Submitted URL: http://0c4.us/UsI9Q
Effective URL: http://trojadirecta.com/en/index1.html
Submission: On March 20 via manual from PL

Summary

This website contacted 16 IPs in 8 countries across 18 domains to perform 56 HTTP transactions. The main IP is 136.244.81.144, located in Frankfurt am Main, Germany and belongs to AS-CHOOPA, US. The main domain is trojadirecta.com.
This is the only time trojadirecta.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 185.212.128.72 200313 (INTERNET-IT)
2 18.195.174.160 16509 (AMAZON-02)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 3 99.198.108.198 32475 (SINGLEHOP...)
1 205.147.93.131 393676 (ZENEDGE)
1 2 54.236.172.182 14618 (AMAZON-AES)
15 2606:4700:303... 13335 (CLOUDFLAR...)
8 136.244.81.144 20473 (AS-CHOOPA)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
5 35.201.103.0 15169 (GOOGLE)
3 185.225.208.133 13213 (UK2NET-AS)
2 185.39.10.6 62355 (NETWORKDE...)
2 46.105.201.240 16276 (OVH)
1 198.27.80.143 16276 (OVH)
1 3 67.202.94.94 32748 (STEADFAST)
2 2 3.126.67.67 16509 (AMAZON-02)
2 2 52.210.133.34 16509 (AMAZON-02)
2 143.204.206.5 16509 (AMAZON-02)
1 1 184.168.131.241 26496 (AS-26496-...)
56 16
Domain Requested by
15 301.es tryd.pro
301.es
trojadirecta.com
ajax.googleapis.com
8 trojadirecta.com 301.es
trojadirecta.com
ajax.googleapis.com
5 www.greatdexchange.com trojadirecta.com
ajax.googleapis.com
4 ajax.googleapis.com trojadirecta.com
3 whos.amung.us 1 redirects waust.at
3 go.domainxchange.xyz 1 redirects track.kikenzo.com
go.domainxchange.xyz
2 www.primevideo.com trojadirecta.com
2 c.clickwork7secure.com 2 redirects trojadirecta.com
2 adrunnr.com 2 redirects
2 s10.histats.com trojadirecta.com
s10.histats.com
2 livetv.sx trojadirecta.com
2 waust.at trojadirecta.com
2 tryd.pro yltenim.com
1 en.trojadirecta.com 1 redirects
1 widgets.amung.us trojadirecta.com
1 s4.histats.com s10.histats.com
1 fonts.googleapis.com 301.es
1 yltenim.com go.domainxchange.xyz
1 so.slytrk03.com
1 track.kikenzo.com track.zukaisen.com
1 track.zukaisen.com
1 0c4.us 1 redirects
56 22

This site contains links to these domains. Also see Links.

Domain
www.greatdexchange.com
tipshunter.net
www.histats.com
Subject Issuer Validity Valid
go.domainxchange.xyz
Let's Encrypt Authority X3
2020-01-31 -
2020-04-30
3 months crt.sh
yltenim.com
Let's Encrypt Authority X3
2020-02-21 -
2020-05-21
3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2019-06-05 -
2020-06-04
a year crt.sh
*.storage.googleapis.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh
greatdexchange.com
Sectigo RSA Domain Validation Secure Server CA
2020-02-11 -
2021-03-07
a year crt.sh
www.primevideo.com
Amazon
2020-01-30 -
2021-01-13
a year crt.sh

This page contains 17 frames:

Primary Page: http://trojadirecta.com/en/index1.html
Frame ID: E84654D1192771B24C450C502237BEDA
Requests: 31 HTTP requests in this frame

Frame: http://livetv.sx/export/webmasters.php?s=0&lang=en
Frame ID: D71736DEC5FF7643AFDCE87B167C9A65
Requests: 1 HTTP requests in this frame

Frame: http://trojadirecta.com/schedule/todaygames.html
Frame ID: 349B148E1B7B98207AE13DDC6E7F0470
Requests: 3 HTTP requests in this frame

Frame: https://301.es/?http://livesportzonline.com/live/index1.html
Frame ID: 6C189D074EB4063035374B7B47725399
Requests: 1 HTTP requests in this frame

Frame: https://301.es/?http://trojadirecta.com/today/index.html
Frame ID: EBF83C12061D4EB703BFEF398F334820
Requests: 10 HTTP requests in this frame

Frame: https://301.es/?http://livesportzonline.com/footy-hd.html
Frame ID: 0BA7ED6D96E4132275EF244B681989EA
Requests: 1 HTTP requests in this frame

Frame: https://301.es/?http://sportsstreems.com/live-hd.html
Frame ID: E1F3BF9CB7CC107356CFC3D5976A6E55
Requests: 1 HTTP requests in this frame

Frame: https://301.es/?http://thefromhots.com/rugby.html
Frame ID: 2216E6D88CE9A394923CC084E3A0E811
Requests: 1 HTTP requests in this frame

Frame: https://301.es/?http://trojadirecta.com/za1.html
Frame ID: 0E3ADAA74C208772E95A9EC0DDE789D8
Requests: 2 HTTP requests in this frame

Frame: https://301.es/?http://streamhunter.site/gumgum.html
Frame ID: 1C421CA30D539A8D8DA5C0CBC62A250C
Requests: 1 HTTP requests in this frame

Frame: https://301.es/?http://trojadirecta.com/rojaa.html
Frame ID: 6D07BD72D79557326E6CB7FBE88A89B8
Requests: 1 HTTP requests in this frame

Frame: https://www.primevideo.com/?ref_=dvm_ass_mem_be_mf_s_Cwcpa6
Frame ID: 561856945693CFAE315FF24AC9A85F7F
Requests: 1 HTTP requests in this frame

Frame: https://www.primevideo.com/?ref_=dvm_ass_mem_be_mf_s_Cwcpa6
Frame ID: 355AF8286AC43D5027AAC8405D7A9C08
Requests: 1 HTTP requests in this frame

Frame: https://c.clickwork7secure.com/?a=18973&c=72074&E=XUuEACa3ugk%3D&s1=
Frame ID: 65D079BAF367C3E24036C7C5237C28F1
Requests: 1 HTTP requests in this frame

Frame: https://c.clickwork7secure.com/?a=18973&c=72074&E=XUuEACa3ugk%3D&s1=
Frame ID: 357E3FA8B38A449631965CBFE6DF5660
Requests: 1 HTTP requests in this frame

Frame: http://livetv.sx/export/webmasters.php?s=0&lang=en
Frame ID: 188C3C726365260B0D389E97CB49EADC
Requests: 1 HTTP requests in this frame

Frame: https://www.greatdexchange.com/jump/next.php?stamat=m%7C%2C0oiOio3drB1dQK0dEdHP3xP.c1c%2C6MxHSjjFnoGNyc5q8sQ5eQ%2C%2C&cbrandom=0.007749088201456367&cbtitle=&cbWidth=1350&cbHeight=641&cbdescription=&cbkeywords=&cbref=http%3A%2F%2Ftrojadirecta.com
Frame ID: BFFDDE6FB2D6E63BAE25D7D608091CC8
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://0c4.us/UsI9Q HTTP 302
    http://track.zukaisen.com/16aa69d5-5a16-40fb-a929-36d8ea0eac4a?&source=zinq&batch=138d Page URL
  2. http://track.kikenzo.com/redirect?target=BASE64aHR0cHM6Ly9zby5zbHl0cmswMy5jb20vdC9jbGs_aWQ9ejc2Q21aZ3... Page URL
  3. https://so.slytrk03.com/t/clk?id=z76CmZgsNy8fxmjAsY&s2=w6tm2s1cfq3s8iot18vq4sf2 HTTP 302
    https://go.domainxchange.xyz/?utm_medium=0d2e24c8102df1f08f7d0f16d84018b5ef5f0aa0&utm_campaign=mainstream... Page URL
  4. https://go.domainxchange.xyz/?utm_term=6806241649031643188&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
  5. https://go.domainxchange.xyz/proc.php?32f30dd07f1a5368e6ad575fac0ac0bed531e578 HTTP 302
    https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_?diM=MS_... Page URL
  6. http://tryd.pro/go/216668/456926 Page URL
  7. http://tryd.pro/ad/ad?p=216668&w=456926&t=20e21a216ad72687&r=aHR0cHMlM0ElMkYlMkZ5bHRlbmltLmN... HTTP 303
    https://301.es/?http://trojadirecta.com/en/index1.html Page URL
  8. http://trojadirecta.com/en/index1.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

