urlscan.io logo urlscan.io
SecurityTrails logo

total-protection.tech Open in urlscan Pro
80.89.234.128  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bambooshopsale3.xyz/event_7f6157ca-655a-1ffe-132e-7c49fe02fd1e_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2...
Effective URL: https://total-protection.tech/usa/totalav/?_subid=1hsl7m7av1he&_token=uuid_1hsl7m7av1he_1hsl7m7av1he65f367985c7462.17867111&af...
Submission: On March 14 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 10 domains to perform 14 HTTP transactions. The main IP is 80.89.234.128, located in and belongs to . The main domain is total-protection.tech.
TLS certificate: Issued by R3 on March 14th 2024. Valid for: 3 months.
This is the only time total-protection.tech was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 9 173.214.240.15 15317 (SERVEREL-AS)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2 199.182.164.180 15317 (SERVEREL-AS)
2 2 2a02:b4a:1:8:... 39572 (ADVANCEDH...)
2 45.133.44.33 39572 (ADVANCEDH...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
5 80.89.234.128 ()
14 6
9    173.214.240.15 (United States)

ASN15317 (SERVEREL-AS, US)
PTR: 173.214.240.15.serverel.net
bambooshopsale3.xyz
freetrckr.com
articlessea4.xyz
1    2607:f8b0:4006:823::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    199.182.164.180 (United States)

ASN15317 (SERVEREL-AS, US)
PTR: 180.164.182.199.serverel.net
xml.ppctraffic.co
2    2a02:b4a:1:8::9309:1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
ibyppn.xyz
2    45.133.44.33 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
i.wmgtr.com
2    2607:f8b0:4006:80d::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:3035::6815:3cfb (United States)

ASN13335 (CLOUDFLARENET, US)
heiner.fun
5    80.89.234.128 (None, )

ASN- ()
total-protection.tech
Apex Domain
Subdomains		 Transfer
5 total-protection.tech
total-protection.tech
49 KB
4 freetrckr.com
freetrckr.com — Cisco Umbrella Rank: 736582
1 KB
3 articlessea4.xyz
articlessea4.xyz
2 KB
2 gstatic.com
fonts.gstatic.com
31 KB
2 wmgtr.com
i.wmgtr.com — Cisco Umbrella Rank: 20595
43 KB
2 ibyppn.xyz
ibyppn.xyz — Cisco Umbrella Rank: 47598
427 B
2 ppctraffic.co
xml.ppctraffic.co
242 B
2 bambooshopsale3.xyz
bambooshopsale3.xyz
607 B
1 heiner.fun
heiner.fun
941 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 38
1 KB
14 10
Domain Requested by
5 total-protection.tech articlessea4.xyz
total-protection.tech
4 freetrckr.com 4 redirects
3 articlessea4.xyz 1 redirects articlessea4.xyz
2 fonts.gstatic.com fonts.googleapis.com
2 i.wmgtr.com articlessea4.xyz
2 ibyppn.xyz 2 redirects
2 xml.ppctraffic.co 2 redirects
2 bambooshopsale3.xyz 2 redirects
1 heiner.fun 1 redirects
1 fonts.googleapis.com articlessea4.xyz
14 10

This site contains no links.

Subject Issuer Validity Valid
shopavdig3.xyz
R3		 2024-01-22 -
2024-04-21		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
i.wmgtr.com
R3		 2024-02-20 -
2024-05-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
total-protection.tech
R3		 2024-03-14 -
2024-06-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://total-protection.tech/usa/totalav/?_subid=1hsl7m7av1he&_token=uuid_1hsl7m7av1he_1hsl7m7av1he65f367985c7462.17867111&aff_sub=1hsl7m7av1he&pixel=s744
Frame ID: 47ABC4BFE0136D10E6EE528D34E5DE50
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://bambooshopsale3.xyz/event_7f6157ca-655a-1ffe-132e-7c49fe02fd1e_101_0_3000?payload=jtdcjtiyacuymi... HTTP 301
    https://bambooshopsale3.xyz/event_7f6157ca-655a-1ffe-132e-7c49fe02fd1e_101_0_3000?payload=jtdcjtiyacuymi... HTTP 302
    https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://articlessea4.xyz/sw_4eed716e-5567-5fb8-ed58-847f43eea37c_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJT... Page URL
  2. https://xml.ppctraffic.co/click?s=1&tid=338&sid=25eea133c4da55d800568d1cc8720c41&rnd=468409494 HTTP 302
    https://ibyppn.xyz/dsp/ph/clcm?aid=2018649073043392127&mid=0&t=1710450579&s=1178094&sid=744 HTTP 302
    https://heiner.fun/6RXRMBNY?keyword=key_6&cost=0.0050&currency=usd&external_id=s4_2018649073043... HTTP 302
    https://total-protection.tech/usa/totalav/?_subid=1hsl7m7av1he&_token=uuid_1hsl7m7av1he_1hsl7m7av1he65f367... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

