totaltopwords.com Open in urlscan Pro
104.21.10.56 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://zenoanime.onionlive.workers.dev/
Effective URL:
https://totaltopwords.com/?s=748208089983103700&ssk=8b86554f686c8854a72c8e554f8fd75a&svar=1699950228&z=5615727&pz=4662709&...
Submission: On November 14 via manual (November 14th 2023, 8:23:49 am UTC) from GB — Scanned from DE

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 5 domains to perform 24 HTTP transactions. The main IP is 104.21.10.56, located in and belongs to CLOUDFLARENET, US. The main domain is totaltopwords.com.
TLS certificate: Issued by GTS CA 1P5 on October 2nd 2023. Valid for: 3 months.

This is the only time totaltopwords.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3030::6815:923	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	139.45.197.234 139.45.197.234	9002 (RETN-AS) (RETN-AS)
4	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	37.48.68.71 37.48.68.71	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
16	104.21.10.56 104.21.10.56	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	6

1 2606:4700:3030::6815:923 (United States)

ASN13335 (CLOUDFLARENET, US)

zenoanime.onionlive.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.234 (United Kingdom) 1 redirects

ASN9002 (RETN-AS, GB)

bedrapiona.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.48.68.71 (Amsterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

datatechone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 104.21.10.56 (None, )

ASN13335 (CLOUDFLARENET, US)

totaltopwords.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	totaltopwords.com totaltopwords.com	64 KB
4	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 11206	2 KB
3	bedrapiona.com 1 redirects bedrapiona.com — Cisco Umbrella Rank: 166545	15 KB
1	datatechone.com datatechone.com — Cisco Umbrella Rank: 34587	467 B
1	workers.dev zenoanime.onionlive.workers.dev — Cisco Umbrella Rank: 159028	1 KB
24	5

	Domain	Requested by
16	totaltopwords.com	totaltopwords.com
4	my.rtmark.net	bedrapiona.com totaltopwords.com
3	bedrapiona.com	1 redirects zenoanime.onionlive.workers.dev bedrapiona.com
1	datatechone.com	bedrapiona.com
1	zenoanime.onionlive.workers.dev
24	5

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-04` - `2024-02-04`	a year	crt.sh
bedrapiona.com R3	`2023-10-26` - `2024-01-24`	3 months	crt.sh
rtmark.net R3	`2023-10-07` - `2024-01-05`	3 months	crt.sh
datatechone.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-18` - `2023-12-24`	a year	crt.sh
totaltopwords.com GTS CA 1P5	`2023-10-02` - `2023-12-31`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://totaltopwords.com/?s=748208089983103700&ssk=8b86554f686c8854a72c8e554f8fd75a&svar=1699950228&z=5615727&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Frame ID: 4183E4B7889A76948366F0528916E6FB
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Zulassen drücken

Page URL History Show full URLs

http://zenoanime.onionlive.workers.dev/ HTTP 307
https://zenoanime.onionlive.workers.dev/ Page URL
https://bedrapiona.com/4/5615727/ Page URL
https://bedrapiona.com/?z=5615727&syncedCookie=true&rhd=false HTTP 302
https://totaltopwords.com/?s=748208089983103700&ssk=8b86554f686c8854a72c8e554f8fd75a&svar=1699950228&z... Page URL
https://totaltopwords.com/?s=748208089983103700&ssk=8b86554f686c8854a72c8e554f8fd75a&svar=1699950228&z... Page URL

Page Statistics

24
Requests

100 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

6
IPs

4
Countries

82 kB
Transfer

177 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://zenoanime.onionlive.workers.dev/ HTTP 307
https://zenoanime.onionlive.workers.dev/ Page URL
https://bedrapiona.com/4/5615727/ Page URL
https://bedrapiona.com/?z=5615727&syncedCookie=true&rhd=false HTTP 302
https://totaltopwords.com/?s=748208089983103700&ssk=8b86554f686c8854a72c8e554f8fd75a&svar=1699950228&z=5615727&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb Page URL
https://totaltopwords.com/?s=748208089983103700&ssk=8b86554f686c8854a72c8e554f8fd75a&svar=1699950228&z=5615727&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://zenoanime.onionlive.workers.dev/ HTTP 307
https://zenoanime.onionlive.workers.dev/

