urlscan.io logo urlscan.io
SecurityTrails logo

play.google.com Open in urlscan Pro
2607:f8b0:4006:823::200e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://domesticsupport.africa/
Effective URL: https://play.google.com/store/apps/details?id=com.zhiliaoapp.musically&hl=en&gl=US
Submission: On June 04 via automatic, source certstream-suspicious — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 8 domains to perform 18 HTTP transactions. The main IP is 2607:f8b0:4006:823::200e, located in and belongs to . The main domain is play.google.com.
TLS certificate: Issued by GTS CA 1C3 on May 9th 2022. Valid for: 3 months.
This is the only time play.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 5.101.45.7 209813 (FASTCONTENT)
1 2 5.189.217.110 209813 (FASTCONTENT)
1 2 149.248.3.79 ()
1 2607:f8b0:400... ()
18 8
3    2606:4700:3032::6815:4f88 (United States)

ASN13335 (CLOUDFLARENET, US)
domesticsupport.africa
1    2607:f8b0:4006:806::200a (Mullica Hill, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2607:f8b0:4006:80c::2003 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    5.101.45.7 (Haarlem, Netherlands)

ASN209813 (FASTCONTENT, DE)
takebest-prizes.life
2    5.189.217.110 (Haarlem, Netherlands)

ASN209813 (FASTCONTENT, DE)
gtaifm.covertooksun.xyz
2    149.248.3.79 (None, )

ASN- ()
spacecloudstore.com
1    2607:f8b0:4006:823::200e (None, )

ASN- ()
play.google.com
Domain Requested by
3 domesticsupport.africa domesticsupport.africa
2 spacecloudstore.com 1 redirects gtaifm.covertooksun.xyz
2 gtaifm.covertooksun.xyz 1 redirects takebest-prizes.life
2 takebest-prizes.life domesticsupport.africa
takebest-prizes.life
2 fonts.gstatic.com fonts.googleapis.com
play.google.com
1 play.google.com spacecloudstore.com
domesticsupport.africa
1 fonts.googleapis.com domesticsupport.africa
0 play-lh.googleusercontent.com Failed play.google.com
0 www.gstatic.com Failed play.google.com
18 9

This site contains no links.

Subject Issuer Validity Valid
*.domesticsupport.africa
E1		 2022-06-04 -
2022-09-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
takebest-prizes.life
R3		 2022-04-27 -
2022-07-26		 3 months crt.sh
*.covertooksun.xyz
R3		 2022-06-04 -
2022-09-02		 3 months crt.sh
spacecloudstore.com
R3		 2022-06-02 -
2022-08-31		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://play.google.com/store/apps/details?id=com.zhiliaoapp.musically&hl=en&gl=US
Frame ID: F20DB5A3338C2B9EC88406C8708BE274
Requests: 17 HTTP requests in this frame

Frame: https://takebest-prizes.life/media/mainstream/frame.html
Frame ID: 46D301FB63C76043B78F1EDDD6536D59
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://domesticsupport.africa/ Page URL
  2. https://takebest-prizes.life/?u=pqhk60a&o=3awgwfu Page URL
  3. https://gtaifm.covertooksun.xyz/bvxsvbit/?u=pqhk60a&o=3awgwfu&f=1&sid=t3~ghlmcwtx2g3vb4xphz2rpvwo&fp=DUghI3m... Page URL
  4. https://gtaifm.covertooksun.xyz/web/?sid=t3~ghlmcwtx2g3vb4xphz2rpvwo HTTP 302
    https://spacecloudstore.com/?url=I4WHKFughjIM4OSrD1FhgflBuuchpNyX022dpkYZcRKOs%2BnHIiVJuj9KMLIJmLpbmQBlt... HTTP 302
    https://spacecloudstore.com/away.php?url=I4WHKFughjIM4OSrD1FhgflBuuchpNyX022dpkYZcRKOs%2BnHIiVJuj9KMLIJm... Page URL
  5. https://play.google.com/store/apps/details?id=com.zhiliaoapp.musically&hl=en&gl=US Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

