urlscan.io logo urlscan.io
SecurityTrails logo

www.totemcash.com Open in urlscan Pro
185.252.0.33  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://tubcorporate.com/
Effective URL: https://www.totemcash.com/home.php
Submission: On December 22 via automatic, source certstream-suspicious — Scanned from IL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 13 domains to perform 43 HTTP transactions. The main IP is 185.252.0.33, located in United Kingdom and belongs to ZENEX5IVE-NL Zenex 5ive Limited, GB. The main domain is www.totemcash.com.
TLS certificate: Issued by R11 on December 9th 2024. Valid for: 3 months.
This is the only time www.totemcash.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 15.197.225.128 16509 (AMAZON-02)
3 28 185.252.0.33 209181 (ZENEX5IVE...)
1 1 104.18.27.45 13335 (CLOUDFLAR...)
1 104.18.10.207 13335 (CLOUDFLAR...)
3 142.250.186.170 15169 (GOOGLE)
2 104.18.26.45 13335 (CLOUDFLAR...)
4 142.250.184.195 15169 (GOOGLE)
1 104.17.25.14 13335 (CLOUDFLAR...)
2 172.217.16.206 15169 (GOOGLE)
1 142.250.184.232 15169 (GOOGLE)
1 172.217.18.14 15169 (GOOGLE)
1 66.102.1.155 15169 (GOOGLE)
1 142.250.186.130 15169 (GOOGLE)
1 142.250.181.227 15169 (GOOGLE)
43 12
1    15.197.225.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com
tubcorporate.com
28    185.252.0.33 (United Kingdom)

ASN209181 (ZENEX5IVE-NL Zenex 5ive Limited, GB)
vexlira.com
www.totemcash.com
1    104.18.27.45 (None, )

ASN13335 (CLOUDFLARENET, US)
affiliates.istripper.com
1    104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
3    142.250.186.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f10.1e100.net
fonts.googleapis.com
2    104.18.26.45 (None, )

ASN13335 (CLOUDFLARENET, US)
www.istripper.com
4    142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net
fonts.gstatic.com
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    172.217.16.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f206.1e100.net
www.google-analytics.com
1    142.250.184.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f8.1e100.net
www.googletagmanager.com
1    172.217.18.14 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f14.1e100.net
analytics.google.com
1    66.102.1.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f155.1e100.net
stats.g.doubleclick.net
1    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
td.doubleclick.net
1    142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net
www.google.co.il
Apex Domain
Subdomains		 Transfer
27 totemcash.com
www.totemcash.com
3 MB
4 gstatic.com
fonts.gstatic.com
69 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
3 KB
3 istripper.com
affiliates.istripper.com
www.istripper.com — Cisco Umbrella Rank: 945334
31 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
td.doubleclick.net — Cisco Umbrella Rank: 182
555 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
22 KB
1 google.co.il
www.google.co.il — Cisco Umbrella Rank: 35336
408 B
1 google.com
analytics.google.com — Cisco Umbrella Rank: 142
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
99 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
16 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1255
6 KB
1 vexlira.com
vexlira.com
399 B
1 tubcorporate.com
tubcorporate.com
318 B
43 13
Domain Requested by
27 www.totemcash.com 2 redirects www.totemcash.com
4 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com www.totemcash.com
2 www.google-analytics.com www.totemcash.com
www.google-analytics.com
2 www.istripper.com www.totemcash.com
1 www.google.co.il
1 td.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 www.googletagmanager.com www.google-analytics.com
1 cdnjs.cloudflare.com www.totemcash.com
1 maxcdn.bootstrapcdn.com www.totemcash.com
1 affiliates.istripper.com 1 redirects
1 vexlira.com 1 redirects
1 tubcorporate.com 1 redirects
43 15

This site contains links to these domains. Also see Links.

Domain
www.istripper.com
www.vrparadise.com
discord.gg
www.affpaying.com
totemcore.com
Subject Issuer Validity Valid
istripper.com
R11		 2024-12-09 -
2025-03-09		 3 months crt.sh
bootstrapcdn.com
WE1		 2024-11-18 -
2025-02-16		 3 months crt.sh
upload.video.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.gstatic.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-11-26 -
2025-02-24		 3 months crt.sh
*.google-analytics.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.doubleclick.net
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.google.co.il
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.totemcash.com/home.php
Frame ID: 406242A8546F8933F6BE3E4957ADA712
Requests: 42 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-3MLXB7L370&gacid=1384018905.1734902896&gtm=45je4cc1v9126248232za200&dma=0&gcd=13l3l3l3l2l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1860333036
Frame ID: 20355AECE13A41F3101B67319467EA20
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home | iStripper Affiliation Program

Page URL History Show full URLs

  1. https://tubcorporate.com/ HTTP 301
    https://vexlira.com/?ia=44905 HTTP 301
    http://affiliates.istripper.com/ref.php?s=44905 HTTP 307
    https://affiliates.istripper.com/ref.php?s=44905 HTTP 301
    https://www.totemcash.com/ref.php?s=44905 HTTP 302
    https://www.totemcash.com/ HTTP 301
    https://www.totemcash.com/home.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /(?:([\d.])+/)?highlight(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

