autoclaim.site Open in urlscan Pro
66.29.141.56 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://autoclaim.site/
Submission: On August 24 via automatic, source certstream-suspicious (August 24th 2021, 3:53:51 am UTC)

Summary HTTP 158 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 29 IPs in 4 countries across 22 domains to perform 158 HTTP transactions. The main IP is 66.29.141.56, located in United States and belongs to NAMECHEAP-NET, US. The main domain is autoclaim.site.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 24th 2021. Valid for: a year.

This is the only time autoclaim.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
24	66.29.141.56 66.29.141.56	22612 (NAMECHEAP...) (NAMECHEAP-NET)
3	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.98.119 143.204.98.119	16509 (AMAZON-02) (AMAZON-02)
1	13.224.102.14 13.224.102.14	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::ac43:4484	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2606:4700:303... 2606:4700:3030::ac43:9e20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3031::ac43:992e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
4	2606:4700:303... 2606:4700:3030::6815:5183	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	136.243.11.250 136.243.11.250	24940 (HETZNER-AS) (HETZNER-AS)
14	2606:4700:303... 2606:4700:3036::ac43:9848	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	143.204.98.70 143.204.98.70	16509 (AMAZON-02) (AMAZON-02)
1	13.224.102.73 13.224.102.73	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700:303... 2606:4700:3034::6815:8ef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.189.49 172.67.189.49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	83.147.204.15 83.147.204.15	202492 (SGHL1-AS) (SGHL1-AS)
13	2606:4700:303... 2606:4700:3037::ac43:8e32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	45.150.232.24 45.150.232.24	56630 (MELBICOM-...) (MELBICOM-EU-AS Melbikomas UAB)
1	2606:4700::68... 2606:4700::6810:e633	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2606:4700:20:... 2606:4700:20::681a:5b7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	144.76.28.254 144.76.28.254	24940 (HETZNER-AS) (HETZNER-AS)
1	2a04:4e42::729 2a04:4e42::729	54113 (FASTLY) (FASTLY)
3	185.59.220.193 185.59.220.193	60068 (CDN77 ^_^) (CDN77 ^_^)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
158	29

24 66.29.141.56 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium211-4.web-hosting.com

autoclaim.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-119.fra50.r.cloudfront.net

arc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.102.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-14.zrh50.r.cloudfront.net

bin.bnbstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4484 (United States)

ASN13335 (CLOUDFLARENET, US)

expresscrypto.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700:3030::ac43:9e20 (United States)

ASN13335 (CLOUDFLARENET, US)

coinad.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:992e (United States)

ASN13335 (CLOUDFLARENET, US)

cookieinfoscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3030::6815:5183 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 136.243.11.250 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.250.11.243.136.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:3036::ac43:9848 (United States)

ASN13335 (CLOUDFLARENET, US)

freebitcoin.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 143.204.98.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-70.fra50.r.cloudfront.net

static.arc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.102.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-73.zrh50.r.cloudfront.net

core.arc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3034::6815:8ef (United States)

ASN13335 (CLOUDFLARENET, US)

cryptolatest.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.189.49 (United States)

ASN13335 (CLOUDFLARENET, US)

freehostedscripts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 83.147.204.15 (Iran, Islamic Republic Of)

ASN202492 (SGHL1-AS, NL)

refpa.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3037::ac43:8e32 (United States)

ASN13335 (CLOUDFLARENET, US)

freelitecoin.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 45.150.232.24 (Amsterdam, Netherlands)

ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT)

refpazkjixes.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:e633 (United States)

ASN13335 (CLOUDFLARENET, US)

mellowads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:20::681a:5b7 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.bmcdn1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.bmcdn1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.bmcdn1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 144.76.28.254 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.254.28.76.144.clients.your-server.de

static.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.59.220.193 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-601.bunnyinfra.net

mellowads.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	autoclaim.site autoclaim.site	316 KB
17	coinad.xyz coinad.xyz	65 KB
14	freebitcoin.vip freebitcoin.vip	89 KB
14	arc.io arc.io static.arc.io core.arc.io	237 KB
13	bmcdn1.com cdn.bmcdn1.com static.bmcdn1.com media.bmcdn1.com	81 KB
13	freelitecoin.vip freelitecoin.vip	75 KB
8	refpazkjixes.top refpazkjixes.top	131 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	353 KB
7	cryptolatest.news cryptolatest.news	45 KB
6	a-ads.com ad.a-ads.com static.a-ads.com	174 KB
6	googleapis.com fonts.googleapis.com ajax.googleapis.com	138 KB
5	fontawesome.com kit.fontawesome.com ka-f.fontawesome.com	100 KB
4	recaptcha.net www.recaptcha.net	36 KB
4	cloudflare.com cdnjs.cloudflare.com	35 KB
3	b-cdn.net mellowads.b-cdn.net	68 KB
3	refpa.top refpa.top	4 KB
1	sentry-cdn.com browser.sentry-cdn.com	20 KB
1	mellowads.com mellowads.com	1 KB
1	freehostedscripts.net freehostedscripts.net	1 KB
1	cookieinfoscript.com cookieinfoscript.com	4 KB
1	expresscrypto.io expresscrypto.io	5 KB
1	bnbstatic.com bin.bnbstatic.com	5 KB
158	22

	Domain	Requested by
24	autoclaim.site	autoclaim.site
17	coinad.xyz	autoclaim.site coinad.xyz freebitcoin.vip cryptolatest.news freelitecoin.vip
14	freebitcoin.vip	autoclaim.site freebitcoin.vip
13	freelitecoin.vip	autoclaim.site freelitecoin.vip freebitcoin.vip
12	static.arc.io	arc.io core.arc.io static.arc.io
8	refpazkjixes.top	refpa.top refpazkjixes.top autoclaim.site
7	static.bmcdn1.com	cdn.bmcdn1.com static.bmcdn1.com
7	cryptolatest.news	autoclaim.site cryptolatest.news
5	cdn.bmcdn1.com	freelitecoin.vip autoclaim.site cdn.bmcdn1.com
4	www.gstatic.com	www.recaptcha.net www.gstatic.com
4	www.recaptcha.net	cdn.bmcdn1.com www.gstatic.com www.recaptcha.net
4	ad.a-ads.com	autoclaim.site coinad.xyz cryptolatest.news
4	ka-f.fontawesome.com	kit.fontawesome.com autoclaim.site
4	fonts.gstatic.com	fonts.googleapis.com www.recaptcha.net
4	cdnjs.cloudflare.com	autoclaim.site static.arc.io
3	mellowads.b-cdn.net	mellowads.com
3	refpa.top	autoclaim.site refpa.top
3	ajax.googleapis.com	autoclaim.site
3	fonts.googleapis.com	autoclaim.site
2	static.a-ads.com	ad.a-ads.com
1	media.bmcdn1.com	cdn.bmcdn1.com
1	browser.sentry-cdn.com	arc.io
1	mellowads.com	freebitcoin.vip
1	freehostedscripts.net	autoclaim.site
1	core.arc.io	arc.io
1	cookieinfoscript.com	autoclaim.site
1	expresscrypto.io	autoclaim.site
1	bin.bnbstatic.com	autoclaim.site
1	arc.io	autoclaim.site
1	kit.fontawesome.com	autoclaim.site
158	30

This site contains links to these domains. Also see Links.

Domain
coinad.xyz
bit.ly
expresscrypto.io
freehostedscripts.net
wikipedia.org
cookieinfoscript.com

Subject Issuer	Validity	Valid
autoclaim.site Sectigo RSA Domain Validation Secure Server CA	`2021-08-24` - `2022-08-24`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-07-26` - `2021-10-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
arc.io Amazon	`2021-04-22` - `2022-05-21`	a year	crt.sh
*.bnbstatic.com Amazon	`2021-01-29` - `2022-02-26`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA	`2020-12-02` - `2022-01-02`	a year	crt.sh
*.cryptolatest.news R3	`2021-08-01` - `2021-10-30`	3 months	crt.sh
*.refpa.top R3	`2021-06-24` - `2021-09-22`	3 months	crt.sh
*.refpazkjixes.top R3	`2021-07-14` - `2021-10-12`	3 months	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-02-22` - `2022-03-26`	a year	crt.sh
*.b-cdn.net Sectigo ECC Domain Validation Secure Server CA	`2020-11-11` - `2021-11-11`	a year	crt.sh
misc.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh

This page contains 31 frames:

Primary Page: https://autoclaim.site/
Frame ID: 3E35DDA9998203604BB13C146BE52AB7
Requests: 57 HTTP requests in this frame

Frame: https://ad.a-ads.com/1611104?size=160x600
Frame ID: 1010014E594061CA4BD2FF6B9D0ED6D7
Requests: 2 HTTP requests in this frame