56
Requests

54 %
HTTPS

20 %
IPv6

18
Domains

22
Subdomains

16
IPs

8
Countries

477 kB
Transfer

959 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://0c4.us/UsI9Q HTTP 302
    http://track.zukaisen.com/16aa69d5-5a16-40fb-a929-36d8ea0eac4a?&source=zinq&batch=138d Page URL
  2. http://track.kikenzo.com/redirect?target=BASE64aHR0cHM6Ly9zby5zbHl0cmswMy5jb20vdC9jbGs_aWQ9ejc2Q21aZ3NOeThmeG1qQXNZJnMyPXc2dG0yczFjZnEzczhpb3QxOHZxNHNmMg&ts=1584701622655&hash=WjgtpIcW193U_2PtKOgeIeJ-sg30jyoLTrmW0hNFw5A&rm=DJ Page URL
  3. https://so.slytrk03.com/t/clk?id=z76CmZgsNy8fxmjAsY&s2=w6tm2s1cfq3s8iot18vq4sf2 HTTP 302
    https://go.domainxchange.xyz/?utm_medium=0d2e24c8102df1f08f7d0f16d84018b5ef5f0aa0&utm_campaign=mainstream_new&1=11238&cid=86121c06-9f39-4ff6-bd8b-8b6220b0adb3 Page URL
  4. https://go.domainxchange.xyz/?utm_term=6806241649031643188&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e Page URL
  5. https://go.domainxchange.xyz/proc.php?32f30dd07f1a5368e6ad575fac0ac0bed531e578 HTTP 302
    https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_?diM=MS_WW_Desktop_Feb20&subid=6806241649031643188&ext1=797 Page URL
  6. http://tryd.pro/go/216668/456926 Page URL
  7. http://tryd.pro/ad/ad?p=216668&w=456926&t=20e21a216ad72687&r=aHR0cHMlM0ElMkYlMkZ5bHRlbmltLmNvbSUyRg==&vw=1600&vh=1200 HTTP 303
    https://301.es/?http://trojadirecta.com/en/index1.html Page URL
  8. http://trojadirecta.com/en/index1.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://0c4.us/UsI9Q HTTP 302
  • http://track.zukaisen.com/16aa69d5-5a16-40fb-a929-36d8ea0eac4a?&source=zinq&batch=138d
Request Chain 4
  • https://so.slytrk03.com/t/clk?id=z76CmZgsNy8fxmjAsY&s2=w6tm2s1cfq3s8iot18vq4sf2 HTTP 302
  • https://go.domainxchange.xyz/?utm_medium=0d2e24c8102df1f08f7d0f16d84018b5ef5f0aa0&utm_campaign=mainstream_new&1=11238&cid=86121c06-9f39-4ff6-bd8b-8b6220b0adb3
Request Chain 6
  • https://go.domainxchange.xyz/proc.php?32f30dd07f1a5368e6ad575fac0ac0bed531e578 HTTP 302
  • https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_?diM=MS_WW_Desktop_Feb20&subid=6806241649031643188&ext1=797
Request Chain 9
  • http://tryd.pro/ad/ad?p=216668&w=456926&t=20e21a216ad72687&r=aHR0cHMlM0ElMkYlMkZ5bHRlbmltLmNvbSUyRg==&vw=1600&vh=1200 HTTP 303
  • https://301.es/?http://trojadirecta.com/en/index1.html
Request Chain 29
  • http://whos.amung.us/cwidget/cegtwksous/000000ffffff.png HTTP 307
  • http://widgets.amung.us/draw/?w=colored&n=92&c=000000ffffff&p=
Request Chain 48
  • http://adrunnr.com/?placement=406094&redirect HTTP 302
  • https://c.clickwork7secure.com/?a=18973&c=72074&E=XUuEACa3ugk%3D&s1= HTTP 302
  • https://www.primevideo.com/?ref_=dvm_ass_mem_be_mf_s_Cwcpa6
Request Chain 49
  • http://adrunnr.com/?placement=406094&redirect HTTP 302
  • https://c.clickwork7secure.com/?a=18973&c=72074&E=XUuEACa3ugk%3D&s1= HTTP 302
  • https://www.primevideo.com/?ref_=dvm_ass_mem_be_mf_s_Cwcpa6
Request Chain 50
  • http://adrunnr.com/?placement=406145&redirect HTTP 302
  • https://c.clickwork7secure.com/?a=18973&c=72074&E=XUuEACa3ugk%3D&s1=
Request Chain 51
  • http://adrunnr.com/?placement=406145&redirect HTTP 302
  • https://c.clickwork7secure.com/?a=18973&c=72074&E=XUuEACa3ugk%3D&s1=
Request Chain 53
  • http://en.trojadirecta.com/ HTTP 301
  • https://www.greatdexchange.com/jump/next.php?stamat=m%7C%2C0oiOio3drB1dQK0dEdHP3xP.c1c%2C6MxHSjjFnoGNyc5q8sQ5eQ%2C%2C&cbrandom=0.007749088201456367&cbtitle=&cbWidth=1350&cbHeight=641&cbdescription=&cbkeywords=&cbref=http%3A%2F%2Ftrojadirecta.com

56 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set 16aa69d5-5a16-40fb-a929-36d8ea0eac4a
track.zukaisen.com/
Redirect Chain
  • http://0c4.us/UsI9Q
  • http://track.zukaisen.com/16aa69d5-5a16-40fb-a929-36d8ea0eac4a?&source=zinq&batch=138d
748 B
1 KB
Document
General
Full URL
http://track.zukaisen.com/16aa69d5-5a16-40fb-a929-36d8ea0eac4a?&source=zinq&batch=138d
Protocol
HTTP/1.1
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
fdb37cf7fe016bea3b72e5f702c3e5ef8fdb115d54b22680315c3b20335ffb8d

Request headers

Host
track.zukaisen.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Fri, 20 Mar 2020 10:53:42 GMT
Content-Type
text/html;charset=UTF-8
Content-Length
748
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Set-Cookie
16aa69d5-5a16-40fb-a929-36d8ea0eac4a-v4=16aa69d5-5a16-40fb-a929-36d8ea0eac4a; Max-Age=86400; Expires=Sat, 21-Mar-2020 10:53:42 GMT; Domain=track.zukaisen.com; Path=/; HttpOnly cc-v4=rATa8WdZIZ%2F%2BBuP3ZGjSiFh%2FmfqfEQGWkXjDCJfLnVTY9gNWWbuVAhem%2F%2F0Gh0Y66PzT9TC2bKDU3pfWMe8dSW8KgezhdUCsROKp30DUPrJNgabIXT4t%2Bjf%2BuzaijxlFF%2BDlpJM1Wbzy7Lc5%2FelLoA%3D%3D; Max-Age=31536000; Expires=Sat, 20-Mar-2021 10:53:42 GMT; Domain=track.zukaisen.com; Path=/; HttpOnly

Redirect headers

Server
nginx/1.16.1
Date
Fri, 20 Mar 2020 10:56:15 GMT
Content-Type
text/html; charset=utf-8
Content-Length
232
Connection
keep-alive
Access-Control-Allow-Origin
*
Location
http://track.zukaisen.com/16aa69d5-5a16-40fb-a929-36d8ea0eac4a?&source=zinq&batch=138d
Vary
Accept
redirect
track.kikenzo.com/
0
0

redirect
track.kikenzo.com/
450 B
723 B
Document
General
Full URL
http://track.kikenzo.com/redirect?target=BASE64aHR0cHM6Ly9zby5zbHl0cmswMy5jb20vdC9jbGs_aWQ9ejc2Q21aZ3NOeThmeG1qQXNZJnMyPXc2dG0yczFjZnEzczhpb3QxOHZxNHNmMg&ts=1584701622655&hash=WjgtpIcW193U_2PtKOgeIeJ-sg30jyoLTrmW0hNFw5A&rm=DJ
Requested by
Host: track.zukaisen.com
URL: http://track.zukaisen.com/16aa69d5-5a16-40fb-a929-36d8ea0eac4a?&source=zinq&batch=138d
Protocol
HTTP/1.1
Server
18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
52320d72a3a5f6d81231fa51ad69e8e4c37affe9e748c8d396246943d98e738f

Request headers

Host
track.kikenzo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://track.zukaisen.com/16aa69d5-5a16-40fb-a929-36d8ea0eac4a?&source=zinq&batch=138d
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://track.zukaisen.com/16aa69d5-5a16-40fb-a929-36d8ea0eac4a?&source=zinq&batch=138d

Response headers

Server
nginx
Date
Fri, 20 Mar 2020 10:53:42 GMT
Content-Type
text/html;charset=UTF-8
Content-Length
450
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
clk
so.slytrk03.com/t/
0
0

/
go.domainxchange.xyz/
Redirect Chain
  • https://so.slytrk03.com/t/clk?id=z76CmZgsNy8fxmjAsY&s2=w6tm2s1cfq3s8iot18vq4sf2
  • https://go.domainxchange.xyz/?utm_medium=0d2e24c8102df1f08f7d0f16d84018b5ef5f0aa0&utm_campaign=mainstream_new&1=11238&cid=86121c06-9f39-4ff6-bd8b-8b6220b0adb3
3 KB
2 KB
Document
General
Full URL
https://go.domainxchange.xyz/?utm_medium=0d2e24c8102df1f08f7d0f16d84018b5ef5f0aa0&utm_campaign=mainstream_new&1=11238&cid=86121c06-9f39-4ff6-bd8b-8b6220b0adb3
Requested by
Host: track.kikenzo.com
URL: http://track.kikenzo.com/redirect?target=BASE64aHR0cHM6Ly9zby5zbHl0cmswMy5jb20vdC9jbGs_aWQ9ejc2Q21aZ3NOeThmeG1qQXNZJnMyPXc2dG0yczFjZnEzczhpb3QxOHZxNHNmMg&ts=1584701622655&hash=WjgtpIcW193U_2PtKOgeIeJ-sg30jyoLTrmW0hNFw5A&rm=DJ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.198.108.198 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
d995345fd4c4c4c88d9c39645abde26259f39a2a9929b77f907cf2f3cdd7180f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

:method
GET
:authority
go.domainxchange.xyz
:scheme
https
:path
/?utm_medium=0d2e24c8102df1f08f7d0f16d84018b5ef5f0aa0&utm_campaign=mainstream_new&1=11238&cid=86121c06-9f39-4ff6-bd8b-8b6220b0adb3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://track.kikenzo.com/redirect?target=BASE64aHR0cHM6Ly9zby5zbHl0cmswMy5jb20vdC9jbGs_aWQ9ejc2Q21aZ3NOeThmeG1qQXNZJnMyPXc2dG0yczFjZnEzczhpb3QxOHZxNHNmMg&ts=1584701622655&hash=WjgtpIcW193U_2PtKOgeIeJ-sg30jyoLTrmW0hNFw5A&rm=DJ
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
http://track.kikenzo.com/redirect?target=BASE64aHR0cHM6Ly9zby5zbHl0cmswMy5jb20vdC9jbGs_aWQ9ejc2Q21aZ3NOeThmeG1qQXNZJnMyPXc2dG0yczFjZnEzczhpb3QxOHZxNHNmMg&ts=1584701622655&hash=WjgtpIcW193U_2PtKOgeIeJ-sg30jyoLTrmW0hNFw5A&rm=DJ

Response headers

status
200
server
nginx
date
Fri, 20 Mar 2020 10:53:44 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
set-cookie
u=120f9c56f15073d5f58fb3aa778643b0; expires=Sat, 20-Mar-2021 10:53:44 GMT; Max-Age=31536000; path=/
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip

Redirect headers

status
302
date
Fri, 20 Mar 2020 10:53:43 GMT
content-type
text/html; charset=utf-8
content-length
0
set-cookie
__cfduid=ddf5eae768e042d442f1b49dc643342b01584701622; expires=Sun, 19-Apr-20 10:53:42 GMT; path=/; domain=.slytrk03.com; HttpOnly; SameSite=Lax AWSALB=QVi1CoM+sfAtdPOjuGdFU3D9BUJeQHfoxLKZDYK9VbjaJA5RlU7rRfVxxE22uemaCOzbK2906EMMrENijzrFfqjc1H3KEPZefvzdK3+no+Y81FSYlBoeRdmDbHqL; Expires=Fri, 27 Mar 2020 10:53:42 GMT; Path=/ AWSALBCORS=QVi1CoM+sfAtdPOjuGdFU3D9BUJeQHfoxLKZDYK9VbjaJA5RlU7rRfVxxE22uemaCOzbK2906EMMrENijzrFfqjc1H3KEPZefvzdK3+no+Y81FSYlBoeRdmDbHqL; Expires=Fri, 27 Mar 2020 10:53:42 GMT; Path=/; SameSite=None uip="[\"olk8zNt\"\054 {\"EoZOq\": \"dGAXaNN\"}]:1jFFHb:QMgTKvsAgyIPhREEpZMJ2PkfKXw"; expires=Sun, 19 Apr 2020 10:53:43 GMT; Max-Age=2592000; Path=/ ydt_69a756d9a2a44370a5365f82fbdfa6e5="[\"86121c06-9f39-4ff6-bd8b-8b6220b0adb3\"]:1jFFHb:pzXBsMKDoCYcfQcZNSc8H_s2t_8"; expires=Sun, 19 Apr 2020 11:53:43 GMT; Max-Age=2595600; Path=/
location
https://go.domainxchange.xyz/?utm_medium=0d2e24c8102df1f08f7d0f16d84018b5ef5f0aa0&utm_campaign=mainstream_new&1=11238&cid=86121c06-9f39-4ff6-bd8b-8b6220b0adb3
cache-control
no-transform
x-frame-options
SAMEORIGIN
vary
Cookie, Origin
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
576ee4161d32dff3-FRA
/
go.domainxchange.xyz/
9 KB
3 KB
Document
General
Full URL
https://go.domainxchange.xyz/?utm_term=6806241649031643188&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e
Requested by
Host: go.domainxchange.xyz
URL: https://go.domainxchange.xyz/?utm_medium=0d2e24c8102df1f08f7d0f16d84018b5ef5f0aa0&utm_campaign=mainstream_new&1=11238&cid=86121c06-9f39-4ff6-bd8b-8b6220b0adb3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.198.108.198 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/7.3.4
Resource Hash
36bfaecc7a2deca0ea1283b4c51882f440e61ae3296a9728c7178b5466fb6ab7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

:method
GET
:authority
go.domainxchange.xyz
:scheme
https
:path
/?utm_term=6806241649031643188&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
referer
https://go.domainxchange.xyz/?utm_medium=0d2e24c8102df1f08f7d0f16d84018b5ef5f0aa0&utm_campaign=mainstream_new&1=11238&cid=86121c06-9f39-4ff6-bd8b-8b6220b0adb3
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
u=120f9c56f15073d5f58fb3aa778643b0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
https://go.domainxchange.xyz/?utm_medium=0d2e24c8102df1f08f7d0f16d84018b5ef5f0aa0&utm_campaign=mainstream_new&1=11238&cid=86121c06-9f39-4ff6-bd8b-8b6220b0adb3

Response headers

status
200
server
nginx
date
Fri, 20 Mar 2020 10:53:44 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
x-powered-by
PHP/7.3.4
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_
yltenim.com/nh4ea/ciqM/fC6c/
Redirect Chain
  • https://go.domainxchange.xyz/proc.php?32f30dd07f1a5368e6ad575fac0ac0bed531e578
  • https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_?diM=MS_WW_Desktop_Feb20&subid=6806241649031643188&ext1=797
4 KB
4 KB
Document
General
Full URL
https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_?diM=MS_WW_Desktop_Feb20&subid=6806241649031643188&ext1=797
Requested by
Host: go.domainxchange.xyz
URL: https://go.domainxchange.xyz/?utm_term=6806241649031643188&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.147.93.131 , United States, ASN393676 (ZENEDGE, US),
Reverse DNS
Software
ZENEDGE /
Resource Hash
e0a485ae9c32de84b7a965e9ec59b4e9260d3f05fbdf0027989d993808f54e36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

:method
GET
:authority
yltenim.com
:scheme
https
:path
/nh4ea/ciqM/fC6c/JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_?diM=MS_WW_Desktop_Feb20&subid=6806241649031643188&ext1=797
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://go.domainxchange.xyz/?utm_term=6806241649031643188&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
https://go.domainxchange.xyz/?utm_term=6806241649031643188&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e#

Response headers

status
200
content-type
text/html;charset=utf-8
expires
Sat, 26 Jul 1997 05:00:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
date
Fri, 20 Mar 2020 10:53:44 GMT
content-encoding
gzip
vary
Accept-Encoding Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
x-cache-status
NOTCACHED
x-zen-fury
3715ec5f13c22e155506edf69c9dc4e10b722757
set-cookie
TR7A3jMiISYwstsFmTB2nnIHQbldWUy4oIejVz55dlg%3D=aacac604157db4a82a93047a70262023_1584701624.6948; domain=yltenim.com; path=/; expires=Mon, 18-Mar-2030 10:53:44 UTC; Secure b5lq9eygwZllzl4luI4VBgQgNE5fCh5dQrQRotUx370%3D=1584701624.6978; domain=yltenim.com; path=/; expires=Mon, 18-Mar-2030 10:53:44 UTC; Secure vHgNpuORtFmyejMz%2Fu4SCq%2BJuUygP9Fo7yvtcHxZqjM%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3YWE5TktBZG83R1I1NlQ0R0tBOUhIMTU4OGk1dUpJVXgrZnRSMVVUdXZKcQ%3D%3D; domain=yltenim.com; path=/; expires=Mon, 18-Mar-2030 10:53:44 UTC; Secure aacac604157db4a82a93047a70262023_1584701624.6948_ck=ck1JbktjM2d5ZHdqZ0pMbmNTTC83bDFxSmdQaVRNRkJMVEpDZ01Cclk0UElIdkt6dGhLZjhqdjJ3bjFPUWl5VUVqaGJEVVZTNnhGb0owem54OTFpRk94NDZMRDhnb0oyZHF5YTU2NyttUWxhME4wOVQrckdzNnRocCtTMTh5aVpXMDZLbVFKcHFrTmo0dEFlaHFjb3VEY1ZENG1ib1pqQjllTjhXaDV5S3JHNzk3K3hrS0FSay9lTFVSeEgvTkg2OFpQSUV6cG5TYUQvb0t5NzVvUlY1S2tkZUFFQi9KUmtuMHFacEkyc1Mya1BEMGJGRkdyYk9QcmR6QnFUcytUS0Q2bTZ3aUk3bGhZV1B1dXdSTjhUY2wrVmUzMElTd1RPV0lNbmhUNEdscUJRK25YcVczQ0Y5SGVNaFg4bkJNb2gzQlhlTzlBNHh5SkVlK1NqMGc1Q21qMmY5NDE0T0FUWVFGbVpLQW9hM3NnMGJHVWVmazkzUk1aQWFWa2hZTjcvdmdlL3lSUm5FNDJXWUdFdTlzUityUWwyMWIwNVNBZVlHa1F4Vm12V2lFY1dYd0FBVDVsRmh6ZUdpY1BudU5sWnBaamZWOW1Pd1pBRVRtR0hLRm41WitiOW1acmh4RzVBUUxWUDVQMHo5RjBBVlJwVTV3U2ZSM1U2bS9kamplcmZqdmJja0h6dnliejZZbzJzQzBpamhkTEF4bzZFZFJmcHB0Mldrc0tMM1VnN2F4MWM1K21iNnVMTlp6WEZmbll1RFlrbjlnK2JvcGRXY1hxMEJlTW5iZWU2M1hCOVZaRWRQZTdFRnJyWGszcGxFZlVNNml0MzNHWUZpS083QjZ0Q1ZxclZSV0Y4VGpERGIwMlEvOExLOEt0RCtvak5IbTlueExPYXhiRGV3RElOeFRkWWxYck53S0tQZkdRdDlOVml2QmlCUTVuQ2lMZkZ1RjBUWitFaWtDb2kxN3Fpa1lIb3dSeEFUVWRIY05DN3NEd2ljY01uMXdQdzV3cXNhQ3Z5MjJ1UGUwSzV5cnJwV1RJaFVQWFpxbklqTHpNWVdBUkx0Q3ZSSStyWm5uUlNRa1gxZEQ0UktqV3JwSEp0ZzZDL0l4NkxiNUMzSytJNmczWGo2RjVkbG15MWhlcXN6bkUya3ZjcEhVM0dac3hwcE9XelBaRGJBMzlneTAzd0FJUEIyN0ZIOUxGSkNBV29xRDdxNDdNVTkxNWxpS3lyQm13Q0xIT2tzK0ZNazFXSjZKbVM5Q0RNc0FKbkxnVmx4dGZMc2dHblZ3b3JlaTV5eWJjUjl4UU0wR01nM2xvOFFoakxESy9vSVBIeURjYzhoZmEwcWYvR3FyRW0zbEVUcytKdQ%3D%3D; domain=yltenim.com; path=/; expires=Mon, 18-Mar-2030 10:53:44 UTC; Secure f%2BNxABd9BuS%2BD6mZ%2FBtNNoR%2BezmypWHgySeOvF3EM0s%3D=dFUxZDQ0YzZPNTZVU0JTUTVHTS84Q2VMRkxGb3pCbkZKVEtXTjZ6ckluMCsrQXcxSzdJMnRYdWEwNnlpOTI1ei9OclRMekIyaHltWHZ5NVoxamMxMjVjMkRzRFU5dDBydkFaMGhEQ2JXcEk9; domain=yltenim.com; path=/; expires=Fri, 20-Mar-2020 11:58:44 UTC; Secure SERVERID=sfc16; path=/
server
ZENEDGE
x-cdn
Served-By-Zenedge

Redirect headers

status
302
server
nginx
date
Fri, 20 Mar 2020 10:53:44 GMT
content-type
text/html; charset=UTF-8
location
https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_?diM=MS_WW_Desktop_Feb20&subid=6806241649031643188&ext1=797
x-powered-by
PHP/7.3.4
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
456926
tryd.pro/go/216668/
0
0

