lostnzttu.win Open in urlscan Pro
37.49.225.128  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set ztjpjt1 Show response lostnzttu.win/23843/2129/	40 KB 40 KB	217ms 132ms	Document text/html	37.49.225.128 CLOUDSTAR CLOUD S...
General Check archive.org Show headers Download Go to Full URL https://lostnzttu.win/23843/2129/ztjpjt1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 37.49.225.128 , Netherlands, ASN199264 (CLOUDSTAR CLOUD STAR HOSTING SERVICES, EE), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET ARR/3.0 Resource Hash 25f37557fe805864aa9df68034b8bdfc8d1cc5e0af877874c12612689d77532c Request headers Host lostnzttu.win Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Cache-Control private Content-Type text/html; charset=utf-8 Server Microsoft-IIS/8.5 Set-Cookie ASP.NET_SessionId=o5qisgebc5ommgktenllru3r; path=/; HttpOnly X-AspNet-Version 4.0.30319 X-AspNetMvc-Version 3.0 X-Powered-By ASP.NET ARR/3.0 Date Wed, 23 Jan 2019 18:55:28 GMT Content-Length 40934
GET H/1.1	200 OK	base_css lostnzttu.win/Content/	15 KB 15 KB	124ms 107ms	Stylesheet text/css	37.49.225.128 CLOUDSTAR CLOUD S...
General Check archive.org Show headers Download Go to Full URL https://lostnzttu.win/Content/base_css?v=1d-1cfSqt6lOwl5heyrpAxjL1U7gghxeKvIiUv6U_MQ1 Requested by Host: lostnzttu.win URL: https://lostnzttu.win/23843/2129/ztjpjt1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 37.49.225.128 , Netherlands, ASN199264 (CLOUDSTAR CLOUD STAR HOSTING SERVICES, EE), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET ARR/3.0 Resource Hash 2d7dd4d6e3748957bac988c43c39edc346b24cfa888d8756085992d731a6fafd Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host lostnzttu.win User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,*/*;q=0.1 Referer https://lostnzttu.win/23843/2129/ztjpjt1 Cookie ASP.NET_SessionId=o5qisgebc5ommgktenllru3r Connection keep-alive Cache-Control no-cache Referer https://lostnzttu.win/23843/2129/ztjpjt1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 23 Jan 2019 18:55:29 GMT Last-Modified Wed, 23 Jan 2019 18:55:22 GMT Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET ARR/3.0 Vary User-Agent Content-Type text/css; charset=utf-8 Cache-Control public Content-Length 14851 Expires Thu, 23 Jan 2020 18:55:22 GMT
GET H/1.1	200 OK	flash_css lostnzttu.win/Content/	2 KB 2 KB	171ms 105ms	Stylesheet text/css	37.49.225.128 CLOUDSTAR CLOUD S...
General Check archive.org Show headers Download Go to Full URL https://lostnzttu.win/Content/flash_css?v=pcy3QTtIAumBmh_QlYajoAIOIPrfWsV2WqpOlMAPq2k1 Requested by Host: lostnzttu.win URL: https://lostnzttu.win/23843/2129/ztjpjt1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 37.49.225.128 , Netherlands, ASN199264 (CLOUDSTAR CLOUD STAR HOSTING SERVICES, EE), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET ARR/3.0 Resource Hash 949f46d96711a7ffce1dac0c13790b11ed7a32d178956409ebfc6f8ecdd156f7 Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host lostnzttu.win User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,*/*;q=0.1 Referer https://lostnzttu.win/23843/2129/ztjpjt1 Cookie ASP.NET_SessionId=o5qisgebc5ommgktenllru3r Connection keep-alive Cache-Control no-cache Referer https://lostnzttu.win/23843/2129/ztjpjt1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 23 Jan 2019 18:55:29 GMT Last-Modified Wed, 23 Jan 2019 18:55:21 GMT Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET ARR/3.0 Vary User-Agent Content-Type text/css; charset=utf-8 Cache-Control public Content-Length 1655 Expires Thu, 23 Jan 2020 18:55:21 GMT
GET H/1.1	200 OK	active_button_css lostnzttu.win/Content/	5 KB 5 KB	188ms 121ms	Stylesheet text/css	37.49.225.128 CLOUDSTAR CLOUD S...