Frame: https://freebitcoin.vip/network/show.php?z=27&pl=50
Frame ID: AEA0155617A36D6699FE00BAE22B3695
Requests: 1 HTTP requests in this frame

Frame: https://coinad.xyz/show.php?z=29&pl=71
Frame ID: 4818CBE3D1C8A9A069556CFB87EA2DB1
Requests: 1 HTTP requests in this frame

Frame: https://coinad.xyz/show_i.php?b=13628
Frame ID: 45C851DF71B39CC24210D99440B534C4
Requests: 1 HTTP requests in this frame

Frame: https://freebitcoin.vip/network/show.php?z=1&pl=48
Frame ID: 531662B7B8601ECBEC716BC0302DB2E2
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/1709783?size=468x60
Frame ID: 381EF9D7E7CADB19DBC93FCCE3EA23FC
Requests: 2 HTTP requests in this frame

Frame: https://freebitcoin.vip/network/show_i.php?b=4915
Frame ID: CFC3F74FDE14A51863A17762239EB70F
Requests: 5 HTTP requests in this frame

Frame: https://coinad.xyz/show_i.php?b=13627
Frame ID: 1DCDC4A3B57D7A1181D71B108EB61171
Requests: 5 HTTP requests in this frame

Frame: https://core.arc.io/broker.html?f3c7172
Frame ID: 9008DFD38F7C941B8D6E4E844CBE247B
Requests: 6 HTTP requests in this frame

Frame: https://coinad.xyz/show_i.php?b=13629
Frame ID: 9DC1F60CC7C66734249B79D5CA7C08FA
Requests: 1 HTTP requests in this frame

Frame: https://cryptolatest.news/network/show.php?z=27&pl=50
Frame ID: DD9492942CC7348A776E77CE2FC5CDC5
Requests: 1 HTTP requests in this frame

Frame: https://refpa.top/I?tag=b_915181m_44611c_&site=915181&ad=44611
Frame ID: 37E53D92FA30C6888DAF2000BEE4DCE1
Requests: 3 HTTP requests in this frame

Frame: https://freelitecoin.vip/network/show.php?z=28&pl=47
Frame ID: 57C5539EA9883DC1BB67D6D1E1A36A94
Requests: 3 HTTP requests in this frame

Frame: https://freebitcoin.vip/network/show_i.php?b=4916
Frame ID: 5994582378008093890D43161335A5AA
Requests: 5 HTTP requests in this frame

Frame: https://coinad.xyz/show_i.php?a=315&x=TVRZeU9UYzNOekl4TVMweE5qSXVNVFU0TGpreExqRTJNdz09&z=29&d=1&pvars=cHZhcnNfdGltZXN0YW1wPTE2Mjk3NzcyMTEmcHZhcnNfb3M9TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzkyLjAuNDUxNS4xNTkgU2FmYXJpLzUzNy4zNiZwdmFyc19yZWZlcj1odHRwczovL2F1dG9jbGFpbS5zaXRlLyZwdmFyc19pcD0xNjIuMTU4LjkxLjE2MyZwdmFyc19wbGFjZV9uPTcxJnB2YXJzX3B1Ymxpc2hlcl9uPTI=&target=_blank&refer=htttps%3A%2F%2Fautoclaim.site%2F
Frame ID: 874FCAD823F7C61B59E5A054EB82DC93
Requests: 2 HTTP requests in this frame

Frame: https://freebitcoin.vip/network/show_i.php?a=35&x=TVRZeU9UYzNOekl4TVMweE5qSXVNVFU0TGpnNExqSTA=&z=27&d=1&pvars=cHZhcnNfdGltZXN0YW1wPTE2Mjk3NzcyMTEmcHZhcnNfb3M9TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzkyLjAuNDUxNS4xNTkgU2FmYXJpLzUzNy4zNiZwdmFyc19yZWZlcj1odHRwczovL2F1dG9jbGFpbS5zaXRlLyZwdmFyc19pcD0xNjIuMTU4Ljg4LjI0JnB2YXJzX3BsYWNlX249NTAmcHZhcnNfcHVibGlzaGVyX249MQ==&target=_blank&refer=htttps%3A%2F%2Fautoclaim.site%2F
Frame ID: 75A44A1030BC434E45CD692963CE62CA
Requests: 2 HTTP requests in this frame

Frame: https://cryptolatest.news/network/show_i.php?b=13624
Frame ID: E78093EEF7FCC41270CE854D582A2BFA
Requests: 5 HTTP requests in this frame

Frame: https://freelitecoin.vip/network/show_i.php?b=4890
Frame ID: 22FD9ABF01E0DEE411D1D1D3A11A2E18
Requests: 7 HTTP requests in this frame

Frame: https://refpazkjixes.top/img/AdAgent_19/7d358a7a-54da-4e14-adf1-c0cf5a658c23/index.html?dataUrl=https://refpazkjixes.top%2fC%3ftag%3db_915181m_44611c_%26site%3d915181%26ad%3d44611%26urlred%3dhttp%253A%252F%252Fbitredirixe.top%252Fslots%252F
Frame ID: 92BA1833312FD44D15F120987472F3AF
Requests: 8 HTTP requests in this frame

Frame: https://freebitcoin.vip/network/show_i.php?a=39&x=TVRZeU9UYzNOekl4TVMweE5qSXVNVFU0TGpreExqUTM=&z=1&d=1&pvars=cHZhcnNfdGltZXN0YW1wPTE2Mjk3NzcyMTEmcHZhcnNfb3M9TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzkyLjAuNDUxNS4xNTkgU2FmYXJpLzUzNy4zNiZwdmFyc19yZWZlcj1odHRwczovL2F1dG9jbGFpbS5zaXRlLyZwdmFyc19pcD0xNjIuMTU4LjkxLjQ3JnB2YXJzX3BsYWNlX249NDgmcHZhcnNfcHVibGlzaGVyX249MQ==&target=_blank&refer=htttps%3A%2F%2Fautoclaim.site%2F
Frame ID: F77735C2D8AFB8331A9F3597733A474B
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/1621622?size=320x100
Frame ID: 9AC78D635F5CA548646B06565A258BE4
Requests: 3 HTTP requests in this frame

Frame: https://freelitecoin.vip/ads/ad.php?size=728x90
Frame ID: BD84DFB34C6150B82D781007A3DB7F30
Requests: 7 HTTP requests in this frame

Frame: https://cryptolatest.news/network/show_i.php?a=52&x=TVRZeU9UYzNOekl4TWkweE5qSXVNVFU0TGprekxqSTBPUT09&z=27&d=1&pvars=cHZhcnNfdGltZXN0YW1wPTE2Mjk3NzcyMTImcHZhcnNfb3M9TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzkyLjAuNDUxNS4xNTkgU2FmYXJpLzUzNy4zNiZwdmFyc19yZWZlcj1odHRwczovL2F1dG9jbGFpbS5zaXRlLyZwdmFyc19pcD0xNjIuMTU4LjkzLjI0OSZwdmFyc19wbGFjZV9uPTUwJnB2YXJzX3B1Ymxpc2hlcl9uPTE=&target=_blank&refer=htttps%3A%2F%2Fautoclaim.site%2F
Frame ID: 07D8B6704DAE2F12CBA0DD361586116C
Requests: 2 HTTP requests in this frame

Frame: https://mellowads.com/view/DAEAF3B21142
Frame ID: 96FC4925ADC9BB7F36B45C0705D3B286
Requests: 4 HTTP requests in this frame

Frame: https://freelitecoin.vip/network/show_i.php?a=33&x=TVRZeU9UYzNOekl4TWkweE5qSXVNVFU0TGpnNExqZzM=&z=28&d=1&pvars=cHZhcnNfdGltZXN0YW1wPTE2Mjk3NzcyMTImcHZhcnNfb3M9TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzkyLjAuNDUxNS4xNTkgU2FmYXJpLzUzNy4zNiZwdmFyc19yZWZlcj1odHRwczovL2F1dG9jbGFpbS5zaXRlLyZwdmFyc19pcD0xNjIuMTU4Ljg4Ljg3JnB2YXJzX3BsYWNlX249NDcmcHZhcnNfcHVibGlzaGVyX249MQ==&target=_blank&refer=htttps%3A%2F%2Fautoclaim.site%2F
Frame ID: F529A775A8F54FB403A249F3A9D247EF
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/1656746?size=728x90
Frame ID: 4B999898AF7942400EEBF03B2F688F2A
Requests: 3 HTTP requests in this frame

Frame: https://static.arc.io/widget/css/widget.css?f3c7172
Frame ID: 18FA75C73B5B94D40AB6C52554274DB7
Requests: 3 HTTP requests in this frame