Request Chain 5

https://bedrapiona.com/?z=5615727&syncedCookie=true&rhd=false HTTP 302
https://totaltopwords.com/?s=748208089983103700&ssk=8b86554f686c8854a72c8e554f8fd75a&svar=1699950228&z=5615727&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

24 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
zenoanime.onionlive.workers.dev/
Redirect Chain

http://zenoanime.onionlive.workers.dev/
https://zenoanime.onionlive.workers.dev/

1 KB
1 KB

61ms
28ms

Document
text/html

2606:4700:3030::6815:923
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zenoanime.onionlive.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:923 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41073afd70d67192731d0e6330e0c56eef44eac903dca4baa6b319d8a87928ed

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-ray: 825ddaaacce29235-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Tue, 14 Nov 2023 08:23:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZdVSWf7m%2F6XbDeFtnvCstbAcbpmL3XY3aq%2BAT9Kh5Wn6rJ%2BLtrFZuFwshtCLXYqhdlQ1izw3fdZslpH0R%2BBQCDIuuMeSjOp2lD8Avb%2FoLNHHEwdyagPV%2BwqlULX5MtuCgq3Uigp8EXbupeFHWX2%2BT5V9iPbQZpjbzVBYEe63"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://zenoanime.onionlive.workers.dev/
Non-Authoritative-Reason: HSTS

GET
H2 200 / Show response
bedrapiona.com/4/5615727/ 30 KB
13 KB 3305ms
28ms Document
text/html 139.45.197.234
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bedrapiona.com/4/5615727/
Requested by: Host: zenoanime.onionlive.workers.dev
URL: https://zenoanime.onionlive.workers.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.234 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: aa68ddb9a0c18179f315c112d6e0c651ae9861673e592e43bfa50fac77d4e6c3

Request headers

Referer: https://zenoanime.onionlive.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods: GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: * *
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf8
date: Tue, 14 Nov 2023 08:23:48 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma: no-cache no-cache
server: nginx
timing-allow-origin: *
x-trace-id: 8a4571887806d20340022b3f80fc1e67

POST
H2 200 sftouch
bedrapiona.com/ 2 B
610 B 21ms
21ms Ping
text/plain 139.45.197.234
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bedrapiona.com/sftouch?userId=e2a2296d7b3c4095a2763daa7c78a47d&z=5615727&p_rid=0f11510f-111c-4143-a1dd-20428e8eb6c2&p_src=sf

Requested by

Host: bedrapiona.com
URL: https://bedrapiona.com/4/5615727/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.234 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bedrapiona.com/4/5615727/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 08:23:48 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-length: 2
x-trace-id: 280b08c5c673515f87e86693b054ee82
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: https://bedrapiona.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 img.gif
my.rtmark.net/ 43 B
491 B 470ms
428ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=e2a2296d7b3c4095a2763daa7c78a47d&z=5615727&p_rid=0f11510f-111c-4143-a1dd-20428e8eb6c2&p_src=sf

Requested by

Host: bedrapiona.com
URL: https://bedrapiona.com/4/5615727/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bedrapiona.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 08:23:48 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

POST
H/1.1 200
OK add
datatechone.com/log/ 2 B
467 B 463ms
16ms XHR
text/plain 37.48.68.71
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
Requested by: Host: bedrapiona.com
URL: https://bedrapiona.com/4/5615727/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.48.68.71 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash

Request headers

Referer: https://bedrapiona.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 14 Nov 2023 08:23:48 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://bedrapiona.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 2

GET
H2

200

/ Show response
totaltopwords.com/
Redirect Chain

https://bedrapiona.com/?z=5615727&syncedCookie=true&rhd=false
https://totaltopwords.com/?s=748208089983103700&ssk=8b86554f686c8854a72c8e554f8fd75a&svar=1699950228&z=5615727&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

40 KB
13 KB

88ms
54ms

Document
text/html

104.21.10.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://totaltopwords.com/?s=748208089983103700&ssk=8b86554f686c8854a72c8e554f8fd75a&svar=1699950228&z=5615727&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.10.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: a8f5718402e1d90e834e9ce32b188b018e0931ad7d9053c2f093f61ccbaf1eef