General Check archive.org Show headers Download Go to Full URL https://lostnzttu.win/Content/active_button_css?v=iTRsNsUvfneuRRI3zCGwBvpFjQU1rTPhFuMjh8G1RCg1 Requested by Host: lostnzttu.win URL: https://lostnzttu.win/23843/2129/ztjpjt1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 37.49.225.128 , Netherlands, ASN199264 (CLOUDSTAR CLOUD STAR HOSTING SERVICES, EE), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET ARR/3.0 Resource Hash e191076b8f3a210c2e2c61ea950c789b2bada1c3652e03c65b55fe799f457049 Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host lostnzttu.win User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,*/*;q=0.1 Referer https://lostnzttu.win/23843/2129/ztjpjt1 Cookie ASP.NET_SessionId=o5qisgebc5ommgktenllru3r Connection keep-alive Cache-Control no-cache Referer https://lostnzttu.win/23843/2129/ztjpjt1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 23 Jan 2019 18:55:29 GMT Last-Modified Wed, 23 Jan 2019 18:55:19 GMT Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET ARR/3.0 Vary User-Agent Content-Type text/css; charset=utf-8 Cache-Control public Content-Length 5034 Expires Thu, 23 Jan 2020 18:55:19 GMT
GET H2	200	firebase-app.js Show response www.gstatic.com/firebasejs/5.7.3/	34 KB 12 KB	9ms 6ms	Script text/javascript	2a00:1450:4001:818::2003 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/5.7.3/firebase-app.js Requested by Host: lostnzttu.win URL: https://lostnzttu.win/23843/2129/ztjpjt1 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a00:1450:4001:818::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash df39ec8aaf003a7905e27806a4f7ad048ae514979a76ee4b4eaabafc2f996abc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://lostnzttu.win/23843/2129/ztjpjt1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 23 Jan 2019 12:55:51 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 10 Jan 2019 22:17:13 GMT server sffe age 21577 vary Accept-Encoding content-type text/javascript; charset=UTF-8 status 200 cache-control public, max-age=31536000 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="44,43,39" content-length 12439 x-xss-protection 1; mode=block expires Thu, 23 Jan 2020 12:55:51 GMT
GET H2	200	firebase-messaging.js Show response www.gstatic.com/firebasejs/5.7.3/	35 KB 10 KB	10ms 7ms	Script text/javascript	2a00:1450:4001:818::2003 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/5.7.3/firebase-messaging.js Requested by Host: lostnzttu.win URL: https://lostnzttu.win/23843/2129/ztjpjt1 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a00:1450:4001:818::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 55b61bb491d81d60e6c1aa84b59bfc94e96cbbf510138720c2e1536c7ebd1ba8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://lostnzttu.win/23843/2129/ztjpjt1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Fri, 11 Jan 2019 10:22:50 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 10 Jan 2019 22:17:19 GMT server sffe age 1067558 vary Accept-Encoding content-type text/javascript; charset=UTF-8 status 200 cache-control public, max-age=31536000 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="44,43,39" content-length 10096 x-xss-protection 1; mode=block expires Sat, 11 Jan 2020 10:22:50 GMT
GET H2	200	firebase-auth.js Show response www.gstatic.com/firebasejs/5.7.3/	152 KB 48 KB	10ms 7ms	Script text/javascript	2a00:1450:4001:818::2003 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/5.7.3/firebase-auth.js Requested by Host: lostnzttu.win URL: https://lostnzttu.win/23843/2129/ztjpjt1 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a00:1450:4001:818::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 25f25212b63ff97cdd858595e5ca9c5f94d5a0eb2af2745152b71800e2c34859 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://lostnzttu.win/23843/2129/ztjpjt1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Fri, 11 Jan 2019 10:22:50 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 10 Jan 2019 22:17:19 GMT server sffe age 1067558 vary Accept-Encoding content-type text/javascript; charset=UTF-8 status 200 cache-control public, max-age=31536000 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="44,43,39" content-length 49130 x-xss-protection 1; mode=block expires Sat, 11 Jan 2020 10:22:50 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.8.1/	91 KB 33 KB	8ms 6ms	Script text/javascript	2a00:1450:4001:816::200a Google LLC