456926
tryd.pro/go/216668/
466 B
520 B
Document
General
Full URL
http://tryd.pro/go/216668/456926
Requested by
Host: yltenim.com
URL: https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_?diM=MS_WW_Desktop_Feb20&subid=6806241649031643188&ext1=797
Protocol
HTTP/1.1
Server
54.236.172.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-172-182.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c1b65cf3beb665386ec8fd66c039ea9e5f776206dfcf4bd1aeed9507dc732f2b

Request headers

Host
tryd.pro
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
https://yltenim.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://yltenim.com/

Response headers

Date
Fri, 20 Mar 2020 10:53:46 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Vary
Accept-Encoding
Content-Encoding
gzip
/
301.es/
Redirect Chain
  • http://tryd.pro/ad/ad?p=216668&w=456926&t=20e21a216ad72687&r=aHR0cHMlM0ElMkYlMkZ5bHRlbmltLmNvbSUyRg==&vw=1600&vh=1200
  • https://301.es/?http://trojadirecta.com/en/index1.html
3 KB
1 KB
Document
General
Full URL
https://301.es/?http://trojadirecta.com/en/index1.html
Requested by
Host: tryd.pro
URL: http://tryd.pro/go/216668/456926
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6812:380c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6ecacff668dd4a128e73c0f2d8af399a547016171b5fcf36891a2c810f8ac73

Request headers

:method
GET
:authority
301.es
:scheme
https
:path
/?http://trojadirecta.com/en/index1.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://tryd.pro/go/216668/456926
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://tryd.pro/go/216668/456926

Response headers

status
200
date
Fri, 20 Mar 2020 10:53:46 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d381addfd0d24fb47344e4a6d1044390c1584701626; expires=Sun, 19-Apr-20 10:53:46 GMT; path=/; domain=.301.es; HttpOnly; SameSite=Lax; Secure
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
576ee42ddc861f19-FRA
content-encoding
br

Redirect headers

Date
Fri, 20 Mar 2020 10:53:46 GMT
Content-Type
text/html; charset=utf-8
Content-Length
81
Connection
keep-alive
Server
nginx
Location
https://301.es/?http://trojadirecta.com/en/index1.html
Primary Request index1.html
trojadirecta.com/en/
9 KB
4 KB
Document
General
Full URL
http://trojadirecta.com/en/index1.html
Requested by
Host: 301.es
URL: https://301.es/?http://trojadirecta.com/en/index1.html
Protocol
HTTP/1.1
Server
136.244.81.144 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA, US),
Reverse DNS
136.244.81.144.vultr.com
Software
nginx /
Resource Hash
42f8f3096d400248219d21fe69c2d1c1946c478ec0469fa8f43a7c37c2bd1711

Request headers

Host
trojadirecta.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Fri, 20 Mar 2020 10:53:47 GMT
Content-Type
text/html
Last-Modified
Mon, 16 Mar 2020 11:41:21 GMT
Transfer-Encoding
chunked
Connection
keep-alive
ETag
W/"5e6f65e1-25fd"
Content-Encoding
gzip
css
fonts.googleapis.com/
9 KB
910 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,400,700,800,900
Requested by
Host: 301.es
URL: https://301.es/?http://trojadirecta.com/en/index1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 20 Mar 2020 10:53:46 GMT
server
ESF
date
Fri, 20 Mar 2020 10:53:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 20 Mar 2020 10:53:46 GMT
bootstrap.css
301.es/css/
143 KB
19 KB
Stylesheet
General
Full URL
https://301.es/css/bootstrap.css
Requested by
Host: 301.es
URL: https://301.es/?http://trojadirecta.com/en/index1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6812:380c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Fri, 20 Mar 2020 10:53:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jun 2019 07:53:43 GMT
server
cloudflare
age
4451
etag
W/"5cf8c687-23a5a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
576ee42f08071f19-FRA
style.css
301.es/css/
1 KB
552 B
Stylesheet
General
Full URL
https://301.es/css/style.css
Requested by
Host: 301.es
URL: https://301.es/?http://trojadirecta.com/en/index1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6812:380c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Fri, 20 Mar 2020 10:53:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jun 2019 07:53:44 GMT
server
cloudflare
age
4451
etag
W/"5cf8c688-5b3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
576ee42f080a1f19-FRA
301-logo.png
301.es/images/
13 KB
13 KB
Image
General
Full URL
https://301.es/images/301-logo.png
Requested by
Host: 301.es
URL: https://301.es/?http://trojadirecta.com/en/index1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6812:380c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 20 Mar 2020 10:53:46 GMT
cf-cache-status
HIT
last-modified
Thu, 06 Jun 2019 07:53:46 GMT
server
cloudflare
age
4451
etag
"5cf8c68a-3338"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
576ee42f080b1f19-FRA
content-length
13112
jquery.min.js
301.es/js/
85 KB
29 KB
Script
General
Full URL
https://301.es/js/jquery.min.js
Requested by
Host: 301.es
URL: https://301.es/?http://trojadirecta.com/en/index1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6812:380c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 20 Mar 2020 10:53:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jun 2019 07:53:49 GMT
server
cloudflare
age
4451
etag
W/"5cf8c68d-1538f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
576ee42f080f1f19-FRA
bootstrap.min.js
301.es/js/
50 KB
13 KB
Script
General
Full URL
https://301.es/js/bootstrap.min.js
Requested by
Host: 301.es
URL: https://301.es/?http://trojadirecta.com/en/index1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6812:380c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 20 Mar 2020 10:53:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jun 2019 07:53:48 GMT
server
cloudflare
age
3828
etag
W/"5cf8c68c-c75f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
576ee42f28761f19-FRA
script.js
301.es/js/
404 B
330 B
Script
General
Full URL
https://301.es/js/script.js
Requested by
Host: 301.es
URL: https://301.es/?http://trojadirecta.com/en/index1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6812:380c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 20 Mar 2020 10:53:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jun 2019 07:57:15 GMT
server
cloudflare
age
3827
etag
W/"5cf8c75b-194"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
576ee42f287f1f19-FRA
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: trojadirecta.com
URL: http://trojadirecta.com/en/index1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://trojadirecta.com/en/index1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 05 Feb 2020 05:24:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3821379
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
30306
x-xss-protection
0
last-modified
Fri, 24 Mar 2017 20:55:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Feb 2021 05:24:08 GMT
display.php
www.greatdexchange.com/a/
0
43 B
Script
General
Full URL
https://www.greatdexchange.com/a/display.php?r=2793675
Requested by
Host: trojadirecta.com
URL: http://trojadirecta.com/en/index1.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.201.103.0 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
0.103.201.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://trojadirecta.com/en/index1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

status
204
date
Fri, 20 Mar 2020 10:53:47 GMT
via
1.1 google
referrer-policy
no-referrer
server
openresty
access-control-allow-origin
*
alt-svc
clear
rojaadirecta.png
trojadirecta.com/en/
73 KB
73 KB
Image
General
Full URL
http://trojadirecta.com/en/rojaadirecta.png
Requested by
Host: trojadirecta.com
URL: http://trojadirecta.com/en/index1.html
Protocol
HTTP/1.1
Server
136.244.81.144 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA, US),
Reverse DNS
136.244.81.144.vultr.com
Software
nginx /
Resource Hash
4b1293b328fc1e048e97cdbaf4f0abd251001e9a3ec431ee851ae10ebc2f6ccf

Request headers

Referer
http://trojadirecta.com/en/index1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Mar 2020 10:53:47 GMT
Last-Modified
Fri, 13 Mar 2020 11:11:28 GMT
Server
nginx
ETag
"5e6b6a60-12348"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
74568
bet.gif
trojadirecta.com/en/
39 KB
40 KB
Image
General
Full URL
http://trojadirecta.com/en/bet.gif
Requested by
Host: trojadirecta.com
URL: http://trojadirecta.com/en/index1.html
Protocol
HTTP/1.1
Server
136.244.81.144 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA, US),
Reverse DNS
136.244.81.144.vultr.com
Software
nginx /
Resource Hash
a9dd6f002f8f169c0cb8e46c7ee8493c1a444257c00fb7c1bba31bf7bae52a6e

Request headers

Referer
http://trojadirecta.com/en/index1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Mar 2020 10:53:47 GMT
Last-Modified
Fri, 21 Feb 2020 16:38:24 GMT
Server
nginx
ETag
"5e500780-9de6"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
40422
ico.jpg
trojadirecta.com/en/
9 KB
9 KB
Image
General
Full URL
http://trojadirecta.com/en/ico.jpg
Requested by
Host: trojadirecta.com
URL: http://trojadirecta.com/en/index1.html
Protocol
HTTP/1.1
Server
136.244.81.144 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA, US),
Reverse DNS
136.244.81.144.vultr.com
Software
nginx /
Resource Hash
700e58551da99e1a2af45394d6b252d420379ac42174d37757941bf577915c46

Request headers

Referer
http://trojadirecta.com/en/index1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Mar 2020 10:53:47 GMT
Last-Modified
Tue, 12 Jun 2018 12:30:50 GMT
Server
nginx
ETag
"5b1fbcfa-2310"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8976
display.php
www.greatdexchange.com/a/
0
96 B
Script
General
Full URL
https://www.greatdexchange.com/a/display.php?r=2789759
Requested by
Host: trojadirecta.com
URL: http://trojadirecta.com/en/index1.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.201.103.0 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
0.103.201.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://trojadirecta.com/en/index1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

status
204
date
Fri, 20 Mar 2020 10:53:47 GMT
via
1.1 google
referrer-policy
no-referrer
server
openresty
access-control-allow-origin
*
alt-svc
clear
s.js
waust.at/
7 KB
4 KB
Script
General
Full URL
http://waust.at/s.js
Requested by
Host: trojadirecta.com
URL: http://trojadirecta.com/en/index1.html
Protocol
HTTP/1.1
Server
185.225.208.133 , Germany, ASN13213 (UK2NET-AS, GB),
Reverse DNS
Software
/
Resource Hash
cab040fc133814c4dd30f8c70b2dd7d4a7aa5a5f2bc5078b67e4c76c7f715119

