www.claimztopays.xyz Open in urlscan Pro
2620:1ec:bdf::44 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.claimztopays.xyz/
Submission: On July 09 via automatic, source certstream-suspicious (July 9th 2022, 5:04:38 am UTC) — Scanned from DE

Summary HTTP 115 Redirects Behaviour Indicators

Summary

This website contacted 30 IPs in 4 countries across 22 domains to perform 115 HTTP transactions. The main IP is 2620:1ec:bdf::44, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.claimztopays.xyz.
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 02 on June 19th 2022. Valid for: a year.

This is the only time www.claimztopays.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2620:1ec:bdf::44 2620:1ec:bdf::44	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
21	2606:4700:20:... 2606:4700:20::681a:993	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
4	13.224.189.89 13.224.189.89	16509 (AMAZON-02) (AMAZON-02)
3	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.28.109 104.18.28.109	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6812:fea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::6815:5476	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c1b::9c	15169 (GOOGLE) (GOOGLE)
6	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	52.29.153.112 52.29.153.112	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:440e::6812:2fe6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
6	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	2600:9000:215... 2600:9000:2156:c800:11:2a6a:9480:93a1	16509 (AMAZON-02) (AMAZON-02)
2	13.226.155.225 13.226.155.225	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:225... 2600:9000:2250:6a00:16:f82a:8600:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
20	143.204.89.119 143.204.89.119	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
115	30

1 2620:1ec:bdf::44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.claimztopays.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700:20::681a:993 (United States)

ASN13335 (CLOUDFLARENET, US)

cookieandkate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.224.189.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-89.fra2.r.cloudfront.net

ads.adthrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

pub.searchiq.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.searchiq.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.searchiq.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.28.109 (None, )

ASN13335 (CLOUDFLARENET, US)

www.bluehost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:fea (United States)

ASN13335 (CLOUDFLARENET, US)

www.relish.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:5476 (United States)

ASN13335 (CLOUDFLARENET, US)

www.npttech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

static.searchiq.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.searchiq.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.29.153.112 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-153-112.eu-central-1.compute.amazonaws.com

bluehost-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2156:c800:11:2a6a:9480:93a1 (United States)

ASN16509 (AMAZON-02, US)

gdpr-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.155.225 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-225.dus51.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2250:6a00:16:f82a:8600:93a1 (United States)

ASN16509 (AMAZON-02, US)

gdpr.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 143.204.89.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-119.fra50.r.cloudfront.net

cmp-consent-tool.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	privacymanager.io gdpr-wrapper.privacymanager.io — Cisco Umbrella Rank: 14706 gdpr.privacymanager.io — Cisco Umbrella Rank: 15510 cmp-consent-tool.privacymanager.io — Cisco Umbrella Rank: 28676	674 KB
21	cookieandkate.com cookieandkate.com — Cisco Umbrella Rank: 149904	439 KB
9	searchiq.co pub.searchiq.co — Cisco Umbrella Rank: 47940 api.searchiq.co — Cisco Umbrella Rank: 48848 static.searchiq.co — Cisco Umbrella Rank: 48302	48 KB
8	bluehost-cdn.com bluehost-cdn.com — Cisco Umbrella Rank: 131341	70 KB
8	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 119 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209	166 KB
7	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 cffa0305d0259ac03d5e3359e70459f1.safeframe.googlesyndication.com Failed tpc.googlesyndication.com — Cisco Umbrella Rank: 160	36 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49 region1.google-analytics.com — Cisco Umbrella Rank: 2733	41 KB
6	relish.com www.relish.com — Cisco Umbrella Rank: 59522	47 KB
4	adthrive.com ads.adthrive.com — Cisco Umbrella Rank: 5781	269 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	154 KB
2	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 327	42 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 92 www.google.com — Cisco Umbrella Rank: 8	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 179	70 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 944	2 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 7751	792 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1325	5 KB
1	gstatic.com fonts.gstatic.com	44 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 741	6 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71	2 KB
1	npttech.com www.npttech.com — Cisco Umbrella Rank: 4250	3 KB
1	bluehost.com www.bluehost.com — Cisco Umbrella Rank: 117525	4 KB
1	claimztopays.xyz www.claimztopays.xyz	41 KB
115	22

	Domain	Requested by
21	cookieandkate.com	www.claimztopays.xyz cookieandkate.com
20	cmp-consent-tool.privacymanager.io	gdpr.privacymanager.io cmp-consent-tool.privacymanager.io
8	bluehost-cdn.com	www.bluehost.com bluehost-cdn.com
6	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net ads.adthrive.com www.claimztopays.xyz
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
6	www.relish.com	www.claimztopays.xyz cookieandkate.com www.relish.com static.cloudflareinsights.com
5	static.searchiq.co	www.claimztopays.xyz pub.searchiq.co static.searchiq.co
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	ads.adthrive.com	www.claimztopays.xyz ads.adthrive.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	gdpr-wrapper.privacymanager.io	ads.adthrive.com gdpr.privacymanager.io
3	api.searchiq.co	pub.searchiq.co www.claimztopays.xyz static.searchiq.co
3	www.googletagmanager.com	www.claimztopays.xyz www.googletagmanager.com www.bluehost.com
2	gdpr.privacymanager.io	gdpr-wrapper.privacymanager.io cmp-consent-tool.privacymanager.io
2	c.amazon-adsystem.com	ads.adthrive.com c.amazon-adsystem.com
2	www.googletagservices.com	www.relish.com securepubads.g.doubleclick.net
2	stats.g.doubleclick.net	www.google-analytics.com
1	www.google.com	tpc.googlesyndication.com
1	unpkg.com	ads.adthrive.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	static.cloudflareinsights.com	www.relish.com
1	fonts.gstatic.com	fonts.googleapis.com
1	maxcdn.bootstrapcdn.com	www.bluehost.com
1	fonts.googleapis.com	www.bluehost.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.npttech.com	www.claimztopays.xyz
1	www.bluehost.com	www.claimztopays.xyz
1	pub.searchiq.co	www.claimztopays.xyz
1	www.claimztopays.xyz
0	cffa0305d0259ac03d5e3359e70459f1.safeframe.googlesyndication.com Failed	securepubads.g.doubleclick.net
115	31

This site contains no links.

Subject Issuer	Validity	Valid
*.azureedge.net Microsoft Azure TLS Issuing CA 02	`2022-06-19` - `2023-06-14`	a year	crt.sh
cookieandkate.com Cloudflare Inc ECC CA-3	`2022-06-13` - `2023-06-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.adthrive.com Amazon	`2022-06-05` - `2023-07-04`	a year	crt.sh
searchiq.co Cloudflare Inc ECC CA-3	`2022-05-03` - `2023-05-03`	a year	crt.sh
bluehost.com Cloudflare Inc ECC CA-3	`2022-04-28` - `2023-04-27`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.bluehost-cdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-13` - `2022-08-23`	2 years	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.privacymanager.io Amazon	`2021-09-25` - `2022-10-24`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.claimztopays.xyz/
Frame ID: 3210FEDC6F148FDD6A9BAF409B2AE54D
Requests: 75 HTTP requests in this frame

Frame: https://www.bluehost.com/web-hosting/domaincheckapi/?affiliate=cookieandkate
Frame ID: B6E08E5872013D2429EF20311AA44D29
Requests: 15 HTTP requests in this frame

Frame: https://www.relish.com/scripts/storage
Frame ID: 3716D3A2D96A4E48557155D8E1572D0C
Requests: 4 HTTP requests in this frame

Frame: https://cffa0305d0259ac03d5e3359e70459f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 931FB24B6F1796EDAC45B466ADB14E9A
Requests: 1 HTTP requests in this frame

Frame: https://cmp-consent-tool.privacymanager.io/latest/index.html
Frame ID: B329D4E36308CAA876493AD3329FB8DD
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1B61936DCE4C56F3A808A53CB77BF298
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 44586D03F0B005F1A168EE88BF3375C3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

115
Requests

97 %
HTTPS

79 %
IPv6

22
Domains

31
Subdomains

30
IPs

4
Countries

2166 kB
Transfer

6358 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

115 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.claimztopays.xyz/ 191 KB
41 KB 1035ms
986ms Document
text/html 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.claimztopays.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b4b5f83a75f08d08adb25e478b506973913c5db83f8c04b62b98cdb8bde92c92

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: br
content-md5: tngFnIxmCXYh6PqLtUrzew==
content-type: text/html
date: Sat, 09 Jul 2022 05:04:32 GMT
etag: "0x8DA61646B907958"
last-modified: Sat, 09 Jul 2022 04:35:15 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-azure-ref: 0YAzJYgAAAABRvtjTqgpSR5kZSw5Z7ueORlJBMzFFREdFMDMxNgBhZTgwZThiZC01NjBmLTQ4NmItOGQ1Ni1hYmI1Njg3NTIzY2U=
x-azure-ref-originshield: 0YAzJYgAAAABufOCghz7xS6o0fcLyEXnRRlJBMjMxMDUwNDE4MDA5AGFlODBlOGJkLTU2MGYtNDg2Yi04ZDU2LWFiYjU2ODc1MjNjZQ==
x-cache: TCP_MISS
x-ms-request-id: 9c3c8188-901e-00b0-5a51-938aff000000
x-ms-version: 2018-03-28

GET
H2 200 style.css
cookieandkate.com/wp-content/cache/min/1/wp-content/themes/magazine-pro/ 60 KB
13 KB 50ms
20ms Stylesheet
text/css 2606:4700:20::681a:993
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookieandkate.com/wp-content/cache/min/1/wp-content/themes/magazine-pro/style.css?ver=1631724764

Requested by

Host: www.claimztopays.xyz
URL: https://www.claimztopays.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:993 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b14e6fe1eafc61d7b87942df46a6a348b478a6db6eae2f30e9738dd9ede3f7d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-encoding: br
vary: Accept-Encoding, Authorization
age: 14239570
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-served-by: cache-fra19128-FRA
referrer-policy: strict-origin
cf-bgj: minify
x-timer: S1643103504.977385,VS0,VE2
etag: W/"614224dc-2d44"
x-frame-options: SAMEORIGIN
x-fw-version: 5.0.0
content-type: text/css
cache-control: public, max-age=31536000
x-cache-hits: 1
x-fw-static: YES
date: Sat, 09 Jul 2022 05:04:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: status=cannot_optimize
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fastly-restarts: 1
x-xss-protection: 1; mode=block
x-fw-type: FLYWHEEL_BOT
last-modified: Wed, 15 Sep 2021 16:52:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-fw-hash: 20p4kc45by
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x4oxyH1B2Oe%2BoGH49z3A8LysJHaiZq1P26eSWemO0P3IFS6e5i87%2BWcoGT2baUuoqV4seGuzk2%2FsBzbTvYH3cIcS9lapd%2Be9bsqg6QnTdNJFdFjr9qY%2BWCfHAdFu1AfpcP7U1C0qNa3PRZJkL3U5"}],"group":"cf-nel","max_age":604800}
x-fw-serve: TRUE
cf-ray: 727e85007884bb5b-FRA

GET
H2 200 style.min.css
cookieandkate.com/wp-includes/css/dist/block-library/ 81 KB
12 KB 52ms
22ms Stylesheet
text/css 2606:4700:20::681a:993
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookieandkate.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3

Requested by

Host: www.claimztopays.xyz
URL: https://www.claimztopays.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:993 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-encoding: br
age: 8054625
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-served-by: cache-fra19143-FRA
referrer-policy: strict-origin
x-timer: S1649288448.792490,VS0,VE219
x-frame-options: SAMEORIGIN
etag: W/"624cb15c-145db"
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: text/css
cache-control: public, max-age=31536000
x-cache-hits: 0
x-fw-static: YES
date: Sat, 09 Jul 2022 05:04:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fastly-restarts: 1
x-xss-protection: 1; mode=block
x-fw-type: VISIT
last-modified: Tue, 05 Apr 2022 21:15:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-fw-hash: 20p4kc45by
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FAbufALLcSc2WnSGxEyVmdtIecSWKrKKvUBX0lrYr7qQDwkGeVqTR0DG549%2FKi2l0kVp1uJ6%2FGTdidWw2zefbJZXgGBO7GbSiuYFI%2F8UL5kjQxYh3B7Xr8hM%2BPJ6Yt6jS7yqcC9LqSYr71MC1yXU"}],"group":"cf-nel","max_age":604800}
x-fw-serve: TRUE
cf-ray: 727e85007886bb5b-FRA

GET
H2 200 wbounce-base.min.css
cookieandkate.com/wp-content/plugins/wbounce/frontend/css/min/ 2 KB
861 B 53ms
23ms Stylesheet
text/css 2606:4700:20::681a:993
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookieandkate.com/wp-content/plugins/wbounce/frontend/css/min/wbounce-base.min.css?ver=5.9.3

Requested by

Host: www.claimztopays.xyz
URL: https://www.claimztopays.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:993 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88391718a27e2daff24dfc030a75265ea28fc889cb35c21479d0e805476cc010

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-encoding: br
age: 8054626
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-served-by: cache-fra19143-FRA
referrer-policy: strict-origin
x-timer: S1649288448.793123,VS0,VE1
x-frame-options: SAMEORIGIN
etag: W/"5f078290-7b1"
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: text/css
cache-control: public, max-age=31536000
x-cache-hits: 1
x-fw-static: YES
date: Sat, 09 Jul 2022 05:04:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fastly-restarts: 1
x-xss-protection: 1; mode=block
x-fw-type: VISIT
last-modified: Thu, 09 Jul 2020 20:48:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-fw-hash: 20p4kc45by
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yEPmyhu%2BV8BK7enaljvrPEUPh7TFcLMSgPsp1Ac6MQ6YAIrbbWE56Rx9tnxhu8cTwaQ8Hrg%2FxMMf51qdNXIyDejHX8btvcIsFmvEdBoO%2FGnx3n78CE0G3OPludmO%2FR7OuxXZgF1hG7%2FUZi5Un%2B%2FE"}],"group":"cf-nel","max_age":604800}
x-fw-serve: TRUE
cf-ray: 727e85007888bb5b-FRA

GET
H2 200 jquery.min.js Show response
cookieandkate.com/wp-includes/js/jquery/ 87 KB
32 KB 33ms
27ms Script
application/javascript 2606:4700:20::681a:993
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookieandkate.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Host: www.claimztopays.xyz
URL: https://www.claimztopays.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:993 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-encoding: br
age: 14239570
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-served-by: cache-fra19151-FRA
referrer-policy: strict-origin
x-timer: S1643103504.973472,VS0,VE2
x-frame-options: SAMEORIGIN
etag: W/"61d74ef2-15db1"
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: application/javascript
cache-control: public, max-age=31536000
x-cache-hits: 1
x-fw-static: YES
date: Sat, 09 Jul 2022 05:04:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fastly-restarts: 1
x-xss-protection: 1; mode=block
x-fw-type: FLYWHEEL_BOT
last-modified: Thu, 06 Jan 2022 20:20:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-fw-hash: 20p4kc45by
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ws0iNuNqWFJDFJOuoHLlSoQdjD52Fjr8Rn7V8Ei3u5p49aQnS8sE3FYiv0z12a5bC0uBlkqGCgKBMWQuC9eaqvA4ysQAerUN5DDzvU9Ykht56fwaBYNTGd6Hf%2B1t25PuTX42k%2FWapGlyYyVHF5YF"}],"group":"cf-nel","max_age":604800}
x-fw-serve: TRUE
cf-ray: 727e8500788cbb5b-FRA

GET
H2 200 cookie-and-kate-logo.png
cookieandkate.com/images/2019/11/ 15 KB
16 KB 29ms
24ms Image
image/png 2606:4700:20::681a:993
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cookieandkate.com/images/2019/11/cookie-and-kate-logo.png

Requested by

Host: www.claimztopays.xyz
URL: https://www.claimztopays.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:993 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6347b9241626e1fbb6ef7213113703eac8cd1ec472aef0962b9f60c0c1637904

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

vary: Accept-Encoding, Authorization
age: 14239286
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
content-length: 15573
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-served-by: cache-fra19125-FRA
referrer-policy: strict-origin
cf-bgj: imgq:85,h2pri
x-timer: S1643103788.592338,VS0,VE1
etag: W/"5dd4b733-3cd5"
x-frame-options: SAMEORIGIN
x-fw-version: 5.0.0
content-type: image/png
cache-control: public, max-age=31536000
x-cache-hits: 1
x-fw-static: YES
date: Sat, 09 Jul 2022 05:04:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: status=not_needed
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fastly-restarts: 1
x-xss-protection: 1; mode=block
x-fw-type: VISIT
last-modified: Wed, 20 Nov 2019 03:46:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-fw-hash: 20p4kc45by
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xMZ%2BnjoIamtiIHozRZEQL3Z4wNVQMDanP0QsSS55IBxMji%2FgkTgN%2B16Q%2BYoazCxel2PUh32gpGW%2FvftCsI5TSBk%2BY8bx0fQtVqJXCLL5kNg1%2FlQ02S50m4hOKtiTRb8EB0V50W2AtLsP%2Bfokp4co"}],"group":"cf-nel","max_age":604800}
x-fw-serve: TRUE
accept-ranges: bytes
cf-ray: 727e8500788abb5b-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 46ms
20ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-15904891-2