Frame: https://static.arc.io/widget/css/widget.css?f3c7172
Frame ID: 60E02E3878394ED811CF3AD75A131CE5
Requests: 9 HTTP requests in this frame

Frame: https://cdn.bmcdn1.com/p/5ddedb0df918d6723b22331a/?source=https%3A%2F%2Ffreelitecoin.vip%2Fads%2Fad.php%3Fsize%3D728x90&ref=https%3A%2F%2Ffreebitcoin.vip%2F&ent=&we=0&fid=8ba59ead797a3c2568f9b14f0043812d&fidnoua=9941766d580b9154eca1e6e24bbf3889&impid=0e61a228556609869f2abf949b59923f&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F92.0.4515.159%20Safari%2F537.36&sig=0x00000&blocksubid=0
Frame ID: 4E94C24327FC1BE341C850464568737E
Requests: 11 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdV3HgUAAAAACYiz5ZDTI3X6PRiwnqmJPNrXNpG&co=aHR0cHM6Ly9jZG4uYm1jZG4xLmNvbTo0NDM.&hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=invisible&cb=qpjuuwbbvecr
Frame ID: BB87444C04A92B7C1498BCF9EFF59329
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AutoClaim.Site | Best Multicoin Autofaucet

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
html /<script[^>]* src=[^>]+fontawesome(?:\.js)?/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

158
Requests

98 %
HTTPS

61 %
IPv6

22
Domains

30
Subdomains

29
IPs

4
Countries

1984 kB
Transfer

4426 kB
Size

2
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://coinad.xyz/
Title: Earn More

Search URL Search Domain Scan URL

URL: https://bit.ly/3dritCH
Title: Binance - Join The World Largest Crypto Exchange

Search URL Search Domain Scan URL

URL: https://expresscrypto.io/signup?referral=12079
Title: Expresscrypto

Search URL Search Domain Scan URL

URL: http://freehostedscripts.net/oc.php?id=NTY1NzQ2MnxhdXRvY2xhaW0uc2l0ZXwwfHwx
Title: 6 Online Users

Search URL Search Domain Scan URL

URL: http://wikipedia.org/wiki/HTTP_cookie
Title: More info

Search URL Search Domain Scan URL

URL: https://cookieinfoscript.com/
Title: cookie script

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://autoclaim.site/css/floatclick.css HTTP 0
http://autoclaim.site/404

Request Chain 40

https://autoclaim.site/js/alert.js HTTP 0
http://autoclaim.site/404

158 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
autoclaim.site/ 38 KB
14 KB 796ms
385ms Document
text/html 66.29.141.56
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://autoclaim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.141.56 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium211-4.web-hosting.com
Software: Apache / PHP/7.4.22
Resource Hash: c2f58cd954dfa4b08214a1cbe0e33d33bd21343aa883662f2f2178e20b0c26a9

Request headers

:method: GET
:authority: autoclaim.site
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:30 GMT
server: Apache
x-powered-by: PHP/7.4.22
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=51d1774b38e6160950c696d7da2c8d62; path=/
vary: Accept-Encoding
content-encoding: gzip
content-length: 14538
content-type: text/html; charset=UTF-8

GET
H2 200 bootstrap.min.css
autoclaim.site/assets/css/ 118 KB
19 KB 400ms
393ms Stylesheet
text/css 66.29.141.56
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://autoclaim.site/assets/css/bootstrap.min.css
Requested by: Host: autoclaim.site
URL: https://autoclaim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.141.56 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium211-4.web-hosting.com
Software: Apache /
Resource Hash: eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Request headers

:path: /assets/css/bootstrap.min.css
pragma: no-cache
cookie: PHPSESSID=51d1774b38e6160950c696d7da2c8d62
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: autoclaim.site
referer: https://autoclaim.site/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:30 GMT
content-encoding: gzip
last-modified: Sat, 17 Oct 2020 17:15:14 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 19751

GET
H2 200 bootstrap.min.css
autoclaim.site/css/ 111 KB
18 KB 579ms
573ms Stylesheet
text/css 66.29.141.56
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://autoclaim.site/css/bootstrap.min.css
Requested by: Host: autoclaim.site
URL: https://autoclaim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.141.56 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium211-4.web-hosting.com
Software: Apache /
Resource Hash: 96b126417447a9c5d415f06e00e2e6372248c9857f5ff60b6477f8c6f55c449a

Request headers

:path: /css/bootstrap.min.css
pragma: no-cache
cookie: PHPSESSID=51d1774b38e6160950c696d7da2c8d62
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: autoclaim.site
referer: https://autoclaim.site/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:30 GMT
content-encoding: gzip
last-modified: Sat, 17 Oct 2020 17:15:14 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 18754

GET
H2 200 font-awesome.min.css
autoclaim.site/css/ 56 KB
12 KB 218ms
211ms Stylesheet
text/css 66.29.141.56
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://autoclaim.site/css/font-awesome.min.css
Requested by: Host: autoclaim.site
URL: https://autoclaim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.141.56 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium211-4.web-hosting.com
Software: Apache /
Resource Hash: ed8325c2420b4c9126d1349e9e0343b3352e352799bb8293377cfb5eb85442f7

Request headers

:path: /css/font-awesome.min.css
pragma: no-cache
cookie: PHPSESSID=51d1774b38e6160950c696d7da2c8d62
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: autoclaim.site
referer: https://autoclaim.site/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:30 GMT
content-encoding: gzip
last-modified: Sat, 17 Oct 2020 17:15:14 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 12475

GET
H2 200 css
fonts.googleapis.com/ 7 KB
764 B 20ms
13ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:300,400,500,300italic

Requested by

Host: autoclaim.site
URL: https://autoclaim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b5552dc4fcd9717dd52e84906a5fafe2af02d28768feff85b0dd74621f63ca05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 02:47:01 GMT
server: ESF
date: Tue, 24 Aug 2021 03:53:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 24 Aug 2021 03:53:30 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
619 B 20ms
13ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: autoclaim.site
URL: https://autoclaim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3a57826dd4437403ec9dffe3d8a907466926d7123e4a765ec724d79ae24e1d54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 02:45:44 GMT
server: ESF
date: Tue, 24 Aug 2021 03:53:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 24 Aug 2021 03:53:30 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
861 B 21ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,300,400,600,700

Requested by

Host: autoclaim.site
URL: https://autoclaim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

db38c6a8c5f7a567a809b00ac06e130668df0aadb8191c0667d1e335870ca86a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 02:35:26 GMT
server: ESF
date: Tue, 24 Aug 2021 03:53:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 24 Aug 2021 03:53:30 GMT

GET
H2 200 popup.css
autoclaim.site/css/ 916 B
621 B 218ms
211ms Stylesheet
text/css 66.29.141.56
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://autoclaim.site/css/popup.css
Requested by: Host: autoclaim.site
URL: https://autoclaim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.141.56 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium211-4.web-hosting.com
Software: Apache /
Resource Hash: ddc2bf3176d5baae32050259740e7b87a874d51fb3d03bb6e5a8d22af849b369

Request headers

:path: /css/popup.css
pragma: no-cache
cookie: PHPSESSID=51d1774b38e6160950c696d7da2c8d62
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: autoclaim.site
referer: https://autoclaim.site/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:30 GMT
content-encoding: gzip
last-modified: Sat, 17 Oct 2020 17:15:14 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 478

GET
H2 200 animate.css
autoclaim.site/css/ 56 KB
4 KB 583ms
576ms Stylesheet
text/css 66.29.141.56
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://autoclaim.site/css/animate.css
Requested by: Host: autoclaim.site
URL: https://autoclaim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.141.56 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium211-4.web-hosting.com
Software: Apache /
Resource Hash: 59a1460df6cb458204ec993345ff4964fa7e1a77da4ab7137e50fce8434c1d6a

Request headers

:path: /css/animate.css
pragma: no-cache
cookie: PHPSESSID=51d1774b38e6160950c696d7da2c8d62
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: autoclaim.site
referer: https://autoclaim.site/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:30 GMT
content-encoding: gzip
last-modified: Sat, 17 Oct 2020 17:15:14 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 4344

GET
H2 200 toastr.css
autoclaim.site/toastr/ 7 KB
3 KB 583ms
577ms Stylesheet
text/css 66.29.141.56
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://autoclaim.site/toastr/toastr.css
Requested by: Host: autoclaim.site
URL: https://autoclaim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.141.56 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium211-4.web-hosting.com
Software: Apache /
Resource Hash: d5d9c805252fa0bbf1054ce303e51d18933af8abb6a5f4ee01fc436e7ee62387

