urlscan.io logo urlscan.io
SecurityTrails logo

torrent-protection.com Open in urlscan Pro
167.99.123.14  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://newssites09.com/
Effective URL: https://torrent-protection.com/download-now/?domain=totaladblock.com&hash=62850e8a6ae70&s1=53846_RvoFUFhF-SIU6-5vo5-aaF6-E6jvhj...
Submission: On December 27 via manual from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 10 domains to perform 9 HTTP transactions. The main IP is 167.99.123.14, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is torrent-protection.com. The Cisco Umbrella rank of the primary domain is 244285.
TLS certificate: Issued by R3 on December 2nd 2022. Valid for: 3 months.
This is the only time torrent-protection.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 142.93.150.145 14061 (DIGITALOC...)
1 1 64.227.23.114 14061 (DIGITALOC...)
2 3 35.186.243.67 15169 (GOOGLE)
1 1 34.196.146.107 14618 (AMAZON-AES)
1 1 107.20.106.95 14618 (AMAZON-AES)
1 1 18.211.113.229 14618 (AMAZON-AES)
1 4 167.99.123.14 14061 (DIGITALOC...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
9 7
1    142.93.150.145 (Toronto, Canada)

ASN14061 (DIGITALOCEAN-ASN, US)
newssites09.com
1    64.227.23.114 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
polo.thegadgetguru.club
3    35.186.243.67 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 67.243.186.35.bc.googleusercontent.com
buzzonclick.com
1    34.196.146.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-146-107.compute-1.amazonaws.com
marially-watears.icu
1    107.20.106.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-106-95.compute-1.amazonaws.com
plus.aff-track.net
1    18.211.113.229 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-113-229.compute-1.amazonaws.com
restoreoverlyspeedyinfo-file.info
4    167.99.123.14 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: torrent-protection.com
torrent-protection.com
1    2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
2    2607:f8b0:4006:823::200a (Nutley, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2607:f8b0:4006:822::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
4 torrent-protection.com
torrent-protection.com — Cisco Umbrella Rank: 244285
12 KB
3 buzzonclick.com
buzzonclick.com — Cisco Umbrella Rank: 361900
3 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 111
2 KB
1 gstatic.com
fonts.gstatic.com
44 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 866
34 KB
1 restoreoverlyspeedyinfo-file.info
restoreoverlyspeedyinfo-file.info
478 B
1 aff-track.net
plus.aff-track.net
383 B
1 marially-watears.icu
marially-watears.icu
624 B
1 thegadgetguru.club
polo.thegadgetguru.club — Cisco Umbrella Rank: 939984
327 B
1 newssites09.com
newssites09.com
601 B
9 10
Domain Requested by
4 torrent-protection.com 1 redirects buzzonclick.com
torrent-protection.com
3 buzzonclick.com 2 redirects newssites09.com
2 fonts.googleapis.com torrent-protection.com
1 fonts.gstatic.com fonts.googleapis.com
1 code.jquery.com torrent-protection.com
1 restoreoverlyspeedyinfo-file.info 1 redirects
1 plus.aff-track.net 1 redirects
1 marially-watears.icu 1 redirects
1 polo.thegadgetguru.club 1 redirects
1 newssites09.com
9 10

This site contains links to these domains. Also see Links.

Domain
www.totaladblock.com
url.totaladblock.com
Subject Issuer Validity Valid
buzzonclick.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-30 -
2023-06-30		 a year crt.sh
torrent-protection.com
R3		 2022-12-02 -
2023-03-02		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://torrent-protection.com/download-now/?domain=totaladblock.com&hash=62850e8a6ae70&s1=53846_RvoFUFhF-SIU6-5vo5-aaF6-E6jvhjD5vSWI_vFFoSc6-6F6ooR56EF-o&s2=uHDYmb9m0dtrr23rU7TdWeyandtRFxs4&s3=(Anything_else)&action=download
Frame ID: 4D10F067037A4D662D65B6912BA21910
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Chrome Notification

