URL: https://protectingapplication.com/index.php?key=ixfkt9lbj00npzq1evqm&visitor_id=836925557332516864&cost=0.000670&zoneid=7476040&ca...
Submission: On December 19 via api from GB — Scanned from GB

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 15 HTTP transactions. The main IP is 136.243.81.51, located in Cologne, Germany and belongs to HETZNER-AS Hetzner Online GmbH, DE. The main domain is protectingapplication.com.
TLS certificate: Issued by R11 on December 1st 2024. Valid for: 3 months.
This is the only time protectingapplication.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 136.243.81.51 24940 (HETZNER-A...)
6 194.63.140.103 50113 (SuperServ...)
4 172.67.192.254 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
15 4
Apex Domain
Subdomains
Transfer
6 loadingscripts.com
loadingscripts.com — Cisco Umbrella Rank: 106163
23 KB
4 aureatedreams.com
aureatedreams.com
110 KB
4 protectingapplication.com
protectingapplication.com
54 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
15 4
Domain Requested by
6 loadingscripts.com protectingapplication.com
4 aureatedreams.com protectingapplication.com
4 protectingapplication.com protectingapplication.com
1 fonts.googleapis.com loadingscripts.com
15 4

This site contains no links.

Subject Issuer Validity Valid
protectingapplication.com
R11
2024-12-01 -
2025-03-01
3 months crt.sh
loadingscripts.com
R11
2024-10-21 -
2025-01-19
3 months crt.sh
aureatedreams.com
WE1
2024-11-10 -
2025-02-08
3 months crt.sh
upload.video.google.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh

This page contains 1 frames:

Primary Page: https://protectingapplication.com/index.php?key=ixfkt9lbj00npzq1evqm&visitor_id=836925557332516864&cost=0.000670&zoneid=7476040&campaignid=8007615
Frame ID: A8998859ECD2887630CA068AAFC269B1
Requests: 15 HTTP requests in this frame

Screenshot

Page Title

Attention

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

188 kB
Transfer

262 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request index.php
protectingapplication.com/
19 KB
8 KB
Document
General
Full URL
https://protectingapplication.com/index.php?key=ixfkt9lbj00npzq1evqm&visitor_id=836925557332516864&cost=0.000670&zoneid=7476040&campaignid=8007615
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.81.51 Cologne, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.51.81.243.136.clients.your-server.de
Software
nginx /
Resource Hash
7a80c01c80b4e65807657a023ea703e8a9e5dd22f622d47c03b57f30406a395e
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-security-policy
img-src https: data:; upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Thu, 19 Dec 2024 11:03:00 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
style.css
protectingapplication.com/landers/for_mac_1/1/
7 KB
2 KB
Stylesheet
General
Full URL
https://protectingapplication.com/landers/for_mac_1/1/style.css
Requested by
Host: protectingapplication.com
URL: https://protectingapplication.com/index.php?key=ixfkt9lbj00npzq1evqm&visitor_id=836925557332516864&cost=0.000670&zoneid=7476040&campaignid=8007615
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.81.51 Cologne, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.51.81.243.136.clients.your-server.de
Software
nginx /
Resource Hash
f2f9f507092cc0ff3cc230e4e11860fff098b7dafbf36cde525ddd2a59789aac
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://protectingapplication.com/index.php?key=ixfkt9lbj00npzq1evqm&visitor_id=836925557332516864&cost=0.000670&zoneid=7476040&campaignid=8007615

