topstrathfield.com Open in urlscan Pro
104.21.37.206 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://telegramm.net/
Effective URL:
https://topstrathfield.com/XQE9wASzuLENVfvuwSyMM-JU1RSRxWfVWNgaULRJihg/?cid=90425094365&sid=434763702&s=0.0076
Submission Tags: https://phish.report @phish_report Search All
Submission: On June 15 via api (June 15th 2023, 3:25:30 pm UTC) from FI — Scanned from AU

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 10 HTTP transactions. The main IP is 104.21.37.206, located in and belongs to CLOUDFLARENET, US. The main domain is topstrathfield.com.
TLS certificate: Issued by GTS CA 1P5 on April 25th 2023. Valid for: 3 months.

This is the only time topstrathfield.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	103.224.212.231 103.224.212.231	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1 2	103.224.182.206 103.224.182.206	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1 2	52.117.247.211 52.117.247.211	36351 (SOFTLAYER) (SOFTLAYER)
1	52.116.53.146 52.116.53.146	36351 (SOFTLAYER) (SOFTLAYER)
2	104.21.37.206 104.21.37.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	6

4 103.224.212.231 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-212-231.above.com

telegramm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.224.182.206 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com

kepplir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.117.247.211 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: d3.f7.7534.ip4.static.sl-reverse.com

myckdom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p249699.myckdom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.116.53.146 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 92.35.7434.ip4.static.sl-reverse.com

clkdeals.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.37.206 (None, )

ASN13335 (CLOUDFLARENET, US)

topstrathfield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	telegramm.net 1 redirects telegramm.net	23 KB
2	topstrathfield.com topstrathfield.com	15 KB
2	myckdom.com 1 redirects myckdom.com — Cisco Umbrella Rank: 57146 p249699.myckdom.com	1 KB
2	kepplir.com 1 redirects kepplir.com — Cisco Umbrella Rank: 689782	2 KB
1	clkdeals.com clkdeals.com — Cisco Umbrella Rank: 246408	197 B
0	ocmhood.com Failed sdk.ocmhood.com Failed
0	cn-rtb.com Failed feed.cn-rtb.com Failed
10	7

	Domain	Requested by
4	telegramm.net	1 redirects telegramm.net
2	topstrathfield.com	p249699.myckdom.com topstrathfield.com
2	kepplir.com	1 redirects telegramm.net
1	clkdeals.com	p249699.myckdom.com
1	p249699.myckdom.com	kepplir.com
1	myckdom.com	1 redirects
0	sdk.ocmhood.com Failed	topstrathfield.com
0	feed.cn-rtb.com Failed	topstrathfield.com
10	8

This site contains no links.

Subject Issuer	Validity	Valid
royal-radio.com R3	`2023-05-23` - `2023-08-21`	3 months	crt.sh
*.myckdom.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-20` - `2024-03-20`	a year	crt.sh
www.clkdeals.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-07` - `2023-12-29`	a year	crt.sh
topstrathfield.com GTS CA 1P5	`2023-04-25` - `2023-07-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://topstrathfield.com/XQE9wASzuLENVfvuwSyMM-JU1RSRxWfVWNgaULRJihg/?cid=90425094365&sid=434763702&s=0.0076
Frame ID: 5AE19D0A98402F17E975883AE02517AA
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Click Allow

Page URL History Show full URLs

http://telegramm.net/ HTTP 302
https://telegramm.net/ Page URL
http://kepplir.com/jr.php?gz=0m4wCUOmDnGOg1%2B2sqL55H49fjdrY2xZWUNYbEt4c0NpbW5yb3pwUXFuN3c2eVNu... HTTP 302
http://kepplir.com/jr.php?gz=0m4wCUOmDnGOg1%2B2sqL55H49fjdrY2xZWUNYbEt4c0NpbW5yb3pwUXFuN3c2eVNu... Page URL
https://myckdom.com/aS/sfclick?u=7e5b0f7f-f9c7-46f6-a4ef-d5926ccdc9e8 HTTP 302
https://p249699.myckdom.com/adServe/domainClick?ai=fMLVOUeNi-BThkx4T3vEN-J7Y_wx5gUOt7C94MDhhpHcqR3Q8211F... Page URL
https://topstrathfield.com/XQE9wASzuLENVfvuwSyMM-JU1RSRxWfVWNgaULRJihg/?cid=90425094365&sid=434763702&s... Page URL