Page URL History Show full URLs

  1. http://newssites09.com/ Page URL
  2. https://polo.thegadgetguru.club/?k=efbabb21f3c95d37af05493670f04397&type=mainstream&subtype=global HTTP 302
    https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=a60df9c6d04365ee366c9ac6b495dbd9&sub1=56... Page URL
  3. https://buzzonclick.com/jump/next.php?stamat=m%257CZ3Y2Y7o2aQdHkAH0dEdHP3xP.9a1%252C7H0PozvLiGV-YkDx... HTTP 302
    https://buzzonclick.com/script/i.php?stamat=m%257C%252C%252CgjfXo3K6tGU3B0-GH0dEdHP3xP.22e%252CP9sBx... HTTP 302
    https://marially-watears.icu/1506f6d6-9bf2-4504-aa62-3275d7c459eb?pubid=5660982-2620014236-0&creative=234... HTTP 302
    https://plus.aff-track.net/BszAJE/?utm_source=7032&utm_campaign=11523044&cid=APAE02_w51t6ksf9l1ms8fl2s9... HTTP 302
    https://restoreoverlyspeedyinfo-file.info/29yUCJzjsUxENQRmB6rPpPLMVpnOnqBIX6XZ45-X8p4?cid=APAE02_w51t6ksf9l1ms8fl2s9v1... HTTP 302
    https://torrent-protection.com/download-now?domain=totaladblock.com&hash=62850e8a6ae70&s1=53846_RvoFUFhF-SI... HTTP 301
    https://torrent-protection.com/download-now/?domain=totaladblock.com&hash=62850e8a6ae70&s1=53846_RvoFUFhF-S... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