Requested by

Host: www.claimztopays.xyz
URL: https://www.claimztopays.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

647e2e62e457d38a8f5a3802026bbe8113fecce35acd71c2e485d332737be5b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 05:04:33 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41401
x-xss-protection: 0
expires: Sat, 09 Jul 2022 05:04:33 GMT

GET
H2 200 ads.min.js Show response
ads.adthrive.com/sites/53237591208f222c05b9a652/ 54 KB
15 KB 63ms
19ms Script
application/javascript 13.224.189.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adthrive.com/sites/53237591208f222c05b9a652/ads.min.js?referrer=https%3A%2F%2Fwww.claimztopays.xyz%2F&commit=530659f&cb=17
Requested by: Host: www.claimztopays.xyz
URL: https://www.claimztopays.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-89.fra2.r.cloudfront.net
Software: CloudFront /
Resource Hash: cc729ff4da4588af94f6725d04f58b5f93532a8fddddb6014887882360acfe14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

adthrive-bucket: 530659f:ovrd
date: Fri, 08 Jul 2022 12:27:57 GMT
content-encoding: gzip
adthrive-deployment: commit
age: 59796
adthrive-commit: 530659f
x-cache: Hit from cloudfront
content-length: 15176
adthrive-gdpr: true
access-control-allow-origin: *
server: CloudFront
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
cache-control: max-age=3600, s-maxage=86400
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: WWZLEDTzW7UCBdr5qcnPOG6F3PLkmQsHEsI0LXnoWiLuj9wrlsaE5g==

GET
H2 200 siq-container-2.js Show response
pub.searchiq.co/js/container/ 15 KB
7 KB 43ms
15ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub.searchiq.co/js/container/siq-container-2.js?cb=217565&engineKey=302538c74e8e284e686c3a35817536b3
Requested by: Host: www.claimztopays.xyz
URL: https://www.claimztopays.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f4060928248354d099b140c8a88f5b2dde87b76d0ee226d0909039804f61ae2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 05:04:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 520
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 05 Jul 2022 23:15:45 GMT
server: cloudflare
etag: W/"6140806653f54c381e25df7c326653c8-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZqvgzkfDPX9WTq7Frdt%2BUT7TGXqxT4sd8V2PQ74B2GN%2BF4k1rSYaeXFNASvs%2FWj0YGVdlv0QmQ3HHbMPuBQlxA2lFZI%2F9QtdjZd4HVjYq%2FssXnbbbIn06gr%2BCQ3COr0nOAeNFwGsBsiheNIEFb8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 727e85009a509bda-FRA
expires: Tue, 6 Sep 2022 00:53:43 GMT

GET
H2 200 / Show response
www.bluehost.com/web-hosting/domaincheckapi/ Frame B6E0 15 KB
4 KB 1118ms
1091ms Document
text/html 104.18.28.109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluehost.com/web-hosting/domaincheckapi/?affiliate=cookieandkate

Requested by

Host: www.claimztopays.xyz
URL: https://www.claimztopays.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.28.109 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f164e98c10538745e1a800462a06e2da69a5099e8c329a1096fad1a5fa4def9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600

Request headers

Referer: https://www.claimztopays.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 727e85009a075be5-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 09 Jul 2022 05:04:34 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
strict-transport-security: max-age=3600
vary: Accept-Encoding
x-o: 64b5ac3b77224acb172da81d493f7628

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aafa3f7399f4d46a30a37a0408e7113f9d76461e2c0dceb8af06a65424121680

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56a82e40abe9a62dc72a964d282c12649605c7b74158d2b0dd9fe3e479f59cc7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d02b586eb4554ff0080796eb108e3143136c14bc5e7f371723befb2cfd36cc0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 91907bd03266de6d85e580052af4cc61caa6329c7c43d64c2c27ec164f4b248c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e8aaa799b991315fa3af5bd67bd65f13fb94e622eef4fa3b9fa31790333e30f5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4c730360675316a2e7765d587fd00bfa4970daf6d20e5a8b6ede030daefccf4d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45379fd4987afec42e4086de17a3e954bc8e60357f4536b96b8b855e42723b60

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 tasty-pinit.build.js Show response
cookieandkate.com/wp-content/cache/min/1/wp-content/plugins/tasty-pins/assets/dist/ 6 KB
3 KB 18ms
18ms Script
application/javascript 2606:4700:20::681a:993
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookieandkate.com/wp-content/cache/min/1/wp-content/plugins/tasty-pins/assets/dist/tasty-pinit.build.js?ver=1631724765

Requested by

Host: www.claimztopays.xyz
URL: https://www.claimztopays.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:993 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04be9a5db2ab8ca90b84cec17dafa96a29c8189790d206e4e7de6130338d0ca6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-encoding: br
vary: Accept-Encoding, Authorization
age: 1558282
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-served-by: cache-hhn4045-HHN
referrer-policy: strict-origin
cf-bgj: minify
x-timer: S1655784791.473500,VS0,VE1
etag: W/"614224dc-8c6"
x-frame-options: SAMEORIGIN
x-fw-version: 5.0.0
content-type: application/javascript
cache-control: public, max-age=31536000
x-cache-hits: 1
x-fw-static: YES
date: Sat, 09 Jul 2022 05:04:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fastly-restarts: 1
x-xss-protection: 1; mode=block
x-fw-type: FLYWHEEL_BOT
last-modified: Wed, 15 Sep 2021 16:52:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-fw-hash: 20p4kc45by
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lD%2BLkttdjK54ahzEhSWIz8abwM0nn9a2P4osmdpuPv8SX2fBLnnVq42uAW1g2%2BDWQh8U%2F99kXXCEKSjexMFDJzi8G9If5jPK%2F4UMYm3rZMFixgcgPAUG0FNOifCn00lh15au%2Bez%2B1d2kKLBXddiX"}],"group":"cf-nel","max_age":604800}
x-fw-serve: TRUE
cf-ray: 727e850088a4bb5b-FRA

GET
H2 200 wbounce.min.js Show response
cookieandkate.com/wp-content/plugins/wbounce/frontend/js/min/ 4 KB
2 KB 19ms
18ms Script
application/javascript 2606:4700:20::681a:993
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookieandkate.com/wp-content/plugins/wbounce/frontend/js/min/wbounce.min.js?ver=1.8.1

Requested by

Host: www.claimztopays.xyz
URL: https://www.claimztopays.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:993 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e53f1464f350a3c97cb17337ffac8d4a871d04b7c1d2e6f9198134cdbb54aad1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-encoding: br
age: 1558282
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-served-by: cache-hhn4036-HHN
referrer-policy: strict-origin
x-timer: S1655784791.471902,VS0,VE122
x-frame-options: SAMEORIGIN
etag: W/"5f078290-e89"
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: application/javascript
cache-control: public, max-age=31536000
x-cache-hits: 0
x-fw-static: YES
date: Sat, 09 Jul 2022 05:04:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fastly-restarts: 1
x-xss-protection: 1; mode=block
x-fw-type: FLYWHEEL_BOT
last-modified: Thu, 09 Jul 2020 20:48:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-fw-hash: 20p4kc45by
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xac%2FDom10P1xxOmak0zuGoaXTXG1zBiByFYlFCF6R7rtHWypT82R1VigrQ1PdPRWXPl6yLveYTrq7yKGRm8crzHvnS1BO0N6e0ekj3yaKvpS36jFsbnsx3q8V%2B0kynd7JIf6x%2B3HBG%2FWsMYcUM0y"}],"group":"cf-nel","max_age":604800}
x-fw-serve: TRUE
cf-ray: 727e850098a8bb5b-FRA

GET
H2 200 comment-reply.min.js Show response
cookieandkate.com/wp-includes/js/ 3 KB
2 KB 20ms
19ms Script
application/javascript 2606:4700:20::681a:993
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookieandkate.com/wp-includes/js/comment-reply.min.js?ver=5.9.3

Requested by

Host: www.claimztopays.xyz
URL: https://www.claimztopays.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:993 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a10b9570a1c7858442b42f1cd48b69a191638269f37e4046607bf5fe188e38bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-encoding: br
age: 8048433
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-served-by: cache-hhn4043-HHN
referrer-policy: strict-origin
x-timer: S1649294641.769726,VS0,VE2
x-frame-options: SAMEORIGIN
etag: W/"624cb15c-ba3"
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: application/javascript
cache-control: public, max-age=31536000
x-cache-hits: 1
x-fw-static: YES
date: Sat, 09 Jul 2022 05:04:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fastly-restarts: 1
x-xss-protection: 1; mode=block
x-fw-type: FLYWHEEL_BOT
last-modified: Tue, 05 Apr 2022 21:15:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-fw-hash: 20p4kc45by
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s37AZZ3UAQLK9KpamaU5oTVkg6X2cgVuLosKuReSv7L6kDU4mEjayT0A7P3T6SaWUf0hoNnUjlNikEIduPb2JghAltCDw2WlRnML%2Fx2korK%2BeW74GT3el5FvQYr3c7kB59vrMtJ%2FmeU6zSeGCi4R"}],"group":"cf-nel","max_age":604800}
x-fw-serve: TRUE
cf-ray: 727e850098a9bb5b-FRA

GET
H2 200 skip-links.min.js Show response
cookieandkate.com/wp-content/themes/genesis/lib/js/ 386 B
587 B 18ms
17ms Script
application/javascript 2606:4700:20::681a:993
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookieandkate.com/wp-content/themes/genesis/lib/js/skip-links.min.js?ver=3.3.5

Requested by

Host: www.claimztopays.xyz
URL: https://www.claimztopays.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:993 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ade38136058fcd75880d3673855aff859ee377d5915e59cccf24a973d418bebb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-encoding: br
age: 14239569
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-served-by: cache-fra19155-FRA
referrer-policy: strict-origin
x-timer: S1643103504.038411,VS0,VE2
x-frame-options: SAMEORIGIN
etag: W/"611c4606-182"
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: application/javascript
cache-control: public, max-age=31536000
x-cache-hits: 1
x-fw-static: YES
date: Sat, 09 Jul 2022 05:04:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fastly-restarts: 1
x-xss-protection: 1; mode=block
x-fw-type: FLYWHEEL_BOT
last-modified: Tue, 17 Aug 2021 23:28:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-fw-hash: 20p4kc45by
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WbuGOUkExwP5GPNxRPC3vqDgYN%2BOC7nFVLLp9TFcR1rFtdNFV571TVurplVJ1q0p3fhON2lilrZ8%2FE6HFVBvEDclOPh%2Fz0KJ8mMbKFOXxHBFDfAXBEgz%2BMuCLq009fY3k3xNLj3tXqxw9JO%2BxHxH"}],"group":"cf-nel","max_age":604800}
x-fw-serve: TRUE
cf-ray: 727e850098aabb5b-FRA

GET
H2 200 lazyload.min.js Show response
cookieandkate.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/ 8 KB
3 KB 17ms
17ms Script
application/javascript 2606:4700:20::681a:993
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookieandkate.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js

Requested by

Host: www.claimztopays.xyz
URL: https://www.claimztopays.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:993 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-encoding: br
age: 14239569
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-served-by: cache-fra19132-FRA
referrer-policy: strict-origin
x-timer: S1643103504.040171,VS0,VE1
x-frame-options: SAMEORIGIN
etag: W/"61bd0400-2063"
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: application/javascript
cache-control: public, max-age=31536000
x-cache-hits: 1
x-fw-static: YES
date: Sat, 09 Jul 2022 05:04:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fastly-restarts: 1
x-xss-protection: 1; mode=block
x-fw-type: FLYWHEEL_BOT
last-modified: Fri, 17 Dec 2021 21:41:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-fw-hash: 20p4kc45by
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4XMzlTcneoukcomGtWuX8ZHVDVUwRptN4J3bnoE2gVn%2B0nOBGsruGXsYsZzcMYAkHrUyg3RNyrkGz7OToS7IBk7ou%2FMtp9zJ2GqcygnH4dY35DBtn%2Bt1ZuFfr3MLJgzMHXKGLTOFtbswwtDs4mhK"}],"group":"cf-nel","max_age":604800}
x-fw-serve: TRUE
cf-ray: 727e850098abbb5b-FRA

GET
H2 200 celebrating-whole-foods-header.jpg
cookieandkate.com/images/2014/03/ 21 KB
21 KB 17ms
17ms Image
image/jpeg 2606:4700:20::681a:993
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cookieandkate.com/images/2014/03/celebrating-whole-foods-header.jpg

Requested by

Host: www.claimztopays.xyz
URL: https://www.claimztopays.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:993 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9539ebb455e52a15b8d8d61563aac0d1d5c23f2b35b2bde144d51c66d09ac53b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

vary: Accept-Encoding, Authorization
age: 14238851
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
content-length: 21043
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-served-by: cache-fra19129-FRA
referrer-policy: strict-origin
cf-bgj: imgq:85,h2pri
x-timer: S1643104223.573933,VS0,VE2
etag: W/"5bb79ee0-6ec5"
x-frame-options: SAMEORIGIN
x-fw-version: 5.0.0
content-type: image/jpeg
cache-control: public, max-age=31536000
x-cache-hits: 1
x-fw-static: YES
date: Sat, 09 Jul 2022 05:04:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: degrade=85, origSize=28357, status=vary_header_present
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fastly-restarts: 1
x-xss-protection: 1; mode=block
x-fw-type: VISIT
last-modified: Fri, 05 Oct 2018 17:26:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-fw-hash: 20p4kc45by
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PFJXaQCOszLafgoTPN30WGh%2F4qiehymZKDfoRcjQV11c8G5p2ZZiPVcuE1K22lR6a1slbqm%2BBRAvShWPMF0ta5VdPYx0xA3UxCEVQsLyqaF1kzR53v%2FGmU%2F1OOb97RGKq0AO6fLneWKSd75M4ei2"}],"group":"cf-nel","max_age":604800}
x-fw-serve: TRUE
accept-ranges: bytes
cf-ray: 727e850098acbb5b-FRA

GET
H3 200 ck-social18.woff2
cookieandkate.com/wp-content/themes/magazine-pro/fonts/ 5 KB
6 KB 58ms
45ms Font
application/octet-stream 2606:4700:20::681a:993
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookieandkate.com/wp-content/themes/magazine-pro/fonts/ck-social18.woff2

Requested by

Host: www.claimztopays.xyz
URL: https://www.claimztopays.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:993 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18f064ba55a4c16f5522a8903782c57161af82e639bf9e34c6fda25cbfc98bde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.claimztopays.xyz/
Origin: https://www.claimztopays.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-served-by: cache-hhn4032-HHN
referrer-policy: strict-origin
x-timer: S1657343073.414397,VS0,VE1
x-frame-options: SAMEORIGIN
etag: "5f078298-1430"
vary: Authorization, Accept-Encoding
x-fw-version: 5.0.0
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-cache-hits: 1
x-fw-static: YES
date: Sat, 09 Jul 2022 05:04:33 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5168
x-xss-protection: 1; mode=block
x-fw-type: VISIT
last-modified: Thu, 09 Jul 2020 20:48:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-fw-hash: 20p4kc45by
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d2SzW1xqgSdL44xNGsH0eYohT%2FBQPlkeV3oZFPn7VlxymM0P4mzHDJFbdzXrVD1aXEk0LP18qYKPEgAabMLrFsbWRjHtDAQl0QwnTQ1Tc1LOdNFwPtcnzq%2Bqt%2FzW%2Fq6YxWlbZUqA%2FM577bt3mL85"}],"group":"cf-nel","max_age":604800}
x-fw-serve: TRUE
accept-ranges: bytes
cf-ray: 727e8500bbc9bb4f-FRA

GET
H3 200 playfair-display_bold.woff2
cookieandkate.com/wp-content/themes/magazine-pro/fonts/ 76 KB
77 KB 42ms
30ms Font
application/octet-stream 2606:4700:20::681a:993
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookieandkate.com/wp-content/themes/magazine-pro/fonts/playfair-display_bold.woff2

