erthfeoveukr.xyz Open in urlscan Pro
172.67.174.20  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request lp Show response erthfeoveukr.xyz/	21 KB 5 KB	232ms 197ms	Document text/html	172.67.174.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://erthfeoveukr.xyz/lp?mas=MTczMjEJBwIEBQcEBgoCAAAFBQkEBwAATQgCAwYJAEsCBAQCAAsEAAAATwYGAwMLBAc%3D&fn=download&lpn=gpdl&diss=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.174.20 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 15047862f9ffb1b3f666d1326452fad36de9a5c70a1fc5b6ca1802b4802beb87 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-cache cf-cache-status DYNAMIC cf-ray 712b4ea5b8289042-FRA content-encoding br content-type text/html date Sun, 29 May 2022 01:02:54 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sW%2BslukjrRwrX7NY923WbN%2BI8M%2B3UT0N1OpS1H0WVXGbBnBC1%2FL5tFNVAHwOjiBGOeSA41mywA9mm2Ow0kkNvk4TajRc1FiVbqpTQpSd%2Fck9iDDymFzevE2QDJuIibendlmW"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	css.css lp.bttuu.xyz/templates/powerV2-notopframe/css/	7 KB 1 KB	402ms 168ms	Stylesheet text/css	2606:4700:3035::ac43:b49f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lp.bttuu.xyz/templates/powerV2-notopframe/css/css.css?family=Open+Sans:300,400,600&v=3 Requested by Host: erthfeoveukr.xyz URL: https://erthfeoveukr.xyz/lp?mas=MTczMjEJBwIEBQcEBgoCAAAFBQkEBwAATQgCAwYJAEsCBAQCAAsEAAAATwYGAwMLBAc%3D&fn=download&lpn=gpdl&diss=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:b49f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2265e200507b1207ec22eb06405cfd80e433e6de7665ae9c7f9ef61c375a78cd Request headers accept-language de-DE,de;q=0.9 Referer https://erthfeoveukr.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 29 May 2022 01:02:55 GMT content-encoding br cf-cache-status HIT last-modified Wed, 18 Aug 2021 10:30:56 GMT server cloudflare etag W/"611ce160-1d1c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O2BycHOlb24afLbA37aMzWtlZM3k2JSnkrvaDAfHiqedYIRvuliU8ggDYfPdA8hi3yn2ACDh%2BYQ4CUQcNrm8PpwXEvbbYd3I4S0IgLP%2B46u5WhL64fFzsr8KxTwcA%2BDNUs4z88tFZsxsMlc%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 712b4eaadce592a7-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.6.0/	87 KB 31 KB	28ms 7ms	Script text/javascript	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js Requested by Host: erthfeoveukr.xyz URL: https://erthfeoveukr.xyz/lp?mas=MTczMjEJBwIEBQcEBgoCAAAFBQkEBwAATQgCAwYJAEsCBAQCAAsEAAAATwYGAwMLBAc%3D&fn=download&lpn=gpdl&diss=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://erthfeoveukr.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sat, 28 May 2022 16:30:53 GMT content-encoding gzip x-content-type-options nosniff age 30721 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31017 x-xss-protection 0 last-modified Wed, 10 Mar 2021 14:28:09 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sun, 28 May 2023 16:30:53 GMT