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
img-src https: data:; upgrade-insecure-requests
cache-control
max-age=2592000
content-encoding
gzip
etag
W/"65f445d3-1c39"
expires
Sat, 18 Jan 2025 11:03:01 GMT
date
Thu, 19 Dec 2024 11:03:01 GMT
content-type
text/css
last-modified
Fri, 15 Mar 2024 12:57:55 GMT
server
nginx
vary
Accept-Encoding
css
protectingapplication.com/landers/for_mac_1/1/assets/
10 KB
11 KB
Stylesheet
General
Full URL
https://protectingapplication.com/landers/for_mac_1/1/assets/css
Requested by
Host: protectingapplication.com
URL: https://protectingapplication.com/index.php?key=ixfkt9lbj00npzq1evqm&visitor_id=836925557332516864&cost=0.000670&zoneid=7476040&campaignid=8007615
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.81.51 Cologne, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.51.81.243.136.clients.your-server.de
Software
nginx /
Resource Hash
707f86fb8e996ca33be3a2871034cae28d069e3c42803d04c368465c668c409c
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://protectingapplication.com/index.php?key=ixfkt9lbj00npzq1evqm&visitor_id=836925557332516864&cost=0.000670&zoneid=7476040&campaignid=8007615

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
img-src https: data:; upgrade-insecure-requests
etag
"65f445d3-29ec"
accept-ranges
bytes
content-length
10732
date
Thu, 19 Dec 2024 11:03:01 GMT
content-type
application/octet-stream
last-modified
Fri, 15 Mar 2024 12:57:55 GMT
server
nginx
jquery-3.4.1.min.js
protectingapplication.com/landers/for_mac_1/1/assets/
86 KB
33 KB
Script
General
Full URL
https://protectingapplication.com/landers/for_mac_1/1/assets/jquery-3.4.1.min.js
Requested by
Host: protectingapplication.com
URL: https://protectingapplication.com/index.php?key=ixfkt9lbj00npzq1evqm&visitor_id=836925557332516864&cost=0.000670&zoneid=7476040&campaignid=8007615
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.81.51 Cologne, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.51.81.243.136.clients.your-server.de
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://protectingapplication.com/index.php?key=ixfkt9lbj00npzq1evqm&visitor_id=836925557332516864&cost=0.000670&zoneid=7476040&campaignid=8007615

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
img-src https: data:; upgrade-insecure-requests
cache-control
max-age=7200
content-encoding
gzip
etag
W/"65f445d3-15851"
expires
Thu, 19 Dec 2024 13:03:01 GMT
date
Thu, 19 Dec 2024 11:03:01 GMT
content-type
application/javascript
last-modified
Fri, 15 Mar 2024 12:57:55 GMT
server
nginx
vary
Accept-Encoding
style.css
loadingscripts.com/progress_p/pwa_links/main/vpn/ios-widget-black/1/
4 KB
1 KB
Stylesheet
General
Full URL
https://loadingscripts.com/progress_p/pwa_links/main/vpn/ios-widget-black/1/style.css
Requested by
Host: protectingapplication.com
URL: https://protectingapplication.com/index.php?key=ixfkt9lbj00npzq1evqm&visitor_id=836925557332516864&cost=0.000670&zoneid=7476040&campaignid=8007615
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.63.140.103 Moscow Oblast, Russian Federation, ASN50113 (SuperServersDatacenter NTX Technologies s.r.o., CZ),
Reverse DNS
Software
nginx/1.23.4 /
Resource Hash
a5176431b7248a5c3a9314209c30b5ddc518043159c98190f97640df3c88682b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://protectingapplication.com/

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=315360000
Content-Encoding
gzip
ETag
W/"64cb7248-110e"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Access-Control-Allow-Origin
*
Keep-Alive
timeout=10
Date
Thu, 19 Dec 2024 11:03:01 GMT
Content-Type
text/css
Last-Modified
Thu, 03 Aug 2023 09:24:24 GMT
Server
nginx/1.23.4
pwa_custom.js
loadingscripts.com/progress_p/pwa_links/main/vpn/ios-widget-black/1/
1 KB
2 KB
Script
General
Full URL
https://loadingscripts.com/progress_p/pwa_links/main/vpn/ios-widget-black/1/pwa_custom.js
Requested by
Host: protectingapplication.com
URL: https://protectingapplication.com/index.php?key=ixfkt9lbj00npzq1evqm&visitor_id=836925557332516864&cost=0.000670&zoneid=7476040&campaignid=8007615
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.63.140.103 Moscow Oblast, Russian Federation, ASN50113 (SuperServersDatacenter NTX Technologies s.r.o., CZ),
Reverse DNS
Software
nginx/1.23.4 /
Resource Hash
9f35b32d1443ad83c8615ca12eee6ee6a4593d90a26838337855e1acc363f2a8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://protectingapplication.com/