Requested by

Host: www.claimztopays.xyz
URL: https://www.claimztopays.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:993 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68de0ecfdc274db50ac5a3558bd1e0ad3fe3b04eaba20417a0b82667cec40c1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.claimztopays.xyz/
Origin: https://www.claimztopays.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-served-by: cache-hhn4033-HHN
referrer-policy: strict-origin
x-timer: S1657343073.412461,VS0,VE2
x-frame-options: SAMEORIGIN
etag: "5f078297-131a0"
vary: Authorization, Accept-Encoding
x-fw-version: 5.0.0
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-cache-hits: 1
x-fw-static: YES
date: Sat, 09 Jul 2022 05:04:33 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78240
x-xss-protection: 1; mode=block
x-fw-type: VISIT
last-modified: Thu, 09 Jul 2020 20:48:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-fw-hash: 20p4kc45by
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uXTI3Qi7MQNHTlp3xQFuD%2FWUJX1hPVJLhqkXJrL1uWNamrgMMmMUDZEzH%2FwcmbzEHRpxedc%2BvF5AziI6TWBtvqfsa0eoTC%2Fib%2B9fyzJ1f8uPSO4AxBd5l0xGDeemIGsVkeCJCMb708ygp8%2FT6Ei7"}],"group":"cf-nel","max_age":604800}
x-fw-serve: TRUE
accept-ranges: bytes
cf-ray: 727e8500bbcabb4f-FRA

GET
H3 200 FunctionPro.woff2
cookieandkate.com/wp-content/themes/magazine-pro/fonts/ 12 KB
12 KB 32ms
32ms Font
application/octet-stream 2606:4700:20::681a:993
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookieandkate.com/wp-content/themes/magazine-pro/fonts/FunctionPro.woff2

Requested by

Host: cookieandkate.com
URL: https://cookieandkate.com/wp-content/cache/min/1/wp-content/themes/magazine-pro/style.css?ver=1631724764

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:993 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f98d9f256b75ea5218d44fafe87c876c343afa9ae8ec69575a4a502c7b8e8bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cookieandkate.com/
Origin: https://www.claimztopays.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-served-by: cache-fra19179-FRA
referrer-policy: strict-origin
x-timer: S1657343073.471456,VS0,VE1
x-frame-options: SAMEORIGIN
etag: "5f078297-2e30"
vary: Authorization, Accept-Encoding
x-fw-version: 5.0.0
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-cache-hits: 1
x-fw-static: YES
date: Sat, 09 Jul 2022 05:04:33 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11824
x-xss-protection: 1; mode=block
x-fw-type: VISIT
last-modified: Thu, 09 Jul 2020 20:48:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-fw-hash: 20p4kc45by
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BnYRjmXNHhjHNO%2FKMwrxkymo1Sy1Xv5nvwKTzC6O5qOA6QqDZVDTFzbNJBKqCrtV%2F%2BhlLbD2N7u8omv%2BRnsjOFaOmWKodGu8piruKddy4uqrWG%2FnlY7csJXW%2F6oJqP2LrqWvPwulcPm9bYKdV%2F0I"}],"group":"cf-nel","max_age":604800}
x-fw-serve: TRUE
accept-ranges: bytes
cf-ray: 727e85011c74bb4f-FRA

GET
H3 200 playfair-display_bold-italic.woff2
cookieandkate.com/wp-content/themes/magazine-pro/fonts/ 80 KB
80 KB 33ms
32ms Font
application/octet-stream 2606:4700:20::681a:993
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookieandkate.com/wp-content/themes/magazine-pro/fonts/playfair-display_bold-italic.woff2

Requested by

Host: www.claimztopays.xyz
URL: https://www.claimztopays.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:993 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e46c0f40d57c838f02638e2729c37c910f15fffb3347164d7a9c3acb8c79000

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.claimztopays.xyz/
Origin: https://www.claimztopays.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-served-by: cache-fra19158-FRA
referrer-policy: strict-origin
x-timer: S1657343073.480459,VS0,VE2
x-frame-options: SAMEORIGIN
etag: "5f078295-13e24"
vary: Authorization, Accept-Encoding
x-fw-version: 5.0.0
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-cache-hits: 1
x-fw-static: YES
date: Sat, 09 Jul 2022 05:04:33 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 81444
x-xss-protection: 1; mode=block
x-fw-type: VISIT
last-modified: Thu, 09 Jul 2020 20:48:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-fw-hash: 20p4kc45by
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DKEruifNNLl49XZ0Z3tak6PrOLfoGWJu0rurcTakpci4A%2FzPIEm%2B1CwIIOh%2FnJQlEfYOusJ9LzkTj3aZ%2Frcc2H2WCd6mYBWJddato3W%2By8V6rd521MTOCF8WXDSW3A8rIq5x8qX3Xdw9sGlj0x5V"}],"group":"cf-nel","max_age":604800}
x-fw-serve: TRUE
accept-ranges: bytes
cf-ray: 727e85012c8bbb4f-FRA

GET
H2 200 relish.js Show response
www.relish.com/scripts/ 136 KB
41 KB 55ms
27ms Script
text/javascript 2606:4700::6812:fea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.relish.com/scripts/relish.js?key=1f13c6bf-afd2-474f-8a39-d3e4ce67cb8e
Requested by: Host: www.claimztopays.xyz
URL: https://www.claimztopays.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 950012941e106d84bf284d5b1af6618b73ad9b35c4195510268429588c58ca33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 05:04:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 09 Jul 2022 04:59:09 GMT
server: cloudflare
age: 324
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: text/javascript; charset=utf-8
expires: Sat, 09 Jul 2022 05:34:33 GMT
cache-control: public, max-age=1800
x-azure-ref: 0HAvJYgAAAAD6gl68iBWrTrSZOIp6BcyeQlJVMzBFREdFMDQwOQA1OWZkOTUwOC0zOWE5LTQwZDItOTQ5Ny03MzE5NjhkNjIwY2Y=
cf-ray: 727e8501ab289a18-FRA
request-context: appId=cid-v1:212be50e-98fe-4a5e-b364-0c0d2b406083

GET
H2 200 advertising.js Show response
www.npttech.com/ 7 KB
3 KB 202ms
172ms XHR
application/javascript 2606:4700:3030::6815:5476
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: www.claimztopays.xyz
URL: https://www.claimztopays.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5476 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 05:04:33 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: F9W8G89R5M40946C
cf-ray: 727e8501ba249196-FRA
access-control-allow-methods: GET, HEAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Mg9SHlMUE6U8WItStZUrl8bJ8GZ6gPytrCS9bbwCWm0uOu2q8qJXIUrqLMlnmzJvRIjet7alBcI=
last-modified: Wed, 19 Jun 2019 08:25:01 GMT
server: cloudflare
etag: W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hHR85TIToo8nSZQ8uLlyjPhIQCQWjM5Ngq7HbUgmeopVtbqqu1mZwowMkTLAVCgED5k8tR0L0MOFG8oc8%2F8Szkwg44zAhgCpthtAVuti309%2BIZBqCgs1KTWI0UtCxZD3oNCYOrhaH7YSQwYqqZk%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
access-control-allow-origin: *
cache-control: max-age=28800
content-type: application/javascript

GET
H2 200 settings.js Show response
api.searchiq.co/api/searchEngines/302538c74e8e284e686c3a35817536b3/ 5 KB
3 KB 331ms
322ms Script
text/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.searchiq.co/api/searchEngines/302538c74e8e284e686c3a35817536b3/settings.js?callback=SIQ_settings_loaded&cb=598880542175120
Requested by: Host: pub.searchiq.co
URL: https://pub.searchiq.co/js/container/siq-container-2.js?cb=217565&engineKey=302538c74e8e284e686c3a35817536b3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6998b27518b25b929dc1b5f147c4c21534c8dd7dd73424b79f5abea6380b9c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 05:04:33 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FtVPuRU%2BCDsPrWpkdHdAdmJnjpZ%2BwwXw8iIEeljYlB%2Brwm00muglcjEkW65NJ6K%2FsTgt0%2FAJGkcPWlnp%2FpMCO57T1W6m%2BZH6PqC0ewlrX1L8PILexsRQfHG5q8kE8gaMRwL%2BSQXWBKXKzXLJzt4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-store
cf-ray: 727e8501ab7f9bda-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 pxl.gif
static.searchiq.co/t/ 43 B
426 B 322ms
313ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.searchiq.co/t/pxl.gif?engineKey=302538c74e8e284e686c3a35817536b3&pageUrl=https%3A%2F%2Fwww.claimztopays.xyz%2F&referrer=&cb=318399284
Requested by: Host: www.claimztopays.xyz
URL: https://www.claimztopays.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 05:04:33 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
last-modified: Tue, 05 Jul 2022 23:04:19 GMT
server: cloudflare
etag: "ed2d43a9844d82fc05aa8162dc363200"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Ft6pa2NwzQl6CEqIYG8jyKdNhNYgl%2BD4XTicNJXP2i9YAbTBdm0wJmvOzGfGUvpqeMtHM5Sxlm6UMfHlrwh%2FWvFueh0KPviMBp3AMK0cau4q6NIoPqXdMW4jhwiCZwBurJ8XGLte0%2FSQAojuQLeUdv8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 727e8501ab7e9bda-FRA
expires: Fri, 9 Sep 2022 05:04:33 GMT

GET
H2 200 marmalade Show response
ads.adthrive.com/api/v1/ 6 KB
2 KB 327ms
311ms Fetch
application/json 13.224.189.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adthrive.com/api/v1/marmalade?siteid=53237591208f222c05b9a652&url=https%3A%2F%2Fwww.claimztopays.xyz%2F&experiments=
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/53237591208f222c05b9a652/ads.min.js?referrer=https%3A%2F%2Fwww.claimztopays.xyz%2F&commit=530659f&cb=17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-89.fra2.r.cloudfront.net
Software: /
Resource Hash: 398ccc56f51d7529a22b675be0ae1253c52329a4b0e4dcecc700839188365336

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 05:04:33 GMT
adthrive-is-ios: 0
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: ef5dfa20-93eb-4556-9796-99b17fdc8126
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-62c90c61-1bf42eb609abafd70fce5ac5;Sampled=0
x-cache: Miss from cloudfront
content-encoding: br
x-amz-apigw-id: U-7fSEjpoAMFYnQ=
x-amz-cf-id: twHgm5UGEP5mDNb-1gt8lDUqBlr1rkfk6FnqHkTCF0vSYYD6kDQpAg==
via: 1.1 24c299c0a6423c6f96984a85fb014108.cloudfront.net (CloudFront)
adthrive-is-chrome: 1

GET
H2 200 adthrive.min.js Show response
ads.adthrive.com/builds/core/530659f/js/ 539 KB
129 KB 8ms
8ms Script
application/javascript 13.224.189.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adthrive.com/builds/core/530659f/js/adthrive.min.js?deployment=commit
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/53237591208f222c05b9a652/ads.min.js?referrer=https%3A%2F%2Fwww.claimztopays.xyz%2F&commit=530659f&cb=17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-89.fra2.r.cloudfront.net
Software: CloudFront /
Resource Hash: ec8d81832d685da41631611fd93421b382068f44d3792938dd23ff276ae230ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:30:49 GMT
content-encoding: gzip
server: CloudFront
age: 41624
etag: "99e6293c847d7857425a1feb3d701317"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
cache-control: max-age=3600, s-maxage=86400
x-amz-cf-pop: FRA2-C1
content-length: 131805
x-amz-cf-id: Ru44YyqMLQTqZL1mdd67gUKDkVessOIBFvVkMRMAhOaOeJgUS-cXbw==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
69 KB 40ms
22ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-J3ZWX7Z2T6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-15904891-2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9fa447ad81592fae20e124cb27a85e47e8e30e42c431859fb3f7026048b792db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 05:04:33 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70555
x-xss-protection: 0
expires: Sat, 09 Jul 2022 05:04:33 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-15904891-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 505
date: Sat, 09 Jul 2022 04:56:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 09 Jul 2022 06:56:08 GMT

GET
H3 200 love-real-food-150.png
cookieandkate.com/images/2017/05/ 14 KB
15 KB 30ms
19ms Image
image/png 2606:4700:20::681a:993
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cookieandkate.com/images/2017/05/love-real-food-150.png

Requested by

Host: www.claimztopays.xyz
URL: https://www.claimztopays.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:993 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a7b292444c5e05b0e6d0f72550e183523cecf9ece069ef66c9d184bc852e6f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

vary: Accept-Encoding, Authorization
age: 14247177
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
content-length: 14131
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-served-by: cache-fra19127-FRA
referrer-policy: strict-origin
cf-bgj: imgq:85,h2pri
x-timer: S1643095896.424461,VS0,VE1
etag: W/"5bb7a47a-3733"
x-frame-options: SAMEORIGIN
x-fw-version: 5.0.0
content-type: image/png
cache-control: public, max-age=31536000
x-cache-hits: 1
x-fw-static: YES
date: Sat, 09 Jul 2022 05:04:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: status=not_needed
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fastly-restarts: 1
x-xss-protection: 1; mode=block
x-fw-type: VISIT
last-modified: Fri, 05 Oct 2018 17:50:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-fw-hash: 20p4kc45by
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rv9gJNe%2BTe7%2FJ6JpAo2oz6xgW19LyQmI53%2F8B%2FuMT3aU2dwl6VotvPLHIJlswlVlSmDHfMV5VQ8uPvdFG1MzYJBeT7wv3tnJhyUn3zwogP2UaJhvUapQtQimWR4np5b8tOIiLBNNhtrV4OiVlWoM"}],"group":"cf-nel","max_age":604800}
x-fw-serve: TRUE
accept-ranges: bytes
cf-ray: 727e8501eddfbbb6-FRA

GET
H3 200 how-to-start-a-food-blog-550x824.jpg
cookieandkate.com/images/2020/03/ 87 KB
88 KB 46ms
35ms Image
image/jpeg 2606:4700:20::681a:993
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cookieandkate.com/images/2020/03/how-to-start-a-food-blog-550x824.jpg

Requested by

Host: www.claimztopays.xyz
URL: https://www.claimztopays.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:993 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3dfde5daa9dff11dd6d275e2955f5554cc6096c3140cab911e58a03fbaa945b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-fw-static: YES
date: Sat, 09 Jul 2022 05:04:33 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: HIT
x-cache-hits: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding, Authorization
fastly-restarts: 1
x-xss-protection: 1; mode=block
x-served-by: cache-fra19160-FRA
x-fw-type: VISIT
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin
last-modified: Mon, 02 Mar 2020 23:04:36 GMT
server: cloudflare
x-timer: S1657343074.608429,VS0,VE2
x-fw-hash: 20p4kc45by
etag: W/"5e5d9104-15ac7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XTzZmHbyAUWCUQ8H41a%2Bu7Y2jPuNbt%2F4Iar6hRNKYXgGXXGfrxhl4hgimfl5KLBAFIiH%2FE6ccvmuEWSCqG4TjPACGRMKqswe5SM%2B42bSBHugAkdceNq6uQjny1uJ2%2FJ4GhlwaGeUPQ3GJuSveNsT"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fw-serve: TRUE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=31536000
cf-ray: 727e8501edddbbb6-FRA
x-fw-version: 5.0.0

GET
H3 200 kate-600-550x229.jpg
cookieandkate.com/images/2014/02/ 21 KB
22 KB 59ms
48ms Image
image/jpeg 2606:4700:20::681a:993
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cookieandkate.com/images/2014/02/kate-600-550x229.jpg

Requested by

Host: www.claimztopays.xyz
URL: https://www.claimztopays.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:993 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dee0f4fe2b8af1951470e9505dc6d2d321a7f67b21c83ab5ed88bf22b51718f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

vary: Accept-Encoding, Authorization
age: 1367602
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
content-length: 21922
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-served-by: cache-hhn4066-HHN
referrer-policy: strict-origin
cf-bgj: imgq:85,h2pri
x-timer: S1655975471.262205,VS0,VE1
etag: W/"5bb7a03b-67f6"
x-frame-options: SAMEORIGIN
x-fw-version: 5.0.0
content-type: image/jpeg
cache-control: public, max-age=31536000
x-cache-hits: 1
x-fw-static: YES
date: Sat, 09 Jul 2022 05:04:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: degrade=85, origSize=26614, status=vary_header_present
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fastly-restarts: 1
x-xss-protection: 1; mode=block
x-fw-type: VISIT
last-modified: Fri, 05 Oct 2018 17:32:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-fw-hash: 20p4kc45by
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GFfpQHY0ERubaN8NGnFtWUbLwxPGuxDVx%2Fn%2FVKy9jr4dAcgk4sqhzZRYZQvNqIC7tPWybwj7682E2OnGWfI1LQH%2FEkQNLHk5qoChs1DBH3uwojvRHcVuhs8AB4o8PyyQhMCwdK3leFjyW9KpMXjT"}],"group":"cf-nel","max_age":604800}
x-fw-serve: TRUE
accept-ranges: bytes
cf-ray: 727e8501ede7bbb6-FRA