18
Requests

61 %
HTTPS

57 %
IPv6

8
Domains

9
Subdomains

8
IPs

2
Countries

383 kB
Transfer

1169 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://domesticsupport.africa/ Page URL
  2. https://takebest-prizes.life/?u=pqhk60a&o=3awgwfu Page URL
  3. https://gtaifm.covertooksun.xyz/bvxsvbit/?u=pqhk60a&o=3awgwfu&f=1&sid=t3~ghlmcwtx2g3vb4xphz2rpvwo&fp=DUghI3m%2FN2Ub7uyrMn%2FEvEqp2TxIUnwoT5B67mn74ARDwSNqO5olGHwQXBm%2FVZjHgD1wpJf3tAzMSnTrWKP4B%2FPwcbTkR7ct%2BUgFOlcZnjl0dk1rRXvVHN3onG3Y2eNiPpptAvJxiAu4Mq%2BnrvvBex8pVwEjwpaOXVlYQWMoobvmUigXBI2U3j6jvdIoRJM%2FirxKdhMoQnQOLIdNwiI1WogwSw5OlMSpDqGhOXno7sQDNWbwdWkgi%2FnlUZECVzIlpj8kbRU14eJg7Gid9ZykuXqDTGaf7Y8ZN6CRWQmswmXSwOsAWDkwKuMj9bFiHHwBDiUS3bIgacRmyrnbF2%2B1t%2FRagHV26TC7nUJ3tQYYs0%2FSgkjb0g82TOrPAUTOkyBGwO6A3E7HKEtfBRQzTOFRKuJ9gYv4jJciAkwgP%2ByMIZYs7pb6cRsNjmyt7slJg6XU%2B8n%2B96y%2Bde8oLc%2FhG%2FAgRP6aFBoGgtXW7e%2BjIXJJrVxWoKIwIm%2Btcs9awY4bSAuvWvsMqW57XSwh99mqF2IFnllaI3PA2K4vyetRWnd2Hil439tQ5Ra5rSOqZzWm1Nba9Vocji4fF4kF%2BEtupU3LPnqHizwaU4YHxQPKoVTIYD23tpNTbURTtv%2BAgApal2%2Bp%2BFQTFEY%2F4xRrifxXwNju%2BoUTYGkBz%2Fc9xiSZwKODlbQfE0FgUoNMgFkzV96o6XexhWi5IkI0C34cesja1s6zvO6Ak2Xz%2FlUeJ%2F8DslnPghXFrzKOmqkUSWshvQv%2Fa4C4ra5GSwmf1JNCCXSKX2GPQCwz1ROreBP1Mw7YOqmrh2TuYn9G4Wd6QTx9ShJrU0UGX5yuWb5T0JfBFS%2BF1d9APRZ1oVoj%2FhxEXmJt0IKPGYmxVQB92L5ZhxQMqIRJ%2FZ1%2BOhnPHKwU3ShHIoeCeCVrJQzjFW2acKOt9bsh8z6%2FqpOq%2FfvcvlJCUgH99WEhPCM7cWkQ4AcN9VePJcL2Wg1lJI6TIT8e64uT5Cea%2FsgZFu3QGZaECWf85gGvhKbauUGg8gIMWEWEMArINY8%2FhZ2s4ajnaYD%2FjEaKYx69WOXHfZUJmwALAFqr0x4RHXzZro8XdEC5YVkftXlxMRPkfNwx7NVy0xFfWquA2LK8E9kZ30lUu4v4oB%2FjkZbwgVRybiLh8lLZ9NzTj24lG5ZWBAhJRf1%2BtflQRArMPqMroN19kYh8uqUV2xx3As%2F6%2FoZHn6agGSN56eT0rymZ4cmfjaOAqga9NfLPo826wMlSA3zFo6JrgorxmvulsL7wwsC7f8C7Stfm1NFpTR4HVj0g5Pom1Q2HmeNihp8vtXXMW9M6GlAyARdBgDleubBQcn0hTbznqImZKWz2h5hn%2Fs2PHKTC81r8hUUnFrFh27l091i%2FmFUMDHu0eX8xJWXX4%2F4sfRBwkryI9MUmHPU7H149lx3TF00n5JixvJIBbXyysJ1VU8Kbuvqf0jQY2hqJYERGSEPf%2Fv6jmYmPfZR14vXWRPl0dZnl3BVFJ0GjuDdx7ms4Fd2jSo5eTRV1N2mtfMq6g6Lc9BVplRmrIxZpYWgTBsZUJUKbQ0F7R3w%2FFoa3lEYkUQs5OdiUqEe%2F5IcpGGA90OTBGiqGJXf1Vl8UduMbx1o%2BmXmRyZTiNjgW7OX3WLi52OcmcQcAGnXg6g%2FgF9PcBnXFOoj8joBxHEW14kHznS0S0bKZyNT8n5Yij67WTwlEIKIbVQcPDMk1HwKRgfXfQTtPLV%2FTD0hdORBZCocGkDx3fNE%2BZFen%2FwlS73YVUW1SLiW3mcYvaMOvNGjQuj0x%2BXfz1N3jApvmuifL4JcFpC9K2LF8guUOv4Ju0qyToMjOwsC8YZOBC0jBd9hem%2F9A5fh3fG%2BDWFN0dmHqi%2By%2Fp1KAsnJ%2BLp0H%2Fzzc3C8WkYJCgm4NYSEjmuZ6xiSJyYL3%2F5p2UJPXcZsIKSpA1gT9dXuaL%2FolZo8OZXl7%2BAbDB3v5o4s04t8CjgFuQmFujB8oXXNWETsJLZ4VN8ZN2gKNGEIJoQ%3D%3D Page URL
  4. https://gtaifm.covertooksun.xyz/web/?sid=t3~ghlmcwtx2g3vb4xphz2rpvwo HTTP 302
    https://spacecloudstore.com/?url=I4WHKFughjIM4OSrD1FhgflBuuchpNyX022dpkYZcRKOs%2BnHIiVJuj9KMLIJmLpbmQBltWEJtmiCqo%2BCL3smdYsLZJxTOx4KKCslpeNP9Sk06hpPcywqTw%3D%3D HTTP 302
    https://spacecloudstore.com/away.php?url=I4WHKFughjIM4OSrD1FhgflBuuchpNyX022dpkYZcRKOs%2BnHIiVJuj9KMLIJmLpbmQBltWEJtmiCqo%2BCL3smdYsLZJxTOx4KKCslpeNP9Sk06hpPcywqTw%3D%3D Page URL
  5. https://play.google.com/store/apps/details?id=com.zhiliaoapp.musically&hl=en&gl=US Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://gtaifm.covertooksun.xyz/web/?sid=t3~ghlmcwtx2g3vb4xphz2rpvwo HTTP 302
  • https://spacecloudstore.com/?url=I4WHKFughjIM4OSrD1FhgflBuuchpNyX022dpkYZcRKOs%2BnHIiVJuj9KMLIJmLpbmQBltWEJtmiCqo%2BCL3smdYsLZJxTOx4KKCslpeNP9Sk06hpPcywqTw%3D%3D HTTP 302
  • https://spacecloudstore.com/away.php?url=I4WHKFughjIM4OSrD1FhgflBuuchpNyX022dpkYZcRKOs%2BnHIiVJuj9KMLIJmLpbmQBltWEJtmiCqo%2BCL3smdYsLZJxTOx4KKCslpeNP9Sk06hpPcywqTw%3D%3D