Request headers

:path: /toastr/toastr.css
pragma: no-cache
cookie: PHPSESSID=51d1774b38e6160950c696d7da2c8d62
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: autoclaim.site
referer: https://autoclaim.site/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:30 GMT
content-encoding: gzip
last-modified: Sat, 17 Oct 2020 17:15:14 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 2812

GET
H2 200 responsive.css
autoclaim.site/css/ 3 KB
858 B 584ms
578ms Stylesheet
text/css 66.29.141.56
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://autoclaim.site/css/responsive.css
Requested by: Host: autoclaim.site
URL: https://autoclaim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.141.56 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium211-4.web-hosting.com
Software: Apache /
Resource Hash: 2b8b894d36c2d240d6b6927d211f791c38c7b714ff685cbf404e34212e5c7da9

Request headers

:path: /css/responsive.css
pragma: no-cache
cookie: PHPSESSID=51d1774b38e6160950c696d7da2c8d62
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: autoclaim.site
referer: https://autoclaim.site/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:30 GMT
content-encoding: gzip
last-modified: Sat, 17 Oct 2020 17:15:14 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 715

GET
H2 200 style.css
autoclaim.site/css/ 461 B
442 B 584ms
577ms Stylesheet
text/css 66.29.141.56
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://autoclaim.site/css/style.css
Requested by: Host: autoclaim.site
URL: https://autoclaim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.141.56 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium211-4.web-hosting.com
Software: Apache /
Resource Hash: c9a9a02e63bbf7ff5b0194743ab9de0c78315d3c1d8ef81c42042fa8e2c3d558

Request headers

:path: /css/style.css
pragma: no-cache
cookie: PHPSESSID=51d1774b38e6160950c696d7da2c8d62
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: autoclaim.site
referer: https://autoclaim.site/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:30 GMT
content-encoding: gzip
last-modified: Sat, 17 Oct 2020 17:15:14 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 299

GET
H2 200 buttons.css
autoclaim.site/css/ 2 KB
636 B 584ms
578ms Stylesheet
text/css 66.29.141.56
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://autoclaim.site/css/buttons.css
Requested by: Host: autoclaim.site
URL: https://autoclaim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.141.56 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium211-4.web-hosting.com
Software: Apache /
Resource Hash: bcc725208dc3c2e0b0c012a0b8b5506158727158b0277a6b2e2b6d9dbc102816

Request headers

:path: /css/buttons.css
pragma: no-cache
cookie: PHPSESSID=51d1774b38e6160950c696d7da2c8d62
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: autoclaim.site
referer: https://autoclaim.site/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:30 GMT
content-encoding: gzip
last-modified: Sat, 17 Oct 2020 17:15:14 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 493

GET
H2 200 flipclock.css
autoclaim.site/css/ 9 KB
2 KB 216ms
210ms Stylesheet
text/css 66.29.141.56
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://autoclaim.site/css/flipclock.css
Requested by: Host: autoclaim.site
URL: https://autoclaim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.141.56 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium211-4.web-hosting.com
Software: Apache /
Resource Hash: fb562efb939b9e7454851c32bb14f578d8f9895c7fcc1352ef9b58973735cfb5

Request headers

:path: /css/flipclock.css
pragma: no-cache
cookie: PHPSESSID=51d1774b38e6160950c696d7da2c8d62
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: autoclaim.site
referer: https://autoclaim.site/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:30 GMT
content-encoding: gzip
last-modified: Sat, 17 Oct 2020 17:15:14 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 1628

GET

404
autoclaim.site/
Redirect Chain

https://autoclaim.site/css/floatclick.css
http://autoclaim.site/404

0
0

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 91 KB
32 KB 22ms
16ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Requested by

Host: autoclaim.site
URL: https://autoclaim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 15:39:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32954
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Aug 2022 15:39:07 GMT

GET
H2 200 toastr.min.css
cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/css/ 7 KB
3 KB 65ms
59ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/css/toastr.min.css

Requested by

Host: autoclaim.site
URL: https://autoclaim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10d159adb573ca535b8275f1d27dc8d60fffd9678ee3b5f1a0f7b4be4a77342f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1509806
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2672
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ffe-1a55"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CU1kJ5GIKPl5GZltpfxXMt6fTaXKokkr7ch6jYS04S4oHb6HvuJjtMvcqyg05x0EmG34J2uIZQPlmw9tJw%2FJl2pURidXf8jqOCJGgSsk8zE5ta%2FG6B6Fj4JiKdnoJah%2FW2GDk9bcp2wUKCvd8HSDTWSw"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6839a2502d4c4aa4-FRA
expires: Sun, 14 Aug 2022 03:53:30 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.3.0/ 54 KB
19 KB 25ms
19ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js

Requested by

Host: autoclaim.site
URL: https://autoclaim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

900191a443115d8b48a9d68d3062e8b3d7129727951b8617465b485baf253006

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 14:40:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19212
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Aug 2022 14:40:59 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.0/ 84 KB
84 KB 14ms
9ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js

Requested by

Host: autoclaim.site
URL: https://autoclaim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 00:14:25 GMT
x-content-type-options: nosniff
age: 272345
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86351
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Aug 2022 00:14:25 GMT

GET
H2 200 modernizr-2.6.2.min.js Show response
autoclaim.site/js/vendor/ 15 KB
6 KB 588ms
584ms Script
application/javascript 66.29.141.56
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://autoclaim.site/js/vendor/modernizr-2.6.2.min.js
Requested by: Host: autoclaim.site
URL: https://autoclaim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.141.56 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium211-4.web-hosting.com
Software: Apache /
Resource Hash: cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8

Request headers

:path: /js/vendor/modernizr-2.6.2.min.js
pragma: no-cache
cookie: PHPSESSID=51d1774b38e6160950c696d7da2c8d62
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: autoclaim.site
referer: https://autoclaim.site/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:31 GMT
content-encoding: gzip
last-modified: Sat, 17 Oct 2020 17:15:14 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 6246

GET
H2 200 bootstrap.min.js Show response
autoclaim.site/js/ 28 KB
8 KB 588ms
583ms Script
application/javascript 66.29.141.56
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://autoclaim.site/js/bootstrap.min.js
Requested by: Host: autoclaim.site
URL: https://autoclaim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.141.56 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium211-4.web-hosting.com
Software: Apache /
Resource Hash: 03bf371e3ca4739cfe6bea61f0126b7cbb94e4713e970651f9acd5acb3d9e399

Request headers

:path: /js/bootstrap.min.js
pragma: no-cache
cookie: PHPSESSID=51d1774b38e6160950c696d7da2c8d62
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: autoclaim.site
referer: https://autoclaim.site/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:31 GMT
content-encoding: gzip
last-modified: Sat, 17 Oct 2020 17:15:14 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 7665

GET
H2 200 plugins.js Show response
autoclaim.site/js/ 733 B
530 B 583ms
579ms Script
application/javascript 66.29.141.56
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://autoclaim.site/js/plugins.js
Requested by: Host: autoclaim.site
URL: https://autoclaim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.141.56 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium211-4.web-hosting.com
Software: Apache /
Resource Hash: 267f86b986829cb9a3c46b9fcdbc56783bb923005ba5ef5b27efce504e72ecfa

Request headers

:path: /js/plugins.js
pragma: no-cache
cookie: PHPSESSID=51d1774b38e6160950c696d7da2c8d62
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: autoclaim.site
referer: https://autoclaim.site/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:31 GMT
content-encoding: gzip
last-modified: Sat, 17 Oct 2020 17:15:14 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 373

GET
H2 200 main.js Show response
autoclaim.site/js/ 462 B
420 B 583ms
579ms Script
application/javascript 66.29.141.56
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://autoclaim.site/js/main.js
Requested by: Host: autoclaim.site
URL: https://autoclaim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.141.56 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium211-4.web-hosting.com
Software: Apache /
Resource Hash: 759bcbbf2058d0a33948eab23c35c499523a2d7fe779f3746fc40afe72020e7a

Request headers

:path: /js/main.js
pragma: no-cache
cookie: PHPSESSID=51d1774b38e6160950c696d7da2c8d62
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: autoclaim.site
referer: https://autoclaim.site/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:31 GMT
content-encoding: gzip
last-modified: Sat, 17 Oct 2020 17:15:14 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 263

GET
H2 200 wow.min.js Show response
autoclaim.site/js/ 7 KB
3 KB 588ms
584ms Script
application/javascript 66.29.141.56
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://autoclaim.site/js/wow.min.js
Requested by: Host: autoclaim.site
URL: https://autoclaim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.141.56 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium211-4.web-hosting.com
Software: Apache /
Resource Hash: 36a88df037dc6c940450a9e251a34c9321d76d894d3d1734ee8cede45028d84c

