3976e8e70785d5780ad511e5fbf5f5827d9829223f07
7be1be47bb958256a0ba9a9ab16d2e4a6a8a5b975081c35e081952abeae1d530
8488e5fdb115e65dd75202f3c31beecbaa12b07f9103728e0f17de451added5f
8ccb468c058da5e92426f3a868dbe38245e3e4ed71985f96264ae1407c130ff9
8d7a989353f3f22cf830f5c3af578f2f0456aed76321a32538076d6b08057842
981c34949636937794de717058ea63bdf340ca0871eef6cf04e255621d52307f
b0dbe0ba4fcf65726be1062e76e869def45512b011a5caf04ab2397f07d01c20
d0e88247bb85e7fb71dffb41b2062ed9f0bfa935ecc791cb9c64ca3a20d3c1b3
eb15439617a578139e265d3951731809493bc8ccf9bbed38cc5037cc37ee4c3c
f03dde3f002c59e02ce16e546c21256e7e5e6af1ff0dd77cd5a603f6672e21ae
f48b73c8cd954eab010a8531d7c9b431e40430592166b001f04462bee0b0549c

www.updatecovid.xyz.bakaradvertising.com Open in urlscan Pro 50.116.94.71 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

18 Requests

100 %HTTPS

75 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

3517 kBTransfer

3814 kBSize

0 Cookies

6 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

0 Cookies

Indicators

www.updatecovid.xyz.bakaradvertising.com Open in urlscan Pro
50.116.94.71 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

3517 kB
Transfer

3814 kB
Size

0
Cookies

18 HTTP transactions
0 data transactions