Response headers

Cache-Control
max-age=315360000
ETag
"64f72f4c-4a7"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
1191
Keep-Alive
timeout=10
Date
Thu, 19 Dec 2024 11:03:01 GMT
Content-Type
application/javascript
Last-Modified
Tue, 05 Sep 2023 13:38:20 GMT
Server
nginx/1.23.4
notification.js
loadingscripts.com/progress_p/pwa_links/default_scripts/
3 KB
3 KB
Script
General
Full URL
https://loadingscripts.com/progress_p/pwa_links/default_scripts/notification.js
Requested by
Host: protectingapplication.com
URL: https://protectingapplication.com/index.php?key=ixfkt9lbj00npzq1evqm&visitor_id=836925557332516864&cost=0.000670&zoneid=7476040&campaignid=8007615
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.63.140.103 Moscow Oblast, Russian Federation, ASN50113 (SuperServersDatacenter NTX Technologies s.r.o., CZ),
Reverse DNS
Software
nginx/1.23.4 /
Resource Hash
03d593cbf7b72d3c70caedac0c0259330ce8b1a45b708e92e3f19245b6ca9929

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://protectingapplication.com/

Response headers

Cache-Control
max-age=315360000
ETag
"641dde88-af1"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
2801
Keep-Alive
timeout=10
Date
Thu, 19 Dec 2024 11:03:01 GMT
Content-Type
application/javascript
Last-Modified
Fri, 24 Mar 2023 17:31:52 GMT
Server
nginx/1.23.4
new_free.svg
aureatedreams.com/downloadapp/vpn/default/video-player/1/assets/
2 KB
2 KB
Image
General
Full URL
https://aureatedreams.com/downloadapp/vpn/default/video-player/1/assets/new_free.svg
Requested by
Host: protectingapplication.com
URL: https://protectingapplication.com/index.php?key=ixfkt9lbj00npzq1evqm&visitor_id=836925557332516864&cost=0.000670&zoneid=7476040&campaignid=8007615
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.192.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d71979d570cf7108ad47cad945310c96cdb7b987775d150284ef6bfabfc338d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://protectingapplication.com/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"6555e8c9-623"
age
2585
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6bPr1CgpizXaBcrL0x2Epd728%2BzmfnRKeKt72FlZwzh0vrTQIrDcv892tW6PLFyTeSCpUBtwRknJEUD4ctKmh9GLQJlk9m9pOpGySDfiN5alXs9ZX%2Fe%2F1UtVu4Xdin3CDXgmlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=42017&min_rtt=41993&rtt_var=15765&sent=13&recv=8&lost=0&retrans=0&sent_bytes=5207&recv_bytes=4739&delivery_rate=75760&cwnd=12000&unsent_bytes=0&cid=ae90025360f50c26&ts=66&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 19 Dec 2024 11:03:01 GMT
content-type
image/svg+xml
last-modified
Thu, 16 Nov 2023 10:02:49 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=28800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f46e757acd2ede2-LHR
server
cloudflare
loading.svg
aureatedreams.com/downloadapp/vpn/default/video-player/1/assets/
386 B
1012 B
Image
General
Full URL
https://aureatedreams.com/downloadapp/vpn/default/video-player/1/assets/loading.svg
Requested by
Host: protectingapplication.com
URL: https://protectingapplication.com/index.php?key=ixfkt9lbj00npzq1evqm&visitor_id=836925557332516864&cost=0.000670&zoneid=7476040&campaignid=8007615
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.192.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4d917c84ef07493d6dc83306cb754ddddc1cdb4fc879e09f5b54a0b6f11d451