Request headers

:path: /js/wow.min.js
pragma: no-cache
cookie: PHPSESSID=51d1774b38e6160950c696d7da2c8d62
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: autoclaim.site
referer: https://autoclaim.site/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:31 GMT
content-encoding: gzip
last-modified: Sat, 17 Oct 2020 17:15:14 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 2431

GET alert.js
autoclaim.site/js/ 0
0

GET
H2 200 26c864a4db.js Show response
kit.fontawesome.com/ 11 KB
4 KB 85ms
15ms Script
text/javascript 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/26c864a4db.js

Requested by

Host: autoclaim.site
URL: https://autoclaim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfdec5e6af736b9e6dd3b40bd508ffd48c802d849d5531c962b38c19568d97ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:30 GMT
content-encoding: gzip
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-cache-status: HIT
age: 23
strict-transport-security: max-age=31536000; preload
x-request-id: Fm7MjAkxVwGCfIIBK07B
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
cf-ray: 6839a2507d584a73-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H2 200 widget.min.js Show response
arc.io/ 7 KB
3 KB 139ms
33ms Script
application/javascript 143.204.98.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arc.io/widget.min.js

Requested by

Host: autoclaim.site
URL: https://autoclaim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.119 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-119.fra50.r.cloudfront.net

Software

Resource Hash

e4d2e5353db7994ccb44b1f3ae7de36649b239f11909966d2af4b2d0e1c8f153

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
last-modified: Mon, 23 Aug 2021 03:37:22 GMT
age: 2624
etag: "612317f2-b76"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=864000
date: Tue, 24 Aug 2021 03:09:47 GMT
x-amz-cf-pop: FRA50-C1
content-length: 2934
via: 1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
x-amz-cf-id: VDwG7FAJPI1DBCZlP0HzXIA_BiCp29utXJ3pTldquI6PAlEyvEL42A==

GET
H2 200 favicon.ico
bin.bnbstatic.com/static/images/common/ 4 KB
5 KB 199ms
91ms Image
image/vnd.microsoft.icon 13.224.102.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bin.bnbstatic.com/static/images/common/favicon.ico
Requested by: Host: autoclaim.site
URL: https://autoclaim.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-14.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8318ebbcb1cb4729eb0f78bb058dc618c3b63f9f9f0070a1a7a3265fdc79b833

Request headers

Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 13:43:04 GMT
via: 1.1 e6b325a976b10aa826ec63757afbdedb.cloudfront.net (CloudFront)
last-modified: Thu, 12 Aug 2021 13:42:33 GMT
server: AmazonS3
age: 1001428
etag: "43365839589fc348172246e108c1297c"
x-cache: Hit from cloudfront
x-amz-version-id: 7eGNurzRmwKQhXzoc9wN3tlgkHELFXpv
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/vnd.microsoft.icon
content-length: 4286
x-amz-cf-id: lW94TKgNRgfLpCXSUJyjzteRCJTcUUyQe7AfYFK7qMjz6hSMLh9BxQ==

GET
H2 200 logo.png
expresscrypto.io/images/ 4 KB
5 KB 39ms
14ms Image
image/png 2606:4700:20::ac43:4484
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://expresscrypto.io/images/logo.png

Requested by

Host: autoclaim.site
URL: https://autoclaim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4484 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5666eb1d5d2528f465e66fa691befee1b51c363b209e5c6bb9929e521f02e813

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:31 GMT
cf-cache-status: HIT
last-modified: Fri, 23 Nov 2018 21:24:56 GMT
server: cloudflare
age: 459
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dzamn1ZXJhk1h6WGSxtXzxK5RZBiLkBeb4jBFMJmfWL6YcJk6IBmEL9BTkT8DO11x4NT25soz1A2u13wEMsKCvBxJf4RTrlqfD2Tw9DvivzoGkn0NRyKgaZ%2BqPNn3lUdebbNi5Ls50nkN08zBBI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6839a2559b47176a-FRA
content-length: 4601

GET
H2 200 show.js Show response
coinad.xyz/ 2 KB
1 KB 41ms
12ms Script
application/javascript 2606:4700:3030::ac43:9e20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://coinad.xyz/show.js

Requested by

Host: autoclaim.site
URL: https://autoclaim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:9e20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c323c06b01df371aca6e4b05568f7010bceeb11464f73abcbc4ab2e1eb4a5598

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 253065
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Apr 2019 08:27:44 GMT
server: cloudflare
etag: W/"5cc01e00-7e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sgW2Sdzcuy87rp%2Byq5dICS20s1VXtOyvZ%2F1E2LYOpODZvNOXfFioJxg%2FeZITJbJ%2Bjttc%2FWLJFChxzurwAjbm3vm7aQlsoFKd4n8ASmwfkmaiZOVt4KU9V6yHKJuJgtw3QjzF7ih4R30W"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6839a25438bb2bdd-FRA
expires: Mon, 20 Sep 2021 05:35:46 GMT

GET
H2 200 ada.png
autoclaim.site/images/ 38 KB
38 KB 404ms
401ms Image
image/png 66.29.141.56
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://autoclaim.site/images/ada.png
Requested by: Host: autoclaim.site
URL: https://autoclaim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.141.56 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium211-4.web-hosting.com
Software: Apache /
Resource Hash: 7a795658fafa300a20d9ec1ce670f23751632880844f765a4bb191bba512f99d

Request headers

:path: /images/ada.png
pragma: no-cache
cookie: PHPSESSID=51d1774b38e6160950c696d7da2c8d62
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: autoclaim.site
referer: https://autoclaim.site/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:31 GMT
last-modified: Sat, 17 Oct 2020 17:15:14 GMT
server: Apache
accept-ranges: bytes
content-length: 39254
content-type: image/png

GET
H2 200 trx.png
autoclaim.site/images/ 14 KB
14 KB 218ms
215ms Image
image/png 66.29.141.56
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://autoclaim.site/images/trx.png
Requested by: Host: autoclaim.site
URL: https://autoclaim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.141.56 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium211-4.web-hosting.com
Software: Apache /
Resource Hash: e2d071c6f9b908e5f7953bd2aec8f7e5501aec6e3b5f2db9e8700f58451b8f4b

Request headers

:path: /images/trx.png
pragma: no-cache
cookie: PHPSESSID=51d1774b38e6160950c696d7da2c8d62
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: autoclaim.site
referer: https://autoclaim.site/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:31 GMT
last-modified: Sat, 17 Oct 2020 17:15:14 GMT
server: Apache
accept-ranges: bytes
content-length: 13844
content-type: image/png

GET
H2 200 doge.png
autoclaim.site/images/ 53 KB
53 KB 225ms
222ms Image
image/png 66.29.141.56
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://autoclaim.site/images/doge.png
Requested by: Host: autoclaim.site
URL: https://autoclaim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.141.56 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium211-4.web-hosting.com
Software: Apache /
Resource Hash: 5c7dc92e5b1a4adf323cb96799e3ece32dda84e9f9d4c5ce6e59df7f04723157

Request headers

:path: /images/doge.png
pragma: no-cache
cookie: PHPSESSID=51d1774b38e6160950c696d7da2c8d62
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: autoclaim.site
referer: https://autoclaim.site/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:31 GMT
last-modified: Sat, 17 Oct 2020 17:15:14 GMT
server: Apache
accept-ranges: bytes
content-length: 53987
content-type: image/png

GET
H2 200 dgb.png
autoclaim.site/images/ 8 KB
8 KB 403ms
400ms Image
image/png 66.29.141.56
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://autoclaim.site/images/dgb.png
Requested by: Host: autoclaim.site
URL: https://autoclaim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.141.56 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium211-4.web-hosting.com
Software: Apache /
Resource Hash: d8527d9e598ecb9b9c13c2d53f859bd83cc1966dadc49c302ec82164ce088b95

Request headers

:path: /images/dgb.png
pragma: no-cache
cookie: PHPSESSID=51d1774b38e6160950c696d7da2c8d62
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: autoclaim.site
referer: https://autoclaim.site/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:31 GMT
last-modified: Sat, 17 Oct 2020 17:15:14 GMT
server: Apache
accept-ranges: bytes
content-length: 8100
content-type: image/png

GET
H2 200 rdd.png
autoclaim.site/images/ 103 KB
104 KB 597ms
595ms Image
image/png 66.29.141.56
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://autoclaim.site/images/rdd.png
Requested by: Host: autoclaim.site
URL: https://autoclaim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.141.56 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium211-4.web-hosting.com
Software: Apache /
Resource Hash: 7ca9ec4b5488e3429ff963775185ef5e26846961df691bbecda8de5b55aab223

