urlscan.io logo urlscan.io
SecurityTrails logo

www.totalav.com Open in urlscan Pro
34.36.182.36  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://xw.kjukenhi.in/
Effective URL: https://www.totalav.com/free-download
Submission: On November 18 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 10 domains to perform 61 HTTP transactions. The main IP is 34.36.182.36, located in and belongs to . The main domain is www.totalav.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 22nd 2022. Valid for: a year.
This is the only time www.totalav.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 103.224.182.246 133618 (TRELLIAN-...)
1 7 103.224.182.206 133618 (TRELLIAN-...)
2 22 161.35.82.21 14061 (DIGITALOC...)
2 34.149.124.125 ()
1 1 35.224.74.90 ()
2 34.36.182.36 ()
6 2a0b:4d07:2::1 ()
1 2607:f8b0:400... ()
3 2607:f8b0:400... ()
2 35.186.251.103 ()
61 9
2    103.224.182.246 (Australia)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-246.above.com
xw.kjukenhi.in
7    103.224.182.206 (Australia)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com
angossa.com
22    161.35.82.21 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: paying-adkela.plan-3
adsh0wpr0.site
zupr6k.arsrok1tjk.com
r7wulv.arsrok1tjk.com
g9qjah.arsrok1tjk.com
1.ads-clk-trk.online
2    34.149.124.125 (None, )

ASN- ()
www.ki42jfne.com
1    35.224.74.90 (None, )

ASN- ()
url.totalav.com
2    34.36.182.36 (None, )

ASN- ()
www.totalav.com
6    2a0b:4d07:2::1 (None, )

ASN- ()
resources.totalav.com
1    2607:f8b0:4006:824::200a (None, )

ASN- ()
fonts.googleapis.com
3    2607:f8b0:4006:822::2003 (None, )

ASN- ()
fonts.gstatic.com
2    35.186.251.103 (None, )

ASN- ()
static.totalav.com
Domain Requested by
8 r7wulv.arsrok1tjk.com zupr6k.arsrok1tjk.com
r7wulv.arsrok1tjk.com
g9qjah.arsrok1tjk.com
8 zupr6k.arsrok1tjk.com angossa.com
zupr6k.arsrok1tjk.com
r7wulv.arsrok1tjk.com
7 angossa.com 1 redirects angossa.com
6 resources.totalav.com www.totalav.com
resources.totalav.com
4 g9qjah.arsrok1tjk.com r7wulv.arsrok1tjk.com
g9qjah.arsrok1tjk.com
3 fonts.gstatic.com www.totalav.com
2 static.totalav.com www.totalav.com
2 www.totalav.com www.totalav.com
2 www.ki42jfne.com
2 xw.kjukenhi.in 2 redirects
1 fonts.googleapis.com www.totalav.com
1 url.totalav.com 1 redirects
1 1.ads-clk-trk.online 1 redirects
1 adsh0wpr0.site angossa.com
0 widget.trustpilot.com Failed www.totalav.com
61 15

This site contains no links.

Subject Issuer Validity Valid
zupr6k.arsrok1tjk.com
R3		 2023-10-04 -
2024-01-02		 3 months crt.sh
r7wulv.arsrok1tjk.com
R3		 2023-10-04 -
2024-01-02		 3 months crt.sh
g9qjah.arsrok1tjk.com
R3		 2023-10-04 -
2024-01-02		 3 months crt.sh
ki42jfne.com
Starfield Secure Certificate Authority - G2		 2023-09-21 -
2023-12-22		 3 months crt.sh
*.totalav.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-22 -
2023-12-23		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
static.totalav.com
GTS CA 1D4		 2023-10-20 -
2024-01-18		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.totalav.com/free-download
Frame ID: C8022B198969ABEC5C450D6AB2142976
Requests: 61 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://xw.kjukenhi.in/ HTTP 302
    https://xw.kjukenhi.in/ HTTP 302
    http://angossa.com/r2.php?e=QghK2kCnGjZOYL302PvAv349flBkYlBwd095WmNjVGtycXJoNXJ5YXQxODZoWmhSSGR... Page URL
  2. http://angossa.com/r.php?u=https%3A%2F%2Fadsh0wpr0.site%2Fcxzzl4k.php%3Fkey%3Dr7r5nrnj3gb4o5u5m... HTTP 302
    https://adsh0wpr0.site/cxzzl4k.php?key=r7r5nrnj3gb4o5u5m8q5&cpv=0.010&subid=655995448&kw=.us.01.des... HTTP 302
    https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&... Page URL
  3. https://r7wulv.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&... Page URL
  4. https://g9qjah.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&... Page URL
  5. https://r7wulv.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&... Page URL
  6. https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&... Page URL
  7. https://1.ads-clk-trk.online/cxzzl4k.php?key=gkvz208wwa4uro319ty1&t1={t1}&t2={t2} HTTP 302
    https://www.ki42jfne.com/GT877S5/3MZNPR/?source_id=6_{t1}&sub1=ff990q5ojqn4p93a Page URL
  8. https://www.ki42jfne.com/metarefresh?t=aHR0cHM6Ly91cmwudG90YWxhdi5jb20vNjFlNWJiYzQ3YmEyOC9jbGljay84NT... Page URL
  9. https://url.totalav.com/61e5bbc47ba28/click/8552/2f4e4f752cb145299ee53256fb08766e HTTP 301
    https://www.totalav.com/free-download Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • swfobject.*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