9
Requests

89 %
HTTPS

30 %
IPv6

10
Domains

10
Subdomains

7
IPs

3
Countries

95 kB
Transfer

177 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://newssites09.com/ Page URL
  2. https://polo.thegadgetguru.club/?k=efbabb21f3c95d37af05493670f04397&type=mainstream&subtype=global HTTP 302
    https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=a60df9c6d04365ee366c9ac6b495dbd9&sub1=562&clickid=a60df9c6d04365ee366c9ac6b495dbd9 Page URL
  3. https://buzzonclick.com/jump/next.php?stamat=m%257CZ3Y2Y7o2aQdHkAH0dEdHP3xP.9a1%252C7H0PozvLiGV-YkDx825CHskSSd6XsuBam7RDzPv_Bkznc8NB0KhPrUagbhXFgdDeqUC_3EVgD4-qrBD7gIMUStQkV7239nlxpkRBIit2WbQsxdzsU_ALZTg02WoDNRIbKcw-dqCuDaC3YOuRz9nc0A%252C%252C&cbpage=https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=a60df9c6d04365ee366c9ac6b495dbd9&sub1=562&clickid=a60df9c6d04365ee366c9ac6b495dbd9&cbur=0.6524996155541949&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=http%3A%2F%2Fnewssites09.com%2F HTTP 302
    https://buzzonclick.com/script/i.php?stamat=m%257C%252C%252CgjfXo3K6tGU3B0-GH0dEdHP3xP.22e%252CP9sBx4F8ln97fjcbOnfTK173XOxKvy-FtjMVcoSaxccRpiStZFqLdkzoa4cjCpWv9WlllEEjPQXtFeVlvP10D1c4PLjHYoDyvzdDSbCqAf7fH765D0pNVuKDbiHy3RyrxeFXOijEXMmhv5oTfs4b2XEeMDiG37JzmYIz3eE91RhTqUPjelloqk7fNj0UxMc0WcClMmR-nSAJXuFj9ajGwG5EJTwABgzVDpUzJFEvsJFlSRzFGMzNG6v_Ax_C-E2U6WP2ejn4D0D2DYScyi6jbBIJ80CmqPV59KepBAZiOCuL5-ZkEpt_sT_JcNsa1HUhyDaE53JCcpmQFNEc3cTWqLvffGIKcTo5nDUmVI3d7yo9yQCDusICrDgwvGV8z47zncHgCR2wmA-66q9_Muhmg_OuXvwDS_yDfl8GSqI3Y1baG84sehJqvZOqEhxgoRIMkDitrz2CCs0USqezlLHTzw0QJa9KQL6XQjS-l__YaH7_GZFBN5httT2bVpCMsgVQEfXE2zbZVAU2FtPnQOZSQjlGOjcxXh4pLCBq6aMf0XYY-SlnT_chtl0pNSeg1tbsRpb_7JKXfohLGcgfLTa70VuuUyF3YB48G5ubVXGCDps%252C HTTP 302
    https://marially-watears.icu/1506f6d6-9bf2-4504-aa62-3275d7c459eb?pubid=5660982-2620014236-0&creative=23494260&ISP=OVH%20SAS&camapignid=303071820&lang=en&browser=Chrome&platform=Windows&SSP=&mzone=5660982&IDFA=[udid]&cost=&clickid=167210050510000TCATV425035145514Vce HTTP 302
    https://plus.aff-track.net/BszAJE/?utm_source=7032&utm_campaign=11523044&cid=APAE02_w51t6ksf9l1ms8fl2s9v184e&sid=1506f6d6-9bf2-4504-aa62-3275d7c459eb_5660982-2620014236-0 HTTP 302
    https://restoreoverlyspeedyinfo-file.info/29yUCJzjsUxENQRmB6rPpPLMVpnOnqBIX6XZ45-X8p4?cid=APAE02_w51t6ksf9l1ms8fl2s9v184e&sid=1506f6d6-9bf2-4504-aa62-3275d7c459eb_5660982-2620014236-0 HTTP 302
    https://torrent-protection.com/download-now?domain=totaladblock.com&hash=62850e8a6ae70&s1=53846_RvoFUFhF-SIU6-5vo5-aaF6-E6jvhjD5vSWI_vFFoSc6-6F6ooR56EF-o&s2=uHDYmb9m0dtrr23rU7TdWeyandtRFxs4&s3=(Anything_else)&action=download HTTP 301
    https://torrent-protection.com/download-now/?domain=totaladblock.com&hash=62850e8a6ae70&s1=53846_RvoFUFhF-SIU6-5vo5-aaF6-E6jvhjD5vSWI_vFFoSc6-6F6ooR56EF-o&s2=uHDYmb9m0dtrr23rU7TdWeyandtRFxs4&s3=(Anything_else)&action=download Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://polo.thegadgetguru.club/?k=efbabb21f3c95d37af05493670f04397&type=mainstream&subtype=global HTTP 302
  • https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=a60df9c6d04365ee366c9ac6b495dbd9&sub1=562&clickid=a60df9c6d04365ee366c9ac6b495dbd9

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
newssites09.com/ 		407 B
601 B 		Document
General
Check archive.org
Download Go to
Full URL
http://newssites09.com/
Protocol
HTTP/1.1
Server
142.93.150.145 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Length
230
Content-Type
text/html; charset=UTF-8
Date
Tue, 27 Dec 2022 00:21:44 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx
Vary
Accept-Encoding
next.php
buzzonclick.com/jump/
Redirect Chain
  • https://polo.thegadgetguru.club/?k=efbabb21f3c95d37af05493670f04397&type=mainstream&subtype=global
  • https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=a60df9c6d04365ee366c9ac6b495dbd9&sub1=562&clickid=a60df9c6d04365ee366c9ac6b495dbd9
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=a60df9c6d04365ee366c9ac6b495dbd9&sub1=562&clickid=a60df9c6d04365ee366c9ac6b495dbd9
Requested by
Host: newssites09.com
URL: http://newssites09.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.243.67 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
67.243.186.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Referer
http://newssites09.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 27 Dec 2022 00:21:45 GMT
server
openresty
via
1.1 google