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.8.1/jquery.min.js Requested by Host: lostnzttu.win URL: https://lostnzttu.win/23843/2129/ztjpjt1 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a00:1450:4001:816::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash fc184f96dd18794e204c41075a00923be7e8e568744231d74f2fdf8921f78d29 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://lostnzttu.win/23843/2129/ztjpjt1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Thu, 20 Dec 2018 10:09:47 GMT content-encoding gzip x-content-type-options nosniff age 2969141 status 200 alt-svc quic=":443"; ma=2592000; v="44,43,39" content-length 33396 x-xss-protection 1; mode=block last-modified Tue, 20 Dec 2016 18:17:03 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Fri, 20 Dec 2019 10:09:47 GMT
GET H/1.1	200 OK	moment-with-locales.min.js Show response lostnzttu.win/scripts/	328 KB 65 KB	202ms 138ms	Script application/javascript	37.49.225.128 CLOUDSTAR CLOUD S...
General Check archive.org Show headers Download Go to Full URL https://lostnzttu.win/scripts/moment-with-locales.min.js Requested by Host: lostnzttu.win URL: https://lostnzttu.win/23843/2129/ztjpjt1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 37.49.225.128 , Netherlands, ASN199264 (CLOUDSTAR CLOUD STAR HOSTING SERVICES, EE), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET ARR/3.0 Resource Hash 4315dd1f5d46219a2caa6b006dab3bc5a30447f30685d8e477a616427710ca3f Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host lostnzttu.win User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept */* Referer https://lostnzttu.win/23843/2129/ztjpjt1 Cookie ASP.NET_SessionId=o5qisgebc5ommgktenllru3r Connection keep-alive Cache-Control no-cache Referer https://lostnzttu.win/23843/2129/ztjpjt1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 23 Jan 2019 18:55:29 GMT Content-Encoding gzip Last-Modified Fri, 18 Jan 2019 16:08:34 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ARR/3.0 ETag "0ade8f48afd41:0" Vary Accept-Encoding Content-Type application/javascript Accept-Ranges bytes Content-Length 66729
GET H/1.1	200 OK	helpers Show response lostnzttu.win/Scripts/	8 KB 8 KB	189ms 123ms	Script text/javascript	37.49.225.128 CLOUDSTAR CLOUD S...
General Check archive.org Show headers Download Go to Full URL https://lostnzttu.win/Scripts/helpers?v=jl0dnMa1Mj7nUjzvl4qPSaf1uYI7zmel6ZBZGpQuj0I1 Requested by Host: lostnzttu.win URL: https://lostnzttu.win/23843/2129/ztjpjt1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 37.49.225.128 , Netherlands, ASN199264 (CLOUDSTAR CLOUD STAR HOSTING SERVICES, EE), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET ARR/3.0 Resource Hash 62fd34d2c1be2bb0bb61b54e12f72f5700df265a7ea418bbc0d1785e227630e6 Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host lostnzttu.win User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept */* Referer https://lostnzttu.win/23843/2129/ztjpjt1 Cookie ASP.NET_SessionId=o5qisgebc5ommgktenllru3r Connection keep-alive Cache-Control no-cache Referer https://lostnzttu.win/23843/2129/ztjpjt1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 23 Jan 2019 18:55:29 GMT Last-Modified Wed, 23 Jan 2019 18:55:22 GMT Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET ARR/3.0 Vary User-Agent Content-Type text/javascript; charset=utf-8 Cache-Control public Content-Length 7681 Expires Thu, 23 Jan 2020 18:55:22 GMT
