urlscan.io logo urlscan.io
SecurityTrails logo

cpcontacts.jiotvonline.com Open in urlscan Pro
45.87.41.89  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cpcontacts.jiotvonline.com/
Effective URL: http://cpcontacts.jiotvonline.com/error.html
Submission: On November 01 via api from IN — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 15 domains to perform 29 HTTP transactions. The main IP is 45.87.41.89, located in Groningen, Netherlands and belongs to SPECTRAIP SpectraIP B.V., NL. The main domain is cpcontacts.jiotvonline.com.
This is the only time cpcontacts.jiotvonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 45.87.41.89 62068 (SPECTRAIP...)
5 2a00:1450:400... 15169 (GOOGLE)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
3 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
2 78.46.33.196 24940 (HETZNER-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:b4a:1:7:... 39572 (ADVANCEDH...)
1 2a02:b4a:1:7:... 39572 (ADVANCEDH...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:b4a:1:7:... 39572 (ADVANCEDH...)
1 109.206.168.17 50245 (SERVEREL-AS)
4 4 109.206.162.121 50245 (SERVEREL-AS)
4 2606:4700:303... 13335 (CLOUDFLAR...)
29 14
3    45.87.41.89 (Groningen, Netherlands)

ASN62068 (SPECTRAIP SpectraIP B.V., NL)
PTR: 45-87-41-89.static.pwxs.net
cpcontacts.jiotvonline.com
5    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:3037::ac43:ae0b (United States)

ASN13335 (CLOUDFLARENET, US)
fasty11.site
1    2606:4700:3034::6815:584e (United States)

ASN13335 (CLOUDFLARENET, US)
fasty11.site
3    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
www1.btc747.xyz
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
nwwais.com
4    2606:4700:3032::6815:1a12 (United States)

ASN13335 (CLOUDFLARENET, US)
1337x1.wb4.xyz
2    78.46.33.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.33.46.78.clients.your-server.de
ad.a-ads.com
static.a-ads.com
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a02:b4a:1:7::9165:1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
tdmrfw.com
1    2a02:b4a:1:7::5647:1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
wivyiz.com
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a02:b4a:1:7::9274:1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
ptxhzp.com
1    109.206.168.17 (United States)

ASN50245 (SERVEREL-AS, US)
PTR: 109.206.168.17.serverel.net
jswww.net
4    109.206.162.121 (United States)

ASN50245 (SERVEREL-AS, US)
PTR: 121.162.serverel.net
cdnid.net
4    2606:4700:3038::6815:ea49 (United States)

ASN13335 (CLOUDFLARENET, US)
imcdn.co
Apex Domain
Subdomains		 Transfer
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
336 KB
4 imcdn.co
imcdn.co — Cisco Umbrella Rank: 128750
15 KB
4 cdnid.net
cdnid.net — Cisco Umbrella Rank: 26233
1 KB
4 wb4.xyz
1337x1.wb4.xyz
30 KB
3 btc747.xyz
www1.btc747.xyz
3 KB
3 jiotvonline.com
cpcontacts.jiotvonline.com
4 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
41 KB
2 a-ads.com
ad.a-ads.com — Cisco Umbrella Rank: 34375
static.a-ads.com — Cisco Umbrella Rank: 45230
427 KB
2 fasty11.site
fasty11.site
1 KB
1 jswww.net
jswww.net — Cisco Umbrella Rank: 603951
19 KB
1 ptxhzp.com
ptxhzp.com — Cisco Umbrella Rank: 110531
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
1 wivyiz.com
wivyiz.com — Cisco Umbrella Rank: 100799
1 tdmrfw.com
tdmrfw.com — Cisco Umbrella Rank: 96098
157 B
1 nwwais.com
nwwais.com — Cisco Umbrella Rank: 99841
25 KB
29 15
Domain Requested by
5 www.googletagmanager.com cpcontacts.jiotvonline.com
www1.btc747.xyz
www.googletagmanager.com
1337x1.wb4.xyz
4 imcdn.co srcdoc
4 cdnid.net 4 redirects
4 1337x1.wb4.xyz www1.btc747.xyz
1337x1.wb4.xyz
3 www1.btc747.xyz cpcontacts.jiotvonline.com
3 cpcontacts.jiotvonline.com 1 redirects cpcontacts.jiotvonline.com
2 www.google-analytics.com www.googletagmanager.com
2 fasty11.site 2 redirects
1 jswww.net 1337x1.wb4.xyz
1 ptxhzp.com nwwais.com
1 pagead2.googlesyndication.com nwwais.com
1 wivyiz.com nwwais.com
1 tdmrfw.com nwwais.com
1 static.a-ads.com ad.a-ads.com
1 ad.a-ads.com www1.btc747.xyz
1 nwwais.com www1.btc747.xyz
29 16

This site contains no links.

Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
btc747.xyz
E1		 2023-09-30 -
2023-12-29		 3 months crt.sh
nwwais.com
GTS CA 1P5		 2023-09-25 -
2023-12-24		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-03-18 -
2024-03-17		 a year crt.sh
*.a-ads.com
Sectigo ECC Domain Validation Secure Server CA		 2022-12-21 -
2024-01-21		 a year crt.sh
tdmrfw.com
R3		 2023-09-20 -
2023-12-19		 3 months crt.sh
wivyiz.com
R3		 2023-09-21 -
2023-12-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
ptxhzp.com
R3		 2023-09-20 -
2023-12-19		 3 months crt.sh
jswww.net
R3		 2023-10-08 -
2024-01-06		 3 months crt.sh

This page contains 5 frames:

Primary Page: http://cpcontacts.jiotvonline.com/error.html
Frame ID: 3028B1CE2DDD61C0358CD267CC851254
Requests: 3 HTTP requests in this frame

Frame: https://www1.btc747.xyz/2023/10/queens-piper-plays-bagpipes-at-funeral_26.html
Frame ID: 78715D4E3CE6484058ABC94CDF60CCD6
Requests: 12 HTTP requests in this frame

Frame: https://1337x1.wb4.xyz/2019/05/allu-palak-k-pakore.html
Frame ID: 82134E722C2885229785AAC13630EA41
Requests: 8 HTTP requests in this frame

Frame: https://ad.a-ads.com/2238604?size=300x250
Frame ID: B4F61547E192FF0D69374FC9BCD0F31A
Requests: 3 HTTP requests in this frame

Frame: https://imcdn.co/C7yCeVzEPrIohRfaGQ9iouOV80bjBFe4BwmbZkVM.png
Frame ID: 4DA93F15D311D291C493FE35109C8AE5
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

404 Page Not Found

Page URL History Show full URLs

  1. http://cpcontacts.jiotvonline.com/ HTTP 302
    http://cpcontacts.jiotvonline.com/error.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