43
Requests

100 %
HTTPS

0 %
IPv6

13
Domains

15
Subdomains

12
IPs

3
Countries

3019 kB
Transfer

3606 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tubcorporate.com/ HTTP 301
    https://vexlira.com/?ia=44905 HTTP 301
    http://affiliates.istripper.com/ref.php?s=44905 HTTP 307
    https://affiliates.istripper.com/ref.php?s=44905 HTTP 301
    https://www.totemcash.com/ref.php?s=44905 HTTP 302
    https://www.totemcash.com/ HTTP 301
    https://www.totemcash.com/home.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request home.php
www.totemcash.com/
Redirect Chain
  • https://tubcorporate.com/
  • https://vexlira.com/?ia=44905
  • http://affiliates.istripper.com/ref.php?s=44905
  • https://affiliates.istripper.com/ref.php?s=44905
  • https://www.totemcash.com/ref.php?s=44905
  • https://www.totemcash.com/
  • https://www.totemcash.com/home.php
31 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.totemcash.com/home.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.252.0.33 , United Kingdom, ASN209181 (ZENEX5IVE-NL Zenex 5ive Limited, GB),
Reverse DNS
Software
nginx/1.14.1 / PHP/7.3.33
Resource Hash
902a0a903d4d950a81dfc09796aebf8e3e0d8857e5b819bba03f2c3404b8c0cc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 22 Dec 2024 21:28:14 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx/1.14.1
transfer-encoding
chunked
vary
Accept-Encoding Accept-Encoding
x-powered-by
PHP/7.3.33

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
date
Sun, 22 Dec 2024 21:28:14 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
/home.php
pragma
no-cache
server
nginx/1.14.1
transfer-encoding
chunked
x-powered-by
PHP/7.3.33
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Requested by
Host: www.totemcash.com
URL: https://www.totemcash.com/home.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.totemcash.com/

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
HIT
etag
"04425bbdc6243fc6e54bf8984fe50330"
age
1972536
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sun, 22 Dec 2024 21:28:14 GMT
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
11/18/2024 16:48:11
cdn-requestpullcode
200
priority
u=0,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
2
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
a04529b53ce1996dcbbef91ac39eb5fb
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.06
cf-ray
8f633353f9ba640c-LHR
access-control-allow-origin
*
cdn-edgestorageid
1074
server
cloudflare
cdn-requestcountrycode
FR
css
fonts.googleapis.com/ 		1 KB
950 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Asap:400
Requested by
Host: www.totemcash.com
URL: https://www.totemcash.com/home.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
ESF /
Resource Hash
5be7d6da1b63134bbec3b912fd941c894c7075a9011df3a6fd37043af4778f83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.totemcash.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 22 Dec 2024 21:28:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 22 Dec 2024 21:28:14 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 22 Dec 2024 21:28:14 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/ 		5 KB
675 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:300,400,700
Requested by
Host: www.totemcash.com
URL: https://www.totemcash.com/home.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
ESF /
Resource Hash
44a720b2a8db96972912e1bb7452febe2e1154f41ac4cd413a2a5c31f59c8220
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.totemcash.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 22 Dec 2024 21:28:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 22 Dec 2024 21:28:14 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 22 Dec 2024 21:28:14 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
screen.css
www.totemcash.com/styles/ 		144 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.totemcash.com/styles/screen.css?v3
Requested by
Host: www.totemcash.com
URL: https://www.totemcash.com/home.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.252.0.33 , United Kingdom, ASN209181 (ZENEX5IVE-NL Zenex 5ive Limited, GB),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
71efaf7ebc73ea96f26312476276d7da66a5bac2b17a84d3cf78143f38bde427

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.totemcash.com/home.php

Response headers

transfer-encoding
chunked
cache-control
public, max-age=604800, no-transform
content-encoding
gzip
etag
W/"65f818e9-241b9"
age
0
via
1.1 varnish (Varnish/6.0)
x-varnish
8431402
accept-ranges
bytes
x-cache
MISS
date
Sun, 22 Dec 2024 21:28:14 GMT
content-type
text/css
last-modified
Mon, 18 Mar 2024 10:35:21 GMT
server
nginx/1.14.1
vary
Accept-Encoding
home.css
www.totemcash.com/styles/ 		0
337 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.totemcash.com/styles/home.css
Requested by
Host: www.totemcash.com
URL: https://www.totemcash.com/home.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.252.0.33 , United Kingdom, ASN209181 (ZENEX5IVE-NL Zenex 5ive Limited, GB),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.totemcash.com/home.php

Response headers

cache-control
public, max-age=604800, no-transform
etag
"65e03f37-0"
age
0
via
1.1 varnish (Varnish/6.0)
accept-ranges
bytes
x-varnish
6695375
x-cache
MISS
content-length
0
date
Sun, 22 Dec 2024 21:28:14 GMT
content-type
text/css
last-modified
Thu, 29 Feb 2024 08:24:23 GMT
server
nginx/1.14.1
left-menu.css
www.totemcash.com/styles/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.totemcash.com/styles/left-menu.css
Requested by
Host: www.totemcash.com
URL: https://www.totemcash.com/home.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.252.0.33 , United Kingdom, ASN209181 (ZENEX5IVE-NL Zenex 5ive Limited, GB),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
2026f6e1a63c9049c0dbcecad47320b1b98942949033e645972cdf9dcdd140cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.totemcash.com/home.php