14
Requests

79 %
HTTPS

50 %
IPv6

10
Domains

10
Subdomains

6
IPs

2
Countries

127 kB
Transfer

321 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bambooshopsale3.xyz/event_7f6157ca-655a-1ffe-132e-7c49fe02fd1e_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0lwvintzjnjy0zdk0nzdmntvmmgi5ytazmjfhyjy0yme3ltmyodutmc4wmdaynjglmjilnuqln0q%3d&t=1710360740734&rnd=932488649&js=...~311~...3cgr3x2fsbf9pdcuymiu3ra==&if=1 HTTP 301
    https://bambooshopsale3.xyz/event_7f6157ca-655a-1ffe-132e-7c49fe02fd1e_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0lwvintzjnjy0zdk0nzdmntvmmgi5ytazmjfhyjy0yme3ltmyodutmc4wmdaynjglmjilnuqln0q%3d&t=1710360740734&rnd=932488649&js=...~311~...3cgr3x2fsbf9pdcuymiu3ra==&if=1 HTTP 302
    https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://articlessea4.xyz/sw_4eed716e-5567-5fb8-ed58-847f43eea37c_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Page URL
  2. https://xml.ppctraffic.co/click?s=1&tid=338&sid=25eea133c4da55d800568d1cc8720c41&rnd=468409494 HTTP 302
    https://ibyppn.xyz/dsp/ph/clcm?aid=2018649073043392127&mid=0&t=1710450579&s=1178094&sid=744 HTTP 302
    https://heiner.fun/6RXRMBNY?keyword=key_6&cost=0.0050&currency=usd&external_id=s4_2018649073043392127_744_6_0&creative_id=1486454&ad_campaign_id=1178094&source=s744_200079&Country=US&Browser=Chrome&format=push&CONNECTION_TYPE=lan&zone_id=s744&sub=1&picture=Device_not_protected_2 HTTP 302
    https://total-protection.tech/usa/totalav/?_subid=1hsl7m7av1he&_token=uuid_1hsl7m7av1he_1hsl7m7av1he65f367985c7462.17867111&aff_sub=1hsl7m7av1he&pixel=s744 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://bambooshopsale3.xyz/event_7f6157ca-655a-1ffe-132e-7c49fe02fd1e_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0lwvintzjnjy0zdk0nzdmntvmmgi5ytazmjfhyjy0yme3ltmyodutmc4wmdaynjglmjilnuqln0q%3d&t=1710360740734&rnd=932488649&js=...~311~...3cgr3x2fsbf9pdcuymiu3ra==&if=1 HTTP 301
  • https://bambooshopsale3.xyz/event_7f6157ca-655a-1ffe-132e-7c49fe02fd1e_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0lwvintzjnjy0zdk0nzdmntvmmgi5ytazmjfhyjy0yme3ltmyodutmc4wmdaynjglmjilnuqln0q%3d&t=1710360740734&rnd=932488649&js=...~311~...3cgr3x2fsbf9pdcuymiu3ra==&if=1 HTTP 302
  • https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
  • https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
  • https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
  • https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
  • https://articlessea4.xyz/sw_4eed716e-5567-5fb8-ed58-847f43eea37c_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Request Chain 2
  • https://articlessea4.xyz/event_bd58f575-3f99-73ba-50bb-d0ab678d9f08_6_2595_2000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHBjdHJhZmZpYy5jbyUyRmljb24lM0ZzaWQlM0QyNWVlYTEzM2M0ZGE1NWQ4MDA1NjhkMWNjODcyMGM0MSUyNnJuZCUzRDcwMzUwNDg1Mg%3D%3D&t=1710450580156&rnd=676802795&i=1 HTTP 302
  • https://xml.ppctraffic.co/icon?sid=25eea133c4da55d800568d1cc8720c41&rnd=703504852 HTTP 302
  • https://ibyppn.xyz/dsp/ph/icm?aid=2018649073043392127&mid=0&sid=744&t=1710450579&subid=200079 HTTP 302
  • https://i.wmgtr.com/cic/vdZu6GAh_fDHGFenFSyC87HypWIsF4sI.png

