urlscan.io logo urlscan.io
SecurityTrails logo

totog4ul.win Open in urlscan Pro
2606:4700:3034::ac43:c980  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://totog4ul.org/office/index2.php
Effective URL: https://totog4ul.win/office/index2.php
Submission: On September 23 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 9 domains to perform 62 HTTP transactions. The main IP is 2606:4700:3034::ac43:c980, located in United States and belongs to CLOUDFLARENET, US. The main domain is totog4ul.win.
TLS certificate: Issued by E1 on September 21st 2023. Valid for: 3 months.
This is the only time totog4ul.win was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
28 2606:4700:303... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 13.225.214.40 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
20 20 188.166.185.110 14061 (DIGITALOC...)
20 151.139.128.10 20446 (STACKPATH...)
1 2600:9000:251... 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2 3.134.53.172 16509 (AMAZON-02)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
62 11
1    2606:4700:3035::6815:5b5b (United States)

ASN13335 (CLOUDFLARENET, US)
totog4ul.org
28    2606:4700:3034::ac43:c980 (United States)

ASN13335 (CLOUDFLARENET, US)
totog4ul.win
3    2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    13.225.214.40 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-40.ewr50.r.cloudfront.net
platform-api.sharethis.com
2    2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
20    188.166.185.110 (Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)
188.166.185.110
20    151.139.128.10 (Dallas, United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
imagizer.imageshack.com
1    2600:9000:2511:3800:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)
buttons-config.sharethis.com
1    2607:f8b0:4006:80b::2004 (United States)

ASN15169 (GOOGLE, US)
google-analytics.com
2    3.134.53.172 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-134-53-172.us-east-2.compute.amazonaws.com
l.sharethis.com
1    2606:4700:3031::6815:4a82 (United States)

ASN13335 (CLOUDFLARENET, US)
totog4ul.top
2    2607:f8b0:4006:820::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
28 totog4ul.win
totog4ul.win
185 KB
20 imageshack.com
imagizer.imageshack.com — Cisco Umbrella Rank: 51984
25 MB
4 google-analytics.com
google-analytics.com — Cisco Umbrella Rank: 83
www.google-analytics.com — Cisco Umbrella Rank: 96
21 KB
4 sharethis.com
platform-api.sharethis.com — Cisco Umbrella Rank: 5575
buttons-config.sharethis.com — Cisco Umbrella Rank: 6495
l.sharethis.com — Cisco Umbrella Rank: 6038
48 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
2 KB
2 gstatic.com
fonts.gstatic.com
53 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
163 KB
1 totog4ul.top
totog4ul.top
506 B
1 totog4ul.org
totog4ul.org
676 B
62 9
Domain Requested by
28 totog4ul.win totog4ul.win
20 imagizer.imageshack.com totog4ul.win
3 www.google-analytics.com google-analytics.com
www.googletagmanager.com
3 fonts.googleapis.com totog4ul.win
2 fonts.gstatic.com fonts.googleapis.com
2 l.sharethis.com 1 redirects totog4ul.win
2 www.googletagmanager.com totog4ul.win
google-analytics.com
1 totog4ul.top 1 redirects
1 google-analytics.com totog4ul.win
1 buttons-config.sharethis.com platform-api.sharethis.com
1 platform-api.sharethis.com totog4ul.win
1 totog4ul.org 1 redirects
62 12

This site contains links to these domains. Also see Links.

Domain
188.166.191.18
Subject Issuer Validity Valid
totog4ul.win
E1		 2023-09-21 -
2023-12-20		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
sharethis.com
Amazon RSA 2048 M02		 2023-05-20 -
2024-06-17		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://totog4ul.win/office/index2.php
Frame ID: A40B9B4DE07744D1E6F5A5C4EA3664E8
Requests: 63 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Laman tidak ditemukan – TOGELERS

Page URL History Show full URLs

  1. http://totog4ul.org/office/index2.php HTTP 301
    https://totog4ul.win/office/index2.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

62
Requests

65 %
HTTPS

69 %
IPv6

9
Domains

12
Subdomains

11
IPs

2
Countries

26555 kB
Transfer

27290 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://totog4ul.org/office/index2.php HTTP 301
    https://totog4ul.win/office/index2.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://188.166.185.110/kingtogel/960x200.php HTTP 302
  • https://imagizer.imageshack.com/img924/5774/udlvKp.gif
Request Chain 19
  • https://188.166.185.110/bingotogel/960x200.php HTTP 302
  • https://imagizer.imageshack.com/img922/1773/wtdmdw.gif
Request Chain 20
  • https://188.166.185.110/plustogel/960x200.php HTTP 302
  • https://imagizer.imageshack.com/img924/1829/BWjwQ7.gif
Request Chain 21
  • https://188.166.185.110/alitoto/960x200.php HTTP 302
  • https://imagizer.imageshack.com/img924/9104/KFRxAa.gif
Request Chain 22
  • https://188.166.185.110/luxtogel/960x200.php HTTP 302
  • https://imagizer.imageshack.com/img924/1784/h0fTR1.gif
Request Chain 23
  • https://188.166.185.110/maxtoto/728x90.php HTTP 302
  • https://imagizer.imageshack.com/img923/4314/BpH1Cz.gif
Request Chain 24
  • https://188.166.185.110/crown/728x90.php HTTP 302
  • https://imagizer.imageshack.com/img922/582/Abqjcu.gif
Request Chain 25
  • https://188.166.185.110/platinumslot/728x90.php HTTP 302
  • https://imagizer.imageshack.com/img922/6719/tkQ8RG.gif
Request Chain 26
  • https://188.166.185.110/oscar/728x90.php HTTP 302
  • https://imagizer.imageshack.com/img922/4503/1CIWEC.gif
Request Chain 27
  • https://188.166.185.110/royaltogel/728x90.php HTTP 302
  • https://imagizer.imageshack.com/img924/8444/N5cbcy.gif
Request Chain 28
  • https://188.166.185.110/viptoto/728x90.php HTTP 302
  • https://imagizer.imageshack.com/img922/7844/Y0SRNo.gif
Request Chain 29
  • https://188.166.185.110/mvptogel/728x90.php HTTP 302
  • https://imagizer.imageshack.com/img923/7313/AF6xQA.gif
Request Chain 30
  • https://188.166.185.110/ktvtogel/728x90.php HTTP 302
  • https://imagizer.imageshack.com/img924/9796/4yEakr.gif
Request Chain 31
  • https://188.166.185.110/elitetogel/728x90.php HTTP 302
  • https://imagizer.imageshack.com/img924/6024/pUhsAK.gif
Request Chain 32
  • https://188.166.185.110/oktogel/728x90.php HTTP 302
  • https://imagizer.imageshack.com/img923/9423/aV1mRn.gif
Request Chain 33
  • https://188.166.185.110/djtogel/728x90.php HTTP 302
  • https://imagizer.imageshack.com/img924/1907/coUa59.gif
Request Chain 34
  • https://188.166.185.110/platinumtoto/728x90.php HTTP 302
  • https://imagizer.imageshack.com/img924/9464/1hFkQQ.gif
Request Chain 35
  • https://188.166.185.110/dotatogel/728x90.php HTTP 302
  • https://imagizer.imageshack.com/img924/7149/7R9Cgo.gif
Request Chain 36
  • https://188.166.185.110/autotogel/728x90.php HTTP 302
  • https://imagizer.imageshack.com/img922/8726/WfUx7Q.gif
Request Chain 37
  • https://188.166.185.110/bosstoto/728x90.php HTTP 302
  • https://imagizer.imageshack.com/img923/1463/8QzBsr.gif
Request Chain 50
  • https://l.sharethis.com/pview?event=pview&hostname=totog4ul.win&location=%2Foffice%2Findex2.php&product=ga&url=https%3A%2F%2Ftotog4ul.win%2Foffice%2Findex2.php&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Laman%20tidak%20ditemukan%20%E2%80%93%20TOGELERS&cms=unknown&publisher=5f8c55a3cb3ed20012478da3&sop=true&version=st_sop.js&lang=en&ua=&ua_mobile=false&ua_full_version_list= HTTP 301
  • https://l.sharethis.com/sc?event=pview&hostname=totog4ul.win&location=%2Foffice%2Findex2.php&product=ga&url=https%3A%2F%2Ftotog4ul.win%2Foffice%2Findex2.php&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Laman%20tidak%20ditemukan%20%E2%80%93%20TOGELERS&cms=unknown&publisher=5f8c55a3cb3ed20012478da3&sop=true&version=st_sop.js&lang=en&ua=&ua_mobile=false&ua_full_version_list=&samesite=None
Request Chain 53
  • https://totog4ul.top/wp-content/uploads/2020/10/cropped-images-4-3.jpeg HTTP 301
  • https://totog4ul.win/wp-content/uploads/2020/10/cropped-images-4-3.jpeg