GET H/1.1	200 OK	dl.min.js Show response js.todayfarmmega.com/	2 KB 2 KB	67ms 9ms	Script application/javascript	13.32.223.150 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://js.todayfarmmega.com/dl.min.js Requested by Host: lostnzttu.win URL: https://lostnzttu.win/23843/2129/ztjpjt1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.32.223.150 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-32-223-150.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 1bcbdee1992f8dbbc4c7f0254dad16177c9b55b61362a526bc195021dcc6b43c Request headers Referer https://lostnzttu.win/23843/2129/ztjpjt1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers x-amz-version-id H5OfjQy3fzxA6DeObHxfWFZbL_n_0a9n Via 1.1 9be2d2d7560f88bdc5d5a3a94863566a.cloudfront.net (CloudFront) Last-Modified Tue, 10 Apr 2018 05:12:15 GMT Server AmazonS3 Age 56438 ETag "d28c723c4d3857cac4ec0071afd843c8" X-Cache Hit from cloudfront Content-Type application/javascript Date Wed, 23 Jan 2019 05:29:47 GMT Connection keep-alive Accept-Ranges bytes Content-Length 1836 X-Amz-Cf-Id eJoutyWAv0zOPPtl86RU0EU-WkhzXCsu3CUXBC6_fGk23WD1HJL5TA==
GET H/1.1	200 OK	a_background2_black_nix.jpg lostnzttu.win/Content/images/adb/	21 KB 21 KB	113ms 48ms	Image image/jpeg	37.49.225.128 CLOUDSTAR CLOUD S...
General Check archive.org Show headers Download Go to Show image Full URL https://lostnzttu.win/Content/images/adb/a_background2_black_nix.jpg Requested by Host: lostnzttu.win URL: https://lostnzttu.win/23843/2129/ztjpjt1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 37.49.225.128 , Netherlands, ASN199264 (CLOUDSTAR CLOUD STAR HOSTING SERVICES, EE), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET ARR/3.0 Resource Hash 4c97f1c036da0ed4b852977b74144ea2e81d2491b8c2c37472674a2ea27aa070 Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host lostnzttu.win User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer https://lostnzttu.win/23843/2129/ztjpjt1 Cookie ASP.NET_SessionId=o5qisgebc5ommgktenllru3r Connection keep-alive Cache-Control no-cache Referer https://lostnzttu.win/23843/2129/ztjpjt1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 23 Jan 2019 18:55:29 GMT Last-Modified Thu, 30 Nov 2017 16:04:10 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ARR/3.0 ETag "0f988dbf469d31:0" Content-Type image/jpeg Cache-Control max-age=1800 Accept-Ranges bytes Content-Length 21082
GET H/1.1	200 OK	ntfc.php Show response propu.sh/	58 KB 18 KB	119ms 44ms	Script application/javascript	188.72.202.153 WEBZILLA
General Check archive.org Show headers Download Go to Full URL https://propu.sh/ntfc.php?p=2317666 Requested by Host: lostnzttu.win URL: https://lostnzttu.win/23843/2129/ztjpjt1 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 188.72.202.153 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / Resource Hash 344bea8e777339a3dcfe5f2e24f8eadeb9d4cac79beeb5febca106beeb6d660e Request headers Referer https://lostnzttu.win/23843/2129/ztjpjt1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Pragma no-cache Date Wed, 23 Jan 2019 18:55:28 GMT Content-Encoding gzip Content-Type application/javascript; charset=utf-8 Server nginx Transfer-Encoding chunked Access-Control-Allow-Methods GET, POST, OPTIONS P3P CP="CUR ADM OUR NOR STA NID" Access-Control-Max-Age 86400 Cache-Control private, max-age=0, no-cache Access-Control-Allow-Credentials true Connection keep-alive Timing-Allow-Origin * Access-Control-Allow-Headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type Expires Mon, 26 Jul 1997 05:00:00 GMT
GET H/1.1	200 OK	chrome_download_hint.png lostnzttu.win/Content/images/	43 KB 44 KB	19ms 18ms	Image image/png	37.49.225.128 CLOUDSTAR CLOUD S...