GET
H3 200 love-real-food-cookbook-sidebar-550x229.jpg
cookieandkate.com/images/2020/03/ 24 KB
25 KB 38ms
27ms Image
image/jpeg 2606:4700:20::681a:993
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cookieandkate.com/images/2020/03/love-real-food-cookbook-sidebar-550x229.jpg

Requested by

Host: www.claimztopays.xyz
URL: https://www.claimztopays.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:993 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41b704fe0ae475e56c172366517cc75214afb4880688ef3425f30645655bc6e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

vary: Accept-Encoding, Authorization
age: 1374074
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
content-length: 24984
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-served-by: cache-fra19173-FRA
referrer-policy: strict-origin
cf-bgj: imgq:85,h2pri
x-timer: S1655968999.247555,VS0,VE2
etag: W/"5e5d60be-780f"
x-frame-options: SAMEORIGIN
x-fw-version: 5.0.0
content-type: image/jpeg
cache-control: public, max-age=31536000
x-cache-hits: 1
x-fw-static: YES
date: Sat, 09 Jul 2022 05:04:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: degrade=85, origSize=30735, status=vary_header_present
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fastly-restarts: 1
x-xss-protection: 1; mode=block
x-fw-type: VISIT
last-modified: Mon, 02 Mar 2020 19:38:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-fw-hash: 20p4kc45by
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PRHCdxjDmlZzj6z4UjQQWEy4LxhjpA%2FIKZyjmN0nzoW0vqp1oVZXMjAdaaXZeb8iigpZNDENltmhGMvZOcumgfFHjCR6zo4gHuQfWfatf8NCuc25AmuVYnRDcrU1eZzoCz6uhhvUPpfJuj%2BvfopT"}],"group":"cf-nel","max_age":604800}
x-fw-serve: TRUE
accept-ranges: bytes
cf-ray: 727e8501ede4bbb6-FRA

GET
H3 200 best-granola-bars-recipe-1-80x110.jpg
cookieandkate.com/images/2020/04/ 3 KB
4 KB 44ms
34ms Image
image/jpeg 2606:4700:20::681a:993
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cookieandkate.com/images/2020/04/best-granola-bars-recipe-1-80x110.jpg

Requested by

Host: www.claimztopays.xyz
URL: https://www.claimztopays.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:993 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8185c01d917e3cb038115ce9ef2e3bea8f55d4b8a37037cda4b31d4433df6b8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

vary: Accept-Encoding, Authorization
age: 1357746
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
content-length: 3509
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-served-by: cache-hhn4072-HHN
referrer-policy: strict-origin
cf-bgj: imgq:85,h2pri
x-timer: S1655985327.053123,VS0,VE2
etag: W/"5e8ccf0f-1176"
x-frame-options: SAMEORIGIN
x-fw-version: 5.0.0
content-type: image/jpeg
cache-control: public, max-age=31536000
x-cache-hits: 1
x-fw-static: YES
date: Sat, 09 Jul 2022 05:04:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: degrade=85, origSize=4470, status=vary_header_present
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fastly-restarts: 1
x-xss-protection: 1; mode=block
x-fw-type: VISIT
last-modified: Tue, 07 Apr 2020 19:05:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-fw-hash: 20p4kc45by
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vUFQtWlsK5ATSWn6yhZy7iGT%2B%2BLSUkYo34zp8ox%2F1N%2FahbQZPtSgLxLQVkyghvy1nIL%2FqpzM6RRbUERD3%2Bv3fIIxaCuce00SU%2BPfeUkenSgSOcOLMVt%2FIJLERpmtRWADpqBAkLVya2jP2aV9piXC"}],"group":"cf-nel","max_age":604800}
x-fw-serve: TRUE
accept-ranges: bytes
cf-ray: 727e8501ede2bbb6-FRA

GET
H3 200 best-stuffed-shells-recipe-3-80x110.jpg
cookieandkate.com/images/2020/02/ 4 KB
5 KB 50ms
40ms Image
image/jpeg 2606:4700:20::681a:993
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cookieandkate.com/images/2020/02/best-stuffed-shells-recipe-3-80x110.jpg

Requested by

Host: www.claimztopays.xyz
URL: https://www.claimztopays.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:993 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c12b5d2d57bb5b1375e28d8624f7d77dd9192dfd73dcb1dc907a409bc93d820b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

vary: Accept-Encoding, Authorization
age: 1369528
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
content-length: 3854
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-served-by: cache-hhn4068-HHN
referrer-policy: strict-origin
cf-bgj: imgq:85,h2pri
x-timer: S1655973546.515859,VS0,VE114
etag: W/"5e458f0f-14ef"
x-frame-options: SAMEORIGIN
x-fw-version: 5.0.0
content-type: image/jpeg
cache-control: public, max-age=31536000
x-cache-hits: 0
x-fw-static: YES
date: Sat, 09 Jul 2022 05:04:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: degrade=85, origSize=5359, status=vary_header_present
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fastly-restarts: 1
x-xss-protection: 1; mode=block
x-fw-type: VISIT
last-modified: Thu, 13 Feb 2020 18:01:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-fw-hash: 20p4kc45by
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G0CwH0U4m12LyufKeu0YTVmt%2BX0oNTz%2B4zUDTIu%2BMycgCnB02jJY%2FaK%2BmdkKQ1%2BkFPue9lLl9T51km8PR603YGhwmELWhRT9wqlG1yPRlCaTJ4cNCNWiPuLAVvMnUxKonJ8YiO4vmPLCzcvji4I8"}],"group":"cf-nel","max_age":604800}
x-fw-serve: TRUE
accept-ranges: bytes
cf-ray: 727e8501eddabbb6-FRA

GET
H2 200 / Show response
www.relish.com/api/v1/recipe/6840/ 104 B
392 B 803ms
803ms XHR
application/json 2606:4700::6812:fea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.relish.com/api/v1/recipe/6840/?type=origin
Requested by: Host: cookieandkate.com
URL: https://cookieandkate.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b686294554db32643822adcf3c7f2a9f61423026d5bd888eddf9bfd0e1bc0407

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.claimztopays.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
x-api-key: 1f13c6bf-afd2-474f-8a39-d3e4ce67cb8e

Response headers

date: Sat, 09 Jul 2022 05:04:34 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 09 Jul 2022 05:04:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1800
x-azure-ref: 0YQzJYgAAAABYTVAZHwZVS6UJEbwcjuJIQlJVMzBFREdFMDQxNAA1OWZkOTUwOC0zOWE5LTQwZDItOTQ5Ny03MzE5NjhkNjIwY2Y=
request-context: appId=cid-v1:212be50e-98fe-4a5e-b364-0c0d2b406083
cf-ray: 727e85041c505bf5-FRA
expires: Sat, 09 Jul 2022 05:34:34 GMT

OPTIONS
H2 204 /
www.relish.com/api/v1/recipe/6840/ Frame 0
0 263ms
245ms Preflight 2606:4700::6812:fea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.relish.com/api/v1/recipe/6840/?type=origin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-api-key
Access-Control-Request-Method: GET
Origin: https://www.claimztopays.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: x-api-key
access-control-allow-methods: GET
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 727e85028b1a5bf5-FRA
date: Sat, 09 Jul 2022 05:04:33 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
request-context: appId=cid-v1:212be50e-98fe-4a5e-b364-0c0d2b406083
server: cloudflare
x-azure-ref: 0YQzJYgAAAAB/gatBXubwQbwKeyzJqTunQlJVMzBFREdFMDQxNgA1OWZkOTUwOC0zOWE5LTQwZDItOTQ5Ny03MzE5NjhkNjIwY2Y=
x-cache: CONFIG_NOCACHE

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 30ms
14ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1797906804&t=pageview&_s=1&dl=https%3A%2F%2Fwww.claimztopays.xyz%2F&ul=en-us&de=UTF-8&dt=How%20to%20Start%20a%20Food%20Blog%3A%20Step%20by%20Step%20-%20Cookie%20and%20Kate&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=2049641964&gjid=589792612&cid=975533027.1657343074&tid=UA-15904891-2&_gid=1802843312.1657343074&_r=1&gtm=2ou6t0&z=2120349465

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.claimztopays.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 05:04:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.claimztopays.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 27ms
15ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1797906804&t=pageview&_s=1&dl=https%3A%2F%2Fwww.claimztopays.xyz%2F&ul=en-us&de=UTF-8&dt=How%20to%20Start%20a%20Food%20Blog%3A%20Step%20by%20Step%20-%20Cookie%20and%20Kate&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAAC~&jid=1870873489&gjid=783931530&cid=975533027.1657343074&tid=UA-120925740-14&_gid=1802843312.1657343074&_r=1&_slc=1&z=495519705

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.claimztopays.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 05:04:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.claimztopays.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
351 B 37ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-J3ZWX7Z2T6&gtm=2oe6t0&_p=1797906804&_z=ccd.v9B&cid=975533027.1657343074&ul=en-us&sr=1600x1200&_s=1&sid=1657343073&sct=1&seg=0&dl=https%3A%2F%2Fwww.claimztopays.xyz%2F&dt=How%20to%20Start%20a%20Food%20Blog%3A%20Step%20by%20Step%20-%20Cookie%20and%20Kate&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J3ZWX7Z2T6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 05:04:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.claimztopays.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
443 B 60ms
19ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-120925740-14&cid=975533027.1657343074&jid=1870873489&gjid=783931530&_gid=1802843312.1657343074&_u=YEDAAUABAAAAAC~&z=738969306

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.claimztopays.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 09 Jul 2022 05:04:33 GMT
content-type: text/plain
access-control-allow-origin: https://www.claimztopays.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 60ms
20ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-15904891-2&cid=975533027.1657343074&jid=2049641964&gjid=589792612&_gid=1802843312.1657343074&_u=YEBAAUAAAAAAAC~&z=586497016

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.claimztopays.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 09 Jul 2022 05:04:33 GMT
content-type: text/plain
access-control-allow-origin: https://www.claimztopays.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sa.js Show response
static.searchiq.co/js/2.2.71/ 6 KB
3 KB 36ms
24ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.searchiq.co/js/2.2.71/sa.js
Requested by: Host: pub.searchiq.co
URL: https://pub.searchiq.co/js/container/siq-container-2.js?cb=217565&engineKey=302538c74e8e284e686c3a35817536b3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8763b475e37bfac2fe719cee8041ce66deb6dae6802e5ab885ef241073baacfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 05:04:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 656102
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 30 Jun 2022 01:18:20 GMT
server: cloudflare
etag: W/"3416e4ad839c7095495407b61e5ed05b-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WX6c9EhKJnkFriK%2BuzD4tf9RCBsjqmRafAS8n0cy8OG%2F5mCwYedRk0QKRD7ZS%2B9X95%2F9QioomKuJUlMWybYZ%2BrkjoD2M2qJTAhCDlBx%2F6shK7QesFrS1sRlx5iNBLTn3%2BlIinJ12A926b%2FmVdy41yuU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 727e8503d9a2924d-FRA
expires: Thu, 1 Sep 2022 14:49:31 GMT

GET
H3 200 autocomplete.js Show response
static.searchiq.co/js/2.2.71/ 46 KB
12 KB 37ms
25ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.searchiq.co/js/2.2.71/autocomplete.js
Requested by: Host: pub.searchiq.co
URL: https://pub.searchiq.co/js/container/siq-container-2.js?cb=217565&engineKey=302538c74e8e284e686c3a35817536b3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba5e80de0fb30c5c0e8da4f57ef3dd9b5726782b0bba96c72b2f22cee664c1c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 05:04:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 656102
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 30 Jun 2022 01:29:34 GMT
server: cloudflare
etag: W/"9bc1ae94d57fc4c2d40033efea936435-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OuFZNtcacwjVOcVGRN6hWAznx5mUf%2BLzzE6%2FS0OhpW7sSzjRMvjqKrSTWCT5RaLUTVtZgnuOBH1nhY1pHZt8bDLdzps6TVb4k5CneeqAtB3iYDUdigzXbN1NQk9i3RelV6pUNO4QCswdkWTyJb3TK2c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 727e8503d9a3924d-FRA
expires: Thu, 1 Sep 2022 14:49:31 GMT

GET
H3 200 search-results.js Show response
static.searchiq.co/js/2.2.71/ 71 KB
18 KB 28ms
16ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.searchiq.co/js/2.2.71/search-results.js
Requested by: Host: pub.searchiq.co
URL: https://pub.searchiq.co/js/container/siq-container-2.js?cb=217565&engineKey=302538c74e8e284e686c3a35817536b3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a5f1ceced03b10d5e7d74aba6e8ade9b8f9c6e890cba77a7518e7d246ebf124

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 05:04:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 656102
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 30 Jun 2022 01:29:34 GMT
server: cloudflare
etag: W/"03ac1a95a337f059732f25726018e2ec-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oVGCqOR%2F%2FgSQRlMWO59OSp6N7xfQbN9p8UWtj4D2KODFZahXB9PYJF7OAgN8zOuSETcWUMg%2FCGyQQohTtzA%2BcxSdMMXT%2F8fq1DWdA8pap%2FFINKn2KDIydyI%2FqXDZ5Z47Tuu0qa76rLIgMsd8tHD8msg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 727e8503d9a0924d-FRA
expires: Thu, 1 Sep 2022 14:49:31 GMT

GET
H3 200 live
api.searchiq.co/ 68 B
647 B 327ms
316ms Image
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.searchiq.co/live?engineKey=302538c74e8e284e686c3a35817536b3
Requested by: Host: www.claimztopays.xyz
URL: https://www.claimztopays.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 05:04:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 05 Jul 2022 23:04:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XMZupJHlRRFivKPWNSpkeElrHkLZyjOJ4wpN%2BGfTh1fjrsEjZOLrXDCbmgWoMFOXX68Gi3G2PHM482fbjmPKMMHly0HFniR5XT5dOSIba7N%2BX7KPsQXEhf5c0RIyHylN80Hy35qY0%2F2hOmfJpQ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: public, max-age=5356800
cf-ray: 727e8503d9a5924d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 9 Sep 2022 05:04:34 GMT

GET
H3 200 autocomplete.css
static.searchiq.co/css/2.2.71/ 15 KB
3 KB 21ms
21ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.searchiq.co/css/2.2.71/autocomplete.css
Requested by: Host: static.searchiq.co
URL: https://static.searchiq.co/js/2.2.71/autocomplete.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74b4768ea14794fb44e1ab194adbe01a50f9f3a466a576abddca153b4c808453

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 05:04:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 656130
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 30 Jun 2022 01:36:04 GMT
server: cloudflare
etag: W/"e4a72f46331a8106eabb083621c056b4-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5BcrEjNC9lxGqvbT%2Bv%2BRYmTNihIj7WZrFZS1JJiqThEiPsQrSZP8rYJLHvUC5%2BCLhi9i%2BfjJcUI%2BMQUq2z5Qkpy0%2FUiaCpIhLuFtwUiwx2uWy8pEVLUfAZhnySge%2FoV%2FF9mqp6PANbYTyNPFOVzllFg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 727e850409dc924d-FRA
expires: Thu, 1 Sep 2022 14:49:03 GMT

GET
H3 200 custom.css
api.searchiq.co/api/css/302538c74e8e284e686c3a35817536b3/ 7 KB
1 KB 17ms
17ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.searchiq.co/api/css/302538c74e8e284e686c3a35817536b3/custom.css?v=2.2.71&cb=7534404
Requested by: Host: static.searchiq.co
URL: https://static.searchiq.co/js/2.2.71/autocomplete.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb7fac32cafbb4d2568c5ecfafe71f2f2a8e3147ea7cb24d81c0cb7c766e63ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 05:04:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 09 Jul 2022 04:05:28 GMT
server: cloudflare
age: 3545
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wvEVym9Qdf5QHPmxPL%2BkVlVmLvQrxXjAsaQUDq51FdSbfqYoohpqeGlnPels4G6aYetO%2Fot%2FWoRA1diqHzLvUX5rNYIonQq%2FRuWJIiiIPOhS1DFhKAKUAfqJeC4%2Fuas75nJZ9sZAevRCtQGTCK8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 727e850409de924d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 normalize.css
bluehost-cdn.com/media/shared/general/normalize/3.0.0/ Frame B6E0 8 KB
3 KB 35ms
7ms Stylesheet
text/css 52.29.153.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bluehost-cdn.com/media/shared/general/normalize/3.0.0/normalize.css
Requested by: Host: www.bluehost.com
URL: https://www.bluehost.com/web-hosting/domaincheckapi/?affiliate=cookieandkate
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.29.153.112 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-153-112.eu-central-1.compute.amazonaws.com
Software: openresty /
Resource Hash: 4eac52a7a1be3a0e185061891901edd5381815b64b83546662087737676d8b03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluehost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 05:04:34 GMT
content-encoding: gzip
last-modified: Fri, 21 Mar 2014 16:57:56 GMT
server: openresty
etag: "1f6a-4f520c98c0d00"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Sat, 16 Jul 2022 05:04:34 GMT
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2607
x-proxy-cache: HIT

