urlscan.io logo urlscan.io
SecurityTrails logo

btwd.pushstakes.com Open in urlscan Pro
35.201.75.69  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://tools.gikotena.net/
Effective URL: https://btwd.pushstakes.com/psh/sw.js?cb=289721634118397ball3v2lnaqvqm2we1y0mrjo0rjrhxx3howquyyiqynhmzt&ex=b2100
Submission: On May 29 via manual from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 7 domains to perform 8 HTTP transactions. The main IP is 35.201.75.69, located in Ascension Island and belongs to GOOGLE, US. The main domain is btwd.pushstakes.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 4th 2020. Valid for: 3 months.
This is the only time btwd.pushstakes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 37.48.65.143 60781 (LEASEWEB-...)
1 1 159.89.225.89 14061 (DIGITALOC...)
2 107.178.249.212 15169 (GOOGLE)
1 2 35.201.123.4 15169 (GOOGLE)
1 35.201.75.69 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 130.211.12.92 15169 (GOOGLE)
8 6
1    37.48.65.143 (Amsterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
tools.gikotena.net
1    159.89.225.89 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
clicks.torromi.com
2    107.178.249.212 (United States)

ASN15169 (GOOGLE, US)
PTR: 212.249.178.107.bc.googleusercontent.com
rdr.rtbravo.com
2    35.201.123.4 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 4.123.201.35.bc.googleusercontent.com
ok.plsnotifyme.com
imp.plsnotifyme.com
1    35.201.75.69 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 69.75.201.35.bc.googleusercontent.com
btwd.pushstakes.com
2    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    130.211.12.92 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 92.12.211.130.bc.googleusercontent.com
get.securedcdn.com
Domain Requested by
2 get.securedcdn.com btwd.pushstakes.com
2 www.gstatic.com btwd.pushstakes.com
2 rdr.rtbravo.com rdr.rtbravo.com
1 imp.plsnotifyme.com get.securedcdn.com
1 btwd.pushstakes.com rdr.rtbravo.com
1 ok.plsnotifyme.com 1 redirects
1 clicks.torromi.com 1 redirects
1 tools.gikotena.net 1 redirects
8 8

This site contains no links.

Subject Issuer Validity Valid
rtbravo.com
Let's Encrypt Authority X3		 2020-04-04 -
2020-07-03		 3 months crt.sh
pushstakes.com
Let's Encrypt Authority X3		 2020-04-04 -
2020-07-03		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
securedcdn.com
Let's Encrypt Authority X3		 2020-04-04 -
2020-07-03		 3 months crt.sh
plsnotifyme.com
Let's Encrypt Authority X3		 2020-04-04 -
2020-07-03		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://btwd.pushstakes.com/psh/sw.js?cb=289721634118397ball3v2lnaqvqm2we1y0mrjo0rjrhxx3howquyyiqynhmzt&ex=b2100
Frame ID: 037DB55BC00723BBD9E31AB09DB77C7A
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://tools.gikotena.net/ HTTP 302
    http://clicks.torromi.com/feed/click/?t1=128&tid=45&uid=26&subid=gikotena.net&id=513958ecc9087aebf0a26... HTTP 302
    https://rdr.rtbravo.com/brdr/p?i=v2lnaqvqm2we1y0mrjo0rjrhxx3howquyyiqynhmzt Page URL
  2. https://ok.plsnotifyme.com/lp?i=v2lnaqvqm2we1y0mrjo0rjrhxx3howquyyiqynhmzt&s=77372840eb15e8ac35ccee74ea... HTTP 302
    https://btwd.pushstakes.com/psh/sw.js?cb=289721634118397ball3v2lnaqvqm2we1y0mrjo0rjrhxx3howquyyiqynhmzt&... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers via /^1\.1 google$/i