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://protectingapplication.com/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"6555e8c9-182"
age
5263
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EVtdDXT0cgeQVfRsacAf6LFxlRrKLX%2F1MKrQAMxKV5VNLo1tVt8MupVQ%2B8fO112cXyu8F0xnbxOq1udnDEyCWIMqcRwsDJFO%2BrEDIC7y6K1LDmaMPnBA%2BbmuckaoGTjzLI7oMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=42017&min_rtt=41993&rtt_var=15765&sent=11&recv=8&lost=0&retrans=0&sent_bytes=4148&recv_bytes=4739&delivery_rate=75760&cwnd=12000&unsent_bytes=0&cid=ae90025360f50c26&ts=60&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 19 Dec 2024 11:03:01 GMT
content-type
image/svg+xml
last-modified
Thu, 16 Nov 2023 10:02:49 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=28800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f46e757acd6ede2-LHR
server
cloudflare
bg_GIF.gif
aureatedreams.com/downloadapp/vpn/default/video-player/1/assets/
106 KB
106 KB
Image
General
Full URL
https://aureatedreams.com/downloadapp/vpn/default/video-player/1/assets/bg_GIF.gif
Requested by
Host: protectingapplication.com
URL: https://protectingapplication.com/landers/for_mac_1/1/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.192.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbb959f194e072a173ee27e20aff979766b86fa16d0a8bf588677606979bc7ca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://protectingapplication.com/

Response headers

cf-cache-status
HIT
etag
"6555e8c8-1a6f1"
age
2585
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fNnz9CJvIUs1X%2Bhn2iWbCpR5Jn9SQFeU5NEjzFt76RrmnQylNJIyNvVMVHoSi%2FSQGA7m89%2BIwkUOdn%2FM6OK%2B1TDiR34emg3q%2BoOZaZOw8JOG%2B%2BPyMBEudlAG7eiiE7lrkq7V0w%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=45345&min_rtt=41993&rtt_var=9588&sent=17&recv=14&lost=0&retrans=0&sent_bytes=6843&recv_bytes=5334&delivery_rate=39682&cwnd=12000&unsent_bytes=0&cid=ae90025360f50c26&ts=262&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 19 Dec 2024 11:03:01 GMT
content-type
image/gif
last-modified
Thu, 16 Nov 2023 10:02:48 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=28800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f46e758e868ede2-LHR
accept-ranges
bytes
content-length
108273
server
cloudflare
css
fonts.googleapis.com/
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
Requested by
Host: loadingscripts.com
URL: https://loadingscripts.com/progress_p/pwa_links/main/vpn/ios-widget-black/1/pwa_custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
71cfdae69236a935151761b96b4f46b54f95be14372112e9b5c398eb87db1b3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://protectingapplication.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 19 Dec 2024 11:03:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 11:03:01 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 19 Dec 2024 10:30:20 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
close.png
loadingscripts.com/progress_p/pwa_links/main/vpn/ios-widget-black/1/
12 KB
13 KB
Image
General
Full URL
https://loadingscripts.com/progress_p/pwa_links/main/vpn/ios-widget-black/1/close.png
Requested by
Host: protectingapplication.com
URL: https://protectingapplication.com/index.php?key=ixfkt9lbj00npzq1evqm&visitor_id=836925557332516864&cost=0.000670&zoneid=7476040&campaignid=8007615
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.63.140.103 Moscow Oblast, Russian Federation, ASN50113 (SuperServersDatacenter NTX Technologies s.r.o., CZ),
Reverse DNS
Software
nginx/1.23.4 /
Resource Hash
cead1002bb2a8ef60efc22804d0ef0596b9e19a7362d40cde2d5a3a7c6b83668

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://protectingapplication.com/