General Check archive.org Show headers Download Go to Show image Full URL https://lostnzttu.win/Content/images/chrome_download_hint.png Requested by Host: lostnzttu.win URL: https://lostnzttu.win/23843/2129/ztjpjt1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 37.49.225.128 , Netherlands, ASN199264 (CLOUDSTAR CLOUD STAR HOSTING SERVICES, EE), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET ARR/3.0 Resource Hash 5eef9bfd1e1c6f0685e94d978935e4f16d3fb691c5eae905e024bed51870036c Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host lostnzttu.win User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer https://lostnzttu.win/23843/2129/ztjpjt1 Cookie ASP.NET_SessionId=o5qisgebc5ommgktenllru3r Connection keep-alive Cache-Control no-cache Referer https://lostnzttu.win/23843/2129/ztjpjt1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 23 Jan 2019 18:55:29 GMT Last-Modified Wed, 12 Mar 2014 20:28:16 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ARR/3.0 ETag "0701a99313ecf1:0" Content-Type image/png Cache-Control max-age=1800 Accept-Ranges bytes Content-Length 44499
GET H/1.1	200 OK	chrome_arrow_anim.gif lostnzttu.win/Content/images/	45 KB 46 KB	35ms 34ms	Image image/gif	37.49.225.128 CLOUDSTAR CLOUD S...
General Check archive.org Show headers Download Go to Show image Full URL https://lostnzttu.win/Content/images/chrome_arrow_anim.gif Requested by Host: lostnzttu.win URL: https://lostnzttu.win/23843/2129/ztjpjt1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 37.49.225.128 , Netherlands, ASN199264 (CLOUDSTAR CLOUD STAR HOSTING SERVICES, EE), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET ARR/3.0 Resource Hash cd382d6980e8d10218ce992e8269ce320d5929e1391a7c1aa60c5a1271fef9f7 Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host lostnzttu.win User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer https://lostnzttu.win/23843/2129/ztjpjt1 Cookie ASP.NET_SessionId=o5qisgebc5ommgktenllru3r Connection keep-alive Cache-Control no-cache Referer https://lostnzttu.win/23843/2129/ztjpjt1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 23 Jan 2019 18:55:29 GMT Last-Modified Mon, 01 Jun 2015 19:01:30 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ARR/3.0 ETag "061525e9d9cd01:0" Content-Type image/gif Cache-Control max-age=1800 Accept-Ranges bytes Content-Length 46436
GET H/1.1	200 OK	chrome_download_hint_anim.png lostnzttu.win/Content/images/	29 KB 29 KB	41ms 40ms	Image image/png	37.49.225.128 CLOUDSTAR CLOUD S...
General Check archive.org Show headers Download Go to Show image Full URL https://lostnzttu.win/Content/images/chrome_download_hint_anim.png Requested by Host: lostnzttu.win URL: https://lostnzttu.win/23843/2129/ztjpjt1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 37.49.225.128 , Netherlands, ASN199264 (CLOUDSTAR CLOUD STAR HOSTING SERVICES, EE), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET ARR/3.0 Resource Hash 3e33c9e75db75250803ce6c78965bc28c36a52f2417d6fe15b030801f221963d Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host lostnzttu.win User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer https://lostnzttu.win/23843/2129/ztjpjt1 Cookie ASP.NET_SessionId=o5qisgebc5ommgktenllru3r Connection keep-alive Cache-Control no-cache Referer https://lostnzttu.win/23843/2129/ztjpjt1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 23 Jan 2019 18:55:29 GMT Last-Modified Mon, 01 Jun 2015 19:02:56 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ARR/3.0 ETag "0f094919d9cd01:0" Content-Type image/png Cache-Control max-age=1800 Accept-Ranges bytes Content-Length 29477
POST H/1.1	200 OK	Refresh Show response lostnzttu.win/Download/	97 B 372 B	280ms 280ms	XHR application/json	37.49.225.128 CLOUDSTAR CLOUD S...
