urlscan.io logo urlscan.io
SecurityTrails logo

lltrco.com Open in urlscan Pro
172.67.128.22  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://view.tivamovie.click/
Effective URL: https://lltrco.com/?r=miguel322&ai=91237&at=a
Submission: On May 04 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 16 HTTP transactions. The main IP is 172.67.128.22, located in United States and belongs to CLOUDFLARENET, US. The main domain is lltrco.com.
TLS certificate: Issued by GTS CA 1P5 on April 11th 2024. Valid for: 3 months.
This is the only time lltrco.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 68.65.122.140 22612 (NAMECHEAP...)
1 2 52.86.13.191 14618 (AMAZON-AES)
1 4 172.67.128.22 13335 (CLOUDFLAR...)
3 2606:4700:303... 13335 (CLOUDFLAR...)
1 104.17.24.14 13335 (CLOUDFLAR...)
1 2a04:4e42:600... 54113 (FASTLY)
1 188.114.96.3 13335 (CLOUDFLAR...)
1 172.67.183.240 13335 (CLOUDFLAR...)
3 188.114.97.3 13335 (CLOUDFLAR...)
16 10
1    68.65.122.140 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server167-3.web-hosting.com
view.tivamovie.click
2    52.86.13.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-13-191.compute-1.amazonaws.com
p.rapolok.com
4    172.67.128.22 (United States)

ASN13335 (CLOUDFLARENET, US)
lltrco.com
3    2606:4700:3037::ac43:8ef5 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
lllpg.com
1    172.67.183.240 (United States)

ASN13335 (CLOUDFLARENET, US)
llclick.com
3    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
imgad.llsvr.com
Apex Domain
Subdomains		 Transfer
4 lltrco.com
lltrco.com
12 KB
3 llsvr.com
imgad.llsvr.com
96 KB
3 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1230
95 KB
2 rapolok.com
p.rapolok.com — Cisco Umbrella Rank: 207287
585 B
1 llclick.com
llclick.com
1 lllpg.com
lllpg.com
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 776
63 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
27 KB
1 tivamovie.click
view.tivamovie.click
927 B
16 9
Domain Requested by
4 lltrco.com 1 redirects p.rapolok.com
lltrco.com
cdnjs.cloudflare.com
3 imgad.llsvr.com lltrco.com
3 use.fontawesome.com lltrco.com
use.fontawesome.com
2 p.rapolok.com 1 redirects view.tivamovie.click
1 llclick.com lltrco.com
1 lllpg.com lltrco.com
1 code.jquery.com lltrco.com
1 cdnjs.cloudflare.com lltrco.com
1 view.tivamovie.click
16 9

This site contains links to these domains. Also see Links.

Domain
leadsleap.com
llpgpro.com
Subject Issuer Validity Valid
view.tivamovie.click
Sectigo RSA Domain Validation Secure Server CA		 2024-04-26 -
2025-04-26		 a year crt.sh
p.rapolok.com
R3		 2024-03-01 -
2024-05-30		 3 months crt.sh
lltrco.com
GTS CA 1P5		 2024-04-11 -
2024-07-10		 3 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
lllpg.com
GTS CA 1P5		 2024-03-16 -
2024-06-14		 3 months crt.sh
llclick.com
GTS CA 1P5		 2024-03-20 -
2024-06-18		 3 months crt.sh
llsvr.com
E1		 2024-03-07 -
2024-06-05		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://lltrco.com/?r=miguel322&ai=91237&at=a
Frame ID: 9A0A822589602B3C9F4CDEBF7FB1A6B6
Requests: 14 HTTP requests in this frame

Frame: https://lllpg.com/jcr4vfpf/llproad
Frame ID: 6F2AA1C4576DD666ADC1AA679480D850
Requests: 1 HTTP requests in this frame

Frame: https://llclick.com/set.cookie.html
Frame ID: 00D39DC84E77FE78A99A1A604895FE8F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Breaking The Mold!