GET H2	200	modernArrow5.png lp.bttuu.xyz/templates/powerV2-notopframe/img/	2 KB 2 KB	373ms 177ms	Image image/png	2606:4700:3035::ac43:b49f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lp.bttuu.xyz/templates/powerV2-notopframe/img/modernArrow5.png Requested by Host: erthfeoveukr.xyz URL: https://erthfeoveukr.xyz/lp?mas=MTczMjEJBwIEBQcEBgoCAAAFBQkEBwAATQgCAwYJAEsCBAQCAAsEAAAATwYGAwMLBAc%3D&fn=download&lpn=gpdl&diss=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:b49f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cb581c108e747e5625b80e92c27dc682a47ed4a2dc28a72684251a44c52c7518 Request headers accept-language de-DE,de;q=0.9 Referer https://erthfeoveukr.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 29 May 2022 01:02:55 GMT cf-cache-status HIT last-modified Wed, 18 Aug 2021 10:30:56 GMT server cloudflare etag "611ce160-86b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lFSLS6bUYRAgEIqdUrwTSkVOfveXuSdXkNrjLBfAfjs%2F36Rebx0WMCl7cfPlhWaCBLQZLup0QnRJiKWisrB9EyjIEagf8Ng37GxpKncRv0BLu%2BSwgjaZpIA7kLnWacb0pcPnuLpob8abAv4%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 712b4eaadce692a7-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2155
GET H2	200	iconNotify.png lp.bttuu.xyz/templates/powerV2-notopframe/img/	1 KB 2 KB	183ms 183ms	Image image/png	2606:4700:3035::ac43:b49f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lp.bttuu.xyz/templates/powerV2-notopframe/img/iconNotify.png Requested by Host: erthfeoveukr.xyz URL: https://erthfeoveukr.xyz/lp?mas=MTczMjEJBwIEBQcEBgoCAAAFBQkEBwAATQgCAwYJAEsCBAQCAAsEAAAATwYGAwMLBAc%3D&fn=download&lpn=gpdl&diss=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:b49f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 63922506fdbfb3ae80fdd5f314480e13c69fec443b88aaa37f7784715a4c77c6 Request headers accept-language de-DE,de;q=0.9 Referer https://erthfeoveukr.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 29 May 2022 01:02:55 GMT cf-cache-status HIT last-modified Wed, 18 Aug 2021 10:30:56 GMT server cloudflare etag "611ce160-568" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W7pHnHHu%2BwD9SmZGzzTRmlUzWkD5uSD3GuRFjE77aSgCIyi%2FZUn%2FjoatPuM%2B8yInpRfCIoqWgYn21%2BEcFkw8JDs%2BNJboCFtqeV%2BcXOTTeH5ROuBK0Q8TTM2TjBF56lEXBxZ48nh66pVTKyI%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 712b4eabedfd92a7-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1384
GET H2	200	fav.png lp.bttuu.xyz/templates/powerV2-notopframe/img/	3 KB 3 KB	181ms 181ms	Image image/png	2606:4700:3035::ac43:b49f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lp.bttuu.xyz/templates/powerV2-notopframe/img/fav.png Requested by Host: erthfeoveukr.xyz URL: https://erthfeoveukr.xyz/lp?mas=MTczMjEJBwIEBQcEBgoCAAAFBQkEBwAATQgCAwYJAEsCBAQCAAsEAAAATwYGAwMLBAc%3D&fn=download&lpn=gpdl&diss=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:b49f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6173e85de5ab45ef8a1894ff4b3edccd79add6ef47683aa7ee637750ac0de1ce Request headers accept-language de-DE,de;q=0.9 Referer https://erthfeoveukr.