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
domesticsupport.africa/ 		30 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://domesticsupport.africa/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:4f88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1b7f4d0afa9dfd9c623f9e8cb389261a590deb75e49e9df8d6764f2059f1880
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
71631cacdac1ca4b-YUL
content-encoding
br
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'
content-type
text/html;charset=UTF-8
date
Sat, 04 Jun 2022 19:35:30 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ufGRfOTdgWQMkvsMx6Zu7qwVKnCzTn%2BoNActR6qOX1tISfLXalEoAaYgVCiuCGVF0wdi%2BbmtwnjeOv%2BcQj9ov0CsbNZirNjfoLba7ldzWFI0AoPJ1KYdHbbb1GLp4%2BiA1Wm922KwMoHvIqufJHvlJvflgtaK"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-cache
HIT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		1 KB
911 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Neucha|Cabin+Sketch&display=swap
Requested by
Host: domesticsupport.africa
URL: https://domesticsupport.africa/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::200a Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3826d86a58bbf2b92df3fbca5852da04069928c67d0f9cc4d76efa3e0c989ef8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 04 Jun 2022 19:35:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 04 Jun 2022 19:35:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 04 Jun 2022 19:35:30 GMT
fingerprintjs.min.js
domesticsupport.africa/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://domesticsupport.africa/fingerprintjs.min.js
Requested by
Host: domesticsupport.africa
URL: https://domesticsupport.africa/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:4f88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ba0b4f3cf10386ff07877c16cbf7adc3d03ff4fd62f9bc3264c41569848ffa8
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://domesticsupport.africa/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 19:35:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Si8MDa2x9cdI%2FCPlb7xGJAmwe3AtSWqYSdUPwayI31V3YWOZl3onAHZpCOQWnYa124MOQk8ptlYfECimd9qYzpdD6Ugq9jJzk%2Fc2fRkfk5bXsnDmzywHb%2BZaIftByaDKNoyS2F%2Fxqh0TugMFOn8F5f2jcyh7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
private
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'
cf-ray
71631cae5c62ca4b-YUL
QGYpz_kZZAGCONcK2A4bGOj8mNhN.woff2
fonts.gstatic.com/s/cabinsketch/v19/ 		77 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cabinsketch/v19/QGYpz_kZZAGCONcK2A4bGOj8mNhN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Neucha|Cabin+Sketch&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2567d1d7790f635a8e4a705500bbf702f1220f5a14252a94e8bf2350fcc1ab2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://domesticsupport.africa
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 23:53:58 GMT
x-content-type-options
nosniff
age
157292
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
78908
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:29:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Jun 2023 23:53:58 GMT
q5uGsou0JOdh94bfvQlt.woff2
fonts.gstatic.com/s/neucha/v17/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/neucha/v17/q5uGsou0JOdh94bfvQlt.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Neucha|Cabin+Sketch&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e0c6ca42b9531a42a7994e3ed907ea9e3a360dcaa6f77847ef587340d21d6ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://domesticsupport.africa
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 01:17:13 GMT
x-content-type-options
nosniff
age
411497
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25376
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:40:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 May 2023 01:17:13 GMT
fingerprintjs.min.js
domesticsupport.africa/ 		222 B
917 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://domesticsupport.africa/fingerprintjs.min.js?20658121193369479
Requested by
Host: domesticsupport.africa
URL: https://domesticsupport.africa/fingerprintjs.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:4f88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://domesticsupport.africa/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 04 Jun 2022 19:35:30 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uIXhMbfHenHQtdsTpr%2BuDkM3EAiOZigCcBySzqI4iwdAZYggUQ3hp%2FRHTJlAC%2BWhwyh%2FDUnp%2FSsmZlUFoRww77hULrEwWOCaBJC8mbDH89ZGFD3wuhFCNxAjSGJQkMGWvLHIuL4xiutho2TnIryWV7QKCc0l"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
private
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'
cf-ray
71631cafff4c7145-YUL
/
takebest-prizes.life/ 		88 KB
88 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://takebest-prizes.life/?u=pqhk60a&o=3awgwfu
Requested by
Host: domesticsupport.africa
URL: https://domesticsupport.africa/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.101.45.7 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software
nginx /
Resource Hash
07f690f019e8a7aed2040c2dce13967cb8639272dfa9b228a98fb414c16b4922