Page Statistics

8
Requests

100 %
HTTPS

14 %
IPv6

7
Domains

8
Subdomains

6
IPs

4
Countries

46 kB
Transfer

93 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tools.gikotena.net/ HTTP 302
    http://clicks.torromi.com/feed/click/?t1=128&tid=45&uid=26&subid=gikotena.net&id=513958ecc9087aebf0a26225d3514bdf:a28cfbd23e63e8d80c1d7fdc414b78c31a9c14634cf1e6aaf4f18ab82b70024324ee596102978c842e873d7ef8faa61898e8bc39b467a2d5e1430ef962a43ce3edbc73f1eabb0037c9e846b95fa8c79dfbb8c533fc5c069cb764dbc8336c2037283fe2c3dee4f9273d836ccf766aad92cfb9899a1d8a67f84ac2f55ae3958eb781d830e40a5096cad32e9f2e834613df036f00439e0d79f247b70691defb9ed1ccda90c4c2b38ad801aed39129cca9bd49c76f217291beb44fded4d4ceb91dc82cc31399ff6d0be9837ee87bb50b3fb7da96c56958b040223b6a99f8d1ad5828467946b5a3bee894171de679dc8fcc0154a37f9804deb9baef05afe77731d795e6cb7f53340dcfc95c91d0d4b82af0e2a3922ad4e55b5e8a08c9fbf844ffd6ee5af382691228af849b3c58f52164ad6b156e85e4beeef6bb75bba0efc1d63ce1511f4f4fcbc9bce263a6edd6f32b29af HTTP 302
    https://rdr.rtbravo.com/brdr/p?i=v2lnaqvqm2we1y0mrjo0rjrhxx3howquyyiqynhmzt Page URL
  2. https://ok.plsnotifyme.com/lp?i=v2lnaqvqm2we1y0mrjo0rjrhxx3howquyyiqynhmzt&s=77372840eb15e8ac35ccee74eac515ca0d97e38603bec191d093c3eeac44c06bce2dea8a15284da3404d0e6d&ex=b2100&d=- HTTP 302
    https://btwd.pushstakes.com/psh/sw.js?cb=289721634118397ball3v2lnaqvqm2we1y0mrjo0rjrhxx3howquyyiqynhmzt&ex=b2100 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://tools.gikotena.net/ HTTP 302
  • http://clicks.torromi.com/feed/click/?t1=128&tid=45&uid=26&subid=gikotena.net&id=513958ecc9087aebf0a26225d3514bdf:a28cfbd23e63e8d80c1d7fdc414b78c31a9c14634cf1e6aaf4f18ab82b70024324ee596102978c842e873d7ef8faa61898e8bc39b467a2d5e1430ef962a43ce3edbc73f1eabb0037c9e846b95fa8c79dfbb8c533fc5c069cb764dbc8336c2037283fe2c3dee4f9273d836ccf766aad92cfb9899a1d8a67f84ac2f55ae3958eb781d830e40a5096cad32e9f2e834613df036f00439e0d79f247b70691defb9ed1ccda90c4c2b38ad801aed39129cca9bd49c76f217291beb44fded4d4ceb91dc82cc31399ff6d0be9837ee87bb50b3fb7da96c56958b040223b6a99f8d1ad5828467946b5a3bee894171de679dc8fcc0154a37f9804deb9baef05afe77731d795e6cb7f53340dcfc95c91d0d4b82af0e2a3922ad4e55b5e8a08c9fbf844ffd6ee5af382691228af849b3c58f52164ad6b156e85e4beeef6bb75bba0efc1d63ce1511f4f4fcbc9bce263a6edd6f32b29af HTTP 302
  • https://rdr.rtbravo.com/brdr/p?i=v2lnaqvqm2we1y0mrjo0rjrhxx3howquyyiqynhmzt

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
p
rdr.rtbravo.com/brdr/
Redirect Chain
  • http://tools.gikotena.net/
  • http://clicks.torromi.com/feed/click/?t1=128&tid=45&uid=26&subid=gikotena.net&id=513958ecc9087aebf0a26225d3514bdf:a28cfbd23e63e8d80c1d7fdc414b78c31a9c14634cf1e6aaf4f18ab82b70024324ee596102978c842e8...
  • https://rdr.rtbravo.com/brdr/p?i=v2lnaqvqm2we1y0mrjo0rjrhxx3howquyyiqynhmzt
4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rdr.rtbravo.com/brdr/p?i=v2lnaqvqm2we1y0mrjo0rjrhxx3howquyyiqynhmzt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.249.212 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
212.249.178.107.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
2a583feae14146234742ed04c3c2c571f0ed388fa952e783e1f5799c4d3b334a

Request headers

:method
GET
:authority
rdr.rtbravo.com
:scheme
https
:path
/brdr/p?i=v2lnaqvqm2we1y0mrjo0rjrhxx3howquyyiqynhmzt
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
server
nginx/1.10.3 (Ubuntu)
date
Fri, 29 May 2020 13:14:43 GMT
content-type
text/html; charset=utf-8
content-length
4546
etag
W/"11c2-c9qNxOD4YQ2nhb1rrBW2Ew"
via
1.1 google
alt-svc
clear

Redirect headers

X-Powered-By
Express
Surrogate-Control
no-store
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
0
Location
https://rdr.rtbravo.com/brdr/p?i=v2lnaqvqm2we1y0mrjo0rjrhxx3howquyyiqynhmzt
Vary
Accept
Content-Type
text/html; charset=utf-8
Content-Length
194
Date
Fri, 29 May 2020 13:14:43 GMT
Connection
keep-alive
truncated
/ 		515 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4f6a938b2286c5cbd6999a584a32ef176d9f9ba18af608f8f6226a856ef8d018