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 29 May 2022 01:02:55 GMT cf-cache-status HIT last-modified Wed, 18 Aug 2021 10:30:56 GMT server cloudflare etag "611ce160-b68" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qnystVVouxzETFWEEaJfE3TmhwyT7L%2FXOvWsiJihbdxeMx46zlv%2BAaVygusJqr4yME0P%2FOED726PLkY0PdQpV80D7y7ahxyy44kJAooSb2YNTu0GqLvEXVwBmipfo9S4P1RwC3dfZsCV2Co%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 712b4eabfe1392a7-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2920
GET H2	200	addToChrome.png lp.bttuu.xyz/templates/powerV2-notopframe/img/	2 KB 2 KB	639ms 639ms	Image image/png	2606:4700:3035::ac43:b49f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lp.bttuu.xyz/templates/powerV2-notopframe/img/addToChrome.png Requested by Host: erthfeoveukr.xyz URL: https://erthfeoveukr.xyz/lp?mas=MTczMjEJBwIEBQcEBgoCAAAFBQkEBwAATQgCAwYJAEsCBAQCAAsEAAAATwYGAwMLBAc%3D&fn=download&lpn=gpdl&diss=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:b49f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5bd7f6b63ad65fa954268fecce982051c2a9cc4d45e48d6fd3940c543ca97906 Request headers accept-language de-DE,de;q=0.9 Referer https://erthfeoveukr.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 29 May 2022 01:02:55 GMT cf-cache-status HIT last-modified Wed, 18 Aug 2021 10:30:56 GMT server cloudflare etag "611ce160-7fb" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d3J6dtL8S1oACUldFM9VYr9oQ00USkoVDddOR0Q1%2FOddnsX%2BwCB6bhZUUKtigL1GZ6d8kNCSIcnVg81sM1Zu0qE5fD0voR2DF0emxQ1p%2F2L7LiM7Zy7dkGGZ53n15W%2Fp9%2FsMhf1a4XuMDt8%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 712b4eabfe1492a7-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2043
GET H3	200	bg.png lp.bttuu.xyz/templates/powerV2-notopframe/img/	32 KB 33 KB	182ms 181ms	Image image/png	2606:4700:3035::ac43:b49f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lp.bttuu.xyz/templates/powerV2-notopframe/img/bg.png Requested by Host: erthfeoveukr.xyz URL: https://erthfeoveukr.xyz/lp?mas=MTczMjEJBwIEBQcEBgoCAAAFBQkEBwAATQgCAwYJAEsCBAQCAAsEAAAATwYGAwMLBAc%3D&fn=download&lpn=gpdl&diss=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:b49f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash caf0dde56fbf9cb78777d8154fafee7bf6b3133b253ceda469f5e3b279ab8b61 Request headers accept-language de-DE,de;q=0.9 Referer https://erthfeoveukr.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 29 May 2022 01:02:55 GMT cf-cache-status HIT last-modified Wed, 18 Aug 2021 10:30:56 GMT server cloudflare etag "611ce160-81c6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=adM4Kt51nuiHVtNWkO7WVRjJBhDvUISbZ%2FRi7OSxFYsFsmwNXMzpUeBIaIJU4MTEzU%2FxmBOkljVw%2FjMXo3zCFp9JkJBsf%2Fsf7WnieREXnKs%2FXAgLnsN6coeHsYJKLdx6GLvR0ZjpJRlR5Eo%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 712b4eac0e76929b-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 33222