Detected technologies

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

Page Statistics

10
Requests

70 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

6
IPs

3
Countries

39 kB
Transfer

94 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://telegramm.net/ HTTP 302
https://telegramm.net/ Page URL
http://kepplir.com/jr.php?gz=0m4wCUOmDnGOg1%2B2sqL55H49fjdrY2xZWUNYbEt4c0NpbW5yb3pwUXFuN3c2eVNueHhyeXVKMklHWng2WUdXN1N3eG80SUpqaGlxNmw2eVQ4NmxvZU1OYkdCbWY0SDgrK3B3WEhqRFhnZzNVYUpGQ3NubzVDWDFaWnVsamt4SU44c2wzOEExS1pXL0xZMGtJT0xQMHlLaTVwcG41TnRaSE44RHVaTVJxVzZHSHYwdURtQUt5cDFPNVpNVE1WMjhxdldIdFlzYkljK0h3dm52cnJLZjltZGJ2bjNmZlNwbUVoU0dnNEdHVTE4NVB3U0VFamtZYkN3WUYyTExwcUdGSVF1TVlwaDJQQjhSYVd4aXU5dlkxUm5tMngrSm5mV2ZDMGlBYUFsa2tFR09OZ3ZRQ09hVWxibGo2MEF6cnNvT2EvMElodXRIbUx0ZHpsUTdNQ1c3eXFxVXU4ZkdzemFvOVV4TThWS1plSG11cnh5RzRlN2RoM1FEaE4vK25TaVZ3elUvQ3g2eHFKYzc2K2h4SjJQNVVzMVlqMEFjOVB2MUJJMmZqZ2FwNWplYUJERGhIVi9kelp6RFAydGpYVkpDQlgvQThOQm9wai9uaWlHZHRpZ0NPNzFqZWcwRVZtdkwrZUdpcDhSYWRiU1ZnWXpYb29vQUlJZ0RvM0R1TG8zbDNDOFFxeVhOMnpTY0F0MVFCMzVOQ05WZC9KTWRBNGhyZFc4Kzg3bFFZN0ZQR1RpWjlNZnhUV0p4UTY5VnhBN25LSEVwQjV1MG5pZWRJVlVXS3BEVnZZYWpwbEZSRXg2TUsxSnRNRWxEb0xyWUFWcEU5Tm1vdWJidjl0eXpqSFpwTUlsNGlxa3FsQ2ZuVGNMQlIvMmgxZkFpRGVaNzlFcVNIQVd4dmpQZzYwaEtLWjdOT0RHeGt1VlNnWmdrUmtiUXU1WG53S090YXpONmU3cnJWY0JDL3l5UHpzNHQyYkpLcGVtL2FaU0lBR0ZCM1pQeHZCVEhBaXlKRXZhRXBwZ2Qva09Na08xNlZja1ZTM0R0L3F4VFllMFcyOXpLWUh3WFBxWFhCVzhOcnpydytSUG1DWUdxM2g0YUtZMDhGOVZSa2M4UkhnRG1iaUY4ei8vTHVyK1Q%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine&anura_res=&fp=375b49bc67b4bc8c4285cd1135afd991 HTTP 302
http://kepplir.com/jr.php?gz=0m4wCUOmDnGOg1%2B2sqL55H49fjdrY2xZWUNYbEt4c0NpbW5yb3pwUXFuN3c2eVNueHhyeXVKMklHWng2WUdXN1N3eG80SUpqaGlxNmw2eVQ4NmxvZU1OYkdCbWY0SDgrK3B3WEhqRFhnZzNVYUpGQ3NubzVDWDFaWnVsamt4SU44c2wzOEExS1pXL0xZMGtJT0xQMHlLaTVwcG41TnRaSE44RHVaTVJxVzZHSHYwdURtQUt5cDFPNVpNVE1WMjhxdldIdFlzYkljK0h3dm52cnJLZjltZGJ2bjNmZlNwbUVoU0dnNEdHVTE4NVB3U0VFamtZYkN3WUYyTExwcUdGSVF1TVlwaDJQQjhSYVd4aXU5dlkxUm5tMngrSm5mV2ZDMGlBYUFsa2tFR09OZ3ZRQ09hVWxibGo2MEF6cnNvT2EvMElodXRIbUx0ZHpsUTdNQ1c3eXFxVXU4ZkdzemFvOVV4TThWS1plSG11cnh5RzRlN2RoM1FEaE4vK25TaVZ3elUvQ3g2eHFKYzc2K2h4SjJQNVVzMVlqMEFjOVB2MUJJMmZqZ2FwNWplYUJERGhIVi9kelp6RFAydGpYVkpDQlgvQThOQm9wai9uaWlHZHRpZ0NPNzFqZWcwRVZtdkwrZUdpcDhSYWRiU1ZnWXpYb29vQUlJZ0RvM0R1TG8zbDNDOFFxeVhOMnpTY0F0MVFCMzVOQ05WZC9KTWRBNGhyZFc4Kzg3bFFZN0ZQR1RpWjlNZnhUV0p4UTY5VnhBN25LSEVwQjV1MG5pZWRJVlVXS3BEVnZZYWpwbEZSRXg2TUsxSnRNRWxEb0xyWUFWcEU5Tm1vdWJidjl0eXpqSFpwTUlsNGlxa3FsQ2ZuVGNMQlIvMmgxZkFpRGVaNzlFcVNIQVd4dmpQZzYwaEtLWjdOT0RHeGt1VlNnWmdrUmtiUXU1WG53S090YXpONmU3cnJWY0JDL3l5UHpzNHQyYkpLcGVtL2FaU0lBR0ZCM1pQeHZCVEhBaXlKRXZhRXBwZ2Qva09Na08xNlZja1ZTM0R0L3F4VFllMFcyOXpLWUh3WFBxWFhCVzhOcnpydytSUG1DWUdxM2g0YUtZMDhGOVZSa2M4UkhnRG1iaUY4ei8vTHVyK1Q%3D&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&anura_res=&fp=375b49bc67b4bc8c4285cd1135afd991&ckReS=1686842726.5361455 Page URL
https://myckdom.com/aS/sfclick?u=7e5b0f7f-f9c7-46f6-a4ef-d5926ccdc9e8 HTTP 302
https://p249699.myckdom.com/adServe/domainClick?ai=fMLVOUeNi-BThkx4T3vEN-J7Y_wx5gUOt7C94MDhhpHcqR3Q8211FeY32cc6MvwbigpM9ozScraNUGhGQF-N4w8mq9KwVXYQhZS733gASIA49zxrQQdLIoruzNmKxF1hyOqir8R0fOjF30M2VB7JK_YxGUxmYtd301wNzPuunJnOCT8fsnJboSXAF11Nx61tWwD-ofwd9wwPdhGn3_C1PnzMxTSW33E-llpg4FhZfxRgSv9CsxkKb_qdB71zH5gr94HZPWkDzJsJbewQCztnWSTe00SSTdUbFRGBxBe2uwuxohzVFUl3QPF2BmR2UwOAoXb2s_ZSBV73HLdA0oaOzVtoweMxbkUxVnWruyDfRXVfSPcxVQni-afdnKfr5HD5hH96neDjclCgu6tNLJtXf_NVWUy-lk7PFjuED_lYu80Xu88wSWywELxBhUNI1iZDeG75T0AK4q2n55ck1eilrNWjri88Beg6ZonWe_Vtl9FOwVpObpfchy-mlknkRKkR&ui=yzphimlcv1XGkOSnr5TccpmqLhDpWjFVIaIc3yOo5HJKMbgggOf4_tDeudA19UCAFFgGHH_YzMtg00ddgEC8V2D35APZgUe5RSV4-8AXZOpF2tba06zAiw&si=1&oref=81af5df84657cf532eb6b8be7274bbc8&optunit=73wAm-tqjbt_dcSvDfNdPg&rb=qAhRA1HnC64&rr=1&abtg=0 Page URL
https://topstrathfield.com/XQE9wASzuLENVfvuwSyMM-JU1RSRxWfVWNgaULRJihg/?cid=90425094365&sid=434763702&s=0.0076 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://telegramm.net/ HTTP 302
https://telegramm.net/