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
oij23rewlnkads
rdr.rtbravo.com/brdr/ 		188 B
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rdr.rtbravo.com/brdr/oij23rewlnkads?i=eyJiaWRpZCI6InYybG5hcXZxbTJ3ZTF5MG1yam8wcmpyaHh4M2hvd3F1eXlpcXluaG16dCIsImlzaWYiOiJuby1pZnJhbWUiLCJwbWZzIjowLCJpbmZyYW1lIjpmYWxzZSwic2l6ZSI6IjE2MDB4MTIwMCIsInJlZiI6InJkci5ydGJyYXZvLmNvbSIsImZyZWYiOiIiLCJpc2ZvY3VzIjp0cnVlfQ%3D%3D
Requested by
Host: rdr.rtbravo.com
URL: https://rdr.rtbravo.com/brdr/p?i=v2lnaqvqm2we1y0mrjo0rjrhxx3howquyyiqynhmzt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.249.212 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
212.249.178.107.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 29 May 2020 13:14:44 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
etag
W/"bc-pjfrZmAmLoEjSbUzs6YoLg"
content-type
application/json; charset=utf-8
status
200
alt-svc
clear
content-length
188
Primary Request sw.js
btwd.pushstakes.com/psh/
Redirect Chain
  • https://ok.plsnotifyme.com/lp?i=v2lnaqvqm2we1y0mrjo0rjrhxx3howquyyiqynhmzt&s=77372840eb15e8ac35ccee74eac515ca0d97e38603bec191d093c3eeac44c06bce2dea8a15284da3404d0e6d&ex=b2100&d=-
  • https://btwd.pushstakes.com/psh/sw.js?cb=289721634118397ball3v2lnaqvqm2we1y0mrjo0rjrhxx3howquyyiqynhmzt&ex=b2100
672 B
795 B 		Document
General
Check archive.org
Download Go to
Full URL
https://btwd.pushstakes.com/psh/sw.js?cb=289721634118397ball3v2lnaqvqm2we1y0mrjo0rjrhxx3howquyyiqynhmzt&ex=b2100
Requested by
Host: rdr.rtbravo.com
URL: https://rdr.rtbravo.com/brdr/p?i=v2lnaqvqm2we1y0mrjo0rjrhxx3howquyyiqynhmzt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.75.69 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
69.75.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
a877eac177f0ef2aae7d7f9e22b9cd310f19d4d38d08f177d0413c6b8a7a6909

Request headers

:method
GET
:authority
btwd.pushstakes.com
:scheme
https
:path
/psh/sw.js?cb=289721634118397ball3v2lnaqvqm2we1y0mrjo0rjrhxx3howquyyiqynhmzt&ex=b2100
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://rdr.rtbravo.com/brdr/p?i=v2lnaqvqm2we1y0mrjo0rjrhxx3howquyyiqynhmzt

Response headers

status
200
server
nginx/1.10.3 (Ubuntu)
date
Fri, 29 May 2020 13:14:44 GMT
content-type
text/html;charset=UTF-8
cache-control
no-cache
via
1.1 google
alt-svc
clear