Request headers

:path: /images/rdd.png
pragma: no-cache
cookie: PHPSESSID=51d1774b38e6160950c696d7da2c8d62
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: autoclaim.site
referer: https://autoclaim.site/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:31 GMT
last-modified: Sat, 17 Oct 2020 17:15:14 GMT
server: Apache
accept-ranges: bytes
content-length: 105820
content-type: image/png

GET
H3-29 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.11.3/ 94 KB
30 KB 21ms
21ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: autoclaim.site
URL: https://autoclaim.site/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3410536
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 29929
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-176f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gO8g49obE45OVKOdwdphc2oiALiZEOGnP7Q%2B%2FsQVwFpeFoIUx7N8fqj64fXfpDVfOK0%2BDKQUBA9p9XdHhPuoG4uC6gTerCswHyxOXH6y5CHlrVHzvl%2BMIhQPxGMyBcl6auglvhtr1CEEpjNIznYYdeRQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6839a2545a8b4e14-FRA
expires: Sun, 14 Aug 2022 03:53:31 GMT

GET
H2 200 adblock.js Show response
autoclaim.site/js/ 7 KB
2 KB 220ms
220ms Script
application/javascript 66.29.141.56
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://autoclaim.site/js/adblock.js
Requested by: Host: autoclaim.site
URL: https://autoclaim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.141.56 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium211-4.web-hosting.com
Software: Apache /
Resource Hash: 3ea14e481c971f10b980c574ded902d2f5caa7cc15d962f655a24ddfd9cb5527

Request headers

:path: /js/adblock.js
pragma: no-cache
cookie: PHPSESSID=51d1774b38e6160950c696d7da2c8d62
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: autoclaim.site
referer: https://autoclaim.site/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:31 GMT
content-encoding: gzip
last-modified: Sat, 17 Oct 2020 17:15:14 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1839

GET
H2 200 plugRot.js Show response
autoclaim.site/js/ 999 B
544 B 212ms
211ms Script
application/javascript 66.29.141.56
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://autoclaim.site/js/plugRot.js
Requested by: Host: autoclaim.site
URL: https://autoclaim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.141.56 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium211-4.web-hosting.com
Software: Apache /
Resource Hash: 303efdbe23ca1d49284f639b27a700b3e17cda31859d5ac7e807fb3f17d3115e

Request headers

:path: /js/plugRot.js
pragma: no-cache
cookie: PHPSESSID=51d1774b38e6160950c696d7da2c8d62
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: autoclaim.site
referer: https://autoclaim.site/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:31 GMT
content-encoding: gzip
last-modified: Sat, 17 Oct 2020 17:15:14 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 387

GET
H2 200 cookieinfo.min.js Show response
cookieinfoscript.com/js/ 7 KB
4 KB 41ms
16ms Script
application/x-javascript 2606:4700:3031::ac43:992e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cookieinfoscript.com/js/cookieinfo.min.js
Requested by: Host: autoclaim.site
URL: https://autoclaim.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:992e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ab31a97c236988bb6e415187b2197cdbf689664173015dffd6da8eb96b1626f

Request headers

Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 201
x-amz-meta-cb-modifiedtime: Wed, 07 Apr 2021 11:38:58 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 6FZAM1364E2BV84G
x-amz-id-2: +Uhlf5OUoVQ5xFl26ru3QJIN8Q2TaB/GZHt1NWs2sCynlXAyIfWOeCU/H17Ts5pLUVeqfjdmw+o=
last-modified: Wed, 07 Apr 2021 11:39:17 GMT
server: cloudflare
etag: W/"d15d93068c1121f63008407d339bd819"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H0D9k1P4Vb3taOXqee97%2B%2Bv0bmvvfAKM9BJeIvUSOL6vg9ODKPLpuVnPyKBBorwcpxGgmFaau0RICLIRG%2FO9UatG%2Bp3V%2B%2FAYi%2F0SK7R0ypjzS7ZL2d%2FDC5a%2FdyIf%2B%2Fj02Ma6m0aWQcLnos9oEN%2B3L5Yw4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=2678400
cf-ray: 6839a2559d82c2d6-FRA

GET
H2 200 toastr.js Show response
autoclaim.site/toastr/ 17 KB
3 KB 215ms
211ms Script
application/javascript 66.29.141.56
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://autoclaim.site/toastr/toastr.js
Requested by: Host: autoclaim.site
URL: https://autoclaim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.141.56 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium211-4.web-hosting.com
Software: Apache /
Resource Hash: f98cfd8031682e7e94e64edfd3f280790195aedb30de7d99a322bafbabc81040

Request headers

:path: /toastr/toastr.js
pragma: no-cache
cookie: PHPSESSID=51d1774b38e6160950c696d7da2c8d62
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: autoclaim.site
referer: https://autoclaim.site/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:31 GMT
content-encoding: gzip
last-modified: Sat, 17 Oct 2020 17:15:14 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 3390

GET
H3-29 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 16 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,300,400,600,700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://autoclaim.site
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 13:27:21 GMT
x-content-type-options: nosniff
age: 570370
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16112
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:09 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 13:27:21 GMT

GET

404
autoclaim.site/
Redirect Chain

https://autoclaim.site/js/alert.js
http://autoclaim.site/404

0
0

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.3/css/ 59 KB
13 KB 39ms
17ms Fetch
text/css 2606:4700:3030::6815:5183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.3/css/free.min.css?token=26c864a4db
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/26c864a4db.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2819ca1f7ad1af7ba53c4edfdfd395c547bcb16d29892a234d7860c689ed929

Request headers

Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:31 GMT
via: 1.1 112d82578d402a38d8d02e8b857617e1.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10620838
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Wed, 17 Mar 2021 02:23:57 GMT
server: cloudflare
etag: W/"390b4210e10c744c3c597500bcf0b31a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qVaP8Nfjd2mUxZXmz3nyFAPy%2B%2FKhyyUlsFnA281ICxsn9RreN0lfrEQ%2FDLKFVMSow0WEyZC%2FGiGDXvJxEUi%2BngdcRmgqeQlSsF9ljOqk6eGf5uavAqh4OwYzk%2FuxY%2B63o3SlzHeUaT0Hg0g9jyX3OsC%2FBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: SEA19-C2
cf-ray: 6839a2559caf5c0e-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 6LEYogdF9e7fi0ietf6B_jsAlZV4shj-aeSOnVKU_TTe1xtczgkM8Q==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.3/css/ 26 KB
5 KB 38ms
16ms Fetch
text/css 2606:4700:3030::6815:5183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.3/css/free-v4-shims.min.css?token=26c864a4db
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/26c864a4db.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 362daeaf1f7e05fee9a609e549f148aacbe518c166fbd96ead69057e295742af

Request headers

Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:31 GMT
via: 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10620838
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Wed, 17 Mar 2021 02:23:57 GMT
server: cloudflare
etag: W/"8a99ce81ec2f89fbca03f2c8cf1a3679"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ej6B8MdzwWHJDNWaSdRB8m2561UWtDc1vYKtNCsVRXDeI4YGnl7h6yxKDcJk9JHEYGiaSrQds8hjX5KO4U6Ogy6wlmGlvZBi73LN3MHYIL%2FN5vNxVMTF3U61SPNcpFZ3z8cKnqZfk7FVHaNZ0VR%2FpBBnuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: SEA19-C2
cf-ray: 6839a2559cb25c0e-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: OGcDi3Kugh7jaEnZC340OVLVsmnhsXUpmHuB7ss5FQwYGIqac0B8Fw==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.3/css/ 3 KB
2 KB 37ms
15ms Fetch
text/css 2606:4700:3030::6815:5183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.3/css/free-v4-font-face.min.css?token=26c864a4db
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/26c864a4db.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc39faeca56080ddf58d15275b2fe0cfa3bc1ec8afd82508555b25555ec95086

Request headers

Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:31 GMT
via: 1.1 9046e5a276a05e60ee34c8475e92b8e7.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10620838
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Wed, 17 Mar 2021 02:23:57 GMT
server: cloudflare
etag: W/"22be82a519ceafc43258d8f58a37fcf5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JjfK6rZxHx71mHi2rbSRERvm7Bo1Xo7cDMjBR07Zs0v%2B2rSOQ4iVmrBOo%2Fi5VMn%2F2RhwxkerT60otVlffrga6kQZOLFz5is02Y5NY87ErOazzViD7k55D5YNZlWbXE55TYA9BSfQY5YR6bT1R%2Bk9usEjFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: SEA19-C2
cf-ray: 6839a2559cb45c0e-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: vBO6J1P0wyc8_gaOLkXMJdACwO8rZHWUz_agCu-N5wD0Jjy1OKeguw==