Response headers

transfer-encoding
chunked
cache-control
public, max-age=604800, no-transform
content-encoding
gzip
etag
W/"65ae6c60-1059"
age
0
via
1.1 varnish (Varnish/6.0)
x-varnish
9006928
accept-ranges
bytes
x-cache
MISS
date
Sun, 22 Dec 2024 21:28:14 GMT
content-type
text/css
last-modified
Mon, 22 Jan 2024 13:23:44 GMT
server
nginx/1.14.1
vary
Accept-Encoding
adblockdetector.js
www.totemcash.com/javascript/ 		22 B
444 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.totemcash.com/javascript/adblockdetector.js
Requested by
Host: www.totemcash.com
URL: https://www.totemcash.com/home.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.252.0.33 , United Kingdom, ASN209181 (ZENEX5IVE-NL Zenex 5ive Limited, GB),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
ce86a5e68322ec362fbfb538f6c070416249624809d1d55937cfb5dcf49a297a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.totemcash.com/home.php

Response headers

cache-control
public, max-age=604800, no-transform
content-encoding
gzip
etag
W/"65e0538f-16"
age
0
via
1.1 varnish (Varnish/6.0)
x-varnish
9458478
accept-ranges
bytes
x-cache
MISS
content-length
42
date
Sun, 22 Dec 2024 21:28:14 GMT
content-type
application/javascript
last-modified
Thu, 29 Feb 2024 09:51:11 GMT
server
nginx/1.14.1
vary
Accept-Encoding
print.css
www.totemcash.com/styles/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.totemcash.com/styles/print.css
Requested by
Host: www.totemcash.com
URL: https://www.totemcash.com/home.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.252.0.33 , United Kingdom, ASN209181 (ZENEX5IVE-NL Zenex 5ive Limited, GB),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
f98752070ebc6a3466021771fef00742442d974ba876bbedd2595eeefcbaaa28

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.totemcash.com/home.php

Response headers

transfer-encoding
chunked
cache-control
public, max-age=604800, no-transform
content-encoding
gzip
etag
W/"571a2811-b24"
age
0
via
1.1 varnish (Varnish/6.0)
x-varnish
9006973
accept-ranges
bytes
x-cache
MISS
date
Sun, 22 Dec 2024 21:28:15 GMT
content-type
text/css
last-modified
Fri, 22 Apr 2016 13:33:05 GMT
server
nginx/1.14.1
vary
Accept-Encoding
istripper.png
www.totemcash.com/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.totemcash.com/images/istripper.png
Requested by
Host: www.totemcash.com
URL: https://www.totemcash.com/home.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.252.0.33 , United Kingdom, ASN209181 (ZENEX5IVE-NL Zenex 5ive Limited, GB),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
4c3e08edfa0edb7cfff52d18d320ad040eb707998d604276327953a1dac12527

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.totemcash.com/home.php

Response headers

cache-control
public, max-age=604800, no-transform
etag
"571a2811-17a7"
age
0
via
1.1 varnish (Varnish/6.0)
accept-ranges
bytes
x-varnish
6695378
x-cache
MISS
content-length
6055
date
Sun, 22 Dec 2024 21:28:14 GMT
content-type
image/png
last-modified
Fri, 22 Apr 2016 13:33:05 GMT
server
nginx/1.14.1
XBIZ_GAUCHE.svg
www.totemcash.com/images/ 		7 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.totemcash.com/images/XBIZ_GAUCHE.svg
Requested by
Host: www.totemcash.com
URL: https://www.totemcash.com/home.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.252.0.33 , United Kingdom, ASN209181 (ZENEX5IVE-NL Zenex 5ive Limited, GB),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
cf506db2d24aebba2309c55af58defdfd7f70662a2d72b2c68a9187267935182

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.totemcash.com/home.php

Response headers

transfer-encoding
chunked
cache-control
public, max-age=604800, no-transform
content-encoding
gzip
etag
W/"65b0f06d-1b79"
age
0
via
1.1 varnish (Varnish/6.0)
x-varnish
9006931
accept-ranges
bytes
x-cache
MISS
date
Sun, 22 Dec 2024 21:28:14 GMT
content-type
image/svg+xml
last-modified
Wed, 24 Jan 2024 11:11:41 GMT
server
nginx/1.14.1
vary
Accept-Encoding
vrParadise.svg
www.totemcash.com/images/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.totemcash.com/images/vrParadise.svg
Requested by
Host: www.totemcash.com
URL: https://www.totemcash.com/home.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.252.0.33 , United Kingdom, ASN209181 (ZENEX5IVE-NL Zenex 5ive Limited, GB),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
eeee7459ce1f398e2abfafb5a017e09c42a4ce5ced8ef540300c7fe87a46a6e7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.totemcash.com/home.php

Response headers

transfer-encoding
chunked
cache-control
public, max-age=604800, no-transform
content-encoding
gzip
etag
W/"65b0dc93-15b4"
age
0
via
1.1 varnish (Varnish/6.0)
x-varnish
6695386
accept-ranges
bytes
x-cache
MISS
date
Sun, 22 Dec 2024 21:28:15 GMT
content-type
image/svg+xml
last-modified
Wed, 24 Jan 2024 09:46:59 GMT
server
nginx/1.14.1
vary
Accept-Encoding
STEAM_DROITE.svg
www.totemcash.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.totemcash.com/images/STEAM_DROITE.svg
Requested by
Host: www.totemcash.com
URL: https://www.totemcash.com/home.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.252.0.33 , United Kingdom, ASN209181 (ZENEX5IVE-NL Zenex 5ive Limited, GB),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
946629d5df117a5157922796e4f1ac0874d1dd1ef8fc78ba3ee12a0a2ffc430b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.totemcash.com/home.php