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
sw_4eed716e-5567-5fb8-ed58-847f43eea37c_6_0_2000.js
articlessea4.xyz/
Redirect Chain
  • http://bambooshopsale3.xyz/event_7f6157ca-655a-1ffe-132e-7c49fe02fd1e_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0lwvintzjnjy0zdk0nzdmntvmmgi5ytaz...
  • https://bambooshopsale3.xyz/event_7f6157ca-655a-1ffe-132e-7c49fe02fd1e_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0lwvintzjnjy0zdk0nzdmntvmmgi5yta...
  • https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
  • https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
  • https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
  • https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
  • https://articlessea4.xyz/sw_4eed716e-5567-5fb8-ed58-847f43eea37c_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://articlessea4.xyz/sw_4eed716e-5567-5fb8-ed58-847f43eea37c_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
173.214.240.15.serverel.net
Software
nginx /
Resource Hash
23d51936d091ae7eea9be84a36d41f7137186b631b9db6b9bbb7b362821becd6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Thu, 14 Mar 2024 21:09:40 GMT
server
nginx

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-WoW64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
date
Thu, 14 Mar 2024 21:09:39 GMT
location
https://articlessea4.xyz/sw_4eed716e-5567-5fb8-ed58-847f43eea37c_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
server
nginx
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Requested by
Host: articlessea4.xyz
URL: https://articlessea4.xyz/sw_4eed716e-5567-5fb8-ed58-847f43eea37c_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aaf2f58682f990cd6895432eeb0e77ef17a2a17c797d38838520c9d87a220b66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://articlessea4.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 14 Mar 2024 21:09:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 14 Mar 2024 20:07:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 14 Mar 2024 21:09:40 GMT
vdZu6GAh_fDHGFenFSyC87HypWIsF4sI.png
i.wmgtr.com/cic/
Redirect Chain
  • https://articlessea4.xyz/event_bd58f575-3f99-73ba-50bb-d0ab678d9f08_6_2595_2000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHBjdHJhZmZpYy5jbyUyRmljb24lM0ZzaWQlM0QyNWVlYTEzM2M0ZGE1NWQ4MDA1NjhkMWNjODcyMGM0MSUyN...
  • https://xml.ppctraffic.co/icon?sid=25eea133c4da55d800568d1cc8720c41&rnd=703504852
  • https://ibyppn.xyz/dsp/ph/icm?aid=2018649073043392127&mid=0&sid=744&t=1710450579&subid=200079
  • https://i.wmgtr.com/cic/vdZu6GAh_fDHGFenFSyC87HypWIsF4sI.png
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.wmgtr.com/cic/vdZu6GAh_fDHGFenFSyC87HypWIsF4sI.png
Requested by
Host: articlessea4.xyz
URL: https://articlessea4.xyz/sw_4eed716e-5567-5fb8-ed58-847f43eea37c_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Server
45.133.44.33 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
7b2fb9bea932a098711124da472bee937c4ca4aafc4e113ca73c008c4be19763
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://articlessea4.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
Fri, 15 Mar 2024 20:09:42 GMT
date
Thu, 14 Mar 2024 21:09:42 GMT
server
nginx/1.19.0
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=82800
x-content-type-option
nosniff
x-xss-protection
1; mode=block
x-proxy-cache
HIT