Response headers

Cache-Control
max-age=315360000
ETag
"64c90777-31d0"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
12752
Keep-Alive
timeout=10
Date
Thu, 19 Dec 2024 11:03:01 GMT
Content-Type
image/png
Last-Modified
Tue, 01 Aug 2023 13:24:07 GMT
Server
nginx/1.23.4
alert.svg
loadingscripts.com/progress_p/pwa_links/main/vpn/ios-widget-black/1/
1 KB
2 KB
Image
General
Full URL
https://loadingscripts.com/progress_p/pwa_links/main/vpn/ios-widget-black/1/alert.svg
Requested by
Host: protectingapplication.com
URL: https://protectingapplication.com/index.php?key=ixfkt9lbj00npzq1evqm&visitor_id=836925557332516864&cost=0.000670&zoneid=7476040&campaignid=8007615
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.63.140.103 Moscow Oblast, Russian Federation, ASN50113 (SuperServersDatacenter NTX Technologies s.r.o., CZ),
Reverse DNS
Software
nginx/1.23.4 /
Resource Hash
0f0834563aa719bde5e7c02f797289eac205c5511f4a35e1f0aad6bef6fbf666

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://protectingapplication.com/

Response headers

ETag
"64c90777-599"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1433
Keep-Alive
timeout=10
Date
Thu, 19 Dec 2024 11:03:01 GMT
Content-Type
image/svg+xml
Last-Modified
Tue, 01 Aug 2023 13:24:07 GMT
Server
nginx/1.23.4
more.png
loadingscripts.com/progress_p/pwa_links/main/vpn/ios-widget-black/1/
2 KB
2 KB
Image
General
Full URL
https://loadingscripts.com/progress_p/pwa_links/main/vpn/ios-widget-black/1/more.png
Requested by
Host: protectingapplication.com
URL: https://protectingapplication.com/index.php?key=ixfkt9lbj00npzq1evqm&visitor_id=836925557332516864&cost=0.000670&zoneid=7476040&campaignid=8007615
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.63.140.103 Moscow Oblast, Russian Federation, ASN50113 (SuperServersDatacenter NTX Technologies s.r.o., CZ),
Reverse DNS
Software
nginx/1.23.4 /
Resource Hash
16e6097a93e5dcd6061b6fedce354d7ec8dd8aaf02820b6a656443e7edcca1b7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://protectingapplication.com/

Response headers

Cache-Control
max-age=315360000
ETag
"64c90777-6bc"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
1724
Keep-Alive
timeout=10
Date
Thu, 19 Dec 2024 11:03:01 GMT
Content-Type
image/png
Last-Modified
Tue, 01 Aug 2023 13:24:07 GMT
Server
nginx/1.23.4
fav.png
aureatedreams.com/downloadapp/vpn/default/video-player/1/assets/
545 B
1 KB
Other
General
Full URL
https://aureatedreams.com/downloadapp/vpn/default/video-player/1/assets/fav.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.192.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34ca666275595ea71b9787f7269141b947e95af772221947f5ddb060448ed77f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://protectingapplication.com/

Response headers

cf-cache-status
HIT
etag
"6555e8c9-221"
age
2018132
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E6X%2B42sQHKEQJmHQE5jq9%2BVSQVo3k%2Bc4SnOA9iKqQPJVGTWZlrKbmHTAPIQesXjqWxCDZeTIr%2BE6cFyJc%2B12nqhDdWx5LZddjStOUTDye9G07xjZpniLN%2FsepNt7DZ6yey6o6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=42758&min_rtt=41932&rtt_var=339&sent=112&recv=60&lost=0&retrans=0&sent_bytes=118293&recv_bytes=7692&delivery_rate=1386757&cwnd=64800&unsent_bytes=0&cid=ae90025360f50c26&ts=546&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 19 Dec 2024 11:03:01 GMT
content-type
image/png
last-modified
Thu, 16 Nov 2023 10:02:49 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f46e75aadbcede2-LHR
accept-ranges
bytes
access-control-allow-origin
*
content-length
545
server
cloudflare

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| eddOptions function| getURLParameter object| translation function| replace_text function| alert_string function| translation_available function| detect_language function| translate string| y object| x

2 Cookies

Domain/Path Name / Value
protectingapplication.com/ Name: uclick
Value: us8ry96jj6
protectingapplication.com/ Name: uclickhash
Value: us8ry96jj6-us8ry96jj6-52a2-0-gxp2bl-fvb7fe-uotwvr-3e41a4

1 Console Messages

Source Level URL
Text
network error
Message:
The script has an unsupported MIME type ('text/html').

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload