urlscan.io logo urlscan.io
SecurityTrails logo

torrent-protection.com Open in urlscan Pro
167.99.123.14  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://sportstream.cpa-streamhd.com/register.php
Effective URL: https://torrent-protection.com/download-now/?domain=totaladblock.com&hash=62851ebb652fc&s1=5cc839de65115c0001015b85&s2=62e8fb0d...
Submission: On August 02 via manual from ID — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 6 countries across 11 domains to perform 12 HTTP transactions. The main IP is 167.99.123.14, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is torrent-protection.com. The Cisco Umbrella rank of the primary domain is 178888.
TLS certificate: Issued by R3 on June 4th 2022. Valid for: 3 months.
This is the only time torrent-protection.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 45.130.231.11 47583 (AS-HOSTINGER)
1 46.105.201.240 16276 (OVH)
1 192.99.13.63 16276 (OVH)
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 3 35.201.70.46 15169 (GOOGLE)
1 1 85.17.54.17 60781 (LEASEWEB-...)
1 4 167.99.123.14 14061 (DIGITALOC...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
12 9
3    45.130.231.11 (Singapore)

ASN47583 (AS-HOSTINGER, CY)
PTR: srv98.niagahoster.com
sportstream.cpa-streamhd.com
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
1    192.99.13.63 (Canada)

ASN16276 (OVH, FR)
PTR: ns504751.ip-192-99-13.net
s4.histats.com
1    2606:4700:10::ac43:162d (United States)

ASN13335 (CLOUDFLARENET, US)
www.affforce.com
1    2606:4700:3037::6815:4ce0 (United States)

ASN13335 (CLOUDFLARENET, US)
mcmo22.com
1    2606:4700:3031::ac43:c38a (United States)

ASN13335 (CLOUDFLARENET, US)
go.tffkroute.com
3    35.201.70.46 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 46.70.201.35.bc.googleusercontent.com
directdexchange.com
1    85.17.54.17 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
topsolutions.rdtk.io
4    167.99.123.14 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: torrent-protection.com
torrent-protection.com
1    2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
2    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
4 torrent-protection.com
torrent-protection.com — Cisco Umbrella Rank: 178888
12 KB
3 directdexchange.com
directdexchange.com — Cisco Umbrella Rank: 695826
4 KB
3 cpa-streamhd.com
sportstream.cpa-streamhd.com
3 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 73
2 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 15194
s4.histats.com — Cisco Umbrella Rank: 12371
5 KB
1 gstatic.com
fonts.gstatic.com
44 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 676
33 KB
1 rdtk.io
topsolutions.rdtk.io — Cisco Umbrella Rank: 259544
853 B
1 tffkroute.com
go.tffkroute.com — Cisco Umbrella Rank: 427797
576 B
1 mcmo22.com
mcmo22.com — Cisco Umbrella Rank: 412619
820 B
1 affforce.com
www.affforce.com
669 B
12 11
Domain Requested by
4 torrent-protection.com 1 redirects directdexchange.com
torrent-protection.com
3 directdexchange.com 2 redirects
3 sportstream.cpa-streamhd.com 1 redirects
2 fonts.googleapis.com torrent-protection.com
1 fonts.gstatic.com fonts.googleapis.com
1 code.jquery.com torrent-protection.com
1 topsolutions.rdtk.io 1 redirects
1 go.tffkroute.com 1 redirects
1 mcmo22.com 1 redirects
1 www.affforce.com 1 redirects
1 s4.histats.com s10.histats.com
1 s10.histats.com sportstream.cpa-streamhd.com
12 12

This site contains links to these domains. Also see Links.

Domain
www.totaladblock.com
url.totaladblock.com
Subject Issuer Validity Valid
www.sports1.cpa-streamhd.com
R3		 2022-07-27 -
2022-10-25		 3 months crt.sh
histats.com
R3		 2022-07-11 -
2022-10-09		 3 months crt.sh
directdexchange.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-16 -
2023-02-16		 a year crt.sh
torrent-protection.com
R3		 2022-06-04 -
2022-09-02		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://torrent-protection.com/download-now/?domain=totaladblock.com&hash=62851ebb652fc&s1=5cc839de65115c0001015b85&s2=62e8fb0d3eb86700012fb461&s3=3052727-730694942-0&action=download
Frame ID: D4450E239FB037BBEC44E18AF6013B93
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Chrome Notification

Page URL History Show full URLs

  1. https://sportstream.cpa-streamhd.com/register.php Page URL
  2. https://sportstream.cpa-streamhd.com/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=14963132 HTTP 302
    https://sportstream.cpa-streamhd.com/register.php Page URL
  3. https://www.affforce.com/scripts/un981c6l?a_aid=ad25bce2&a_bid=70577853&chan=code154 HTTP 301
    https://mcmo22.com/g?visitorid=2f9ddffc7e274ae59390QReWmdkQAhPE&refid=ad25bce2&bannerid=7057785... HTTP 302
    https://go.tffkroute.com/click?pid=6&offer_id=610&ref_id=2f9ddffc7e274ae59390QReWmdkQAhPE_ad25bce2_70... HTTP 302
    https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-6ad25bce2-610-5bb69849cab62e50008b4568 Page URL
  4. https://directdexchange.com/jump/next.php?stamat=m%257CYTYifrtjaQdHQAH0dEdHP3xP.644%252CS0kXXHXf2ck-DOZ9... HTTP 302
    https://directdexchange.com/script/i.php?stamat=m%257C%252C%252Cwjf7YhP6oGU3BJ-GH0dEdHP3xP.793%252CA9n1a... HTTP 302
    https://topsolutions.rdtk.io/6288a0ac6000420001399772?sub1=3052727-730694942-0&sub2=&sub3=298306620&sub4=... HTTP 302
    https://torrent-protection.com/download-now?domain=totaladblock.com&hash=62851ebb652fc&s1=5cc839de65115c000... HTTP 301
    https://torrent-protection.com/download-now/?domain=totaladblock.com&hash=62851ebb652fc&s1=5cc839de65115c00... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

100 %
HTTPS

50 %
IPv6

11
Domains

12
Subdomains

9
IPs

6
Countries

102 kB
Transfer

192 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sportstream.cpa-streamhd.com/register.php Page URL
  2. https://sportstream.cpa-streamhd.com/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=14963132 HTTP 302
    https://sportstream.cpa-streamhd.com/register.php Page URL
  3. https://www.affforce.com/scripts/un981c6l?a_aid=ad25bce2&a_bid=70577853&chan=code154 HTTP 301
    https://mcmo22.com/g?visitorid=2f9ddffc7e274ae59390QReWmdkQAhPE&refid=ad25bce2&bannerid=70577853&extra_data1=&extra_data2= HTTP 302
    https://go.tffkroute.com/click?pid=6&offer_id=610&ref_id=2f9ddffc7e274ae59390QReWmdkQAhPE_ad25bce2_70577853&sub1=ad25bce2&sub8= HTTP 302
    https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-6ad25bce2-610-5bb69849cab62e50008b4568 Page URL
  4. https://directdexchange.com/jump/next.php?stamat=m%257CYTYifrtjaQdHQAH0dEdHP3xP.644%252CS0kXXHXf2ck-DOZ9HRvwuCkSQcihnL3lXYK-n6MX9rikK_j_Uk6ixwI_VaZRTBElDTJAwOg8dI3XjK63Yo_i6M-s75fX_ppw5JzGcdWHkMKNJ89hurvHOcFladGU87mnkr6alAeHJNBHi3-xPVJJG1DS8jo25ce02WTDx3J_vR0%252C&cbpage=https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-6ad25bce2-610-5bb69849cab62e50008b4568&cbur=0.5687628636503392&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=https%3A%2F%2Fsportstream.cpa-streamhd.com%2F HTTP 302
    https://directdexchange.com/script/i.php?stamat=m%257C%252C%252Cwjf7YhP6oGU3BJ-GH0dEdHP3xP.793%252CA9n1aKlkdyOnc3w5icm1hkPrTtHrp-kYD1oUamQPthOtQ-uVdJG9eQ3Wt-cR4kNuhNLQ_MBxj_MZ97oz_40zE0mZ-v0FisCFi4jcnZy2jVo-5Lhfz7ZzUdyQoT1SE7Q7S4rtHCRVe6J8DLuhza1zv-Dz0U3YrWdRwZCMiNqCWrf7687uEGjhNvq1prMunhPTaJtrjKU5QwT1ZFamQp0ZamlQhaaZRMI6sSUd_JAoFuoEeX4f1X43dM8HJXlVJSfNs0mU9mKG6hlb1FUq3668u7MktC_kPc8yXNyKCErfvSO-LFrjfkJhRC1WonDxj37Pvoakja1zjQQjWytdSXX4kQ6_hW1au38aySdVFe6PGsSVEBy37pLI3ZotVhae8ds57HJl57ZiViFvXRGkJFEqzyzbYom5S4f9I4Kcc06zvfvgt1v5WW_okMFZ1JB7tnZ24mW1NDxitG-8CYEueTIXiRofYuHOAqTR91KGMb5x72nASKyylSWl6ngF2sTEw4TfBXxkGF8cjxAB8VAiU7yvTKm5WmEf9u7ilkB_Wh6UgtyXnK8q5qOZneM4eSIRervESKAlLbBPrlm14VoKd9o4yyJsdNVYZikHnpq1OThur1GjwBRGZtUI4P6E_paJVsL1Ckny4mVrj3Q9s9DjIv5Hjg%252C%252C HTTP 302
    https://topsolutions.rdtk.io/6288a0ac6000420001399772?sub1=3052727-730694942-0&sub2=&sub3=298306620&sub4=126766&sub5=1659435789&sub6=3052727&sub7=DE&sub8=1000&sub9=31173%20Services%20AB&ref_id=16594357883117783972103435585932753 HTTP 302
    https://torrent-protection.com/download-now?domain=totaladblock.com&hash=62851ebb652fc&s1=5cc839de65115c0001015b85&s2=62e8fb0d3eb86700012fb461&s3=3052727-730694942-0&action=download HTTP 301
    https://torrent-protection.com/download-now/?domain=totaladblock.com&hash=62851ebb652fc&s1=5cc839de65115c0001015b85&s2=62e8fb0d3eb86700012fb461&s3=3052727-730694942-0&action=download Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://sportstream.cpa-streamhd.com/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=14963132 HTTP 302
  • https://sportstream.cpa-streamhd.com/register.php
Request Chain 4
  • https://www.affforce.com/scripts/un981c6l?a_aid=ad25bce2&a_bid=70577853&chan=code154 HTTP 301
  • https://mcmo22.com/g?visitorid=2f9ddffc7e274ae59390QReWmdkQAhPE&refid=ad25bce2&bannerid=70577853&extra_data1=&extra_data2= HTTP 302
  • https://go.tffkroute.com/click?pid=6&offer_id=610&ref_id=2f9ddffc7e274ae59390QReWmdkQAhPE_ad25bce2_70577853&sub1=ad25bce2&sub8= HTTP 302
  • https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-6ad25bce2-610-5bb69849cab62e50008b4568

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
register.php
sportstream.cpa-streamhd.com/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sportstream.cpa-streamhd.com/register.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.130.231.11 , Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv98.niagahoster.com
Software
imunify360-webshield/1.18 /
Resource Hash
093908eaa027ee5c4565d788bcc2fbd163ef1454bba5e354c66239e6dba0c193

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
cf-edge-cache
no-cache
content-type
text/html
date
Tue, 02 Aug 2022 10:23:07 GMT
last-modified
Tuesday, 02-Aug-2022 10:23:07 GMT
server
imunify360-webshield/1.18
register.php
sportstream.cpa-streamhd.com/
Redirect Chain
  • https://sportstream.cpa-streamhd.com/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=14963132
  • https://sportstream.cpa-streamhd.com/register.php
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sportstream.cpa-streamhd.com/register.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.130.231.11 , Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv98.niagahoster.com
Software
imunify360-webshield/1.18 / Niagahoster
Resource Hash
3728204a9d7c9f05a884ff9a10afb6cae0414e60a5adbcc32f5a92fd7fe2da12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