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://bedrapiona.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 825ddac338fb365f-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 14 Nov 2023 08:23:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n4U9WhxetQbTM67iI2tYy6btv%2BUoyggU8%2FNvPjwdohXcI6Pt9xmDjsXzqOkU57wF4PaPDdm8GeE1Sf%2FmZStloO1PlB5SsBdxH0YyIPvMgMSX%2BhnOO75d87RY9AH8VZCs75g3tw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

Redirect headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://bedrapiona.com
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length: 0
date: Tue, 14 Nov 2023 08:23:48 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://totaltopwords.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location: https://totaltopwords.com/?s=748208089983103700&ssk=8b86554f686c8854a72c8e554f8fd75a&svar=1699950228&z=5615727&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
pragma: no-cache
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: 0ee6eb367212a98ccf9c07c19d3c2f49

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
544 B 13ms
13ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=5356718fe8c90639293ccb599ebc3e64

Requested by

Host: totaltopwords.com
URL: https://totaltopwords.com/?s=748208089983103700&ssk=8b86554f686c8854a72c8e554f8fd75a&svar=1699950228&z=5615727&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e492c0f281329c54e50df30d23160ce779222cf60c1d3f407cae43daaf60869a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 08:23:49 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://totaltopwords.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 micro.tag.min.js Show response
totaltopwords.com/pfe/current/ 26 KB
10 KB 47ms
47ms Script
application/javascript 104.21.10.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://totaltopwords.com/pfe/current/micro.tag.min.js?z=4662709&ymid=748208089983103700&var=5615727&sw=/sw-check-permissions/4662709&uhd=1
Requested by: Host: totaltopwords.com
URL: https://totaltopwords.com/?s=748208089983103700&ssk=8b86554f686c8854a72c8e554f8fd75a&svar=1699950228&z=5615727&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.10.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fc2aa21f3a7bfe66783d35fdbb48147f73e72a41f87aea848f64a8cb4518eba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/?s=748208089983103700&ssk=8b86554f686c8854a72c8e554f8fd75a&svar=1699950228&z=5615727&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 08:23:49 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 10 Nov 2023 11:01:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"654e0d75-697f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=963%2Bc14N9ijv40kANfxrYrkJnMDr08Vg50I6yigMY0%2FX08qQaJmeMuH4ewgkaCzUlXcn3iQci16mcP7RrhQlbmvPCt91uorxA3NKC1lexyYJeU4bPx5tUQDBpB9SE3UH8YBJ6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 825ddac3a95b365f-FRA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 327 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 / Show response
totaltopwords.com/19/4662728/ 3 KB
2 KB 56ms
55ms XHR
application/json 104.21.10.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://totaltopwords.com/19/4662728/?abt_opts=1&var=5615727&var3=748208089983103700&ymid=&rhd=1

Requested by

Host: totaltopwords.com
URL: https://totaltopwords.com/?s=748208089983103700&ssk=8b86554f686c8854a72c8e554f8fd75a&svar=1699950228&z=5615727&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.10.56 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3fb1cb9e4bd5efc65547fbf17ee74b51e8c8c2662fbc01f3de933b398bfd27b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/?s=748208089983103700&ssk=8b86554f686c8854a72c8e554f8fd75a&svar=1699950228&z=5615727&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 08:23:49 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: b83729230f2dc4fa2d31129aecc6895f
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XkUbTfp2R5k7RS2upERbVY%2FrZeuTCHLWB7bzsHmuoiMRik%2BGJLrfyJEuOD7szfUyU%2BvQCQqErgToHtTOXE5sHU6PlAMwK%2F4EC3UIWPIlYTpjEYKecWDoyrKaXkLgGBw8Pir%2BdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 825ddac3a96d365f-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H2 200 / Show response
totaltopwords.com/ 2 B
419 B 28ms
28ms XHR
application/json 104.21.10.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://totaltopwords.com/?s=748208089983103700&ssk=8b86554f686c8854a72c8e554f8fd75a&svar=1699950228&z=5615727&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&mprtr=1
Requested by: Host: totaltopwords.com
URL: https://totaltopwords.com/?s=748208089983103700&ssk=8b86554f686c8854a72c8e554f8fd75a&svar=1699950228&z=5615727&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.10.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/?s=748208089983103700&ssk=8b86554f686c8854a72c8e554f8fd75a&svar=1699950228&z=5615727&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 08:23:49 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m6A%2BXvhTl9%2ByKqRxNKGBGJFVDbzhVpp6zSp1unqDUSfdESCGLk6aZrNnAGW7wreSdLec%2FIEqzOT2XPW6gXSyq7zz9AWWlNAelIAWE8iBpAMrs3Wb9kQMYQKhAJH3k6qUr8kFow%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 825ddac3b971365f-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400