General Check archive.org Show headers Download Go to Full URL https://lostnzttu.win/Download/Refresh?lpm_id=2129&page=/23843/2129/ztjpjt1 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.1/jquery.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 37.49.225.128 , Netherlands, ASN199264 (CLOUDSTAR CLOUD STAR HOSTING SERVICES, EE), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET ARR/3.0 Resource Hash f9e8a0100118ffc8e7afd14cca21932ddc045d048ee82a5fb6bda071bef37aa5 Request headers Pragma no-cache Origin https://lostnzttu.win Accept-Encoding gzip, deflate, br Host lostnzttu.win User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept application/json, text/javascript, */*; q=0.01 Cache-Control no-cache X-Requested-With XMLHttpRequest Cookie ASP.NET_SessionId=o5qisgebc5ommgktenllru3r Connection keep-alive Referer https://lostnzttu.win/23843/2129/ztjpjt1 Content-Length 0 Accept application/json, text/javascript, */*; q=0.01 Referer https://lostnzttu.win/23843/2129/ztjpjt1 Origin https://lostnzttu.win X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 23 Jan 2019 18:55:29 GMT X-AspNetMvc-Version 3.0 Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET ARR/3.0 Content-Type application/json; charset=utf-8 Cache-Control private Content-Length 97

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| core object| __core-js_shared__ object| firebase object| config function| sendTokenToServer function| isTokenSentToServer function| setTokenSentToServer function| requestPermission function| getToken function| $ function| jQuery function| moment function| userConversion function| showDownloadHint function| hideDownloadHint function| addOverlay function| hideOverlay function| addDownloadHint function| addDownloadHint2 function| eventFire function| trigger_dl function| trigger_forced_dl object| browser boolean| downloaded boolean| interstitialShown object| ADNL object| adVars boolean| CloseModalOnReturn function| mobileAndTabletcheck function| doDownload function| beforeyouleave function| userMouse function| showExitInterstitial function| checkUserExit function| show2ndOffer function| showInterstitial function| refreshDownloadLink object| jQuery181013449864705218784 boolean| installOnFly

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			lostnzttu.win/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: o5qisgebc5ommgktenllru3r

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
js.todayfarmmega.com
lostnzttu.win
propu.sh
www.gstatic.com
13.32.223.150
188.72.202.153
2a00:1450:4001:816::200a
2a00:1450:4001:818::2003
37.49.225.128
1bcbdee1992f8dbbc4c7f0254dad16177c9b55b61362a526bc195021dcc6b43c
25f25212b63ff97cdd858595e5ca9c5f94d5a0eb2af2745152b71800e2c34859
25f37557fe805864aa9df68034b8bdfc8d1cc5e0af877874c12612689d77532c
2d7dd4d6e3748957bac988c43c39edc346b24cfa888d8756085992d731a6fafd
344bea8e777339a3dcfe5f2e24f8eadeb9d4cac79beeb5febca106beeb6d660e
3e33c9e75db75250803ce6c78965bc28c36a52f2417d6fe15b030801f221963d
4315dd1f5d46219a2caa6b006dab3bc5a30447f30685d8e477a616427710ca3f
4c97f1c036da0ed4b852977b74144ea2e81d2491b8c2c37472674a2ea27aa070
55b61bb491d81d60e6c1aa84b59bfc94e96cbbf510138720c2e1536c7ebd1ba8
5eef9bfd1e1c6f0685e94d978935e4f16d3fb691c5eae905e024bed51870036c
62fd34d2c1be2bb0bb61b54e12f72f5700df265a7ea418bbc0d1785e227630e6
949f46d96711a7ffce1dac0c13790b11ed7a32d178956409ebfc6f8ecdd156f7
cd382d6980e8d10218ce992e8269ce320d5929e1391a7c1aa60c5a1271fef9f7
df39ec8aaf003a7905e27806a4f7ad048ae514979a76ee4b4eaabafc2f996abc
e191076b8f3a210c2e2c61ea950c789b2bada1c3652e03c65b55fe799f457049
f9e8a0100118ffc8e7afd14cca21932ddc045d048ee82a5fb6bda071bef37aa5
fc184f96dd18794e204c41075a00923be7e8e568744231d74f2fdf8921f78d29