Request Chain 3

http://kepplir.com/jr.php?gz=0m4wCUOmDnGOg1%2B2sqL55H49fjdrY2xZWUNYbEt4c0NpbW5yb3pwUXFuN3c2eVNueHhyeXVKMklHWng2WUdXN1N3eG80SUpqaGlxNmw2eVQ4NmxvZU1OYkdCbWY0SDgrK3B3WEhqRFhnZzNVYUpGQ3NubzVDWDFaWnVsamt4SU44c2wzOEExS1pXL0xZMGtJT0xQMHlLaTVwcG41TnRaSE44RHVaTVJxVzZHSHYwdURtQUt5cDFPNVpNVE1WMjhxdldIdFlzYkljK0h3dm52cnJLZjltZGJ2bjNmZlNwbUVoU0dnNEdHVTE4NVB3U0VFamtZYkN3WUYyTExwcUdGSVF1TVlwaDJQQjhSYVd4aXU5dlkxUm5tMngrSm5mV2ZDMGlBYUFsa2tFR09OZ3ZRQ09hVWxibGo2MEF6cnNvT2EvMElodXRIbUx0ZHpsUTdNQ1c3eXFxVXU4ZkdzemFvOVV4TThWS1plSG11cnh5RzRlN2RoM1FEaE4vK25TaVZ3elUvQ3g2eHFKYzc2K2h4SjJQNVVzMVlqMEFjOVB2MUJJMmZqZ2FwNWplYUJERGhIVi9kelp6RFAydGpYVkpDQlgvQThOQm9wai9uaWlHZHRpZ0NPNzFqZWcwRVZtdkwrZUdpcDhSYWRiU1ZnWXpYb29vQUlJZ0RvM0R1TG8zbDNDOFFxeVhOMnpTY0F0MVFCMzVOQ05WZC9KTWRBNGhyZFc4Kzg3bFFZN0ZQR1RpWjlNZnhUV0p4UTY5VnhBN25LSEVwQjV1MG5pZWRJVlVXS3BEVnZZYWpwbEZSRXg2TUsxSnRNRWxEb0xyWUFWcEU5Tm1vdWJidjl0eXpqSFpwTUlsNGlxa3FsQ2ZuVGNMQlIvMmgxZkFpRGVaNzlFcVNIQVd4dmpQZzYwaEtLWjdOT0RHeGt1VlNnWmdrUmtiUXU1WG53S090YXpONmU3cnJWY0JDL3l5UHpzNHQyYkpLcGVtL2FaU0lBR0ZCM1pQeHZCVEhBaXlKRXZhRXBwZ2Qva09Na08xNlZja1ZTM0R0L3F4VFllMFcyOXpLWUh3WFBxWFhCVzhOcnpydytSUG1DWUdxM2g0YUtZMDhGOVZSa2M4UkhnRG1iaUY4ei8vTHVyK1Q%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine&anura_res=&fp=375b49bc67b4bc8c4285cd1135afd991 HTTP 302
http://kepplir.com/jr.php?gz=0m4wCUOmDnGOg1%2B2sqL55H49fjdrY2xZWUNYbEt4c0NpbW5yb3pwUXFuN3c2eVNueHhyeXVKMklHWng2WUdXN1N3eG80SUpqaGlxNmw2eVQ4NmxvZU1OYkdCbWY0SDgrK3B3WEhqRFhnZzNVYUpGQ3NubzVDWDFaWnVsamt4SU44c2wzOEExS1pXL0xZMGtJT0xQMHlLaTVwcG41TnRaSE44RHVaTVJxVzZHSHYwdURtQUt5cDFPNVpNVE1WMjhxdldIdFlzYkljK0h3dm52cnJLZjltZGJ2bjNmZlNwbUVoU0dnNEdHVTE4NVB3U0VFamtZYkN3WUYyTExwcUdGSVF1TVlwaDJQQjhSYVd4aXU5dlkxUm5tMngrSm5mV2ZDMGlBYUFsa2tFR09OZ3ZRQ09hVWxibGo2MEF6cnNvT2EvMElodXRIbUx0ZHpsUTdNQ1c3eXFxVXU4ZkdzemFvOVV4TThWS1plSG11cnh5RzRlN2RoM1FEaE4vK25TaVZ3elUvQ3g2eHFKYzc2K2h4SjJQNVVzMVlqMEFjOVB2MUJJMmZqZ2FwNWplYUJERGhIVi9kelp6RFAydGpYVkpDQlgvQThOQm9wai9uaWlHZHRpZ0NPNzFqZWcwRVZtdkwrZUdpcDhSYWRiU1ZnWXpYb29vQUlJZ0RvM0R1TG8zbDNDOFFxeVhOMnpTY0F0MVFCMzVOQ05WZC9KTWRBNGhyZFc4Kzg3bFFZN0ZQR1RpWjlNZnhUV0p4UTY5VnhBN25LSEVwQjV1MG5pZWRJVlVXS3BEVnZZYWpwbEZSRXg2TUsxSnRNRWxEb0xyWUFWcEU5Tm1vdWJidjl0eXpqSFpwTUlsNGlxa3FsQ2ZuVGNMQlIvMmgxZkFpRGVaNzlFcVNIQVd4dmpQZzYwaEtLWjdOT0RHeGt1VlNnWmdrUmtiUXU1WG53S090YXpONmU3cnJWY0JDL3l5UHpzNHQyYkpLcGVtL2FaU0lBR0ZCM1pQeHZCVEhBaXlKRXZhRXBwZ2Qva09Na08xNlZja1ZTM0R0L3F4VFllMFcyOXpLWUh3WFBxWFhCVzhOcnpydytSUG1DWUdxM2g0YUtZMDhGOVZSa2M4UkhnRG1iaUY4ei8vTHVyK1Q%3D&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&anura_res=&fp=375b49bc67b4bc8c4285cd1135afd991&ckReS=1686842726.5361455