Request headers

Referer
http://trojadirecta.com/en/index1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Mar 2020 10:53:48 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Mar 2020 07:48:50 GMT
ETag
W/"5e747562-1da0"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, private
Connection
keep-alive
Expires
Sat, 21 Mar 2020 10:53:48 GMT
webmasters.php
livetv.sx/export/ Frame D717
0
0
Document
General
Full URL
http://livetv.sx/export/webmasters.php?s=0&lang=en
Requested by
Host: trojadirecta.com
URL: http://trojadirecta.com/en/index1.html
Protocol
HTTP/1.1
Server
185.39.10.6 , Switzerland, ASN62355 (NETWORKDEDICATED, CH),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash

Request headers

Host
livetv.sx
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://trojadirecta.com/en/index1.html
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://trojadirecta.com/en/index1.html

Response headers

Server
nginx/1.2.1
Date
Fri, 20 Mar 2020 10:53:47 GMT
Content-Type
text/html
Content-Length
2368
Connection
keep-alive
Vary
Accept-Encoding
Content-Encoding
gzip
js15_as.js
s10.histats.com/
11 KB
5 KB
Script
General
Full URL
http://s10.histats.com/js15_as.js
Requested by
Host: trojadirecta.com
URL: http://trojadirecta.com/en/index1.html
Protocol
HTTP/1.1
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
1f730c8b78091c3479abc2fb805b9093138f05acd0de421b8da96389cbbb9668

Request headers

Referer
http://trojadirecta.com/en/index1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Mar 2020 10:48:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Dec 2018 14:12:12 GMT
X-CDN-Pop-IP
51.254.41.128/26
ETag
"-139234964"
X-Cacheable
Matched cache
Vary
Accept-Encoding
X-IPLB-Instance
32087
Content-Type
text/javascript
X-CDN-Pop
rbx1
Accept-Ranges
bytes
Content-Length
4525
X-Request-ID
229409212
todaygames.html
trojadirecta.com/schedule/ Frame 349B
2 KB
951 B
Document
General
Full URL
http://trojadirecta.com/schedule/todaygames.html
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol
HTTP/1.1
Server
136.244.81.144 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA, US),
Reverse DNS
136.244.81.144.vultr.com
Software
nginx /
Resource Hash
7fa1a72efcbc6e99b1b1f1e71f5f55708f7f59f26e73a50f018cf64c7c01feac

Request headers

Host
trojadirecta.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://trojadirecta.com/en/index1.html
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://trojadirecta.com/en/index1.html

Response headers

Server
nginx
Date
Fri, 20 Mar 2020 10:53:47 GMT
Content-Type
text/html
Last-Modified
Thu, 19 Mar 2020 16:38:44 GMT
Transfer-Encoding
chunked
Connection
keep-alive
ETag
W/"5e73a014-8b2"
Content-Encoding
gzip
4381349.php
s4.histats.com/stats/
63 B
334 B
Script
General
Full URL
http://s4.histats.com/stats/4381349.php?4381349&@f16&@g1&@h1&@i1&@j1584701627282&@k0&@l1&@mTrojadirecta%20-%20Free%20Live%20Sport%20Streams&@n0&@o1000&@q0&@r0&@s24&@ten-US&@u1600&@b1:22146194&@b3:1584701627&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttp%3A%2F%2Ftrojadirecta.com%2Fen%2Findex1.html&@w
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Server
198.27.80.143 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns558056.ip-198-27-80.net
Software
/
Resource Hash
4eec30883a796c2fa61cd893545906741c93ed0cea6736f20635325fdaa0dda8

Request headers

Referer
http://trojadirecta.com/en/index1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Mar 2020 10:53:47 GMT
Connection
close
Content-Length
63
Content-Type
text/html;charset=UTF-8
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ Frame 349B
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: trojadirecta.com
URL: http://trojadirecta.com/schedule/todaygames.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://trojadirecta.com/schedule/todaygames.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 05 Feb 2020 05:24:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3821379
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
30306
x-xss-protection
0
last-modified
Fri, 24 Mar 2017 20:55:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Feb 2021 05:24:08 GMT
/
widgets.amung.us/draw/ Frame 349B
Redirect Chain
  • http://whos.amung.us/cwidget/cegtwksous/000000ffffff.png
  • http://widgets.amung.us/draw/?w=colored&n=92&c=000000ffffff&p=
1 KB
2 KB
Image
General
Full URL
http://widgets.amung.us/draw/?w=colored&n=92&c=000000ffffff&p=
Requested by
Host: trojadirecta.com
URL: http://trojadirecta.com/schedule/todaygames.html
Protocol
HTTP/1.1
Server
185.225.208.133 , Germany, ASN13213 (UK2NET-AS, GB),
Reverse DNS
Software
/
Resource Hash
66eb4d2c5d4da6e6a3663ee4b304fc5ed463521f897cd738a8e068dad54d137f

Request headers

Referer
http://trojadirecta.com/schedule/todaygames.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Mar 2020 10:53:48 GMT
Transfer-Encoding
chunked
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, private
Content-Disposition
filename=wau-widget.png
Connection
close
Expires
Sat, 21 Mar 2020 10:53:48 GMT

Redirect headers

location
http://widgets.amung.us/draw/?w=colored&n=92&c=000000ffffff&p=
date
Fri, 20 Mar 2020 10:53:47 GMT
cache-control
no-cache, no-store, must-revalidate
transfer-encoding
chunked
content-type
text/html; charset=UTF-8
/
301.es/ Frame 6C18
0
0
Document
General
Full URL
https://301.es/?http://livesportzonline.com/live/index1.html
Requested by
Host: trojadirecta.com
URL: http://trojadirecta.com/schedule/todaygames.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6812:380c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
301.es
:scheme
https
:path
/?http://livesportzonline.com/live/index1.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe

Response headers

status
200
date
Fri, 20 Mar 2020 10:53:47 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=db037db68b07c2dd238aee348979ccbf71584701627; expires=Sun, 19-Apr-20 10:53:47 GMT; path=/; domain=.301.es; HttpOnly; SameSite=Lax; Secure
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
576ee432b94a1f19-FRA
content-encoding
br
/
301.es/ Frame EBF8
0
0
Document
General
Full URL
https://301.es/?http://trojadirecta.com/today/index.html
Requested by
Host: trojadirecta.com
URL: http://trojadirecta.com/schedule/todaygames.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6812:380c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
301.es
:scheme
https
:path
/?http://trojadirecta.com/today/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe

Response headers

status
200
date
Fri, 20 Mar 2020 10:53:47 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=db037db68b07c2dd238aee348979ccbf71584701627; expires=Sun, 19-Apr-20 10:53:47 GMT; path=/; domain=.301.es; HttpOnly; SameSite=Lax; Secure
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
576ee432b94d1f19-FRA
content-encoding
br
/
301.es/ Frame 0BA7
0
0
Document
General
Full URL
https://301.es/?http://livesportzonline.com/footy-hd.html
Requested by
Host: trojadirecta.com
URL: http://trojadirecta.com/schedule/todaygames.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6812:380c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
301.es
:scheme
https
:path
/?http://livesportzonline.com/footy-hd.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe

Response headers

status
200
date
Fri, 20 Mar 2020 10:53:47 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=db037db68b07c2dd238aee348979ccbf71584701627; expires=Sun, 19-Apr-20 10:53:47 GMT; path=/; domain=.301.es; HttpOnly; SameSite=Lax; Secure
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
576ee432b9501f19-FRA
content-encoding
br
/
301.es/ Frame E1F3
0
0
Document
General
Full URL
https://301.es/?http://sportsstreems.com/live-hd.html
Requested by
Host: trojadirecta.com
URL: http://trojadirecta.com/schedule/todaygames.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6812:380c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
301.es
:scheme
https
:path
/?http://sportsstreems.com/live-hd.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe

Response headers

status
200
date
Fri, 20 Mar 2020 10:53:47 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=db037db68b07c2dd238aee348979ccbf71584701627; expires=Sun, 19-Apr-20 10:53:47 GMT; path=/; domain=.301.es; HttpOnly; SameSite=Lax; Secure
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
576ee432b95b1f19-FRA
content-encoding
br
/
301.es/ Frame 2216
0
0
Document
General
Full URL
https://301.es/?http://thefromhots.com/rugby.html
Requested by
Host: trojadirecta.com
URL: http://trojadirecta.com/schedule/todaygames.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6812:380c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
301.es
:scheme
https
:path
/?http://thefromhots.com/rugby.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe

Response headers

status
200
date
Fri, 20 Mar 2020 10:53:47 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=db037db68b07c2dd238aee348979ccbf71584701627; expires=Sun, 19-Apr-20 10:53:47 GMT; path=/; domain=.301.es; HttpOnly; SameSite=Lax; Secure
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
576ee432b9601f19-FRA
content-encoding
br
/
301.es/ Frame 0E3A
0
0
Document
General
Full URL
https://301.es/?http://trojadirecta.com/za1.html
Requested by
Host: trojadirecta.com
URL: http://trojadirecta.com/schedule/todaygames.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6812:380c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
301.es
:scheme
https
:path
/?http://trojadirecta.com/za1.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe

Response headers

status
200
date
Fri, 20 Mar 2020 10:53:47 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=db037db68b07c2dd238aee348979ccbf71584701627; expires=Sun, 19-Apr-20 10:53:47 GMT; path=/; domain=.301.es; HttpOnly; SameSite=Lax; Secure
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
576ee432b9691f19-FRA
content-encoding
br
/
301.es/ Frame 1C42
0
0
Document
General
Full URL
https://301.es/?http://streamhunter.site/gumgum.html
Requested by
Host: trojadirecta.com
URL: http://trojadirecta.com/schedule/todaygames.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6812:380c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
301.es
:scheme
https
:path
/?http://streamhunter.site/gumgum.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe

Response headers

status
200
date
Fri, 20 Mar 2020 10:53:47 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=db037db68b07c2dd238aee348979ccbf71584701627; expires=Sun, 19-Apr-20 10:53:47 GMT; path=/; domain=.301.es; HttpOnly; SameSite=Lax; Secure
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
576ee432b9701f19-FRA
content-encoding
br
cc_24.js
s10.histats.com/counters/
15 KB
7 KB
Script
General
Full URL
http://s10.histats.com/counters/cc_24.js
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
661a80feb942484be1fd82ba9ede119164168d45b811189755fcbe9f12c12574