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private no-transform
Connection
keep-alive
Content-Length
89674
Content-Type
text/html
Date
Sat, 04 Jun 2022 19:35:31 GMT
Server
nginx
frame.html
takebest-prizes.life/media/mainstream/ Frame 46D3 		39 B
320 B 		Document
General
Check archive.org
Download Go to
Full URL
https://takebest-prizes.life/media/mainstream/frame.html
Requested by
Host: takebest-prizes.life
URL: https://takebest-prizes.life/?u=pqhk60a&o=3awgwfu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.101.45.7 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software
nginx /
Resource Hash
a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e

Request headers

Referer
https://takebest-prizes.life/?u=pqhk60a&o=3awgwfu
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-transform
Connection
keep-alive
Content-Length
39
Content-Type
text/html
Date
Sat, 04 Jun 2022 19:35:32 GMT
ETag
"60a5fcce-27"
Last-Modified
Thu, 20 May 2021 06:08:14 GMT
Server
nginx
Vary
Accept-Encoding
/
gtaifm.covertooksun.xyz/bvxsvbit/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gtaifm.covertooksun.xyz/bvxsvbit/?u=pqhk60a&o=3awgwfu&f=1&sid=t3~ghlmcwtx2g3vb4xphz2rpvwo&fp=DUghI3m%2FN2Ub7uyrMn%2FEvEqp2TxIUnwoT5B67mn74ARDwSNqO5olGHwQXBm%2FVZjHgD1wpJf3tAzMSnTrWKP4B%2FPwcbTkR7ct%2BUgFOlcZnjl0dk1rRXvVHN3onG3Y2eNiPpptAvJxiAu4Mq%2BnrvvBex8pVwEjwpaOXVlYQWMoobvmUigXBI2U3j6jvdIoRJM%2FirxKdhMoQnQOLIdNwiI1WogwSw5OlMSpDqGhOXno7sQDNWbwdWkgi%2FnlUZECVzIlpj8kbRU14eJg7Gid9ZykuXqDTGaf7Y8ZN6CRWQmswmXSwOsAWDkwKuMj9bFiHHwBDiUS3bIgacRmyrnbF2%2B1t%2FRagHV26TC7nUJ3tQYYs0%2FSgkjb0g82TOrPAUTOkyBGwO6A3E7HKEtfBRQzTOFRKuJ9gYv4jJciAkwgP%2ByMIZYs7pb6cRsNjmyt7slJg6XU%2B8n%2B96y%2Bde8oLc%2FhG%2FAgRP6aFBoGgtXW7e%2BjIXJJrVxWoKIwIm%2Btcs9awY4bSAuvWvsMqW57XSwh99mqF2IFnllaI3PA2K4vyetRWnd2Hil439tQ5Ra5rSOqZzWm1Nba9Vocji4fF4kF%2BEtupU3LPnqHizwaU4YHxQPKoVTIYD23tpNTbURTtv%2BAgApal2%2Bp%2BFQTFEY%2F4xRrifxXwNju%2BoUTYGkBz%2Fc9xiSZwKODlbQfE0FgUoNMgFkzV96o6XexhWi5IkI0C34cesja1s6zvO6Ak2Xz%2FlUeJ%2F8DslnPghXFrzKOmqkUSWshvQv%2Fa4C4ra5GSwmf1JNCCXSKX2GPQCwz1ROreBP1Mw7YOqmrh2TuYn9G4Wd6QTx9ShJrU0UGX5yuWb5T0JfBFS%2BF1d9APRZ1oVoj%2FhxEXmJt0IKPGYmxVQB92L5ZhxQMqIRJ%2FZ1%2BOhnPHKwU3ShHIoeCeCVrJQzjFW2acKOt9bsh8z6%2FqpOq%2FfvcvlJCUgH99WEhPCM7cWkQ4AcN9VePJcL2Wg1lJI6TIT8e64uT5Cea%2FsgZFu3QGZaECWf85gGvhKbauUGg8gIMWEWEMArINY8%2FhZ2s4ajnaYD%2FjEaKYx69WOXHfZUJmwALAFqr0x4RHXzZro8XdEC5YVkftXlxMRPkfNwx7NVy0xFfWquA2LK8E9kZ30lUu4v4oB%2FjkZbwgVRybiLh8lLZ9NzTj24lG5ZWBAhJRf1%2BtflQRArMPqMroN19kYh8uqUV2xx3As%2F6%2FoZHn6agGSN56eT0rymZ4cmfjaOAqga9NfLPo826wMlSA3zFo6JrgorxmvulsL7wwsC7f8C7Stfm1NFpTR4HVj0g5Pom1Q2HmeNihp8vtXXMW9M6GlAyARdBgDleubBQcn0hTbznqImZKWz2h5hn%2Fs2PHKTC81r8hUUnFrFh27l091i%2FmFUMDHu0eX8xJWXX4%2F4sfRBwkryI9MUmHPU7H149lx3TF00n5JixvJIBbXyysJ1VU8Kbuvqf0jQY2hqJYERGSEPf%2Fv6jmYmPfZR14vXWRPl0dZnl3BVFJ0GjuDdx7ms4Fd2jSo5eTRV1N2mtfMq6g6Lc9BVplRmrIxZpYWgTBsZUJUKbQ0F7R3w%2FFoa3lEYkUQs5OdiUqEe%2F5IcpGGA90OTBGiqGJXf1Vl8UduMbx1o%2BmXmRyZTiNjgW7OX3WLi52OcmcQcAGnXg6g%2FgF9PcBnXFOoj8joBxHEW14kHznS0S0bKZyNT8n5Yij67WTwlEIKIbVQcPDMk1HwKRgfXfQTtPLV%2FTD0hdORBZCocGkDx3fNE%2BZFen%2FwlS73YVUW1SLiW3mcYvaMOvNGjQuj0x%2BXfz1N3jApvmuifL4JcFpC9K2LF8guUOv4Ju0qyToMjOwsC8YZOBC0jBd9hem%2F9A5fh3fG%2BDWFN0dmHqi%2By%2Fp1KAsnJ%2BLp0H%2Fzzc3C8WkYJCgm4NYSEjmuZ6xiSJyYL3%2F5p2UJPXcZsIKSpA1gT9dXuaL%2FolZo8OZXl7%2BAbDB3v5o4s04t8CjgFuQmFujB8oXXNWETsJLZ4VN8ZN2gKNGEIJoQ%3D%3D
Requested by
Host: takebest-prizes.life
URL: https://takebest-prizes.life/?u=pqhk60a&o=3awgwfu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.189.217.110 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://takebest-prizes.life/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private no-transform
Connection
keep-alive
Content-Length
1511
Content-Type
text/html
Date
Sat, 04 Jun 2022 19:35:34 GMT
Server
nginx
away.php
spacecloudstore.com/
Redirect Chain
  • https://gtaifm.covertooksun.xyz/web/?sid=t3~ghlmcwtx2g3vb4xphz2rpvwo
  • https://spacecloudstore.com/?url=I4WHKFughjIM4OSrD1FhgflBuuchpNyX022dpkYZcRKOs%2BnHIiVJuj9KMLIJmLpbmQBltWEJtmiCqo%2BCL3smdYsLZJxTOx4KKCslpeNP9Sk06hpPcywqTw%3D%3D
  • https://spacecloudstore.com/away.php?url=I4WHKFughjIM4OSrD1FhgflBuuchpNyX022dpkYZcRKOs%2BnHIiVJuj9KMLIJmLpbmQBltWEJtmiCqo%2BCL3smdYsLZJxTOx4KKCslpeNP9Sk06hpPcywqTw%3D%3D
283 B
458 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spacecloudstore.com/away.php?url=I4WHKFughjIM4OSrD1FhgflBuuchpNyX022dpkYZcRKOs%2BnHIiVJuj9KMLIJmLpbmQBltWEJtmiCqo%2BCL3smdYsLZJxTOx4KKCslpeNP9Sk06hpPcywqTw%3D%3D
Requested by
Host: gtaifm.covertooksun.xyz