GET H2	200	download.iso metotreatwit.xyz/	0 0	760ms 720ms	Document application/octet-stream	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://metotreatwit.xyz/download.iso?e=1 Requested by Host: erthfeoveukr.xyz URL: https://erthfeoveukr.xyz/lp?mas=MTczMjEJBwIEBQcEBgoCAAAFBQkEBwAATQgCAwYJAEsCBAQCAAsEAAAATwYGAwMLBAc%3D&fn=download&lpn=gpdl&diss=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://erthfeoveukr.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control max-age=14400, s-maxage=1800 cf-cache-status EXPIRED cf-ray 712b4eac4aee9028-FRA content-encoding br content-type text/plain date Sun, 29 May 2022 01:02:56 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" last-modified Sat, 28 May 2022 19:01:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=InMlFnVAGRop4TFJF51fGe%2FXZloaWnARz1WqToPnkZ%2FG5tLwmVDAgFsre8OGjZtQUnzAaUqB1C%2FpRp11pG6HVRYjhiwQLD59MA8yqiLzwR5UxfLoUnhOeorGVWK7uxqRZ9Nv"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation function| $ function| jQuery boolean| cwswindowclosed undefined| oldCWSLeft undefined| oldCWSTop function| Yes function| No boolean| shake function| myMove function| myMove1 object| addTimer object| myVar function| startAutoDownload boolean| enableAuto string| next_url

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://erthfeoveukr.xyz/lp?mas=MTczMjEJBwIEBQcEBgoCAAAFBQkEBwAATQgCAwYJAEsCBAQCAAsEAAAATwYGAwMLBAc%3D&fn=download&lpn=gpdl&diss=0 Message: Mixed Content: The page at 'https://erthfeoveukr.xyz/lp?mas=MTczMjEJBwIEBQcEBgoCAAAFBQkEBwAATQgCAwYJAEsCBAQCAAsEAAAATwYGAwMLBAc%3D&fn=download&lpn=gpdl&diss=0' was loaded over HTTPS, but requested an insecure element 'http://lp.bttuu.xyz/templates/powerV2-notopframe/img/modernArrow5.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://erthfeoveukr.xyz/lp?mas=MTczMjEJBwIEBQcEBgoCAAAFBQkEBwAATQgCAwYJAEsCBAQCAAsEAAAATwYGAwMLBAc%3D&fn=download&lpn=gpdl&diss=0 Message: Mixed Content: The page at 'https://erthfeoveukr.xyz/lp?mas=MTczMjEJBwIEBQcEBgoCAAAFBQkEBwAATQgCAwYJAEsCBAQCAAsEAAAATwYGAwMLBAc%3D&fn=download&lpn=gpdl&diss=0' was loaded over HTTPS, but requested an insecure element 'http://lp.bttuu.xyz/templates/powerV2-notopframe/img/modernArrow5.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://erthfeoveukr.xyz/lp?mas=MTczMjEJBwIEBQcEBgoCAAAFBQkEBwAATQgCAwYJAEsCBAQCAAsEAAAATwYGAwMLBAc%3D&fn=download&lpn=gpdl&diss=0 Message: Mixed Content: The page at 'https://erthfeoveukr.xyz/lp?mas=MTczMjEJBwIEBQcEBgoCAAAFBQkEBwAATQgCAwYJAEsCBAQCAAsEAAAATwYGAwMLBAc%3D&fn=download&lpn=gpdl&diss=0' was loaded over HTTPS, but requested an insecure element 'http://lp.bttuu.xyz/templates/powerV2-notopframe/img/iconNotify.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://erthfeoveukr.xyz/lp?mas=MTczMjEJBwIEBQcEBgoCAAAFBQkEBwAATQgCAwYJAEsCBAQCAAsEAAAATwYGAwMLBAc%3D&fn=download&lpn=gpdl&diss=0 Message: Mixed Content: The page at 'https://erthfeoveukr.xyz/lp?mas=MTczMjEJBwIEBQcEBgoCAAAFBQkEBwAATQgCAwYJAEsCBAQCAAsEAAAATwYGAwMLBAc%3D&fn=download&lpn=gpdl&diss=0' was loaded over HTTPS, but requested an insecure element 'http://lp.bttuu.xyz/templates/powerV2-notopframe/img/fav.