Request headers

Referer
http://trojadirecta.com/en/index1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Mar 2020 10:52:09 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Dec 2018 14:13:29 GMT
X-CDN-Pop-IP
51.254.41.128/26
ETag
"-184721671"
X-Cacheable
Matched cache
Vary
Accept-Encoding
X-IPLB-Instance
32087
Content-Type
text/javascript
X-CDN-Pop
rbx1
Accept-Ranges
bytes
Content-Length
6520
X-Request-ID
998936593
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ Frame EBF8
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: trojadirecta.com
URL: http://trojadirecta.com/today/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://trojadirecta.com/today/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 05 Feb 2020 05:24:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3821379
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
30306
x-xss-protection
0
last-modified
Fri, 24 Mar 2017 20:55:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Feb 2021 05:24:08 GMT
display.php
www.greatdexchange.com/a/ Frame EBF8
0
43 B
Script
General
Full URL
https://www.greatdexchange.com/a/display.php?r=2793675
Requested by
Host: trojadirecta.com
URL: http://trojadirecta.com/today/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.201.103.0 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
0.103.201.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://trojadirecta.com/today/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

status
204
date
Fri, 20 Mar 2020 10:53:47 GMT
via
1.1 google
referrer-policy
no-referrer
server
openresty
access-control-allow-origin
*
alt-svc
clear
rojaadirecta.png
trojadirecta.com/today/ Frame EBF8
73 KB
73 KB
Image
General
Full URL
http://trojadirecta.com/today/rojaadirecta.png
Requested by
Host: trojadirecta.com
URL: http://trojadirecta.com/today/index.html
Protocol
HTTP/1.1
Server
136.244.81.144 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA, US),
Reverse DNS
136.244.81.144.vultr.com
Software
nginx /
Resource Hash
4b1293b328fc1e048e97cdbaf4f0abd251001e9a3ec431ee851ae10ebc2f6ccf

Request headers

Referer
http://trojadirecta.com/today/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Mar 2020 10:53:47 GMT
Last-Modified
Fri, 13 Mar 2020 11:11:28 GMT
Server
nginx
ETag
"5e6b6a60-12348"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
74568
bet.gif
trojadirecta.com/today/ Frame EBF8
39 KB
40 KB
Image
General
Full URL
http://trojadirecta.com/today/bet.gif
Requested by
Host: trojadirecta.com
URL: http://trojadirecta.com/today/index.html
Protocol
HTTP/1.1
Server
136.244.81.144 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA, US),
Reverse DNS
136.244.81.144.vultr.com
Software
nginx /
Resource Hash
a9dd6f002f8f169c0cb8e46c7ee8493c1a444257c00fb7c1bba31bf7bae52a6e

Request headers

Referer
http://trojadirecta.com/today/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Mar 2020 10:53:47 GMT
Last-Modified
Fri, 21 Feb 2020 16:38:24 GMT
Server
nginx
ETag
"5e500780-9de6"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
40422
ico.jpg
trojadirecta.com/today/ Frame EBF8
9 KB
9 KB
Image
General
Full URL
http://trojadirecta.com/today/ico.jpg
Requested by
Host: trojadirecta.com
URL: http://trojadirecta.com/today/index.html
Protocol
HTTP/1.1
Server
136.244.81.144 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA, US),
Reverse DNS
136.244.81.144.vultr.com
Software
nginx /
Resource Hash
700e58551da99e1a2af45394d6b252d420379ac42174d37757941bf577915c46

Request headers

Referer
http://trojadirecta.com/today/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Mar 2020 10:53:47 GMT
Last-Modified
Tue, 12 Jun 2018 12:30:50 GMT
Server
nginx
ETag
"5b1fbcfa-2310"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8976
display.php
www.greatdexchange.com/a/ Frame EBF8
0
43 B
Script
General
Full URL
https://www.greatdexchange.com/a/display.php?r=2789759
Requested by
Host: trojadirecta.com
URL: http://trojadirecta.com/today/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.201.103.0 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
0.103.201.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://trojadirecta.com/today/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

status
204
date
Fri, 20 Mar 2020 10:53:47 GMT
via
1.1 google
referrer-policy
no-referrer
server
openresty
access-control-allow-origin
*
alt-svc
clear
s.js
waust.at/ Frame EBF8
7 KB
4 KB
Script
General
Full URL
http://waust.at/s.js
Requested by
Host: trojadirecta.com
URL: http://trojadirecta.com/today/index.html
Protocol
HTTP/1.1
Server
185.225.208.133 , Germany, ASN13213 (UK2NET-AS, GB),
Reverse DNS
Software
/
Resource Hash
cab040fc133814c4dd30f8c70b2dd7d4a7aa5a5f2bc5078b67e4c76c7f715119

Request headers

Referer
http://trojadirecta.com/today/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Mar 2020 10:53:48 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Mar 2020 07:48:50 GMT
ETag
W/"5e747562-1da0"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, private
Connection
keep-alive
Expires
Sat, 21 Mar 2020 10:53:48 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ Frame 0E3A
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: trojadirecta.com
URL: http://trojadirecta.com/za1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://trojadirecta.com/za1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 05 Feb 2020 05:24:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3821379
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
30306
x-xss-protection
0
last-modified
Fri, 24 Mar 2017 20:55:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Feb 2021 05:24:08 GMT
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b4533715235244b5f4400b78c06fd2cb50a0e2eed78c93b5ad934b253e921f6b

Request headers

Referer
http://trojadirecta.com/en/index1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
/
301.es/ Frame 6D07
0
0
Document
General
Full URL
https://301.es/?http://trojadirecta.com/rojaa.html
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6812:380c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
301.es
:scheme
https
:path
/?http://trojadirecta.com/rojaa.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe

Response headers

status
200
date
Fri, 20 Mar 2020 10:53:47 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=db037db68b07c2dd238aee348979ccbf71584701627; expires=Sun, 19-Apr-20 10:53:47 GMT; path=/; domain=.301.es; HttpOnly; SameSite=Lax; Secure
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
576ee4347e6d1f19-FRA
content-encoding
br
/
www.primevideo.com/ Frame 5618
Redirect Chain
  • http://adrunnr.com/?placement=406094&redirect
  • https://c.clickwork7secure.com/?a=18973&c=72074&E=XUuEACa3ugk%3D&s1=
  • https://www.primevideo.com/?ref_=dvm_ass_mem_be_mf_s_Cwcpa6
0
0
Document
General
Full URL
https://www.primevideo.com/?ref_=dvm_ass_mem_be_mf_s_Cwcpa6
Requested by
Host: trojadirecta.com
URL: http://trojadirecta.com/rojaa.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.206.5 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-206-5.fra53.r.cloudfront.net
Software
Server /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.primevideo.com
:scheme
https
:path
/?ref_=dvm_ass_mem_be_mf_s_Cwcpa6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://trojadirecta.com/rojaa.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://trojadirecta.com/rojaa.html

Response headers

status
200
content-type
text/html; charset=UTF-8
server
Server
date
Fri, 20 Mar 2020 10:53:49 GMT
x-amz-id-1
A2ZXJZNRP925AGBN41JY
x-av-id-2
u8HDs4mEJq20qOa1HmxOJVoSMLeOS6gcXzAIkaDGf8ZBQxqpvmN1l4ye/RqUA/JO
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment
content-encoding
gzip
set-cookie
x-wl-uid=1iKquiOk82nxhA3n5hxYJjzh0IT+cm5nfCsufZGVbgqY8WXjsRekjHDh4OOP0k2O7Op77CYGu/fo=; path=/; domain=.primevideo.com; expires=Tue, 01-Jan-2036 00:00:01 GMT session-id-time=2082758401l; path=/; domain=.primevideo.com; expires=Tue, 01-Jan-2036 00:00:01 GMT session-id=260-5623572-8023352; path=/; domain=.primevideo.com; expires=Tue, 01-Jan-2036 00:00:01 GMT lc-main-av=nl_NL; path=/; domain=.primevideo.com; expires=Tue, 01-Jan-2036 00:00:01 GMT
x-amz-rid
A2ZXJZNRP925AGBN41JY
x-cache
Miss from cloudfront
via
1.1 d16428714e022976873ccc980fdc1289.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
gZ9FScEjJEFEjCYiaAfoYcVi_svMGbNAql2hl97pAT-oj0w-oOFQZQ==