Request Chain 4

https://myckdom.com/aS/sfclick?u=7e5b0f7f-f9c7-46f6-a4ef-d5926ccdc9e8 HTTP 302
https://p249699.myckdom.com/adServe/domainClick?ai=fMLVOUeNi-BThkx4T3vEN-J7Y_wx5gUOt7C94MDhhpHcqR3Q8211FeY32cc6MvwbigpM9ozScraNUGhGQF-N4w8mq9KwVXYQhZS733gASIA49zxrQQdLIoruzNmKxF1hyOqir8R0fOjF30M2VB7JK_YxGUxmYtd301wNzPuunJnOCT8fsnJboSXAF11Nx61tWwD-ofwd9wwPdhGn3_C1PnzMxTSW33E-llpg4FhZfxRgSv9CsxkKb_qdB71zH5gr94HZPWkDzJsJbewQCztnWSTe00SSTdUbFRGBxBe2uwuxohzVFUl3QPF2BmR2UwOAoXb2s_ZSBV73HLdA0oaOzVtoweMxbkUxVnWruyDfRXVfSPcxVQni-afdnKfr5HD5hH96neDjclCgu6tNLJtXf_NVWUy-lk7PFjuED_lYu80Xu88wSWywELxBhUNI1iZDeG75T0AK4q2n55ck1eilrNWjri88Beg6ZonWe_Vtl9FOwVpObpfchy-mlknkRKkR&ui=yzphimlcv1XGkOSnr5TccpmqLhDpWjFVIaIc3yOo5HJKMbgggOf4_tDeudA19UCAFFgGHH_YzMtg00ddgEC8V2D35APZgUe5RSV4-8AXZOpF2tba06zAiw&si=1&oref=81af5df84657cf532eb6b8be7274bbc8&optunit=73wAm-tqjbt_dcSvDfNdPg&rb=qAhRA1HnC64&rr=1&abtg=0