GET
H/1.1 200
OK 1611104 Show response
ad.a-ads.com/ Frame 1010 7 KB
3 KB 196ms
92ms Document
text/html 136.243.11.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1611104?size=160x600

Requested by

Host: autoclaim.site
URL: https://autoclaim.site/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

136.243.11.250 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.250.11.243.136.clients.your-server.de

Software

nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)

Resource Hash

6253c9db59382467c65f077a53bec1c94deecd9b69689e73df743955babcc77d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://autoclaim.site/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://autoclaim.site/

Response headers

Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 24 Aug 2021 03:53:31 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Original-Referer: https://autoclaim.site/
Content-Encoding: gzip

GET
H2 200 show.php Show response
freebitcoin.vip/network/ Frame AEA0 747 B
1 KB 64ms
31ms Document
text/html 2606:4700:3036::ac43:9848
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freebitcoin.vip/network/show.php?z=27&pl=50

Requested by

Host: autoclaim.site
URL: https://autoclaim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:9848 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a66eec3031d524e29e43167bf50bbe373025a9f92bc041bacc859b06ccfb1d94

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: freebitcoin.vip
:scheme: https
:path: /network/show.php?z=27&pl=50
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://autoclaim.site/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://autoclaim.site/

Response headers

date: Tue, 24 Aug 2021 03:53:31 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=vvgh68tp3190389f81ho2peuj1; path=/
strict-transport-security: max-age=15768000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vwuFaKwz4HqZGuTAEtupBNv4VUQTaSvNN%2FAjOkbBFDKLWZRXs2oYJ3NYiwgb7KB44Hzw3d%2ByPJBtCYvj67egC9CWeY66VY3I4MWiY7eAAMkpYKhEWbkJWHLKQyMyCiG%2B%2F7U%2BTPNnahKomrfbLnU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6839a255ba982484-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 show.php Show response
coinad.xyz/ Frame 4818 736 B
1 KB 94ms
81ms Document
text/html 2606:4700:3030::ac43:9e20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://coinad.xyz/show.php?z=29&pl=71

Requested by

Host: autoclaim.site
URL: https://autoclaim.site/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:9e20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a3d6c907ce94208068d374cc2e4640e46dbc6caeadfbed97f10d6a93cb0cea4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: coinad.xyz
:scheme: https
:path: /show.php?z=29&pl=71
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://autoclaim.site/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://autoclaim.site/

Response headers

date: Tue, 24 Aug 2021 03:53:31 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=qd7hn6uou8donsjb6ftoa2rvr4; path=/
strict-transport-security: max-age=15768000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4NXXOaU3N4jUPqPZo%2BusF%2BaeUobot3PPahIJ1fcjFT%2FBSLbmwRBR37PFTePBCDJD4dfbxdveAviK3K2tVDwCLUvPBtN6U4TXmBvFnVybk0Fx7aC1HO%2BSljsIXmG9XLR5pXistrHz3rAC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6839a2559aa54de2-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,300,400,600,700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://autoclaim.site
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 20:30:51 GMT
x-content-type-options: nosniff
age: 26560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15764
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:17 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Aug 2022 20:30:51 GMT

GET
H3-29 200 show.php Show response
coinad.xyz/ 275 B
805 B 75ms
74ms Script
application/javascript 2606:4700:3030::ac43:9e20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://coinad.xyz/show.php?z=7&w=0&vwidth=0&vheight=0&window_w=1600&window_h=1200&pl=128&ad_type=0&charset=0&top_space=0&shape=1&c_border=191933&c_background=333366&page_background=333366&c_text1=FFFFFF&c_text2=99CC33&c_text3=99CC33&c_text4=99CC33&c_text5=FFFFFF&c_text6=0&c_text7=0&c_text8=0&c_text9=0&c_text10=0&j=1&code=1629777211779

Requested by

Host: coinad.xyz
URL: https://coinad.xyz/show.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:9e20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

076139620d3fbab821402b5c85789c89f4f7c2af4108f365791c9dd57b61a8a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 24 Aug 2021 03:53:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sYyIdhonsVU1l%2FO%2BLCLujKZAjr95tt3G4B6qwFOeoyz9Ylwa6B5Rh%2B%2BO%2BgvPkSeNuXcsy%2BLk8Qev2%2FIwhYywBLl6N5np7i9925iAsmhQlBlfw8P9dpJgyUMBfJZ0NWgwnK6sMJ5C%2BiBm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate
cf-ray: 6839a2559aad4de2-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3-29 200 show_i.php Show response
coinad.xyz/ Frame 45C8 6 KB
2 KB 22ms
21ms Document
text/html 2606:4700:3030::ac43:9e20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://coinad.xyz/show_i.php?b=13628

Requested by

Host: coinad.xyz
URL: https://coinad.xyz/show.php?z=7&w=0&vwidth=0&vheight=0&window_w=1600&window_h=1200&pl=128&ad_type=0&charset=0&top_space=0&shape=1&c_border=191933&c_background=333366&page_background=333366&c_text1=FFFFFF&c_text2=99CC33&c_text3=99CC33&c_text4=99CC33&c_text5=FFFFFF&c_text6=0&c_text7=0&c_text8=0&c_text9=0&c_text10=0&j=1&code=1629777211779

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:9e20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f10d3f6877677aa36b5055eef0d959ad98c068dde2a1c6521bc6f7662ba30dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: coinad.xyz
:scheme: https
:path: /show_i.php?b=13628
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://autoclaim.site/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://autoclaim.site/

Response headers

date: Tue, 24 Aug 2021 03:53:31 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=sqs7uev2sgtdfhls2s0kl9asc2; path=/
strict-transport-security: max-age=15768000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HXZBS%2BheXQzlcBxXkHv4R%2Bok6pVWQ2y8Cnuo2H9XaNky9m3mi%2BXNP%2B2K4hk8Lns5MQvct0x%2FTfxy79dL%2FcJSlDu9mpdu15c2%2FLbK3t3Ild1SiW4ZlLw9s0ZUX%2F9hgXlIPk9Ig6NTB2ae"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6839a2563b7f4de2-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 show.php Show response
freebitcoin.vip/network/ Frame 5316 747 B
1014 B 90ms
79ms Document
text/html 2606:4700:3036::ac43:9848
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freebitcoin.vip/network/show.php?z=1&pl=48

Requested by

Host: autoclaim.site
URL: https://autoclaim.site/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:9848 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6257736b86b5ac1ef264e5cd03b3f4b6d531a481386fdbac3ec3e33b6bad5f38

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: freebitcoin.vip
:scheme: https
:path: /network/show.php?z=1&pl=48
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://autoclaim.site/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://autoclaim.site/

Response headers

date: Tue, 24 Aug 2021 03:53:31 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=jc16m12u73pghaut5a7fo6b286; path=/
strict-transport-security: max-age=15768000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WabzsosLENYx2iC0UQyeAP5MQro0A4vH%2BNCW6sNDGPSc0qvGOLqC7%2BTh3hPiRoUN14SeqfMAjdGjN%2BsZCBLuZ0Nf0je7zJBA6QPADQ4knHfqlYH2JqJxg8NyfSyO2Qixpflmeh7klg8wvrb5VK4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6839a25649535b5c-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H/1.1 200
OK 1709783 Show response
ad.a-ads.com/ Frame 381E 6 KB
2 KB 140ms
59ms Document
text/html 136.243.11.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1709783?size=468x60

Requested by

Host: autoclaim.site
URL: https://autoclaim.site/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

136.243.11.250 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.250.11.243.136.clients.your-server.de

Software

nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)

Resource Hash

1a40b2c98da195835ff6f823322ce5f1af169fffbd8ffc2ac390b2aaeeec68c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://autoclaim.site/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://autoclaim.site/

Response headers

Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 24 Aug 2021 03:53:31 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Original-Referer: https://autoclaim.site/
Content-Encoding: gzip

GET
H3-29 200 show.php Show response
coinad.xyz/ 275 B
802 B 24ms
23ms Script
application/javascript 2606:4700:3030::ac43:9e20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://coinad.xyz/show.php?z=7&w=0&vwidth=0&vheight=0&window_w=1600&window_h=1200&pl=128&ad_type=0&charset=0&top_space=0&shape=2&c_border=191933&c_background=333366&page_background=333366&c_text1=FFFFFF&c_text2=99CC33&c_text3=99CC33&c_text4=99CC33&c_text5=FFFFFF&c_text6=0&c_text7=0&c_text8=0&c_text9=0&c_text10=0&j=1&code=1629777211876

Requested by

Host: coinad.xyz
URL: https://coinad.xyz/show.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:9e20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