Redirect headers

Content-Length
82
Content-Type
text/html; charset=utf-8
Date
Fri, 20 Mar 2020 10:53:48 GMT
Location
https://www.primevideo.com/?ref_=dvm_ass_mem_be_mf_s_Cwcpa6
Set-Cookie
trk=uLEp3Vmp1fAfVNhJb9P7IKzxjLk481GRZHf234/fK3KNzq0QRmFv/JpeuCPiLTnZIVnD9uzWuhc=; Domain=.clickwork7secure.com; Expires=Sun, 20 Mar 2022 10:53:48 GMT; HttpOnly sid=uLEp3Vmp1fAfVNhJb9P7IIrz5xwr+U8wZHf234/fK3KNzq0QRmFv/JpeuCPiLTnZIqA9yV6hYaI=; Domain=.clickwork7secure.com; HttpOnly x22394=dH5vGTDcecZjL/n4pSaIbvi/rMorxlWzP3ES+sd3+DZ8mckav0u4fQ9A8OseOQJPJfVgqFgmyj+Ypoxyn7857o8l16ZgocEF0fYxp5UVuDgy6ODzh/3MQDkNJuT0AqxQOfIXozqYdk6wpGSIMP6xgAXqy1wdkAZxZzsqv2rgqRLiTSi77YYU2j9Y/lXhH6j+sb9BSa92yoJc1qX8amfyokP3G9KV0x7GusyZvKbHniKi578dIYn8Bfit0Bpp6+LP84yaxQUxru3eYde5ew9OMhEJvNLlGrQvx7Tho64raOAbD8uhBmrTHnm9mHuHIrqPO11xeA4A+gAXDsJLa0T7bf6Qj3ojLUkS3m+yXkCIP/q0H1X8JqhwZ+mHGvq576cQ0+L4oglS7U0H25NMxLV3iy1vKNB+0LLjyQ7mAwEfGzXv3uSgzvzfJN4eVQKmaPmAR7rojVPcoVZQlZXtbocCJTd24aexArq5GiZZZZIdefuySGkhaon+DJMQnFFAp2Uk/r7q5VgNo2aI19Pzk8xI02GXsdb2bCJntndLV3Rzmpv62rlk5YPGz+AgQ0QpH3xJ; Domain=.clickwork7secure.com; Expires=Sun, 19 Apr 2020 10:53:48 GMT; HttpOnly
X-Ckt
bpqa1f64n5qsmlvm7plg
X-Ray
bpqa1f64n5qsmlvm7pjg
Connection
close
/
www.primevideo.com/ Frame 355A
Redirect Chain
  • http://adrunnr.com/?placement=406094&redirect
  • https://c.clickwork7secure.com/?a=18973&c=72074&E=XUuEACa3ugk%3D&s1=
  • https://www.primevideo.com/?ref_=dvm_ass_mem_be_mf_s_Cwcpa6
0
0
Document
General
Full URL
https://www.primevideo.com/?ref_=dvm_ass_mem_be_mf_s_Cwcpa6
Requested by
Host: trojadirecta.com
URL: http://trojadirecta.com/rojaa.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.206.5 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-206-5.fra53.r.cloudfront.net
Software
Server /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.primevideo.com
:scheme
https
:path
/?ref_=dvm_ass_mem_be_mf_s_Cwcpa6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://trojadirecta.com/rojaa.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
x-wl-uid=1iKquiOk82nxhA3n5hxYJjzh0IT+cm5nfCsufZGVbgqY8WXjsRekjHDh4OOP0k2O7Op77CYGu/fo=; session-id-time=2082758401l; session-id=260-5623572-8023352; lc-main-av=nl_NL
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://trojadirecta.com/rojaa.html

Response headers

status
200
content-type
text/html; charset=UTF-8
server
Server
date
Fri, 20 Mar 2020 10:53:51 GMT
x-amz-id-1
91FKXAXSGD9FVBXD8GNY
x-av-id-2
EIUWzQLY72Jrx9uMEJY+3oNXl4Ag/E03Zesz88amrfrWWdGm2SvsJejE47H5Mf8I
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment
content-encoding
gzip
set-cookie
ubid-main-av=262-1503550-9043507; path=/; domain=.primevideo.com; expires=Tue, 01-Jan-2036 00:00:01 GMT session-id-time=2082758401l; path=/; domain=.primevideo.com; expires=Tue, 01-Jan-2036 00:00:01 GMT session-id=260-5623572-8023352; path=/; domain=.primevideo.com; expires=Tue, 01-Jan-2036 00:00:01 GMT
x-amz-rid
91FKXAXSGD9FVBXD8GNY
x-cache
Miss from cloudfront
via
1.1 d16428714e022976873ccc980fdc1289.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
OGYBLtMjNodkraNMz45nS_xH3UeFnvqxM9aewRZlNJitfyvZwpnLdg==

Redirect headers

Content-Length
82
Content-Type
text/html; charset=utf-8
Date
Fri, 20 Mar 2020 10:53:51 GMT
Location
https://www.primevideo.com/?ref_=dvm_ass_mem_be_mf_s_Cwcpa6
Set-Cookie
trk=DuEbOCWAWfTjh04U9q1mQ8G6UT9FaQhHZHf234/fK3K2BRSo0GnN1EvHhCAf387PIVnD9uzWuhc=; Domain=.clickwork7secure.com; Expires=Sun, 20 Mar 2022 10:53:51 GMT; HttpOnly sid=DuEbOCWAWfTjh04U9q1mQ4IyfnN95lHVZHf234/fK3K2BRSo0GnN1EvHhCAf387PIqA9yV6hYaI=; Domain=.clickwork7secure.com; HttpOnly x22394=dH5vGTDcecZjL/n4pSaIbl0Mc+/G1bCQdq5s3rkt6118mckav0u4fQ9A8OseOQJPJfVgqFgmyj+Ypoxyn7857o8l16ZgocEF0fYxp5UVuDgy6ODzh/3MQDkNJuT0AqxQOfIXozqYdk6wpGSIMP6xgAXqy1wdkAZxZzsqv2rgqRLiTSi77YYU2j9Y/lXhH6j+sb9BSa92yoJc1qX8amfyokP3G9KV0x7GusyZvKbHniKi578dIYn8Bfit0Bpp6+LP84yaxQUxru3eYde5ew9OMhEJvNLlGrQvx7Tho64raOAbD8uhBmrTHnm9mHuHIrqPO11xeA4A+gAXDsJLa0T7bf6Qj3ojLUkS3m+yXkCIP/q0H1X8JqhwZ+mHGvq576cQ0+L4oglS7U0H25NMxLV3iy1vKNB+0LLjyQ7mAwEfGzXv3uSgzvzfJN4eVQKmaPmAR7rojVPcoVZ2wtodoKnkkRnCHWprdEit9+WOemebqk2ySGkhaon+DJMQnFFAp2Uk/r7q5VgNo2aI19Pzk8xI02GXsdb2bCJntndLV3Rzmpv62rlk5YPGz+AgQ0QpH3xJ; Domain=.clickwork7secure.com; Expires=Sun, 19 Apr 2020 10:53:51 GMT; HttpOnly
X-Ckt
bpqa1fp96fqsccg327f0
X-Ray
bpqa1fp96fqsccg327d0
Connection
close
/
c.clickwork7secure.com/ Frame 65D0
Redirect Chain
  • http://adrunnr.com/?placement=406145&redirect
  • https://c.clickwork7secure.com/?a=18973&c=72074&E=XUuEACa3ugk%3D&s1=
0
0

/
c.clickwork7secure.com/ Frame 357E
Redirect Chain
  • http://adrunnr.com/?placement=406145&redirect
  • https://c.clickwork7secure.com/?a=18973&c=72074&E=XUuEACa3ugk%3D&s1=
0
0

webmasters.php
livetv.sx/export/ Frame 188C
0
0
Document
General
Full URL
http://livetv.sx/export/webmasters.php?s=0&lang=en
Requested by
Host: trojadirecta.com
URL: http://trojadirecta.com/today/index.html
Protocol
HTTP/1.1
Server
185.39.10.6 , Switzerland, ASN62355 (NETWORKDEDICATED, CH),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash

Request headers

Host
livetv.sx
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://trojadirecta.com/today/index.html
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
__utma=32281891.1700873854.1584701628.1584701628.1584701628.1; __utmc=32281891; __utmz=32281891.1584701628.1.1.utmcsr=livesportzonline.com|utmccn=(referral)|utmcmd=referral|utmcct=/live/index1.html; __utmt=1; __utmb=32281891.1.10.1584701628
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://trojadirecta.com/today/index.html

Response headers

Server
nginx/1.2.1
Date
Fri, 20 Mar 2020 10:53:52 GMT
Content-Type
text/html
Content-Length
2368
Connection
keep-alive
Vary
Accept-Encoding
Content-Encoding
gzip
next.php
www.greatdexchange.com/jump/ Frame BFFD
Redirect Chain
  • http://en.trojadirecta.com/
  • https://www.greatdexchange.com/jump/next.php?stamat=m%7C%2C0oiOio3drB1dQK0dEdHP3xP.c1c%2C6MxHSjjFnoGNyc5q8sQ5eQ%2C%2C&cbrandom=0.007749088201456367&cbtitle=&cbWidth=1350&cbHeight=641&cbdescription=...
0
0
Document
General
Full URL
https://www.greatdexchange.com/jump/next.php?stamat=m%7C%2C0oiOio3drB1dQK0dEdHP3xP.c1c%2C6MxHSjjFnoGNyc5q8sQ5eQ%2C%2C&cbrandom=0.007749088201456367&cbtitle=&cbWidth=1350&cbHeight=641&cbdescription=&cbkeywords=&cbref=http%3A%2F%2Ftrojadirecta.com
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.201.103.0 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
0.103.201.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

:method
GET
:authority
www.greatdexchange.com
:scheme
https
:path
/jump/next.php?stamat=m%7C%2C0oiOio3drB1dQK0dEdHP3xP.c1c%2C6MxHSjjFnoGNyc5q8sQ5eQ%2C%2C&cbrandom=0.007749088201456367&cbtitle=&cbWidth=1350&cbHeight=641&cbdescription=&cbkeywords=&cbref=http%3A%2F%2Ftrojadirecta.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://trojadirecta.com/today/index.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
about:blank

Response headers

status
204
server
openresty
date
Fri, 20 Mar 2020 10:53:52 GMT
access-control-allow-origin
*
referrer-policy
no-referrer
via
1.1 google
alt-svc
clear

Redirect headers

Server
nginx/1.12.2
Date
Fri, 20 Mar 2020 10:53:52 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
close
Location
https://www.greatdexchange.com/jump/next.php?stamat=m%7C%2C0oiOio3drB1dQK0dEdHP3xP.c1c%2C6MxHSjjFnoGNyc5q8sQ5eQ%2C%2C&cbrandom=0.007749088201456367&cbtitle=&cbWidth=1350&cbHeight=641&cbdescription=&cbkeywords=&cbref=http%3A%2F%2Ftrojadirecta.com
/
whos.amung.us/pingjs/
29 B
213 B
Script
General
Full URL
http://whos.amung.us/pingjs/?k=c2wxsdu51y&t=Trojadirecta%20-%20Free%20Live%20Sport%20Streams&c=s&y=&a=0&d=0.496&v=22&r=1004
Requested by
Host: waust.at
URL: http://waust.at/s.js
Protocol
HTTP/1.1
Server
67.202.94.94 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
amung.us
Software
/
Resource Hash
c97d158cb236628111880eaaf94efa8ffd54e09e4d8fb0f2c689d80404443a48