10 HTTP transactions
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response telegramm.net/ Redirect Chain http://telegramm.net/ https://telegramm.net/	9 KB 4 KB	1958ms 1418ms	Document text/html	103.224.212.231 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Full URL https://telegramm.net/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 103.224.212.231 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS lb-212-231.above.com Software Apache / Resource Hash `424e1a0767a08d17bda33f430206a06cb6cc3baf3c557d6d932169b4b83caaf4` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers connection close content-encoding gzip content-length 3721 content-type text/html; charset=UTF-8 date Thu, 15 Jun 2023 15:25:23 GMT server Apache vary Accept-Encoding Redirect headers connection close content-length 0 content-type text/html; charset=UTF-8 date Thu, 15 Jun 2023 15:25:22 GMT location https://telegramm.net/ server Apache
GET H/1.1	200 OK	swfobject.js Show response telegramm.net/js/	10 KB 4 KB	261ms 260ms	Script application/javascript	103.224.212.231 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Full URL https://telegramm.net/js/swfobject.js Requested by Host: telegramm.net URL: https://telegramm.net/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 103.224.212.231 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS lb-212-231.above.com Software Apache / Resource Hash `a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed` Request headers accept-language en-AU,en;q=0.9 Referer https://telegramm.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 15 Jun 2023 15:25:24 GMT content-encoding gzip last-modified Fri, 05 Aug 2022 04:46:37 GMT server Apache etag "27ef-5e57726b7c540-gzip" vary Accept-Encoding content-type application/javascript connection close accept-ranges bytes content-length 3949
GET H/1.1	200 OK	iife.min.js Show response telegramm.net/js/fingerprint/	33 KB 14 KB	1036ms 517ms	Script application/javascript	103.224.212.231 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Full URL https://telegramm.net/js/fingerprint/iife.min.js Requested by Host: telegramm.net URL: https://telegramm.net/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 103.224.212.231 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS lb-212-231.above.com Software Apache / Resource Hash `c6bc28686490aba34a53ab3b709afa1fd73c21e60feb25608b09f23efe170089` Request headers accept-language en-AU,en;q=0.9 Referer https://telegramm.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 15 Jun 2023 15:25:25 GMT content-encoding gzip last-modified Thu, 27 Apr 2023 04:52:59 GMT server Apache etag "85c0-5fa4a216f00c0-gzip" vary Accept-Encoding content-type application/javascript connection close accept-ranges bytes content-length 14345
GET H/1.1	200 OK	jr.php kepplir.com/ Redirect Chain http://kepplir.com/jr.php?gz=0m4wCUOmDnGOg1%2B2sqL55H49fjdrY2xZWUNYbEt4c0NpbW5yb3pwUXFuN3c2eVNueHhyeXVKMklHWng2WUdXN1N3eG80SUpqaGlxNmw2eVQ4NmxvZU1OYkdCbWY0SDgrK3B3WEhqRFhnZzNVYUpGQ3NubzVDWDFaWnVsam... http://kepplir.com/jr.php?gz=0m4wCUOmDnGOg1%2B2sqL55H49fjdrY2xZWUNYbEt4c0NpbW5yb3pwUXFuN3c2eVNueHhyeXVKMklHWng2WUdXN1N3eG80SUpqaGlxNmw2eVQ4NmxvZU1OYkdCbWY0SDgrK3B3WEhqRFhnZzNVYUpGQ3NubzVDWDFaWnVsam...	363 B 450 B	265ms 264ms	Document text/html	103.224.182.206 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Full URL http://kepplir.com/jr.php?gz=0m4wCUOmDnGOg1%2B2sqL55H49fjdrY2xZWUNYbEt4c0NpbW5yb3pwUXFuN3c2eVNueHhyeXVKMklHWng2WUdXN1N3eG80SUpqaGlxNmw2eVQ4NmxvZU1OYkdCbWY0SDgrK3B3WEhqRFhnZzNVYUpGQ3NubzVDWDFaWnVsamt4SU44c2wzOEExS1pXL0xZMGtJT0xQMHlLaTVwcG41TnRaSE44RHVaTVJxVzZHSHYwdURtQUt5cDFPNVpNVE1WMjhxdldIdFlzYkljK0h3dm52cnJLZjltZGJ2bjNmZlNwbUVoU0dnNEdHVTE4NVB3U0VFamtZYkN3WUYyTExwcUdGSVF1TVlwaDJQQjhSYVd4aXU5dlkxUm5tMngrSm5mV2ZDMGlBYUFsa2tFR09OZ3ZRQ09hVWxibGo2MEF6cnNvT2EvMElodXRIbUx0ZHpsUTdNQ1c3eXFxVXU4ZkdzemFvOVV4TThWS1plSG11cnh5RzRlN2RoM1FEaE4vK25TaVZ3elUvQ3g2eHFKYzc2K2h4SjJQNVVzMVlqMEFjOVB2MUJJMmZqZ2FwNWplYUJERGhIVi9kelp6RFAydGpYVkpDQlgvQThOQm9wai9uaWlHZHRpZ0NPNzFqZWcwRVZtdkwrZUdpcDhSYWRiU1ZnWXpYb29vQUlJZ0RvM0R1TG8zbDNDOFFxeVhOMnpTY0F0MVFCMzVOQ05WZC9KTWRBNGhyZFc4Kzg3bFFZN0ZQR1RpWjlNZnhUV0p4UTY5VnhBN25LSEVwQjV1MG5pZWRJVlVXS3BEVnZZYWpwbEZSRXg2TUsxSnRNRWxEb0xyWUFWcEU5Tm1vdWJidjl0eXpqSFpwTUlsNGlxa3FsQ2ZuVGNMQlIvMmgxZkFpRGVaNzlFcVNIQVd4dmpQZzYwaEtLWjdOT0RHeGt1VlNnWmdrUmtiUXU1WG53S090YXpONmU3cnJWY0JDL3l5UHpzNHQyYkpLcGVtL2FaU0lBR0ZCM1pQeHZCVEhBaXlKRXZhRXBwZ2Qva09Na08xNlZja1ZTM0R0L3F4VFllMFcyOXpLWUh3WFBxWFhCVzhOcnpydytSUG1DWUdxM2g0YUtZMDhGOVZSa2M4UkhnRG1iaUY4ei8vTHVyK1Q%3D&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&anura_res=&fp=375b49bc67b4bc8c4285cd1135afd991&ckReS=1686842726.5361455 Requested by Host: telegramm.net URL: https://telegramm.net/ Protocol HTTP/1.1 Server 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS bidr.trellian.com Software Apache / Resource Hash Request headers Referer https://telegramm.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers connection close content-encoding gzip content-length 237 content-type text/html; charset=UTF-8 date Thu, 15 Jun 2023 15:25:26 GMT server Apache vary Accept-Encoding x-jr-code s Redirect headers connection close content-length 0 content-type text/html; charset=UTF-8 date Thu, 15 Jun 2023 15:25:26 GMT location jr.php?gz=0m4wCUOmDnGOg1%2B2sqL55H49fjdrY2xZWUNYbEt4c0NpbW5yb3pwUXFuN3c2eVNueHhyeXVKMklHWng2WUdXN1N3eG80SUpqaGlxNmw2eVQ4NmxvZU1OYkdCbWY0SDgrK3B3WEhqRFhnZzNVYUpGQ3NubzVDWDFaWnVsamt4SU44c2wzOEExS1pXL0xZMGtJT0xQMHlLaTVwcG41TnRaSE44RHVaTVJxVzZHSHYwdURtQUt5cDFPNVpNVE1WMjhxdldIdFlzYkljK0h3dm52cnJLZjltZGJ2bjNmZlNwbUVoU0dnNEdHVTE4NVB3U0VFamtZYkN3WUYyTExwcUdGSVF1TVlwaDJQQjhSYVd4aXU5dlkxUm5tMngrSm5mV2ZDMGlBYUFsa2tFR09OZ3ZRQ09hVWxibGo2MEF6cnNvT2EvMElodXRIbUx0ZHpsUTdNQ1c3eXFxVXU4ZkdzemFvOVV4TThWS1plSG11cnh5RzRlN2RoM1FEaE4vK25TaVZ3elUvQ3g2eHFKYzc2K2h4SjJQNVVzMVlqMEFjOVB2MUJJMmZqZ2FwNWplYUJERGhIVi9kelp6RFAydGpYVkpDQlgvQThOQm9wai9uaWlHZHRpZ0NPNzFqZWcwRVZtdkwrZUdpcDhSYWRiU1ZnWXpYb29vQUlJZ0RvM0R1TG8zbDNDOFFxeVhOMnpTY0F0MVFCMzVOQ05WZC9KTWRBNGhyZFc4Kzg3bFFZN0ZQR1RpWjlNZnhUV0p4UTY5VnhBN25LSEVwQjV1MG5pZWRJVlVXS3BEVnZZYWpwbEZSRXg2TUsxSnRNRWxEb0xyWUFWcEU5Tm1vdWJidjl0eXpqSFpwTUlsNGlxa3FsQ2ZuVGNMQlIvMmgxZkFpRGVaNzlFcVNIQVd4dmpQZzYwaEtLWjdOT0RHeGt1VlNnWmdrUmtiUXU1WG53S090YXpONmU3cnJWY0JDL3l5UHpzNHQyYkpLcGVtL2FaU0lBR0ZCM1pQeHZCVEhBaXlKRXZhRXBwZ2Qva09Na08xNlZja1ZTM0R0L3F4VFllMFcyOXpLWUh3WFBxWFhCVzhOcnpydytSUG1DWUdxM2g0YUtZMDhGOVZSa2M4UkhnRG1iaUY4ei8vTHVyK1Q%3D&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&anura_res=&fp=375b49bc67b4bc8c4285cd1135afd991&ckReS=1686842726.5361455 server Apache x-jr-code cr
GET H2	200	domainClick Show response p249699.myckdom.com/adServe/ Redirect Chain https://myckdom.com/aS/sfclick?u=7e5b0f7f-f9c7-46f6-a4ef-d5926ccdc9e8 https://p249699.myckdom.com/adServe/domainClick?ai=fMLVOUeNi-BThkx4T3vEN-J7Y_wx5gUOt7C94MDhhpHcqR3Q8211FeY32cc6MvwbigpM9ozScraNUGhGQF-N4w8mq9KwVXYQhZS733gASIA49zxrQQdLIoruzNmKxF1hyOqir8R0fOjF30M2VB...	677 B 746 B	299ms 290ms	Document text/html	52.117.247.211 SOFTLAYER