61
Requests

59 %
HTTPS

30 %
IPv6

10
Domains

15
Subdomains

9
IPs

2
Countries

912 kB
Transfer

1253 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://xw.kjukenhi.in/ HTTP 302
    https://xw.kjukenhi.in/ HTTP 302
    http://angossa.com/r2.php?e=QghK2kCnGjZOYL302PvAv349flBkYlBwd095WmNjVGtycXJoNXJ5YXQxODZoWmhSSGRROUF4Z1VjancvdnNxL0dHaHZrMXJvM3pXMjk3L0kyVUczc254Y2tkc0w2dUo3Vk4zbHRGWG5IVmhZQmYvZ25aNTVUUm5Mc21vcjZwV1crd1BGa1ltZmtTb2dWY2JlVVZIdStxb09UNmNQZytic1JrMGVwTHFLaW4rdUdPazlGYWt4ZlhtZGE1cjM3ZVk3NEllYnNGWTRRVjhPQ1pGdzU4QXZMSHlETXdmcUhOTzlmdGQxVVRDZEVZU1dHVDNJSUxJYmMzZHBiN28wcDN0OUxDSTV3WkVERWU2ZTZUR3JqdGd0WWNWTk11UCs0U0VhWW5XeWxlSGVRUXkyK1NRWVdCMkxMU0ZORklONUlneUxFU2NMU2M1WFd4b1d6WTlHTkxxYkZUQnpRWVRmWXRqVzNaVHlsMFM5MitVYmhyT3VjamJWejV3UWh2eWtWcmVSUVhLYWZ0RVVFZWx3dGZsUlRiYjIwdHNEcWdYOG1FNDNMc0RRK2pTaGIwdk42cmJLYyswUGg1U3FBU0drek5mNTFrUGR1WnBYUjBSZmZtT1U4ZDRWWDFVNW5MRE15bnZydjI0QkVySjQzV3JvNjBDOUVhZWsvREc3dUw1OWw4MmNacGVqZGhMV2Z6TkN5cXQ1RE5YOUNFb2ZmdXBBaGoydHNERDNRQVpoUU5BZVUvc09LYitYQmpwczVRTHNMRDcxT3lPNFUvbC9OTEhmaXFOK3BwV3N0WkJpU1RENXJyL3NFS0psK0JPU3FIb1pRMEMvVkt2c05HNVNKaWVKZCtMb0dNcTZaODVjSGNXY1E3Z21FVTBDeFVSb2tQQUVUdlpPdStpNjdOVnkyYkxyaXRYRHlPNS95OXM0QmFwUmg0UDRHZFA3a2pLakp4RUJTQ3hTSXlFRmZLWk42TEhPNElmQTR6RXAzQVVuK0NRZ3JrRmJXRE9FRy91TTN0OGMrZzl5NkZaOFo5dFZxMlhGWjZvMWxNM2RtdTVQRWp2TEVoVTQ2S1hPRmp3YlhydStBOU5CSS9MeVVrWmE0WDFHRVM1ZlBwOXFvNXRDY2NHYm5XbExWbTNWWnk0Nmk0OTJZR0VnMW12ZE5JMHBkOXdEOFlXOEpWcXB4cjdNV2NVczNFPQ%3D%3D Page URL
  2. http://angossa.com/r.php?u=https%3A%2F%2Fadsh0wpr0.site%2Fcxzzl4k.php%3Fkey%3Dr7r5nrnj3gb4o5u5m8q5%26cpv%3D0.010%26subid%3D655995448%26kw%3D.us.01.desktop.windows.chrome&s=j&enc=21aoLhEc5qZEtWe2ABYH%2FH49fjdLVUZ2SVl2dHc4ekVQVXVJOTNxZDRpUjdydHFoMlJHRlFsb2psRy9YZmI4cGtjUTVOekJnenNreUp1ODlKVnU1bzl1Wm52OHVTT3Q3bHFLYTVoUHJkUysyampOMm8rMksrbEVOMGdyNDJHMFlxa0Jia2hENzZlL3NaaGp3eUR4L2pFTThsOUJqL2l3L0puZ0FqaWVVdERGVVVUSnpWZkRLS2g3Y3hURW0vbWgybDJIeWZieU43ZTBwby9xdFM2MUZqVTZhSGxWMnY0KzAvdkIvSkxJSE1rMXZtd1hBMkh4RGxxaDBHMGdMcVNRc09pMWhvQXhxMHJtRFJJK0k1bW0vNEpNemcrN1dmZlhrNFFsdzQ1WXpwQnZtNkZQNitrNm4vRkxOL3ZFY1N0YU1leUV6MkJtUlF1Y0xRUXR4cmJoWGRIcTNSSmUzQXJaWlE5K0dXUkNHQklNL0N6OFFmRDBaazRpKzRReUdHWk1KTXppbzluWVZyRVNHdE9pejBUV3dKdU9GOUkwcXU3S3F0SDVLME9aOGUvOXFWZUdObDc1ZklOZStGbTBMSy9zV1NVLzhMNDVhSmw1MmZqOWlRQlUwMUxmdExFRzdObng2TWpaYWl5VDk2OEs1dGUxL3Z1Z1M2bEhVanZHMnB3aktZQUpGT0VnTVVRZkF2ZGVpaXE3ZWs3WFZYTWNONnBwVzd0NTIwb3VwSFpLOUZ0ZVFaUFRNQmE5TkV6a2xiOG8wVWJLU3dhaUlTOVM2VlhtTUpWTlRrQ2NqZmg3QkVKby9GVVNmWmFvL1h2bTFOUTVrdUg0cEltbXJPelBXTERiNjl4UFl0RTNyamJ2ZlIrR2xuTzUxc3VUb0RTdlNCNE5NZjR4Z2RXMm12blFaS2VqcnlNdkpwRkdnWk5SaVRUd2E3b0QwT1l1bjZYOWdqRWZwNVZ5ZDhwSXNxL1N1T2ZLRlM2dEd3dzY3Y0FDVG1hQlpzYnpkT1BheWtMTmpzTDZJbnNWbEJFUmQ2VmNsWEtTRzJxWHRNbHVSckkzaDZlR0Z1WTE1UzZKOVV4ZUJ0aTRlR2Jwc2FJTjg5ZGVxaHVKTyszbktseWVuN1l1YlJjWi9xNlh6NU9wb0VHWEhTcG5FTWlYTGdaaGdudWp0RU5zRXlwRGgxOUp0dHJyUXBKc0lreEFQd21pcHhyQ0hETEwzcVZmRExONENZckhGSWluc0xsc3dQZHFQMUhuYlhLRkpIbmk0WElrUUFsRnFWZ1RsYjRNOGdJdE9xYVhCNTlyUEN6UnVoMjNyMXIwejkxVFlPUXl1ZDdmUUlWRUVLUUprUGJUNDJLVVJsYkxqUGM9&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=&fp=01ea488acca41672e27726d1cc30b98e HTTP 302
    https://adsh0wpr0.site/cxzzl4k.php?key=r7r5nrnj3gb4o5u5m8q5&cpv=0.010&subid=655995448&kw=.us.01.desktop.windows.chrome HTTP 302
    https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99 Page URL
  3. https://r7wulv.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99&cnt=1 Page URL
  4. https://g9qjah.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99&cnt=2 Page URL
  5. https://r7wulv.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99&cnt=3 Page URL
  6. https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99&cnt=4 Page URL
  7. https://1.ads-clk-trk.online/cxzzl4k.php?key=gkvz208wwa4uro319ty1&t1={t1}&t2={t2} HTTP 302
    https://www.ki42jfne.com/GT877S5/3MZNPR/?source_id=6_{t1}&sub1=ff990q5ojqn4p93a Page URL
  8. https://www.ki42jfne.com/metarefresh?t=aHR0cHM6Ly91cmwudG90YWxhdi5jb20vNjFlNWJiYzQ3YmEyOC9jbGljay84NTUyLzJmNGU0Zjc1MmNiMTQ1Mjk5ZWU1MzI1NmZiMDg3NjZl Page URL
  9. https://url.totalav.com/61e5bbc47ba28/click/8552/2f4e4f752cb145299ee53256fb08766e HTTP 301
    https://www.totalav.com/free-download Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://xw.kjukenhi.in/ HTTP 302
  • https://xw.kjukenhi.in/ HTTP 302
  • http://angossa.com/r2.php?e=QghK2kCnGjZOYL302PvAv349flBkYlBwd095WmNjVGtycXJoNXJ5YXQxODZoWmhSSGRROUF4Z1VjancvdnNxL0dHaHZrMXJvM3pXMjk3L0kyVUczc254Y2tkc0w2dUo3Vk4zbHRGWG5IVmhZQmYvZ25aNTVUUm5Mc21vcjZwV1crd1BGa1ltZmtTb2dWY2JlVVZIdStxb09UNmNQZytic1JrMGVwTHFLaW4rdUdPazlGYWt4ZlhtZGE1cjM3ZVk3NEllYnNGWTRRVjhPQ1pGdzU4QXZMSHlETXdmcUhOTzlmdGQxVVRDZEVZU1dHVDNJSUxJYmMzZHBiN28wcDN0OUxDSTV3WkVERWU2ZTZUR3JqdGd0WWNWTk11UCs0U0VhWW5XeWxlSGVRUXkyK1NRWVdCMkxMU0ZORklONUlneUxFU2NMU2M1WFd4b1d6WTlHTkxxYkZUQnpRWVRmWXRqVzNaVHlsMFM5MitVYmhyT3VjamJWejV3UWh2eWtWcmVSUVhLYWZ0RVVFZWx3dGZsUlRiYjIwdHNEcWdYOG1FNDNMc0RRK2pTaGIwdk42cmJLYyswUGg1U3FBU0drek5mNTFrUGR1WnBYUjBSZmZtT1U4ZDRWWDFVNW5MRE15bnZydjI0QkVySjQzV3JvNjBDOUVhZWsvREc3dUw1OWw4MmNacGVqZGhMV2Z6TkN5cXQ1RE5YOUNFb2ZmdXBBaGoydHNERDNRQVpoUU5BZVUvc09LYitYQmpwczVRTHNMRDcxT3lPNFUvbC9OTEhmaXFOK3BwV3N0WkJpU1RENXJyL3NFS0psK0JPU3FIb1pRMEMvVkt2c05HNVNKaWVKZCtMb0dNcTZaODVjSGNXY1E3Z21FVTBDeFVSb2tQQUVUdlpPdStpNjdOVnkyYkxyaXRYRHlPNS95OXM0QmFwUmg0UDRHZFA3a2pLakp4RUJTQ3hTSXlFRmZLWk42TEhPNElmQTR6RXAzQVVuK0NRZ3JrRmJXRE9FRy91TTN0OGMrZzl5NkZaOFo5dFZxMlhGWjZvMWxNM2RtdTVQRWp2TEVoVTQ2S1hPRmp3YlhydStBOU5CSS9MeVVrWmE0WDFHRVM1ZlBwOXFvNXRDY2NHYm5XbExWbTNWWnk0Nmk0OTJZR0VnMW12ZE5JMHBkOXdEOFlXOEpWcXB4cjdNV2NVczNFPQ%3D%3D
Request Chain 5
  • http://angossa.com/r.php?u=https%3A%2F%2Fadsh0wpr0.site%2Fcxzzl4k.php%3Fkey%3Dr7r5nrnj3gb4o5u5m8q5%26cpv%3D0.010%26subid%3D655995448%26kw%3D.us.01.desktop.windows.chrome&s=j&enc=21aoLhEc5qZEtWe2ABYH%2FH49fjdLVUZ2SVl2dHc4ekVQVXVJOTNxZDRpUjdydHFoMlJHRlFsb2psRy9YZmI4cGtjUTVOekJnenNreUp1ODlKVnU1bzl1Wm52OHVTT3Q3bHFLYTVoUHJkUysyampOMm8rMksrbEVOMGdyNDJHMFlxa0Jia2hENzZlL3NaaGp3eUR4L2pFTThsOUJqL2l3L0puZ0FqaWVVdERGVVVUSnpWZkRLS2g3Y3hURW0vbWgybDJIeWZieU43ZTBwby9xdFM2MUZqVTZhSGxWMnY0KzAvdkIvSkxJSE1rMXZtd1hBMkh4RGxxaDBHMGdMcVNRc09pMWhvQXhxMHJtRFJJK0k1bW0vNEpNemcrN1dmZlhrNFFsdzQ1WXpwQnZtNkZQNitrNm4vRkxOL3ZFY1N0YU1leUV6MkJtUlF1Y0xRUXR4cmJoWGRIcTNSSmUzQXJaWlE5K0dXUkNHQklNL0N6OFFmRDBaazRpKzRReUdHWk1KTXppbzluWVZyRVNHdE9pejBUV3dKdU9GOUkwcXU3S3F0SDVLME9aOGUvOXFWZUdObDc1ZklOZStGbTBMSy9zV1NVLzhMNDVhSmw1MmZqOWlRQlUwMUxmdExFRzdObng2TWpaYWl5VDk2OEs1dGUxL3Z1Z1M2bEhVanZHMnB3aktZQUpGT0VnTVVRZkF2ZGVpaXE3ZWs3WFZYTWNONnBwVzd0NTIwb3VwSFpLOUZ0ZVFaUFRNQmE5TkV6a2xiOG8wVWJLU3dhaUlTOVM2VlhtTUpWTlRrQ2NqZmg3QkVKby9GVVNmWmFvL1h2bTFOUTVrdUg0cEltbXJPelBXTERiNjl4UFl0RTNyamJ2ZlIrR2xuTzUxc3VUb0RTdlNCNE5NZjR4Z2RXMm12blFaS2VqcnlNdkpwRkdnWk5SaVRUd2E3b0QwT1l1bjZYOWdqRWZwNVZ5ZDhwSXNxL1N1T2ZLRlM2dEd3dzY3Y0FDVG1hQlpzYnpkT1BheWtMTmpzTDZJbnNWbEJFUmQ2VmNsWEtTRzJxWHRNbHVSckkzaDZlR0Z1WTE1UzZKOVV4ZUJ0aTRlR2Jwc2FJTjg5ZGVxaHVKTyszbktseWVuN1l1YlJjWi9xNlh6NU9wb0VHWEhTcG5FTWlYTGdaaGdudWp0RU5zRXlwRGgxOUp0dHJyUXBKc0lreEFQd21pcHhyQ0hETEwzcVZmRExONENZckhGSWluc0xsc3dQZHFQMUhuYlhLRkpIbmk0WElrUUFsRnFWZ1RsYjRNOGdJdE9xYVhCNTlyUEN6UnVoMjNyMXIwejkxVFlPUXl1ZDdmUUlWRUVLUUprUGJUNDJLVVJsYkxqUGM9&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu= HTTP 302
  • https://adsh0wpr0.site/cxzzl4k.php?key=r7r5nrnj3gb4o5u5m8q5&cpv=0.010&subid=655995448&kw=.us.01.desktop.windows.chrome
Request Chain 7
  • http://angossa.com/r.php?u=https%3A%2F%2Fadsh0wpr0.site%2Fcxzzl4k.php%3Fkey%3Dr7r5nrnj3gb4o5u5m8q5%26cpv%3D0.010%26subid%3D655995448%26kw%3D.us.01.desktop.windows.chrome&s=j&enc=21aoLhEc5qZEtWe2ABYH%2FH49fjdLVUZ2SVl2dHc4ekVQVXVJOTNxZDRpUjdydHFoMlJHRlFsb2psRy9YZmI4cGtjUTVOekJnenNreUp1ODlKVnU1bzl1Wm52OHVTT3Q3bHFLYTVoUHJkUysyampOMm8rMksrbEVOMGdyNDJHMFlxa0Jia2hENzZlL3NaaGp3eUR4L2pFTThsOUJqL2l3L0puZ0FqaWVVdERGVVVUSnpWZkRLS2g3Y3hURW0vbWgybDJIeWZieU43ZTBwby9xdFM2MUZqVTZhSGxWMnY0KzAvdkIvSkxJSE1rMXZtd1hBMkh4RGxxaDBHMGdMcVNRc09pMWhvQXhxMHJtRFJJK0k1bW0vNEpNemcrN1dmZlhrNFFsdzQ1WXpwQnZtNkZQNitrNm4vRkxOL3ZFY1N0YU1leUV6MkJtUlF1Y0xRUXR4cmJoWGRIcTNSSmUzQXJaWlE5K0dXUkNHQklNL0N6OFFmRDBaazRpKzRReUdHWk1KTXppbzluWVZyRVNHdE9pejBUV3dKdU9GOUkwcXU3S3F0SDVLME9aOGUvOXFWZUdObDc1ZklOZStGbTBMSy9zV1NVLzhMNDVhSmw1MmZqOWlRQlUwMUxmdExFRzdObng2TWpaYWl5VDk2OEs1dGUxL3Z1Z1M2bEhVanZHMnB3aktZQUpGT0VnTVVRZkF2ZGVpaXE3ZWs3WFZYTWNONnBwVzd0NTIwb3VwSFpLOUZ0ZVFaUFRNQmE5TkV6a2xiOG8wVWJLU3dhaUlTOVM2VlhtTUpWTlRrQ2NqZmg3QkVKby9GVVNmWmFvL1h2bTFOUTVrdUg0cEltbXJPelBXTERiNjl4UFl0RTNyamJ2ZlIrR2xuTzUxc3VUb0RTdlNCNE5NZjR4Z2RXMm12blFaS2VqcnlNdkpwRkdnWk5SaVRUd2E3b0QwT1l1bjZYOWdqRWZwNVZ5ZDhwSXNxL1N1T2ZLRlM2dEd3dzY3Y0FDVG1hQlpzYnpkT1BheWtMTmpzTDZJbnNWbEJFUmQ2VmNsWEtTRzJxWHRNbHVSckkzaDZlR0Z1WTE1UzZKOVV4ZUJ0aTRlR2Jwc2FJTjg5ZGVxaHVKTyszbktseWVuN1l1YlJjWi9xNlh6NU9wb0VHWEhTcG5FTWlYTGdaaGdudWp0RU5zRXlwRGgxOUp0dHJyUXBKc0lreEFQd21pcHhyQ0hETEwzcVZmRExONENZckhGSWluc0xsc3dQZHFQMUhuYlhLRkpIbmk0WElrUUFsRnFWZ1RsYjRNOGdJdE9xYVhCNTlyUEN6UnVoMjNyMXIwejkxVFlPUXl1ZDdmUUlWRUVLUUprUGJUNDJLVVJsYkxqUGM9&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=&fp=01ea488acca41672e27726d1cc30b98e HTTP 302
  • https://adsh0wpr0.site/cxzzl4k.php?key=r7r5nrnj3gb4o5u5m8q5&cpv=0.010&subid=655995448&kw=.us.01.desktop.windows.chrome HTTP 302
  • https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99
Request Chain 27
  • https://1.ads-clk-trk.online/cxzzl4k.php?key=gkvz208wwa4uro319ty1&t1={t1}&t2={t2} HTTP 302
  • https://www.ki42jfne.com/GT877S5/3MZNPR/?source_id=6_{t1}&sub1=ff990q5ojqn4p93a