62 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index2.php
totog4ul.win/office/
Redirect Chain
  • http://totog4ul.org/office/index2.php
  • https://totog4ul.win/office/index2.php
20 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://totog4ul.win/office/index2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07aeafe326761ede70c6e3a2a574aadcc50f76197e412b39fe0fc14bc64adbf7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
80b515615f9b43c3-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 23 Sep 2023 19:09:42 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
link
<https://totog4ul.win/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h3nLAIypac7e2EiWTTwD9UaKayHIjIhRQnEwPZh5AP4SZh1S0UHNcYkDGdgJT43z3IhSRU3tvNEPTxZirqCoP13juGjQk2N%2B96NBh1%2BuYaTLLLPK8wnOEGiVAGEHsek7s42O40rJXTkAY88%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
80b5155f7d3332e4-EWR
Connection
keep-alive
Content-Type
text/html
Date
Sat, 23 Sep 2023 19:09:41 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CbHFhFw%2FVN1PfzfUYq8owlO6vLqNbUQWs9PKsAv7paTlTarN4NiNLItPOj6zMQQNDKPBD%2F4%2FuTsCsyLF01yDD1ZxGEDP4x%2Fxql6io5XA3%2BOjT2XtNHDoFiPjVaDBlxovPG9IRPprYxy3fOw%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400
location
https://totog4ul.win/office/index2.php
x-turbo-charged-by
LiteSpeed
sticky-front.css
totog4ul.win/wp-content/plugins/seos//css/ 		1 KB
608 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://totog4ul.win/wp-content/plugins/seos//css/sticky-front.css?ver=4.9.23
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3a82ed2a2408a7388e3d86b45f3b6c844090adee75cae39ec5a48bb0c187c9b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/office/index2.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 19:09:43 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 29 Oct 2020 23:55:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J8XeTdkShw5xzWahywTY7abUSNJeK8qEsQL11ejGsW6ybAjxEXT2fhTNxg6yul%2BKLCGDgXE7wh7NZtwVaGGFyxZXmlW5%2FComT48C7CXmcslBVruwe1mxcFH5o2o4N4BvsxpqCxzYCFBXu0g%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
80b515655be443c3-EWR
alt-svc
h3=":443"; ma=86400
expires
Sat, 30 Sep 2023 19:09:42 GMT
css
fonts.googleapis.com/ 		1 KB
903 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Caveat&display=swap&ver=4.9.23
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
88dc1ab48bfa498167356353dcd6e529d48c3f98c170ca142229ac6015b45a2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 23 Sep 2023 19:09:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 23 Sep 2023 18:57:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 23 Sep 2023 19:09:42 GMT
css
fonts.googleapis.com/ 		5 KB
729 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Serif%3A400%2C700&subset=latin%2Clatin-ext&ver=0.0.1
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7946570593eca5c6ef41ee04d39237a0b20946358906ad9a506f73e467a65876
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 23 Sep 2023 19:09:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 23 Sep 2023 19:09:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 23 Sep 2023 19:09:42 GMT
style.css
totog4ul.win/wp-content/themes/music-and-video/ 		48 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://totog4ul.win/wp-content/themes/music-and-video/style.css?ver=4.9.23
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c8f0e4722c7ca99366a2e5ff1770db4dde34203a330004b18571410c79479e4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/office/index2.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 19:09:43 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 14 Oct 2020 03:24:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pM9xJh9wU5CSjHg%2Be54AE19UW%2BDSW4891u%2BKEPh32UQ4sKyKdAG8zN7Ot2I8QUmy%2FIS1O8L0lRjckEt4Tl2O5TxHXSlGrahVu5K%2Ffy162Pqd4ae9F%2BSmaXy8v67UDd1woyAvauId%2Fl84m8g%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
80b515655bea43c3-EWR
alt-svc
h3=":443"; ma=86400
expires
Sat, 30 Sep 2023 19:09:42 GMT
dashicons.min.css
totog4ul.win/wp-includes/css/ 		45 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://totog4ul.win/wp-includes/css/dashicons.min.css?ver=4.9.23
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0df2ff25fded9e43a0cfa5159393d4482725bfb390e8ca94f34da85b5304117

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/office/index2.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 19:09:43 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 19 Aug 2017 23:40:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2FvD2B9Am2gRvqGh1mP7BJz9Jn53xH%2Ba0Wd7HMwlYJ77Eu4cdK39d4qoZBGeNDZGpyZyCQZDTKNBFMPZDwZQAp4BDY3vIlqxie6fZroR1lxFS4E%2BLwtCYtpkWkevXUDwXlEU2VhR%2F4w1dTw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
80b515655bee43c3-EWR
alt-svc
h3=":443"; ma=86400
expires
Sat, 30 Sep 2023 19:09:42 GMT
css
fonts.googleapis.com/ 		755 B
431 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Bree+Serif%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i&ver=4.9.23
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c0feb07817425ad5b87cfae4d7fb48043d90d8e779dd24069f0d486b746d5d34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 23 Sep 2023 19:09:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 23 Sep 2023 19:09:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 23 Sep 2023 19:09:42 GMT
animate.css
totog4ul.win/wp-content/themes/music-and-video/css/ 		71 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://totog4ul.win/wp-content/themes/music-and-video/css/animate.css?ver=4.9.23
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb50825a87ef456a58c35ade2b42562aba318741e28b7c8b4b1c785070f66d20

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/office/index2.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 19:09:43 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 14 Oct 2020 03:24:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2FHf5GMBQSKj2melaUl%2FCLrvnE8Bcqv0techraRmAd6HIj8T0AxOMQjjdx6Vr%2FN6irfFV8djMEb5o2Xw5iDO0tsA2S%2FpOPldTLL6KBK1f3jperKnHkQLvvguhfYVTkyNigXrSROPhP1PzbM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
80b515655bf143c3-EWR
alt-svc
h3=":443"; ma=86400
expires
Sat, 30 Sep 2023 19:09:42 GMT
font-awesome.css
totog4ul.win/wp-content/themes/music-and-video/css/ 		37 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://totog4ul.win/wp-content/themes/music-and-video/css/font-awesome.css?ver=4.7.0
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/office/index2.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 19:09:43 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 14 Oct 2020 03:24:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2BoeD2nD8UqTU8TzKsEL7wPxjrnRIcqvGL2u9kXOhriLVn1DFT8m%2FcEAUnYcLNA6%2FxMe5m6bD02D4gszeBKiNFV3rluACvx53Bgk%2FR6gzJjuosyaZkIXN5iFZq7ie%2Bu7TUInO57vtAWQh8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
80b515655bf443c3-EWR
alt-svc
h3=":443"; ma=86400
expires
Sat, 30 Sep 2023 19:09:42 GMT
marquee.css
totog4ul.win/wp-content/themes/music-and-video/framework/conveyor-ticker/ 		2 KB
977 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://totog4ul.win/wp-content/themes/music-and-video/framework/conveyor-ticker/marquee.css?ver=4.9.23
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e56821e3cf7e55cc9036d79b3a82373f5144438c4ed7e68f1e3f013716a6e0d6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/office/index2.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 19:09:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 14 Oct 2020 03:24:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
97573
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zKBuAIU4M0tw7K4cXXh3TM47qmVsamhr8FKQcXcFYwxZtcMeh8UQgGeOhOEvy1ziF9YR1Nc7y3%2FJtfCnl6jRx6kCtUqx53XPiOjPrmLiU%2FKIUp19LYWQHjJ5qYJNJFzx6ituio7Jl8rGn4M%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
80b515655bf743c3-EWR
alt-svc
h3=":443"; ma=86400
expires
Fri, 29 Sep 2023 16:03:29 GMT
left-sidebar.css
totog4ul.win/wp-content/themes/music-and-video/layouts/ 		298 B
518 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://totog4ul.win/wp-content/themes/music-and-video/layouts/left-sidebar.css?ver=4.9.23
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9154a1245d62653b88f4bdd36eb5147112b542e85694b422fcaebf826952ec53

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/office/index2.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 19:09:43 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 14 Oct 2020 03:24:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WO92LWLsbc6sHVPjVjJn%2FXzTUlRNo1TQNlzV9wzkCsXnT2yZGvreTLw9sTSkBJRnZjuUVKNBewlsa1w9QbU4IlOJOjB%2FlJpDAGuL2If0skLLbcAshyzlONtiVhWCKndNBsjeOQ2K5BDgNbs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
80b515655bf943c3-EWR
alt-svc
h3=":443"; ma=86400
expires
Sat, 30 Sep 2023 19:09:42 GMT
jquery.js
totog4ul.win/wp-includes/js/jquery/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://totog4ul.win/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/office/index2.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 19:09:43 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 05 Sep 2019 10:05:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=net2XwW1E2WaDVlj9M6dddZu6xhtRASng8dTfVygE%2Bhu3D%2Fz5YKPuiBcQJ45LBxD9QdtAy6UecvbevhhNlbX5srLl8MjQYkTVE0u1UWHGV8xmK0%2BshR8ouGJsZkX%2FW4OTL6faJz%2FvPidmoA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
80b515655bfc43c3-EWR
alt-svc
h3=":443"; ma=86400
expires
Sat, 30 Sep 2023 19:09:42 GMT
jquery-migrate.min.js
totog4ul.win/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://totog4ul.win/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/office/index2.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 19:09:43 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 20 May 2016 09:41:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QKiSe4drYXewiKFz8lGeDXLTpEtuDdRczcUXqD4gZxkA7JT5Bar1bC%2F1Z8OTsUO9911AYzZ6hXw%2Blx%2B4D3e7dMEO4ktMmugQWz8BdxDcBEJ7%2Behom3VUvPba9ZEiprg88w%2F2r6O0hU51oUI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
80b515655bfe43c3-EWR
alt-svc
h3=":443"; ma=86400
expires
Sat, 30 Sep 2023 19:09:42 GMT
mobile-menu.js
totog4ul.win/wp-content/themes/music-and-video/js/ 		424 B
462 B 		Script
General
Check archive.org
Download Go to
Full URL
https://totog4ul.win/wp-content/themes/music-and-video/js/mobile-menu.js?ver=4.9.23
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
115b6e3d2eb5b17772f337e5c76e8ad7ad95f0313d4c9c3675142eb5f8e4c15d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/office/index2.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 19:09:43 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 14 Oct 2020 03:24:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4mysQQ90%2FiKW5eLpWZfgQzZntZaeCk4Rs%2FX3bx1pDRhAr43P1DXAC7mm6NL%2FHf2Mpy4nKZd3PSxw0kQm61uL3gr0VqEg2W1IC4hnJiPPmZ2lXI02qF%2BJkEWTUhBzykqOIi4R4KTGbvY97l0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
80b515655bff43c3-EWR
alt-svc
h3=":443"; ma=86400
expires
Sat, 30 Sep 2023 19:09:42 GMT
marquee.js
totog4ul.win/wp-content/themes/music-and-video/framework/conveyor-ticker/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://totog4ul.win/wp-content/themes/music-and-video/framework/conveyor-ticker/marquee.js?ver=4.9.23
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b96117aa79f5b0b443411f1e569ca635093427ae047c0e860ed7890b5a64b2ba

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/office/index2.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 19:09:43 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 14 Oct 2020 03:24:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VESJGZJJUGfYaqGzyjzXrWBF%2BnYfmG3Rug0Kyy1DgM%2BTXEJxr18eoLq3Vh6EyCsoKavCcyy%2FNuZ7EN5poMOLPgWXPyAnuIf36%2F6WvijG2t%2FRId%2FmqzEY5k9oVu6JTEOfmxNrxEF4pR8yU9c%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
80b515656c0543c3-EWR
alt-svc
h3=":443"; ma=86400
expires
Sat, 30 Sep 2023 19:09:42 GMT
options.js
totog4ul.win/wp-content/themes/music-and-video/framework/conveyor-ticker/ 		355 B
474 B 		Script
General
Check archive.org
Download Go to
Full URL
https://totog4ul.win/wp-content/themes/music-and-video/framework/conveyor-ticker/options.js?ver=4.9.23
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
882f49458638a58cb04c962bef8927251beacbb68b3f749aa0b9d5dc475e87f5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/office/index2.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 19:09:43 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 14 Oct 2020 03:24:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=59b2iJEkHM8B0k8vUl10itEtcwdhs%2BJL1cU62t227VFue68mcpurwR2OhrGAG4AjfKndIgYtIYZmbZv7Bzvnp8MblM78xi2J48X1uUC%2F1Hnh4H2UCC5GDgVGrFPqnfMXwel0krfOmoGfTcs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
80b515656c0843c3-EWR
alt-svc
h3=":443"; ma=86400
expires
Sat, 30 Sep 2023 19:09:42 GMT
sharethis.js
platform-api.sharethis.com/js/ 		203 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.40 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-40.ewr50.r.cloudfront.net
Software
/
Resource Hash
4be2e4cc6c402759c5835e32ab13cbb8bffd2f5dfd5fd269667c6b91ed10e875
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 19:04:37 GMT
content-encoding
gzip
via
1.1 ebeca2ec07c54274f6b9125c7b82aecc.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
EWR50-C1
age
305
etag
W/"32bd5-yv+UNe3R/RtaAi3tpXP1SOqodAw"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-cache
Hit from cloudfront
x-amz-cf-id
E9fUi5Jo1ZGB9VKutq63uzZdEreN-QJ3Jh9shRUo0PmvzlYF6x4opA==
js
www.googletagmanager.com/gtag/ 		238 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-W9F9HCFE80
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
01a0eadca9eaf838affed5a1c3458722bccd8f5c2612091a7f8ace76a9b388fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 19:09:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85056
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 23 Sep 2023 19:09:43 GMT
mobile.jpg
totog4ul.win/wp-content/themes/music-and-video/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://totog4ul.win/wp-content/themes/music-and-video/images/mobile.jpg
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:c980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c839a7fd4edc4b751c76a4a80933c7be2af87a5ce4d9bc01551dbea00598e06

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/office/index2.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 19:09:43 GMT
cf-cache-status
HIT
last-modified
Wed, 14 Oct 2020 03:24:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
97511
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8BdCuMfukDLp1XYe35gG2moh2CYvbok7KPOoeUy2vDvIuv1JeyZ2x1XxhRAltTJdgLtqYcrziTMyp3EpqYbUEs85vBA2Jt4WtHtuDlKtsnlD4743SRKjQPgikJAFUxC6qB4XMM26McHm484%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
80b5156acf824334-EWR
alt-svc
h3=":443"; ma=86400
content-length
1944
expires
Fri, 29 Sep 2023 16:04:33 GMT
udlvKp.gif
imagizer.imageshack.com/img924/5774/
Redirect Chain
  • https://188.166.185.110/kingtogel/960x200.php
  • https://imagizer.imageshack.com/img924/5774/udlvKp.gif
4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagizer.imageshack.com/img924/5774/udlvKp.gif
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H2
Server
151.139.128.10 Dallas, United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx/1.2.8 /
Resource Hash
b11bd71466921f180ddaec23d811da18ef4d3ec8f16706e91f75222bb60d8c38

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-varnish-ip
38.99.77.64
date
Sat, 23 Sep 2023 19:09:44 GMT
via
1.1 varnish
xkey
imageshack.imagizer.com
age
50646
x-varnish-port
17001
x-original-filesize
502183
x-original-response-code
200
content-length
3715262
server
nginx/1.2.8
x-origin-fetch-time
136
etag
c4ca4238a0b923820dcc509a6f75849b
access-control-allow-methods
GET, POST, OPTIONS, HEAD, GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*, imageshack.com, *
x-hw
1695496184.cds229.ny3.hn,1695496184.cds239.ny3.c
x-imagizer-host
imageshack.imagizer.com
cache-control
max-age=2592000, public
access-control-allow-credentials
true
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN
x-original-resolution
960x200
accept-ranges
bytes
x-varnish-hits
9
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
x-varnish
269567132 267883392
x-cache-hits
0

Redirect headers

location
https://imagizer.imageshack.com/img924/5774/udlvKp.gif
Date
Sat, 23 Sep 2023 19:09:44 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
wtdmdw.gif
imagizer.imageshack.com/img922/1773/
Redirect Chain
  • https://188.166.185.110/bingotogel/960x200.php
  • https://imagizer.imageshack.com/img922/1773/wtdmdw.gif
6 MB
6 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagizer.imageshack.com/img922/1773/wtdmdw.gif
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H2
Server
151.139.128.10 Dallas, United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx/1.2.8 /
Resource Hash
71551892b0889d09a11fb35b3b45923bcd6ffe10248c8d0863a6470293e2d534

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-varnish-ip
38.99.77.36
date
Sat, 23 Sep 2023 19:09:44 GMT
via
1.1 varnish
xkey
imageshack.imagizer.com
age
401138
x-varnish-port
17001
x-original-filesize
2705886
x-original-response-code
200
content-length
5993119
server
nginx/1.2.8
x-origin-fetch-time
176
etag
c4ca4238a0b923820dcc509a6f75849b
access-control-allow-methods
GET, POST, OPTIONS, HEAD, GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*, imageshack.com, *
x-hw
1695496184.cds229.ny3.hn,1695496184.cds045.ny3.c
x-imagizer-host
imageshack.imagizer.com
cache-control
max-age=2592000, public
access-control-allow-credentials
true
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN
x-original-resolution
960x200
accept-ranges
bytes
x-varnish-hits
65
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
x-varnish
2475127488 2463838900
x-cache-hits
0

Redirect headers

location
https://imagizer.imageshack.com/img922/1773/wtdmdw.gif
Date
Sat, 23 Sep 2023 19:09:44 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
BWjwQ7.gif
imagizer.imageshack.com/img924/1829/
Redirect Chain
  • https://188.166.185.110/plustogel/960x200.php
  • https://imagizer.imageshack.com/img924/1829/BWjwQ7.gif
1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagizer.imageshack.com/img924/1829/BWjwQ7.gif
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H2
Server
151.139.128.10 Dallas, United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx/1.2.8 /
Resource Hash
dc190e1ba0a7b706ba7c5a9aaceaacb05dfac5fe53c28da411ebdb915357d771

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-varnish-ip
38.99.77.33
date
Sat, 23 Sep 2023 19:09:44 GMT
via
1.1 varnish
xkey
imageshack.imagizer.com
age
46316
x-varnish-port
17001
x-original-filesize
482069
x-original-response-code
200
content-length
1066622
server
nginx/1.2.8
x-origin-fetch-time
137
etag
c4ca4238a0b923820dcc509a6f75849b
access-control-allow-methods
GET, POST, OPTIONS, HEAD, GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*, imageshack.com, *
x-hw
1695496184.cds229.ny3.hn,1695496184.cds252.ny3.c
x-imagizer-host
imageshack.imagizer.com
cache-control
max-age=2592000, public
access-control-allow-credentials
true
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN
x-original-resolution
960x200
accept-ranges
bytes
x-varnish-hits
8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
x-varnish
684507060 683139671
x-cache-hits
0

Redirect headers

location
https://imagizer.imageshack.com/img924/1829/BWjwQ7.gif
Date
Sat, 23 Sep 2023 19:09:44 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
KFRxAa.gif
imagizer.imageshack.com/img924/9104/
Redirect Chain
  • https://188.166.185.110/alitoto/960x200.php
  • https://imagizer.imageshack.com/img924/9104/KFRxAa.gif
2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagizer.imageshack.com/img924/9104/KFRxAa.gif
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H2
Server
151.139.128.10 Dallas, United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx/1.2.8 /
Resource Hash
4483592df5f489240d937b25c07277a37d180cd3f98ebd2c7c91ad8f40ed028d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-varnish-ip
38.99.77.38
date
Sat, 23 Sep 2023 19:09:44 GMT
via
1.1 varnish
xkey
imageshack.imagizer.com
age
31050
x-varnish-port
17001
x-original-filesize
364186
x-original-response-code
200
content-length
2378481
server
nginx/1.2.8
x-origin-fetch-time
46
etag
c4ca4238a0b923820dcc509a6f75849b
access-control-allow-methods
GET, POST, OPTIONS, HEAD, GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*, imageshack.com, *
x-hw
1695496184.cds229.ny3.hn,1695496184.cds131.ny3.c
x-imagizer-host
imageshack.imagizer.com
cache-control
max-age=2592000, public
access-control-allow-credentials
true
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN
x-original-resolution
960x200
accept-ranges
bytes
x-varnish-hits
74
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
x-varnish
825013423 824040673
x-cache-hits
0

Redirect headers

location
https://imagizer.imageshack.com/img924/9104/KFRxAa.gif
Date
Sat, 23 Sep 2023 19:09:44 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
h0fTR1.gif
imagizer.imageshack.com/img924/1784/
Redirect Chain
  • https://188.166.185.110/luxtogel/960x200.php
  • https://imagizer.imageshack.com/img924/1784/h0fTR1.gif
721 KB
722 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagizer.imageshack.com/img924/1784/h0fTR1.gif
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H2
Server
151.139.128.10 Dallas, United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx/1.2.8 /
Resource Hash
670a0a720ecb7afe4eaf396d54967046b95f98a5e5f98dfaf141cded5a669b6f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-varnish-ip
38.99.77.37
date
Sat, 23 Sep 2023 19:09:44 GMT
via
1.1 varnish
xkey
imageshack.imagizer.com
age
27456
x-varnish-port
17001
x-original-filesize
345320
x-original-response-code
200
content-length
738356
server
nginx/1.2.8
x-origin-fetch-time
45
etag
c4ca4238a0b923820dcc509a6f75849b
access-control-allow-methods
GET, POST, OPTIONS, HEAD, GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*, imageshack.com, *
x-hw
1695496184.cds229.ny3.hn,1695496184.cds127.ny3.c
x-imagizer-host
imageshack.imagizer.com
cache-control
max-age=2592000, public
access-control-allow-credentials
true
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN
x-original-resolution
960x200
accept-ranges
bytes
x-varnish-hits
72
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
x-varnish
820941141 820162577
x-cache-hits
0