Page URL History Show full URLs

  1. https://view.tivamovie.click/ Page URL
  2. http://p.rapolok.com/go/476725/719321/aHR0cHMlM0EvL3ZpZXcudGl2YW1vdmllLmNsaWNrLzEzODU0Lmh0bWw=?cb... HTTP 307
    https://p.rapolok.com/go/476725/719321/aHR0cHMlM0EvL3ZpZXcudGl2YW1vdmllLmNsaWNrLzEzODU0Lmh0bWw=?cb... Page URL
  3. https://p.rapolok.com/ad/ad?p=476725&w=719321&t=8d4ee8cf698e0fc0&r=aHR0cHMlM0EvL3ZpZXcudGl2YW1vdml... HTTP 303
    https://lltrco.com/?r=miguel322 HTTP 302
    https://lltrco.com/?r=miguel322&ai=91237&at=a Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

16
Requests

94 %
HTTPS

22 %
IPv6

9
Domains

9
Subdomains

10
IPs

3
Countries

293 kB
Transfer

607 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://view.tivamovie.click/ Page URL
  2. http://p.rapolok.com/go/476725/719321/aHR0cHMlM0EvL3ZpZXcudGl2YW1vdmllLmNsaWNrLzEzODU0Lmh0bWw=?cb=4051145210554343 HTTP 307
    https://p.rapolok.com/go/476725/719321/aHR0cHMlM0EvL3ZpZXcudGl2YW1vdmllLmNsaWNrLzEzODU0Lmh0bWw=?cb=4051145210554343 Page URL
  3. https://p.rapolok.com/ad/ad?p=476725&w=719321&t=8d4ee8cf698e0fc0&r=aHR0cHMlM0EvL3ZpZXcudGl2YW1vdmllLmNsaWNrLzEzODU0Lmh0bWw=&vw=1600&vh=1200 HTTP 303
    https://lltrco.com/?r=miguel322 HTTP 302
    https://lltrco.com/?r=miguel322&ai=91237&at=a Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://p.rapolok.com/go/476725/719321/aHR0cHMlM0EvL3ZpZXcudGl2YW1vdmllLmNsaWNrLzEzODU0Lmh0bWw=?cb=4051145210554343 HTTP 307
  • https://p.rapolok.com/go/476725/719321/aHR0cHMlM0EvL3ZpZXcudGl2YW1vdmllLmNsaWNrLzEzODU0Lmh0bWw=?cb=4051145210554343

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
view.tivamovie.click/ 		2 KB
927 B 		Document
General
Check archive.org
Download Go to
Full URL
https://view.tivamovie.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.122.140 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server167-3.web-hosting.com
Software
LiteSpeed / PHP/8.0.30
Resource Hash
b50894dc45f297ce653d858db9e30e811dfbdf34b8d9a6a65628da7a8d74ce90

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
content-length
758
content-type
text/html; charset=UTF-8
date
Sat, 04 May 2024 11:43:17 GMT
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/8.0.30
x-turbo-charged-by
LiteSpeed
aHR0cHMlM0EvL3ZpZXcudGl2YW1vdmllLmNsaWNrLzEzODU0Lmh0bWw=
p.rapolok.com/go/476725/719321/
Redirect Chain
  • http://p.rapolok.com/go/476725/719321/aHR0cHMlM0EvL3ZpZXcudGl2YW1vdmllLmNsaWNrLzEzODU0Lmh0bWw=?cb=4051145210554343
  • https://p.rapolok.com/go/476725/719321/aHR0cHMlM0EvL3ZpZXcudGl2YW1vdmllLmNsaWNrLzEzODU0Lmh0bWw=?cb=4051145210554343
482 B
464 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p.rapolok.com/go/476725/719321/aHR0cHMlM0EvL3ZpZXcudGl2YW1vdmllLmNsaWNrLzEzODU0Lmh0bWw=?cb=4051145210554343
Requested by
Host: view.tivamovie.click
URL: https://view.tivamovie.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.86.13.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-13-191.compute-1.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://view.tivamovie.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Sat, 04 May 2024 11:43:17 GMT
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY

Redirect headers

Location
https://p.rapolok.com/go/476725/719321/aHR0cHMlM0EvL3ZpZXcudGl2YW1vdmllLmNsaWNrLzEzODU0Lmh0bWw=?cb=4051145210554343
Non-Authoritative-Reason
HttpsUpgrades
Primary Request /
lltrco.com/
Redirect Chain
  • https://p.rapolok.com/ad/ad?p=476725&w=719321&t=8d4ee8cf698e0fc0&r=aHR0cHMlM0EvL3ZpZXcudGl2YW1vdmllLmNsaWNrLzEzODU0Lmh0bWw=&vw=1600&vh=1200
  • https://lltrco.com/?r=miguel322
  • https://lltrco.com/?r=miguel322&ai=91237&at=a
15 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lltrco.com/?r=miguel322&ai=91237&at=a
Requested by
Host: p.rapolok.com
URL: https://p.rapolok.com/go/476725/719321/aHR0cHMlM0EvL3ZpZXcudGl2YW1vdmllLmNsaWNrLzEzODU0Lmh0bWw=?cb=4051145210554343
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44cc34795271b7df80179e3c0baf86b05383a4b06f0702892f23262504918109

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://p.rapolok.com/go/476725/719321/aHR0cHMlM0EvL3ZpZXcudGl2YW1vdmllLmNsaWNrLzEzODU0Lmh0bWw=?cb=4051145210554343
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
87e83b7d2a0e1c20-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 04 May 2024 11:43:18 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wyvzrbn9nI2pa4KZyVAsolOkJlmfDofACEu%2FTadXwAM4fnd5kpfORRlN54HturFHoRAODdSbidEpuuBVXGDRzvRqeQAg9WzAqaNRnpuiUZLIGo0FgiWi4Vgr4scC"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87e83b788af51c20-FRA
content-type
text/html; charset=UTF-8
date
Sat, 04 May 2024 11:43:18 GMT
location
?r=miguel322&ai=91237&at=a
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WtSIUkMKu2tdgNkuEusk5HR9c2Fyl%2BWaywUNEEHAwomW4co%2BuiZEOvKD%2BXtez9sBQWBvCQMgRF4TnXgqQ1Z1kw7%2FhWupWjENZYA8d%2BjqHTsISN6RMKD8DumZSnCo"}],"group":"cf-nel","max_age":604800}
server
cloudflare
all.css
use.fontawesome.com/releases/v5.15.4/css/ 		58 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.15.4/css/all.css
Requested by
Host: lltrco.com
URL: https://lltrco.com/?r=miguel322&ai=91237&at=a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lltrco.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 11:43:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:45:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1013719
etag
W/"ecd507b3125edc4d2a03aa6ae5d07da9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mwpCoVZnxxaiKq5UX1poiXciNr6gLebPfyX5KXiYZQFo%2B%2Fa9ztTO0UZGP6c54CyxfFjc51G5o0WnZQYQ6vgpptmWszTbLOxGc3hgy0h4LB1J8ui8pttw7Jlr0mC6XYi3maN%2Fi%2B9V7BSFbdhM8%2BdkM8tU"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
87e83b80d9806997-FRA
alt-svc
h3=":443"; ma=86400
v4-shims.css
use.fontawesome.com/releases/v5.15.4/css/ 		26 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.15.4/css/v4-shims.css
Requested by
Host: lltrco.com
URL: https://lltrco.com/?r=miguel322&ai=91237&at=a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fe2f1cb7bc41c640ad3ea24449cfa1ba5291e16dbbbab0ef61bfe43f3212910