61 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
r2.php
angossa.com/
Redirect Chain
  • http://xw.kjukenhi.in/
  • https://xw.kjukenhi.in/
  • http://angossa.com/r2.php?e=QghK2kCnGjZOYL302PvAv349flBkYlBwd095WmNjVGtycXJoNXJ5YXQxODZoWmhSSGRROUF4Z1VjancvdnNxL0dHaHZrMXJvM3pXMjk3L0kyVUczc254Y2tkc0w2dUo3Vk4zbHRGWG5IVmhZQmYvZ25aNTVUUm5Mc21vcjZwV...
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://angossa.com/r2.php?e=QghK2kCnGjZOYL302PvAv349flBkYlBwd095WmNjVGtycXJoNXJ5YXQxODZoWmhSSGRROUF4Z1VjancvdnNxL0dHaHZrMXJvM3pXMjk3L0kyVUczc254Y2tkc0w2dUo3Vk4zbHRGWG5IVmhZQmYvZ25aNTVUUm5Mc21vcjZwV1crd1BGa1ltZmtTb2dWY2JlVVZIdStxb09UNmNQZytic1JrMGVwTHFLaW4rdUdPazlGYWt4ZlhtZGE1cjM3ZVk3NEllYnNGWTRRVjhPQ1pGdzU4QXZMSHlETXdmcUhOTzlmdGQxVVRDZEVZU1dHVDNJSUxJYmMzZHBiN28wcDN0OUxDSTV3WkVERWU2ZTZUR3JqdGd0WWNWTk11UCs0U0VhWW5XeWxlSGVRUXkyK1NRWVdCMkxMU0ZORklONUlneUxFU2NMU2M1WFd4b1d6WTlHTkxxYkZUQnpRWVRmWXRqVzNaVHlsMFM5MitVYmhyT3VjamJWejV3UWh2eWtWcmVSUVhLYWZ0RVVFZWx3dGZsUlRiYjIwdHNEcWdYOG1FNDNMc0RRK2pTaGIwdk42cmJLYyswUGg1U3FBU0drek5mNTFrUGR1WnBYUjBSZmZtT1U4ZDRWWDFVNW5MRE15bnZydjI0QkVySjQzV3JvNjBDOUVhZWsvREc3dUw1OWw4MmNacGVqZGhMV2Z6TkN5cXQ1RE5YOUNFb2ZmdXBBaGoydHNERDNRQVpoUU5BZVUvc09LYitYQmpwczVRTHNMRDcxT3lPNFUvbC9OTEhmaXFOK3BwV3N0WkJpU1RENXJyL3NFS0psK0JPU3FIb1pRMEMvVkt2c05HNVNKaWVKZCtMb0dNcTZaODVjSGNXY1E3Z21FVTBDeFVSb2tQQUVUdlpPdStpNjdOVnkyYkxyaXRYRHlPNS95OXM0QmFwUmg0UDRHZFA3a2pLakp4RUJTQ3hTSXlFRmZLWk42TEhPNElmQTR6RXAzQVVuK0NRZ3JrRmJXRE9FRy91TTN0OGMrZzl5NkZaOFo5dFZxMlhGWjZvMWxNM2RtdTVQRWp2TEVoVTQ2S1hPRmp3YlhydStBOU5CSS9MeVVrWmE0WDFHRVM1ZlBwOXFvNXRDY2NHYm5XbExWbTNWWnk0Nmk0OTJZR0VnMW12ZE5JMHBkOXdEOFlXOEpWcXB4cjdNV2NVczNFPQ%3D%3D
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

connection
close
content-encoding
gzip
content-length
2510
content-type
text/html; charset=UTF-8
date
Sat, 18 Nov 2023 23:47:29 GMT
server
Apache
vary
Accept-Encoding