General Check archive.org Show headers Download Go to Full URL https://p249699.myckdom.com/adServe/domainClick?ai=fMLVOUeNi-BThkx4T3vEN-J7Y_wx5gUOt7C94MDhhpHcqR3Q8211FeY32cc6MvwbigpM9ozScraNUGhGQF-N4w8mq9KwVXYQhZS733gASIA49zxrQQdLIoruzNmKxF1hyOqir8R0fOjF30M2VB7JK_YxGUxmYtd301wNzPuunJnOCT8fsnJboSXAF11Nx61tWwD-ofwd9wwPdhGn3_C1PnzMxTSW33E-llpg4FhZfxRgSv9CsxkKb_qdB71zH5gr94HZPWkDzJsJbewQCztnWSTe00SSTdUbFRGBxBe2uwuxohzVFUl3QPF2BmR2UwOAoXb2s_ZSBV73HLdA0oaOzVtoweMxbkUxVnWruyDfRXVfSPcxVQni-afdnKfr5HD5hH96neDjclCgu6tNLJtXf_NVWUy-lk7PFjuED_lYu80Xu88wSWywELxBhUNI1iZDeG75T0AK4q2n55ck1eilrNWjri88Beg6ZonWe_Vtl9FOwVpObpfchy-mlknkRKkR&ui=yzphimlcv1XGkOSnr5TccpmqLhDpWjFVIaIc3yOo5HJKMbgggOf4_tDeudA19UCAFFgGHH_YzMtg00ddgEC8V2D35APZgUe5RSV4-8AXZOpF2tba06zAiw&si=1&oref=81af5df84657cf532eb6b8be7274bbc8&optunit=73wAm-tqjbt_dcSvDfNdPg&rb=qAhRA1HnC64&rr=1&abtg=0 Requested by Host: kepplir.com URL: http://kepplir.com/jr.php?gz=0m4wCUOmDnGOg1%2B2sqL55H49fjdrY2xZWUNYbEt4c0NpbW5yb3pwUXFuN3c2eVNueHhyeXVKMklHWng2WUdXN1N3eG80SUpqaGlxNmw2eVQ4NmxvZU1OYkdCbWY0SDgrK3B3WEhqRFhnZzNVYUpGQ3NubzVDWDFaWnVsamt4SU44c2wzOEExS1pXL0xZMGtJT0xQMHlLaTVwcG41TnRaSE44RHVaTVJxVzZHSHYwdURtQUt5cDFPNVpNVE1WMjhxdldIdFlzYkljK0h3dm52cnJLZjltZGJ2bjNmZlNwbUVoU0dnNEdHVTE4NVB3U0VFamtZYkN3WUYyTExwcUdGSVF1TVlwaDJQQjhSYVd4aXU5dlkxUm5tMngrSm5mV2ZDMGlBYUFsa2tFR09OZ3ZRQ09hVWxibGo2MEF6cnNvT2EvMElodXRIbUx0ZHpsUTdNQ1c3eXFxVXU4ZkdzemFvOVV4TThWS1plSG11cnh5RzRlN2RoM1FEaE4vK25TaVZ3elUvQ3g2eHFKYzc2K2h4SjJQNVVzMVlqMEFjOVB2MUJJMmZqZ2FwNWplYUJERGhIVi9kelp6RFAydGpYVkpDQlgvQThOQm9wai9uaWlHZHRpZ0NPNzFqZWcwRVZtdkwrZUdpcDhSYWRiU1ZnWXpYb29vQUlJZ0RvM0R1TG8zbDNDOFFxeVhOMnpTY0F0MVFCMzVOQ05WZC9KTWRBNGhyZFc4Kzg3bFFZN0ZQR1RpWjlNZnhUV0p4UTY5VnhBN25LSEVwQjV1MG5pZWRJVlVXS3BEVnZZYWpwbEZSRXg2TUsxSnRNRWxEb0xyWUFWcEU5Tm1vdWJidjl0eXpqSFpwTUlsNGlxa3FsQ2ZuVGNMQlIvMmgxZkFpRGVaNzlFcVNIQVd4dmpQZzYwaEtLWjdOT0RHeGt1VlNnWmdrUmtiUXU1WG53S090YXpONmU3cnJWY0JDL3l5UHpzNHQyYkpLcGVtL2FaU0lBR0ZCM1pQeHZCVEhBaXlKRXZhRXBwZ2Qva09Na08xNlZja1ZTM0R0L3F4VFllMFcyOXpLWUh3WFBxWFhCVzhOcnpydytSUG1DWUdxM2g0YUtZMDhGOVZSa2M4UkhnRG1iaUY4ei8vTHVyK1Q%3D&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&anura_res=&fp=375b49bc67b4bc8c4285cd1135afd991&ckReS=1686842726.5361455 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.117.247.211 , United States, ASN36351 (SOFTLAYER, US), Reverse DNS d3.f7.7534.ip4.static.sl-reverse.com Software nginx / Resource Hash `6b76c7ccb401817be2be67c575cb4598bc2ea7357ee44ca532452373982f9b65` Request headers Referer http://kepplir.com/jr.php?gz=0m4wCUOmDnGOg1%2B2sqL55H49fjdrY2xZWUNYbEt4c0NpbW5yb3pwUXFuN3c2eVNueHhyeXVKMklHWng2WUdXN1N3eG80SUpqaGlxNmw2eVQ4NmxvZU1OYkdCbWY0SDgrK3B3WEhqRFhnZzNVYUpGQ3NubzVDWDFaWnVsamt4SU44c2wzOEExS1pXL0xZMGtJT0xQMHlLaTVwcG41TnRaSE44RHVaTVJxVzZHSHYwdURtQUt5cDFPNVpNVE1WMjhxdldIdFlzYkljK0h3dm52cnJLZjltZGJ2bjNmZlNwbUVoU0dnNEdHVTE4NVB3U0VFamtZYkN3WUYyTExwcUdGSVF1TVlwaDJQQjhSYVd4aXU5dlkxUm5tMngrSm5mV2ZDMGlBYUFsa2tFR09OZ3ZRQ09hVWxibGo2MEF6cnNvT2EvMElodXRIbUx0ZHpsUTdNQ1c3eXFxVXU4ZkdzemFvOVV4TThWS1plSG11cnh5RzRlN2RoM1FEaE4vK25TaVZ3elUvQ3g2eHFKYzc2K2h4SjJQNVVzMVlqMEFjOVB2MUJJMmZqZ2FwNWplYUJERGhIVi9kelp6RFAydGpYVkpDQlgvQThOQm9wai9uaWlHZHRpZ0NPNzFqZWcwRVZtdkwrZUdpcDhSYWRiU1ZnWXpYb29vQUlJZ0RvM0R1TG8zbDNDOFFxeVhOMnpTY0F0MVFCMzVOQ05WZC9KTWRBNGhyZFc4Kzg3bFFZN0ZQR1RpWjlNZnhUV0p4UTY5VnhBN25LSEVwQjV1MG5pZWRJVlVXS3BEVnZZYWpwbEZSRXg2TUsxSnRNRWxEb0xyWUFWcEU5Tm1vdWJidjl0eXpqSFpwTUlsNGlxa3FsQ2ZuVGNMQlIvMmgxZkFpRGVaNzlFcVNIQVd4dmpQZzYwaEtLWjdOT0RHeGt1VlNnWmdrUmtiUXU1WG53S090YXpONmU3cnJWY0JDL3l5UHpzNHQyYkpLcGVtL2FaU0lBR0ZCM1pQeHZCVEhBaXlKRXZhRXBwZ2Qva09Na08xNlZja1ZTM0R0L3F4VFllMFcyOXpLWUh3WFBxWFhCVzhOcnpydytSUG1DWUdxM2g0YUtZMDhGOVZSa2M4UkhnRG1iaUY4ei8vTHVyK1Q%3D&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&anura_res=&fp=375b49bc67b4bc8c4285cd1135afd991&ckReS=1686842726.5361455 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers content-encoding gzip content-type text/html;charset=ISO-8859-1 date Thu, 15 Jun 2023 15:25:27 GMT server nginx vary Accept-Encoding Redirect headers content-length 0 date Thu, 15 Jun 2023 15:25:27 GMT location https://p249699.myckdom.com/adServe/domainClick?ai=fMLVOUeNi-BThkx4T3vEN-J7Y_wx5gUOt7C94MDhhpHcqR3Q8211FeY32cc6MvwbigpM9ozScraNUGhGQF-N4w8mq9KwVXYQhZS733gASIA49zxrQQdLIoruzNmKxF1hyOqir8R0fOjF30M2VB7JK_YxGUxmYtd301wNzPuunJnOCT8fsnJboSXAF11Nx61tWwD-ofwd9wwPdhGn3_C1PnzMxTSW33E-llpg4FhZfxRgSv9CsxkKb_qdB71zH5gr94HZPWkDzJsJbewQCztnWSTe00SSTdUbFRGBxBe2uwuxohzVFUl3QPF2BmR2UwOAoXb2s_ZSBV73HLdA0oaOzVtoweMxbkUxVnWruyDfRXVfSPcxVQni-afdnKfr5HD5hH96neDjclCgu6tNLJtXf_NVWUy-lk7PFjuED_lYu80Xu88wSWywELxBhUNI1iZDeG75T0AK4q2n55ck1eilrNWjri88Beg6ZonWe_Vtl9FOwVpObpfchy-mlknkRKkR&ui=yzphimlcv1XGkOSnr5TccpmqLhDpWjFVIaIc3yOo5HJKMbgggOf4_tDeudA19UCAFFgGHH_YzMtg00ddgEC8V2D35APZgUe5RSV4-8AXZOpF2tba06zAiw&si=1&oref=81af5df84657cf532eb6b8be7274bbc8&optunit=73wAm-tqjbt_dcSvDfNdPg&rb=qAhRA1HnC64&rr=1&abtg=0 server nginx
GET H2	200	track clkdeals.com/adServe/	49 B 197 B	825ms 273ms	Image image/gif	52.116.53.146 SOFTLAYER
General Check archive.org Show headers Download Go to Show image Full URL https://clkdeals.com/adServe/track?subid=90425094365&prdid=2750&price=0 Requested by Host: p249699.myckdom.com URL: https://p249699.myckdom.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.116.53.146 , United States, ASN36351 (SOFTLAYER, US), Reverse DNS 92.35.7434.ip4.static.sl-reverse.com Software nginx / Resource Hash Request headers accept-language en-AU,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Thu, 15 Jun 2023 15:25:28 GMT server nginx content-type image/gif access-control-allow-origin * cache-control no-cache content-length 49 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	Primary Request / Show response topstrathfield.com/XQE9wASzuLENVfvuwSyMM-JU1RSRxWfVWNgaULRJihg/	37 KB 14 KB	895ms 506ms	Document text/html	104.21.37.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://topstrathfield.com/XQE9wASzuLENVfvuwSyMM-JU1RSRxWfVWNgaULRJihg/?cid=90425094365&sid=434763702&s=0.0076 Requested by Host: p249699.myckdom.com URL: https://p249699.myckdom.com/adServe/domainClick?ai=fMLVOUeNi-BThkx4T3vEN-J7Y_wx5gUOt7C94MDhhpHcqR3Q8211FeY32cc6MvwbigpM9ozScraNUGhGQF-N4w8mq9KwVXYQhZS733gASIA49zxrQQdLIoruzNmKxF1hyOqir8R0fOjF30M2VB7JK_YxGUxmYtd301wNzPuunJnOCT8fsnJboSXAF11Nx61tWwD-ofwd9wwPdhGn3_C1PnzMxTSW33E-llpg4FhZfxRgSv9CsxkKb_qdB71zH5gr94HZPWkDzJsJbewQCztnWSTe00SSTdUbFRGBxBe2uwuxohzVFUl3QPF2BmR2UwOAoXb2s_ZSBV73HLdA0oaOzVtoweMxbkUxVnWruyDfRXVfSPcxVQni-afdnKfr5HD5hH96neDjclCgu6tNLJtXf_NVWUy-lk7PFjuED_lYu80Xu88wSWywELxBhUNI1iZDeG75T0AK4q2n55ck1eilrNWjri88Beg6ZonWe_Vtl9FOwVpObpfchy-mlknkRKkR&ui=yzphimlcv1XGkOSnr5TccpmqLhDpWjFVIaIc3yOo5HJKMbgggOf4_tDeudA19UCAFFgGHH_YzMtg00ddgEC8V2D35APZgUe5RSV4-8AXZOpF2tba06zAiw&si=1&oref=81af5df84657cf532eb6b8be7274bbc8&optunit=73wAm-tqjbt_dcSvDfNdPg&rb=qAhRA1HnC64&rr=1&abtg=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.37.206 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4e2470397c82875fbdb1d01c1f79f5dc7e1c7903f108a8908c3900fb16cf1945` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers accept-ch Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7d7bd370ef76a895-SYD content-encoding br content-type text/html date Thu, 15 Jun 2023 15:25:29 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ceqYAiNmPHyy6h8AKfFZ22Vfo4IIFEMp0uIiNLuK6Q6KK4Ji9jcgZfEmev40euBdkMfNVQxmaZAjz45Jv5ss8hPetumHvMb1hMnEZNuJPFSG5BGjWXJJSD6SvcVTOtJn7PS%2F278%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2` Request headers accept-language en-AU,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Content-Type image/png
GET		AFU1kAAPatM feed.cn-rtb.com/v1/native/	0 0