Response headers

transfer-encoding
chunked
cache-control
public, max-age=604800, no-transform
content-encoding
gzip
etag
W/"65b0f06c-951"
age
0
via
1.1 varnish (Varnish/6.0)
x-varnish
8431415
accept-ranges
bytes
x-cache
MISS
date
Sun, 22 Dec 2024 21:28:15 GMT
content-type
image/svg+xml
last-modified
Wed, 24 Jan 2024 11:11:40 GMT
server
nginx/1.14.1
vary
Accept-Encoding
s6c.png
www.totemcash.com/images/slides/ 		181 KB
181 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.totemcash.com/images/slides/s6c.png
Requested by
Host: www.totemcash.com
URL: https://www.totemcash.com/home.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.252.0.33 , United Kingdom, ASN209181 (ZENEX5IVE-NL Zenex 5ive Limited, GB),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
2d92616e7ec40775e79f5c5696de07c14a97cb5c6d84fa0dab1fed3b7bb85a35

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.totemcash.com/home.php

Response headers

cache-control
public, max-age=604800, no-transform
etag
"65670be8-2d2fe"
age
0
via
1.1 varnish (Varnish/6.0)
accept-ranges
bytes
x-varnish
10044689
x-cache
MISS
content-length
185086
date
Sun, 22 Dec 2024 21:28:15 GMT
content-type
image/png
last-modified
Wed, 29 Nov 2023 10:01:12 GMT
server
nginx/1.14.1
popping_black.svg
www.totemcash.com/images/i/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.totemcash.com/images/i/popping_black.svg
Requested by
Host: www.totemcash.com
URL: https://www.totemcash.com/home.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.252.0.33 , United Kingdom, ASN209181 (ZENEX5IVE-NL Zenex 5ive Limited, GB),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
dda22f5e320a5cf44c35abcea7ccfa69ead5571a588c32812cd6427e0582659e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.totemcash.com/home.php

Response headers

transfer-encoding
chunked
cache-control
public, max-age=604800, no-transform
content-encoding
gzip
etag
W/"65804aeb-5b8"
age
0
via
1.1 varnish (Varnish/6.0)
x-varnish
8431418
accept-ranges
bytes
x-cache
MISS
date
Sun, 22 Dec 2024 21:28:15 GMT
content-type
image/svg+xml
last-modified
Mon, 18 Dec 2023 13:36:43 GMT
server
nginx/1.14.1
vary
Accept-Encoding
stats.svg
www.totemcash.com/images/i/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.totemcash.com/images/i/stats.svg
Requested by
Host: www.totemcash.com
URL: https://www.totemcash.com/home.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.252.0.33 , United Kingdom, ASN209181 (ZENEX5IVE-NL Zenex 5ive Limited, GB),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
73d27fa149a94e278fddd8522ee3811b3558dae441cd2c88c33b888877b9ff2f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.totemcash.com/home.php

Response headers

transfer-encoding
chunked
cache-control
public, max-age=604800, no-transform
content-encoding
gzip
etag
W/"6544fb3c-63b"
age
0
via
1.1 varnish (Varnish/6.0)
x-varnish
9555530
accept-ranges
bytes
x-cache
MISS
date
Sun, 22 Dec 2024 21:28:15 GMT
content-type
image/svg+xml
last-modified
Fri, 03 Nov 2023 13:53:00 GMT
server
nginx/1.14.1
vary
Accept-Encoding
s2s.svg
www.totemcash.com/images/i/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.totemcash.com/images/i/s2s.svg
Requested by
Host: www.totemcash.com
URL: https://www.totemcash.com/home.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.252.0.33 , United Kingdom, ASN209181 (ZENEX5IVE-NL Zenex 5ive Limited, GB),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
613e78257d5036d80bd3b2601d05caee0ac8e424083e5df24d43275dda21670c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.totemcash.com/home.php

Response headers

transfer-encoding
chunked
cache-control
public, max-age=604800, no-transform
content-encoding
gzip
etag
W/"6544fb3e-52f"
age
0
via
1.1 varnish (Varnish/6.0)
x-varnish
6695394
accept-ranges
bytes
x-cache
MISS
date
Sun, 22 Dec 2024 21:28:15 GMT
content-type
image/svg+xml
last-modified
Fri, 03 Nov 2023 13:53:02 GMT
server
nginx/1.14.1
vary
Accept-Encoding
discord.svg
www.totemcash.com/images/i/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.totemcash.com/images/i/discord.svg
Requested by
Host: www.totemcash.com
URL: https://www.totemcash.com/home.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.252.0.33 , United Kingdom, ASN209181 (ZENEX5IVE-NL Zenex 5ive Limited, GB),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
0823208e4b6cc3dbf44b76c1c3c6510f98c14ad9d0176e6019adb7d7937a4ccc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.totemcash.com/home.php

Response headers

cache-control
public, max-age=604800, no-transform
content-encoding
gzip
etag
W/"6544fb40-630"
age
0
via
1.1 varnish (Varnish/6.0)
x-varnish
9006953
accept-ranges
bytes
x-cache
MISS
content-length
737
date
Sun, 22 Dec 2024 21:28:15 GMT
content-type
image/svg+xml
last-modified
Fri, 03 Nov 2023 13:53:04 GMT
server
nginx/1.14.1
vary
Accept-Encoding
screen-affiliates.png
www.totemcash.com/images/slides/ 		187 KB
187 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.totemcash.com/images/slides/screen-affiliates.png
Requested by
Host: www.totemcash.com
URL: https://www.totemcash.com/home.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.252.0.33 , United Kingdom, ASN209181 (ZENEX5IVE-NL Zenex 5ive Limited, GB),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
677a027ab13dc6fdb3835eae9caf0c39209e9a6822b97475b65ed633e971d070