URL: https://gtaifm.covertooksun.xyz/bvxsvbit/?u=pqhk60a&o=3awgwfu&f=1&sid=t3~ghlmcwtx2g3vb4xphz2rpvwo&fp=DUghI3m%2FN2Ub7uyrMn%2FEvEqp2TxIUnwoT5B67mn74ARDwSNqO5olGHwQXBm%2FVZjHgD1wpJf3tAzMSnTrWKP4B%2FPwcbTkR7ct%2BUgFOlcZnjl0dk1rRXvVHN3onG3Y2eNiPpptAvJxiAu4Mq%2BnrvvBex8pVwEjwpaOXVlYQWMoobvmUigXBI2U3j6jvdIoRJM%2FirxKdhMoQnQOLIdNwiI1WogwSw5OlMSpDqGhOXno7sQDNWbwdWkgi%2FnlUZECVzIlpj8kbRU14eJg7Gid9ZykuXqDTGaf7Y8ZN6CRWQmswmXSwOsAWDkwKuMj9bFiHHwBDiUS3bIgacRmyrnbF2%2B1t%2FRagHV26TC7nUJ3tQYYs0%2FSgkjb0g82TOrPAUTOkyBGwO6A3E7HKEtfBRQzTOFRKuJ9gYv4jJciAkwgP%2ByMIZYs7pb6cRsNjmyt7slJg6XU%2B8n%2B96y%2Bde8oLc%2FhG%2FAgRP6aFBoGgtXW7e%2BjIXJJrVxWoKIwIm%2Btcs9awY4bSAuvWvsMqW57XSwh99mqF2IFnllaI3PA2K4vyetRWnd2Hil439tQ5Ra5rSOqZzWm1Nba9Vocji4fF4kF%2BEtupU3LPnqHizwaU4YHxQPKoVTIYD23tpNTbURTtv%2BAgApal2%2Bp%2BFQTFEY%2F4xRrifxXwNju%2BoUTYGkBz%2Fc9xiSZwKODlbQfE0FgUoNMgFkzV96o6XexhWi5IkI0C34cesja1s6zvO6Ak2Xz%2FlUeJ%2F8DslnPghXFrzKOmqkUSWshvQv%2Fa4C4ra5GSwmf1JNCCXSKX2GPQCwz1ROreBP1Mw7YOqmrh2TuYn9G4Wd6QTx9ShJrU0UGX5yuWb5T0JfBFS%2BF1d9APRZ1oVoj%2FhxEXmJt0IKPGYmxVQB92L5ZhxQMqIRJ%2FZ1%2BOhnPHKwU3ShHIoeCeCVrJQzjFW2acKOt9bsh8z6%2FqpOq%2FfvcvlJCUgH99WEhPCM7cWkQ4AcN9VePJcL2Wg1lJI6TIT8e64uT5Cea%2FsgZFu3QGZaECWf85gGvhKbauUGg8gIMWEWEMArINY8%2FhZ2s4ajnaYD%2FjEaKYx69WOXHfZUJmwALAFqr0x4RHXzZro8XdEC5YVkftXlxMRPkfNwx7NVy0xFfWquA2LK8E9kZ30lUu4v4oB%2FjkZbwgVRybiLh8lLZ9NzTj24lG5ZWBAhJRf1%2BtflQRArMPqMroN19kYh8uqUV2xx3As%2F6%2FoZHn6agGSN56eT0rymZ4cmfjaOAqga9NfLPo826wMlSA3zFo6JrgorxmvulsL7wwsC7f8C7Stfm1NFpTR4HVj0g5Pom1Q2HmeNihp8vtXXMW9M6GlAyARdBgDleubBQcn0hTbznqImZKWz2h5hn%2Fs2PHKTC81r8hUUnFrFh27l091i%2FmFUMDHu0eX8xJWXX4%2F4sfRBwkryI9MUmHPU7H149lx3TF00n5JixvJIBbXyysJ1VU8Kbuvqf0jQY2hqJYERGSEPf%2Fv6jmYmPfZR14vXWRPl0dZnl3BVFJ0GjuDdx7ms4Fd2jSo5eTRV1N2mtfMq6g6Lc9BVplRmrIxZpYWgTBsZUJUKbQ0F7R3w%2FFoa3lEYkUQs5OdiUqEe%2F5IcpGGA90OTBGiqGJXf1Vl8UduMbx1o%2BmXmRyZTiNjgW7OX3WLi52OcmcQcAGnXg6g%2FgF9PcBnXFOoj8joBxHEW14kHznS0S0bKZyNT8n5Yij67WTwlEIKIbVQcPDMk1HwKRgfXfQTtPLV%2FTD0hdORBZCocGkDx3fNE%2BZFen%2FwlS73YVUW1SLiW3mcYvaMOvNGjQuj0x%2BXfz1N3jApvmuifL4JcFpC9K2LF8guUOv4Ju0qyToMjOwsC8YZOBC0jBd9hem%2F9A5fh3fG%2BDWFN0dmHqi%2By%2Fp1KAsnJ%2BLp0H%2Fzzc3C8WkYJCgm4NYSEjmuZ6xiSJyYL3%2F5p2UJPXcZsIKSpA1gT9dXuaL%2FolZo8OZXl7%2BAbDB3v5o4s04t8CjgFuQmFujB8oXXNWETsJLZ4VN8ZN2gKNGEIJoQ%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