GET
H3 200 4662709
totaltopwords.com/sw-check-permissions/ 0
990 B 30ms
30ms Other
application/javascript 104.21.10.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://totaltopwords.com/sw-check-permissions/4662709?var=5615727&ymid=748208089983103700&uhd=1
Requested by: Host: totaltopwords.com
URL: https://totaltopwords.com/pfe/current/micro.tag.min.js?z=4662709&ymid=748208089983103700&var=5615727&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.10.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/?s=748208089983103700&ssk=8b86554f686c8854a72c8e554f8fd75a&svar=1699950228&z=5615727&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 08:23:49 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sv%2FYW6lTT3daCA6vGI0TboOCr%2FFomzyYrT3AUKNQO1muBBatjCmDZp8OSuUOojj7n6%2BuraQADYbV7hqAegzKf6FKSLbJ5xOXfVbih3ac0SvVwPL0TIzz0HgNIE86AGX7LEWkNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray: 825ddac3fdfc1da6-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400

POST
H3 200 zone
totaltopwords.com/ 0
489 B 31ms
31ms Ping
text/plain 104.21.10.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://totaltopwords.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=totaltopwords.com&var=5615727&ymid=748208089983103700&var_3=&var_4=&dsig=&tg=1&sw=3.1.471&action=prerequest

Requested by

Host: totaltopwords.com
URL: https://totaltopwords.com/pfe/current/micro.tag.min.js?z=4662709&ymid=748208089983103700&var=5615727&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.10.56 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/?s=748208089983103700&ssk=8b86554f686c8854a72c8e554f8fd75a&svar=1699950228&z=5615727&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-trace-id: 2686dc050e51cdacfa5d919873a6cba8
date: Tue, 14 Nov 2023 08:23:49 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D7iHIRZRDn48KiEDGCitaP6mVsNIw10jzBhQmkjmyeC10Te17jWgF4%2B1A2EEAJk1LYAhmuTNNO60dJLcBxCQIpWyfhApCsCM2akShnqtjavNGHxjU7waqOsgUkl7uQgYlacwKw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://totaltopwords.com
access-control-allow-credentials: true
cf-ray: 825ddac3fdfd1da6-FRA
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
544 B 13ms
13ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=748208089983103700&var=5615727

Requested by

Host: totaltopwords.com
URL: https://totaltopwords.com/pfe/current/micro.tag.min.js?z=4662709&ymid=748208089983103700&var=5615727&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e492c0f281329c54e50df30d23160ce779222cf60c1d3f407cae43daaf60869a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 08:23:49 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://totaltopwords.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H3 200 zone
totaltopwords.com/ 798 B
981 B 32ms
32ms Fetch
application/json 104.21.10.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://totaltopwords.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=totaltopwords.com&var=5615727&ymid=748208089983103700&var_3=&var_4=&dsig=&tg=1&sw=3.1.471&action=settings

Requested by

Host: totaltopwords.com
URL: https://totaltopwords.com/pfe/current/micro.tag.min.js?z=4662709&ymid=748208089983103700&var=5615727&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.10.56 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/?s=748208089983103700&ssk=8b86554f686c8854a72c8e554f8fd75a&svar=1699950228&z=5615727&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 08:23:49 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-trace-id: 74023734a1d299dc4aa8f438da5be102
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g6U8Cdasco3bkUoVK7xkt8trAQsnmeNG8274RVtMbp9vF%2Fro6Tj1MHviXBYgopikQxYlKjR9aOsDg%2BCUSVIAHAqu7CkMakR0cIx7CnwBercYXOfihW1kiUc6pZEEtiuM1Rqaog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 825ddac40e0e1da6-FRA
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept

GET
H3 200 rhd
totaltopwords.com/ 2 KB
3 KB 62ms
61ms Fetch
application/json 104.21.10.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://totaltopwords.com/rhd?rb=pm-H_86WnVGwP4QDO7_h0ur70wZTbJeydkzI5Xt7y4BoSgsHHi74xrUYG8kFMrPp7ZdroTo6YuNEEjNUi98btkBRce5FAuX_zHwGjrEw9xdWPoMC3w91Ry8IGb-LVF315T3t2No8lD1kGNolkYmT8yOqTRNTGGPuaZ_3rj9sjHYHMtmbNO0EL0XittRD8rI_zGfg_wGQV6fElD4AwMkLT8LGa3AmpcDM9sRg3DJA93FjcM8Z5S0Qht65objrm5btb7_q7TG7Rr6VfgxN8bOvWjAs32iyEwu9AJ-aE928pK3SO88cQeRB3ula9yf5DTXjoXrurGQ32ZtlzxsfdqPsS-ZnWla5Z9V66vBAEJw12nZw-zQ5s-g3B_MVD-PFu1hcU4NF7Zvsu1n00foGk3ebUpFvSa3IqykpNp-XCE-xINTEbeTZBOs9OmvziCcIiM-EHi59CAEGJhcVmTjzTBbaF0gnXVpZX1AEPN1M-5vkMj8%3D&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Ftotaltopwords.com%2F%3Fs%3D748208089983103700%26ssk%3D8b86554f686c8854a72c8e554f8fd75a%26svar%3D1699950228%26z%3D5615727%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=5615727&var3=748208089983103700&ymid=&rhd=1&m=link

Requested by

Host: totaltopwords.com
URL: https://totaltopwords.com/?s=748208089983103700&ssk=8b86554f686c8854a72c8e554f8fd75a&svar=1699950228&z=5615727&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.10.56 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/?s=748208089983103700&ssk=8b86554f686c8854a72c8e554f8fd75a&svar=1699950228&z=5615727&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 08:23:49 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: bce3ca719f161ba4dc249aa5b41d8a65
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zboyoMjqj0du%2BotybrJqrkPl5fW6sSCpAj0wNFK5goKTUMnt1pBwbrWtUQwGy%2FrlgGxBTKsKPfa1RFjuO3%2FsoZl43kRUMcJ0CcIv%2Bo22eTCcyz4JVJ0nEQWEGdgodrF3vkWuuw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 825ddac41e1d1da6-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H3 200 Primary Request / Show response
totaltopwords.com/ 40 KB
13 KB 80ms
79ms Document
text/html 104.21.10.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://totaltopwords.com/?s=748208089983103700&ssk=8b86554f686c8854a72c8e554f8fd75a&svar=1699950228&z=5615727&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Requested by: Host: totaltopwords.com
URL: https://totaltopwords.com/?s=748208089983103700&ssk=8b86554f686c8854a72c8e554f8fd75a&svar=1699950228&z=5615727&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.10.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 2d50da910295e44687393a828cb1f38c55d34678d60dfdcaa0b10723d1de81f1