Referer
https://sportstream.cpa-streamhd.com/register.php
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
1087
content-type
text/html; charset=UTF-8
date
Tue, 02 Aug 2022 10:23:07 GMT
server
imunify360-webshield/1.18
strict-transport-security
max-age=31536000
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-powered-by
Niagahoster
x-turbo-charged-by
LiteSpeed
x-xss-protection
1; mode=block;

Redirect headers

content-length
142
content-type
text/html
date
Tue, 02 Aug 2022 10:23:07 GMT
location
https://sportstream.cpa-streamhd.com/register.php
server
imunify360-webshield/1.18
js15_as.js
s10.histats.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: sportstream.cpa-streamhd.com
URL: https://sportstream.cpa-streamhd.com/register.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sportstream.cpa-streamhd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 10:15:04 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"-375139978"
x-cacheable
Matched cache
content-type
text/javascript
x-cdn-pop
sbg
accept-ranges
bytes
content-length
4364
x-request-id
187891763
0.php
s4.histats.com/stats/ 		48 B
182 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4430377&@f16&@g1&@h1&@i1&@j1659435787725&@k0&@l1&@mRegister&@n0&@ohttps%3A%2F%2Fsportstream.cpa-streamhd.com%2Fregister.php&@q0&@r0&@s0&@ten-US&@u1600&@b1:161981883&@b3:1659435788&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fsportstream.cpa-streamhd.com%2Fregister.php&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.13.63 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns504751.ip-192-99-13.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sportstream.cpa-streamhd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Tue, 02 Aug 2022 10:23:07 GMT
Connection
close
Content-Length
48
Content-Type
text/html;charset=UTF-8
next.php
directdexchange.com/jump/
Redirect Chain
  • https://www.affforce.com/scripts/un981c6l?a_aid=ad25bce2&a_bid=70577853&chan=code154
  • https://mcmo22.com/g?visitorid=2f9ddffc7e274ae59390QReWmdkQAhPE&refid=ad25bce2&bannerid=70577853&extra_data1=&extra_data2=
  • https://go.tffkroute.com/click?pid=6&offer_id=610&ref_id=2f9ddffc7e274ae59390QReWmdkQAhPE_ad25bce2_70577853&sub1=ad25bce2&sub8=
  • https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-6ad25bce2-610-5bb69849cab62e50008b4568
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-6ad25bce2-610-5bb69849cab62e50008b4568
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.70.46 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
46.70.201.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Referer
https://sportstream.cpa-streamhd.com/register.php
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 02 Aug 2022 10:23:08 GMT
server
openresty
via
1.1 google

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
734618adb8fd9b5b-FRA
content-length
0
date
Tue, 02 Aug 2022 10:23:08 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-6ad25bce2-610-5bb69849cab62e50008b4568
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GDNsZWRJhWs3LGlnKUblpRQnGWaXQTkabGckNiSUPMGbjdNrZaT3SShJ9lCjwgsG9JScAbzO3V2lGNJ91ARCo3XoiF1ruLLKI%2F1LdS4Daa0%2FFhPicuITN1%2Fs0wUuZuNI5sKq%2BGolTPfX5pHZ%2FyAC"}],"group":"cf-nel","max_age":604800}
server
cloudflare
Primary Request /
torrent-protection.com/download-now/
Redirect Chain
  • https://directdexchange.com/jump/next.php?stamat=m%257CYTYifrtjaQdHQAH0dEdHP3xP.644%252CS0kXXHXf2ck-DOZ9HRvwuCkSQcihnL3lXYK-n6MX9rikK_j_Uk6ixwI_VaZRTBElDTJAwOg8dI3XjK63Yo_i6M-s75fX_ppw5JzGcdWHkMKNJ...
  • https://directdexchange.com/script/i.php?stamat=m%257C%252C%252Cwjf7YhP6oGU3BJ-GH0dEdHP3xP.793%252CA9n1aKlkdyOnc3w5icm1hkPrTtHrp-kYD1oUamQPthOtQ-uVdJG9eQ3Wt-cR4kNuhNLQ_MBxj_MZ97oz_40zE0mZ-v0FisCFi4...
  • https://topsolutions.rdtk.io/6288a0ac6000420001399772?sub1=3052727-730694942-0&sub2=&sub3=298306620&sub4=126766&sub5=1659435789&sub6=3052727&sub7=DE&sub8=1000&sub9=31173%20Services%20AB&ref_id=1659...
  • https://torrent-protection.com/download-now?domain=totaladblock.com&hash=62851ebb652fc&s1=5cc839de65115c0001015b85&s2=62e8fb0d3eb86700012fb461&s3=3052727-730694942-0&action=download
  • https://torrent-protection.com/download-now/?domain=totaladblock.com&hash=62851ebb652fc&s1=5cc839de65115c0001015b85&s2=62e8fb0d3eb86700012fb461&s3=3052727-730694942-0&action=download
15 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://torrent-protection.com/download-now/?domain=totaladblock.com&hash=62851ebb652fc&s1=5cc839de65115c0001015b85&s2=62e8fb0d3eb86700012fb461&s3=3052727-730694942-0&action=download
Requested by
Host: directdexchange.com
URL: https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-6ad25bce2-610-5bb69849cab62e50008b4568
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
167.99.123.14 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
torrent-protection.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
28ff93557876ccda920d75b5476fadfb6da2c19f838f455cdc2231f494e0ca56