Redirect headers

location
https://imagizer.imageshack.com/img924/1784/h0fTR1.gif
Date
Sat, 23 Sep 2023 19:09:44 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
BpH1Cz.gif
imagizer.imageshack.com/img923/4314/
Redirect Chain
  • https://188.166.185.110/maxtoto/728x90.php
  • https://imagizer.imageshack.com/img923/4314/BpH1Cz.gif
591 KB
592 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagizer.imageshack.com/img923/4314/BpH1Cz.gif
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H2
Server
151.139.128.10 Dallas, United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx/1.2.8 /
Resource Hash
d87eceb02fba005b82a3cd5bffebb7f57e4fd79b79a055fb64301f05b1f2bd14

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-varnish-ip
38.99.77.66
date
Sat, 23 Sep 2023 19:09:44 GMT
via
1.1 varnish
xkey
imageshack.imagizer.com
age
1949389
x-varnish-port
17001
x-original-filesize
262527
x-original-response-code
200
content-length
605682
server
nginx/1.2.8
x-origin-fetch-time
110
etag
c4ca4238a0b923820dcc509a6f75849b
access-control-allow-methods
GET, POST, OPTIONS, HEAD, GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*, imageshack.com, *
x-hw
1695496184.cds229.ny3.hn,1695496184.cds246.ny3.c
x-imagizer-host
imageshack.imagizer.com
cache-control
max-age=2592000, public
access-control-allow-credentials
true
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN
x-original-resolution
728x90
accept-ranges
bytes
x-varnish-hits
491
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
x-varnish
2539890637 2489306441
x-cache-hits
0

Redirect headers

location
https://imagizer.imageshack.com/img923/4314/BpH1Cz.gif
Date
Sat, 23 Sep 2023 19:09:44 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Abqjcu.gif
imagizer.imageshack.com/img922/582/
Redirect Chain
  • https://188.166.185.110/crown/728x90.php
  • https://imagizer.imageshack.com/img922/582/Abqjcu.gif
1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagizer.imageshack.com/img922/582/Abqjcu.gif
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H2
Server
151.139.128.10 Dallas, United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx/1.2.8 /
Resource Hash
f54eb2e44efa8792d669991e2a40a7e972aa87abcdf16aef5670ed4d4d46e93e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-varnish-ip
38.99.77.64
date
Sat, 23 Sep 2023 19:09:44 GMT
via
1.1 varnish
xkey
imageshack.imagizer.com
age
27941
x-varnish-port
17001
x-original-filesize
272740
x-original-response-code
200
content-length
1122843
server
nginx/1.2.8
x-origin-fetch-time
33
etag
c4ca4238a0b923820dcc509a6f75849b
access-control-allow-methods
GET, POST, OPTIONS, HEAD, GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*, imageshack.com, *
x-hw
1695496184.cds229.ny3.hn,1695496184.cds132.ny3.c
x-imagizer-host
imageshack.imagizer.com
cache-control
max-age=2592000, public
access-control-allow-credentials
true
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN
x-original-resolution
728x90
accept-ranges
bytes
x-varnish-hits
61
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
x-varnish
222993163 222080462
x-cache-hits
0

Redirect headers

location
https://imagizer.imageshack.com/img922/582/Abqjcu.gif
Date
Sat, 23 Sep 2023 19:09:44 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
tkQ8RG.gif
imagizer.imageshack.com/img922/6719/
Redirect Chain
  • https://188.166.185.110/platinumslot/728x90.php
  • https://imagizer.imageshack.com/img922/6719/tkQ8RG.gif
1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagizer.imageshack.com/img922/6719/tkQ8RG.gif
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H2
Server
151.139.128.10 Dallas, United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx/1.2.8 /
Resource Hash
89c7e4fcaec82487722bd8858d5477b8a429af741cbbd08e3608f7522abdc97c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-varnish-ip
38.99.77.36
date
Sat, 23 Sep 2023 19:09:44 GMT
via
1.1 varnish
xkey
imageshack.imagizer.com
age
2227524
x-varnish-port
17001
x-original-filesize
690417
x-original-response-code
200
content-length
1089348
server
nginx/1.2.8
x-origin-fetch-time
252
etag
c4ca4238a0b923820dcc509a6f75849b
access-control-allow-methods
GET, POST, OPTIONS, HEAD, GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*, imageshack.com, *
x-hw
1695496184.cds229.ny3.hn,1695496184.cds217.ny3.c
x-imagizer-host
imageshack.imagizer.com
cache-control
max-age=2592000, public
access-control-allow-credentials
true
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN
x-original-resolution
728x90
accept-ranges
bytes
x-varnish-hits
117
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
x-varnish
2525679993 2463952823
x-cache-hits
0

Redirect headers

location
https://imagizer.imageshack.com/img922/6719/tkQ8RG.gif
Date
Sat, 23 Sep 2023 19:09:44 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
1CIWEC.gif
imagizer.imageshack.com/img922/4503/
Redirect Chain
  • https://188.166.185.110/oscar/728x90.php
  • https://imagizer.imageshack.com/img922/4503/1CIWEC.gif
968 KB
969 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagizer.imageshack.com/img922/4503/1CIWEC.gif
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H2
Server
151.139.128.10 Dallas, United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx/1.2.8 /
Resource Hash
c4b5b631324195743816694374fcb05ea580829c1d7540ac53c90096fde4f10c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-varnish-ip
38.99.77.64
date
Sat, 23 Sep 2023 19:09:44 GMT
via
1.1 varnish
xkey
imageshack.imagizer.com
age
26926
x-varnish-port
17001
x-original-filesize
416079
x-original-response-code
200
content-length
991479
server
nginx/1.2.8
x-origin-fetch-time
44
etag
c4ca4238a0b923820dcc509a6f75849b
access-control-allow-methods
GET, POST, OPTIONS, HEAD, GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*, imageshack.com, *
x-hw
1695496184.cds229.ny3.hn,1695496184.cds051.ny3.c
x-imagizer-host
imageshack.imagizer.com
cache-control
max-age=2592000, public
access-control-allow-credentials
true
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN
x-original-resolution
728x90
accept-ranges
bytes
x-varnish-hits
69
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
x-varnish
222993171 222108529
x-cache-hits
0

Redirect headers

location
https://imagizer.imageshack.com/img922/4503/1CIWEC.gif
Date
Sat, 23 Sep 2023 19:09:44 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
N5cbcy.gif
imagizer.imageshack.com/img924/8444/
Redirect Chain
  • https://188.166.185.110/royaltogel/728x90.php
  • https://imagizer.imageshack.com/img924/8444/N5cbcy.gif
1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagizer.imageshack.com/img924/8444/N5cbcy.gif
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H2
Server
151.139.128.10 Dallas, United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx/1.2.8 /
Resource Hash
e5ef3891cb52b6ce2fbfb7767bd06612f19952c7564407b0cd224fd27cfb4824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-varnish-ip
38.99.77.33
date
Sat, 23 Sep 2023 19:09:44 GMT
via
1.1 varnish
xkey
imageshack.imagizer.com
age
26586
x-varnish-port
17001
x-original-filesize
306516
x-original-response-code
200
content-length
1231775
server
nginx/1.2.8
x-origin-fetch-time
47
etag
c4ca4238a0b923820dcc509a6f75849b
access-control-allow-methods
GET, POST, OPTIONS, HEAD, GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*, imageshack.com, *
x-hw
1695496184.cds229.ny3.hn,1695496184.cds212.ny3.c
x-imagizer-host
imageshack.imagizer.com
cache-control
max-age=2592000, public
access-control-allow-credentials
true
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN
x-original-resolution
728x90
accept-ranges
bytes
x-varnish-hits
57
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
x-varnish
684021372 683207494
x-cache-hits
0

Redirect headers

location
https://imagizer.imageshack.com/img924/8444/N5cbcy.gif
Date
Sat, 23 Sep 2023 19:09:44 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Y0SRNo.gif
imagizer.imageshack.com/img922/7844/
Redirect Chain
  • https://188.166.185.110/viptoto/728x90.php
  • https://imagizer.imageshack.com/img922/7844/Y0SRNo.gif
595 KB
596 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagizer.imageshack.com/img922/7844/Y0SRNo.gif
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H2
Server
151.139.128.10 Dallas, United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx/1.2.8 /
Resource Hash
b7f4cf926dabec212d9ca54a21b547d70205e079c057c2a9632e64734a7064a2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-varnish-ip
38.99.77.66
date
Sat, 23 Sep 2023 19:09:44 GMT
via
1.1 varnish
xkey
imageshack.imagizer.com
age
160556
x-varnish-port
17001
x-original-filesize
291735
x-original-response-code
200
content-length
609757
server
nginx/1.2.8
x-origin-fetch-time
117
etag
c4ca4238a0b923820dcc509a6f75849b
access-control-allow-methods
GET, POST, OPTIONS, HEAD, GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*, imageshack.com, *
x-hw
1695496184.cds229.ny3.hn,1695496184.cds041.ny3.c
x-imagizer-host
imageshack.imagizer.com
cache-control
max-age=2592000, public
access-control-allow-credentials
true
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN
x-original-resolution
728x90
accept-ranges
bytes
x-varnish-hits
25
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
x-varnish
2419979298 2415356821
x-cache-hits
0