Request headers

Referer
http://trojadirecta.com/en/index1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Mar 2020 10:53:48 GMT
content-encoding
gzip
transfer-encoding
chunked
content-type
text/javascript;charset=UTF-8
/
whos.amung.us/pingjs/ Frame EBF8
29 B
213 B
Script
General
Full URL
http://whos.amung.us/pingjs/?k=ftzymlikzi&t=TrojaDirecta%20-%20Free%20Live%20Sport%20Streams&c=s&y=&a=0&d=0.225&v=22&r=8033
Requested by
Host: waust.at
URL: http://waust.at/s.js
Protocol
HTTP/1.1
Server
67.202.94.94 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
amung.us
Software
/
Resource Hash
e3fd802d5fac4cca9bf9953b17ac5075788c1a5435132823cb8050d2ecb15657

Request headers

Referer
http://trojadirecta.com/today/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Mar 2020 10:53:48 GMT
content-encoding
gzip
transfer-encoding
chunked
content-type
text/javascript;charset=UTF-8
truncated
/
439 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

Request headers

Referer
http://trojadirecta.com/en/index1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ Frame EBF8
439 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

Request headers

Referer
http://trojadirecta.com/today/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
track.kikenzo.com
URL
http://track.kikenzo.com/redirect?target=BASE64aHR0cHM6Ly9zby5zbHl0cmswMy5jb20vdC9jbGs_aWQ9ejc2Q21aZ3NOeThmeG1qQXNZJnMyPXc2dG0yczFjZnEzczhpb3QxOHZxNHNmMg&ts=1584701622655&hash=WjgtpIcW193U_2PtKOgeIeJ-sg30jyoLTrmW0hNFw5A&rm=DJ
Domain
so.slytrk03.com
URL
https://so.slytrk03.com/t/clk?id=z76CmZgsNy8fxmjAsY&s2=w6tm2s1cfq3s8iot18vq4sf2
Domain
tryd.pro
URL
http://tryd.pro/go/216668/456926?
Domain
c.clickwork7secure.com
URL
https://c.clickwork7secure.com/?a=18973&c=72074&E=XUuEACa3ugk%3D&s1=
Domain
c.clickwork7secure.com
URL
https://c.clickwork7secure.com/?a=18973&c=72074&E=XUuEACa3ugk%3D&s1=

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery number| prevent_bust object| _wau object| _Hasync function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_24_setValues boolean| _value_RETURN_BUILDER function| _HistatsCounterGraphics_24 function| histats_canvascounters_base.js object| WAU_ren function| WAU_small function| WAU_small_request function| WAU_r_s function| WAU_insert function| WAU_legacy_b function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_cps function| docReady object| x string| x1 string| x2

6 Cookies

Domain/Path Name / Value
yltenim.com/ Name: SERVERID
Value: sfc16
.yltenim.com/ Name: aacac604157db4a82a93047a70262023_1584701624.6948_ck
Value: ck1JbktjM2d5ZHdqZ0pMbmNTTC83bDFxSmdQaVRNRkJMVEpDZ01Cclk0UElIdkt6dGhLZjhqdjJ3bjFPUWl5VUVqaGJEVVZTNnhGb0owem54OTFpRk94NDZMRDhnb0oyZHF5YTU2NyttUWxhME4wOVQrckdzNnRocCtTMTh5aVpXMDZLbVFKcHFrTmo0dEFlaHFjb3VEY1ZENG1ib1pqQjllTjhXaDV5S3JHNzk3K3hrS0FSay9lTFVSeEgvTkg2OFpQSUV6cG5TYUQvb0t5NzVvUlY1S2tkZUFFQi9KUmtuMHFacEkyc1Mya1BEMGJGRkdyYk9QcmR6QnFUcytUS0Q2bTZ3aUk3bGhZV1B1dXdSTjhUY2wrVmUzMElTd1RPV0lNbmhUNEdscUJRK25YcVczQ0Y5SGVNaFg4bkJNb2gzQlhlTzlBNHh5SkVlK1NqMGc1Q21qMmY5NDE0T0FUWVFGbVpLQW9hM3NnMGJHVWVmazkzUk1aQWFWa2hZTjcvdmdlL3lSUm5FNDJXWUdFdTlzUityUWwyMWIwNVNBZVlHa1F4Vm12V2lFY1dYd0FBVDVsRmh6ZUdpY1BudU5sWnBaamZWOW1Pd1pBRVRtR0hLRm41WitiOW1acmh4RzVBUUxWUDVQMHo5RjBBVlJwVTV3U2ZSM1U2bS9kamplcmZqdmJja0h6dnliejZZbzJzQzBpamhkTEF4bzZFZFJmcHB0Mldrc0tMM1VnN2F4MWM1K21iNnVMTlp6WEZmbll1RFlrbjlnK2JvcGRXY1hxMEJlTW5iZWU2M1hCOVZaRWRQZTdFRnJyWGszcGxFZlVNNml0MzNHWUZpS083QjZ0Q1ZxclZSV0Y4VGpERGIwMlEvOExLOEt0RCtvak5IbTlueExPYXhiRGV3RElOeFRkWWxYck53S0tQZkdRdDlOVml2QmlCUTVuQ2lMZkZ1RjBUWitFaWtDb2kxN3Fpa1lIb3dSeEFUVWRIY05DN3NEd2ljY01uMXdQdzV3cXNhQ3Z5MjJ1UGUwSzV5cnJwV1RJaFVQWFpxbklqTHpNWVdBUkx0Q3ZSSStyWm5uUlNRa1gxZEQ0UktqV3JwSEp0ZzZDL0l4NkxiNUMzSytJNmczWGo2RjVkbG15MWhlcXN6bkUya3ZjcEhVM0dac3hwcE9XelBaRGJBMzlneTAzd0FJUEIyN0ZIOUxGSkNBV29xRDdxNDdNVTkxNWxpS3lyQm13Q0xIT2tzK0ZNazFXSjZKbVM5Q0RNc0FKbkxnVmx4dGZMc2dHblZ3b3JlaTV5eWJjUjl4UU0wR01nM2xvOFFoakxESy9vSVBIeURjYzhoZmEwcWYvR3FyRW0zbEVUcytKdQ%3D%3D
.yltenim.com/ Name: TR7A3jMiISYwstsFmTB2nnIHQbldWUy4oIejVz55dlg%3D
Value: aacac604157db4a82a93047a70262023_1584701624.6948
.yltenim.com/ Name: vHgNpuORtFmyejMz%2Fu4SCq%2BJuUygP9Fo7yvtcHxZqjM%3D
Value: WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3YWE5TktBZG83R1I1NlQ0R0tBOUhIMTU4OGk1dUpJVXgrZnRSMVVUdXZKcQ%3D%3D
.yltenim.com/ Name: b5lq9eygwZllzl4luI4VBgQgNE5fCh5dQrQRotUx370%3D
Value: 1584701624.6978
.yltenim.com/ Name: f%2BNxABd9BuS%2BD6mZ%2FBtNNoR%2BezmypWHgySeOvF3EM0s%3D
Value: dFUxZDQ0YzZPNTZVU0JTUTVHTS84Q2VMRkxGb3pCbkZKVEtXTjZ6ckluMCsrQXcxSzdJMnRYdWEwNnlpOTI1ei9OclRMekIyaHltWHZ5NVoxamMxMjVjMkRzRFU5dDBydkFaMGhEQ2JXcEk9

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0c4.us
301.es
adrunnr.com
ajax.googleapis.com
c.clickwork7secure.com
en.trojadirecta.com
fonts.googleapis.com
go.domainxchange.xyz
livetv.sx
s10.histats.com
s4.histats.com
so.slytrk03.com
track.kikenzo.com
track.zukaisen.com
trojadirecta.com
tryd.pro
waust.at
whos.amung.us
widgets.amung.us
www.greatdexchange.com
www.primevideo.com
yltenim.com
c.clickwork7secure.com
so.slytrk03.com
track.kikenzo.com
tryd.pro
136.244.81.144
143.204.206.5
18.195.174.160
184.168.131.241
185.212.128.72
185.225.208.133
185.39.10.6
198.27.80.143
205.147.93.131
2606:4700:3032::6812:380c
2606:4700:3036::681c:e21
2a00:1450:4001:816::200a
2a00:1450:4001:819::200a
3.126.67.67
35.201.103.0
46.105.201.240
52.210.133.34
54.236.172.182
67.202.94.94
99.198.108.198
1f730c8b78091c3479abc2fb805b9093138f05acd0de421b8da96389cbbb9668
36bfaecc7a2deca0ea1283b4c51882f440e61ae3296a9728c7178b5466fb6ab7
42f8f3096d400248219d21fe69c2d1c1946c478ec0469fa8f43a7c37c2bd1711
4b1293b328fc1e048e97cdbaf4f0abd251001e9a3ec431ee851ae10ebc2f6ccf
4eec30883a796c2fa61cd893545906741c93ed0cea6736f20635325fdaa0dda8
52320d72a3a5f6d81231fa51ad69e8e4c37affe9e748c8d396246943d98e738f
661a80feb942484be1fd82ba9ede119164168d45b811189755fcbe9f12c12574
66eb4d2c5d4da6e6a3663ee4b304fc5ed463521f897cd738a8e068dad54d137f
700e58551da99e1a2af45394d6b252d420379ac42174d37757941bf577915c46
7fa1a72efcbc6e99b1b1f1e71f5f55708f7f59f26e73a50f018cf64c7c01feac
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
a6ecacff668dd4a128e73c0f2d8af399a547016171b5fcf36891a2c810f8ac73
a9dd6f002f8f169c0cb8e46c7ee8493c1a444257c00fb7c1bba31bf7bae52a6e
b4533715235244b5f4400b78c06fd2cb50a0e2eed78c93b5ad934b253e921f6b
c1b65cf3beb665386ec8fd66c039ea9e5f776206dfcf4bd1aeed9507dc732f2b
c97d158cb236628111880eaaf94efa8ffd54e09e4d8fb0f2c689d80404443a48
cab040fc133814c4dd30f8c70b2dd7d4a7aa5a5f2bc5078b67e4c76c7f715119
d995345fd4c4c4c88d9c39645abde26259f39a2a9929b77f907cf2f3cdd7180f
e0a485ae9c32de84b7a965e9ec59b4e9260d3f05fbdf0027989d993808f54e36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fd802d5fac4cca9bf9953b17ac5075788c1a5435132823cb8050d2ecb15657
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac
fdb37cf7fe016bea3b72e5f702c3e5ef8fdb115d54b22680315c3b20335ffb8d