Request headers

Referer
https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-6ad25bce2-610-5bb69849cab62e50008b4568
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 02 Aug 2022 10:23:09 GMT
ETag
W/"6287b728-3a2b"
Last-Modified
Fri, 20 May 2022 15:43:36 GMT
Server
nginx/1.15.9 (Ubuntu)
Transfer-Encoding
chunked

Redirect headers

Connection
keep-alive
Content-Length
178
Content-Type
text/html
Date
Tue, 02 Aug 2022 10:23:09 GMT
Location
https://torrent-protection.com/download-now/?domain=totaladblock.com&hash=62851ebb652fc&s1=5cc839de65115c0001015b85&s2=62e8fb0d3eb86700012fb461&s3=3052727-730694942-0&action=download
Server
nginx/1.15.9 (Ubuntu)
jquery-1.12.0.min.js
code.jquery.com/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.12.0.min.js
Requested by
Host: torrent-protection.com
URL: https://torrent-protection.com/download-now/?domain=totaladblock.com&hash=62851ebb652fc&s1=5cc839de65115c0001015b85&s2=62e8fb0d3eb86700012fb461&s3=3052727-730694942-0&action=download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torrent-protection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 10:23:09 GMT
content-encoding
gzip
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
etag
W/"28feccc0-17c52"
vary
Accept-Encoding
x-hw
1659435789.dop252.am5.t,1659435789.cds152.am5.hn,1659435789.cds304.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33820
css
fonts.googleapis.com/ 		8 KB
803 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700,800&display=swap
Requested by
Host: torrent-protection.com
URL: https://torrent-protection.com/download-now/?domain=totaladblock.com&hash=62851ebb652fc&s1=5cc839de65115c0001015b85&s2=62e8fb0d3eb86700012fb461&s3=3052727-730694942-0&action=download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e49ee088cd86197f04c4a2d139e1ab3dd93df92007a68cacd12ee12439cba0c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torrent-protection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 02 Aug 2022 08:27:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 02 Aug 2022 10:23:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Aug 2022 10:23:09 GMT
css
fonts.googleapis.com/ 		1 KB
992 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Varela+Round&display=swap
Requested by
Host: torrent-protection.com
URL: https://torrent-protection.com/download-now/?domain=totaladblock.com&hash=62851ebb652fc&s1=5cc839de65115c0001015b85&s2=62e8fb0d3eb86700012fb461&s3=3052727-730694942-0&action=download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
caa761f345bab156984d7a0a5c51062cbc19dbecf61dc28a7972756bda9dc914
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torrent-protection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 02 Aug 2022 10:15:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 02 Aug 2022 10:23:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Aug 2022 10:23:09 GMT
gear.png
torrent-protection.com/download-now/img/ 		564 B
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://torrent-protection.com/download-now/img/gear.png
Requested by
Host: torrent-protection.com
URL: https://torrent-protection.com/download-now/?domain=totaladblock.com&hash=62851ebb652fc&s1=5cc839de65115c0001015b85&s2=62e8fb0d3eb86700012fb461&s3=3052727-730694942-0&action=download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
167.99.123.14 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
torrent-protection.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
2b56c868a0a996954007f9295569d73a1b9e586aed9ba1e981d7d7012dc9f518