Redirect headers

location
https://imagizer.imageshack.com/img922/7844/Y0SRNo.gif
Date
Sat, 23 Sep 2023 19:09:44 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
AF6xQA.gif
imagizer.imageshack.com/img923/7313/
Redirect Chain
  • https://188.166.185.110/mvptogel/728x90.php
  • https://imagizer.imageshack.com/img923/7313/AF6xQA.gif
616 KB
616 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagizer.imageshack.com/img923/7313/AF6xQA.gif
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H2
Server
151.139.128.10 Dallas, United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx/1.2.8 /
Resource Hash
45d3065407acb9cf5254b00f6aba07e04c008a41905a6d7d9a5d2976251976cc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-varnish-ip
38.99.77.33
date
Sat, 23 Sep 2023 19:09:44 GMT
via
1.1 varnish
xkey
imageshack.imagizer.com
age
27122
x-varnish-port
17001
x-original-filesize
278802
x-original-response-code
200
content-length
630504
server
nginx/1.2.8
x-origin-fetch-time
48
etag
c4ca4238a0b923820dcc509a6f75849b
access-control-allow-methods
GET, POST, OPTIONS, HEAD, GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*, imageshack.com, *
x-hw
1695496184.cds229.ny3.hn,1695496184.cds223.ny3.c
x-imagizer-host
imageshack.imagizer.com
cache-control
max-age=2592000, public
access-control-allow-credentials
true
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN
x-original-resolution
728x90
accept-ranges
bytes
x-varnish-hits
44
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
x-varnish
684021371 683193182
x-cache-hits
0

Redirect headers

location
https://imagizer.imageshack.com/img923/7313/AF6xQA.gif
Date
Sat, 23 Sep 2023 19:09:44 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
4yEakr.gif
imagizer.imageshack.com/img924/9796/
Redirect Chain
  • https://188.166.185.110/ktvtogel/728x90.php
  • https://imagizer.imageshack.com/img924/9796/4yEakr.gif
510 KB
510 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagizer.imageshack.com/img924/9796/4yEakr.gif
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H2
Server
151.139.128.10 Dallas, United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx/1.2.8 /
Resource Hash
f82331772a66d515be91a974c662fe4b5fbc45a79009cf24139dc95566ff0113

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-varnish-ip
38.99.77.68
date
Sat, 23 Sep 2023 19:09:44 GMT
via
1.1 varnish
xkey
imageshack.imagizer.com
age
27585
x-varnish-port
17001
x-original-filesize
278938
x-original-response-code
200
content-length
521821
server
nginx/1.2.8
x-origin-fetch-time
57
etag
c4ca4238a0b923820dcc509a6f75849b
access-control-allow-methods
GET, POST, OPTIONS, HEAD, GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*, imageshack.com, *
x-hw
1695496184.cds229.ny3.hn,1695496184.cds061.ny3.c
x-imagizer-host
imageshack.imagizer.com
cache-control
max-age=2592000, public
access-control-allow-credentials
true
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN
x-original-resolution
728x90
accept-ranges
bytes
x-varnish-hits
56
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
x-varnish
2307237457 2306361104
x-cache-hits
0

Redirect headers

location
https://imagizer.imageshack.com/img924/9796/4yEakr.gif
Date
Sat, 23 Sep 2023 19:09:44 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
pUhsAK.gif
imagizer.imageshack.com/img924/6024/
Redirect Chain
  • https://188.166.185.110/elitetogel/728x90.php
  • https://imagizer.imageshack.com/img924/6024/pUhsAK.gif
516 KB
516 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagizer.imageshack.com/img924/6024/pUhsAK.gif
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H2
Server
151.139.128.10 Dallas, United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx/1.2.8 /
Resource Hash
6c756b03a75b0b65fee0a366c45e980ddc09e4e5551fdbfc06014b80ffdb6ebc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-varnish-ip
38.99.77.33
date
Sat, 23 Sep 2023 19:09:44 GMT
via
1.1 varnish
xkey
imageshack.imagizer.com
age
27670
x-varnish-port
17001
x-original-filesize
458580
x-original-response-code
200
content-length
528397
server
nginx/1.2.8
x-origin-fetch-time
42
etag
c4ca4238a0b923820dcc509a6f75849b
access-control-allow-methods
GET, POST, OPTIONS, HEAD, GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*, imageshack.com, *
x-hw
1695496184.cds229.ny3.hn,1695496184.cds229.ny3.c
x-imagizer-host
imageshack.imagizer.com
cache-control
max-age=2592000, public
access-control-allow-credentials
true
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN
x-original-resolution
728x90
accept-ranges
bytes
x-varnish-hits
69
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
x-varnish
684021305 683179590
x-cache-hits
0

Redirect headers

location
https://imagizer.imageshack.com/img924/6024/pUhsAK.gif
Date
Sat, 23 Sep 2023 19:09:44 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
aV1mRn.gif
imagizer.imageshack.com/img923/9423/
Redirect Chain
  • https://188.166.185.110/oktogel/728x90.php
  • https://imagizer.imageshack.com/img923/9423/aV1mRn.gif
1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagizer.imageshack.com/img923/9423/aV1mRn.gif
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H2
Server
151.139.128.10 Dallas, United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx/1.2.8 /
Resource Hash
0861fe5a5cb1465da2cbcc0a33a283e500d326b653d05b254f88ad927337703c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-varnish-ip
38.99.77.69
date
Sat, 23 Sep 2023 19:09:44 GMT
via
1.1 varnish
xkey
imageshack.imagizer.com
age
27055
x-varnish-port
17001
x-original-filesize
143285
x-original-response-code
200
content-length
1123969
server
nginx/1.2.8
x-origin-fetch-time
29
etag
c4ca4238a0b923820dcc509a6f75849b
access-control-allow-methods
GET, POST, OPTIONS, HEAD, GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*, imageshack.com, *
x-hw
1695496184.cds229.ny3.hn,1695496184.cds202.ny3.c
x-imagizer-host
imageshack.imagizer.com
cache-control
max-age=2592000, public
access-control-allow-credentials
true
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN
x-original-resolution
728x90
accept-ranges
bytes
x-varnish-hits
74
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
x-varnish
820941179 820172147
x-cache-hits
0

Redirect headers

location
https://imagizer.imageshack.com/img923/9423/aV1mRn.gif
Date
Sat, 23 Sep 2023 19:09:44 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
coUa59.gif
imagizer.imageshack.com/img924/1907/
Redirect Chain
  • https://188.166.185.110/djtogel/728x90.php
  • https://imagizer.imageshack.com/img924/1907/coUa59.gif
903 KB
904 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagizer.imageshack.com/img924/1907/coUa59.gif
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H2
Server
151.139.128.10 Dallas, United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx/1.2.8 /
Resource Hash
5db22c33f4aba60cbdf1973ef5b7f125829d65d088a390038158994c1f90f8d5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-varnish-ip
38.99.77.69
date
Sat, 23 Sep 2023 19:09:44 GMT
via
1.1 varnish
xkey
imageshack.imagizer.com
age
27859
x-varnish-port
17001
x-original-filesize
176529
x-original-response-code
200
content-length
924853
server
nginx/1.2.8
x-origin-fetch-time
47
etag
c4ca4238a0b923820dcc509a6f75849b
access-control-allow-methods
GET, POST, OPTIONS, HEAD, GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*, imageshack.com, *
x-hw
1695496184.cds229.ny3.hn,1695496184.cds241.ny3.c
x-imagizer-host
imageshack.imagizer.com
cache-control
max-age=2592000, public
access-control-allow-credentials
true
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN
x-original-resolution
728x90
accept-ranges
bytes
x-varnish-hits
65
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
x-varnish
820941118 820153045
x-cache-hits
0

Redirect headers

location
https://imagizer.imageshack.com/img924/1907/coUa59.gif
Date
Sat, 23 Sep 2023 19:09:44 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
1hFkQQ.gif
imagizer.imageshack.com/img924/9464/
Redirect Chain
  • https://188.166.185.110/platinumtoto/728x90.php
  • https://imagizer.imageshack.com/img924/9464/1hFkQQ.gif
827 KB
827 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagizer.imageshack.com/img924/9464/1hFkQQ.gif
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H2
Server
151.139.128.10 Dallas, United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx/1.2.8 /
Resource Hash
d33b14b874a7a2c44d104a2575395f504626d46e68291daf9d99e4dcfe455221

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-varnish-ip
38.99.77.64
date
Sat, 23 Sep 2023 19:09:44 GMT
via
1.1 varnish
xkey
imageshack.imagizer.com
age
26720
x-varnish-port
17001
x-original-filesize
309705
x-original-response-code
200
content-length
846719
server
nginx/1.2.8
x-origin-fetch-time
127
etag
c4ca4238a0b923820dcc509a6f75849b
access-control-allow-methods
GET, POST, OPTIONS, HEAD, GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*, imageshack.com, *
x-hw
1695496184.cds229.ny3.hn,1695496184.cds222.ny3.c
x-imagizer-host
imageshack.imagizer.com
cache-control
max-age=2592000, public
access-control-allow-credentials
true
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN
x-original-resolution
728x90
accept-ranges
bytes
x-varnish-hits
62
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
x-varnish
222993162 222114435
x-cache-hits
0

Redirect headers

location
https://imagizer.imageshack.com/img924/9464/1hFkQQ.gif
Date
Sat, 23 Sep 2023 19:09:44 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
7R9Cgo.gif
imagizer.imageshack.com/img924/7149/
Redirect Chain
  • https://188.166.185.110/dotatogel/728x90.php
  • https://imagizer.imageshack.com/img924/7149/7R9Cgo.gif
915 KB
915 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagizer.imageshack.com/img924/7149/7R9Cgo.gif
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H2
Server
151.139.128.10 Dallas, United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx/1.2.8 /
Resource Hash
1e314ba0aedaf767db51e349386596dd173894c018b0fdb8a1e4b2f5778add4a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-varnish-ip
38.99.77.37
date
Sat, 23 Sep 2023 19:09:44 GMT
via
1.1 varnish
xkey
imageshack.imagizer.com
age
27766
x-varnish-port
17001
x-original-filesize
553627
x-original-response-code
200
content-length
936773
server
nginx/1.2.8
x-origin-fetch-time
76
etag
c4ca4238a0b923820dcc509a6f75849b
access-control-allow-methods
GET, POST, OPTIONS, HEAD, GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*, imageshack.com, *
x-hw
1695496184.cds229.ny3.hn,1695496184.cds007.ny3.c
x-imagizer-host
imageshack.imagizer.com
cache-control
max-age=2592000, public
access-control-allow-credentials
true
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN
x-original-resolution
728x90
accept-ranges
bytes
x-varnish-hits
51
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
x-varnish
820941143 820155255
x-cache-hits
0