Redirect headers

connection
close
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 18 Nov 2023 23:47:29 GMT
location
http://angossa.com/r2.php?e=QghK2kCnGjZOYL302PvAv349flBkYlBwd095WmNjVGtycXJoNXJ5YXQxODZoWmhSSGRROUF4Z1VjancvdnNxL0dHaHZrMXJvM3pXMjk3L0kyVUczc254Y2tkc0w2dUo3Vk4zbHRGWG5IVmhZQmYvZ25aNTVUUm5Mc21vcjZwV1crd1BGa1ltZmtTb2dWY2JlVVZIdStxb09UNmNQZytic1JrMGVwTHFLaW4rdUdPazlGYWt4ZlhtZGE1cjM3ZVk3NEllYnNGWTRRVjhPQ1pGdzU4QXZMSHlETXdmcUhOTzlmdGQxVVRDZEVZU1dHVDNJSUxJYmMzZHBiN28wcDN0OUxDSTV3WkVERWU2ZTZUR3JqdGd0WWNWTk11UCs0U0VhWW5XeWxlSGVRUXkyK1NRWVdCMkxMU0ZORklONUlneUxFU2NMU2M1WFd4b1d6WTlHTkxxYkZUQnpRWVRmWXRqVzNaVHlsMFM5MitVYmhyT3VjamJWejV3UWh2eWtWcmVSUVhLYWZ0RVVFZWx3dGZsUlRiYjIwdHNEcWdYOG1FNDNMc0RRK2pTaGIwdk42cmJLYyswUGg1U3FBU0drek5mNTFrUGR1WnBYUjBSZmZtT1U4ZDRWWDFVNW5MRE15bnZydjI0QkVySjQzV3JvNjBDOUVhZWsvREc3dUw1OWw4MmNacGVqZGhMV2Z6TkN5cXQ1RE5YOUNFb2ZmdXBBaGoydHNERDNRQVpoUU5BZVUvc09LYitYQmpwczVRTHNMRDcxT3lPNFUvbC9OTEhmaXFOK3BwV3N0WkJpU1RENXJyL3NFS0psK0JPU3FIb1pRMEMvVkt2c05HNVNKaWVKZCtMb0dNcTZaODVjSGNXY1E3Z21FVTBDeFVSb2tQQUVUdlpPdStpNjdOVnkyYkxyaXRYRHlPNS95OXM0QmFwUmg0UDRHZFA3a2pLakp4RUJTQ3hTSXlFRmZLWk42TEhPNElmQTR6RXAzQVVuK0NRZ3JrRmJXRE9FRy91TTN0OGMrZzl5NkZaOFo5dFZxMlhGWjZvMWxNM2RtdTVQRWp2TEVoVTQ2S1hPRmp3YlhydStBOU5CSS9MeVVrWmE0WDFHRVM1ZlBwOXFvNXRDY2NHYm5XbExWbTNWWnk0Nmk0OTJZR0VnMW12ZE5JMHBkOXdEOFlXOEpWcXB4cjdNV2NVczNFPQ%3D%3D
server
Apache
jscheck.js
angossa.com/javascript/ 		927 B
706 B 		Script
General
Check archive.org
Download Go to
Full URL
http://angossa.com/javascript/jscheck.js
Requested by
Host: angossa.com
URL: http://angossa.com/r2.php?e=QghK2kCnGjZOYL302PvAv349flBkYlBwd095WmNjVGtycXJoNXJ5YXQxODZoWmhSSGRROUF4Z1VjancvdnNxL0dHaHZrMXJvM3pXMjk3L0kyVUczc254Y2tkc0w2dUo3Vk4zbHRGWG5IVmhZQmYvZ25aNTVUUm5Mc21vcjZwV1crd1BGa1ltZmtTb2dWY2JlVVZIdStxb09UNmNQZytic1JrMGVwTHFLaW4rdUdPazlGYWt4ZlhtZGE1cjM3ZVk3NEllYnNGWTRRVjhPQ1pGdzU4QXZMSHlETXdmcUhOTzlmdGQxVVRDZEVZU1dHVDNJSUxJYmMzZHBiN28wcDN0OUxDSTV3WkVERWU2ZTZUR3JqdGd0WWNWTk11UCs0U0VhWW5XeWxlSGVRUXkyK1NRWVdCMkxMU0ZORklONUlneUxFU2NMU2M1WFd4b1d6WTlHTkxxYkZUQnpRWVRmWXRqVzNaVHlsMFM5MitVYmhyT3VjamJWejV3UWh2eWtWcmVSUVhLYWZ0RVVFZWx3dGZsUlRiYjIwdHNEcWdYOG1FNDNMc0RRK2pTaGIwdk42cmJLYyswUGg1U3FBU0drek5mNTFrUGR1WnBYUjBSZmZtT1U4ZDRWWDFVNW5MRE15bnZydjI0QkVySjQzV3JvNjBDOUVhZWsvREc3dUw1OWw4MmNacGVqZGhMV2Z6TkN5cXQ1RE5YOUNFb2ZmdXBBaGoydHNERDNRQVpoUU5BZVUvc09LYitYQmpwczVRTHNMRDcxT3lPNFUvbC9OTEhmaXFOK3BwV3N0WkJpU1RENXJyL3NFS0psK0JPU3FIb1pRMEMvVkt2c05HNVNKaWVKZCtMb0dNcTZaODVjSGNXY1E3Z21FVTBDeFVSb2tQQUVUdlpPdStpNjdOVnkyYkxyaXRYRHlPNS95OXM0QmFwUmg0UDRHZFA3a2pLakp4RUJTQ3hTSXlFRmZLWk42TEhPNElmQTR6RXAzQVVuK0NRZ3JrRmJXRE9FRy91TTN0OGMrZzl5NkZaOFo5dFZxMlhGWjZvMWxNM2RtdTVQRWp2TEVoVTQ2S1hPRmp3YlhydStBOU5CSS9MeVVrWmE0WDFHRVM1ZlBwOXFvNXRDY2NHYm5XbExWbTNWWnk0Nmk0OTJZR0VnMW12ZE5JMHBkOXdEOFlXOEpWcXB4cjdNV2NVczNFPQ%3D%3D
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://angossa.com/r2.php?e=QghK2kCnGjZOYL302PvAv349flBkYlBwd095WmNjVGtycXJoNXJ5YXQxODZoWmhSSGRROUF4Z1VjancvdnNxL0dHaHZrMXJvM3pXMjk3L0kyVUczc254Y2tkc0w2dUo3Vk4zbHRGWG5IVmhZQmYvZ25aNTVUUm5Mc21vcjZwV1crd1BGa1ltZmtTb2dWY2JlVVZIdStxb09UNmNQZytic1JrMGVwTHFLaW4rdUdPazlGYWt4ZlhtZGE1cjM3ZVk3NEllYnNGWTRRVjhPQ1pGdzU4QXZMSHlETXdmcUhOTzlmdGQxVVRDZEVZU1dHVDNJSUxJYmMzZHBiN28wcDN0OUxDSTV3WkVERWU2ZTZUR3JqdGd0WWNWTk11UCs0U0VhWW5XeWxlSGVRUXkyK1NRWVdCMkxMU0ZORklONUlneUxFU2NMU2M1WFd4b1d6WTlHTkxxYkZUQnpRWVRmWXRqVzNaVHlsMFM5MitVYmhyT3VjamJWejV3UWh2eWtWcmVSUVhLYWZ0RVVFZWx3dGZsUlRiYjIwdHNEcWdYOG1FNDNMc0RRK2pTaGIwdk42cmJLYyswUGg1U3FBU0drek5mNTFrUGR1WnBYUjBSZmZtT1U4ZDRWWDFVNW5MRE15bnZydjI0QkVySjQzV3JvNjBDOUVhZWsvREc3dUw1OWw4MmNacGVqZGhMV2Z6TkN5cXQ1RE5YOUNFb2ZmdXBBaGoydHNERDNRQVpoUU5BZVUvc09LYitYQmpwczVRTHNMRDcxT3lPNFUvbC9OTEhmaXFOK3BwV3N0WkJpU1RENXJyL3NFS0psK0JPU3FIb1pRMEMvVkt2c05HNVNKaWVKZCtMb0dNcTZaODVjSGNXY1E3Z21FVTBDeFVSb2tQQUVUdlpPdStpNjdOVnkyYkxyaXRYRHlPNS95OXM0QmFwUmg0UDRHZFA3a2pLakp4RUJTQ3hTSXlFRmZLWk42TEhPNElmQTR6RXAzQVVuK0NRZ3JrRmJXRE9FRy91TTN0OGMrZzl5NkZaOFo5dFZxMlhGWjZvMWxNM2RtdTVQRWp2TEVoVTQ2S1hPRmp3YlhydStBOU5CSS9MeVVrWmE0WDFHRVM1ZlBwOXFvNXRDY2NHYm5XbExWbTNWWnk0Nmk0OTJZR0VnMW12ZE5JMHBkOXdEOFlXOEpWcXB4cjdNV2NVczNFPQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:47:30 GMT
content-encoding
gzip
last-modified
Fri, 10 Nov 2023 00:39:11 GMT
server
Apache
etag
"39f-609c18c8309c0-gzip"
vary
Accept-Encoding
content-type
application/javascript
connection
close
accept-ranges
bytes
content-length
409
swfobject.js
angossa.com/javascript/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://angossa.com/javascript/swfobject.js
Requested by
Host: angossa.com
URL: http://angossa.com/r2.php?e=QghK2kCnGjZOYL302PvAv349flBkYlBwd095WmNjVGtycXJoNXJ5YXQxODZoWmhSSGRROUF4Z1VjancvdnNxL0dHaHZrMXJvM3pXMjk3L0kyVUczc254Y2tkc0w2dUo3Vk4zbHRGWG5IVmhZQmYvZ25aNTVUUm5Mc21vcjZwV1crd1BGa1ltZmtTb2dWY2JlVVZIdStxb09UNmNQZytic1JrMGVwTHFLaW4rdUdPazlGYWt4ZlhtZGE1cjM3ZVk3NEllYnNGWTRRVjhPQ1pGdzU4QXZMSHlETXdmcUhOTzlmdGQxVVRDZEVZU1dHVDNJSUxJYmMzZHBiN28wcDN0OUxDSTV3WkVERWU2ZTZUR3JqdGd0WWNWTk11UCs0U0VhWW5XeWxlSGVRUXkyK1NRWVdCMkxMU0ZORklONUlneUxFU2NMU2M1WFd4b1d6WTlHTkxxYkZUQnpRWVRmWXRqVzNaVHlsMFM5MitVYmhyT3VjamJWejV3UWh2eWtWcmVSUVhLYWZ0RVVFZWx3dGZsUlRiYjIwdHNEcWdYOG1FNDNMc0RRK2pTaGIwdk42cmJLYyswUGg1U3FBU0drek5mNTFrUGR1WnBYUjBSZmZtT1U4ZDRWWDFVNW5MRE15bnZydjI0QkVySjQzV3JvNjBDOUVhZWsvREc3dUw1OWw4MmNacGVqZGhMV2Z6TkN5cXQ1RE5YOUNFb2ZmdXBBaGoydHNERDNRQVpoUU5BZVUvc09LYitYQmpwczVRTHNMRDcxT3lPNFUvbC9OTEhmaXFOK3BwV3N0WkJpU1RENXJyL3NFS0psK0JPU3FIb1pRMEMvVkt2c05HNVNKaWVKZCtMb0dNcTZaODVjSGNXY1E3Z21FVTBDeFVSb2tQQUVUdlpPdStpNjdOVnkyYkxyaXRYRHlPNS95OXM0QmFwUmg0UDRHZFA3a2pLakp4RUJTQ3hTSXlFRmZLWk42TEhPNElmQTR6RXAzQVVuK0NRZ3JrRmJXRE9FRy91TTN0OGMrZzl5NkZaOFo5dFZxMlhGWjZvMWxNM2RtdTVQRWp2TEVoVTQ2S1hPRmp3YlhydStBOU5CSS9MeVVrWmE0WDFHRVM1ZlBwOXFvNXRDY2NHYm5XbExWbTNWWnk0Nmk0OTJZR0VnMW12ZE5JMHBkOXdEOFlXOEpWcXB4cjdNV2NVczNFPQ%3D%3D
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://angossa.com/r2.php?e=QghK2kCnGjZOYL302PvAv349flBkYlBwd095WmNjVGtycXJoNXJ5YXQxODZoWmhSSGRROUF4Z1VjancvdnNxL0dHaHZrMXJvM3pXMjk3L0kyVUczc254Y2tkc0w2dUo3Vk4zbHRGWG5IVmhZQmYvZ25aNTVUUm5Mc21vcjZwV1crd1BGa1ltZmtTb2dWY2JlVVZIdStxb09UNmNQZytic1JrMGVwTHFLaW4rdUdPazlGYWt4ZlhtZGE1cjM3ZVk3NEllYnNGWTRRVjhPQ1pGdzU4QXZMSHlETXdmcUhOTzlmdGQxVVRDZEVZU1dHVDNJSUxJYmMzZHBiN28wcDN0OUxDSTV3WkVERWU2ZTZUR3JqdGd0WWNWTk11UCs0U0VhWW5XeWxlSGVRUXkyK1NRWVdCMkxMU0ZORklONUlneUxFU2NMU2M1WFd4b1d6WTlHTkxxYkZUQnpRWVRmWXRqVzNaVHlsMFM5MitVYmhyT3VjamJWejV3UWh2eWtWcmVSUVhLYWZ0RVVFZWx3dGZsUlRiYjIwdHNEcWdYOG1FNDNMc0RRK2pTaGIwdk42cmJLYyswUGg1U3FBU0drek5mNTFrUGR1WnBYUjBSZmZtT1U4ZDRWWDFVNW5MRE15bnZydjI0QkVySjQzV3JvNjBDOUVhZWsvREc3dUw1OWw4MmNacGVqZGhMV2Z6TkN5cXQ1RE5YOUNFb2ZmdXBBaGoydHNERDNRQVpoUU5BZVUvc09LYitYQmpwczVRTHNMRDcxT3lPNFUvbC9OTEhmaXFOK3BwV3N0WkJpU1RENXJyL3NFS0psK0JPU3FIb1pRMEMvVkt2c05HNVNKaWVKZCtMb0dNcTZaODVjSGNXY1E3Z21FVTBDeFVSb2tQQUVUdlpPdStpNjdOVnkyYkxyaXRYRHlPNS95OXM0QmFwUmg0UDRHZFA3a2pLakp4RUJTQ3hTSXlFRmZLWk42TEhPNElmQTR6RXAzQVVuK0NRZ3JrRmJXRE9FRy91TTN0OGMrZzl5NkZaOFo5dFZxMlhGWjZvMWxNM2RtdTVQRWp2TEVoVTQ2S1hPRmp3YlhydStBOU5CSS9MeVVrWmE0WDFHRVM1ZlBwOXFvNXRDY2NHYm5XbExWbTNWWnk0Nmk0OTJZR0VnMW12ZE5JMHBkOXdEOFlXOEpWcXB4cjdNV2NVczNFPQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:47:30 GMT
content-encoding
gzip
last-modified
Fri, 10 Nov 2023 00:39:11 GMT
server
Apache
etag
"27ef-609c18c8309c0-gzip"
vary
Accept-Encoding
content-type
application/javascript
connection
close
accept-ranges
bytes
content-length
3949
iife.min.js
angossa.com/javascript/fingerprint/ 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://angossa.com/javascript/fingerprint/iife.min.js
Requested by
Host: angossa.com
URL: http://angossa.com/r2.php?e=QghK2kCnGjZOYL302PvAv349flBkYlBwd095WmNjVGtycXJoNXJ5YXQxODZoWmhSSGRROUF4Z1VjancvdnNxL0dHaHZrMXJvM3pXMjk3L0kyVUczc254Y2tkc0w2dUo3Vk4zbHRGWG5IVmhZQmYvZ25aNTVUUm5Mc21vcjZwV1crd1BGa1ltZmtTb2dWY2JlVVZIdStxb09UNmNQZytic1JrMGVwTHFLaW4rdUdPazlGYWt4ZlhtZGE1cjM3ZVk3NEllYnNGWTRRVjhPQ1pGdzU4QXZMSHlETXdmcUhOTzlmdGQxVVRDZEVZU1dHVDNJSUxJYmMzZHBiN28wcDN0OUxDSTV3WkVERWU2ZTZUR3JqdGd0WWNWTk11UCs0U0VhWW5XeWxlSGVRUXkyK1NRWVdCMkxMU0ZORklONUlneUxFU2NMU2M1WFd4b1d6WTlHTkxxYkZUQnpRWVRmWXRqVzNaVHlsMFM5MitVYmhyT3VjamJWejV3UWh2eWtWcmVSUVhLYWZ0RVVFZWx3dGZsUlRiYjIwdHNEcWdYOG1FNDNMc0RRK2pTaGIwdk42cmJLYyswUGg1U3FBU0drek5mNTFrUGR1WnBYUjBSZmZtT1U4ZDRWWDFVNW5MRE15bnZydjI0QkVySjQzV3JvNjBDOUVhZWsvREc3dUw1OWw4MmNacGVqZGhMV2Z6TkN5cXQ1RE5YOUNFb2ZmdXBBaGoydHNERDNRQVpoUU5BZVUvc09LYitYQmpwczVRTHNMRDcxT3lPNFUvbC9OTEhmaXFOK3BwV3N0WkJpU1RENXJyL3NFS0psK0JPU3FIb1pRMEMvVkt2c05HNVNKaWVKZCtMb0dNcTZaODVjSGNXY1E3Z21FVTBDeFVSb2tQQUVUdlpPdStpNjdOVnkyYkxyaXRYRHlPNS95OXM0QmFwUmg0UDRHZFA3a2pLakp4RUJTQ3hTSXlFRmZLWk42TEhPNElmQTR6RXAzQVVuK0NRZ3JrRmJXRE9FRy91TTN0OGMrZzl5NkZaOFo5dFZxMlhGWjZvMWxNM2RtdTVQRWp2TEVoVTQ2S1hPRmp3YlhydStBOU5CSS9MeVVrWmE0WDFHRVM1ZlBwOXFvNXRDY2NHYm5XbExWbTNWWnk0Nmk0OTJZR0VnMW12ZE5JMHBkOXdEOFlXOEpWcXB4cjdNV2NVczNFPQ%3D%3D
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://angossa.com/r2.php?e=QghK2kCnGjZOYL302PvAv349flBkYlBwd095WmNjVGtycXJoNXJ5YXQxODZoWmhSSGRROUF4Z1VjancvdnNxL0dHaHZrMXJvM3pXMjk3L0kyVUczc254Y2tkc0w2dUo3Vk4zbHRGWG5IVmhZQmYvZ25aNTVUUm5Mc21vcjZwV1crd1BGa1ltZmtTb2dWY2JlVVZIdStxb09UNmNQZytic1JrMGVwTHFLaW4rdUdPazlGYWt4ZlhtZGE1cjM3ZVk3NEllYnNGWTRRVjhPQ1pGdzU4QXZMSHlETXdmcUhOTzlmdGQxVVRDZEVZU1dHVDNJSUxJYmMzZHBiN28wcDN0OUxDSTV3WkVERWU2ZTZUR3JqdGd0WWNWTk11UCs0U0VhWW5XeWxlSGVRUXkyK1NRWVdCMkxMU0ZORklONUlneUxFU2NMU2M1WFd4b1d6WTlHTkxxYkZUQnpRWVRmWXRqVzNaVHlsMFM5MitVYmhyT3VjamJWejV3UWh2eWtWcmVSUVhLYWZ0RVVFZWx3dGZsUlRiYjIwdHNEcWdYOG1FNDNMc0RRK2pTaGIwdk42cmJLYyswUGg1U3FBU0drek5mNTFrUGR1WnBYUjBSZmZtT1U4ZDRWWDFVNW5MRE15bnZydjI0QkVySjQzV3JvNjBDOUVhZWsvREc3dUw1OWw4MmNacGVqZGhMV2Z6TkN5cXQ1RE5YOUNFb2ZmdXBBaGoydHNERDNRQVpoUU5BZVUvc09LYitYQmpwczVRTHNMRDcxT3lPNFUvbC9OTEhmaXFOK3BwV3N0WkJpU1RENXJyL3NFS0psK0JPU3FIb1pRMEMvVkt2c05HNVNKaWVKZCtMb0dNcTZaODVjSGNXY1E3Z21FVTBDeFVSb2tQQUVUdlpPdStpNjdOVnkyYkxyaXRYRHlPNS95OXM0QmFwUmg0UDRHZFA3a2pLakp4RUJTQ3hTSXlFRmZLWk42TEhPNElmQTR6RXAzQVVuK0NRZ3JrRmJXRE9FRy91TTN0OGMrZzl5NkZaOFo5dFZxMlhGWjZvMWxNM2RtdTVQRWp2TEVoVTQ2S1hPRmp3YlhydStBOU5CSS9MeVVrWmE0WDFHRVM1ZlBwOXFvNXRDY2NHYm5XbExWbTNWWnk0Nmk0OTJZR0VnMW12ZE5JMHBkOXdEOFlXOEpWcXB4cjdNV2NVczNFPQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:47:30 GMT
content-encoding
gzip
last-modified
Fri, 10 Nov 2023 00:39:11 GMT
server
Apache
etag
"85c0-609c18c8309c0-gzip"
vary
Accept-Encoding
content-type
application/javascript
connection
close
accept-ranges
bytes
content-length
14345
jscheck.php
angossa.com/ 		0
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://angossa.com/jscheck.php?enc=21aoLhEc5qZEtWe2ABYH%2FH49fjdLVUZ2SVl2dHc4ekVQVXVJOTNxZDRpUjdydHFoMlJHRlFsb2psRy9YZmI4cGtjUTVOekJnenNreUp1ODlKVnU1bzl1Wm52OHVTT3Q3bHFLYTVoUHJkUysyampOMm8rMksrbEVOMGdyNDJHMFlxa0Jia2hENzZlL3NaaGp3eUR4L2pFTThsOUJqL2l3L0puZ0FqaWVVdERGVVVUSnpWZkRLS2g3Y3hURW0vbWgybDJIeWZieU43ZTBwby9xdFM2MUZqVTZhSGxWMnY0KzAvdkIvSkxJSE1rMXZtd1hBMkh4RGxxaDBHMGdMcVNRc09pMWhvQXhxMHJtRFJJK0k1bW0vNEpNemcrN1dmZlhrNFFsdzQ1WXpwQnZtNkZQNitrNm4vRkxOL3ZFY1N0YU1leUV6MkJtUlF1Y0xRUXR4cmJoWGRIcTNSSmUzQXJaWlE5K0dXUkNHQklNL0N6OFFmRDBaazRpKzRReUdHWk1KTXppbzluWVZyRVNHdE9pejBUV3dKdU9GOUkwcXU3S3F0SDVLME9aOGUvOXFWZUdObDc1ZklOZStGbTBMSy9zV1NVLzhMNDVhSmw1MmZqOWlRQlUwMUxmdExFRzdObng2TWpaYWl5VDk2OEs1dGUxL3Z1Z1M2bEhVanZHMnB3aktZQUpGT0VnTVVRZkF2ZGVpaXE3ZWs3WFZYTWNONnBwVzd0NTIwb3VwSFpLOUZ0ZVFaUFRNQmE5TkV6a2xiOG8wVWJLU3dhaUlTOVM2VlhtTUpWTlRrQ2NqZmg3QkVKby9GVVNmWmFvL1h2bTFOUTVrdUg0cEltbXJPelBXTERiNjl4UFl0RTNyamJ2ZlIrR2xuTzUxc3VUb0RTdlNCNE5NZjR4Z2RXMm12blFaS2VqcnlNdkpwRkdnWk5SaVRUd2E3b0QwT1l1bjZYOWdqRWZwNVZ5ZDhwSXNxL1N1T2ZLRlM2dEd3dzY3Y0FDVG1hQlpzYnpkT1BheWtMTmpzTDZJbnNWbEJFUmQ2VmNsWEtTRzJxWHRNbHVSckkzaDZlR0Z1WTE1UzZKOVV4ZUJ0aTRlR2Jwc2FJTjg5ZGVxaHVKTyszbktseWVuN1l1YlJjWi9xNlh6NU9wb0VHWEhTcG5FTWlYTGdaaGdudWp0RU5zRXlwRGgxOUp0dHJyUXBKc0lreEFQd21pcHhyQ0hETEwzcVZmRExONENZckhGSWluc0xsc3dQZHFQMUhuYlhLRkpIbmk0WElrUUFsRnFWZ1RsYjRNOGdJdE9xYVhCNTlyUEN6UnVoMjNyMXIwejkxVFlPUXl1ZDdmUUlWRUVLUUprUGJUNDJLVVJsYkxqUGM9&rand=0.4001465522767187&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=
Requested by
Host: angossa.com
URL: http://angossa.com/javascript/jscheck.js
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://angossa.com/r2.php?e=QghK2kCnGjZOYL302PvAv349flBkYlBwd095WmNjVGtycXJoNXJ5YXQxODZoWmhSSGRROUF4Z1VjancvdnNxL0dHaHZrMXJvM3pXMjk3L0kyVUczc254Y2tkc0w2dUo3Vk4zbHRGWG5IVmhZQmYvZ25aNTVUUm5Mc21vcjZwV1crd1BGa1ltZmtTb2dWY2JlVVZIdStxb09UNmNQZytic1JrMGVwTHFLaW4rdUdPazlGYWt4ZlhtZGE1cjM3ZVk3NEllYnNGWTRRVjhPQ1pGdzU4QXZMSHlETXdmcUhOTzlmdGQxVVRDZEVZU1dHVDNJSUxJYmMzZHBiN28wcDN0OUxDSTV3WkVERWU2ZTZUR3JqdGd0WWNWTk11UCs0U0VhWW5XeWxlSGVRUXkyK1NRWVdCMkxMU0ZORklONUlneUxFU2NMU2M1WFd4b1d6WTlHTkxxYkZUQnpRWVRmWXRqVzNaVHlsMFM5MitVYmhyT3VjamJWejV3UWh2eWtWcmVSUVhLYWZ0RVVFZWx3dGZsUlRiYjIwdHNEcWdYOG1FNDNMc0RRK2pTaGIwdk42cmJLYyswUGg1U3FBU0drek5mNTFrUGR1WnBYUjBSZmZtT1U4ZDRWWDFVNW5MRE15bnZydjI0QkVySjQzV3JvNjBDOUVhZWsvREc3dUw1OWw4MmNacGVqZGhMV2Z6TkN5cXQ1RE5YOUNFb2ZmdXBBaGoydHNERDNRQVpoUU5BZVUvc09LYitYQmpwczVRTHNMRDcxT3lPNFUvbC9OTEhmaXFOK3BwV3N0WkJpU1RENXJyL3NFS0psK0JPU3FIb1pRMEMvVkt2c05HNVNKaWVKZCtMb0dNcTZaODVjSGNXY1E3Z21FVTBDeFVSb2tQQUVUdlpPdStpNjdOVnkyYkxyaXRYRHlPNS95OXM0QmFwUmg0UDRHZFA3a2pLakp4RUJTQ3hTSXlFRmZLWk42TEhPNElmQTR6RXAzQVVuK0NRZ3JrRmJXRE9FRy91TTN0OGMrZzl5NkZaOFo5dFZxMlhGWjZvMWxNM2RtdTVQRWp2TEVoVTQ2S1hPRmp3YlhydStBOU5CSS9MeVVrWmE0WDFHRVM1ZlBwOXFvNXRDY2NHYm5XbExWbTNWWnk0Nmk0OTJZR0VnMW12ZE5JMHBkOXdEOFlXOEpWcXB4cjdNV2NVczNFPQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:47:32 GMT
server
Apache
connection
close
content-length
0
content-type
text/html; charset=UTF-8
cxzzl4k.php
adsh0wpr0.site/
Redirect Chain
  • http://angossa.com/r.php?u=https%3A%2F%2Fadsh0wpr0.site%2Fcxzzl4k.php%3Fkey%3Dr7r5nrnj3gb4o5u5m8q5%26cpv%3D0.010%26subid%3D655995448%26kw%3D.us.01.desktop.windows.chrome&s=j&enc=21aoLhEc5qZEtWe2ABY...
  • https://adsh0wpr0.site/cxzzl4k.php?key=r7r5nrnj3gb4o5u5m8q5&cpv=0.010&subid=655995448&kw=.us.01.desktop.windows.chrome
0
0
jscheck.php
angossa.com/ 		0
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://angossa.com/jscheck.php?enc=21aoLhEc5qZEtWe2ABYH%2FH49fjdLVUZ2SVl2dHc4ekVQVXVJOTNxZDRpUjdydHFoMlJHRlFsb2psRy9YZmI4cGtjUTVOekJnenNreUp1ODlKVnU1bzl1Wm52OHVTT3Q3bHFLYTVoUHJkUysyampOMm8rMksrbEVOMGdyNDJHMFlxa0Jia2hENzZlL3NaaGp3eUR4L2pFTThsOUJqL2l3L0puZ0FqaWVVdERGVVVUSnpWZkRLS2g3Y3hURW0vbWgybDJIeWZieU43ZTBwby9xdFM2MUZqVTZhSGxWMnY0KzAvdkIvSkxJSE1rMXZtd1hBMkh4RGxxaDBHMGdMcVNRc09pMWhvQXhxMHJtRFJJK0k1bW0vNEpNemcrN1dmZlhrNFFsdzQ1WXpwQnZtNkZQNitrNm4vRkxOL3ZFY1N0YU1leUV6MkJtUlF1Y0xRUXR4cmJoWGRIcTNSSmUzQXJaWlE5K0dXUkNHQklNL0N6OFFmRDBaazRpKzRReUdHWk1KTXppbzluWVZyRVNHdE9pejBUV3dKdU9GOUkwcXU3S3F0SDVLME9aOGUvOXFWZUdObDc1ZklOZStGbTBMSy9zV1NVLzhMNDVhSmw1MmZqOWlRQlUwMUxmdExFRzdObng2TWpaYWl5VDk2OEs1dGUxL3Z1Z1M2bEhVanZHMnB3aktZQUpGT0VnTVVRZkF2ZGVpaXE3ZWs3WFZYTWNONnBwVzd0NTIwb3VwSFpLOUZ0ZVFaUFRNQmE5TkV6a2xiOG8wVWJLU3dhaUlTOVM2VlhtTUpWTlRrQ2NqZmg3QkVKby9GVVNmWmFvL1h2bTFOUTVrdUg0cEltbXJPelBXTERiNjl4UFl0RTNyamJ2ZlIrR2xuTzUxc3VUb0RTdlNCNE5NZjR4Z2RXMm12blFaS2VqcnlNdkpwRkdnWk5SaVRUd2E3b0QwT1l1bjZYOWdqRWZwNVZ5ZDhwSXNxL1N1T2ZLRlM2dEd3dzY3Y0FDVG1hQlpzYnpkT1BheWtMTmpzTDZJbnNWbEJFUmQ2VmNsWEtTRzJxWHRNbHVSckkzaDZlR0Z1WTE1UzZKOVV4ZUJ0aTRlR2Jwc2FJTjg5ZGVxaHVKTyszbktseWVuN1l1YlJjWi9xNlh6NU9wb0VHWEhTcG5FTWlYTGdaaGdudWp0RU5zRXlwRGgxOUp0dHJyUXBKc0lreEFQd21pcHhyQ0hETEwzcVZmRExONENZckhGSWluc0xsc3dQZHFQMUhuYlhLRkpIbmk0WElrUUFsRnFWZ1RsYjRNOGdJdE9xYVhCNTlyUEN6UnVoMjNyMXIwejkxVFlPUXl1ZDdmUUlWRUVLUUprUGJUNDJLVVJsYkxqUGM9&rand=0.4436579341079565&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=&fp=01ea488acca41672e27726d1cc30b98e
Requested by
Host: angossa.com
URL: http://angossa.com/javascript/jscheck.js
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://angossa.com/r2.php?e=QghK2kCnGjZOYL302PvAv349flBkYlBwd095WmNjVGtycXJoNXJ5YXQxODZoWmhSSGRROUF4Z1VjancvdnNxL0dHaHZrMXJvM3pXMjk3L0kyVUczc254Y2tkc0w2dUo3Vk4zbHRGWG5IVmhZQmYvZ25aNTVUUm5Mc21vcjZwV1crd1BGa1ltZmtTb2dWY2JlVVZIdStxb09UNmNQZytic1JrMGVwTHFLaW4rdUdPazlGYWt4ZlhtZGE1cjM3ZVk3NEllYnNGWTRRVjhPQ1pGdzU4QXZMSHlETXdmcUhOTzlmdGQxVVRDZEVZU1dHVDNJSUxJYmMzZHBiN28wcDN0OUxDSTV3WkVERWU2ZTZUR3JqdGd0WWNWTk11UCs0U0VhWW5XeWxlSGVRUXkyK1NRWVdCMkxMU0ZORklONUlneUxFU2NMU2M1WFd4b1d6WTlHTkxxYkZUQnpRWVRmWXRqVzNaVHlsMFM5MitVYmhyT3VjamJWejV3UWh2eWtWcmVSUVhLYWZ0RVVFZWx3dGZsUlRiYjIwdHNEcWdYOG1FNDNMc0RRK2pTaGIwdk42cmJLYyswUGg1U3FBU0drek5mNTFrUGR1WnBYUjBSZmZtT1U4ZDRWWDFVNW5MRE15bnZydjI0QkVySjQzV3JvNjBDOUVhZWsvREc3dUw1OWw4MmNacGVqZGhMV2Z6TkN5cXQ1RE5YOUNFb2ZmdXBBaGoydHNERDNRQVpoUU5BZVUvc09LYitYQmpwczVRTHNMRDcxT3lPNFUvbC9OTEhmaXFOK3BwV3N0WkJpU1RENXJyL3NFS0psK0JPU3FIb1pRMEMvVkt2c05HNVNKaWVKZCtMb0dNcTZaODVjSGNXY1E3Z21FVTBDeFVSb2tQQUVUdlpPdStpNjdOVnkyYkxyaXRYRHlPNS95OXM0QmFwUmg0UDRHZFA3a2pLakp4RUJTQ3hTSXlFRmZLWk42TEhPNElmQTR6RXAzQVVuK0NRZ3JrRmJXRE9FRy91TTN0OGMrZzl5NkZaOFo5dFZxMlhGWjZvMWxNM2RtdTVQRWp2TEVoVTQ2S1hPRmp3YlhydStBOU5CSS9MeVVrWmE0WDFHRVM1ZlBwOXFvNXRDY2NHYm5XbExWbTNWWnk0Nmk0OTJZR0VnMW12ZE5JMHBkOXdEOFlXOEpWcXB4cjdNV2NVczNFPQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:47:33 GMT
server
Apache
connection
close
content-length
0
content-type
text/html; charset=UTF-8
Play.html
zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/
Redirect Chain
  • http://angossa.com/r.php?u=https%3A%2F%2Fadsh0wpr0.site%2Fcxzzl4k.php%3Fkey%3Dr7r5nrnj3gb4o5u5m8q5%26cpv%3D0.010%26subid%3D655995448%26kw%3D.us.01.desktop.windows.chrome&s=j&enc=21aoLhEc5qZEtWe2ABY...
  • https://adsh0wpr0.site/cxzzl4k.php?key=r7r5nrnj3gb4o5u5m8q5&cpv=0.010&subid=655995448&kw=.us.01.desktop.windows.chrome
  • https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99
11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99
Requested by