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.totemcash.com/home.php

Response headers

cache-control
public, max-age=604800, no-transform
etag
"656493dd-2eb9d"
age
0
via
1.1 varnish (Varnish/6.0)
accept-ranges
bytes
x-varnish
6695402
x-cache
MISS
content-length
191389
date
Sun, 22 Dec 2024 21:28:15 GMT
content-type
image/png
last-modified
Mon, 27 Nov 2023 13:04:29 GMT
server
nginx/1.14.1
celine.jpg
www.istripper.com/mail/2021/20211119_BlackFriday/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.istripper.com/mail/2021/20211119_BlackFriday/celine.jpg
Requested by
Host: www.totemcash.com
URL: https://www.totemcash.com/home.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36793d68c45972c25f97dacd180be152620eb3a7ce98801b1c038d84e2cd3c5f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.totemcash.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"61976cbd-8b85"
cf-cache-status
HIT
expires
Sun, 29 Dec 2024 21:28:15 GMT
x-varnish
11038199
cf-polished
origSize=35717
x-cache
MISS
date
Sun, 22 Dec 2024 21:28:15 GMT
content-type
image/jpeg
last-modified
Fri, 19 Nov 2021 09:22:05 GMT
vary
Accept-Encoding
cache-control
public, max-age=604800
via
1.1 varnish (Varnish/6.0)
cf-ray
8f6333575db47d9b-TLV
accept-ranges
bytes
content-length
15929
server
cloudflare
jonathan.jpg
www.istripper.com/mail/2021/20211119_BlackFriday/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.istripper.com/mail/2021/20211119_BlackFriday/jonathan.jpg
Requested by
Host: www.totemcash.com
URL: https://www.totemcash.com/home.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76eaa2fcf3445b48c0264df12a9ddd26ac6d4a198c77c182451e77d012723b67

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.totemcash.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"61976cd1-7940"
cf-cache-status
HIT
expires
Sun, 29 Dec 2024 21:28:15 GMT
x-varnish
4165063
cf-polished
origSize=31040
x-cache
MISS
date
Sun, 22 Dec 2024 21:28:15 GMT
content-type
image/jpeg
last-modified
Fri, 19 Nov 2021 09:22:25 GMT
vary
Accept-Encoding
cache-control
public, max-age=604800
via
1.1 varnish (Varnish/6.0)
cf-ray
8f6333575db67d9b-TLV
accept-ranges
bytes
content-length
14441
server
cloudflare
head.js
www.totemcash.com/javascript/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.totemcash.com/javascript/head.js
Requested by
Host: www.totemcash.com
URL: https://www.totemcash.com/home.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.252.0.33 , United Kingdom, ASN209181 (ZENEX5IVE-NL Zenex 5ive Limited, GB),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
072877890dac3672a475a87c093c28232e46b80c530377b91da6d428ad3b6ecd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.totemcash.com/home.php

Response headers

transfer-encoding
chunked
cache-control
public, max-age=604800, no-transform
content-encoding
gzip
etag
W/"571a2811-261b"
age
0
via
1.1 varnish (Varnish/6.0)
x-varnish
9006942
accept-ranges
bytes
x-cache
MISS
date
Sun, 22 Dec 2024 21:28:15 GMT
content-type
application/javascript
last-modified
Fri, 22 Apr 2016 13:33:05 GMT
server
nginx/1.14.1
vary
Accept-Encoding
css2
fonts.googleapis.com/ 		15 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&family=Tangerine:wght@400;700&display=swap
Requested by
Host: www.totemcash.com
URL: https://www.totemcash.com/styles/left-menu.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
ESF /
Resource Hash
f4e7df8593ad2e0cb8da4f86dcd4d185b3fc92459fbcc99736691e3df0187d35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.totemcash.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 22 Dec 2024 21:28:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 22 Dec 2024 21:28:14 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 22 Dec 2024 21:28:14 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
Totemcash_white.svg
www.totemcash.com/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.totemcash.com/images/Totemcash_white.svg
Requested by
Host: www.totemcash.com
URL: https://www.totemcash.com/home.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.252.0.33 , United Kingdom, ASN209181 (ZENEX5IVE-NL Zenex 5ive Limited, GB),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
fc57f83e8d496ce6b23cc1ee8d919eb738bc08136fa954c9b69fc788dc22ddce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.totemcash.com/home.php

Response headers

transfer-encoding
chunked
cache-control
public, max-age=604800, no-transform
content-encoding
gzip
etag
W/"659c0b7d-fa6"
age
0
via
1.1 varnish (Varnish/6.0)
x-varnish
9006948
accept-ranges
bytes
x-cache
MISS
date
Sun, 22 Dec 2024 21:28:15 GMT
content-type
image/svg+xml
last-modified
Mon, 08 Jan 2024 14:49:33 GMT
server
nginx/1.14.1
vary
Accept-Encoding
sprite.png
www.totemcash.com/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.totemcash.com/images/sprite.png
Requested by
Host: www.totemcash.com
URL: https://www.totemcash.com/home.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.252.0.33 , United Kingdom, ASN209181 (ZENEX5IVE-NL Zenex 5ive Limited, GB),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
4c798647072f9a394e8f244beb7613f115af54356c4fb8b24212af365f46809b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.totemcash.com/home.php