Request headers

Referer: https://totaltopwords.com/?s=748208089983103700&ssk=8b86554f686c8854a72c8e554f8fd75a&svar=1699950228&z=5615727&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 825ddac42e341da6-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 14 Nov 2023 08:23:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cp54I9cq8GJVGropy9NyOvn0RHGh%2FoJ1F5WeXc7YIbdc1acWS%2Fs2bMnYVy2KACy3bpngPOnAbk%2BPjMGC9Cq4l2ri0XOzmePeaEtb1d8Y4OXhyI4GC%2B6yBanNXLymJndz%2Bp6Q2w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H3 200 micro.tag.min.js Show response
totaltopwords.com/pfe/current/ 26 KB
11 KB 28ms
27ms Script
application/javascript 104.21.10.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://totaltopwords.com/pfe/current/micro.tag.min.js?z=4662709&ymid=748208089983103700&var=5615727&sw=/sw-check-permissions/4662709&uhd=1
Requested by: Host: totaltopwords.com
URL: https://totaltopwords.com/?s=748208089983103700&ssk=8b86554f686c8854a72c8e554f8fd75a&svar=1699950228&z=5615727&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.10.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fc2aa21f3a7bfe66783d35fdbb48147f73e72a41f87aea848f64a8cb4518eba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/?s=748208089983103700&ssk=8b86554f686c8854a72c8e554f8fd75a&svar=1699950228&z=5615727&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 08:23:49 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 10 Nov 2023 11:01:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"654e0d74-697f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AVo3UQkSA%2BPovVB7gpRwO3htPfiPGT%2FTsjUVGDL4e%2FC%2Fcm5Fh6MJoLCYG%2FTpEYgbqWBk0JHznuC%2BtjnFjHUHpPfc%2FhRIzBCAeJm45bWl01lOYiQpCr3HXhBGkYEUc38xe1ILWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 825ddac4bebe1da6-FRA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 327 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 / Show response
totaltopwords.com/19/4662728/ 3 KB
3 KB 28ms
28ms XHR
application/json 104.21.10.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://totaltopwords.com/19/4662728/?abt_opts=1&var=5615727&var3=748208089983103700&ymid=&rhd=1

Requested by

Host: totaltopwords.com
URL: https://totaltopwords.com/?s=748208089983103700&ssk=8b86554f686c8854a72c8e554f8fd75a&svar=1699950228&z=5615727&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.10.56 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2eaf3e46c5341969a9a8088b53815eb8215426224cae380b384ad3e7725fec5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/?s=748208089983103700&ssk=8b86554f686c8854a72c8e554f8fd75a&svar=1699950228&z=5615727&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 08:23:49 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: f371f4d54c372794038284f52c995920
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gw07wE%2BjtmdPVojEYA7F13ttLfBc13gWaIShINvQGJKbbv4jH2ty15hASZFdOLSw4Gn1s%2FvN5qYCLfnHvgoEplndcvwfSpmMk3XHvpPwh9%2F972t8gxkkZVSH%2Fy6M8SUSOdSVWw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 825ddac4bec01da6-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H3 200 / Show response
totaltopwords.com/ 2 B
532 B 36ms
36ms XHR
application/json 104.21.10.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://totaltopwords.com/?s=748208089983103700&ssk=8b86554f686c8854a72c8e554f8fd75a&svar=1699950228&z=5615727&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2&mprtr=1
Requested by: Host: totaltopwords.com
URL: https://totaltopwords.com/?s=748208089983103700&ssk=8b86554f686c8854a72c8e554f8fd75a&svar=1699950228&z=5615727&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.10.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/?s=748208089983103700&ssk=8b86554f686c8854a72c8e554f8fd75a&svar=1699950228&z=5615727&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 08:23:49 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a8bsQMbPiXcRfQuoLY9Dr3bgFNn%2BUUUX2uq8wNpR8I52BDOd9tBFEMTQtNVK8zSrgh1kVJCQNxaA7QSnHFnHq1WUNO7uF4l5z%2FM%2BQsKnsoPCVUVQV7ZeF0ZGACfsaEUmbmFiDw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 825ddac4cec91da6-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400

GET
H3 200 4662709
totaltopwords.com/sw-check-permissions/ 0
958 B 39ms
38ms Other
application/javascript 104.21.10.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://totaltopwords.com/sw-check-permissions/4662709?var=5615727&ymid=748208089983103700&uhd=1
Requested by: Host: totaltopwords.com
URL: https://totaltopwords.com/pfe/current/micro.tag.min.js?z=4662709&ymid=748208089983103700&var=5615727&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.10.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/?s=748208089983103700&ssk=8b86554f686c8854a72c8e554f8fd75a&svar=1699950228&z=5615727&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 08:23:49 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FXHyLPJnqgGVRxzm7S7F4%2FuGih%2B9f7cnCaYs6zxJVHM%2F8oYGS%2BFoh86Ulo1xPYXn1ZI8g6wfCaRZZDEKAba3lFmvRJR60qENBuzlRGHsA7OLBlZpsXTELF8eT%2FWCtYhqGScpYA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray: 825ddac57f7d1da6-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400

POST
H3 200 zone
totaltopwords.com/ 0
498 B 24ms
23ms Ping
text/plain 104.21.10.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://totaltopwords.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=totaltopwords.com&var=5615727&ymid=748208089983103700&var_3=&var_4=&dsig=&tg=1&sw=3.1.471&action=prerequest