Host: angossa.com
URL: http://angossa.com/javascript/jscheck.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
161.35.82.21 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
paying-adkela.plan-3
Software
nginx/1.22.0 /
Resource Hash
fa29fd0079b20b120f3a081f783200c1b29f9c9d1b1974fbe3c6996c4f28d5d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://angossa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sat, 18 Nov 2023 23:47:34 GMT
ETag
W/"6531403c-2b14"
Last-Modified
Thu, 19 Oct 2023 14:42:04 GMT
Server
nginx/1.22.0
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Sat, 18 Nov 2023 23:47:33 GMT
Location
https://ZuPR6K.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99
Server
nginx/1.22.0
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
styles.css
zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play_files/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play_files/styles.css
Requested by
Host: zupr6k.arsrok1tjk.com
URL: https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
161.35.82.21 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
paying-adkela.plan-3
Software
nginx/1.22.0 /
Resource Hash
897a4f2c21fa2a9d96a481076abad36f699a62afa8ce0050024444c30032456c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 23:47:34 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Thu, 19 Oct 2023 14:39:15 GMT
Server
nginx/1.22.0
ETag
"65313f93-eb1"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3761
jquery-3.4.1.min.js.download
zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play_files/ 		86 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play_files/jquery-3.4.1.min.js.download
Requested by
Host: zupr6k.arsrok1tjk.com
URL: https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
161.35.82.21 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
paying-adkela.plan-3
Software
nginx/1.22.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 23:47:34 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Thu, 19 Oct 2023 14:39:15 GMT
Server
nginx/1.22.0
ETag
"65313f93-15851"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
88145
translations.js.download
zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play_files/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play_files/translations.js.download
Requested by
Host: zupr6k.arsrok1tjk.com
URL: https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
161.35.82.21 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
paying-adkela.plan-3
Software
nginx/1.22.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 23:47:34 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Thu, 19 Oct 2023 14:39:15 GMT
Server
nginx/1.22.0
ETag
"65313f93-1127"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4391
Play.html
r7wulv.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/ 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://r7wulv.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99&cnt=1
Requested by
Host: zupr6k.arsrok1tjk.com
URL: https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
161.35.82.21 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
paying-adkela.plan-3
Software
nginx/1.22.0 /
Resource Hash
fa29fd0079b20b120f3a081f783200c1b29f9c9d1b1974fbe3c6996c4f28d5d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://zupr6k.arsrok1tjk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sat, 18 Nov 2023 23:47:35 GMT
ETag
W/"6531403c-2b14"
Last-Modified
Thu, 19 Oct 2023 14:42:04 GMT
Server
nginx/1.22.0
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
styles.css
r7wulv.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play_files/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r7wulv.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play_files/styles.css
Requested by
Host: r7wulv.arsrok1tjk.com
URL: https://r7wulv.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99&cnt=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
161.35.82.21 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
paying-adkela.plan-3
Software
nginx/1.22.0 /
Resource Hash
897a4f2c21fa2a9d96a481076abad36f699a62afa8ce0050024444c30032456c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://r7wulv.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99&cnt=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 23:47:35 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Thu, 19 Oct 2023 14:39:15 GMT
Server
nginx/1.22.0
ETag
"65313f93-eb1"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3761
jquery-3.4.1.min.js.download
r7wulv.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play_files/ 		86 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r7wulv.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play_files/jquery-3.4.1.min.js.download
Requested by
Host: r7wulv.arsrok1tjk.com
URL: https://r7wulv.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99&cnt=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
161.35.82.21 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
paying-adkela.plan-3
Software
nginx/1.22.0 /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://r7wulv.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99&cnt=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 23:47:36 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Thu, 19 Oct 2023 14:39:15 GMT
Server
nginx/1.22.0
ETag
"65313f93-15851"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
88145
translations.js.download
r7wulv.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play_files/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r7wulv.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play_files/translations.js.download
Requested by
Host: r7wulv.arsrok1tjk.com
URL: https://r7wulv.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99&cnt=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
161.35.82.21 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
paying-adkela.plan-3
Software
nginx/1.22.0 /
Resource Hash
01effca0a3592ca0662d72041855aba8d02760723b93754ae7729117390ee2f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://r7wulv.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99&cnt=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 23:47:36 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Thu, 19 Oct 2023 14:39:15 GMT
Server
nginx/1.22.0
ETag
"65313f93-1127"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4391
Play.html
g9qjah.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/ 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g9qjah.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99&cnt=2
Requested by
Host: r7wulv.arsrok1tjk.com
URL: https://r7wulv.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99&cnt=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
161.35.82.21 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
paying-adkela.plan-3
Software
nginx/1.22.0 /
Resource Hash
fa29fd0079b20b120f3a081f783200c1b29f9c9d1b1974fbe3c6996c4f28d5d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://r7wulv.arsrok1tjk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sat, 18 Nov 2023 23:47:37 GMT
ETag
W/"6531403c-2b14"
Last-Modified
Thu, 19 Oct 2023 14:42:04 GMT
Server
nginx/1.22.0
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
styles.css
g9qjah.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play_files/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g9qjah.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play_files/styles.css
Requested by
Host: g9qjah.arsrok1tjk.com
URL: https://g9qjah.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99&cnt=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
161.35.82.21 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
paying-adkela.plan-3
Software
nginx/1.22.0 /
Resource Hash
897a4f2c21fa2a9d96a481076abad36f699a62afa8ce0050024444c30032456c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g9qjah.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99&cnt=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 23:47:37 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Thu, 19 Oct 2023 14:39:15 GMT
Server
nginx/1.22.0
ETag
"65313f93-eb1"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3761
jquery-3.4.1.min.js.download
g9qjah.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play_files/ 		86 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g9qjah.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play_files/jquery-3.4.1.min.js.download
Requested by
Host: g9qjah.arsrok1tjk.com
URL: https://g9qjah.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99&cnt=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
161.35.82.21 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
paying-adkela.plan-3
Software
nginx/1.22.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g9qjah.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99&cnt=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 23:47:37 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Thu, 19 Oct 2023 14:39:15 GMT
Server
nginx/1.22.0
ETag
"65313f93-15851"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
88145
translations.js.download
g9qjah.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play_files/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g9qjah.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play_files/translations.js.download
Requested by
Host: g9qjah.arsrok1tjk.com
URL: https://g9qjah.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99&cnt=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
161.35.82.21 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
paying-adkela.plan-3
Software
nginx/1.22.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g9qjah.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99&cnt=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 23:47:37 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Thu, 19 Oct 2023 14:39:15 GMT
Server
nginx/1.22.0
ETag
"65313f93-1127"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4391
Play.html
r7wulv.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/ 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://r7wulv.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99&cnt=3
Requested by
Host: g9qjah.arsrok1tjk.com
URL: https://g9qjah.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99&cnt=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
161.35.82.21 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
paying-adkela.plan-3
Software
nginx/1.22.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://g9qjah.arsrok1tjk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sat, 18 Nov 2023 23:47:37 GMT
ETag
W/"6531403c-2b14"
Last-Modified
Thu, 19 Oct 2023 14:42:04 GMT
Server
nginx/1.22.0
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
styles.css
r7wulv.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play_files/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r7wulv.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play_files/styles.css
Requested by
Host: r7wulv.arsrok1tjk.com
URL: https://r7wulv.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99&cnt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
161.35.82.21 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
paying-adkela.plan-3
Software
nginx/1.22.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://r7wulv.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99&cnt=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 23:47:38 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Thu, 19 Oct 2023 14:39:15 GMT
Server
nginx/1.22.0
ETag
"65313f93-eb1"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3761
jquery-3.4.1.min.js.download
r7wulv.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play_files/ 		86 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r7wulv.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play_files/jquery-3.4.1.min.js.download
Requested by
Host: r7wulv.arsrok1tjk.com
URL: https://r7wulv.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99&cnt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
161.35.82.21 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
paying-adkela.plan-3
Software
nginx/1.22.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://r7wulv.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99&cnt=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 23:47:38 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Thu, 19 Oct 2023 14:39:15 GMT
Server
nginx/1.22.0
ETag
"65313f93-15851"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
88145
translations.js.download
r7wulv.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play_files/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r7wulv.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play_files/translations.js.download
Requested by
Host: r7wulv.arsrok1tjk.com
URL: https://r7wulv.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99&cnt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
161.35.82.21 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
paying-adkela.plan-3
Software
nginx/1.22.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://r7wulv.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99&cnt=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 23:47:38 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Thu, 19 Oct 2023 14:39:15 GMT
Server
nginx/1.22.0
ETag
"65313f93-1127"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4391
Play.html
zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/ 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99&cnt=4
Requested by
Host: r7wulv.arsrok1tjk.com
URL: https://r7wulv.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99&cnt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
161.35.82.21 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
paying-adkela.plan-3
Software
nginx/1.22.0 /
Resource Hash
fa29fd0079b20b120f3a081f783200c1b29f9c9d1b1974fbe3c6996c4f28d5d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://r7wulv.arsrok1tjk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sat, 18 Nov 2023 23:47:38 GMT
ETag
W/"6531403c-2b14"
Last-Modified
Thu, 19 Oct 2023 14:42:04 GMT
Server
nginx/1.22.0
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
styles.css
zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play_files/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play_files/styles.css
Requested by
Host: zupr6k.arsrok1tjk.com
URL: https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99&cnt=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
161.35.82.21 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
paying-adkela.plan-3
Software
nginx/1.22.0 /
Resource Hash
897a4f2c21fa2a9d96a481076abad36f699a62afa8ce0050024444c30032456c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99&cnt=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 23:47:38 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Thu, 19 Oct 2023 14:39:15 GMT
Server
nginx/1.22.0
ETag
"65313f93-eb1"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3761
jquery-3.4.1.min.js.download
zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play_files/ 		86 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play_files/jquery-3.4.1.min.js.download
Requested by
Host: zupr6k.arsrok1tjk.com
URL: https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99&cnt=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
161.35.82.21 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
paying-adkela.plan-3
Software
nginx/1.22.0 /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99&cnt=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 23:47:38 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Thu, 19 Oct 2023 14:39:15 GMT
Server
nginx/1.22.0
ETag
"65313f93-15851"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
88145
translations.js.download
zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play_files/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play_files/translations.js.download
Requested by
Host: zupr6k.arsrok1tjk.com
URL: https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99&cnt=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
161.35.82.21 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
paying-adkela.plan-3
Software
nginx/1.22.0 /
Resource Hash
01effca0a3592ca0662d72041855aba8d02760723b93754ae7729117390ee2f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99&cnt=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 23:47:38 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Thu, 19 Oct 2023 14:39:15 GMT
Server
nginx/1.22.0
ETag
"65313f93-1127"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4391
/
www.ki42jfne.com/GT877S5/3MZNPR/
Redirect Chain
  • https://1.ads-clk-trk.online/cxzzl4k.php?key=gkvz208wwa4uro319ty1&t1={t1}&t2={t2}
  • https://www.ki42jfne.com/GT877S5/3MZNPR/?source_id=6_{t1}&sub1=ff990q5ojqn4p93a
359 B
781 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ki42jfne.com/GT877S5/3MZNPR/?source_id=6_{t1}&sub1=ff990q5ojqn4p93a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.124.125 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99&cnt=4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
359
content-type
text/html; charset=utf-8
date
Sat, 18 Nov 2023 23:47:44 GMT
server
nginx
vary
Origin
via
1.1 google
x-eflow-request-id
37611711-df80-4068-ac43-0c3ffc7f2d73