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://erthfeoveukr.xyz/lp?mas=MTczMjEJBwIEBQcEBgoCAAAFBQkEBwAATQgCAwYJAEsCBAQCAAsEAAAATwYGAwMLBAc%3D&fn=download&lpn=gpdl&diss=0 Message: Mixed Content: The page at 'https://erthfeoveukr.xyz/lp?mas=MTczMjEJBwIEBQcEBgoCAAAFBQkEBwAATQgCAwYJAEsCBAQCAAsEAAAATwYGAwMLBAc%3D&fn=download&lpn=gpdl&diss=0' was loaded over HTTPS, but requested an insecure element 'http://lp.bttuu.xyz/templates/powerV2-notopframe/img/addToChrome.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://erthfeoveukr.xyz/lp?mas=MTczMjEJBwIEBQcEBgoCAAAFBQkEBwAATQgCAwYJAEsCBAQCAAsEAAAATwYGAwMLBAc%3D&fn=download&lpn=gpdl&diss=0 Message: Mixed Content: The page at 'https://erthfeoveukr.xyz/lp?mas=MTczMjEJBwIEBQcEBgoCAAAFBQkEBwAATQgCAwYJAEsCBAQCAAsEAAAATwYGAwMLBAc%3D&fn=download&lpn=gpdl&diss=0' was loaded over HTTPS, but requested an insecure element 'http://lp.bttuu.xyz/templates/powerV2-notopframe/img/fav.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://erthfeoveukr.xyz/lp?mas=MTczMjEJBwIEBQcEBgoCAAAFBQkEBwAATQgCAwYJAEsCBAQCAAsEAAAATwYGAwMLBAc%3D&fn=download&lpn=gpdl&diss=0 Message: Mixed Content: The page at 'https://erthfeoveukr.xyz/lp?mas=MTczMjEJBwIEBQcEBgoCAAAFBQkEBwAATQgCAwYJAEsCBAQCAAsEAAAATwYGAwMLBAc%3D&fn=download&lpn=gpdl&diss=0' was loaded over HTTPS, but requested an insecure element 'http://lp.bttuu.xyz/templates/powerV2-notopframe/img/iconNotify.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://erthfeoveukr.xyz/lp?mas=MTczMjEJBwIEBQcEBgoCAAAFBQkEBwAATQgCAwYJAEsCBAQCAAsEAAAATwYGAwMLBAc%3D&fn=download&lpn=gpdl&diss=0(Line 821) Message: Mixed Content: The page at 'https://erthfeoveukr.xyz/lp?mas=MTczMjEJBwIEBQcEBgoCAAAFBQkEBwAATQgCAwYJAEsCBAQCAAsEAAAATwYGAwMLBAc%3D&fn=download&lpn=gpdl&diss=0' was loaded over HTTPS, but requested an insecure element 'http://lp.bttuu.xyz/templates/powerV2-notopframe/img/modernArrow5.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://erthfeoveukr.xyz/lp?mas=MTczMjEJBwIEBQcEBgoCAAAFBQkEBwAATQgCAwYJAEsCBAQCAAsEAAAATwYGAwMLBAc%3D&fn=download&lpn=gpdl&diss=0(Line 821) Message: Mixed Content: The page at 'https://erthfeoveukr.xyz/lp?mas=MTczMjEJBwIEBQcEBgoCAAAFBQkEBwAATQgCAwYJAEsCBAQCAAsEAAAATwYGAwMLBAc%3D&fn=download&lpn=gpdl&diss=0' was loaded over HTTPS, but requested an insecure element 'http://lp.bttuu.xyz/templates/powerV2-notopframe/img/modernArrow5.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://erthfeoveukr.xyz/lp?mas=MTczMjEJBwIEBQcEBgoCAAAFBQkEBwAATQgCAwYJAEsCBAQCAAsEAAAATwYGAwMLBAc%3D&fn=download&lpn=gpdl&diss=0(Line 821) Message: Mixed Content: The page at 'https://erthfeoveukr.xyz/lp?mas=MTczMjEJBwIEBQcEBgoCAAAFBQkEBwAATQgCAwYJAEsCBAQCAAsEAAAATwYGAwMLBAc%3D&fn=download&lpn=gpdl&diss=0' was loaded over HTTPS, but requested an insecure element 'http://lp.bttuu.xyz/templates/powerV2-notopframe/img/iconNotify.