Redirect headers

status
302
server
nginx/1.10.3 (Ubuntu)
date
Fri, 29 May 2020 13:14:44 GMT
content-type
text/html; charset=utf-8
content-length
276
surrogate-control
no-store
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
pragma
no-cache
expires
0
location
https://btwd.pushstakes.com/psh/sw.js?cb=289721634118397ball3v2lnaqvqm2we1y0mrjo0rjrhxx3howquyyiqynhmzt&ex=b2100
vary
Accept
via
1.1 google
alt-svc
clear
firebase-app.js
www.gstatic.com/firebasejs/5.5.7/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/5.5.7/firebase-app.js
Requested by
Host: btwd.pushstakes.com
URL: https://btwd.pushstakes.com/psh/sw.js?cb=289721634118397ball3v2lnaqvqm2we1y0mrjo0rjrhxx3howquyyiqynhmzt&ex=b2100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d632b3c9689bdabf6e0f30cbc6f496bc690c9c4aa4574cf6322a3e2c36de5f45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://btwd.pushstakes.com/psh/sw.js?cb=289721634118397ball3v2lnaqvqm2we1y0mrjo0rjrhxx3howquyyiqynhmzt&ex=b2100
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 May 2020 07:23:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 01 Nov 2018 22:05:34 GMT
server
sffe
age
798681
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12419
x-xss-protection
0
expires
Thu, 20 May 2021 07:23:23 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/5.5.7/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/5.5.7/firebase-messaging.js
Requested by
Host: btwd.pushstakes.com
URL: https://btwd.pushstakes.com/psh/sw.js?cb=289721634118397ball3v2lnaqvqm2we1y0mrjo0rjrhxx3howquyyiqynhmzt&ex=b2100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55b61bb491d81d60e6c1aa84b59bfc94e96cbbf510138720c2e1536c7ebd1ba8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://btwd.pushstakes.com/psh/sw.js?cb=289721634118397ball3v2lnaqvqm2we1y0mrjo0rjrhxx3howquyyiqynhmzt&ex=b2100
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 May 2020 07:58:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 01 Nov 2018 22:05:34 GMT
server
sffe
age
1142145
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10096
x-xss-protection
0
expires
Sun, 16 May 2021 07:58:59 GMT
imp
get.securedcdn.com/lp/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.securedcdn.com/lp/imp?v=2&s=pushallow&uid=289721634118397ball3v2lnaqvqm2we1y0mrjo0rjrhxx3howquyyiqynhmzt
Requested by
Host: btwd.pushstakes.com
URL: https://btwd.pushstakes.com/psh/sw.js?cb=289721634118397ball3v2lnaqvqm2we1y0mrjo0rjrhxx3howquyyiqynhmzt&ex=b2100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.12.92 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
92.12.211.130.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
3472becb476319975b893bfda816c007c49c2c08ac84c1f464008f2fe6dd6f0c

Request headers

Referer
https://btwd.pushstakes.com/psh/sw.js?cb=289721634118397ball3v2lnaqvqm2we1y0mrjo0rjrhxx3howquyyiqynhmzt&ex=b2100
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 May 2020 13:14:44 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
etag
W/"205c-Xo/bh/z5kTE33h7e7rEh/A6HM5Q"
surrogate-control
no-store
content-type
text/javascript; charset=utf-8
status
200
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
alt-svc
clear
content-length
8284
expires
0
signup
get.securedcdn.com/sub/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.securedcdn.com/sub/signup?a=b2100&lp=pushallow&vid=v2lnaqvqm2we1y0mrjo0rjrhxx3howquyyiqynhmzt
Requested by
Host: btwd.pushstakes.com
URL: https://btwd.pushstakes.com/psh/sw.js?cb=289721634118397ball3v2lnaqvqm2we1y0mrjo0rjrhxx3howquyyiqynhmzt&ex=b2100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.12.92 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
92.12.211.130.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e0be0c764f4a77affb63a8515b59d47fd5b5f998ddebeba65af8128a9b85790f

Request headers

Referer
https://btwd.pushstakes.com/psh/sw.js?cb=289721634118397ball3v2lnaqvqm2we1y0mrjo0rjrhxx3howquyyiqynhmzt&ex=b2100
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 May 2020 13:14:44 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
etag
W/"276b-jEwo2yXUAv2hpuqeBWpvGeokuvk"
surrogate-control
no-store
content-type
text/javascript; charset=utf-8
status
200
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
alt-svc
clear
content-length
10091
expires
0
get
imp.plsnotifyme.com/feed/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://imp.plsnotifyme.com/feed/get?v=2&s=pushallow&uid=289721634118397ball3v2lnaqvqm2we1y0mrjo0rjrhxx3howquyyiqynhmzt
Requested by
Host: get.securedcdn.com
URL: https://get.securedcdn.com/lp/imp?v=2&s=pushallow&uid=289721634118397ball3v2lnaqvqm2we1y0mrjo0rjrhxx3howquyyiqynhmzt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.4 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
4.123.201.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://btwd.pushstakes.com/psh/sw.js?cb=289721634118397ball3v2lnaqvqm2we1y0mrjo0rjrhxx3howquyyiqynhmzt&ex=b2100
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| core object| __core-js_shared__ object| firebase object| _0x27cb function| _0x15e1 string| impurl string| lpt boolean| dc string| tmpuid string| dt number| imm number| immg string| cur_hostname object| host_parts function| setc function| getc function| delc object| bimgs function| rem function| go function| _0x47da00 string| uuid string| rr_p string| os function| bba function| cb boolean| ismobile function| isfcs function| makeid function| parseQuery object| scripts object| myScript string| queryString object| params string| aprm boolean| ex function| getCookie function| setCookie function| getParameterByName string| vidid string| cacheb object| cbparts function| inIframe object| isfcs_intvl undefined| start_nfcs function| handle_uids function| rr object| config

0 Cookies