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Sat, 18 Nov 2023 23:47:44 GMT
Location
https://www.ki42jfne.com/GT877S5/3MZNPR/?source_id=6_{t1}&sub1=ff990q5ojqn4p93a
Server
nginx/1.22.0
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
metarefresh
www.ki42jfne.com/ 		293 B
355 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ki42jfne.com/metarefresh?t=aHR0cHM6Ly91cmwudG90YWxhdi5jb20vNjFlNWJiYzQ3YmEyOC9jbGljay84NTUyLzJmNGU0Zjc1MmNiMTQ1Mjk5ZWU1MzI1NmZiMDg3NjZl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.124.125 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.ki42jfne.com/GT877S5/3MZNPR/?source_id=6_{t1}&sub1=ff990q5ojqn4p93a
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
293
content-type
text/html; charset=utf-8
date
Sat, 18 Nov 2023 23:47:44 GMT
server
nginx
via
1.1 google
Primary Request free-download
www.totalav.com/
Redirect Chain
  • https://url.totalav.com/61e5bbc47ba28/click/8552/2f4e4f752cb145299ee53256fb08766e
  • https://www.totalav.com/free-download
68 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.totalav.com/free-download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.182.36 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a7b08617df3c5dd831e0677ba72888e8ff76b75adddb798c9b511de25afde137
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.ki42jfne.com/metarefresh?t=aHR0cHM6Ly91cmwudG90YWxhdi5jb20vNjFlNWJiYzQ3YmEyOC9jbGljay84NTUyLzJmNGU0Zjc1MmNiMTQ1Mjk5ZWU1MzI1NmZiMDg3NjZl
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-security-policy
frame-ancestors 'self'
content-type
text/html; charset=UTF-8
date
Sat, 18 Nov 2023 23:47:45 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 google
x-frame-options
SAMEORIGIN

Redirect headers

access-control-allow-origin
*
content-type
text/html; charset=UTF-8
date
Sat, 18 Nov 2023 23:47:45 GMT
location
https://www.totalav.com/free-download
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
x-execution-time
198.053 ms
global.min.css
resources.totalav.com/build/prod/25.77.3/css/global/_totalav/ 		167 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resources.totalav.com/build/prod/25.77.3/css/global/_totalav/global.min.css
Requested by
Host: www.totalav.com
URL: https://www.totalav.com/free-download
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:2::1 -, , ASN (),
Reverse DNS
Software
keycdn-engine /
Resource Hash
1ab7847138aee8f90d805addb0ec3bcdaeaf6462b896869fd1e52de98e8d23de

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.totalav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:47:45 GMT
content-encoding
gzip
age
35
x-edge-location
usny
x-guploader-uploadid
ABPtcPqFB5EZRWYNyKkD2pYu2YHoGODhIxtJvq-vcsE9EQVRmSGWLeG5lR8E57qP9LvMt-5mn8G5kIdeNA
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5406
last-modified
Sat, 18 Nov 2023 12:50:33 GMT
server
keycdn-engine
etag
"9b3b0e15ebcb5688b1874eb3befcc07d"
x-goog-generation
1700311833893019
content-type
text/css
access-control-allow-origin
*
x-goog-hash
crc32c=YW97iw==, md5=mzsOFevLVoixh06zvvzAfQ==
access-control-expose-headers
Content-Type
cache-control
max-age=604800
x-goog-stored-content-length
5406
accept-ranges
bytes
link
<https://storage.googleapis.com/protected-static/build/prod/25.77.3/css/global/_totalav/global.min.css>; rel="canonical"
expires
Sat, 25 Nov 2023 23:47:45 GMT
css
fonts.googleapis.com/ 		2 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap
Requested by
Host: www.totalav.com
URL: https://www.totalav.com/free-download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200a -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
51a8aab72d9a7b9c6dcd455c7c96c3ed24f7f767308209c7a9afa9a6fad346a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.totalav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 18 Nov 2023 23:47:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 18 Nov 2023 22:22:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 18 Nov 2023 23:47:45 GMT
S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
Requested by
Host: www.totalav.com
URL: https://www.totalav.com/free-download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.totalav.com/
Origin
https://www.totalav.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 17:31:47 GMT
x-content-type-options
nosniff
age
368158
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13912
x-xss-protection
0
last-modified
Tue, 23 Jul 2019 03:45:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Nov 2024 17:31:47 GMT
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: www.totalav.com
URL: https://www.totalav.com/free-download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.totalav.com/
Origin
https://www.totalav.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 08:57:25 GMT
x-content-type-options
nosniff
age
312620
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14044
x-xss-protection
0
last-modified
Tue, 23 Jul 2019 03:45:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Nov 2024 08:57:25 GMT
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: www.totalav.com
URL: https://www.totalav.com/free-download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.totalav.com/
Origin
https://www.totalav.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 22:46:11 GMT
x-content-type-options
nosniff
age
262894
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14176
x-xss-protection
0
last-modified
Tue, 23 Jul 2019 03:45:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Nov 2024 22:46:11 GMT
icomoon.woff2
resources.totalav.com/packages/icomoon/www/fonts/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resources.totalav.com/packages/icomoon/www/fonts/icomoon.woff2?dtv932
Requested by
Host: www.totalav.com
URL: https://www.totalav.com/free-download
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:2::1 -, , ASN (),
Reverse DNS
Software
keycdn-engine /
Resource Hash
95c34b12647d187606c19c6aa1b1a0be32d85e41dd39bc5f8d48147d1363567d

Request headers

Referer
https://www.totalav.com/
Origin
https://www.totalav.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:47:45 GMT
age
11
x-edge-location
usny
x-guploader-uploadid
ADPycds7NjGQZs16FtHaSiRkIJLe0BH4NPrautnLigNpsMpos6LED-FIseWqMs9_99-CzoHNBbfhoB3miAiRY9XxZDh8LQ
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15088
last-modified
Wed, 29 Jan 2020 16:08:52 GMT
server
keycdn-engine
etag
"0aab1b0ae968c239e36514cfed2939f1"
x-goog-generation
1580314132569558
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=AeYl0g==, md5=CqsbCulowjnjZRTP7Sk58Q==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
max-age=604800
x-goog-stored-content-length
15088
accept-ranges
bytes
link
<https://storage.googleapis.com/protected-static/packages/icomoon/www/fonts/icomoon.woff2?dtv932>; rel="canonical"
expires
Sat, 25 Nov 2023 23:47:45 GMT
fa-light-300.woff2
static.totalav.com/packages/fontawesome/webfonts/ 		142 KB
143 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.totalav.com/packages/fontawesome/webfonts/fa-light-300.woff2?25.77.3
Requested by
Host: www.totalav.com
URL: https://www.totalav.com/free-download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.251.103 -, , ASN (),
Reverse DNS
Software
UploadServer /
Resource Hash
448f45a0ba44410ee2f4a475d56719fd1531dcd274876d8e3ef96b4cf01125e1

Request headers

Referer
https://www.totalav.com/
Origin
https://www.totalav.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 04:19:51 GMT
age
502074
x-guploader-uploadid
ABPtcPru0YCvLbA-2tZ8GSdOyd65KLEEN_5S3ipbsjqqig5pwFTRT7GiOUCkg77O94sqZonYKGBxeCSYBhIfymnkxJlkGOvq531M
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145656
last-modified
Wed, 21 Aug 2019 08:59:46 GMT
server
UploadServer
etag
"b076f7ccd174eeb6ea55b9857c50f37c"
x-goog-generation
1566377986064902
x-goog-hash
crc32c=JMV6oA==, md5=sHb3zNF07rbqVbmFfFDzfA==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000
x-goog-stored-content-length
145656
accept-ranges
bytes
content-type
application/octet-stream
expires
Tue, 12 Nov 2024 04:19:51 GMT
fa-brands-400.woff2
static.totalav.com/packages/fontawesome/webfonts/ 		68 KB
69 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.totalav.com/packages/fontawesome/webfonts/fa-brands-400.woff2?25.77.3
Requested by
Host: www.totalav.com
URL: https://www.totalav.com/free-download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.251.103 -, , ASN (),
Reverse DNS
Software
UploadServer /
Resource Hash
e705082b8a630b4d0190bb13e20f4d127f75ad88c271c749ff0c4e10c6acacf9