Redirect headers

location
https://i.wmgtr.com/cic/vdZu6GAh_fDHGFenFSyC87HypWIsF4sI.png
date
Thu, 14 Mar 2024 21:09:41 GMT
accept-ch
Sec-CH-UA-Platform-Version
server
nginx/1.18.0
content-length
0
lut2X37olk8H9bQrY-XagrPubY0CaU1_.png
i.wmgtr.com/cim/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.wmgtr.com/cim/lut2X37olk8H9bQrY-XagrPubY0CaU1_.png
Requested by
Host: articlessea4.xyz
URL: https://articlessea4.xyz/sw_4eed716e-5567-5fb8-ed58-847f43eea37c_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.33 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
3137838469236890887352a8d8fb5d69abfd19115229b82e2ccae19a660d05a5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://articlessea4.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
Fri, 15 Mar 2024 20:09:40 GMT
date
Thu, 14 Mar 2024 21:09:40 GMT
server
nginx/1.19.0
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=82800
x-content-type-option
nosniff
x-xss-protection
1; mode=block
x-proxy-cache
HIT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://articlessea4.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 08:52:30 GMT
x-content-type-options
nosniff
age
130630
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Mar 2025 08:52:30 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://articlessea4.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 08:56:32 GMT
x-content-type-options
nosniff
age
130388
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Mar 2025 08:56:32 GMT
event_bd58f575-3f99-73ba-50bb-d0ab678d9f08_6_0_2000
articlessea4.xyz/ 		118 B
207 B 		Script
General
Check archive.org
Download Go to
Full URL
https://articlessea4.xyz/event_bd58f575-3f99-73ba-50bb-d0ab678d9f08_6_0_2000?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wcGN0cmFmZmljLmNvJTIyJTJDJTIydSUyMiUzQSU1QiUyMjMzOC0yNWVlYTEzM2M0ZGE1NWQ4MDA1NjhkMWNjODcyMGM0MS0yNTk1LTAuMDAxOCUyMiU1RCU3RA%3D%3D&t=1710450580156&rnd=13186949&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Requested by
Host: articlessea4.xyz
URL: https://articlessea4.xyz/sw_4eed716e-5567-5fb8-ed58-847f43eea37c_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
173.214.240.15.serverel.net
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 21:09:43 GMT
content-encoding
gzip
server
nginx
content-type
application/javascript
Primary Request /
total-protection.tech/usa/totalav/
Redirect Chain
  • https://xml.ppctraffic.co/click?s=1&tid=338&sid=25eea133c4da55d800568d1cc8720c41&rnd=468409494
  • https://ibyppn.xyz/dsp/ph/clcm?aid=2018649073043392127&mid=0&t=1710450579&s=1178094&sid=744
  • https://heiner.fun/6RXRMBNY?keyword=key_6&cost=0.0050&currency=usd&external_id=s4_2018649073043392127_744_6_0&creative_id=1486454&ad_campaign_id=1178094&source=s744_200079&Country=US&Browser=Chrome...
  • https://total-protection.tech/usa/totalav/?_subid=1hsl7m7av1he&_token=uuid_1hsl7m7av1he_1hsl7m7av1he65f367985c7462.17867111&aff_sub=1hsl7m7av1he&pixel=s744
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://total-protection.tech/usa/totalav/?_subid=1hsl7m7av1he&_token=uuid_1hsl7m7av1he_1hsl7m7av1he65f367985c7462.17867111&aff_sub=1hsl7m7av1he&pixel=s744
Requested by
Host: articlessea4.xyz
URL: https://articlessea4.xyz/event_bd58f575-3f99-73ba-50bb-d0ab678d9f08_6_0_2000?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wcGN0cmFmZmljLmNvJTIyJTJDJTIydSUyMiUzQSU1QiUyMjMzOC0yNWVlYTEzM2M0ZGE1NWQ4MDA1NjhkMWNjODcyMGM0MS0yNTk1LTAuMDAxOCUyMiU1RCU3RA%3D%3D&t=1710450580156&rnd=13186949&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.89.234.128 -, , ASN (),
Reverse DNS
Software
nginx/1.14.1 / PHP/7.4.33
Resource Hash
0886c012a7f4ade591bb4c314b5dd8c0893feb30f3d41e78d73e10440c3d520f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 14 Mar 2024 21:09:45 GMT
Server
nginx/1.14.1
Transfer-Encoding
chunked
X-Powered-By
PHP/7.4.33

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
86473f17ca515e62-EWR
content-type
text/html; charset=utf-8
date
Thu, 14 Mar 2024 21:09:44 GMT
expires
Thu, 14 Mar 2024 21:09:44 GMT
location
https://total-protection.tech/usa/totalav/?_subid=1hsl7m7av1he&_token=uuid_1hsl7m7av1he_1hsl7m7av1he65f367985c7462.17867111&aff_sub=1hsl7m7av1he&pixel=s744
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FqheRrJB2K8HI1WE0zPz%2Byy996Kfk2cOPwVOggkNzkBqHuVC%2BGMCK3xuYR1sZb6%2F%2B2mdsUcoOX%2FacnvGds0hwJ70XC5hEzlulqUidTwTRN6GFw7ArsrS0Vj2dr2eAJFcYeqs85me6G0G"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
bootstrap.min.css
total-protection.tech/usa/totalav/assets/bootstrap/css/ 		152 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://total-protection.tech/usa/totalav/assets/bootstrap/css/bootstrap.min.css
Requested by
Host: total-protection.tech
URL: https://total-protection.tech/usa/totalav/?_subid=1hsl7m7av1he&_token=uuid_1hsl7m7av1he_1hsl7m7av1he65f367985c7462.17867111&aff_sub=1hsl7m7av1he&pixel=s744
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.89.234.128 -, , ASN (),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
93e97c033a4a58b104478bedc72776471d953c090f360321d3cc8b58de408185