29
Requests

76 %
HTTPS

75 %
IPv6

15
Domains

16
Subdomains

14
IPs

3
Countries

900 kB
Transfer

1678 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cpcontacts.jiotvonline.com/ HTTP 302
    http://cpcontacts.jiotvonline.com/error.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • http://fasty11.site/red2.php?rand=zK58ef10c5de4a076729be91cfeb784bc2&id=27 HTTP 301
  • https://fasty11.site/red2.php?rand=zK58ef10c5de4a076729be91cfeb784bc2&id=27 HTTP 302
  • https://www1.btc747.xyz/submit.php
Request Chain 25
  • https://cdnid.net/b2/l/i/icon?cid=1&did=YkVPTEg&eid=10592&n=e5cda44c99703c3097c0b889&nid=1&sid=tLAaw9T6y6g4GUDVavEEOT7kPUvRDYkqFWyivbClLdbO9C30PhWA2ZkII14q2KTXICxJqiFdn4evaTcTuJzRRPQY0SI5tZG6fGJw8qjwg7Ue8wwtAGNEkuRsaTcfk5ogjcfqej0I1XuFL3WfZzJ8fOuv8cuR8iYtmBspyDpNXfGp0pWxhAJW%2BU%2B3f1qs2JJsH0bJpD%2BgiJV1wj%2BqSETI0AIovCzO0PiIRhurZAaytNQ8TPTD2COrASWGrJ%2FPkS6HkjyCGiqoL17f2FfNiI2I1GsrFjrw6LI2FatOotV8mzoGPRHkTWBP2EOg3Uy5qKkB2n2tgPIg2Jq2kvEZryqEkqrEgjZd27txvoHfC95gXaxmwhIVjgFrec7AO9uqVFwVE3Il8BjzQK%2FJ2HCjH0%2BU%2BFviev8x4b15aEHgybKAky9mCF4IHVCI6hJJuuOphf51N5K73Sy0Ar6g1Mh7Ey5Ebc6sceZRAuJ1PG1Bans90V48nQCuSwNAJ3Y%2B0q1DQK7qqD3CO0hd%2Fky6kScDxWFooGRmwzZiu1zB7peOSr9i0VzFEM%2BpWJEyLJ50KhMfYolNTnYxGOL6B2pEB89q3Zzc9IoPekeAw%2BoFa9wlt4mmJEwCdMmdHjXnxqCLHoUXK6CnRH%2BSpeDzTCnZQYCeD4sZZBy6xoH5YqOiA2bSPu69PyFr%2B1zbggxn%2B4N5c0gQWug1Oafds9KOomAR8Y64nB%2BHLpLIk5GGEmPowT6gLb3EN%2FNEtyhAYtDjACWwXMuxHBp1tYe7tBmq4r3I3%2FP%2BWsS%2B4lA78jcdcMcjag%2BIZmjHsKwx1sGA9DQ43ahfvQDP9K%2B1%2Fy2cdwUWVwe75picDmvMnrOxs8GF9HGPY4N%2Bxa4ub5iPYNBFkPXhFGT5c60lnZcnjlxYNhErkR7PKPj%2FVzuUNV3%2BN8KFDjpZzbf6MOXJvkjEcw4B1iZ8wQN5%2BEerEyk8flXcb07%2BaAh%2BG3qqH8Q3jpFBQVGwLWU1KMIDhNv6X1HpHwNxrWyaqpma2YU4TlbEr%2FwrH%2FEi2w8VWQ6QcBwrbw81C9VICHnzAyHabP7CCjo8A3p%2FgksWntuVMR7PI9cY6QNsgqybp%2B5aP0XYXOTwdG%2FRJB0cxVkTQmvaPzwR07IkHFNrd0tqJh7atPsD7Sz6%2FXVQsDHOxDnK5cX6Dhj2folMZLyVLNZSo%2FXoeBzKNj3w34BaLdj%2BFj5PfwWO2dVZEfzZxpnGhZO7cBs9vHFVgbgywbQ7S85y8ZMzirUJKFbezsUn9zKW79tf0wXgmAlkFocUXFefFzKsDE7HP7tdbjN0fsrFsg8%2FISVGHJWUOuXVqnGcPQ9anaX0ZQyLqvyq6ouRanUaDNoYAyFugbp2ZMsjocF6s%2BbAUfX0eeO%2FR4FGVdzi8As%2BGDPylVj95i7vnfWGADgtTwuf8xM6jua92eZj7O0P0K48UT58YtqNtu9mf2qRs2TYbQ8oawdzVMbBil4v3GgmwSghsvC4TjuGPa6XsUZuqNDejqANGT%2BiovN%2FFRruNAO7eOOsZuEoVpCZRnWHyQItBPoLgcIc2OnlYY3BProdYLAYWFaRT63sz0Ml1GkT8048Hac2G5uLg54LugK8aJR0gy1ytrRXMEcutCBWz%2BpBoiDydfmdo6Yj1oRei8kR0Mxdu6ipc9JeBAtlypK1Sr36V8sxI33lehYUgbKGKHwD0M5gyOL7V03cUZFqPJKtPvBKDqBxJNz%2F3ZFtDnl%2B2D%2F%2BjkgblS0pKIA6pGaXit6nZZLxW5HR%2FB7DBr%2FjYgpzRtEDe3rcSMZ67H%2Fm6jFppwXxVeUNoraE9mHR6oFSLnzojCuo6%2FdiQhxzsM7Ov7qtIwKx6VGj99%2FCtDLE3UDD0096Kzbh36WUZa4JypM9oCQ&ssid=3301188556FbDjLOMK&ts=1698804244&ttl=7200&v=v5.8.5.1 HTTP 302
  • https://imcdn.co/C7yCeVzEPrIohRfaGQ9iouOV80bjBFe4BwmbZkVM.png
Request Chain 26