Request headers

Referer
https://www.totalav.com/
Origin
https://www.totalav.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 21:33:43 GMT
age
267242
x-guploader-uploadid
ABPtcPqvBzcetHY8kfc-02A1cZnjo5L7DrK0Yw8bqvrLebCIJJ7-BGgMrXJZlpFRI149Zbeve8j6790Q0mwpRPbdKFYa_QK93Dr-
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69644
last-modified
Wed, 21 Aug 2019 08:59:44 GMT
server
UploadServer
etag
"0896516daa9ef0a4169465a6fa281d68"
x-goog-generation
1566377984564371
x-goog-hash
crc32c=3nh1GQ==, md5=CJZRbaqe8KQWlGWm+igdaA==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000
x-goog-stored-content-length
69644
accept-ranges
bytes
content-type
application/octet-stream
expires
Thu, 14 Nov 2024 21:33:43 GMT
respond.src.js
www.totalav.com/cross-domain/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.totalav.com/cross-domain/respond.src.js
Requested by
Host: www.totalav.com
URL: https://www.totalav.com/free-download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.182.36 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
8219937fb5d40ea3720fb56701c5f55b462a0f77b19074190b2d15242c5caeaf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.totalav.com/free-download
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
content-encoding
gzip
via
1.1 google
date
Sat, 18 Nov 2023 23:47:45 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
layout.min.css
resources.totalav.com/build/prod/25.77.3/css/layout/www/_totalav/ 		80 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resources.totalav.com/build/prod/25.77.3/css/layout/www/_totalav/layout.min.css
Requested by
Host: www.totalav.com
URL: https://www.totalav.com/free-download
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:2::1 -, , ASN (),
Reverse DNS
Software
keycdn-engine /
Resource Hash
32a9e52d9d76daf34050f5f722c29201aa0268b59ed033d594f286a0ea1b85e7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.totalav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:47:45 GMT
content-encoding
gzip
age
5
x-edge-location
usny
x-guploader-uploadid
ABPtcPr2dWXoHDGVH6pFTPC6NO6h8lWvfg4HE4iS3R7zH-EneDxvwwwth6AA4W1DoQuVIwA3Wp4
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11247
last-modified
Sat, 18 Nov 2023 12:51:10 GMT
server
keycdn-engine
etag
"6d2ed57ae41025af0207e2a9c27c35e5"
x-goog-generation
1700311870918956
content-type
text/css
access-control-allow-origin
*
x-goog-hash
crc32c=pQ2mFA==, md5=bS7VeuQQJa8CB+Kpwnw15Q==
access-control-expose-headers
Content-Type
cache-control
max-age=604800
x-goog-stored-content-length
11247
accept-ranges
bytes
link
<https://storage.googleapis.com/protected-static/build/prod/25.77.3/css/layout/www/_totalav/layout.min.css>; rel="canonical"
expires
Sat, 25 Nov 2023 23:47:45 GMT
style.css
resources.totalav.com/packages/icomoon/www/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resources.totalav.com/packages/icomoon/www/style.css
Requested by
Host: www.totalav.com
URL: https://www.totalav.com/free-download
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:2::1 -, , ASN (),
Reverse DNS
Software
keycdn-engine /
Resource Hash
e20193ac78db9994c85ad976733276a68fe44633b777205de04cd616c461bd1d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.totalav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:47:45 GMT
content-encoding
gzip
x-edge-location
usny
x-guploader-uploadid
ADPycduOXWF-5GRaw89XTUij4pcIANmqRmH82LYd6ZGjw2cAkf8z_H9IvVo5DFydIXBOV-9WS15X-Gcp0cxbLSKiYNQ62w
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Wed, 29 Jan 2020 16:09:07 GMT
server
keycdn-engine
etag
W/"98bf143bccb74fa6412aea2ebc7884e6"
x-goog-generation
1580314147124457
content-type
text/css
access-control-allow-origin
*
x-goog-hash
crc32c=M/Vc1A==, md5=mL8UO8y3T6ZBKuouvHiE5g==
access-control-expose-headers
Content-Type
cache-control
max-age=604800
x-goog-stored-content-length
3656
link
<https://storage.googleapis.com/protected-static/packages/icomoon/www/style.css>; rel="canonical"
expires
Sat, 25 Nov 2023 23:47:45 GMT
windows-laptop-app-mid-scan.png
resources.totalav.com/img/global/_totalav/content_image/en/ 		79 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.totalav.com/img/global/_totalav/content_image/en/windows-laptop-app-mid-scan.png
Requested by
Host: www.totalav.com
URL: https://www.totalav.com/free-download
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:2::1 -, , ASN (),
Reverse DNS
Software
keycdn-engine /
Resource Hash
fa0f63188275fb4ebca258cee7ca1a5e5aed28ec81b04bdd95027318d390fb67

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.totalav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:47:45 GMT
x-edge-location
usny
x-guploader-uploadid
ADPycdsDq4nFR_FclQlRBwf4MAC597CvPsknL4uhHO5vtqc_QJyPsIPtG9cfi-LE1p9MEwZB4_LFpiKJ146gZFTYebmwfA
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80623
last-modified
Tue, 16 Feb 2021 11:45:24 GMT
server
keycdn-engine
etag
"f94079d830d4a79be5573bf7c5fff5da"
x-goog-generation
1613475924459852
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=eiYBow==, md5=+UB52DDUp5vlVzv3xf/12g==
access-control-expose-headers
Content-Type
cache-control
max-age=604800
x-goog-stored-content-length
80623
accept-ranges
bytes
link
<https://storage.googleapis.com/protected-static/img/global/_totalav/content_image/en/windows-laptop-app-mid-scan.png>; rel="canonical"
expires
Sat, 25 Nov 2023 23:47:45 GMT
totalav-av-comparatives-award-1686573749.png
resources.totalav.com/img/global/award-images/lander/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.totalav.com/img/global/award-images/lander/totalav-av-comparatives-award-1686573749.png
Requested by
Host: www.totalav.com
URL: https://www.totalav.com/free-download
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:2::1 -, , ASN (),
Reverse DNS
Software
keycdn-engine /
Resource Hash
da92c3f55e1805f0b92fdf3c474f09fd298d1ea05dd3d5e94b40031c37bbe8f6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.totalav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:47:45 GMT
age
10
x-edge-location
usny
x-guploader-uploadid
ADPycdsMcVMj_OGxgTKp__Co3LENXmppH_B8J7tUTCzM52OlIUBq7xe-4qjPGQfF8q-7RLMmgKQV5KntYD6FRl-GeULNPg
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4678
last-modified
Mon, 12 Jun 2023 12:42:29 GMT
server
keycdn-engine
etag
"494802468d0b374387ae6705692eaf76"
x-goog-generation
1686573749294934
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=wJLJyQ==, md5=SUgCRo0LN0OHrmcFaS6vdg==
access-control-expose-headers
Content-Type
cache-control
max-age=604800
x-goog-stored-content-length
4678
accept-ranges
bytes
link
<https://storage.googleapis.com/protected-static/img/global/award-images/lander/totalav-av-comparatives-award-1686573749.png>; rel="canonical"
expires
Sat, 25 Nov 2023 23:47:45 GMT
totalav-av-comparatives-1686573948.png
resources.totalav.com/img/global/award-images/lander/ 		0
0
totalav-av-test-2023-1686573988.png
resources.totalav.com/img/global/award-images/lander/ 		0
0
totalav-vb-100-certified-1686574017.png
resources.totalav.com/img/global/award-images/lander/ 		0
0
totalav-av-comparatives-award-2022-1686574053.png
resources.totalav.com/img/global/award-images/lander/ 		0
0
white-background-shield.png
resources.totalav.com/img/layout/_totalav/www/background/content_image/ 		0
0
trustpilot-free-download-exit-pop-white.png
resources.totalav.com/img/layout/_totalav/www/content-img/en/ 		0
0
tav-logo-white.png
resources.totalav.com/img/global/_totalav/logo/ 		0
0
logo_alt.png
resources.totalav.com/img/global/_totalav/logo/ 		0
0
logo_totalav_modal.png
resources.totalav.com/img/global/_totalav/logo/ 		0
0
logo_totalav.png
resources.totalav.com/img/global/_totalav/logo/ 		0
0
money-back.png
resources.totalav.com/img/global/_totalav/icons/en/ 		0
0
diagnostic_scan_rosette.png
resources.totalav.com/img/global/_totalav/icons/en/ 		0
0
roundel-confirmation.png
resources.totalav.com/img/layout/_totalav/my/modal/ 		0
0
global.min.js
resources.totalav.com/build/prod/25.77.3/js/global/ 		0
0
download-overlay.min.js
resources.totalav.com/build/prod/25.77.3/js/download-overlay/ 		0
0
tp.widget.bootstrap.min.js
widget.trustpilot.com/bootstrap/v5/ 		0
0
totalAvApp.min.js
resources.totalav.com/build/prod/25.77.3/ts/bundle/ 		0
0
global.min-1-bless-section.css
resources.totalav.com/build/prod/25.77.3/css/global/_totalav/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
adsh0wpr0.site
URL
https://adsh0wpr0.site/cxzzl4k.php?key=r7r5nrnj3gb4o5u5m8q5&cpv=0.010&subid=655995448&kw=.us.01.desktop.windows.chrome
Domain
resources.totalav.com
URL
https://resources.totalav.com/img/global/award-images/lander/totalav-av-comparatives-1686573948.png
Domain
resources.totalav.com
URL
https://resources.totalav.com/img/global/award-images/lander/totalav-av-test-2023-1686573988.png
Domain
resources.totalav.com
URL
https://resources.totalav.com/img/global/award-images/lander/totalav-vb-100-certified-1686574017.png
Domain
resources.totalav.com
URL
https://resources.totalav.com/img/global/award-images/lander/totalav-av-comparatives-award-2022-1686574053.png
Domain
resources.totalav.com
URL
https://resources.totalav.com/img/layout/_totalav/www/background/content_image/white-background-shield.png
Domain
resources.totalav.com
URL
https://resources.totalav.com/img/layout/_totalav/www/content-img/en/trustpilot-free-download-exit-pop-white.png
Domain
resources.totalav.com
URL
https://resources.totalav.com/img/global/_totalav/logo/tav-logo-white.png
Domain
resources.totalav.com
URL
https://resources.totalav.com/img/global/_totalav/logo/logo_alt.png
Domain
resources.totalav.com
URL
https://resources.totalav.com/img/global/_totalav/logo/logo_totalav_modal.png
Domain
resources.totalav.com
URL
https://resources.totalav.com/img/global/_totalav/logo/logo_totalav.png
Domain
resources.totalav.com
URL
https://resources.totalav.com/img/global/_totalav/icons/en/money-back.png
Domain
resources.totalav.com
URL
https://resources.totalav.com/img/global/_totalav/icons/en/diagnostic_scan_rosette.png
Domain
resources.totalav.com
URL
https://resources.totalav.com/img/layout/_totalav/my/modal/roundel-confirmation.png
Domain
resources.totalav.com
URL
https://resources.totalav.com/build/prod/25.77.3/js/global/global.min.js
Domain
resources.totalav.com
URL
https://resources.totalav.com/build/prod/25.77.3/js/download-overlay/download-overlay.min.js
Domain
widget.trustpilot.com
URL
https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Domain
resources.totalav.com
URL
https://resources.totalav.com/build/prod/25.77.3/ts/bundle/totalAvApp.min.js
Domain
resources.totalav.com
URL
https://resources.totalav.com/build/prod/25.77.3/css/global/_totalav/global.min-1-bless-section.css?z=125

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

4 Cookies

Domain/Path Name / Value
xw.kjukenhi.in/ Name: __tad
Value: 1700351248.8143976
.angossa.com/ Name: __dsnsid
Value: 20231119104729eb8336cb8e7fad4184
adsh0wpr0.site/ Name: uclick
Value: q5ojqn9r
adsh0wpr0.site/ Name: uclickhash
Value: q5ojqn9r-q5ojqn9r-qq-uo-fndz-my3y-my6o-519389

3 Console Messages

Source Level URL
Text
other error URL: https://r7wulv.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99&cnt=1
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
other error URL: https://r7wulv.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99&cnt=3
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
other error URL: https://zupr6k.arsrok1tjk.com/landers/7270a52977/65313f9313aa8/Play.html?src=OJlOKFZT33Qc&t1=10_655995448&clickid=2e1cdq5ojqn9r95e&t2=99&cnt=4
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.ads-clk-trk.online
adsh0wpr0.site
angossa.com
fonts.googleapis.com
fonts.gstatic.com
g9qjah.arsrok1tjk.com
r7wulv.arsrok1tjk.com
resources.totalav.com
static.totalav.com
url.totalav.com
widget.trustpilot.com
www.ki42jfne.com
www.totalav.com
xw.kjukenhi.in
zupr6k.arsrok1tjk.com
adsh0wpr0.site
resources.totalav.com
widget.trustpilot.com
103.224.182.206
103.224.182.246
161.35.82.21
2607:f8b0:4006:822::2003
2607:f8b0:4006:824::200a
2a0b:4d07:2::1
34.149.124.125
34.36.182.36
35.186.251.103
35.224.74.90
01effca0a3592ca0662d72041855aba8d02760723b93754ae7729117390ee2f6
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1ab7847138aee8f90d805addb0ec3bcdaeaf6462b896869fd1e52de98e8d23de
32a9e52d9d76daf34050f5f722c29201aa0268b59ed033d594f286a0ea1b85e7
448f45a0ba44410ee2f4a475d56719fd1531dcd274876d8e3ef96b4cf01125e1
51a8aab72d9a7b9c6dcd455c7c96c3ed24f7f767308209c7a9afa9a6fad346a5
706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38
8219937fb5d40ea3720fb56701c5f55b462a0f77b19074190b2d15242c5caeaf
897a4f2c21fa2a9d96a481076abad36f699a62afa8ce0050024444c30032456c
95c34b12647d187606c19c6aa1b1a0be32d85e41dd39bc5f8d48147d1363567d
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
a7b08617df3c5dd831e0677ba72888e8ff76b75adddb798c9b511de25afde137
da92c3f55e1805f0b92fdf3c474f09fd298d1ea05dd3d5e94b40031c37bbe8f6
e20193ac78db9994c85ad976733276a68fe44633b777205de04cd616c461bd1d
e705082b8a630b4d0190bb13e20f4d127f75ad88c271c749ff0c4e10c6acacf9
fa0f63188275fb4ebca258cee7ca1a5e5aed28ec81b04bdd95027318d390fb67
fa29fd0079b20b120f3a081f783200c1b29f9c9d1b1974fbe3c6996c4f28d5d4