Response headers

cache-control
public, max-age=604800, no-transform
etag
"590b3747-260b"
age
0
via
1.1 varnish (Varnish/6.0)
accept-ranges
bytes
x-varnish
8431424
x-cache
MISS
content-length
9739
date
Sun, 22 Dec 2024 21:28:15 GMT
content-type
image/png
last-modified
Thu, 04 May 2017 14:14:31 GMT
server
nginx/1.14.1
home2.png
www.totemcash.com/images/slides/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.totemcash.com/images/slides/home2.png
Requested by
Host: www.totemcash.com
URL: https://www.totemcash.com/home.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.252.0.33 , United Kingdom, ASN209181 (ZENEX5IVE-NL Zenex 5ive Limited, GB),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
9af59cdb6b8da84607b95a49b0458c4df5c6fa24d8da10bed6c415012f0065a0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.totemcash.com/home.php

Response headers

cache-control
public, max-age=604800, no-transform
etag
"65412408-21c338"
age
0
via
1.1 varnish (Varnish/6.0)
accept-ranges
bytes
x-varnish
8431421
x-cache
MISS
content-length
2212664
date
Sun, 22 Dec 2024 21:28:15 GMT
content-type
image/png
last-modified
Tue, 31 Oct 2023 15:58:00 GMT
server
nginx/1.14.1
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&family=Tangerine:wght@400;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.totemcash.com
Referer
https://fonts.googleapis.com/

Response headers

age
538810
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 16 Dec 2025 15:48:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 16 Dec 2024 15:48:05 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18588
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&family=Tangerine:wght@400;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.totemcash.com
Referer
https://fonts.googleapis.com/

Response headers

age
476517
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Dec 2025 09:06:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 09:06:18 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&family=Tangerine:wght@400;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.totemcash.com
Referer
https://fonts.googleapis.com/

Response headers

age
386229
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 18 Dec 2025 10:11:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 10:11:06 GMT
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18596
x-xss-protection
0
server
sffe
KFOOCniXp96a4Tc2DaTeuDAoKsE617JFc49knOIYdjTYkqUcKWmW.woff2
fonts.gstatic.com/s/asap/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/asap/v30/KFOOCniXp96a4Tc2DaTeuDAoKsE617JFc49knOIYdjTYkqUcKWmW.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Asap:400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
a07a2e0ca3402a2df11bd4b5144e81fd31709101d9a72ea0e27b48828a23f559
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.totemcash.com
Referer
https://fonts.googleapis.com/

Response headers

age
163599
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 21 Dec 2025 00:01:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 21 Dec 2024 00:01:36 GMT
last-modified
Tue, 06 Jun 2023 20:38:31 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15036
x-xss-protection
0
server
sffe
jquery.min.js
www.totemcash.com/javascript/ 		94 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.totemcash.com/javascript/jquery.min.js
Requested by
Host: www.totemcash.com
URL: https://www.totemcash.com/javascript/head.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.252.0.33 , United Kingdom, ASN209181 (ZENEX5IVE-NL Zenex 5ive Limited, GB),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.totemcash.com/home.php

Response headers

transfer-encoding
chunked
cache-control
public, max-age=604800, no-transform
content-encoding
gzip
etag
W/"571a2811-1762a"
age
0
via
1.1 varnish (Varnish/6.0)
x-varnish
9006962
accept-ranges
bytes
x-cache
MISS
date
Sun, 22 Dec 2024 21:28:15 GMT
content-type
application/javascript
last-modified
Fri, 22 Apr 2016 13:33:05 GMT
server
nginx/1.14.1
vary
Accept-Encoding
scripts.js
www.totemcash.com/javascript/ 		150 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.totemcash.com/javascript/scripts.js?v2
Requested by
Host: www.totemcash.com
URL: https://www.totemcash.com/javascript/head.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.252.0.33 , United Kingdom, ASN209181 (ZENEX5IVE-NL Zenex 5ive Limited, GB),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
451e26a6c806851205ff81e39294918661fd05b3bc3bccceaec7f8b18c0463b8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.totemcash.com/home.php

Response headers

transfer-encoding
chunked
cache-control
public, max-age=604800, no-transform
content-encoding
gzip
etag
W/"65f01260-259fa"
age
0
via
1.1 varnish (Varnish/6.0)
x-varnish
6695405
accept-ranges
bytes
x-cache
MISS
date
Sun, 22 Dec 2024 21:28:15 GMT
content-type
application/javascript
last-modified
Tue, 12 Mar 2024 08:29:20 GMT
server
nginx/1.14.1
vary
Accept-Encoding
mobile.js
www.totemcash.com/javascript/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.totemcash.com/javascript/mobile.js
Requested by
Host: www.totemcash.com
URL: https://www.totemcash.com/javascript/head.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.252.0.33 , United Kingdom, ASN209181 (ZENEX5IVE-NL Zenex 5ive Limited, GB),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
aa9cb0e624cf46abe84bb95fdd505322c02bd3f984e4a8a90d70e1dfbc9ade48