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lltrco.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 11:43:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:45:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1002016
etag
W/"a034d3c71bee546f625877d7932917f8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pNTz7bSrQGsR0EhbKvR8Gur02eR1nC72hABQr2kcZZM1cUC6InHgF6UTqX6K6AULhe58fVTywc4Rm0C1Fo9QoSOw4NvT%2F4VFBj%2FFZQB7hIAgB8IZnDdoqh8vPC%2BlXy8hhXtowdh70ckb%2F9r%2BAUZK9BCe"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
87e83b80d97d6997-FRA
alt-svc
h3=":443"; ma=86400
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/ 		84 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: lltrco.com
URL: https://lltrco.com/?r=miguel322&ai=91237&at=a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lltrco.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 11:43:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
147078
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
26909
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-14e4a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YRpBcZ7DWWO0yCUEeBANtrSoYMOP%2BCEdavenUQDl2GTvPrPwZSlKF%2BRNnNWBnhsyeX3E9Y3o7BLG3OYjXLWTW1kx10luL53D1ilpwZRDi2cTvNupt0aDUhki0eRIKVkhbp7SEcCE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
87e83b806e989f57-FRA
expires
Thu, 24 Apr 2025 11:43:19 GMT
jquery-ui.min.js
code.jquery.com/ui/1.11.4/ 		235 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.11.4/jquery-ui.min.js
Requested by
Host: lltrco.com
URL: https://lltrco.com/?r=miguel322&ai=91237&at=a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lltrco.com/
Origin
https://lltrco.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 11:43:19 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
20022368
x-cache
HIT, HIT
content-length
64296
x-served-by
cache-lga21924-LGA, cache-mxp6941-MXP
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1714822999.167762,VS0,VE0
etag
W/"28feccc0-3ab2b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
51, 23579
js.js
lltrco.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lltrco.com/js.js?r=16
Requested by
Host: lltrco.com
URL: https://lltrco.com/?r=miguel322&ai=91237&at=a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07915396820e5aab29a617b6b14718adc85cd1be97edc94cadeab4ef03381863

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lltrco.com/?r=miguel322&ai=91237&at=a
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 11:43:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 30 Nov 2023 06:20:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3107
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=682LbG7G647CoDTARYQUz8Y9sIXZggzt0orV%2F60SrmIhLDgAgI4smqfUrn%2BrbBvCFABehQWQae4YcJrUwHNXeOA3U2R0HrWO%2F61IoxHZKr%2B2xL9ZGtecW8gC9SlL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
87e83b801e8c1c20-FRA
alt-svc
h3=":443"; ma=86400
llproad
lllpg.com/jcr4vfpf/ Frame 6F2A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://lllpg.com/jcr4vfpf/llproad
Requested by
Host: lltrco.com
URL: https://lltrco.com/?r=miguel322&ai=91237&at=a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://lltrco.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87e83b81fa06997a-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 04 May 2024 11:43:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dv3gs81rUc8D%2BYU46YZcfQtQRbv32OLi90LuHb%2BwetY7L8UFEIrln%2BdYohdUOZI%2FqK1aJOO48nu9k7xzEevEYRCZcLrnQSXS7C0Mp9Ip6vL33%2FTVBrWpFFmvOjU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
set.cookie.html
llclick.com/ Frame 00D3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://llclick.com/set.cookie.html
Requested by
Host: lltrco.com
URL: https://lltrco.com/?r=miguel322&ai=91237&at=a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://lltrco.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87e83b820f1b3a5a-FRA
content-encoding
br
content-type
text/html
date
Sat, 04 May 2024 11:43:19 GMT
last-modified
Thu, 31 Aug 2023 06:32:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VxYwjm3gYE0fRAfPTVSIsWLDRxHvON3GAAjcs%2B9YaKKSyLZLSlKeW%2BBVadC74z6ApWd%2F1bQa91rpE55Ch%2Fn4wmjA40YZxppNBqDIL1TC52bdMeN18UsEQy%2Bxyuuwfw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
teambuilder.a.103642.jpg
imgad.llsvr.com/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgad.llsvr.com/teambuilder.a.103642.jpg
Requested by
Host: lltrco.com
URL: https://lltrco.com/?r=miguel322&ai=91237&at=a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34151b236fd6b07fb0a58a646b63520ed568d617a66e4681df49e4f5606e2432