  • https://cdnid.net/b2/l/i/icon?cid=1&did=RGVkVm0&eid=10592&n=a436c939e9081221b4e29a4c&nid=1&sid=iDQkrZPWN0IAjb2MQ8lPhMvWQOhCu%2BWfnfbEWEjuGlsxl%2FOdxIClq4ZNOv9sytUyuOJxL88ifsp2nugYuwmXsj7nSjxmX5epSgzFS0qzfTCiT3HNezruKccW12llFRNgAiWFB3rByTv2HWHBO%2B%2BLGeDPsJqzQOjoAQ9OLxL73JWgOYvulelGpxh1Y4mDOaE%2FyDKjODGd%2BAYmk5Sf1v9WViFnIJKvq8hfh0DrRYDGjndvi3Txph5JsmjJd%2BTvPhFKz4%2F%2BaBJSxTqJIGBcTJzd7OMQjs0C%2Ft9Vji%2F4uSDHDANvPoIJaOpEw0SLVk3ornIIjPJKcNDo5gej%2BV8rpxPr0EHoQrZaCWCSlxE9Wo157%2FhojRZLRHuRTqmCZDv%2B6gSkXH8G48bbfCd7fs1x2%2BxBDdPn9Wc2Suq0fPA8du1oTm6L9XUm9I6%2FST3YmbAyUPe6nUj3HCyHaPsLsNPhr2ueeX%2FKZxAd9fK00K4i9acN27pApDz36tmrZjVfrMAq5oZRlVjO%2FZw3XX2DOfpeXMzpygGj4wWS%2BEM1310b39KMgHhfwDVwLhdufqn5P1WQiwnFgeGJ6hHa%2F156s2F%2B5J1FCOrVXEcC1HNuyXwYprXQqkVTUmVXPj86KlTWZ51K5tKQ9K3zCEaH%2BGVcClc%2BjuPFuftOShDing2GMufx%2BVsYNVV26RQQj%2F502i3WM0rYCYyel7xdhGVrMcQEH%2FHNUEzf1nz08xWDCNvlSOtevQXIFEXtMDi%2FJByhOsACnR2qNZVVv4EgYYvV8oZwoxMgl0UUAZxPSDbV%2BcUAv2%2FON4av2Qm2bc4zTPq5yOsHrXW0kGVGSjRZzDqF87HlntWQ7BgKyhM%2BxlTANgK88aVMu234t1DSY09kUSawxCDQ8LBDP2xWLpOIuuWQAQenO17Qz8rjPGiSiuZCoyDM%2FEa2%2Fic8Jz4KEo28Vj9V6lc7SKuynGfoxRtalTuxl%2BhOfz37oVshB1%2Fz3BjhioFnYAvDsoih1icuvMtM6gCKnrYPC9utz2ihpSsSHv19vHxOkh78kc6U%2Fn2Z4RqlMJlX7R7P77AVBkL5bU5f7pwvsBWttvR78VVIZ5U3eG6U%2B8Fsd0u1k5y3LxKq0kAruVhEn0zJ2w7edkmYxuG%2F9fW6f7BEFjtb193mYrRAL%2BHpMyZgL6Ucll3peCfVlDmlcTtIxyOLzu%2BQ75yNxdrKJu2elPtZkt4c4FS2yO0KzRgpphlRiqn8wOmMghb60mTAtZWmhe6RRnBcTAGpJj%2BHbrO2hsdNiH7VX6rsqBxXBVDhEFD5j49Y%2BBpc%2BoLOvOPnWA3b7sXyQgLptiQ3YfB4uV7Wazv3irMGyf2jrnCd6emnpe7I1lQHoL2UcA3Ac674LC7Iv5Omxli1rK7cF3BSLVjVrKtMBztywECfEyAADmd7PEbJYlV2kW3WXJLyXLhM1y1sWGv1%2BmEwMZ6hv4IPs6vcndKdCfyUUvo5ECwkOW%2B0dAWAUqwxBRtukWk%2FtmxDbZHARkFPwuLrys9JHdMJ5xSsmmNy%2FRh7kkfFddFUIne1seOgR%2Fs8q0wHaR599vjfGlXjM3JWP%2FA6AdxK0pbxJfZOcBz6F45QCaXh4TI%2FK1HLy%2Bvja0KVYYX1x7ZFZDx0SiwKOSb82I1A%2F4U2Sw%2BjPitucDscMKsG3Eg8yjfg3FjfqTq0f64I7r%2FmRw4NnXimmNj%2Bv02uhPHkxXAgcu8lzpId6ZYyK%2BIi0eTKMwQYUIdW90GMh5dua0BPPZM1%2BHY%2FG3gLMAeuTary9ipBTpcoJlFL3RvQttCj%2FX%2FGMvwMMFhKlpJCIWnWoGWBQ0g1msSkTGr2xOJCAmg7V3jbWot5v%2FRtgtySm0E0ryCumKQdSzAklIOnFl5S%2B1xpTx9Ssuc&ssid=3301188556TarLldWn&ts=1698804244&ttl=7200&v=v5.8.5.1 HTTP 302
  • https://imcdn.co/317urqDu1FufnzaNFh4vUEsN6jaiUstzubSxWhhc.png
Request Chain 27
  • https://cdnid.net/b2/l/i/icon?cid=1&did=WF9RRHA&eid=10592&n=867407055ea457fcaa5ee214&nid=1&sid=ngaf%2Bk4mY8kKs8%2FLcxmRhZ%2FwIq2NdR3Hz5k1zm1hiq3U56X1phDRZFfUPcifca5MiapFj86n3KqGoxuDJYsQWozQN0rNp7tazSA9PTg4dziWvl3p0VRJzcJohv9Qzx9c8W1YUYw9mEyYllO9Q2QrE4HM1vhe122cyVkzETmaOoMm3tzlL8FtWcJaLtLMsLNZ7exLa5pA57ZiEJockCODMipJwSGYbMnhyHPbEgDEY4WXjnltWXv2Fyrcp%2BRSAwOK%2F8e8tIjuDBlFVd9rueoCWoFv7pnZ3Zvn512TpTD%2FjRmNkCcjdWsbvTopGvl23okSCeH7fG1XhHL2vUuKDJYhzPf1ia%2BQqUTQGlAOi4hCiJy8OZfYiL6%2BdgMI4XR5Hn5C7qcQRF0e5pNH2ryOVxYz0FwRs4N%2BBdXZguuxdwWPz%2F%2By8q0BTEG6wg06mcaDKOVa38fWKHrU3CWYOYWQVYpZKhNJdYdBQkJox%2BUPmvketnr1Qb3P9T6D%2FuO3pfGpn3w7eOlxInLAjDNuLi4Ip6XwKzSrnrFkqzmeuzNrqu9BlZMpfsdomkySUHvG4Hw%2Bc4B0v47VHdxV86005qUDMsoa2ljxZ8K6kkNHo58LsxluKlMMB9XrhCwIolEhwc9jT9oSZCubg7Fv%2FBcqwna8YRrChzEOGX2cofcF38iKdLUvPROCZkPJ52ayFBgf5pkI8M3QA4Mlt5RlZthJ5JCrvbZa2EvvVBu4QcECGa2L6lgL8HLPXrt6ZFhCEi3OAXbSGIzBl%2B0TfAjx52RXsBFLZyTstAkmIMa14I%2FHdkczxMlTIIxmgLSdNcReovdCArQXTav%2BW9ED57OJ9bQD9tB2ZdfBmGrhcwED3BU%2FRf1jpmEuHGr0J87FsmU2TgVAlohyHEmB%2BgA6hEA3doMBFadnY9qMzToJtD7WiwQHqBpMwi2FqZ0jlsH%2FHwH1c8ULww5Q2whiz6j1UUDaJvElW8hxgsGuoSdCMXehmlKvv1p058EXCQCNzQc9Dnn2%2B4MkGMorTGIq2Zw3fZT6S9V%2BX7L4IVWKN47U9i%2FcCL8Srb5W8G%2ByzcS3Gxgcn1wkdos7ELclVXFZC%2FArVd3eH7X%2FdQfoSIBWN%2FX%2FCprLs8Sygy3CNf7v%2BI5%2F%2FaM%2FGpHgtbC1arEpF%2FpQHh%2BrLV68tEJM%2B%2B7yDn0zvaTCtZA%2BC2iYJNmPbdKs0lesEyNDWu1lzVQ8OxX6my8UnhXgPvHEU5GqPgr%2FgfdUKfpMvY53xO05ohtB3UC0Om4LnnI8T4vSGsdTnyA9reWf2c6rB%2BwZPXlvknryD%2FyFZAX6uZxxYRbJC%2BhXclXTvoxrBxk1gMNZRDx%2F4frSxgudVqfubFoTvhtvoiFT%2FxX0qQmqcB6WcS%2BnXFP06Wpcctb%2BZ9Fqeua2FsRPQKb89TPuMdNsmNEhMI0gFLz3VfyzMrHBOUUiuwC%2BkvIAEUoRU1dEq5%2FZ5Ys7bRsekxDOpbiApoNKfKu%2F65LOZ%2BrFpk5GncDLvsDYJpoLjxonoo9%2FqvvyKNSFp%2FS19Oyo655HSzmzFDN3GXikiAKv4%2FJk9sfmkOCsIHMbnSUVYA%2FIzYfgTPG5kRVSiPNjXxwDlSuUM31Y%2F6mpk4GGdBuUvh3WRLXtQhrAR3eDwiY4SrhJUahaRP45q9YvA3N9zTMpZqr4%2FTCPF6wyBdmIhf8elYNvesS7prvOP3un0O04Q1FDCZ0vOUOchJksat0oQU%2F7f6xO0Ds6WjkEHGLgIXV0wc4kWcRkESLVDf2jf2YWh0OATeeO2Og4VePXmkqKFSVuAGJUAQMNNRK4%2Fiic2Oeh8xrbLaETn6Vm4B9bAPI0wbqEkhYHWo86k9okbo5q5uUgnELkgfQxkDOhTXaTU6CIhu%2FgTZVzJAjVAFE&ssid=3301188556SEnPVQEs&ts=1698804244&ttl=7200&v=v5.8.5.1 HTTP 302
  • https://imcdn.co/ptbWgmjzFLnMOFJ6D7aDV0X6NmUQ9MLDVEbEeNUp.png
Request Chain 28
  • https://cdnid.net/b2/l/i/icon?cid=1&did=f21wbGo&eid=10592&n=cde56b301d15218cb9b29ab9&nid=1&sid=coeSvpsOvFoyXndZsnGq7B%2BtNe1LorxJ1PdnF7hS194UNzumvIviJYwxbBrGJuuZY6ADc0h0OO1Ge%2Ftd6uMvA7YwCvP4Z6A5z1adKwdXwfy2VybQA4DXDtRF9taHmn%2BSA98fec4RufsJJkyLBcTMt6nfK7r3rvBSFcpap3oNtpm8KNilcZh3rhcSnqlzllJX4ceeGoEzw6FcYsVXFCC5tuPmrNoa7WnEe8J7XMMbrgkvMJqBs8fn%2BQNitdhO%2FARdTpO%2Fqf6iqdFqnmi0NPrUmBofzgoEdaD6qE9r3ivb7%2BE%2BRC%2FoDyutf7Uo0e0fFj9%2B2Fr9kC2sh%2FKY3DKEDqA0T4RjxQMYj%2Bmj%2FQKaBsyTwU2kiFSp8WEmYxCW1M1e%2BHq0m9ta8GUKc6N4dgk7nqERjYC1JEL6jgNPA9R4G6HvPIKfcRlVB5ZbnQ16T82BjCfjBb%2FkOrWtZE5a31%2BCHc%2BweVbBA3CNeIa77oDaH37ZttvGTezGrD2xQv3fk3Tm4FRGE1CfPJbh3jcVng%2Fc2HGzSOw6iA081Uj2Pg%2BQBVgcRDtyeJRQTs9xxkfpJxlZVlhzz8%2B0emHnz94PwHbEsUoN4KWtfmxif4iGFsGVDrwe5pfBrUVzawlW2oPpCEEAhCsv3x9vCJc9Zpgrb9LmuTqLZNkVJ4b6QjN%2FX7cpqK4zrZAwS2i0HZdUIpXGPKSSvV2gruF7xxKLllNXZAqQbZq20FTGEqC%2BvdnvRymDeOuNrqK6DYTZm2fhjPtPZxoFWk6GZzk8hF7giay9vaXnpLRpbrD5r2M94LyyKB89PeWu5YN6f3z%2B5z%2B7cNss6OCEUFIt0XnlpvcsVX0OaGsdUb7%2F39JeTVe%2B76Bo3Z4116zGN3fyNb%2BvjYWCsr%2B0WIjJ5Yn3h0h5uBfpp9UB02HBBmIFzST1SMtVYWZtSxwlH%2BNg1nkMqXekrBXiTnDXzYj%2BCRaWj0uhkSJmeZNMVdHr71eSApjr0qQZA27i1AJPJxACHIZZz0%2FkXA%2Fm%2FeqLjRULNVu%2Frw7utGX7k3AzBF98nd5RUXKhsRrw%2FMyHc8DCvlVnOuCPbXIT74Bh%2FEyw2LtxSa3%2BNPMqm%2BcnpUGyhRjqGDa6av77nHjlwD4LERy4kj0qSbOMXM5a79xu4Ne2Chj6owWKoDZesVbALp0gGGdXzggc0ZObiy7vO%2BrYtFF%2FjoiLcVT2qQe0A%2Fb7e%2BB83VEdDpZdD5t1lCyD5ZXAhthDg4zwCV0EDRcYvOIYA26eePfAdOuJaMWue%2B8lq3OHajAZ9VcvfIZaH1SqvIzgmZU3EcOHETt7%2FHVhGWqYjk%2FpZvpqIagHw8U%2BvU5SNRwZHJY3YWXWCTLbPQWkYFtn5EtPpzrWebIsTN42z1nl9LQFzm8HqA%2Bb3q4iwtjTA9EiJvIKKNWnbv9iL7AS6SYhzoxE0IUyyq22UhlQJ%2F2ezh6pE7zieh42svZJ4JRISwitiALbgNRVFrSAFpcrbrqYK21W2LU1H3biqQsZTU%2FPVRaJcJvmdiKIFaA%2BONiOvdFCT1NnimVP8Tf1KHvDR7vZGJ3cVi3fo5r%2BFSzdi0znNkVesoycyFShJR4Qn32HuVd3pWfyUoXjM3lGKwokY8xwsXj2eE8iglu7hQyOeU9M%2FfOYblrou%2BucAleUkTOy4R%2BgyJFUfuJrh0nr2HcuwDrcp%2BHh8FwMjdSWqgeMBY5lCYh6TRRxWe8gmasTHQgJsywFGC4WAssci9oJGHuGkvXt6BvEtGeRwiKvpfxIs77RoD4kzzTQMPODAdEuAAxq8p9uC4x13kWsXv1yXRWHY4cJ8vCxGwmJFrRw561ODmFK1JGbR63ag07KJH9lvVpIS135bL%2BIoqp%2Bh0Girue2%2B0x88y4V%2FlR%2BU62Z&ssid=3301188556AnWwdpmi&ts=1698804244&ttl=7200&v=v5.8.5.1 HTTP 302
  • https://imcdn.co/bejQSVIT3PaBGuuhBCnOW6We8kgjEBVQNDYhU2pu.png