149.248.3.79 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://gtaifm.covertooksun.xyz/bvxsvbit/?u=pqhk60a&o=3awgwfu&f=1&sid=t3~ghlmcwtx2g3vb4xphz2rpvwo&fp=DUghI3m%2FN2Ub7uyrMn%2FEvEqp2TxIUnwoT5B67mn74ARDwSNqO5olGHwQXBm%2FVZjHgD1wpJf3tAzMSnTrWKP4B%2FPwcbTkR7ct%2BUgFOlcZnjl0dk1rRXvVHN3onG3Y2eNiPpptAvJxiAu4Mq%2BnrvvBex8pVwEjwpaOXVlYQWMoobvmUigXBI2U3j6jvdIoRJM%2FirxKdhMoQnQOLIdNwiI1WogwSw5OlMSpDqGhOXno7sQDNWbwdWkgi%2FnlUZECVzIlpj8kbRU14eJg7Gid9ZykuXqDTGaf7Y8ZN6CRWQmswmXSwOsAWDkwKuMj9bFiHHwBDiUS3bIgacRmyrnbF2%2B1t%2FRagHV26TC7nUJ3tQYYs0%2FSgkjb0g82TOrPAUTOkyBGwO6A3E7HKEtfBRQzTOFRKuJ9gYv4jJciAkwgP%2ByMIZYs7pb6cRsNjmyt7slJg6XU%2B8n%2B96y%2Bde8oLc%2FhG%2FAgRP6aFBoGgtXW7e%2BjIXJJrVxWoKIwIm%2Btcs9awY4bSAuvWvsMqW57XSwh99mqF2IFnllaI3PA2K4vyetRWnd2Hil439tQ5Ra5rSOqZzWm1Nba9Vocji4fF4kF%2BEtupU3LPnqHizwaU4YHxQPKoVTIYD23tpNTbURTtv%2BAgApal2%2Bp%2BFQTFEY%2F4xRrifxXwNju%2BoUTYGkBz%2Fc9xiSZwKODlbQfE0FgUoNMgFkzV96o6XexhWi5IkI0C34cesja1s6zvO6Ak2Xz%2FlUeJ%2F8DslnPghXFrzKOmqkUSWshvQv%2Fa4C4ra5GSwmf1JNCCXSKX2GPQCwz1ROreBP1Mw7YOqmrh2TuYn9G4Wd6QTx9ShJrU0UGX5yuWb5T0JfBFS%2BF1d9APRZ1oVoj%2FhxEXmJt0IKPGYmxVQB92L5ZhxQMqIRJ%2FZ1%2BOhnPHKwU3ShHIoeCeCVrJQzjFW2acKOt9bsh8z6%2FqpOq%2FfvcvlJCUgH99WEhPCM7cWkQ4AcN9VePJcL2Wg1lJI6TIT8e64uT5Cea%2FsgZFu3QGZaECWf85gGvhKbauUGg8gIMWEWEMArINY8%2FhZ2s4ajnaYD%2FjEaKYx69WOXHfZUJmwALAFqr0x4RHXzZro8XdEC5YVkftXlxMRPkfNwx7NVy0xFfWquA2LK8E9kZ30lUu4v4oB%2FjkZbwgVRybiLh8lLZ9NzTj24lG5ZWBAhJRf1%2BtflQRArMPqMroN19kYh8uqUV2xx3As%2F6%2FoZHn6agGSN56eT0rymZ4cmfjaOAqga9NfLPo826wMlSA3zFo6JrgorxmvulsL7wwsC7f8C7Stfm1NFpTR4HVj0g5Pom1Q2HmeNihp8vtXXMW9M6GlAyARdBgDleubBQcn0hTbznqImZKWz2h5hn%2Fs2PHKTC81r8hUUnFrFh27l091i%2FmFUMDHu0eX8xJWXX4%2F4sfRBwkryI9MUmHPU7H149lx3TF00n5JixvJIBbXyysJ1VU8Kbuvqf0jQY2hqJYERGSEPf%2Fv6jmYmPfZR14vXWRPl0dZnl3BVFJ0GjuDdx7ms4Fd2jSo5eTRV1N2mtfMq6g6Lc9BVplRmrIxZpYWgTBsZUJUKbQ0F7R3w%2FFoa3lEYkUQs5OdiUqEe%2F5IcpGGA90OTBGiqGJXf1Vl8UduMbx1o%2BmXmRyZTiNjgW7OX3WLi52OcmcQcAGnXg6g%2FgF9PcBnXFOoj8joBxHEW14kHznS0S0bKZyNT8n5Yij67WTwlEIKIbVQcPDMk1HwKRgfXfQTtPLV%2FTD0hdORBZCocGkDx3fNE%2BZFen%2FwlS73YVUW1SLiW3mcYvaMOvNGjQuj0x%2BXfz1N3jApvmuifL4JcFpC9K2LF8guUOv4Ju0qyToMjOwsC8YZOBC0jBd9hem%2F9A5fh3fG%2BDWFN0dmHqi%2By%2Fp1KAsnJ%2BLp0H%2Fzzc3C8WkYJCgm4NYSEjmuZ6xiSJyYL3%2F5p2UJPXcZsIKSpA1gT9dXuaL%2FolZo8OZXl7%2BAbDB3v5o4s04t8CjgFuQmFujB8oXXNWETsJLZ4VN8ZN2gKNGEIJoQ%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Sat, 04 Jun 2022 19:35:34 GMT
Server
nginx
Transfer-Encoding
chunked