GET
H2 200 main.css
bluehost-cdn.com/media/partner/css/ Frame B6E0 40 KB
7 KB 35ms
8ms Stylesheet
text/css 52.29.153.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bluehost-cdn.com/media/partner/css/main.css
Requested by: Host: www.bluehost.com
URL: https://www.bluehost.com/web-hosting/domaincheckapi/?affiliate=cookieandkate
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.29.153.112 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-153-112.eu-central-1.compute.amazonaws.com
Software: openresty /
Resource Hash: 630209a656018727bb802ced7e2c0338ba127b1701bffa3119932cdb4d0af23d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluehost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 05:04:34 GMT
content-encoding: gzip
last-modified: Tue, 04 Aug 2020 20:18:50 GMT
server: openresty
etag: "9ef1-5ac12f69cfa8c"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Sat, 16 Jul 2022 05:04:34 GMT
cache-control: max-age=604800
accept-ranges: bytes
content-length: 7158
x-proxy-cache: HIT

GET
H2 200 css
fonts.googleapis.com/ Frame B6E0 26 KB
2 KB 42ms
18ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,300,400,600,700,800

Requested by

Host: www.bluehost.com
URL: https://www.bluehost.com/web-hosting/domaincheckapi/?affiliate=cookieandkate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a4ed6192a5661e60f1dd77d79b4024b6315008210b15b6162835108e008c8866

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluehost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 09 Jul 2022 05:04:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 09 Jul 2022 05:04:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Jul 2022 05:04:34 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ Frame B6E0 23 KB
6 KB 38ms
17ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Host: www.bluehost.com
URL: https://www.bluehost.com/web-hosting/domaincheckapi/?affiliate=cookieandkate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluehost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 05:04:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 617, 617
age: 14245771
cdn-cachedat: 2021-04-13 02:55:53
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: a4c754a17577d74a872d3c9c794d1a4f
cf-ray: 727e8507af179034-FRA
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H2 200 main.css
bluehost-cdn.com/media/partner/css/domaincheckapi/ Frame B6E0 7 KB
2 KB 39ms
13ms Stylesheet
text/css 52.29.153.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bluehost-cdn.com/media/partner/css/domaincheckapi/main.css
Requested by: Host: www.bluehost.com
URL: https://www.bluehost.com/web-hosting/domaincheckapi/?affiliate=cookieandkate
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.29.153.112 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-153-112.eu-central-1.compute.amazonaws.com
Software: openresty /
Resource Hash: 1cc05fdbfb8325a3b03cb57cdb20705360d143657f8d07b519a974db0dd4dffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluehost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 05:04:34 GMT
content-encoding: gzip
last-modified: Mon, 16 Sep 2019 23:04:33 GMT
server: openresty
etag: "1b12-592b3a087430d"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Sat, 16 Jul 2022 05:04:34 GMT
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1587
x-proxy-cache: HIT

GET
H2 200 bh.css
bluehost-cdn.com/media/partner/css/brand/ Frame B6E0 2 KB
1 KB 40ms
13ms Stylesheet
text/css 52.29.153.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bluehost-cdn.com/media/partner/css/brand/bh.css
Requested by: Host: www.bluehost.com
URL: https://www.bluehost.com/web-hosting/domaincheckapi/?affiliate=cookieandkate
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.29.153.112 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-153-112.eu-central-1.compute.amazonaws.com
Software: openresty /
Resource Hash: 8e6830c178ae498b4c536ac243bfa04173c550ba4bf6413da2e6e0a26f75a137

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluehost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 05:04:34 GMT
content-encoding: gzip
last-modified: Fri, 21 Apr 2017 17:35:30 GMT
server: openresty
etag: "8e2-54db0af1c0d3e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Sat, 16 Jul 2022 05:04:34 GMT
cache-control: max-age=604800
accept-ranges: bytes
content-length: 779
x-proxy-cache: HIT

GET
H2 200 main.css
bluehost-cdn.com/media/partner/css/domaincheckapi/_bh/ Frame B6E0 336 B
509 B 40ms
14ms Stylesheet
text/css 52.29.153.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bluehost-cdn.com/media/partner/css/domaincheckapi/_bh/main.css
Requested by: Host: www.bluehost.com
URL: https://www.bluehost.com/web-hosting/domaincheckapi/?affiliate=cookieandkate
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.29.153.112 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-153-112.eu-central-1.compute.amazonaws.com
Software: openresty /
Resource Hash: fc7251f2ba638552212b54b2e58660540f95bd87240724125125e53d59bcf107

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluehost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 05:04:34 GMT
content-encoding: gzip
last-modified: Mon, 16 Sep 2019 23:04:33 GMT
server: openresty
etag: "150-592b3a0872508"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Sat, 16 Jul 2022 05:04:34 GMT
cache-control: max-age=604800
accept-ranges: bytes
content-length: 247
x-proxy-cache: HIT

GET
H2 200 jquery-1.11.1.min.js Show response
bluehost-cdn.com/media/shared/general/jquery/ Frame B6E0 94 KB
33 KB 41ms
15ms Script
text/javascript 52.29.153.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bluehost-cdn.com/media/shared/general/jquery/jquery-1.11.1.min.js
Requested by: Host: www.bluehost.com
URL: https://www.bluehost.com/web-hosting/domaincheckapi/?affiliate=cookieandkate
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.29.153.112 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-153-112.eu-central-1.compute.amazonaws.com
Software: openresty /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluehost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 05:04:34 GMT
content-encoding: gzip
last-modified: Mon, 10 Nov 2014 22:11:47 GMT
server: openresty
etag: "1762a-5078872d40ec0"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
expires: Sat, 16 Jul 2022 05:04:34 GMT
cache-control: max-age=604800
accept-ranges: bytes
content-length: 33160
x-proxy-cache: HIT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame B6E0 118 KB
44 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PGX6PL

Requested by

Host: www.bluehost.com
URL: https://www.bluehost.com/web-hosting/domaincheckapi/?affiliate=cookieandkate

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5b704b47dadfe414658971285849638d47e3578f5d2f28f0d35a898876f09659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluehost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 05:04:34 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44931
x-xss-protection: 0
last-modified: Sat, 09 Jul 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 09 Jul 2022 05:04:34 GMT

GET
H2 200 btn-background.png
bluehost-cdn.com/media/partner/img/ Frame B6E0 1 KB
1 KB 7ms
7ms Image
image/png 52.29.153.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bluehost-cdn.com/media/partner/img/btn-background.png
Requested by: Host: bluehost-cdn.com
URL: https://bluehost-cdn.com/media/partner/css/brand/bh.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.29.153.112 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-153-112.eu-central-1.compute.amazonaws.com
Software: openresty /
Resource Hash: 61411c265d06e36b23cbe54284a5a519ad33b0e587007e3d65d3af6781fae764

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluehost-cdn.com/media/partner/css/brand/bh.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 05:04:34 GMT
content-encoding: gzip
last-modified: Wed, 02 Apr 2014 23:09:10 GMT
server: openresty
etag: "534-4f6175f46d180"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Sat, 16 Jul 2022 05:04:34 GMT
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1043
x-proxy-cache: HIT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ Frame B6E0 44 KB
44 KB 136ms
7ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,300,400,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bluehost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 23:32:09 GMT
x-content-type-options: nosniff
age: 365545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jul 2023 23:32:09 GMT

GET
H2 200 bh_regular.woff
bluehost-cdn.com/media/branding/_bh/ Frame B6E0 23 KB
23 KB 31ms
14ms Font
application/x-font-woff 52.29.153.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bluehost-cdn.com/media/branding/_bh/bh_regular.woff
Requested by: Host: bluehost-cdn.com
URL: https://bluehost-cdn.com/media/partner/css/brand/bh.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.29.153.112 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-153-112.eu-central-1.compute.amazonaws.com
Software: openresty /
Resource Hash: d209883df88bbd0f3b0e3c24502fd97d8fed76d2ddbfd2d4d578955fa6c32cd1

Request headers

Referer: https://bluehost-cdn.com/media/partner/css/brand/bh.css
Origin: https://www.bluehost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 05:04:34 GMT
content-encoding: gzip
last-modified: Mon, 14 Oct 2013 15:42:27 GMT
server: openresty
etag: "5a68-4e8b550abbec0"
vary: Accept-Encoding
content-type: application/x-font-woff
access-control-allow-origin: *
expires: Sat, 16 Jul 2022 05:04:34 GMT
cache-control: max-age=604800
accept-ranges: bytes
content-length: 23098
x-proxy-cache: HIT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame B6E0 49 KB
20 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PGX6PL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluehost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 506
date: Sat, 09 Jul 2022 04:56:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 09 Jul 2022 06:56:08 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ Frame B6E0 2 KB
884 B 8ms
7ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bluehost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 04:44:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1201
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 09 Jul 2022 05:44:33 GMT

GET
H2 200 storage Show response
www.relish.com/scripts/ Frame 3716 13 KB
5 KB 16ms
16ms Document
text/html 2606:4700::6812:fea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.relish.com/scripts/storage
Requested by: Host: www.relish.com
URL: https://www.relish.com/scripts/relish.js?key=1f13c6bf-afd2-474f-8a39-d3e4ce67cb8e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9d75e3ddaed4398cd9f1540455cc44149f1d64487440390009f991870b11dbb

Request headers

Referer: https://www.claimztopays.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3530
cache-control: public, max-age=1800
cf-cache-status: HIT
cf-ray: 727e850929b69a18-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 09 Jul 2022 05:04:34 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Sat, 09 Jul 2022 05:34:34 GMT
last-modified: Sat, 09 Jul 2022 04:05:44 GMT
request-context: appId=cid-v1:212be50e-98fe-4a5e-b364-0c0d2b406083
server: cloudflare
vary: Accept-Encoding
x-azure-ref: 0mP7IYgAAAACIVwoveiSSTrZ1lgWCqnWCQlJVMzBFREdFMDQxOAA1OWZkOTUwOC0zOWE5LTQwZDItOTQ5Ny03MzE5NjhkNjIwY2Y=
x-cache: CONFIG_NOCACHE

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 3716 14 KB
5 KB 60ms
35ms Script
text/javascript 2606:4700:440e::6812:2fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: www.relish.com
URL: https://www.relish.com/scripts/storage
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://www.relish.com/
Origin: https://www.relish.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 05:04:34 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 727e85097c54bb8c-FRA

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 81 KB
28 KB 54ms
16ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.relish.com
URL: https://www.relish.com/scripts/relish.js?key=1f13c6bf-afd2-474f-8a39-d3e4ce67cb8e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7d4a77e29961071a337cc5073d127fc328e2ea23fca15e9894838d72cc6822

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 05:04:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28091
x-xss-protection: 0
server: sffe
etag: "1268 / 681 of 1000 / last-modified: 1657317992"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 09 Jul 2022 05:04:34 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1797906804&t=event&_s=2&dl=https%3A%2F%2Fwww.claimztopays.xyz%2F&ul=en-us&de=UTF-8&dt=How%20to%20Start%20a%20Food%20Blog%3A%20Step%20by%20Step%20-%20Cookie%20and%20Kate&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=App%20-%20Loaded&ea=&el=&_u=aEDAAUABAAAAAC~&jid=&gjid=&cid=975533027.1657343074&tid=UA-120925740-14&_gid=1802843312.1657343074&z=1878545650

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 17:01:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43357
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 rum Show response
www.relish.com/cdn-cgi/ Frame 3716 0
229 B 12ms
12ms XHR
text/plain 2606:4700::6812:fea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.relish.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:fea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.relish.com/scripts/storage
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: application/json

Response headers

date: Sat, 09 Jul 2022 05:04:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.relish.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 727e8509ba439a18-FRA
vary: Origin

GET
H2 200 pubads_impl_2022063001.js Show response
securepubads.g.doubleclick.net/gpt/ 374 KB
128 KB 51ms
7ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

sffe /

Resource Hash

c84615457f9332569ff8501c382a395ef9fe116a9add5034b4ebc62c9bceeb3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 23:40:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19425
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130816
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 08:35:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 08 Jul 2023 23:40:49 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 42 B
692 B 59ms
16ms XHR
application/json 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.claimztopays.xyz

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

5a45e55835f44dfd1549a8a97c70ff6d1d2e40d91c331f71f8df35f4e2a25945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 05:04:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56
x-xss-protection: 0
expires: Sat, 09 Jul 2022 05:04:34 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 59ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.claimztopays.xyz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 05:04:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 44ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.claimztopays.xyz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 05:04:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
9 KB 63ms
46ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2788431766874204&correlator=569943619749560&eid=31064687%2C31068339%2C31064226%2C42531605%2C42531608%2C31062930&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fifs&iu_parts=11927475%2CRelishApp_GEO&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=75863461&sfv=1-0-38&ecs=20220709&fsapi=false&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1657343075010&lmt=1657341315&dlt=1657343073319&idt=1666&biw=1600&bih=1200&adxs=0&adys=20078&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.claimztopays.xyz%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x20077&msz=1600x-1&fws=0&ohw=0&ga_vid=975533027.1657343074&ga_sid=1657343075&ga_hid=1797906804&ga_fc=true&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

e132de8f6656899e47516a9bfa30e253c097c1b1377432836cb95a7c5f9ef72d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 05:04:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8967
x-xss-protection: 0
google-lineitem-id: 4707224344
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138236467501
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.claimztopays.xyz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 63ms
23ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022063001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d77c689c912939df251c31d8d61d0680f610f103252a1e32bf75a1edc5f71524

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 05:04:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10669
x-xss-protection: 0

GET container.html
cffa0305d0259ac03d5e3359e70459f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 931F 0
0

GET
H2 200 prebid.min.js Show response
ads.adthrive.com/builds/core/530659f/gdpr/vendor/prebid/es2018/ 471 KB
122 KB 14ms
12ms Script
application/javascript 13.224.189.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adthrive.com/builds/core/530659f/gdpr/vendor/prebid/es2018/prebid.min.js
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/530659f/js/adthrive.min.js?deployment=commit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-89.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ebf86e59456c0202707e63b0bcd728acce0c22f53321251f2a3ae4c33bbb7ed2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: M9c5yuFGt9iuhqa8vOdVV0y9arrT9j8n
content-encoding: br
last-modified: Wed, 06 Jul 2022 15:32:53 GMT
server: AmazonS3
age: 1747
etag: W/"2dec55ec9e0edfc351916ebfeee9f2ac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Sat, 09 Jul 2022 05:04:35 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 0u_uEkKGzjpEGijvzTu4Ps4ZWq6-BxjGD8ilKF0kX0fv0UyupfsSpg==

GET
H2 200 gdpr-liveramp.js Show response
gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/ 447 KB
119 KB 63ms
8ms Script
text/javascript 2600:9000:2156:c800:11:2a6a:9480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/gdpr-liveramp.js
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/530659f/js/adthrive.min.js?deployment=commit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c800:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f373702102ace509e79cf812c0a6563746d392493497ed59cd3120c6274c5aba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:48:14 GMT
content-encoding: gzip
age: 40582
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: attachment; filename="gdpr-liveramp.js"
last-modified: Mon, 31 Jan 2022 22:42:46 GMT
server: AmazonS3
etag: W/"48cdf2fd9379d6c7a7727f6e3fbeec19"
vary: Accept-Encoding
x-amz-version-id: KtYQI6t2MMrBmnDJ05ytEAJTx_6fd7IT
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
content-type: text/javascript
x-amz-cf-id: vi6gDE_hiJPhShus9txr64dWhcCCPzN3BuZi5m7ATasJ1wvfjkPnLA==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 140 KB
39 KB 61ms
10ms Script
application/javascript 13.226.155.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/530659f/js/adthrive.min.js?deployment=commit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-225.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 09 Jul 2022 04:05:44 GMT
via: 1.1 0f538ee832e1105649039b38ce89e882.cloudfront.net (CloudFront), 1.1 2395e6175733260a159a0b484ed8febc.cloudfront.net (CloudFront)
last-modified: Thu, 30 Jun 2022 20:51:38 GMT
server: AmazonS3
age: 3532
etag: W/"72916dde70b34122b394074010b382ce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA2-C1, DUS51-C1
content-encoding: gzip
x-amz-cf-id: t_ULoVSg8W5UTUyDQzIOepc3EtjleIAujQWtSM98PnWE-nczoxzeiQ==

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
27 KB 38ms
28ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/530659f/js/adthrive.min.js?deployment=commit

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

sffe /

Resource Hash

12302288d0cc31b84e4c70129a0417c3a8397710f10533fdb58e844ce50e5399

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 05:04:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28086
x-xss-protection: 0
server: sffe
etag: "1268 / 46 of 1000 / last-modified: 1657317992"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 09 Jul 2022 05:04:35 GMT