Requested by

Host: totaltopwords.com
URL: https://totaltopwords.com/pfe/current/micro.tag.min.js?z=4662709&ymid=748208089983103700&var=5615727&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.10.56 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/?s=748208089983103700&ssk=8b86554f686c8854a72c8e554f8fd75a&svar=1699950228&z=5615727&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-trace-id: 1ac3636ddaf4dcccb9790d462bbed835
date: Tue, 14 Nov 2023 08:23:49 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xo%2BRvqV7AyJd%2FzyIro0uyZ3NM9%2FcvU%2BdM12NuFJ%2Fe0VGWtKnvapj%2FsJgdwLpxEgOLJgoOi0tmNrhuK9vOi5zbzTsdkB42ug6UC9NYHWRTWSHObygHaCdplo%2B1hGHtOs9CDImkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://totaltopwords.com
access-control-allow-credentials: true
cf-ray: 825ddac57f7e1da6-FRA
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 rhd Show response
totaltopwords.com/ 3 KB
3 KB 29ms
29ms Fetch
application/json 104.21.10.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://totaltopwords.com/rhd?rb=hJT64vfn2g7wEsMv9yoFXovwuge0s_Sv0UBwHtjZWMlcxwbuT7yq9qsrhYYUycd-LXMGP3Vs34_o4Q-_03fSApjaWAJaKZNyvglfNEB1_KvHuimPr6a8h7Eo5F-YBr1MXzXKr2XK3ZXZ31YWdUX2jY1h-AAiQtcuGmkjcaLXjLMbpA0BRdiEsYKTIuMbiYX7Et7q0tICAPt_mwFD-_adHFd32OPEzKBqT8D6wmqyXCQis4wHiOxJkm2hlFB_a4bT5OnO2UFkStilJSQINkdO2viDy_On7KffQUZJxplpY-IxGOKCR3p5ncHn5usu4Q1tknDCYhK3bPssLMYCPOrAmEnlX8HVr82tE9gJ4Ni_kOrzr7mBrP0UUtx3os6v1TjjqV_wK93NSjHMY2Da6neHr2lkX8cKV-4W6XZ8hyrS12pt4UcU66GSYgjoqz39LCViW4arrsHLVr-nWTjD_yc4Om0eRqS256Y1tYHoqRnPgOUeGx0vgJiULQ%3D%3D&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Ftotaltopwords.com%2F%3Fs%3D748208089983103700%26ssk%3D8b86554f686c8854a72c8e554f8fd75a%26svar%3D1699950228%26z%3D5615727%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26rdc%3D2&drf=https%3A%2F%2Ftotaltopwords.com%2F%3Fs%3D748208089983103700%26ssk%3D8b86554f686c8854a72c8e554f8fd75a%26svar%3D1699950228%26z%3D5615727%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=5615727&var3=748208089983103700&ymid=&rhd=1&m=link

Requested by

Host: totaltopwords.com
URL: https://totaltopwords.com/?s=748208089983103700&ssk=8b86554f686c8854a72c8e554f8fd75a&svar=1699950228&z=5615727&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.10.56 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48ec2918f1feaa91c2268a2895f8896649aeacfb105d4fb013ea8400453550cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/?s=748208089983103700&ssk=8b86554f686c8854a72c8e554f8fd75a&svar=1699950228&z=5615727&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 08:23:49 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: b93b5ce58f6bf218013546ea6d16fbe0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kW37BdCk64zIWbP0K2zV5VpYEKcMh%2BlfDtqEgQWgHPJ0ik%2BTDCiQnN9FrOZguhADrmubjsU8X6MUP1%2BAtDCKBJfySI9VFDAVQN2163ZKbyjgWhde4oiADnxL0KYmKrXByMDi%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 825ddac58f861da6-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
544 B 16ms
15ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=748208089983103700&var=5615727