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Sat, 04 Jun 2022 19:35:34 GMT
Location
/away.php?url=I4WHKFughjIM4OSrD1FhgflBuuchpNyX022dpkYZcRKOs%2BnHIiVJuj9KMLIJmLpbmQBltWEJtmiCqo%2BCL3smdYsLZJxTOx4KKCslpeNP9Sk06hpPcywqTw%3D%3D
Server
nginx
Transfer-Encoding
chunked
Primary Request details
play.google.com/store/apps/ 		946 KB
176 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://play.google.com/store/apps/details?id=com.zhiliaoapp.musically&hl=en&gl=US
Requested by
Host: spacecloudstore.com
URL: https://spacecloudstore.com/away.php?url=I4WHKFughjIM4OSrD1FhgflBuuchpNyX022dpkYZcRKOs%2BnHIiVJuj9KMLIJmLpbmQBltWEJtmiCqo%2BCL3smdYsLZJxTOx4KKCslpeNP9Sk06hpPcywqTw%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/PlayStoreUi/cspreport script-src 'report-sample' 'nonce-4FDQ4VusMfN959p0eSUrFQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/PlayStoreUi/cspreport;worker-src 'self' script-src 'nonce-4FDQ4VusMfN959p0eSUrFQ' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://market.android.com https://www.google-analytics.com/analytics.js https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/PlayStoreUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/PlayStoreUi/cspreport script-src 'report-sample' 'nonce-4FDQ4VusMfN959p0eSUrFQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/PlayStoreUi/cspreport;worker-src 'self' script-src 'nonce-4FDQ4VusMfN959p0eSUrFQ' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://market.android.com https://www.google-analytics.com/analytics.js https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/PlayStoreUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
date
Sat, 04 Jun 2022 19:35:35 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=edge
x-xss-protection
0
cspreport
play.google.com/_/PlayStoreUi/ 		0
0
m=_b,_tp
www.gstatic.com/_/boq-play/_/js/k=boq-play.PlayStoreUi.en.bv_xwH3IIAU.2021.O/am=zmLP-H3g78csBCA/d=1/excm=_b,_tp,appdetailsview/ed=1/dg=0/wt=2/esmo=1/rs=AB1caFVH1Bz4xUefMQ-S3llZUW8Mmzn5qQ/ 		0
0
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v14/ 		0
0
Gw6kwdfw6UnXLJCcmafZyFRXb3BL9rvi0QZG3Q.woff2
fonts.gstatic.com/s/googlematerialicons/v109/ 		0
0
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v14/ 		0
0
z5nin1RdQ4UZhv6fa1FNG7VE33imGqPgC4kKZIUjgf_up7E-Pj3AaojlMPwNNXaeGA=w240-h480-rw
play-lh.googleusercontent.com/ 		0
0
mw_NfsvKM8m6RPv8Fz2GQawCOsqWv010saMnc7zbWalMxuaA9IY8h7E0VMieLxSxAFB98NFeYqbFrXXq=w48-h16-rw
play-lh.googleusercontent.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
play.google.com
URL
https://play.google.com/_/PlayStoreUi/cspreport
Domain
www.gstatic.com
URL
https://www.gstatic.com/_/boq-play/_/js/k=boq-play.PlayStoreUi.en.bv_xwH3IIAU.2021.O/am=zmLP-H3g78csBCA/d=1/excm=_b,_tp,appdetailsview/ed=1/dg=0/wt=2/esmo=1/rs=AB1caFVH1Bz4xUefMQ-S3llZUW8Mmzn5qQ/m=_b,_tp
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/googlematerialicons/v109/Gw6kwdfw6UnXLJCcmafZyFRXb3BL9rvi0QZG3Q.woff2
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Domain
play-lh.googleusercontent.com
URL
https://play-lh.googleusercontent.com/z5nin1RdQ4UZhv6fa1FNG7VE33imGqPgC4kKZIUjgf_up7E-Pj3AaojlMPwNNXaeGA=w240-h480-rw
Domain
play-lh.googleusercontent.com
URL
https://play-lh.googleusercontent.com/mw_NfsvKM8m6RPv8Fz2GQawCOsqWv010saMnc7zbWalMxuaA9IY8h7E0VMieLxSxAFB98NFeYqbFrXXq=w48-h16-rw

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation

4 Cookies

Domain/Path Name / Value
domesticsupport.africa/ Name: rjjmfydn
Value: RWxvbiUyME11c2slMjBUYWwlQzMlQTFsbSVDMyVBMW55YWk=
takebest-prizes.life/ Name: sid
Value: t3~ghlmcwtx2g3vb4xphz2rpvwo
takebest-prizes.life/ Name: p1
Value: https://covertooksun.xyz/bvxsvbit/
takebest-prizes.life/ Name: s1
Value: fr3ado8rknv4uttm

1 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block