GET H2	200	conf.json Show response topstrathfield.com/hood/dG9wc3RyYXRoZmllbGQuY29t/	49 B 428 B	545ms 544ms	Fetch application/json	104.21.37.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://topstrathfield.com/hood/dG9wc3RyYXRoZmllbGQuY29t/conf.json Requested by Host: topstrathfield.com URL: https://topstrathfield.com/XQE9wASzuLENVfvuwSyMM-JU1RSRxWfVWNgaULRJihg/?cid=90425094365&sid=434763702&s=0.0076 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.37.206 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `74ec4c8ba068fbe0d9f1cf73c0e31411311ecb057473a5c5f219968d4797760b` Request headers accept-language en-AU,en;q=0.9 Referer https://topstrathfield.com/XQE9wASzuLENVfvuwSyMM-JU1RSRxWfVWNgaULRJihg/?cid=90425094365&sid=434763702&s=0.0076 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 15 Jun 2023 15:25:30 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Tue, 25 Apr 2023 12:31:37 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6447c829-31" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pg%2FaeUi6ZXrFDITKeaEtlW5J9c8m7%2FEHXClM%2BqdVBxX9M8QFqviNa8f%2BpjIiAudf1%2Fv1UBY3Qykn8MMp%2Boa4rmkohzlTRvS9aZ%2FveF1MjMZDDCwf5qGAim4QzJbIE7%2BqbLhWuEg%3D"}],"group":"cf-nel","max_age":604800} content-type application/json cf-ray 7d7bd374286ba895-SYD alt-svc h3=":443"; ma=86400
GET DATA	200 OK	truncated /	748 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `a5308b7decd6fc2d5e8438fb037c4a822125135db832c05437d754655ff2fc23` Request headers accept-language en-AU,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Content-Type image/svg+xml
GET		ht.js sdk.ocmhood.com/sdk/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: feed.cn-rtb.com
URL: https://feed.cn-rtb.com/v1/native/AFU1kAAPatM?subid=65514&uid=f4dbf2d6-cb2e-4c5b-98ec-f3c71e584aba&kw=download%20install