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request error.html
cpcontacts.jiotvonline.com/
Redirect Chain
  • http://cpcontacts.jiotvonline.com/
  • http://cpcontacts.jiotvonline.com/error.html
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://cpcontacts.jiotvonline.com/error.html
Protocol
HTTP/1.1
Server
45.87.41.89 Groningen, Netherlands, ASN62068 (SPECTRAIP SpectraIP B.V., NL),
Reverse DNS
45-87-41-89.static.pwxs.net
Software
nginx /
Resource Hash
66d7357299ce53873e06c6b8846b54eaf97dcd218f314ae81d405bd9d3bc82d5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 01 Nov 2023 02:04:02 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding Accept-Encoding

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 01 Nov 2023 02:04:01 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
location
/error.html
style.css
cpcontacts.jiotvonline.com/theme/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cpcontacts.jiotvonline.com/theme/style.css
Requested by
Host: cpcontacts.jiotvonline.com
URL: http://cpcontacts.jiotvonline.com/error.html
Protocol
HTTP/1.1
Server
45.87.41.89 Groningen, Netherlands, ASN62068 (SPECTRAIP SpectraIP B.V., NL),
Reverse DNS
45-87-41-89.static.pwxs.net
Software
nginx /
Resource Hash
a0271d5518cf46a6d41147226cd4d79f6541e0190824cb35a01225008f5ab114

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://cpcontacts.jiotvonline.com/error.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 02:04:02 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Aug 2020 22:34:53 GMT
Server
nginx
ETag
"118a-5adf7a954fd40-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1350
js
www.googletagmanager.com/gtag/ 		111 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=%gcode%
Requested by
Host: cpcontacts.jiotvonline.com
URL: http://cpcontacts.jiotvonline.com/error.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0fed720eee6cbae7b3b68ee624b4fa77d14740106028f0bd15ab9b86d1693c68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://cpcontacts.jiotvonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:04:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43906
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 00:23:37 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 01 Nov 2023 02:04:02 GMT
submit.php
www1.btc747.xyz/ Frame 7871
Redirect Chain
  • http://fasty11.site/red2.php?rand=zK58ef10c5de4a076729be91cfeb784bc2&id=27
  • https://fasty11.site/red2.php?rand=zK58ef10c5de4a076729be91cfeb784bc2&id=27
  • https://www1.btc747.xyz/submit.php
338 B
618 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www1.btc747.xyz/submit.php
Requested by
Host: cpcontacts.jiotvonline.com
URL: http://cpcontacts.jiotvonline.com/error.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
ac03b241013f29a29e2960d28b74ac3a15da00d084cc70fbb4595a0e4b734a3d

Request headers

Referer
http://cpcontacts.jiotvonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81f090929ee948c5-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 01 Nov 2023 02:04:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JH%2BF3yY1iqjtC0l3WST6Y%2B8QcCxde45aFkYXd7SjHtl5eXZEy%2Fyk3dZDXCVh9HkFTH5eKCMQbttV58sA9n7JQC9D3kb4Dg47gjDJcR%2FtTAElqkgAhJlNMrH%2BUvGuWerbZ8j2kNLbVXFzB3I3XX8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
81f09091dddc65c9-FRA
content-type
text/html; charset=UTF-8
date
Wed, 01 Nov 2023 02:04:02 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://www1.btc747.xyz/submit.php
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y1wO61wZ3xBHVN2I4mm3CwC1KE%2FdUv0RYQt%2B6cG6wlpd%2BizyuGLuWjz037OxjxBMOr6xcj0ePSAdNyu6hMeeVw%2BUYfAtd9nuly8oDzKHRBwoQRas3Zfl2OQjWioGRS9S7cjPWWCFKbmFDis%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
/
www1.btc747.xyz/ Frame 7871 		393 B
569 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www1.btc747.xyz/
Requested by
Host: cpcontacts.jiotvonline.com
URL: http://cpcontacts.jiotvonline.com/error.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
7c2f988f74cd036163c6ae49723920a22783bb1eaf300b4b025cb5cfa7b7bab7

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www1.btc747.xyz
Referer
https://www1.btc747.xyz/submit.php
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81f090932f5c48c5-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 01 Nov 2023 02:04:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8S356Nm8HYK4P8d6UxOQN9GBsEH5glllcoFTsZwVQ8C%2FwH8ixFsxEWtjAz6WB85StblD82TyubPiN%2Fv6Fpu9Yw6ZcGN4uLBw78GMQie%2B5TtgzvNJDcxxTO2tRsSiNwy1z65BN5CEUi6sWBXphys%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
queens-piper-plays-bagpipes-at-funeral_26.html
www1.btc747.xyz/2023/10/ Frame 7871 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www1.btc747.xyz/2023/10/queens-piper-plays-bagpipes-at-funeral_26.html
Requested by
Host: cpcontacts.jiotvonline.com
URL: http://cpcontacts.jiotvonline.com/error.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
0f596ffc226d3beeca17a489843f37142841f08fbbab3193e914ce81fd98b069

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www1.btc747.xyz
Referer
https://www1.btc747.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81f090937f2bbbfe-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 01 Nov 2023 02:04:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WbmOAAvDpOL7Gt%2Filj85MaKY8hVnHem%2FlxHcaicqVp2EIcreP2smTcyRxTxZTvD3ifpJ85ciN%2BGU8T0eCBY7S2U9oSnXDJeaE1zLUNpWqVZmtCR%2BQhGo6Czkx%2Brntb3ltPFowbXwBCyqlzDhWAE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
js
www.googletagmanager.com/gtag/ Frame 7871 		186 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-46789381-59
Requested by
Host: www1.btc747.xyz
URL: https://www1.btc747.xyz/2023/10/queens-piper-plays-bagpipes-at-funeral_26.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
391bbf337a28f9eb4da1002b625cec698bb9a92778da778f006d92af64a96fef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.btc747.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:04:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68770
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 00:23:37 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 01 Nov 2023 02:04:02 GMT
waWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsInNyYyI6Mn0=eyJ.js
nwwais.com/pw/ Frame 7871 		66 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nwwais.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsInNyYyI6Mn0=eyJ.js
Requested by
Host: www1.btc747.xyz
URL: https://www1.btc747.xyz/2023/10/queens-piper-plays-bagpipes-at-funeral_26.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b44b10cf6a262f79bb6fe511dc69adc1a9f9382217ffc69cf3177c70278d950e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.btc747.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:04:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 Nov 2023 01:40:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
e-tag
50d813d71a8e5384e8457c5478aea355
age
1385
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g2WyaT2bg77l7avKL8SLYL%2B0NMiY%2FjjmDyq%2BuSeyc0KTTFQhGlTr5fWugIt5WwApgW38KwkXQxveoIuu4F1pJB8Rir5DS9Q4f7Tp4Rn1wfCWGInHpZKgbQaHds%2BRRiddfy6BBHVLNZim"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://www2.btcx.sbs
cache-control
max-age=14400
cf-ray
81f090943ac6f188-CDG
alt-svc
h3=":443"; ma=86400
submit.php
1337x1.wb4.xyz/ Frame 8213 		1 KB
951 B 		Document
General
Check archive.org
Download Go to
Full URL
https://1337x1.wb4.xyz/submit.php
Requested by
Host: www1.btc747.xyz
URL: https://www1.btc747.xyz/2023/10/queens-piper-plays-bagpipes-at-funeral_26.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1a12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
99262cf14b9cc66dc28995a10253b7025649240b73a10bbc57f8d0cfd471bf56