Requested by

Host: totaltopwords.com
URL: https://totaltopwords.com/pfe/current/micro.tag.min.js?z=4662709&ymid=748208089983103700&var=5615727&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e492c0f281329c54e50df30d23160ce779222cf60c1d3f407cae43daaf60869a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 08:23:49 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://totaltopwords.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H3 200 zone Show response
totaltopwords.com/ 798 B
990 B 25ms
25ms Fetch
application/json 104.21.10.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://totaltopwords.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=totaltopwords.com&var=5615727&ymid=748208089983103700&var_3=&var_4=&dsig=&tg=1&sw=3.1.471&action=settings

Requested by

Host: totaltopwords.com
URL: https://totaltopwords.com/pfe/current/micro.tag.min.js?z=4662709&ymid=748208089983103700&var=5615727&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.10.56 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abf8ab902005891fc0925d08ff436a2a4b4e490bf8257a301cf2c7960d3958c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/?s=748208089983103700&ssk=8b86554f686c8854a72c8e554f8fd75a&svar=1699950228&z=5615727&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 08:23:49 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-trace-id: e3391cd15c5e6fbc1995b0081c967d9e
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U5XU7SrAtz%2BDBflNkx7m%2BVeXYbyL676O5HsJ%2BET1%2BXN0SQlle26B7ZJijl3OKmp5vLPekYYUN8HK0ElNcTDwdx5d%2BboFIxTDz32ZVB%2Be5Rpev0hb4fptNr21UEAoVyw3FOvugA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 825ddac58f891da6-FRA
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bedrapiona.com/	1970-01-21 00:58:06	Name: OAID Value: e2a2296d7b3c4095a2763daa7c78a47d
bedrapiona.com/	1970-01-21 00:58:06	Name: oaidts Value: 1699950228
my.rtmark.net/	1970-01-21 00:58:06	Name: ID Value: e2a2296d7b3c4095a2763daa7c78a47d
bedrapiona.com/	1970-01-20 16:22:35	Name: syncedCookie Value: true
totaltopwords.com/	1970-01-20 16:12:33	Name: reverse Value: s-fg0GHqMfwKjXA5YUIo0HQj36PZ6cwYGMvuLDlDLco
totaltopwords.com/	1970-01-21 00:58:06	Name: oaidts Value: 1699950229
totaltopwords.com/	1970-01-21 00:59:32	Name: syncedCookie Value: true
totaltopwords.com/	1970-01-21 00:58:06	Name: OAID Value: 5356718fe8c90639293ccb599ebc3e64
totaltopwords.com/	1970-01-20 16:12:30	Name: prefetchAd_4662728 Value: true

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bedrapiona.com
datatechone.com
my.rtmark.net
totaltopwords.com
zenoanime.onionlive.workers.dev
104.21.10.56
139.45.195.8
139.45.197.234
2606:4700:3030::6815:923
37.48.68.71
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2d50da910295e44687393a828cb1f38c55d34678d60dfdcaa0b10723d1de81f1
2eaf3e46c5341969a9a8088b53815eb8215426224cae380b384ad3e7725fec5e
41073afd70d67192731d0e6330e0c56eef44eac903dca4baa6b319d8a87928ed
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48ec2918f1feaa91c2268a2895f8896649aeacfb105d4fb013ea8400453550cd
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc
9fc2aa21f3a7bfe66783d35fdbb48147f73e72a41f87aea848f64a8cb4518eba
a8f5718402e1d90e834e9ce32b188b018e0931ad7d9053c2f093f61ccbaf1eef
aa68ddb9a0c18179f315c112d6e0c651ae9861673e592e43bfa50fac77d4e6c3
abf8ab902005891fc0925d08ff436a2a4b4e490bf8257a301cf2c7960d3958c6
c3fb1cb9e4bd5efc65547fbf17ee74b51e8c8c2662fbc01f3de933b398bfd27b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e492c0f281329c54e50df30d23160ce779222cf60c1d3f407cae43daaf60869a

totaltopwords.com Open in urlscan Pro 104.21.10.56 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

24 Requests

100 %HTTPS

20 %IPv6

5 Domains

5 Subdomains

6 IPs

4 Countries

82 kBTransfer

177 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

9 Cookies

Indicators

totaltopwords.com Open in urlscan Pro
104.21.10.56 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

100 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

6
IPs

4
Countries

82 kB
Transfer

177 kB
Size

9
Cookies

24 HTTP transactions
2 data transactions