GET
H2 200 web-vitals.umd.js Show response
unpkg.com/web-vitals@2.0.1/dist/ 5 KB
2 KB 45ms
18ms Script
application/javascript 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@2.0.1/dist/web-vitals.umd.js

Requested by

Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/530659f/js/adthrive.min.js?deployment=commit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd32ac808b323ce6c8560cba52ebba764864c69205de549821a41e1c21cbe51d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 05:04:35 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 25843309
fly-request-id: 01FFEFDJ0DWCSRVBV24Q3QFHWG
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"1220-Y/lmqcg3C3bYppxzEKe5wnkwNMc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 727e850b1e976940-FRA

POST rum
www.relish.com/cdn-cgi/ Frame 3716 0
0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
0 45ms
44ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssjJpVLnHyjAZy1Hx4DENs9DgGNwOEhMO2qpmC_GLt6rMYMRB0RlGozTZ6TM6Izulgab5jB0njEPT38EJZoACLiJD6D0VckSTwIFP7FmYJimrx7DMxQsDsbE9Yrww0tup1cz4NzYdKfMxTnitZVOB5krXsC52w3q6NVc-QguSptIVGxSRqAE2VotyoLgFzCYZCYZeF4ARAPbTUU16JqHqFZk_Ct4BSqhNw7nUwPb4SyKbW1aC0Ipq-AkXYWvOFN3nQSQTQpi7b8ddVk2E2B1HreRnsrvek1jBiNxbMjY9jPwVhneZpwSdbRi6pfoqqGapqFYT--dmnz&sai=AMfl-YQC-pImP8YsPKnxos3hGwc6sRyJwGcM0Cgyg8pbdGJtkeh5XokhjfrobmSxfsErCn7GjjYMyniOOpAgZ6sv9x6oISuI5iXgQpM2SeX74FLqED-0yWNPZyDhQooO51s&sig=Cg0ArKJSzC2hi1QoJdLOEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.claimztopays.xyz
URL: https://www.claimztopays.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 05:04:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 09 Jul 2022 05:04:35 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ 137 KB
42 KB 36ms
19ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.claimztopays.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sat, 09 Jul 2022 05:04:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43254
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657132091081416"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Jul 2022 05:04:35 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 422ms
400ms XHR
application/javascript 13.226.155.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-225.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 05:04:36 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
last-modified: Wed, 29 Jun 2022 23:14:57 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: ohN.Ia8q4H3SKA9S.12ooUiZoNn.3Gnl
via: 1.1 58dd513f0a53b3e6851a071cb857a706.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
content-type: application/javascript
x-amz-cf-id: 7xvphGfqYiPD5tus4zr509AT9syG8tFWKeTv2m0w8Nc5PDuq-zudPg==

GET
H2 200 gdpr.bundle.js Show response
gdpr.privacymanager.io/latest/ 136 KB
40 KB 50ms
9ms Script
application/x-javascript 2600:9000:2250:6a00:16:f82a:8600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gdpr.privacymanager.io/latest/gdpr.bundle.js
Requested by: Host: gdpr-wrapper.privacymanager.io
URL: https://gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/gdpr-liveramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:6a00:16:f82a:8600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8dd50d5366dbce419bb2c92b138d8e5be463d274430e3ce9251bed8af3e130db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: wzy90OKfXO1MI8f9GAT1AK6smNbAzy8z
content-encoding: br
etag: W/"b94a7466f0909a08c9baeeaf22a8ff32"
age: 1479
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/TCFBuild-prod:6df02357-1ba5-488f-9bcf-e3e18a6a6613
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: a6daa101307027bdf09065e996c49170
last-modified: Wed, 18 May 2022 15:28:01 GMT
server: AmazonS3
date: Sat, 09 Jul 2022 04:39:57 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 2fe261fdb95d3aa2da3e8b42c1c03a670f72f6dff66abf9f3d9d8075f01db326
via: 1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-pop: FRA60-P2
content-type: application/x-javascript
x-amz-cf-id: O_2-vEJsPtwNb51TduYiBhGkDoFfXSeNtqMgsoi065JlYz8vuc3OyA==

GET
DATA 200
OK truncated
/ 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aab7a1602af810273b338f51d6654ded816758be07502b3b575bcf8e4b223038

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 200 vendor-list.json
gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/ Frame 0
0 26ms
8ms Preflight 2600:9000:2156:c800:11:2a6a:9480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/vendor-list.json
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c800:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.claimztopays.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
age: 40582
content-length: 0
date: Fri, 08 Jul 2022 17:48:14 GMT
server: AmazonS3
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-amz-cf-id: KQicGmzYxAFkpyxLZz-8n0JxTDQSdIrxhg4VWstG5I3r0iraEpIzog==
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront

GET
H2 200 vendor-list.json Show response
gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/ 66 KB
11 KB 9ms
8ms Fetch
application/json 2600:9000:2156:c800:11:2a6a:9480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/vendor-list.json
Requested by: Host: gdpr.privacymanager.io
URL: https://gdpr.privacymanager.io/latest/gdpr.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c800:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1cdca6263af4f2d9beb59bc3af27940ddbfb2629e439782ffcf4c4e495463c91

Request headers

Accept: application/json
Referer: https://www.claimztopays.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

x-amz-version-id: edxjG8IYSMIcbIrH6QZ2k3B3Sa4LfqVt
content-encoding: gzip
etag: W/"15d7edf23deed743601edb8e96fabacd"
age: 982
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Fri, 08 Jul 2022 17:41:25 GMT
server: AmazonS3
date: Sat, 09 Jul 2022 04:48:32 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: mb7HpzuIeNsCSIAWAob4udcBxbjB4vD8Y-JsW3KeIA71Joq5cX32gQ==

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 70ms
31ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 05:04:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Jul 2022 05:04:35 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
0 62ms
45ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsusGU1PuPtAnHHszUvaDbYiQuUZm4Lk7FaBSpLzrIvmrJVQxqunciKmaLRf0N2NYHZztdTVA7qyKkWBb_xIgp6DZCAMz6hFsg2N1-erJXAX1CIgzu510bopSNaN1u9f4Nv9fZk0VeEIySq6nIZOswCTTi03d8zM62RcszxGoIj2E4xic9CQB4rzG4Q8PYUR7GgxqXVes2HxLEvxqT6CnaPIpECp4gt9R_cTonH-KF72bcJgNZgcTLMVYrST0y9_1PkUWgkhzT3jIgn_OlyGBKt1E7q_TjsVsElzm-Y8_kx5HtCatnhTQAi3lfRzBtDcIoeRcA2fXRP_0fY&sai=AMfl-YQwTx3P_9yhzaMOLVpMFeOvHSYNhL4Ke-iN3dpEr2JhLOuMPQXFDcBdSfUsQzLF9cgviHPZVojo3nBEoj8D5xTtZ579683II9UaF97qWp37jgDadvOu8JN6lF_VdFQ&sig=Cg0ArKJSzPh-D6CWB1QoEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 05:04:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 09 Jul 2022 05:04:35 GMT

GET
H2 200 index.html Show response
cmp-consent-tool.privacymanager.io/latest/ Frame B329 2 KB
1 KB 35ms
8ms Document
text/html 143.204.89.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Requested by: Host: gdpr.privacymanager.io
URL: https://gdpr.privacymanager.io/latest/gdpr.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-119.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 29b7f78db08d77ff1943d06b6a5f1ebf24843b1fb8cd40da79d576101f5f0b5e

Request headers

Referer: https://www.claimztopays.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 417502
cache-control: must-revalidate,public,max-age=604800
content-encoding: br
content-type: text/html
date: Mon, 04 Jul 2022 09:06:14 GMT
etag: W/"a9695f3941d7e7d526084ac0c78593a3"
last-modified: Wed, 18 May 2022 15:28:35 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
x-amz-cf-id: EkCzPohZd3TBQE2KwsMDKXu_fhBRpSYuy7FA7RNmLc5XSH4ZnpVgvw==
x-amz-cf-pop: FRA50-C1
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:179dfbe3-37f8-4359-b91f-28c4def2ac2c
x-amz-meta-codebuild-content-md5: 1abdffa1ddbf401c6718856c94136f77
x-amz-meta-codebuild-content-sha256: 06109cbd34c1656b4678f95ed8395e56a92be25c754a9a887d71950894967375
x-amz-server-side-encryption: AES256
x-amz-version-id: Ke1yM6ydHaEEvOgESsjjyJW8Dw8NG_aN
x-cache: Hit from cloudfront

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1B61 13 KB
5 KB 26ms
7ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.claimztopays.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6298
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 03:19:37 GMT
expires: Sun, 09 Jul 2023 03:19:37 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4458 783 B
1 KB 41ms
18ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d7f77b56295d411889014f9f1cecd11b6c20032b505858e7eed9b720a3432906

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mqMFKQgIohN-rYHKPaGhFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.claimztopays.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-mqMFKQgIohN-rYHKPaGhFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 05:04:35 GMT
expires: Sat, 09 Jul 2022 05:04:35 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 styles.css
cmp-consent-tool.privacymanager.io/latest/ Frame B329 90 KB
10 KB 11ms
8ms Stylesheet
text/css 143.204.89.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/styles.css
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-119.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5fd811628575c59ea4501cbacd7fee7ffcb6eac53994664438bf006142eb0e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: NK86oJKM9lOF_4fySS9jra4xULuy6Rh5
content-encoding: br
etag: W/"cd863c459ddfca7fa3dde02a0bfde5fb"
age: 186399
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:179dfbe3-37f8-4359-b91f-28c4def2ac2c
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 1abdffa1ddbf401c6718856c94136f77
last-modified: Wed, 18 May 2022 15:28:36 GMT
server: AmazonS3
date: Thu, 07 Jul 2022 01:17:56 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 06109cbd34c1656b4678f95ed8395e56a92be25c754a9a887d71950894967375
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
content-type: text/css
x-amz-cf-id: J0AfPcI7YjD3RwmdHfYLXkopWOe0AgVBrntDhXV6T81JYVYBuyTRZA==

GET
H2 200 openSans.css
cmp-consent-tool.privacymanager.io/latest/ Frame B329 28 KB
3 KB 13ms
10ms Stylesheet
text/css 143.204.89.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-119.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 107c3c8d58a4b471627bcbdb06e10ec2cbd670a02c29458fea8383c1f9d7ddb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: pUgbRQkI5l3VQiPmf8EuNPeevBMYWc6.
content-encoding: br
etag: W/"c23188cdd4f3dbe2a39713eb6d0950da"
age: 402379
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:179dfbe3-37f8-4359-b91f-28c4def2ac2c
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 1abdffa1ddbf401c6718856c94136f77
last-modified: Wed, 18 May 2022 15:28:31 GMT
server: AmazonS3
date: Mon, 04 Jul 2022 13:18:16 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 06109cbd34c1656b4678f95ed8395e56a92be25c754a9a887d71950894967375
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
content-type: text/css
x-amz-cf-id: hZT050zmqwVyKPgZ8IyeYSMeUZH6BoCRD3HP4I06Dl7s4UNc7xnIYA==

GET
H2 200 runtime.js Show response
cmp-consent-tool.privacymanager.io/latest/ Frame B329 3 KB
2 KB 14ms
10ms Script
application/x-javascript 143.204.89.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-119.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1357132a872bc3c79a758f8ee6bd845da8dd085917d3948fd9ea7eb5cbc8228d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 09:06:14 GMT
content-encoding: br
age: 417502
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:179dfbe3-37f8-4359-b91f-28c4def2ac2c
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-sha256: 06109cbd34c1656b4678f95ed8395e56a92be25c754a9a887d71950894967375
x-amz-meta-codebuild-content-md5: 1abdffa1ddbf401c6718856c94136f77
last-modified: Wed, 18 May 2022 15:28:44 GMT
server: AmazonS3
etag: W/"a03d9881b932cb6ea8403f3d8fee84f2"
vary: Accept-Encoding
x-amz-version-id: 1kLQG8VwSm3d.gfkVX126MX0XGZ2ZgE9
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
content-type: application/x-javascript
x-amz-cf-id: bulBSXrhw3azJySB1BcxG-x7QLqG2njrNdJclF9pR0cI_uhEsZ4iWQ==

GET
H2 200 polyfills.js Show response
cmp-consent-tool.privacymanager.io/latest/ Frame B329 36 KB
13 KB 14ms
11ms Script
application/x-javascript 143.204.89.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/polyfills.js
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-119.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 50166cea7ed05f882dff7f3496d076e8bc9defb23b487d64d6d4a7c21c325d1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 03:47:25 GMT
content-encoding: br
age: 91031
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:179dfbe3-37f8-4359-b91f-28c4def2ac2c
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 1abdffa1ddbf401c6718856c94136f77
x-amz-version-id: K3ZWaRDczxbIzlli5oJjCQv4grp4TCNi
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 15:28:31 GMT
server: AmazonS3
etag: W/"ebe9ec655a6443501377c61b7e89be52"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-meta-codebuild-content-sha256: 06109cbd34c1656b4678f95ed8395e56a92be25c754a9a887d71950894967375
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
content-type: application/x-javascript
x-amz-cf-id: zPVXWCKY0DHNtJdwZ8nuJFzpTU9dp-PxfLnI-iMS9AXQDaNHYoCLkA==

GET
H2 200 vendor.js Show response
cmp-consent-tool.privacymanager.io/latest/ Frame B329 612 KB
165 KB 17ms
14ms Script
application/x-javascript 143.204.89.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/vendor.js
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-119.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 10d30e26ef1c7a25e4714259f231c7db8993fe4583537a2be5a3b1749443b726

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: 0j8tPSOwStW8aXAGeO0PWhKeGTZfAk9t
content-encoding: br
etag: W/"1e4853cd005029266b8a4a0bb471e3ee"
age: 144584
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:179dfbe3-37f8-4359-b91f-28c4def2ac2c
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 1abdffa1ddbf401c6718856c94136f77
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 15:28:37 GMT
server: AmazonS3
date: Thu, 07 Jul 2022 12:54:52 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-meta-codebuild-content-sha256: 06109cbd34c1656b4678f95ed8395e56a92be25c754a9a887d71950894967375
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
content-type: application/x-javascript
x-amz-cf-id: T-kzQI9c8GnmEPyMzy_2AkTJ-M004nT8hnFOs5Us4syA3gJNjx073g==

GET
H2 200 main.js Show response
cmp-consent-tool.privacymanager.io/latest/ Frame B329 36 KB
11 KB 30ms
27ms Script
application/x-javascript 143.204.89.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/main.js
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-119.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1e447a73ff7b3e07d997afc994dd1cf824b270c59a1fa88a8258aabbfc5a445e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: 7eqTmGPApeIlCSLhectQTyDtZQhGAIFx
content-encoding: gzip
etag: W/"69b03cc2b91bdb3e0277f2641031a46c"
age: 172413
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:179dfbe3-37f8-4359-b91f-28c4def2ac2c
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 1abdffa1ddbf401c6718856c94136f77
last-modified: Wed, 18 May 2022 15:28:45 GMT
server: AmazonS3
date: Thu, 07 Jul 2022 05:11:03 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 06109cbd34c1656b4678f95ed8395e56a92be25c754a9a887d71950894967375
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
content-type: application/x-javascript
x-amz-cf-id: GpJYZz91_F8_8J-Shv9dNwT1YbUy9kN-G1ZS5UTF8ESL2icg7B7DVA==

GET
H2 200 defaultTheme.css
cmp-consent-tool.privacymanager.io/latest/ Frame B329 0
6 KB 38ms
35ms Other
text/css 143.204.89.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/defaultTheme.css
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-119.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: zW0yRrldTyCoxXa4HTlhs_lVrmZHJDpf
content-encoding: br
etag: W/"50acd4ebe93d23ec3ecd7464ebf645e4"
age: 402379
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:179dfbe3-37f8-4359-b91f-28c4def2ac2c
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 1abdffa1ddbf401c6718856c94136f77
last-modified: Wed, 18 May 2022 15:28:26 GMT
server: AmazonS3
date: Mon, 04 Jul 2022 13:18:16 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 06109cbd34c1656b4678f95ed8395e56a92be25c754a9a887d71950894967375
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
content-type: text/css
x-amz-cf-id: BAWTwSSkZ9hLZBj4tYU3yq0cj6trPxsCTYXd5rfeHYyS7KiBMXcquA==

GET
H2 200 runtime.js Show response
cmp-consent-tool.privacymanager.io/latest/ Frame B329 3 KB
2 KB 30ms
28ms Script
application/x-javascript 143.204.89.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-119.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1357132a872bc3c79a758f8ee6bd845da8dd085917d3948fd9ea7eb5cbc8228d