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Tue, 27 Dec 2022 00:21:44 GMT
Location
https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=a60df9c6d04365ee366c9ac6b495dbd9&sub1=562&clickid=a60df9c6d04365ee366c9ac6b495dbd9
Server
nginx/1.16.1 (Ubuntu)
Primary Request /
torrent-protection.com/download-now/
Redirect Chain
  • https://buzzonclick.com/jump/next.php?stamat=m%257CZ3Y2Y7o2aQdHkAH0dEdHP3xP.9a1%252C7H0PozvLiGV-YkDx825CHskSSd6XsuBam7RDzPv_Bkznc8NB0KhPrUagbhXFgdDeqUC_3EVgD4-qrBD7gIMUStQkV7239nlxpkRBIit2WbQsxdzsU...
  • https://buzzonclick.com/script/i.php?stamat=m%257C%252C%252CgjfXo3K6tGU3B0-GH0dEdHP3xP.22e%252CP9sBx4F8ln97fjcbOnfTK173XOxKvy-FtjMVcoSaxccRpiStZFqLdkzoa4cjCpWv9WlllEEjPQXtFeVlvP10D1c4PLjHYoDyvzdDSb...
  • https://marially-watears.icu/1506f6d6-9bf2-4504-aa62-3275d7c459eb?pubid=5660982-2620014236-0&creative=23494260&ISP=OVH%20SAS&camapignid=303071820&lang=en&browser=Chrome&platform=Windows&SSP=&mzone=...
  • https://plus.aff-track.net/BszAJE/?utm_source=7032&utm_campaign=11523044&cid=APAE02_w51t6ksf9l1ms8fl2s9v184e&sid=1506f6d6-9bf2-4504-aa62-3275d7c459eb_5660982-2620014236-0
  • https://restoreoverlyspeedyinfo-file.info/29yUCJzjsUxENQRmB6rPpPLMVpnOnqBIX6XZ45-X8p4?cid=APAE02_w51t6ksf9l1ms8fl2s9v184e&sid=1506f6d6-9bf2-4504-aa62-3275d7c459eb_5660982-2620014236-0
  • https://torrent-protection.com/download-now?domain=totaladblock.com&hash=62850e8a6ae70&s1=53846_RvoFUFhF-SIU6-5vo5-aaF6-E6jvhjD5vSWI_vFFoSc6-6F6ooR56EF-o&s2=uHDYmb9m0dtrr23rU7TdWeyandtRFxs4&s3=(Any...
  • https://torrent-protection.com/download-now/?domain=totaladblock.com&hash=62850e8a6ae70&s1=53846_RvoFUFhF-SIU6-5vo5-aaF6-E6jvhjD5vSWI_vFFoSc6-6F6ooR56EF-o&s2=uHDYmb9m0dtrr23rU7TdWeyandtRFxs4&s3=(An...
15 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://torrent-protection.com/download-now/?domain=totaladblock.com&hash=62850e8a6ae70&s1=53846_RvoFUFhF-SIU6-5vo5-aaF6-E6jvhjD5vSWI_vFFoSc6-6F6ooR56EF-o&s2=uHDYmb9m0dtrr23rU7TdWeyandtRFxs4&s3=(Anything_else)&action=download
Requested by
Host: buzzonclick.com
URL: https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=a60df9c6d04365ee366c9ac6b495dbd9&sub1=562&clickid=a60df9c6d04365ee366c9ac6b495dbd9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
167.99.123.14 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
torrent-protection.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
28ff93557876ccda920d75b5476fadfb6da2c19f838f455cdc2231f494e0ca56

Request headers

Referer
https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=a60df9c6d04365ee366c9ac6b495dbd9&sub1=562&clickid=a60df9c6d04365ee366c9ac6b495dbd9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Tue, 27 Dec 2022 00:21:46 GMT
etag
W/"6287b728-3a2b"
last-modified
Fri, 20 May 2022 15:43:36 GMT
server
nginx/1.15.9 (Ubuntu)

Redirect headers

content-length
178
content-type
text/html
date
Tue, 27 Dec 2022 00:21:46 GMT
location
https://torrent-protection.com/download-now/?domain=totaladblock.com&hash=62850e8a6ae70&s1=53846_RvoFUFhF-SIU6-5vo5-aaF6-E6jvhjD5vSWI_vFFoSc6-6F6ooR56EF-o&s2=uHDYmb9m0dtrr23rU7TdWeyandtRFxs4&s3=(Anything_else)&action=download
server
nginx/1.15.9 (Ubuntu)
jquery-1.12.0.min.js
code.jquery.com/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.12.0.min.js
Requested by
Host: torrent-protection.com
URL: https://torrent-protection.com/download-now/?domain=totaladblock.com&hash=62850e8a6ae70&s1=53846_RvoFUFhF-SIU6-5vo5-aaF6-E6jvhjD5vSWI_vFFoSc6-6F6ooR56EF-o&s2=uHDYmb9m0dtrr23rU7TdWeyandtRFxs4&s3=(Anything_else)&action=download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://torrent-protection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 00:21:46 GMT
content-encoding
gzip
x-sp-metadata
HS256.CKqRqZ0GEo8BCiQ4ZjgxOTY1OS05ODNlLTQ2YjgtYTExOC0yNzIyZGM4NzI0MDQQ+OiCoKvU+wIaBgia9aidBiIUMjYwNzo1MzAwOjYwOjc4Njc6OjIoxMcCMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaLAgBEiRmYzFiODQ5Yy1lMjUwLTRjYWEtODU4Ny03N2MzMWQxOGVlZDcYnIgCIhgIAhIUY2RzMTg2LmRjMi5od2Nkbi5uZXQ=.4zFxZEOB7UnLz7+FrNKC1eqC2K0yKilrHumUxh42qM4=
last-modified
Fri, 12 Aug 2022 13:47:01 GMT
server
nginx
etag
W/"62f659d5-17c52"
vary
Accept-Encoding
x-hw
1672100506.dop206.dc2.t,1672100506.cds008.dc2.hn,1672100506.cds186.dc2.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33820
css
fonts.googleapis.com/ 		8 KB
803 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700,800&display=swap
Requested by
Host: torrent-protection.com
URL: https://torrent-protection.com/download-now/?domain=totaladblock.com&hash=62850e8a6ae70&s1=53846_RvoFUFhF-SIU6-5vo5-aaF6-E6jvhjD5vSWI_vFFoSc6-6F6ooR56EF-o&s2=uHDYmb9m0dtrr23rU7TdWeyandtRFxs4&s3=(Anything_else)&action=download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1dab49c7e7f030b2673f47a20ce13a30211a6c8c3699456d233453fe94e751a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://torrent-protection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 27 Dec 2022 00:21:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 26 Dec 2022 23:13:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 27 Dec 2022 00:21:46 GMT
css
fonts.googleapis.com/ 		1 KB
992 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Varela+Round&display=swap
Requested by
Host: torrent-protection.com
URL: https://torrent-protection.com/download-now/?domain=totaladblock.com&hash=62850e8a6ae70&s1=53846_RvoFUFhF-SIU6-5vo5-aaF6-E6jvhjD5vSWI_vFFoSc6-6F6ooR56EF-o&s2=uHDYmb9m0dtrr23rU7TdWeyandtRFxs4&s3=(Anything_else)&action=download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
caa761f345bab156984d7a0a5c51062cbc19dbecf61dc28a7972756bda9dc914
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://torrent-protection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 27 Dec 2022 00:21:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 27 Dec 2022 00:08:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 27 Dec 2022 00:21:46 GMT
gear.png
torrent-protection.com/download-now/img/ 		564 B
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://torrent-protection.com/download-now/img/gear.png
Requested by
Host: torrent-protection.com
URL: https://torrent-protection.com/download-now/?domain=totaladblock.com&hash=62850e8a6ae70&s1=53846_RvoFUFhF-SIU6-5vo5-aaF6-E6jvhjD5vSWI_vFFoSc6-6F6ooR56EF-o&s2=uHDYmb9m0dtrr23rU7TdWeyandtRFxs4&s3=(Anything_else)&action=download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
167.99.123.14 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
torrent-protection.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
2b56c868a0a996954007f9295569d73a1b9e586aed9ba1e981d7d7012dc9f518