Redirect headers

location
https://imagizer.imageshack.com/img924/7149/7R9Cgo.gif
Date
Sat, 23 Sep 2023 19:09:44 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
WfUx7Q.gif
imagizer.imageshack.com/img922/8726/
Redirect Chain
  • https://188.166.185.110/autotogel/728x90.php
  • https://imagizer.imageshack.com/img922/8726/WfUx7Q.gif
405 KB
405 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagizer.imageshack.com/img922/8726/WfUx7Q.gif
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H2
Server
151.139.128.10 Dallas, United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx/1.2.8 /
Resource Hash
995efa3ea8035630bb6cbbf3187ff2be9e65142ef177d086ac8dbe851ae2f921

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-varnish-ip
38.99.77.70
date
Sat, 23 Sep 2023 19:09:44 GMT
via
1.1 varnish
xkey
imageshack.imagizer.com
age
28564
x-varnish-port
17001
x-original-filesize
248121
x-original-response-code
200
content-length
414818
server
nginx/1.2.8
x-origin-fetch-time
79
etag
c4ca4238a0b923820dcc509a6f75849b
access-control-allow-methods
GET, POST, OPTIONS, HEAD, GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*, imageshack.com, *
x-hw
1695496184.cds229.ny3.hn,1695496184.cds225.ny3.c
x-imagizer-host
imageshack.imagizer.com
cache-control
max-age=2592000, public
access-control-allow-credentials
true
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN
x-original-resolution
728x90
accept-ranges
bytes
x-varnish-hits
42
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
x-varnish
825013421 824107077
x-cache-hits
0

Redirect headers

location
https://imagizer.imageshack.com/img922/8726/WfUx7Q.gif
Date
Sat, 23 Sep 2023 19:09:44 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
8QzBsr.gif
imagizer.imageshack.com/img923/1463/
Redirect Chain
  • https://188.166.185.110/bosstoto/728x90.php
  • https://imagizer.imageshack.com/img923/1463/8QzBsr.gif
1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagizer.imageshack.com/img923/1463/8QzBsr.gif
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H2
Server
151.139.128.10 Dallas, United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx/1.2.8 /
Resource Hash
4af1713730417e001ac3a7b6471dc684d35cb58c5715f6ad9e3d0056cc3d8169

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-varnish-ip
38.99.77.34
date
Sat, 23 Sep 2023 19:09:44 GMT
via
1.1 varnish
xkey
imageshack.imagizer.com
age
496
x-varnish-port
17001
x-original-filesize
435578
x-original-response-code
200
content-length
1193675
server
nginx/1.2.8
x-origin-fetch-time
38
etag
c4ca4238a0b923820dcc509a6f75849b
access-control-allow-methods
GET, POST, OPTIONS, HEAD, GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*, imageshack.com, *
x-hw
1695496184.cds229.ny3.hn,1695496184.cds140.ny3.c
x-imagizer-host
imageshack.imagizer.com
cache-control
max-age=2592000, public
access-control-allow-credentials
true
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN
x-original-resolution
728x90
accept-ranges
bytes
x-varnish-hits
255
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
x-varnish
2332190695 2332178834
x-cache-hits
0

Redirect headers

location
https://imagizer.imageshack.com/img923/1463/8QzBsr.gif
Date
Sat, 23 Sep 2023 19:09:44 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
core.min.js
totog4ul.win/wp-includes/js/jquery/ui/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://totog4ul.win/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:c980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
194ebae85ff853319e8668f23a4c5bf371a7d9f5d550a40980ab53026ddaaa17

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/office/index2.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 19:09:43 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 15 Apr 2021 04:41:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eZd%2FsF%2B%2BuW7793wtsquwt2hcqzUTc0j3J1jLu7IZnZGhwi5Vmr64zcYP5MgartFNq2XGonXApouSePzRF85WOwQNQ0G5%2Br7Ifu6%2B60V5Xjn401FJCkrKLuBLK5cIBZCm3IQrpIW5ZDrIu64%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
80b5156a2ecc4334-EWR
alt-svc
h3=":443"; ma=86400
expires
Sat, 30 Sep 2023 19:09:42 GMT
widget.min.js
totog4ul.win/wp-includes/js/jquery/ui/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://totog4ul.win/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:c980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99ada7e01817367027759ac452a1dd11eca7557272b8940d659c07adb6bc8cbe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/office/index2.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 19:09:44 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 15 Apr 2021 04:41:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wFIFgENra5tZdJHKDj%2Fk4Hq8bJ5q2p9LJ%2FrbfoAcpdYVs%2FgKySlVs2PVxVAlrGC4%2Bs9UMrAR1IwvxrUJwH7t52RavRC%2Faikj6LsikBUqbqENrMCMfO6ik6V0Xo9rfzD5KAPejTde3Qyg8D4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
80b5156a9f3b4334-EWR
alt-svc
h3=":443"; ma=86400
expires
Sat, 30 Sep 2023 19:09:43 GMT
accordion.min.js
totog4ul.win/wp-includes/js/jquery/ui/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://totog4ul.win/wp-includes/js/jquery/ui/accordion.min.js?ver=1.11.4
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:c980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96b656700f9b4784f69af925f46ecc91caa7f444b3168ecbb64afe06f8fc4c99

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/office/index2.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 19:09:43 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 15 Apr 2021 04:41:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2Fg%2F%2BQggIiRI1tRpVf42E2wqQH0MGaaEdA2S5Oh%2FcWsSWv%2F1cUblWZ2quaPVXlhIrMgj%2BYf374NoyZ%2BLUGKE6%2FMttnuhY1WlkwPXdFIo73iuuvmav3L5KTEV1TG1aas0shxWSvXQ91PtD0A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
80b5156abf6d4334-EWR
alt-svc
h3=":443"; ma=86400
expires
Sat, 30 Sep 2023 19:09:43 GMT
tabs.min.js
totog4ul.win/wp-includes/js/jquery/ui/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://totog4ul.win/wp-includes/js/jquery/ui/tabs.min.js?ver=1.11.4
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:c980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af6dd3662512bb4d13849eefd579d23ad8b28152aa6bf822fcf652412fd0cebf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/office/index2.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 19:09:44 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 15 Apr 2021 04:41:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7BMX1oU1yreGkprehbHsyCVoSscB9YVGhcxy4ELRfIGA1w2b9zMjU2UFPVkL4%2F5nDsyFIzhtHHxqnMWoBBNrCEt5IoMiznYixSpYWKqUFfK4PL6XPDacFx5YonI%2FTDu0drKS7sA2hmeEDrI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
80b5156acf774334-EWR
alt-svc
h3=":443"; ma=86400
expires
Sat, 30 Sep 2023 19:09:43 GMT
navigation.js
totog4ul.win/wp-content/themes/music-and-video/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://totog4ul.win/wp-content/themes/music-and-video/js/navigation.js?ver=4.9.23
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:c980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/office/index2.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 19:09:43 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 14 Oct 2020 03:24:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KtMjpBMJ1z0y5LmXMZaPQVAX0HGRqFtt2E7zWMeNWTif4WSOZBjhfgQG4%2Bc9z1rwtm5XxU%2B0QQVr1HQAWwHoVaR7bx0LU7L7albrPJlslOmALaCpDF1DoMOL7FedJqG%2BFDj46obxI%2BhTPMA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
80b5156acf7a4334-EWR
alt-svc
h3=":443"; ma=86400
expires
Sat, 30 Sep 2023 19:09:43 GMT
viewportchecker.js
totog4ul.win/wp-content/themes/music-and-video/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://totog4ul.win/wp-content/themes/music-and-video/js/viewportchecker.js?ver=4.9.23
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:c980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
136f45bc257b9eb3e9883fab194e1a911359a88d4df78731e49ee587b611a112

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/office/index2.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 19:09:43 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 14 Oct 2020 03:24:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vb2mqObf4G7S4kH1BwYwDPumZL7HWTMbHvK2EgQl1TbV139aDdajEyQZoBLWfPcXIyytiPmOzAihGFoKuIHLuhiPbAdsKicLj179OEyOaeRrtAgPi1NjW53Rghs83QuTRgCCKEL7GVBN0WI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
80b5156acf7b4334-EWR
alt-svc
h3=":443"; ma=86400
expires
Sat, 30 Sep 2023 19:09:43 GMT
to-top.js
totog4ul.win/wp-content/themes/music-and-video/js/ 		307 B
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://totog4ul.win/wp-content/themes/music-and-video/js/to-top.js?ver=4.9.23
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:c980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41a601478e789dffd27318cc9e4e4166f71d168fa79fb85a9dac34e9d271ca83

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/office/index2.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 19:09:44 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 14 Oct 2020 03:24:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A6rDzjyJj4DWATWK64U9tYK958hyi4LeBT4LE%2F%2BrNH%2BHHorSGulry5sn8oeSnt1oBT5Q5a4eXJinKyY5SxQRgpdbcyhMseHuJoedHQC8AVXXBStAIYZHx%2F5EOfKV4S9VsEdbudoj3emMXww%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
80b5156acf7c4334-EWR
alt-svc
h3=":443"; ma=86400
expires
Sat, 30 Sep 2023 19:09:43 GMT
skip-link-focus-fix.js
totog4ul.win/wp-content/themes/music-and-video/js/ 		685 B
850 B 		Script
General
Check archive.org
Download Go to
Full URL
https://totog4ul.win/wp-content/themes/music-and-video/js/skip-link-focus-fix.js?ver=4.9.23
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:c980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/office/index2.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 19:09:44 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 14 Oct 2020 03:24:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZQ%2BnZxXXFa22aQWxKD%2Be4psPsRM7uhiW6OpxgSFvl6gKcAL9c%2FcSjga3CJs4Or9y608YTIT6aUEQpiUFosuspxaaJgXLYLZ%2BHmejbQcBq1Rv8XewYO8KB0lKjAJmj9iVQUo2FMm6uYCNULc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
80b5156acf7e4334-EWR
alt-svc
h3=":443"; ma=86400
expires
Sat, 30 Sep 2023 19:09:43 GMT
wp-embed.min.js
totog4ul.win/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://totog4ul.win/wp-includes/js/wp-embed.min.js?ver=4.9.23
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:c980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37c5f58f12814dd0ecc28f15b7765c6bcd31a9479d330b4ef896e140bf89dc38