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torrent-protection.com/download-now/?domain=totaladblock.com&hash=62851ebb652fc&s1=5cc839de65115c0001015b85&s2=62e8fb0d3eb86700012fb461&s3=3052727-730694942-0&action=download
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Tue, 02 Aug 2022 10:23:09 GMT
Content-Encoding
gzip
Server
nginx/1.15.9 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
ChromeWebStore_Badge_v2_340x96.png
torrent-protection.com/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://torrent-protection.com/images/ChromeWebStore_Badge_v2_340x96.png
Requested by
Host: torrent-protection.com
URL: https://torrent-protection.com/download-now/?domain=totaladblock.com&hash=62851ebb652fc&s1=5cc839de65115c0001015b85&s2=62e8fb0d3eb86700012fb461&s3=3052727-730694942-0&action=download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
167.99.123.14 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
torrent-protection.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
f49e4bff319083c20b3386f23547315773631e155e389ed42550295e4913e12d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torrent-protection.com/download-now/?domain=totaladblock.com&hash=62851ebb652fc&s1=5cc839de65115c0001015b85&s2=62e8fb0d3eb86700012fb461&s3=3052727-730694942-0&action=download
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Tue, 02 Aug 2022 10:23:09 GMT
Last-Modified
Tue, 26 Jul 2022 19:54:18 GMT
Server
nginx/1.15.9 (Ubuntu)
ETag
"62e0466a-1608"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5640
truncated
/ 		173 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e32d99e816a42958b9473f470a2600963602981007576d85220044e6137965b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://torrent-protection.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 23:32:09 GMT
x-content-type-options
nosniff
age
39060
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 01 Aug 2023 23:32:09 GMT

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| getUrlVars function| buildUrl string| url boolean| isOpera boolean| isFirefox boolean| isSafari boolean| isIE boolean| isEdge boolean| isChrome boolean| isEdgeChromium boolean| isBlink undefined| source string| navlangue undefined| checker function| chromeinitcontrol

11 Cookies

Domain/Path Name / Value
.sportstream.cpa-streamhd.com/ Name: wschkid
Value: dfa72fed3c1b24aef162214fe311a5b5d5811477.1659522187.1
sportstream.cpa-streamhd.com/ Name: HstCfa4430377
Value: 1659435787725
sportstream.cpa-streamhd.com/ Name: HstCla4430377
Value: 1659435787725
sportstream.cpa-streamhd.com/ Name: HstCmu4430377
Value: 1659435787725
sportstream.cpa-streamhd.com/ Name: HstPn4430377
Value: 1
sportstream.cpa-streamhd.com/ Name: HstPt4430377
Value: 1
sportstream.cpa-streamhd.com/ Name: HstCnv4430377
Value: 1
sportstream.cpa-streamhd.com/ Name: HstCns4430377
Value: 1
www.affforce.com/ Name: PAPVisitorId
Value: 2f9ddffc7e274ae59390QReWmdkQAhPE
.affforce.com/ Name: __cf_bm
Value: ycIzZccdPYfqJ3yqinJK79zIhLA7g77fhkPk9KlxJB0-1659435788-0-AdyYSDc67whg8maBtflNewvj/X6+FXugcuivBZ96Mv1rLpDKyrewkzJvs99zPe2o0uJEPNSdIHuiHCmzdM0nvV8=
.topsolutions.rdtk.io/ Name: redhash
Value: NjJlOGZiMGQzZWI4NjcwMDAxMmZiNDYxfDB8NjI4OGEwYWM2MDAwNDIwMDAxMzk5NzcyfHw1ODQ2ODg5Yi0zNGNkLTRmN2QtYjhmMy0zOGQ3NWU1NmUwNGJ8MTY1OTQzNTc4OQ==

1 Console Messages

Source Level URL
Text
network error URL: https://torrent-protection.com/download-now/img/gear.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)