Request headers

Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
Origin: https://cmp-consent-tool.privacymanager.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 09:06:14 GMT
content-encoding: br
age: 417502
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:179dfbe3-37f8-4359-b91f-28c4def2ac2c
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-sha256: 06109cbd34c1656b4678f95ed8395e56a92be25c754a9a887d71950894967375
x-amz-meta-codebuild-content-md5: 1abdffa1ddbf401c6718856c94136f77
last-modified: Wed, 18 May 2022 15:28:44 GMT
server: AmazonS3
etag: W/"a03d9881b932cb6ea8403f3d8fee84f2"
vary: Accept-Encoding
x-amz-version-id: 1kLQG8VwSm3d.gfkVX126MX0XGZ2ZgE9
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
content-type: application/x-javascript
x-amz-cf-id: wNyra-otZOLRNVkbXszNyniF_FadikTYbViaeZ6GZ6IX2jNMrlSYJA==

GET
H2 200 polyfills.js Show response
cmp-consent-tool.privacymanager.io/latest/ Frame B329 36 KB
13 KB 30ms
29ms Script
application/x-javascript 143.204.89.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/polyfills.js
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-119.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 50166cea7ed05f882dff7f3496d076e8bc9defb23b487d64d6d4a7c21c325d1a

Request headers

Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
Origin: https://cmp-consent-tool.privacymanager.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 03:47:25 GMT
content-encoding: br
age: 91031
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:179dfbe3-37f8-4359-b91f-28c4def2ac2c
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 1abdffa1ddbf401c6718856c94136f77
x-amz-version-id: K3ZWaRDczxbIzlli5oJjCQv4grp4TCNi
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 15:28:31 GMT
server: AmazonS3
etag: W/"ebe9ec655a6443501377c61b7e89be52"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-meta-codebuild-content-sha256: 06109cbd34c1656b4678f95ed8395e56a92be25c754a9a887d71950894967375
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
content-type: application/x-javascript
x-amz-cf-id: XPb5qsJwoa-S8ZtE3b1H3WzSypnUQyrfaf8mTpD4VZbOXO4QDSdB_g==

GET
H2 200 vendor.js Show response
cmp-consent-tool.privacymanager.io/latest/ Frame B329 612 KB
165 KB 31ms
29ms Script
application/x-javascript 143.204.89.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/vendor.js
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-119.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 10d30e26ef1c7a25e4714259f231c7db8993fe4583537a2be5a3b1749443b726

Request headers

Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
Origin: https://cmp-consent-tool.privacymanager.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: 0j8tPSOwStW8aXAGeO0PWhKeGTZfAk9t
content-encoding: br
etag: W/"1e4853cd005029266b8a4a0bb471e3ee"
age: 144584
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:179dfbe3-37f8-4359-b91f-28c4def2ac2c
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 1abdffa1ddbf401c6718856c94136f77
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 15:28:37 GMT
server: AmazonS3
date: Thu, 07 Jul 2022 12:54:52 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-meta-codebuild-content-sha256: 06109cbd34c1656b4678f95ed8395e56a92be25c754a9a887d71950894967375
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
content-type: application/x-javascript
x-amz-cf-id: o587woFshnmY42hKTHkwq5Vni8NPtQXgLGbZKF8rUktEWhQ6cqmsrw==

GET
H2 200 main.js Show response
cmp-consent-tool.privacymanager.io/latest/ Frame B329 36 KB
11 KB 36ms
34ms Script
application/x-javascript 143.204.89.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/main.js
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-119.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1e447a73ff7b3e07d997afc994dd1cf824b270c59a1fa88a8258aabbfc5a445e

Request headers

Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
Origin: https://cmp-consent-tool.privacymanager.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: 7eqTmGPApeIlCSLhectQTyDtZQhGAIFx
content-encoding: gzip
etag: W/"69b03cc2b91bdb3e0277f2641031a46c"
age: 172413
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:179dfbe3-37f8-4359-b91f-28c4def2ac2c
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 1abdffa1ddbf401c6718856c94136f77
last-modified: Wed, 18 May 2022 15:28:45 GMT
server: AmazonS3
date: Thu, 07 Jul 2022 05:11:03 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 06109cbd34c1656b4678f95ed8395e56a92be25c754a9a887d71950894967375
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
content-type: application/x-javascript
x-amz-cf-id: DtpwtDwx5vMLIoX7dScOt0SK7xl7JF7SlnI81d4pwl9FCVrYePfN3A==

GET
H3 200 yleD_imbJ2YLIerZJCJUa4yQOSRhPvCXXlQ8m3xKa_Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 1B61 36 KB
14 KB 24ms
8ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/yleD_imbJ2YLIerZJCJUa4yQOSRhPvCXXlQ8m3xKa_Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca5783fe299b27660b21ead92422546b8c903924613ef0975e543c9b7c4a6bf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 23:40:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13895
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Jul 2023 23:40:57 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4458 0
0 50ms
50ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022063001&jk=2788431766874204&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 200 847.js Show response
cmp-consent-tool.privacymanager.io/latest/ Frame B329 56 KB
11 KB 15ms
14ms Script
application/x-javascript 143.204.89.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/847.js
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-119.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3220a07ad1f631e62d4b733f2ac3f6d8f640e67dccc04a5c7dfa1faeadd4c576

Request headers

Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
Origin: https://cmp-consent-tool.privacymanager.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: aZPUpT1yEySaGtWf3MX39qU2zVhxcsr3
content-encoding: br
etag: W/"f91da85c6efb9fa6cad800aa647bafc0"
age: 144584
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:179dfbe3-37f8-4359-b91f-28c4def2ac2c
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 1abdffa1ddbf401c6718856c94136f77
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 15:28:46 GMT
server: AmazonS3
date: Thu, 07 Jul 2022 12:54:52 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-meta-codebuild-content-sha256: 06109cbd34c1656b4678f95ed8395e56a92be25c754a9a887d71950894967375
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
content-type: application/x-javascript
x-amz-cf-id: 3_TLrIwUCO1xt40YxOIChx0aFzXzXUuHA2pEa6MjBiVwIdy1FJ6BGw==

GET
H2 200 650.js Show response
cmp-consent-tool.privacymanager.io/latest/ Frame B329 22 KB
6 KB 16ms
16ms Script
application/x-javascript 143.204.89.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/650.js
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-119.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c6ebceae3d1722e6da4ce408acb406787f11df1e1fb8696f33c5481e9b4b6f

Request headers

Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
Origin: https://cmp-consent-tool.privacymanager.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 09:06:14 GMT
content-encoding: br
age: 417501
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:179dfbe3-37f8-4359-b91f-28c4def2ac2c
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-sha256: 06109cbd34c1656b4678f95ed8395e56a92be25c754a9a887d71950894967375
x-amz-meta-codebuild-content-md5: 1abdffa1ddbf401c6718856c94136f77
last-modified: Wed, 18 May 2022 15:28:43 GMT
server: AmazonS3
etag: W/"f89cc2f22747329f2049f159f363a2db"
vary: Accept-Encoding
x-amz-version-id: g2yqS861M7lVi_k5bUXeWXY3w4ofYrxH
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
content-type: application/x-javascript
x-amz-cf-id: G83PbYGz7ZlKJLIWkgpmnxZueYne4CW7HHKxqEOmDDi5Sp2vjfEVFQ==

GET
H2 200 blueLagoon.css
cmp-consent-tool.privacymanager.io/latest/ Frame B329 32 KB
6 KB 8ms
8ms Stylesheet
text/css 143.204.89.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/blueLagoon.css
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-119.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31dc78812232ea4a6493c142cb106b6e9b1ce8a6132f812acd86c873e80502a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: DawJBdQ.pnvwsjFVoTHLEcemicrigUQi
content-encoding: gzip
etag: W/"a42a9d1a7d16e26b5b92402d3d718e82"
age: 438322
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:179dfbe3-37f8-4359-b91f-28c4def2ac2c
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 1abdffa1ddbf401c6718856c94136f77
last-modified: Wed, 18 May 2022 15:28:20 GMT
server: AmazonS3
date: Mon, 04 Jul 2022 03:19:37 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 06109cbd34c1656b4678f95ed8395e56a92be25c754a9a887d71950894967375
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
content-type: text/css
x-amz-cf-id: RrtnpBiaU-3J9-788KcTRewYefHr7h-0oWR0qAV_kJyoZTK2Sm33YQ==

GET
H2 200 605.js Show response
cmp-consent-tool.privacymanager.io/latest/ Frame B329 122 KB
24 KB 8ms
8ms Script
application/x-javascript 143.204.89.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/605.js
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-119.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1e8eb3143ae508bca0b46d3cc70e57d78c9c19b8b535a40498bad308428c65fb

Request headers

Referer: https://cmp-consent-tool.privacymanager.io/latest/
Origin: https://cmp-consent-tool.privacymanager.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: gIZkWzmTMNMhD_7MB1vXxZxnYGypnpAN
content-encoding: gzip
etag: W/"e072d3bb1e9ad89785f59ff83ebb6e60"
age: 456621
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:179dfbe3-37f8-4359-b91f-28c4def2ac2c
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 1abdffa1ddbf401c6718856c94136f77
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 15:28:26 GMT
server: AmazonS3
date: Sun, 03 Jul 2022 22:14:15 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-meta-codebuild-content-sha256: 06109cbd34c1656b4678f95ed8395e56a92be25c754a9a887d71950894967375
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
content-type: application/x-javascript
x-amz-cf-id: yTp_Oqg1Pvnn24VKpxkuXbkzaufANGS8540qLM1QaS3HBqDht4WbEg==

GET
H2 200 open-sans-latin-400-normal.woff2
cmp-consent-tool.privacymanager.io/latest/ Frame B329 16 KB
17 KB 8ms
8ms Font
application/octet-stream 143.204.89.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/open-sans-latin-400-normal.woff2
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-119.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0

Request headers

Referer: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Origin: https://cmp-consent-tool.privacymanager.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 21:39:42 GMT
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
age: 545094
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:179dfbe3-37f8-4359-b91f-28c4def2ac2c
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 1abdffa1ddbf401c6718856c94136f77
content-length: 16692
last-modified: Wed, 18 May 2022 15:28:15 GMT
server: AmazonS3
etag: "d65113b6da7ba4bd0a59dbda5a7e24d4"
access-control-allow-methods: GET
x-amz-meta-codebuild-content-sha256: 06109cbd34c1656b4678f95ed8395e56a92be25c754a9a887d71950894967375
access-control-allow-origin: *
cache-control: must-revalidate,public,max-age=604800
x-amz-version-id: gXzkwZ5qZzDJWxlqgfSKnJi9XkB8jffP
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/octet-stream
x-amz-cf-id: lbjiqLZYWWBZb8G5gWCNpC3NBlR8BO6HL0dXBXg_fRrXVJ4cjSDIjA==

GET
H2 200 fingerprint-logo.png
gdpr.privacymanager.io/1/ Frame B329 3 KB
4 KB 8ms
7ms Image
image/png 2600:9000:2250:6a00:16:f82a:8600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gdpr.privacymanager.io/1/fingerprint-logo.png
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:6a00:16:f82a:8600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 48307114877d5b07454707dd9e225619dc2b438b76558e29748f1f9aee0bbf5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: LhMMKvT3mfQvT9MYmDQc9kXnqjlFTmG9
via: 1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
etag: "b7cdca038062eecdc45c7351c6a539ad"
age: 216
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/TCFBuild-prod:6df02357-1ba5-488f-9bcf-e3e18a6a6613
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: a6daa101307027bdf09065e996c49170
content-length: 2962
last-modified: Wed, 18 May 2022 15:28:00 GMT
server: AmazonS3
date: Sat, 09 Jul 2022 05:00:59 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 2fe261fdb95d3aa2da3e8b42c1c03a670f72f6dff66abf9f3d9d8075f01db326
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: zRL3ggch-4TWzjO_HoIOlSTNjJIVWBDfwkwrtfFlpX1rHf9eiXhRXA==

GET
H2 200 icon-chevron-left.svg
cmp-consent-tool.privacymanager.io/latest/ Frame B329 441 B
1 KB 8ms
8ms Image
image/svg+xml 143.204.89.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmp-consent-tool.privacymanager.io/latest/icon-chevron-left.svg
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/blueLagoon.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-119.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9d0c64b5cb663056b6295f677fb794d23ae3999112515beecb7c6703723f493a

Request headers

Referer: https://cmp-consent-tool.privacymanager.io/latest/blueLagoon.css
Origin: https://cmp-consent-tool.privacymanager.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: hgfCnLWHr2GPza2UTNzWbPWvYWveQw2v
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
etag: "e2760515a843a0256b4b810489b5426b"
age: 237146
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:179dfbe3-37f8-4359-b91f-28c4def2ac2c
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 1abdffa1ddbf401c6718856c94136f77
content-length: 441
last-modified: Wed, 18 May 2022 15:28:24 GMT
server: AmazonS3
date: Wed, 06 Jul 2022 11:12:10 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-meta-codebuild-content-sha256: 06109cbd34c1656b4678f95ed8395e56a92be25c754a9a887d71950894967375
access-control-allow-origin: *
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/svg+xml
x-amz-cf-id: I0ZjoGLvm4-NoUAFGD4hhyU8Vcf_SGSm9hdTgoM-XJTLGg-7Ri76-g==

GET
H2 200 open-sans-latin-700-normal.woff2
cmp-consent-tool.privacymanager.io/latest/ Frame B329 16 KB
17 KB 9ms
9ms Font
application/octet-stream 143.204.89.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/open-sans-latin-700-normal.woff2
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-119.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a61d67250a5c36640e22099937af31613e68d6134439d5d4329efea0372aea79

Request headers

Referer: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Origin: https://cmp-consent-tool.privacymanager.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: 2WPe_EmjgtiCgAkytGNe8i5BN_Z43VpS
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
etag: "875ba54801f7cf83ea70abf613fab665"
age: 144583
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:179dfbe3-37f8-4359-b91f-28c4def2ac2c
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 1abdffa1ddbf401c6718856c94136f77
content-length: 16408
last-modified: Wed, 18 May 2022 15:28:45 GMT
server: AmazonS3
date: Thu, 07 Jul 2022 12:54:53 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-meta-codebuild-content-sha256: 06109cbd34c1656b4678f95ed8395e56a92be25c754a9a887d71950894967375
access-control-allow-origin: *
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/octet-stream
x-amz-cf-id: HELsx09_on72toiwEISCpFuzDEOfkUEz9-3N4MBDLd98J3HveauEBA==

GET
H2 200 open-sans-latin-600-normal.woff2
cmp-consent-tool.privacymanager.io/latest/ Frame B329 16 KB
17 KB 10ms
9ms Font
application/octet-stream 143.204.89.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/open-sans-latin-600-normal.woff2
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-119.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 578ea33c3a1daec87277cd626647c55f3e0abd72c0673cde0fe40d4fb8fd5579

Request headers

Referer: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Origin: https://cmp-consent-tool.privacymanager.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 09:59:26 GMT
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
age: 414310
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:179dfbe3-37f8-4359-b91f-28c4def2ac2c
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 1abdffa1ddbf401c6718856c94136f77
content-length: 16712
last-modified: Wed, 18 May 2022 15:28:45 GMT
server: AmazonS3
etag: "1f577b061e6e464e2c949faee6518469"
access-control-allow-methods: GET
x-amz-meta-codebuild-content-sha256: 06109cbd34c1656b4678f95ed8395e56a92be25c754a9a887d71950894967375
access-control-allow-origin: *
cache-control: must-revalidate,public,max-age=604800
x-amz-version-id: tygSMFp34YJwEEQGH5uGlJzBtbjdQIQ6
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/octet-stream
x-amz-cf-id: 2OdhvpnXhH5k8art6VBRHGKgnTp4TbGzzWBtLWlM_D9pGn7gt52QKA==