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lltrco.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 11:43:20 GMT
cf-cache-status
MISS
last-modified
Thu, 22 Jun 2023 12:49:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U95SZC6HXoTJWOuo478sO8NXdJnK8f%2BPXuwCtUSzbHRHM9VcckNLFFDPr2%2BIAIkQfu9mfXaQf%2FHY6FB%2BVF7m2MaWyzFL8%2B%2Fd29zvuLCI6xRSbNkZXZ6BGd1oJnJzw0KXZg8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
87e83b81fabb5c92-FRA
alt-svc
h3=":443"; ma=86400
content-length
40148
jordan66.a.115672.jpg
imgad.llsvr.com/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgad.llsvr.com/jordan66.a.115672.jpg
Requested by
Host: lltrco.com
URL: https://lltrco.com/?r=miguel322&ai=91237&at=a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
059c3a54efb769136e975f2f2f6656dc4a9a73334163e20e7e153c15c3a8b05a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lltrco.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 11:43:19 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 11 Jul 2023 02:20:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wOSZf1XDsFn3qyu9bojxOpGEt5vq2n%2FkfpM%2FGqMGYewkLVWsKu8alMVcogCQSjF2DUOC8TZyuF2cVniH9wurzvFqZdhTOUWOIfd05cKzzH3ZW50HfLpiLCxBd3VfyqKY8QU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
87e83b81fab85c92-FRA
alt-svc
h3=":443"; ma=86400
content-length
25390
randomcash.a.96880.jpg
imgad.llsvr.com/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgad.llsvr.com/randomcash.a.96880.jpg
Requested by
Host: lltrco.com
URL: https://lltrco.com/?r=miguel322&ai=91237&at=a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51c35f0b427b17c63f539fe8f3a37ffbb446c8fcd10707f322bbf1ecd896a390

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lltrco.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 11:43:20 GMT
cf-cache-status
MISS
last-modified
Wed, 13 Dec 2023 22:32:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pcy%2FFE9z74P4l%2BOI8n71y%2FmhM78N1FKhh40cldSPPgXVxPlhfDSOg7QgDcpsLjMoe3iF33OgsZKM28mjiisQ1X3shPfJJegK0WP073cCj4t4b2CztXNEagn2veGT7K4OU7Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
87e83b81faba5c92-FRA
alt-svc
h3=":443"; ma=86400
content-length
30921
fa-solid-900.woff2
use.fontawesome.com/releases/v5.15.4/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.15.4/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.4/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://use.fontawesome.com/releases/v5.15.4/css/all.css
Origin
https://lltrco.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 11:43:19 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
998070
alt-svc
h3=":443"; ma=86400
content-length
78268
last-modified
Fri, 22 Sep 2023 01:45:26 GMT
server
cloudflare
etag
"d824df7eb2e268626a2dd9a6a741ac4e"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7GqYzakNikeIELA%2BVHJ0nwsB%2Bzr1V2N2FqeOgJAIkCPQ83y7kYVcbCQFhUBw18wkAmEWTNATWEH1nq0KAhBjvs4MBuTO15SWCEmoU0fFJWsUZ%2FfuwdTwWPgEEeHZ%2F62Aa66hCUEfEq%2Bzrg%2BiFsc8tY%2Bz"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
87e83b822d8b1b35-FRA
favicon.ico
lltrco.com/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://lltrco.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
690ea1d942a373a8b0bfd8e3361c22f8398e052dc4b86f21c11f940cd9659618

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lltrco.com/?r=miguel322&ai=91237&at=a
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 11:43:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 13 Mar 2023 07:29:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
786
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2TrR3BExhmdF4d9JvXpK2GQjl7mSybKuZeaZ6qChMotfKiBbF6Tph3uIDaPVKIhYZQAA2%2FSfDka8AtW6rjxwd6XeQxqyYr0XtHk9nA0FrgsGcxcaMMNK5pOU8eLL"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=14400
cf-ray
87e83b8e4c441c20-FRA
alt-svc
h3=":443"; ma=86400
ajax.php
lltrco.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
lltrco.com
URL
https://lltrco.com/ajax.php