Request headers

Referer
https://www1.btc747.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81f090944807d3c8-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 01 Nov 2023 02:04:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WPGFGIIXp%2FJenjFY%2FqsmMGvqZ9bCq71554GMo%2ByaDt4cN3CrXl%2Fzlt%2FUsZ17k5NRJzRlgHtIp83egyDEzVyO5u2GdRFfvCAApYVoDrfo4RwQW3IbR%2BHSknJDEoDqYDqexQA1QA9Tk22DkYpbMA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
2238604
ad.a-ads.com/ Frame B4F6 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/2238604?size=300x250
Requested by
Host: www1.btc747.xyz
URL: https://www1.btc747.xyz/2023/10/queens-piper-plays-bagpipes-at-funeral_26.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.46.33.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.33.46.78.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
c1cdfd08c301e3da3151cb37d0542c5366307824836c89bf0d94f4e53d4d2277
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www1.btc747.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Wed, 01 Nov 2023 02:04:02 GMT
server
nginx
status
200 OK
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-original-referer
https://www1.btc747.xyz/
x-powered-by
Phusion Passenger(R)
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ Frame 7871 		223 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4SD8J57M3L&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46789381-59
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5afc3c559faa4a6a4f6b03dee6bc6b37e83ac787d92fb3188d602521f01bf48a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.btc747.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:04:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80697
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 01 Nov 2023 02:04:02 GMT
analytics.js
www.google-analytics.com/ Frame 7871 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46789381-59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.btc747.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 01 Nov 2023 01:51:32 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
750
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 01 Nov 2023 03:51:32 GMT
300x250
static.a-ads.com/a-ads-banners/482548/ Frame B4F6 		421 KB
422 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/482548/300x250?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/2238604?size=300x250
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.46.33.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.33.46.78.clients.your-server.de
Software
nginx /
Resource Hash
5df927143c07282c19acd9628236dbe160d1e75df8860e74a208247b5d73264b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:04:02 GMT
x-amz-version-id
JwJW8XkNhW2b1P0REyAA2vXC6Cqu14bk
last-modified
Thu, 05 Oct 2023 18:09:32 GMT
server
nginx
x-amz-request-id
KR945BZGJGMBXCZB
etag
"9ed7d6368b6cb05c9616152de1e79d96"
x-amz-server-side-encryption
AES256
content-type
image/gif
cache-control
max-age=315360000
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
431413
x-amz-id-2
wQEJSPZIf4hd7BHcM+uDvh8YoPWDc0ya2oIKLEDn+zjXGDqaz3Qd3iP+nsrJQ6A9lYgHqFJKusY=
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ Frame B4F6 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/svg+xml
2579eb62-829b-46c8-b1fd-dcb85d3c3dde
https://www1.btc747.xyz/ Frame 7871 		91 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www1.btc747.xyz/2579eb62-829b-46c8-b1fd-dcb85d3c3dde
Requested by
Host: www1.btc747.xyz
URL: https://www1.btc747.xyz/2023/10/queens-piper-plays-bagpipes-at-funeral_26.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Length
91
Content-Type
application/javascript
wnload
tdmrfw.com/ Frame 7871 		0
157 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tdmrfw.com/wnload?a=1&e=aeyJwaWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsImQiOiJ3d3cyLmJ0Y3guc2JzIiwibGkiOjJ9&tz=1&if=1&u=aHR0cHM6Ly93d3cxLmJ0Yzc0Ny54eXovMjAyMy8xMC9xdWVlbnMtcGlwZXItcGxheXMtYmFncGlwZXMtYXQtZnVuZXJhbF8yNi5odG1s&inc=0
Requested by
Host: nwwais.com
URL: https://nwwais.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsInNyYyI6Mn0=eyJ.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a02:b4a:1:7::9165:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.btc747.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 01 Nov 2023 02:04:02 GMT
access-control-allow-credentials
true
server
nginx/1.18.0
accept-ch
Sec-CH-UA-Platform-Version
content-length
0
content-type
application/javascript; charset=utf-8
/
1337x1.wb4.xyz/ Frame 8213 		1 KB
835 B 		Document
General
Check archive.org
Download Go to
Full URL
https://1337x1.wb4.xyz/
Requested by
Host: www1.btc747.xyz
URL: https://www1.btc747.xyz/2023/10/queens-piper-plays-bagpipes-at-funeral_26.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1a12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
a4da196eae83e8f886e6f41f27a0bacd37749eb155314a11796e09dc42c7b9f6

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://1337x1.wb4.xyz
Referer
https://1337x1.wb4.xyz/submit.php
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81f09094f89ed3c8-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 01 Nov 2023 02:04:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OV2riUzRekN8GK78Rpg327oOCnNBvqkoEu4sHKWWcEnSWPcwkg7ZiuKB7khbZ%2FaFXJtajSjpSOOISKwMz3NniCP5bDthoC%2FKtMa01j%2Bu2HmsUit2JTJdSSzU62yKbFj5WEhV14GBSiowMbk%2BYg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
admc
wivyiz.com/ Frame 7871 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wivyiz.com/admc?a=2&pid=1051205&sid=1224016&wid=465053&fp=8aa49d19e79912b338eaba246804089b&f=8&tz=1
Requested by
Host: nwwais.com
URL: https://nwwais.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsInNyYyI6Mn0=eyJ.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a02:b4a:1:7::5647:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.btc747.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin
https://www1.btc747.xyz
date
Wed, 01 Nov 2023 02:04:02 GMT
access-control-allow-credentials
true
server
nginx/1.18.0
accept-ch
Sec-CH-UA-Platform-Version
content-length
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 7871 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: nwwais.com
URL: https://nwwais.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsInNyYyI6Mn0=eyJ.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.btc747.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:04:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51749
x-xss-protection
0
server
cafe
etag
12419995420448910354
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 02:04:02 GMT
allu-palak-k-pakore.html
1337x1.wb4.xyz/2019/05/ Frame 8213 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1337x1.wb4.xyz/2019/05/allu-palak-k-pakore.html
Requested by
Host: www1.btc747.xyz
URL: https://www1.btc747.xyz/2023/10/queens-piper-plays-bagpipes-at-funeral_26.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1a12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
8755d1fd36c53166803564e59ade8c8fd60e0a0492e90872cfd6cd19d31ce771