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1B61 0
9 B 7ms
7ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?vdXeVA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 05:04:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 52ms
52ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022063001&jk=2788431766874204&bg=!j4yljMjNAAaLlKKnq5Q7ACkAdvg8WoGRPKotbKtEll9oQXadt3V_fJvTANFUOl6FIZNFnn9lV3NLdAIAAADWUgAAAARoAQcKADZId9DoIEyfae90DvEyKsM9GLM2RtU_gozkH5EDYO9JF7vaZ3S_drLVouEZeT5LJ8rXeLctPReZApryE7WZnrrOt6XQy9yozQmmQvbNm76IupJF8sfy8Ha5rMCaaN2dwJ-JCIPWvnQ4OuNH2dZTR35BHspIeTv9eesrOeRvm9syK6Y80gsShm-T5vfDp8xy0YFMSBAEkUZK-ejiauzsGpsDB9Ru-vUO1zlYLRRkwgeIpKKOdSAFRLh5d3nEpk85dPL-zRwhfPnsKDrBXtiKpdWchievhAtGNryNgzti72lR5twBBdaBKkI_MGlTI3tgoAc08ABAHFPw6nmzD6tn8h63Qtg1dRgtLBxynhuEqTUNnYHqKnq7K62HPGUZrRTEweLep6zqyArCegy2GFhKPfKqrnVhNTv4K8FpmOXqZi91iaIkFslUG_8kpRBxON-Onz1PhHT-QN3hfjmDAMflrBtPnT_VhE6JGpMojar0LOHK1782lLRfHwT2KBJ4GO4jOEJJO9lleYmOPbS3MmJBlkdUKPOJ-PJzzj5xBqD8ZosS3EiLaibT1F5TF0_A1gNFppyRt1l9E-s5_gDQy_qEbNUUatpCLKpjqDGMSGA45AnTKfTlOiUZ_qPqZxfQoc_yWX3pE3vchK4QVpXmZ-kDl6mByXPEalnlDhLICsMo-kyV7q0CZvVQpYNt0tWwZwid7cIh4ZcVf7NGduZ75iS6JQ-JaZPVMXYSCFKbHsxHXERPZmrDGB5jNqQODxRFb37rJjsC0TlvnXnM4DR1qiqUnmh05dyNJxLdywYdR6z1JEUFmhuS2iqv-L6liZZcs6LQG2w_6dGlEUAZSFo2IFSuo_5_7zpC8oCnIJH3RWpn2F5WCf5U7rQYSNF2eftnYkYo06j15D2VMCDfbr2BFXnlEX_grXwpOIKBwXi_83Syi5Uur-sm37oTN3pDnGX3LdOEws1YKpM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.claimztopays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

POST
H2 200 log Show response
www.relish.com/api-insights/ 20 B
306 B 223ms
223ms Fetch
application/json 2606:4700::6812:fea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.relish.com/api-insights/log?code=EqtpvNqRoZJvn/sE/rbSopZ93dRa0WuQ1cwbu983PxEcSGR6DEVFSQ==
Requested by: Host: www.relish.com
URL: https://www.relish.com/scripts/relish.js?key=1f13c6bf-afd2-474f-8a39-d3e4ce67cb8e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665

Request headers

Referer: https://www.claimztopays.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 09 Jul 2022 05:04:37 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-azure-ref: 0ZAzJYgAAAABChhgqoxQTT5u6uzJsKd+yQlJVMzBFREdFMDQxNgA1OWZkOTUwOC0zOWE5LTQwZDItOTQ5Ny03MzE5NjhkNjIwY2Y=
cf-ray: 727e85163dfa5bf5-FRA
request-context: appId=cid-v1:212be50e-98fe-4a5e-b364-0c0d2b406083

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cffa0305d0259ac03d5e3359e70459f1.safeframe.googlesyndication.com
URL: https://cffa0305d0259ac03d5e3359e70459f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Domain: www.relish.com
URL: https://www.relish.com/cdn-cgi/rum?

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.searchiq.co/	1970-01-20 04:22:24	Name: __cf_bm Value: 5VZLZ1ptogGrWhaThswCDUQMFfpEwQaz0dlKlYV7n4M-1657343073-0-AYSaUJSQ5MjZRNKSk2Ovl/+ta8vPNQFZ1MZ9mFVyhK8uHJHQd0nopvSoReo0UyH8I8fzB/gLhlo3wVbP7SkLF6Y=
.claimztopays.xyz/	1970-01-20 04:23:49	Name: _gid Value: GA1.2.1802843312.1657343074
.claimztopays.xyz/	1970-01-20 04:22:23	Name: _gat_gtag_UA_15904891_2 Value: 1
.claimztopays.xyz/	1970-01-20 04:22:23	Name: _gat_relishTracker Value: 1
.claimztopays.xyz/	1970-01-20 21:53:35	Name: _ga_J3ZWX7Z2T6 Value: GS1.1.1657343073.1.0.1657343073.0
.claimztopays.xyz/	1970-01-20 21:53:35	Name: _ga Value: GA1.1.975533027.1657343074
www.claimztopays.xyz/	1970-01-20 04:22:23	Name: __adblocker Value: false
.bluehost.com/	1970-01-20 04:22:24	Name: __cf_bm Value: koY1m5pupxaxEkzqxQKyln1eIhNQo37IAWyMppfTARI-1657343074-0-AZ6ldUABeMS8tAUyfM/4x0BSc/1SWCZtSN+ELqGy4ALe5Rp8RCny2A0XGJDzSHIKXnVQEMjVkZ+e2OmpTX1A0iQ=
.claimztopays.xyz/	1970-01-20 13:43:59	Name: __gads Value: ID=25bca31498332a6a-226b5c7fc9cd0000:T=1657343075:S=ALNI_MaYhpCEIdAq7h-L8kkr_tWIGdSUsA
.doubleclick.net/	1970-01-20 13:43:59	Name: IDE Value: AHWqTUmNOC_TFXzi8F1jqlJ27-ZX6N2xQaGTHgr_fEvmW_AL1doUIvaSp58awModuPc
.claimztopays.xyz/	1970-01-20 13:43:59	Name: gdpr-auditId Value: b8083afcf38745a599f0b6c692218428

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://cmp-consent-tool.privacymanager.io/latest/index.html#/notice?theme=blueLagoon&useSystemFonts=false&cmpType=tcf Message: A preload for 'https://cmp-consent-tool.privacymanager.io/latest/runtime.js' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other	warning	URL: https://cmp-consent-tool.privacymanager.io/latest/index.html#/notice?theme=blueLagoon&useSystemFonts=false&cmpType=tcf Message: A preload for 'https://cmp-consent-tool.privacymanager.io/latest/polyfills.js' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other	warning	URL: https://cmp-consent-tool.privacymanager.io/latest/index.html#/notice?theme=blueLagoon&useSystemFonts=false&cmpType=tcf Message: A preload for 'https://cmp-consent-tool.privacymanager.io/latest/vendor.js' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other	warning	URL: https://cmp-consent-tool.privacymanager.io/latest/index.html#/notice?theme=blueLagoon&useSystemFonts=false&cmpType=tcf Message: A preload for 'https://cmp-consent-tool.privacymanager.io/latest/main.js' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.adthrive.com
adservice.google.com
adservice.google.de
api.searchiq.co
bluehost-cdn.com
c.amazon-adsystem.com
cffa0305d0259ac03d5e3359e70459f1.safeframe.googlesyndication.com
cmp-consent-tool.privacymanager.io
cookieandkate.com
fonts.googleapis.com
fonts.gstatic.com
gdpr-wrapper.privacymanager.io
gdpr.privacymanager.io
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
pub.searchiq.co
region1.google-analytics.com
securepubads.g.doubleclick.net
static.cloudflareinsights.com
static.searchiq.co
stats.g.doubleclick.net
tpc.googlesyndication.com
unpkg.com
www.bluehost.com
www.claimztopays.xyz
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.npttech.com
www.relish.com
cffa0305d0259ac03d5e3359e70459f1.safeframe.googlesyndication.com
www.relish.com
104.18.28.109
13.224.189.89
13.226.155.225
143.204.89.119
2001:4860:4802:34::36
216.58.212.162
2600:9000:2156:c800:11:2a6a:9480:93a1
2600:9000:2250:6a00:16:f82a:8600:93a1
2606:4700:20::681a:993
2606:4700:3030::6815:5476
2606:4700:440e::6812:2fe6
2606:4700::6810:7caf
2606:4700::6812:acf
2606:4700::6812:fea
2620:1ec:bdf::44
2a00:1450:4001:803::2008
2a00:1450:4001:806::2003
2a00:1450:4001:806::200e
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:828::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2002
2a00:1450:400c:c1b::9c
2a06:98c1:3120::3
2a06:98c1:3121::3
52.29.153.112
04be9a5db2ab8ca90b84cec17dafa96a29c8189790d206e4e7de6130338d0ca6
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0a5f1ceced03b10d5e7d74aba6e8ade9b8f9c6e890cba77a7518e7d246ebf124
107c3c8d58a4b471627bcbdb06e10ec2cbd670a02c29458fea8383c1f9d7ddb9
10d30e26ef1c7a25e4714259f231c7db8993fe4583537a2be5a3b1749443b726
12302288d0cc31b84e4c70129a0417c3a8397710f10533fdb58e844ce50e5399
1357132a872bc3c79a758f8ee6bd845da8dd085917d3948fd9ea7eb5cbc8228d
18f064ba55a4c16f5522a8903782c57161af82e639bf9e34c6fda25cbfc98bde
1cc05fdbfb8325a3b03cb57cdb20705360d143657f8d07b519a974db0dd4dffd
1cdca6263af4f2d9beb59bc3af27940ddbfb2629e439782ffcf4c4e495463c91
1d02b586eb4554ff0080796eb108e3143136c14bc5e7f371723befb2cfd36cc0
1e447a73ff7b3e07d997afc994dd1cf824b270c59a1fa88a8258aabbfc5a445e
1e46c0f40d57c838f02638e2729c37c910f15fffb3347164d7a9c3acb8c79000
1e8eb3143ae508bca0b46d3cc70e57d78c9c19b8b535a40498bad308428c65fb
1f98d9f256b75ea5218d44fafe87c876c343afa9ae8ec69575a4a502c7b8e8bc
29b7f78db08d77ff1943d06b6a5f1ebf24843b1fb8cd40da79d576101f5f0b5e
31dc78812232ea4a6493c142cb106b6e9b1ce8a6132f812acd86c873e80502a7
3220a07ad1f631e62d4b733f2ac3f6d8f640e67dccc04a5c7dfa1faeadd4c576
36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665
398ccc56f51d7529a22b675be0ae1253c52329a4b0e4dcecc700839188365336
41b704fe0ae475e56c172366517cc75214afb4880688ef3425f30645655bc6e4
45379fd4987afec42e4086de17a3e954bc8e60357f4536b96b8b855e42723b60
48307114877d5b07454707dd9e225619dc2b438b76558e29748f1f9aee0bbf5a
4c730360675316a2e7765d587fd00bfa4970daf6d20e5a8b6ede030daefccf4d
4eac52a7a1be3a0e185061891901edd5381815b64b83546662087737676d8b03
50166cea7ed05f882dff7f3496d076e8bc9defb23b487d64d6d4a7c21c325d1a
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56a82e40abe9a62dc72a964d282c12649605c7b74158d2b0dd9fe3e479f59cc7
578ea33c3a1daec87277cd626647c55f3e0abd72c0673cde0fe40d4fb8fd5579
5a45e55835f44dfd1549a8a97c70ff6d1d2e40d91c331f71f8df35f4e2a25945
5b704b47dadfe414658971285849638d47e3578f5d2f28f0d35a898876f09659
5fd811628575c59ea4501cbacd7fee7ffcb6eac53994664438bf006142eb0e0e
61411c265d06e36b23cbe54284a5a519ad33b0e587007e3d65d3af6781fae764
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
630209a656018727bb802ced7e2c0338ba127b1701bffa3119932cdb4d0af23d
6347b9241626e1fbb6ef7213113703eac8cd1ec472aef0962b9f60c0c1637904
647e2e62e457d38a8f5a3802026bbe8113fecce35acd71c2e485d332737be5b1
68de0ecfdc274db50ac5a3558bd1e0ad3fe3b04eaba20417a0b82667cec40c1e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
74b4768ea14794fb44e1ab194adbe01a50f9f3a466a576abddca153b4c808453
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
7f4060928248354d099b140c8a88f5b2dde87b76d0ee226d0909039804f61ae2
7f7d4a77e29961071a337cc5073d127fc328e2ea23fca15e9894838d72cc6822
8185c01d917e3cb038115ce9ef2e3bea8f55d4b8a37037cda4b31d4433df6b8f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8763b475e37bfac2fe719cee8041ce66deb6dae6802e5ab885ef241073baacfe
88391718a27e2daff24dfc030a75265ea28fc889cb35c21479d0e805476cc010
8a7b292444c5e05b0e6d0f72550e183523cecf9ece069ef66c9d184bc852e6f4
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
8dd50d5366dbce419bb2c92b138d8e5be463d274430e3ce9251bed8af3e130db
8e6830c178ae498b4c536ac243bfa04173c550ba4bf6413da2e6e0a26f75a137
91907bd03266de6d85e580052af4cc61caa6329c7c43d64c2c27ec164f4b248c
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
950012941e106d84bf284d5b1af6618b73ad9b35c4195510268429588c58ca33
9539ebb455e52a15b8d8d61563aac0d1d5c23f2b35b2bde144d51c66d09ac53b
9d0c64b5cb663056b6295f677fb794d23ae3999112515beecb7c6703723f493a
9fa447ad81592fae20e124cb27a85e47e8e30e42c431859fb3f7026048b792db
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a10b9570a1c7858442b42f1cd48b69a191638269f37e4046607bf5fe188e38bf
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4ed6192a5661e60f1dd77d79b4024b6315008210b15b6162835108e008c8866
a61d67250a5c36640e22099937af31613e68d6134439d5d4329efea0372aea79
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
aab7a1602af810273b338f51d6654ded816758be07502b3b575bcf8e4b223038
aafa3f7399f4d46a30a37a0408e7113f9d76461e2c0dceb8af06a65424121680
ade38136058fcd75880d3673855aff859ee377d5915e59cccf24a973d418bebb
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b14e6fe1eafc61d7b87942df46a6a348b478a6db6eae2f30e9738dd9ede3f7d3
b4b5f83a75f08d08adb25e478b506973913c5db83f8c04b62b98cdb8bde92c92
b686294554db32643822adcf3c7f2a9f61423026d5bd888eddf9bfd0e1bc0407
b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73
ba5e80de0fb30c5c0e8da4f57ef3dd9b5726782b0bba96c72b2f22cee664c1c1
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c0c6ebceae3d1722e6da4ce408acb406787f11df1e1fb8696f33c5481e9b4b6f
c12b5d2d57bb5b1375e28d8624f7d77dd9192dfd73dcb1dc907a409bc93d820b
c3dfde5daa9dff11dd6d275e2955f5554cc6096c3140cab911e58a03fbaa945b
c84615457f9332569ff8501c382a395ef9fe116a9add5034b4ebc62c9bceeb3d
c9d75e3ddaed4398cd9f1540455cc44149f1d64487440390009f991870b11dbb
ca5783fe299b27660b21ead92422546b8c903924613ef0975e543c9b7c4a6bf4
cc729ff4da4588af94f6725d04f58b5f93532a8fddddb6014887882360acfe14
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
cd32ac808b323ce6c8560cba52ebba764864c69205de549821a41e1c21cbe51d
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
d209883df88bbd0f3b0e3c24502fd97d8fed76d2ddbfd2d4d578955fa6c32cd1
d77c689c912939df251c31d8d61d0680f610f103252a1e32bf75a1edc5f71524
d7f77b56295d411889014f9f1cecd11b6c20032b505858e7eed9b720a3432906
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dee0f4fe2b8af1951470e9505dc6d2d321a7f67b21c83ab5ed88bf22b51718f5
e132de8f6656899e47516a9bfa30e253c097c1b1377432836cb95a7c5f9ef72d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052
e53f1464f350a3c97cb17337ffac8d4a871d04b7c1d2e6f9198134cdbb54aad1
e6998b27518b25b929dc1b5f147c4c21534c8dd7dd73424b79f5abea6380b9c4
e8aaa799b991315fa3af5bd67bd65f13fb94e622eef4fa3b9fa31790333e30f5
eb7fac32cafbb4d2568c5ecfafe71f2f2a8e3147ea7cb24d81c0cb7c766e63ff
ebf86e59456c0202707e63b0bcd728acce0c22f53321251f2a3ae4c33bbb7ed2
ec8d81832d685da41631611fd93421b382068f44d3792938dd23ff276ae230ab
f164e98c10538745e1a800462a06e2da69a5099e8c329a1096fad1a5fa4def9b
f373702102ace509e79cf812c0a6563746d392493497ed59cd3120c6274c5aba
fc7251f2ba638552212b54b2e58660540f95bd87240724125125e53d59bcf107
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

www.claimztopays.xyz Open in urlscan Pro 2620:1ec:bdf::44 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

115 Requests

97 %HTTPS

79 %IPv6

22 Domains

31 Subdomains

30 IPs

4 Countries

2166 kBTransfer

6358 kBSize

11 Cookies

0 Outgoing links

Redirected requests

115 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.claimztopays.xyz Open in urlscan Pro
2620:1ec:bdf::44 Public Scan

Screenshot
Live screenshot

Full Image

115
Requests

97 %
HTTPS

79 %
IPv6

22
Domains

31
Subdomains

30
IPs

4
Countries

2166 kB
Transfer

6358 kB
Size

11
Cookies

115 HTTP transactions
8 data transactions