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/office/index2.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 19:09:43 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 17 May 2023 04:40:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XPqfRp21wKsb%2FOOhJYcCpXHRXjbBdHCUQxzaFuvLHn0NvWw02Xh%2FtDZfO5ZykUxDUqke7XFnsKGyM9dsm2cwogRi7uA0Yq%2BkmRj2Pyz3TL0U9kZfEH9azc8%2Bqn9PCeK3oZrv43reGjbR%2Bv4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
80b5156acf814334-EWR
alt-svc
h3=":443"; ma=86400
expires
Sat, 30 Sep 2023 19:09:42 GMT
wp-emoji-release.min.js
totog4ul.win/wp-includes/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://totog4ul.win/wp-includes/js/wp-emoji-release.min.js?ver=4.9.23
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:c980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/office/index2.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 19:09:43 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 15 Apr 2021 04:41:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JY6hHCCfeguLWUQ2QT7wxCMju8VChVZLBnJAXYz6ok3F3g2lN20x7BNahiVCNmREd06Xxx20FxDtYl2WAIjNYY%2B3Dy3KACYxvotJB3SmB%2B8d9fzhu%2FgIRVyK1TdRmSRLGNZZWuzd1j53WC8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
80b5156acf834334-EWR
alt-svc
h3=":443"; ma=86400
expires
Sat, 30 Sep 2023 19:09:43 GMT
5f8c55a3cb3ed20012478da3.js
buttons-config.sharethis.com/js/ 		30 B
450 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buttons-config.sharethis.com/js/5f8c55a3cb3ed20012478da3.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:3800:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 19:09:44 GMT
via
1.1 42cdf90926c91454b0e8865bb13f3962.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sun, 18 Oct 2020 14:48:04 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
etag
"e6e1643313740711175f51662a65b42f"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
text/javascript
cache-control
max-age=60,public
accept-ranges
bytes
content-length
30
x-amz-cf-id
PRZ2H46FU6nZasGmifMIRowDYxLjEpSyelcg-04R7jyBYmGgwnTfYg==
analytics.js
google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://google-analytics.com/analytics.js
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 23 Sep 2023 18:46:01 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1422
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 23 Sep 2023 20:46:01 GMT
sc
l.sharethis.com/
Redirect Chain
  • https://l.sharethis.com/pview?event=pview&hostname=totog4ul.win&location=%2Foffice%2Findex2.php&product=ga&url=https%3A%2F%2Ftotog4ul.win%2Foffice%2Findex2.php&source=sharethis.js&fcmp=false&fcmpv2...
  • https://l.sharethis.com/sc?event=pview&hostname=totog4ul.win&location=%2Foffice%2Findex2.php&product=ga&url=https%3A%2F%2Ftotog4ul.win%2Foffice%2Findex2.php&source=sharethis.js&fcmp=false&fcmpv2=fa...
177 B
695 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/sc?event=pview&hostname=totog4ul.win&location=%2Foffice%2Findex2.php&product=ga&url=https%3A%2F%2Ftotog4ul.win%2Foffice%2Findex2.php&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Laman%20tidak%20ditemukan%20%E2%80%93%20TOGELERS&cms=unknown&publisher=5f8c55a3cb3ed20012478da3&sop=true&version=st_sop.js&lang=en&ua=&ua_mobile=false&ua_full_version_list=&samesite=None
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
HTTP/1.1
Server
3.134.53.172 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-134-53-172.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
2b2265e007418646919dd5f0fffdb72a02854d1b11362f7122a602771db4470b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Sat, 23 Sep 2023 19:09:43 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://totog4ul.win
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Stid
ZGsAA2UPN/cAAAAILPiYAw==
Access-Control-Allow-Headers
*
Content-Length
177
X-Robots-Tag
noindex, nofollow

Redirect headers

Date
Sat, 23 Sep 2023 19:09:43 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://totog4ul.win
Location
/sc?event=pview&hostname=totog4ul.win&location=%2Foffice%2Findex2.php&product=ga&url=https%3A%2F%2Ftotog4ul.win%2Foffice%2Findex2.php&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Laman%20tidak%20ditemukan%20%E2%80%93%20TOGELERS&cms=unknown&publisher=5f8c55a3cb3ed20012478da3&sop=true&version=st_sop.js&lang=en&ua=&ua_mobile=false&ua_full_version_list=&samesite=None
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Stid
ZGsAA2UPN/cAAAAILPiYAw==
Access-Control-Allow-Headers
*
Content-Length
497
X-Robots-Tag
noindex, nofollow
background.jpg
totog4ul.win/wp-content/themes/music-and-video/images/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://totog4ul.win/wp-content/themes/music-and-video/images/background.jpg
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:c980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8937dcd6b6441933bce8b7a4742953cdd13a2488e4d3f36f6d339e75965e9124

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/office/index2.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 19:09:44 GMT
cf-cache-status
MISS
last-modified
Wed, 14 Oct 2020 03:24:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MfJ9SSW06cpkuWckHr8Ep65vmOr7WLbGLq1%2BcYGI0cfJw0ykyOcjdN0wCQ%2F9zje2V8bpPwf8JJt%2BLJQA8oM2cywcES4SZ%2FgyrWJ5tcr%2BMTGGpW%2F8T4UDENp9gLpmobNEXVZehaJJuoYssys%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
80b5156acf844334-EWR
alt-svc
h3=":443"; ma=86400
content-length
15527
expires
Sat, 30 Sep 2023 19:09:43 GMT
background-header.jpg
totog4ul.win/wp-content/themes/music-and-video/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://totog4ul.win/wp-content/themes/music-and-video/images/background-header.jpg
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/wp-content/themes/music-and-video/style.css?ver=4.9.23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:c980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b81d65d55b4894f22de3f3792d3bef1d147f40d507912e2d5662f92f61d98db3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/wp-content/themes/music-and-video/style.css?ver=4.9.23
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 19:09:43 GMT
cf-cache-status
HIT
last-modified
Wed, 14 Oct 2020 03:24:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
97572
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gJfcvBaSUR86PKUHFMDMun7UZM6RB6ChpHVh7B%2B3Mru3OREIEy%2B7F4W8GddNEJJSWLiiouUs6fx6iKfBQ0fcNGcktazEhSUtOxJvmewccS71DINCol8pMrszYzD2SfX8iESvcn4m7dgt9RI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
80b5156adf914334-EWR
alt-svc
h3=":443"; ma=86400
content-length
10724
expires
Fri, 29 Sep 2023 16:03:31 GMT
cropped-images-4-3.jpeg
totog4ul.win/wp-content/uploads/2020/10/
Redirect Chain
  • https://totog4ul.top/wp-content/uploads/2020/10/cropped-images-4-3.jpeg
  • https://totog4ul.win/wp-content/uploads/2020/10/cropped-images-4-3.jpeg
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://totog4ul.win/wp-content/uploads/2020/10/cropped-images-4-3.jpeg
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/office/index2.php
Protocol
H3
Server
2606:4700:3034::ac43:c980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9c55b936614d6241131f10093867b75d71089843878ff1146695f9f5db3bc35

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 19:09:44 GMT
cf-cache-status
MISS
last-modified
Fri, 01 Sep 2023 02:01:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w7ZZc9kY%2F%2F27bfkaUqBaIJogFTTrQpMJnN56HIkk2%2BlDXsz4RHnaKwxVOp7F3H4sSlFFMgKhP2oQlx6gFQdFLMfDjNundvGsKdrQrnXBIb%2FxDazAoNCu5oHI1HmaTEwxMwNXNjIwg0V7bR8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
80b5156c69634334-EWR
alt-svc
h3=":443"; ma=86400
content-length
14956
expires
Sat, 30 Sep 2023 19:09:43 GMT

Redirect headers

date
Sat, 23 Sep 2023 19:09:43 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VWJeZeJFHgfswSHOeS0iFMG0r1RLel9zwINrIuD3%2BAv6%2FPbxjK3kMAKOiXp0FTKUmgD%2F28LAvgFtkD9EoJJxELNJBttqA2yEkArY9rzF0M129RFJlhsc2gYBjxCPP4YFRAh0Va4EgdjCoJA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://totog4ul.win/wp-content/uploads/2020/10/cropped-images-4-3.jpeg
cache-control
max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
80b5156b3842c466-EWR
alt-svc
h3=":443"; ma=86400
footer.jpg
totog4ul.win/wp-content/themes/music-and-video/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://totog4ul.win/wp-content/themes/music-and-video/images/footer.jpg
Requested by
Host: totog4ul.win
URL: https://totog4ul.win/wp-content/themes/music-and-video/style.css?ver=4.9.23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:c980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c028c318aa309cbd9f4d6b5dbb76c0b3054a3272e5f338a1b0d37d145eca06a0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/wp-content/themes/music-and-video/style.css?ver=4.9.23
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 19:09:44 GMT
cf-cache-status
MISS
last-modified
Wed, 14 Oct 2020 03:24:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zDX9A4xG%2BoJYhm7LNLoJoysi1Si1gSpvk8St8bnFsfh377qHCrQXhMlpMSlzzlW7pW%2FxexTYtAsNkAYKMJMSnu%2F8Tf2%2BlUslt%2BVKyFHv1%2B%2F8vhV%2B5O1MXOq3OeajJ9XJYGxJNJD0ZbBhigM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
80b5156adf954334-EWR
alt-svc
h3=":443"; ma=86400
content-length
15180
expires
Sat, 30 Sep 2023 19:09:43 GMT
ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2
fonts.gstatic.com/s/notoserif/v22/ 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserif/v22/ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%2C700&subset=latin%2Clatin-ext&ver=0.0.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9fba21cadf406469bf9bf6a18ed755edbd245f48efaaeb8a19ff6dff655aefdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://totog4ul.win
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 20:36:11 GMT
x-content-type-options
nosniff
age
254012
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43380
x-xss-protection
0
last-modified
Tue, 30 May 2023 21:24:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Sep 2024 20:36:11 GMT
4UaHrEJCrhhnVA3DgluA96rp5w.woff2
fonts.gstatic.com/s/breeserif/v17/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/breeserif/v17/4UaHrEJCrhhnVA3DgluA96rp5w.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bree+Serif%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i&ver=4.9.23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb27fcf27e09328582b85835364d5a2dd4dd134ed69841913069574c3676f272
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://totog4ul.win
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 03:03:30 GMT
x-content-type-options
nosniff
age
230773
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10408
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:47:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Sep 2024 03:03:30 GMT
truncated
/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9bed85194825621e48578c8002849606b99ccdf7024df0358f9c2c1ba3ea2f14