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://1337x1.wb4.xyz
Referer
https://1337x1.wb4.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81f090956aea1c89-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 01 Nov 2023 02:04:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vP%2Fe4ZiwkBjxXCz1xlHdUSJ8XR78nypd726ohJyst4ASfaLzA88xSujpoh2NDMfL4V1m0cC0QnlJnDNC%2FuJjgWYv95rJcpRvPCeoSUE%2F4Pk3YgJs90%2FxGtQTTcOPBvLhEyeAKrZ7UuRSp9AXQw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
js
www.googletagmanager.com/gtag/ Frame 8213 		186 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-46789381-49
Requested by
Host: 1337x1.wb4.xyz
URL: https://1337x1.wb4.xyz/2019/05/allu-palak-k-pakore.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c1d51560a04adce0ad338f55e6c7622d137c418d2171cdb321a25002a46e45d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1337x1.wb4.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:04:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68753
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 00:23:37 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 01 Nov 2023 02:04:02 GMT
script.js
1337x1.wb4.xyz/ Frame 8213 		90 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1337x1.wb4.xyz/script.js?t=20231012
Requested by
Host: 1337x1.wb4.xyz
URL: https://1337x1.wb4.xyz/2019/05/allu-palak-k-pakore.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1a12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
bb81c521c328cf4dce09e15b0f34795e68d447f46a0c4007084689d10b6f20e1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1337x1.wb4.xyz/2019/05/allu-palak-k-pakore.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:04:02 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 01 Nov 2023 02:00:11 GMT
server
cloudflare
age
231
x-powered-by
PHP/7.4.33
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5uuhTmhwE0TOUyB4AskN4wnXzgSRylRQL6tjYO1xeOcSUvR1idUOvpNbA87mMV1vrxXZGG%2BaYaqsaO%2FjVLMnyy39hYPo%2F7eC%2FF1a7N6lWh2z%2BOpoi53nBaKLbQmh%2FSjPwHQU%2FvARPzPjBiWEBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
81f09095bb211c89-AMS
alt-svc
h3=":443"; ma=86400
abs
ptxhzp.com/ Frame 7871 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ptxhzp.com/abs?f=8&wid=465053&di=nwwais.com&dl=tdmrfw.com&d=www1.btc747.xyz&lok=1&abf=0
Requested by
Host: nwwais.com
URL: https://nwwais.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsInNyYyI6Mn0=eyJ.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a02:b4a:1:7::9274:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.btc747.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 01 Nov 2023 02:04:02 GMT
access-control-allow-credentials
true
server
nginx/1.18.0
accept-ch
Sec-CH-UA-Platform-Version
content-length
0
js
www.googletagmanager.com/gtag/ Frame 8213 		223 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-32THDDHNK8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46789381-49
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a1a68ce7736e05a511bbd057a800e73c9295217ad14dc32e696f5adf4c3a041b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1337x1.wb4.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:04:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80826
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 01 Nov 2023 02:04:02 GMT
analytics.js
www.google-analytics.com/ Frame 8213 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46789381-49
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1337x1.wb4.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 01 Nov 2023 01:51:32 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
750
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 01 Nov 2023 03:51:32 GMT
w.js
jswww.net/ Frame 8213 		19 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jswww.net/w.js?isr=1&wtoken=98963dc7-1c2d-49d5-bc4b-859b47dfca0e&u=671488&t=2036&sid=1337x1.wb4.xyz&r=0.5843713159209416
Requested by
Host: 1337x1.wb4.xyz
URL: https://1337x1.wb4.xyz/script.js?t=20231012
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
109.206.168.17 , United States, ASN50245 (SERVEREL-AS, US),
Reverse DNS
109.206.168.17.serverel.net
Software
binder-v5.8.5.1 /
Resource Hash
e0963cfaf2f7d79318c2fbc7454d1444fba9de90b5a4c18e82092144cf6b1d56

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1337x1.wb4.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:04:03 GMT
x-response-code
20200
server
binder-v5.8.5.1
access-control-allow-methods
GET, POST
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
access-control-allow-headers
*
content-length
19617
C7yCeVzEPrIohRfaGQ9iouOV80bjBFe4BwmbZkVM.png
imcdn.co/ Frame 4DA9
Redirect Chain
  • https://cdnid.net/b2/l/i/icon?cid=1&did=YkVPTEg&eid=10592&n=e5cda44c99703c3097c0b889&nid=1&sid=tLAaw9T6y6g4GUDVavEEOT7kPUvRDYkqFWyivbClLdbO9C30PhWA2ZkII14q2KTXICxJqiFdn4evaTcTuJzRRPQY0SI5tZG6fGJw8q...
  • https://imcdn.co/C7yCeVzEPrIohRfaGQ9iouOV80bjBFe4BwmbZkVM.png
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imcdn.co/C7yCeVzEPrIohRfaGQ9iouOV80bjBFe4BwmbZkVM.png
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
2606:4700:3038::6815:ea49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4be01a163246691ecf0cdebed0e5620e8679e25ce2d3b457f5c1eafae413eeb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:04:05 GMT
cf-cache-status
HIT
last-modified
Sat, 07 Oct 2023 10:15:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2130527
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jsHm51K7sW4rbtWE3CfHIK9Lir6QM4n9SnoJEqZRjjLIGbAU%2FE2vPILEXNPz8IZhrhXMArHXR535Xkn3v9J9ubH1M2F0cgj8rax17PezbxK7g%2Fpfm41e8nFMPnUsy0HiyrpSc5aeUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
81f090a378c1b93c-AMS
alt-svc
h3=":443"; ma=86400
content-length
4028
expires
Mon, 06 Nov 2023 10:15:18 GMT

Redirect headers

location
https://imcdn.co/C7yCeVzEPrIohRfaGQ9iouOV80bjBFe4BwmbZkVM.png
date
Wed, 01 Nov 2023 02:04:04 GMT
referrer-policy
no-referrer, no-referrer
server
dspclick-v3.9.0
content-length
0
317urqDu1FufnzaNFh4vUEsN6jaiUstzubSxWhhc.png
imcdn.co/ Frame 4DA9
Redirect Chain
  • https://cdnid.net/b2/l/i/icon?cid=1&did=RGVkVm0&eid=10592&n=a436c939e9081221b4e29a4c&nid=1&sid=iDQkrZPWN0IAjb2MQ8lPhMvWQOhCu%2BWfnfbEWEjuGlsxl%2FOdxIClq4ZNOv9sytUyuOJxL88ifsp2nugYuwmXsj7nSjxmX5epSg...
  • https://imcdn.co/317urqDu1FufnzaNFh4vUEsN6jaiUstzubSxWhhc.png
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imcdn.co/317urqDu1FufnzaNFh4vUEsN6jaiUstzubSxWhhc.png
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
2606:4700:3038::6815:ea49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
375c4282102066862504f7dfc6bebdcae26b2f71f79854b9a35afb201f84cdb0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:04:05 GMT
cf-cache-status
HIT
last-modified
Fri, 13 Oct 2023 17:00:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1587841
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WcYsEaMnqDiBGdzIUTCzxCDB6PcYngMqJxudbdgA366eQWAk1PNFCOTyb0sgf8FEcVEG1NnNOPbmj17Kn33zYOUkwXr7s6CF%2FLzSmyAiz%2ForWXWL%2FgvJiU%2BIuyj%2B%2BtdYvd0r5n6opw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
81f090a378c5b93c-AMS
alt-svc
h3=":443"; ma=86400
content-length
4102
expires
Sun, 12 Nov 2023 17:00:04 GMT