Domain: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2C-wxNDY4MjE0Nmal

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
telegramm.net/	1970-01-20 22:10:02	Name: __tad Value: 1686842722.6182207
kepplir.com/	1970-01-20 22:10:02	Name: __tad Value: 1686842726.5361455
.myckdom.com/	1970-01-20 16:53:14	Name: rhid Value: 83339440376
.myckdom.com/	1970-01-20 12:34:06	Name: loi Value: ad_1517335_off_960056_aff_840_cid_249699-155989832_ts_1686842727
topstrathfield.com/	1969-12-31 23:59:59	Name: session Value: WTJWa9P44ZTR9GD6R7yc9V9G1kVmFnz3

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

clkdeals.com
feed.cn-rtb.com
kepplir.com
myckdom.com
p249699.myckdom.com
sdk.ocmhood.com
telegramm.net
topstrathfield.com
feed.cn-rtb.com
sdk.ocmhood.com
103.224.182.206
103.224.212.231
104.21.37.206
52.116.53.146
52.117.247.211
424e1a0767a08d17bda33f430206a06cb6cc3baf3c557d6d932169b4b83caaf4
4e2470397c82875fbdb1d01c1f79f5dc7e1c7903f108a8908c3900fb16cf1945
6b76c7ccb401817be2be67c575cb4598bc2ea7357ee44ca532452373982f9b65
74ec4c8ba068fbe0d9f1cf73c0e31411311ecb057473a5c5f219968d4797760b
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed
a5308b7decd6fc2d5e8438fb037c4a822125135db832c05437d754655ff2fc23
c6bc28686490aba34a53ab3b709afa1fd73c21e60feb25608b09f23efe170089
ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2

topstrathfield.com Open in urlscan Pro 104.21.37.206 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

70 %HTTPS

0 %IPv6

7 Domains

8 Subdomains

6 IPs

3 Countries

39 kBTransfer

94 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

5 Cookies

Indicators

topstrathfield.com Open in urlscan Pro
104.21.37.206 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

70 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

6
IPs

3
Countries

39 kB
Transfer

94 kB
Size

5
Cookies

10 HTTP transactions
2 data transactions