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.totemcash.com/home.php

Response headers

transfer-encoding
chunked
cache-control
public, max-age=604800, no-transform
content-encoding
gzip
etag
W/"571a2811-11aa"
age
0
via
1.1 varnish (Varnish/6.0)
x-varnish
10044707
accept-ranges
bytes
x-cache
MISS
date
Sun, 22 Dec 2024 21:28:15 GMT
content-type
application/javascript
last-modified
Fri, 22 Apr 2016 13:33:05 GMT
server
nginx/1.14.1
vary
Accept-Encoding
highlight.min.js
cdnjs.cloudflare.com/ajax/libs/highlight.js/9.3.0/ 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.3.0/highlight.min.js
Requested by
Host: www.totemcash.com
URL: https://www.totemcash.com/javascript/head.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63bccffe959742391051ecbf7c09b1475f31fbc0e6cf44e7c9c6141a3620584d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.totemcash.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03e7a-a813"
age
51496
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=swTPE1YbP2hdKsEXJpPh7M0h8Rcp9bCd%2BiZmQj1Wr2sQxQJf33NSeznLKNWJAvBcox4OMIhrcp5M%2Bb64HpMmx%2BobJlAQMhITICL0MJsW4VryIVYMUAzWeUogh5ChB%2ByI7REUvZD2"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Fri, 12 Dec 2025 21:28:15 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sun, 22 Dec 2024 21:28:15 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:10:34 GMT
vary
Accept-Encoding
priority
u=3,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f633357ad71ed42-TLV
accept-ranges
bytes
access-control-allow-origin
*
content-length
15555
server
cloudflare
magic.js
www.totemcash.com/ressources/magic/ 		80 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.totemcash.com/ressources/magic/magic.js?v1
Requested by
Host: www.totemcash.com
URL: https://www.totemcash.com/javascript/head.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.252.0.33 , United Kingdom, ASN209181 (ZENEX5IVE-NL Zenex 5ive Limited, GB),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
855f91e9970c4d6fa5e7ac74765c07eb4bad51dcfb911fcc9bb720a195def78c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.totemcash.com/home.php

Response headers

transfer-encoding
chunked
cache-control
public, max-age=604800, no-transform
content-encoding
gzip
etag
W/"6525444e-14061"
age
0
via
1.1 varnish (Varnish/6.0)
x-varnish
9006967
accept-ranges
bytes
x-cache
MISS
date
Sun, 22 Dec 2024 21:28:15 GMT
content-type
application/javascript
last-modified
Tue, 10 Oct 2023 12:32:14 GMT
server
nginx/1.14.1
vary
Accept-Encoding
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.totemcash.com
URL: https://www.totemcash.com/home.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f206.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.totemcash.com/

Response headers

content-encoding
gzip
age
6274
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Sun, 22 Dec 2024 21:43:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 22 Dec 2024 19:43:41 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
collect
www.google-analytics.com/j/ 		15 B
435 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1181781972&t=pageview&_s=1&dl=https%3A%2F%2Fwww.totemcash.com%2Fhome.php&ul=he-il&de=UTF-8&dt=Home%20%7C%20iStripper%20Affiliation%20Program&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=436481357&gjid=131409079&cid=1384018905.1734902896&tid=UA-71138734-5&_gid=2121266692.1734902896&_r=1&_slc=1&z=1067852057
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f206.1e100.net
Software
Golfe2 /
Resource Hash
8047b03e988afbc1c6d9f4dedffb4607b296f2f297b55a9445117a797f3e7fc2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.totemcash.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 22 Dec 2024 21:28:15 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.totemcash.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
js
www.googletagmanager.com/gtag/ 		279 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3MLXB7L370&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
91114cbb6bbbd5c1679770dea5f1415565e8f70bed14af1eb7a701b9328bfb4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.totemcash.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sun, 22 Dec 2024 21:28:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 22 Dec 2024 21:28:16 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
100326
x-xss-protection
0
server
Google Tag Manager
favicon-32x32.png
www.totemcash.com/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.totemcash.com/favicon-32x32.png?2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.252.0.33 , United Kingdom, ASN209181 (ZENEX5IVE-NL Zenex 5ive Limited, GB),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
2dbb5349c21ae758e34c4a2fbfd3d72bc43f802c40577c650868e2b2ebc391ed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.totemcash.com/home.php

Response headers

cache-control
public, max-age=604800, no-transform
etag
"571a27ed-59f"
age
0
via
1.1 varnish (Varnish/6.0)
accept-ranges
bytes
x-varnish
6695431
x-cache
MISS
content-length
1439
date
Sun, 22 Dec 2024 21:28:15 GMT
content-type
image/png
last-modified
Fri, 22 Apr 2016 13:32:29 GMT
server
nginx/1.14.1
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-3MLXB7L370&gtm=45je4cc1v9126248232za200&_p=1734902895813&_gaz=1&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&ul=he-il&sr=1600x1200&cid=1384018905.1734902896&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.totemcash.com%2Fhome.php&dt=Home%20%7C%20iStripper%20Affiliation%20Program&sid=1734902896&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=4075
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3MLXB7L370&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.totemcash.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.totemcash.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 22 Dec 2024 21:28:16 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
555 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3MLXB7L370&cid=1384018905.1734902896&gtm=45je4cc1v9126248232za200&aip=1&dma=0&gcd=13l3l3l3l2l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3MLXB7L370&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.102.1.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wb-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.totemcash.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.totemcash.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 22 Dec 2024 21:28:16 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 2035 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-3MLXB7L370&gacid=1384018905.1734902896&gtm=45je4cc1v9126248232za200&dma=0&gcd=13l3l3l3l2l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1860333036
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3MLXB7L370&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.totemcash.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 22 Dec 2024 21:28:16 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.co.il/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.il/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3MLXB7L370&cid=1384018905.1734902896&gtm=45je4cc1v9126248232za200&aip=1&dma=0&gcd=13l3l3l3l2l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1094559225
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.totemcash.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sun, 22 Dec 2024 21:28:16 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| test_block function| head function| toggleActive function| alertCallback string| GoogleAnalyticsObject function| ga object| _TotemTools function| $ function| jQuery function| css_browser_selector function| copyText string| c object| jQuery1111046849118729448236 object| MBP object| hljs function| _requestAnimationFrame object| TotemTools object| GLOB function| _start object| xa object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer object| google_tag_manager