Redirect headers

location
https://imcdn.co/317urqDu1FufnzaNFh4vUEsN6jaiUstzubSxWhhc.png
date
Wed, 01 Nov 2023 02:04:04 GMT
referrer-policy
no-referrer, no-referrer
server
dspclick-v3.9.0
content-length
0
ptbWgmjzFLnMOFJ6D7aDV0X6NmUQ9MLDVEbEeNUp.png
imcdn.co/ Frame 4DA9
Redirect Chain
  • https://cdnid.net/b2/l/i/icon?cid=1&did=WF9RRHA&eid=10592&n=867407055ea457fcaa5ee214&nid=1&sid=ngaf%2Bk4mY8kKs8%2FLcxmRhZ%2FwIq2NdR3Hz5k1zm1hiq3U56X1phDRZFfUPcifca5MiapFj86n3KqGoxuDJYsQWozQN0rNp7ta...
  • https://imcdn.co/ptbWgmjzFLnMOFJ6D7aDV0X6NmUQ9MLDVEbEeNUp.png
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imcdn.co/ptbWgmjzFLnMOFJ6D7aDV0X6NmUQ9MLDVEbEeNUp.png
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
2606:4700:3038::6815:ea49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92587924074928fb8370914c5721fe0719e52727f8f49b7fcc978eb8a52da78e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:04:05 GMT
cf-cache-status
HIT
last-modified
Thu, 12 Oct 2023 14:24:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1683546
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZqD6a3rjQIsiZBCXyJCBEC3uMm04uniBRymdsfI0rdJBtJjanor6MTlzx8uEaMLcspPk0vql%2FxRwUezVopjKQlqok1%2FPPmxB8YmiLsrsD9RPVg%2BukkE3WFkcRQngtCJN%2BQ1J3wC%2B%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
81f090a378c2b93c-AMS
alt-svc
h3=":443"; ma=86400
content-length
3970
expires
Sat, 11 Nov 2023 14:24:59 GMT

Redirect headers

location
https://imcdn.co/ptbWgmjzFLnMOFJ6D7aDV0X6NmUQ9MLDVEbEeNUp.png
date
Wed, 01 Nov 2023 02:04:04 GMT
referrer-policy
no-referrer, no-referrer
server
dspclick-v3.9.0
content-length
0
bejQSVIT3PaBGuuhBCnOW6We8kgjEBVQNDYhU2pu.png
imcdn.co/ Frame 4DA9
Redirect Chain
  • https://cdnid.net/b2/l/i/icon?cid=1&did=f21wbGo&eid=10592&n=cde56b301d15218cb9b29ab9&nid=1&sid=coeSvpsOvFoyXndZsnGq7B%2BtNe1LorxJ1PdnF7hS194UNzumvIviJYwxbBrGJuuZY6ADc0h0OO1Ge%2Ftd6uMvA7YwCvP4Z6A5z1...
  • https://imcdn.co/bejQSVIT3PaBGuuhBCnOW6We8kgjEBVQNDYhU2pu.png
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imcdn.co/bejQSVIT3PaBGuuhBCnOW6We8kgjEBVQNDYhU2pu.png
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
2606:4700:3038::6815:ea49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21dafeca44b6b541a338fa4e4aa993e54df8ae8523623885f00adfc7bb20c121

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:04:05 GMT
cf-cache-status
HIT
last-modified
Sat, 07 Oct 2023 01:48:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2160953
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EJzACmLDtTh90ck2F3sWfIgDL2aXWuHzeDfR%2FsKaqpKPuGBKbkDMG6Rm5MYp40BvRFxD2UrhX32Yi1dAky5zTPLaCGVZybCkY7MVs6SlC%2FUO69EMxPgo%2FypQs2tO9S5JbV%2BvhUD5nw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
81f090a378c4b93c-AMS
alt-svc
h3=":443"; ma=86400
content-length
1632
expires
Mon, 06 Nov 2023 01:48:12 GMT

Redirect headers

location
https://imcdn.co/bejQSVIT3PaBGuuhBCnOW6We8kgjEBVQNDYhU2pu.png
date
Wed, 01 Nov 2023 02:04:04 GMT
referrer-policy
no-referrer, no-referrer
server
dspclick-v3.9.0
content-length
0

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| gtag object| dataLayer object| google_tag_manager object| google_tag_data

1 Cookies

Domain/Path Name / Value
.cpcontacts.jiotvonline.com/ Name: cpcontacts_jiotvonline_com
Value: bajtdoun6selvrvckcrhll013t

1 Console Messages

Source Level URL
Text
network error URL: http://cpcontacts.jiotvonline.com/error.html
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1337x1.wb4.xyz
ad.a-ads.com
cdnid.net
cpcontacts.jiotvonline.com
fasty11.site
imcdn.co
jswww.net
nwwais.com
pagead2.googlesyndication.com
ptxhzp.com
static.a-ads.com
tdmrfw.com
wivyiz.com
www.google-analytics.com
www.googletagmanager.com
www1.btc747.xyz
109.206.162.121
109.206.168.17
2606:4700:3032::6815:1a12
2606:4700:3034::6815:584e
2606:4700:3037::ac43:ae0b
2606:4700:3038::6815:ea49
2a00:1450:4001:809::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a02:b4a:1:7::5647:1
2a02:b4a:1:7::9165:1
2a02:b4a:1:7::9274:1
2a06:98c1:3120::3
2a06:98c1:3121::3
45.87.41.89
78.46.33.196
0f596ffc226d3beeca17a489843f37142841f08fbbab3193e914ce81fd98b069
0fed720eee6cbae7b3b68ee624b4fa77d14740106028f0bd15ab9b86d1693c68
21dafeca44b6b541a338fa4e4aa993e54df8ae8523623885f00adfc7bb20c121
2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384
375c4282102066862504f7dfc6bebdcae26b2f71f79854b9a35afb201f84cdb0
391bbf337a28f9eb4da1002b625cec698bb9a92778da778f006d92af64a96fef
5afc3c559faa4a6a4f6b03dee6bc6b37e83ac787d92fb3188d602521f01bf48a
5df927143c07282c19acd9628236dbe160d1e75df8860e74a208247b5d73264b
66d7357299ce53873e06c6b8846b54eaf97dcd218f314ae81d405bd9d3bc82d5
7c2f988f74cd036163c6ae49723920a22783bb1eaf300b4b025cb5cfa7b7bab7
8755d1fd36c53166803564e59ade8c8fd60e0a0492e90872cfd6cd19d31ce771
92587924074928fb8370914c5721fe0719e52727f8f49b7fcc978eb8a52da78e
99262cf14b9cc66dc28995a10253b7025649240b73a10bbc57f8d0cfd471bf56
a0271d5518cf46a6d41147226cd4d79f6541e0190824cb35a01225008f5ab114
a1a68ce7736e05a511bbd057a800e73c9295217ad14dc32e696f5adf4c3a041b
a4da196eae83e8f886e6f41f27a0bacd37749eb155314a11796e09dc42c7b9f6
ac03b241013f29a29e2960d28b74ac3a15da00d084cc70fbb4595a0e4b734a3d
b44b10cf6a262f79bb6fe511dc69adc1a9f9382217ffc69cf3177c70278d950e
bb81c521c328cf4dce09e15b0f34795e68d447f46a0c4007084689d10b6f20e1
c1cdfd08c301e3da3151cb37d0542c5366307824836c89bf0d94f4e53d4d2277
c1d51560a04adce0ad338f55e6c7622d137c418d2171cdb321a25002a46e45d6
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0963cfaf2f7d79318c2fbc7454d1444fba9de90b5a4c18e82092144cf6b1d56
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4be01a163246691ecf0cdebed0e5620e8679e25ce2d3b457f5c1eafae413eeb