Request headers

accept-language
en-US,en;q=0.9
Referer
https://total-protection.tech/usa/totalav/?_subid=1hsl7m7av1he&_token=uuid_1hsl7m7av1he_1hsl7m7av1he65f367985c7462.17867111&aff_sub=1hsl7m7av1he&pixel=s744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 14 Mar 2024 21:09:45 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Mar 2024 08:05:25 GMT
Server
nginx/1.14.1
ETag
W/"65f2afc5-26014"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Fri, 15 Mar 2024 21:09:45 GMT
styles.css
total-protection.tech/usa/totalav/assets/css/ 		981 B
698 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://total-protection.tech/usa/totalav/assets/css/styles.css
Requested by
Host: total-protection.tech
URL: https://total-protection.tech/usa/totalav/?_subid=1hsl7m7av1he&_token=uuid_1hsl7m7av1he_1hsl7m7av1he65f367985c7462.17867111&aff_sub=1hsl7m7av1he&pixel=s744
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.89.234.128 -, , ASN (),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
a1225cfe27d10b2512e74b0306e40b0fb71ac91b37b676e6a323371f90414b16

Request headers

accept-language
en-US,en;q=0.9
Referer
https://total-protection.tech/usa/totalav/?_subid=1hsl7m7av1he&_token=uuid_1hsl7m7av1he_1hsl7m7av1he65f367985c7462.17867111&aff_sub=1hsl7m7av1he&pixel=s744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 14 Mar 2024 21:09:45 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Mar 2024 08:04:40 GMT
Server
nginx/1.14.1
ETag
W/"65f2af98-3d5"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Fri, 15 Mar 2024 21:09:45 GMT
logo-red8.png
total-protection.tech/usa/totalav/ 		0
0
jquery.min.js
total-protection.tech/usa/totalav/assets/js/ 		0
0
bootstrap.min.js
total-protection.tech/usa/totalav/assets/bootstrap/js/ 		77 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://total-protection.tech/usa/totalav/assets/bootstrap/js/bootstrap.min.js
Requested by
Host: total-protection.tech
URL: https://total-protection.tech/usa/totalav/?_subid=1hsl7m7av1he&_token=uuid_1hsl7m7av1he_1hsl7m7av1he65f367985c7462.17867111&aff_sub=1hsl7m7av1he&pixel=s744
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.89.234.128 -, , ASN (),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://total-protection.tech/usa/totalav/?_subid=1hsl7m7av1he&_token=uuid_1hsl7m7av1he_1hsl7m7av1he65f367985c7462.17867111&aff_sub=1hsl7m7av1he&pixel=s744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 14 Mar 2024 21:09:45 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Mar 2024 08:04:40 GMT
Server
nginx/1.14.1
ETag
W/"65f2af98-1332b"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Fri, 15 Mar 2024 21:09:45 GMT
-Animated-numbers-section-BS4-.js
total-protection.tech/usa/totalav/assets/js/ 		2 KB
936 B 		Script
General
Check archive.org
Download Go to
Full URL
https://total-protection.tech/usa/totalav/assets/js/-Animated-numbers-section-BS4-.js
Requested by
Host: total-protection.tech
URL: https://total-protection.tech/usa/totalav/?_subid=1hsl7m7av1he&_token=uuid_1hsl7m7av1he_1hsl7m7av1he65f367985c7462.17867111&aff_sub=1hsl7m7av1he&pixel=s744
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.89.234.128 -, , ASN (),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
2bcba9db0d098f40801b498088f1ce6e1a793e13de6336e15be6c2d3dfb098e8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://total-protection.tech/usa/totalav/?_subid=1hsl7m7av1he&_token=uuid_1hsl7m7av1he_1hsl7m7av1he65f367985c7462.17867111&aff_sub=1hsl7m7av1he&pixel=s744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 14 Mar 2024 21:09:45 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Mar 2024 08:04:40 GMT
Server
nginx/1.14.1
ETag
W/"65f2af98-6b4"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Fri, 15 Mar 2024 21:09:45 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
total-protection.tech
URL
https://total-protection.tech/usa/totalav/logo-red8.png
Domain
total-protection.tech
URL
https://total-protection.tech/usa/totalav/assets/js/jquery.min.js

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Domain/Path Name / Value
heiner.fun/ Name: _subid
Value: 1hsl7m7av1he
heiner.fun/ Name: f46c1
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjU3MlwiOjE3MTA0NTA1ODR9LFwiY2FtcGFpZ25zXCI6e1wiMTUxXCI6MTcxMDQ1MDU4NH0sXCJ0aW1lXCI6MTcxMDQ1MDU4NH0ifQ.Bk4Rn5YMdB4sm3nzdeMwScv3zjPsxf1l7tGFncZ1fLI
heiner.fun/ Name: _token
Value: uuid_1hsl7m7av1he_1hsl7m7av1he65f367985c7462.17867111