10 Cookies

Domain/Path Name / Value
vexlira.com/ Name: TOTWEB
Value: serverweb2
affiliates.istripper.com/ Name: TOTWEB
Value: serverweb4
.www.totemcash.com/ Name: ia
Value: 44905
www.totemcash.com/ Name: TOTWEB
Value: serverweb1
www.totemcash.com/ Name: PHPSESSID
Value: baq537kpajqgu6v9f59m1d5mga
.totemcash.com/ Name: _ga
Value: GA1.2.1384018905.1734902896
.totemcash.com/ Name: _gid
Value: GA1.2.2121266692.1734902896
.totemcash.com/ Name: _gat
Value: 1
.totemcash.com/ Name: _ga_3MLXB7L370
Value: GS1.2.1734902896.1.0.1734902896.60.0.0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

affiliates.istripper.com
analytics.google.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
stats.g.doubleclick.net
td.doubleclick.net
tubcorporate.com
vexlira.com
www.google-analytics.com
www.google.co.il
www.googletagmanager.com
www.istripper.com
www.totemcash.com
104.17.25.14
104.18.10.207
104.18.26.45
104.18.27.45
142.250.181.227
142.250.184.195
142.250.184.232
142.250.186.130
142.250.186.170
15.197.225.128
172.217.16.206
172.217.18.14
185.252.0.33
66.102.1.155
072877890dac3672a475a87c093c28232e46b80c530377b91da6d428ad3b6ecd
0823208e4b6cc3dbf44b76c1c3c6510f98c14ad9d0176e6019adb7d7937a4ccc
2026f6e1a63c9049c0dbcecad47320b1b98942949033e645972cdf9dcdd140cf
2d92616e7ec40775e79f5c5696de07c14a97cb5c6d84fa0dab1fed3b7bb85a35
2dbb5349c21ae758e34c4a2fbfd3d72bc43f802c40577c650868e2b2ebc391ed
36793d68c45972c25f97dacd180be152620eb3a7ce98801b1c038d84e2cd3c5f
44a720b2a8db96972912e1bb7452febe2e1154f41ac4cd413a2a5c31f59c8220
451e26a6c806851205ff81e39294918661fd05b3bc3bccceaec7f8b18c0463b8
4c3e08edfa0edb7cfff52d18d320ad040eb707998d604276327953a1dac12527
4c798647072f9a394e8f244beb7613f115af54356c4fb8b24212af365f46809b
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
5be7d6da1b63134bbec3b912fd941c894c7075a9011df3a6fd37043af4778f83
613e78257d5036d80bd3b2601d05caee0ac8e424083e5df24d43275dda21670c
63bccffe959742391051ecbf7c09b1475f31fbc0e6cf44e7c9c6141a3620584d
677a027ab13dc6fdb3835eae9caf0c39209e9a6822b97475b65ed633e971d070
71efaf7ebc73ea96f26312476276d7da66a5bac2b17a84d3cf78143f38bde427
73d27fa149a94e278fddd8522ee3811b3558dae441cd2c88c33b888877b9ff2f
76eaa2fcf3445b48c0264df12a9ddd26ac6d4a198c77c182451e77d012723b67
8047b03e988afbc1c6d9f4dedffb4607b296f2f297b55a9445117a797f3e7fc2
855f91e9970c4d6fa5e7ac74765c07eb4bad51dcfb911fcc9bb720a195def78c
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
902a0a903d4d950a81dfc09796aebf8e3e0d8857e5b819bba03f2c3404b8c0cc
91114cbb6bbbd5c1679770dea5f1415565e8f70bed14af1eb7a701b9328bfb4b
946629d5df117a5157922796e4f1ac0874d1dd1ef8fc78ba3ee12a0a2ffc430b
9af59cdb6b8da84607b95a49b0458c4df5c6fa24d8da10bed6c415012f0065a0
a07a2e0ca3402a2df11bd4b5144e81fd31709101d9a72ea0e27b48828a23f559
aa9cb0e624cf46abe84bb95fdd505322c02bd3f984e4a8a90d70e1dfbc9ade48
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
ce86a5e68322ec362fbfb538f6c070416249624809d1d55937cfb5dcf49a297a
cf506db2d24aebba2309c55af58defdfd7f70662a2d72b2c68a9187267935182
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
dda22f5e320a5cf44c35abcea7ccfa69ead5571a588c32812cd6427e0582659e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eeee7459ce1f398e2abfafb5a017e09c42a4ce5ced8ef540300c7fe87a46a6e7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4e7df8593ad2e0cb8da4f86dcd4d185b3fc92459fbcc99736691e3df0187d35
f98752070ebc6a3466021771fef00742442d974ba876bbedd2595eeefcbaaa28
fc57f83e8d496ce6b23cc1ee8d919eb738bc08136fa954c9b69fc788dc22ddce