Request headers

Referer
Origin
https://totog4ul.win
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
collect
www.google-analytics.com/j/ 		15 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=642936730&t=pageview&_s=1&dl=https%3A%2F%2Ftotog4ul.win%2Foffice%2Findex2.php&ul=en-us&de=UTF-8&dt=Laman%20tidak%20ditemukan%20%E2%80%93%20TOGELERS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=643315065&gjid=528402495&cid=1563138867.1695496184&tid=UA-167731820-1&_gid=911945549.1695496184&_r=1&_slc=1&z=1231387221
Requested by
Host: google-analytics.com
URL: https://google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
c6981c20145584ed93410829afb95a7b25556ea484e43826fca7cba9c86bcf2f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://totog4ul.win/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Sep 2023 19:09:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://totog4ul.win
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		220 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MJ1C063ET1&cx=c&_slc=1
Requested by
Host: google-analytics.com
URL: https://google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
066fc97b41f5f38ab82c5a892e1db3a0e68ca3719d7b288aa0f6b7d5ac7e06a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 19:09:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81378
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 23 Sep 2023 19:09:43 GMT
collect
www.google-analytics.com/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-W9F9HCFE80&gtm=45je39k2&_p=642936730&cid=1563138867.1695496184&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695496183&sct=1&seg=0&dl=https%3A%2F%2Ftotog4ul.win%2Foffice%2Findex2.php&dt=Laman%20tidak%20ditemukan%20%E2%80%93%20TOGELERS&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W9F9HCFE80
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Sep 2023 19:09:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://totog4ul.win
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-MJ1C063ET1&gtm=45je39k2&_p=642936730&ul=en-us&sr=1600x1200&cid=1563138867.1695496184&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Ftotog4ul.win%2Foffice%2Findex2.php&dt=Laman%20tidak%20ditemukan%20%E2%80%93%20TOGELERS&sid=1695496183&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MJ1C063ET1&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totog4ul.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Sep 2023 19:09:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://totog4ul.win
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| _wpemojiSettings undefined| $ function| jQuery object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ object| ua_fields function| gtag object| dataLayer string| GoogleAnalyticsObject function| ga object| creditsyear object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| onYouTubeIframeAPIReady object| twemoji object| wp object| jQuery11240029784044860455383

8 Cookies

Domain/Path Name / Value
.totog4ul.win/ Name: _gid
Value: GA1.2.911945549.1695496184
.totog4ul.win/ Name: _gat
Value: 1
.sharethis.com/ Name: __stid
Value: ZGsAA2UPN/cAAAAILPiYAw==
.sharethis.com/ Name: __stidv
Value: 2
.totog4ul.win/ Name: _ga_W9F9HCFE80
Value: GS1.1.1695496183.1.0.1695496183.0.0.0
.totog4ul.win/ Name: _ga
Value: GA1.1.1563138867.1695496184
.totog4ul.win/ Name: fpestid
Value: wFyDluZqGPh4UL3ZsLy5pK6-f9Ajj3Ji-hinT_OhbSTz53VZUQyNrTx9yiHzib3noywN7Q
.totog4ul.win/ Name: _ga_MJ1C063ET1
Value: GS1.2.1695496183.1.0.1695496183.0.0.0

1 Console Messages

Source Level URL
Text
network error URL: https://totog4ul.win/office/index2.php
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

buttons-config.sharethis.com
fonts.googleapis.com
fonts.gstatic.com
google-analytics.com
imagizer.imageshack.com
l.sharethis.com
platform-api.sharethis.com
totog4ul.org
totog4ul.top
totog4ul.win
www.google-analytics.com
www.googletagmanager.com
13.225.214.40
151.139.128.10
188.166.185.110
2001:4860:4802:32::178
2600:9000:2511:3800:c:abe:f440:93a1
2606:4700:3031::6815:4a82
2606:4700:3034::ac43:c980
2606:4700:3035::6815:5b5b
2607:f8b0:4006:80b::2004
2607:f8b0:4006:81c::200a
2607:f8b0:4006:820::2003
2607:f8b0:4006:821::2008
3.134.53.172
01a0eadca9eaf838affed5a1c3458722bccd8f5c2612091a7f8ace76a9b388fb
066fc97b41f5f38ab82c5a892e1db3a0e68ca3719d7b288aa0f6b7d5ac7e06a2
07aeafe326761ede70c6e3a2a574aadcc50f76197e412b39fe0fc14bc64adbf7
0861fe5a5cb1465da2cbcc0a33a283e500d326b653d05b254f88ad927337703c
115b6e3d2eb5b17772f337e5c76e8ad7ad95f0313d4c9c3675142eb5f8e4c15d
136f45bc257b9eb3e9883fab194e1a911359a88d4df78731e49ee587b611a112
14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2
194ebae85ff853319e8668f23a4c5bf371a7d9f5d550a40980ab53026ddaaa17
1e314ba0aedaf767db51e349386596dd173894c018b0fdb8a1e4b2f5778add4a
2b2265e007418646919dd5f0fffdb72a02854d1b11362f7122a602771db4470b
2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
37c5f58f12814dd0ecc28f15b7765c6bcd31a9479d330b4ef896e140bf89dc38
41a601478e789dffd27318cc9e4e4166f71d168fa79fb85a9dac34e9d271ca83
4483592df5f489240d937b25c07277a37d180cd3f98ebd2c7c91ad8f40ed028d
45d3065407acb9cf5254b00f6aba07e04c008a41905a6d7d9a5d2976251976cc
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4af1713730417e001ac3a7b6471dc684d35cb58c5715f6ad9e3d0056cc3d8169
4be2e4cc6c402759c5835e32ab13cbb8bffd2f5dfd5fd269667c6b91ed10e875
5db22c33f4aba60cbdf1973ef5b7f125829d65d088a390038158994c1f90f8d5
647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7
670a0a720ecb7afe4eaf396d54967046b95f98a5e5f98dfaf141cded5a669b6f
6c756b03a75b0b65fee0a366c45e980ddc09e4e5551fdbfc06014b80ffdb6ebc
71551892b0889d09a11fb35b3b45923bcd6ffe10248c8d0863a6470293e2d534
7946570593eca5c6ef41ee04d39237a0b20946358906ad9a506f73e467a65876
7c839a7fd4edc4b751c76a4a80933c7be2af87a5ce4d9bc01551dbea00598e06
882f49458638a58cb04c962bef8927251beacbb68b3f749aa0b9d5dc475e87f5
88dc1ab48bfa498167356353dcd6e529d48c3f98c170ca142229ac6015b45a2e
8937dcd6b6441933bce8b7a4742953cdd13a2488e4d3f36f6d339e75965e9124
89c7e4fcaec82487722bd8858d5477b8a429af741cbbd08e3608f7522abdc97c
8c8f0e4722c7ca99366a2e5ff1770db4dde34203a330004b18571410c79479e4
9154a1245d62653b88f4bdd36eb5147112b542e85694b422fcaebf826952ec53
96b656700f9b4784f69af925f46ecc91caa7f444b3168ecbb64afe06f8fc4c99
995efa3ea8035630bb6cbbf3187ff2be9e65142ef177d086ac8dbe851ae2f921
99ada7e01817367027759ac452a1dd11eca7557272b8940d659c07adb6bc8cbe
9bed85194825621e48578c8002849606b99ccdf7024df0358f9c2c1ba3ea2f14
9fba21cadf406469bf9bf6a18ed755edbd245f48efaaeb8a19ff6dff655aefdb
af6dd3662512bb4d13849eefd579d23ad8b28152aa6bf822fcf652412fd0cebf
b11bd71466921f180ddaec23d811da18ef4d3ec8f16706e91f75222bb60d8c38
b3a82ed2a2408a7388e3d86b45f3b6c844090adee75cae39ec5a48bb0c187c9b
b7f4cf926dabec212d9ca54a21b547d70205e079c057c2a9632e64734a7064a2
b81d65d55b4894f22de3f3792d3bef1d147f40d507912e2d5662f92f61d98db3
b96117aa79f5b0b443411f1e569ca635093427ae047c0e860ed7890b5a64b2ba
c028c318aa309cbd9f4d6b5dbb76c0b3054a3272e5f338a1b0d37d145eca06a0
c0feb07817425ad5b87cfae4d7fb48043d90d8e779dd24069f0d486b746d5d34
c4b5b631324195743816694374fcb05ea580829c1d7540ac53c90096fde4f10c
c6981c20145584ed93410829afb95a7b25556ea484e43826fca7cba9c86bcf2f
cb27fcf27e09328582b85835364d5a2dd4dd134ed69841913069574c3676f272
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
d0df2ff25fded9e43a0cfa5159393d4482725bfb390e8ca94f34da85b5304117
d33b14b874a7a2c44d104a2575395f504626d46e68291daf9d99e4dcfe455221
d87eceb02fba005b82a3cd5bffebb7f57e4fd79b79a055fb64301f05b1f2bd14
dc190e1ba0a7b706ba7c5a9aaceaacb05dfac5fe53c28da411ebdb915357d771
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56821e3cf7e55cc9036d79b3a82373f5144438c4ed7e68f1e3f013716a6e0d6
e5ef3891cb52b6ce2fbfb7767bd06612f19952c7564407b0cd224fd27cfb4824
e9c55b936614d6241131f10093867b75d71089843878ff1146695f9f5db3bc35
f54eb2e44efa8792d669991e2a40a7e972aa87abcdf16aef5670ed4d4d46e93e
f82331772a66d515be91a974c662fe4b5fbc45a79009cf24139dc95566ff0113
fb50825a87ef456a58c35ade2b42562aba318741e28b7c8b4b1c785070f66d20
fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c