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| $ function| jQuery string| llcv_q string| llcv_s string| llcv_d string| llcv_i string| llcv_a string| llcv_f string| llcv_l number| tableid string| llcv_id string| llcv_ii number| llcv_al number| widgettime string| mobileagent number| adbarcounton string| adbaron string| llcv_life function| _0x3c03dc number| llcv_tcL number| llcv_tcN number| llcv_tcA number| lltanimating number| c number| a number| llcv_cs number| llcv_lf number| llcv_mm number| llcv_mw number| llcv_mc number| llcv_mts number| llcv_mtm number| llcv_mte number| llcv_cmm number| llcv_cmw number| llcv_cmc number| llcv_cmts number| llcv_cmtm number| llcv_cmte number| llcv_jf number| llcv_tc number| llcv_nc number| llcv_csonce function| fncdt function| fnifm function| fnhf function| fnadbar function| fncountdown function| fnsc function| fnitv object| il function| _0x47f2 function| showad function| resize number| tcount function| intervalFn function| _0x56ab object| interval number| inframe number| tl string| x object| adbarht

12 Cookies

Domain/Path Name / Value
lltrco.com/ Name: PHPSESSID
Value: 2b2cedb6ae16e02b5d08b7113ecb40f1
llclick.com/ Name: hidead
Value: 1
.lllpg.com/ Name: lltkrl97462
Value: 1
.vimeo.com/ Name: __cf_bm
Value: d8QLy3n3UNzclucuWN6cmd2Q_eWktKrT8RGmkvgNEoA-1714823000-1.0.1.1-3xmLGrgZ5NgxaKl0QVM6SH3MPyMv0WfVrWnKrSlok5qz32oc.y4FASd6MCCme6CHS1jQD62RLf2gjKf8oTb0eQ
.vimeo.com/ Name: _cfuvid
Value: 8S_iuqDyYYYvAFf.L9l1g1u3CqUCg1f6ETc1DABXyS0-1714823000551-0.0.1.1-604800000
.youtube.com/ Name: YSC
Value: u0yCv74Cblg
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: vJJcfHIsxn4
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgIA%3D%3D
.pixel.leadsleap.net/ Name: lllpga97462
Value: 931028.04
.pixel.leadsleap.net/ Name: lllpgb97462
Value: 931028.04
.pixel.leadsleap.net/ Name: lllpgca86002
Value: 97462.931028.04
.pixel.leadsleap.net/ Name: lllpgcb86002
Value: 97462.931028.04

21 Console Messages

Source Level URL
Text
other warning URL: https://lltrco.com/?r=miguel322&ai=91237&at=a
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lltrco.com/?r=miguel322&ai=91237&at=a
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lltrco.com/?r=miguel322&ai=91237&at=a
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lltrco.com/?r=miguel322&ai=91237&at=a
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lltrco.com/?r=miguel322&ai=91237&at=a
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lltrco.com/?r=miguel322&ai=91237&at=a
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lltrco.com/?r=miguel322&ai=91237&at=a
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lltrco.com/?r=miguel322&ai=91237&at=a
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lltrco.com/?r=miguel322&ai=91237&at=a
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lltrco.com/?r=miguel322&ai=91237&at=a
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lltrco.com/?r=miguel322&ai=91237&at=a
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lltrco.com/?r=miguel322&ai=91237&at=a
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lltrco.com/?r=miguel322&ai=91237&at=a
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lltrco.com/?r=miguel322&ai=91237&at=a
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lltrco.com/?r=miguel322&ai=91237&at=a
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lltrco.com/?r=miguel322&ai=91237&at=a
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lltrco.com/?r=miguel322&ai=91237&at=a
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lltrco.com/?r=miguel322&ai=91237&at=a
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lltrco.com/?r=miguel322&ai=91237&at=a
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lltrco.com/?r=miguel322&ai=91237&at=a
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lltrco.com/?r=miguel322&ai=91237&at=a
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.