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://erthfeoveukr.xyz/lp?mas=MTczMjEJBwIEBQcEBgoCAAAFBQkEBwAATQgCAwYJAEsCBAQCAAsEAAAATwYGAwMLBAc%3D&fn=download&lpn=gpdl&diss=0(Line 821) Message: Mixed Content: The page at 'https://erthfeoveukr.xyz/lp?mas=MTczMjEJBwIEBQcEBgoCAAAFBQkEBwAATQgCAwYJAEsCBAQCAAsEAAAATwYGAwMLBAc%3D&fn=download&lpn=gpdl&diss=0' was loaded over HTTPS, but requested an insecure element 'http://lp.bttuu.xyz/templates/powerV2-notopframe/img/fav.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://erthfeoveukr.xyz/lp?mas=MTczMjEJBwIEBQcEBgoCAAAFBQkEBwAATQgCAwYJAEsCBAQCAAsEAAAATwYGAwMLBAc%3D&fn=download&lpn=gpdl&diss=0(Line 821) Message: Mixed Content: The page at 'https://erthfeoveukr.xyz/lp?mas=MTczMjEJBwIEBQcEBgoCAAAFBQkEBwAATQgCAwYJAEsCBAQCAAsEAAAATwYGAwMLBAc%3D&fn=download&lpn=gpdl&diss=0' was loaded over HTTPS, but requested an insecure element 'http://lp.bttuu.xyz/templates/powerV2-notopframe/img/addToChrome.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://erthfeoveukr.xyz/lp?mas=MTczMjEJBwIEBQcEBgoCAAAFBQkEBwAATQgCAwYJAEsCBAQCAAsEAAAATwYGAwMLBAc%3D&fn=download&lpn=gpdl&diss=0(Line 821) Message: Mixed Content: The page at 'https://erthfeoveukr.xyz/lp?mas=MTczMjEJBwIEBQcEBgoCAAAFBQkEBwAATQgCAwYJAEsCBAQCAAsEAAAATwYGAwMLBAc%3D&fn=download&lpn=gpdl&diss=0' was loaded over HTTPS, but requested an insecure element 'http://lp.bttuu.xyz/templates/powerV2-notopframe/img/fav.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://erthfeoveukr.xyz/lp?mas=MTczMjEJBwIEBQcEBgoCAAAFBQkEBwAATQgCAwYJAEsCBAQCAAsEAAAATwYGAwMLBAc%3D&fn=download&lpn=gpdl&diss=0(Line 821) Message: Mixed Content: The page at 'https://erthfeoveukr.xyz/lp?mas=MTczMjEJBwIEBQcEBgoCAAAFBQkEBwAATQgCAwYJAEsCBAQCAAsEAAAATwYGAwMLBAc%3D&fn=download&lpn=gpdl&diss=0' was loaded over HTTPS, but requested an insecure element 'http://lp.bttuu.xyz/templates/powerV2-notopframe/img/iconNotify.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://erthfeoveukr.xyz/lp?mas=MTczMjEJBwIEBQcEBgoCAAAFBQkEBwAATQgCAwYJAEsCBAQCAAsEAAAATwYGAwMLBAc%3D&fn=download&lpn=gpdl&diss=0(Line 824) Message: Mixed Content: The page at 'https://erthfeoveukr.xyz/lp?mas=MTczMjEJBwIEBQcEBgoCAAAFBQkEBwAATQgCAwYJAEsCBAQCAAsEAAAATwYGAwMLBAc%3D&fn=download&lpn=gpdl&diss=0' was loaded over HTTPS, but requested an insecure element 'http://lp.bttuu.xyz/templates/powerV2-notopframe/img/bg.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
erthfeoveukr.xyz
lp.bttuu.xyz
metotreatwit.xyz
172.67.174.20
188.114.97.3
2606:4700:3035::ac43:b49f
2a00:1450:4001:812::200a
15047862f9ffb1b3f666d1326452fad36de9a5c70a1fc5b6ca1802b4802beb87
2265e200507b1207ec22eb06405cfd80e433e6de7665ae9c7f9ef61c375a78cd
5bd7f6b63ad65fa954268fecce982051c2a9cc4d45e48d6fd3940c543ca97906
6173e85de5ab45ef8a1894ff4b3edccd79add6ef47683aa7ee637750ac0de1ce
63922506fdbfb3ae80fdd5f314480e13c69fec443b88aaa37f7784715a4c77c6
caf0dde56fbf9cb78777d8154fafee7bf6b3133b253ceda469f5e3b279ab8b61
cb581c108e747e5625b80e92c27dc682a47ed4a2dc28a72684251a44c52c7518
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e