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://torrent-protection.com/download-now/?domain=totaladblock.com&hash=62850e8a6ae70&s1=53846_RvoFUFhF-SIU6-5vo5-aaF6-E6jvhjD5vSWI_vFFoSc6-6F6ooR56EF-o&s2=uHDYmb9m0dtrr23rU7TdWeyandtRFxs4&s3=(Anything_else)&action=download
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 00:21:46 GMT
content-encoding
gzip
server
nginx/1.15.9 (Ubuntu)
content-type
text/html
ChromeWebStore_Badge_v2_340x96.png
torrent-protection.com/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://torrent-protection.com/images/ChromeWebStore_Badge_v2_340x96.png
Requested by
Host: torrent-protection.com
URL: https://torrent-protection.com/download-now/?domain=totaladblock.com&hash=62850e8a6ae70&s1=53846_RvoFUFhF-SIU6-5vo5-aaF6-E6jvhjD5vSWI_vFFoSc6-6F6ooR56EF-o&s2=uHDYmb9m0dtrr23rU7TdWeyandtRFxs4&s3=(Anything_else)&action=download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
167.99.123.14 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
torrent-protection.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
f49e4bff319083c20b3386f23547315773631e155e389ed42550295e4913e12d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://torrent-protection.com/download-now/?domain=totaladblock.com&hash=62850e8a6ae70&s1=53846_RvoFUFhF-SIU6-5vo5-aaF6-E6jvhjD5vSWI_vFFoSc6-6F6ooR56EF-o&s2=uHDYmb9m0dtrr23rU7TdWeyandtRFxs4&s3=(Anything_else)&action=download
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 00:21:46 GMT
last-modified
Thu, 11 Aug 2022 09:51:00 GMT
server
nginx/1.15.9 (Ubuntu)
accept-ranges
bytes
etag
"62f4d104-1608"
content-length
5640
content-type
image/png
truncated
/ 		173 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e32d99e816a42958b9473f470a2600963602981007576d85220044e6137965b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://torrent-protection.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:29:25 GMT
x-content-type-options
nosniff
age
431541
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 00:29:25 GMT

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| $ function| jQuery function| getUrlVars function| buildUrl string| url boolean| isOpera boolean| isFirefox boolean| isSafari boolean| isIE boolean| isEdge boolean| isChrome boolean| isEdgeChromium boolean| isBlink undefined| source string| navlangue undefined| checker function| chromeinitcontrol

4 Cookies

Domain/Path Name / Value
newssites09.com/ Name: PHPSESSID
Value: c6ronhfb3o4fe6fa5ispi5vega
.marially-watears.icu/ Name: 1506f6d6-9bf2-4504-aa62-3275d7c459eb-v4
Value: y_se2qCgZ7Sqq5X4iNw12Z047MLVAQhzWiAqYBCZtrY
.marially-watears.icu/ Name: voluum-cid-v4
Value: %7B%22cid%22%3A%22w51t6ksf9l1ms8fl2s9v184e%22%2C%22caid%22%3A%221506f6d6-9bf2-4504-aa62-3275d7c459eb%22%7D
restoreoverlyspeedyinfo-file.info/ Name: session
Value: uHDYmb9m0dtrr23rU7TdWeyandtRFxs4

1 Console Messages

Source Level URL
Text
network error URL: https://torrent-protection.com/download-now/img/gear.png
Message:
Failed to load resource: the server responded with a status of 404 ()