996d7e82ac91a22339b0c0ab2cd8b642a76a3c54b555f22678f4c4922f874d1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 24 Aug 2021 03:53:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CkZgBRtBEroNuVf5eW5D6BW7VE5C4lsaNU9Hk0zkNfrhSYcS0rk%2FnUuusZ4kbfMpgsKRxBZfD%2F7%2FdrBZhTO6vGo%2BBRP3yLwR0WkQK1rfXZvWN%2FyFrj3k7urzhQqmg4P6xGS1UV%2F62ecM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate
cf-ray: 6839a2563b844de2-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.3/webfonts/ 76 KB
77 KB 18ms
18ms Font
font/woff2 2606:4700:3030::6815:5183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.3/webfonts/free-fa-solid-900.woff2
Requested by: Host: autoclaim.site
URL: https://autoclaim.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 065eb3954b9ea8584f535ede5b5c563383c3b40e4e0344f75a02c4bf3200314b

Request headers

Origin: https://autoclaim.site
Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:31 GMT
via: 1.1 324a68a6c25ee50d774953f3e15a611d.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10785404
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-methods: GET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 78212
last-modified: Wed, 17 Mar 2021 02:28:18 GMT
server: cloudflare
etag: "4e463cfb29c596ba3bb8b0c2469914e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kwRHG0ZQjfzsQzCcP%2Frx0LxCD52AQsjBRHnJy5aPkgkHTG%2FzKPfW6tCM0Po%2B38Kf0kRK%2BKu%2FfvU30dqrYf5NKJ2Up4azEUx7mDjt8dId8%2Bmc8qqY9McRu2veVzUwjBsqfbxSfS5xq9UcHOSd%2BqtqWESv%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: SEA19-C2
accept-ranges: bytes
cf-ray: 6839a2563d6c5c0e-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: JOQdQKXHTEdUj2lmWYIWcjEAG8D-Sn8hep7KAriMY7P9sztOnI_mXg==

GET
H3-29 200 show_i.php Show response
freebitcoin.vip/network/ Frame CFC3 4 KB
2 KB 72ms
71ms Document
text/html 2606:4700:3036::ac43:9848
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freebitcoin.vip/network/show_i.php?b=4915

Requested by

Host: freebitcoin.vip
URL: https://freebitcoin.vip/network/show.php?z=27&pl=50

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:9848 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1059fb792e4bf28255de90d843cc7eac9b42522ec3e3b2b553ea7a07c042ce2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: freebitcoin.vip
:scheme: https
:path: /network/show_i.php?b=4915
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://freebitcoin.vip/network/show.php?z=27&pl=50
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://freebitcoin.vip/network/show.php?z=27&pl=50

Response headers

date: Tue, 24 Aug 2021 03:53:31 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=96e1v2o63646tdkqf8417dhgds; path=/
strict-transport-security: max-age=15768000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VHTCPWhJvEMJnWo20q1Erq17Aw5NTNlbIqSSPl0%2Fw5%2FbHF5jjZBqpNajQC8pcj2OGnlVCpt2UQsVG9r%2B%2ByfLmcc2DHlPwJ5%2B0GS1FUpvTYmxGiViwpg4NPCXhLJaIyETlCa0o7dARoPGBwpVxX4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6839a256595a5b5c-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 show_i.php Show response
coinad.xyz/ Frame 1DCD 4 KB
2 KB 59ms
59ms Document
text/html 2606:4700:3030::ac43:9e20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://coinad.xyz/show_i.php?b=13627

Requested by

Host: coinad.xyz
URL: https://coinad.xyz/show.php?z=29&pl=71

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:9e20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7715174662fc27c37868ec8a80ab6e58ba9088446e46faec56f0b64487f212c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: coinad.xyz
:scheme: https
:path: /show_i.php?b=13627
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://coinad.xyz/show.php?z=29&pl=71
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://coinad.xyz/show.php?z=29&pl=71

Response headers

date: Tue, 24 Aug 2021 03:53:31 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=n981t6923qr5hn0agjrg50r814; path=/
strict-transport-security: max-age=15768000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kubuGD4pV8K%2FW1GRDEKawsAyEnXXZUhvmcmmeN1scGrusa%2FZZmurKQ1feQTOTINn1p83ZJiMxkNXiYYb2quzLuFGEwrzUd1VZhm8zNxKlfM8l2cZtLAob%2Bovcfda5cbrBHDn%2B1x5kpRg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6839a2565b974de2-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 core.js Show response
static.arc.io/widget/js/ 307 KB
98 KB 200ms
41ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/core.js?f3c7172
Requested by: Host: arc.io
URL: https://arc.io/widget.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-70.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6b6890f7a15589c6121264c3fe5806b07b51b27ceb71b7a1fa2f4f7b2ba935e5

Request headers

Origin: https://autoclaim.site
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 03:46:11 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 86842
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 03:37:39 GMT
server: AmazonS3
etag: W/"74cf334d40f1bfbfd6a428593e5dabde"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Z4cyHnmC0a0MVCIQGnja3ucUVW0a9pGLP5FMdMI8D1UsLCL2mE7Uew==

GET
H2 200 broker.html Show response
core.arc.io/ Frame 9008 2 KB
1 KB 151ms
43ms Document
text/html 13.224.102.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://core.arc.io/broker.html?f3c7172

Requested by

Host: arc.io
URL: https://arc.io/widget.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.102.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-102-73.zrh50.r.cloudfront.net

Software

Resource Hash

aff60aab429342ca14acac768a91f1877a51c6e7bf9d96f07f421f26f90bb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: core.arc.io
:scheme: https
:path: /broker.html?f3c7172
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://autoclaim.site/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://autoclaim.site/

Response headers

content-type: text/html
content-length: 685
date: Mon, 23 Aug 2021 03:47:19 GMT
last-modified: Sat, 14 Aug 2021 05:03:50 GMT
etag: "61174eb6-2ad"
content-encoding: gzip
expires: Wed, 22 Sep 2021 03:47:19 GMT
cache-control: max-age=2592000 public
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: L5MMv5Gppl7dUsEgRPvRdmvpWsgf_vPnM0yCHwksQf5jmaLLyV9V8Q==
age: 86773

GET
H3-29 200 show_i.php Show response
coinad.xyz/ Frame 9DC1 7 KB
2 KB 21ms
20ms Document
text/html 2606:4700:3030::ac43:9e20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://coinad.xyz/show_i.php?b=13629

Requested by

Host: coinad.xyz
URL: https://coinad.xyz/show.php?z=7&w=0&vwidth=0&vheight=0&window_w=1600&window_h=1200&pl=128&ad_type=0&charset=0&top_space=0&shape=2&c_border=191933&c_background=333366&page_background=333366&c_text1=FFFFFF&c_text2=99CC33&c_text3=99CC33&c_text4=99CC33&c_text5=FFFFFF&c_text6=0&c_text7=0&c_text8=0&c_text9=0&c_text10=0&j=1&code=1629777211876

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:9e20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecdd1ff2df99cc01f5b797b59078ad2bcd36ddc1a4f1727189a213257c1067d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: coinad.xyz
:scheme: https
:path: /show_i.php?b=13629
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://autoclaim.site/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://autoclaim.site/

Response headers

date: Tue, 24 Aug 2021 03:53:31 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=ms3gs4enggknoe0tt8tmsu1qn0; path=/
strict-transport-security: max-age=15768000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q0uiT8BRloM0D3mhK1A%2Bb7fh0VLJL7ID0vV86nRHgeyjtF89x%2FzZ79FFTY2ON79JlqFpsHrOGsLnI8dXDMLJL97Tnsynyg%2F0zAFaW%2BfqaZvpg2fwGAwLXghdkrYEcgB0qKOt5AoCFxz8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6839a256bbec4de2-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 show.php Show response
cryptolatest.news/network/ Frame DD94 750 B
1 KB 89ms
63ms Document
text/html 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cryptolatest.news/network/show.php?z=27&pl=50

Requested by

Host: autoclaim.site
URL: https://autoclaim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac286a0319809fd30d7fb93d4ae68fad3aca67c3039db3e08faf799d2921845b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: cryptolatest.news
:scheme: https
:path: /network/show.php?z=27&pl=50
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://autoclaim.site/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://autoclaim.site/

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=8mv7r3hei7gtg0dbtbei322hsa; path=/
strict-transport-security: max-age=15768000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dhvbu9jz%2FjYh2RGss6%2BPJKtkAlTl4l16EAqhFoZv2dR%2Fhee9SXJBkCiDret%2FzvVDTlGch2uSk1w%2F49pwS5WJWHRJwX2xNLSqsjYUHhQiDEW85qQPVvODYhUHv2mtFTQUWJ6mbJWn0vprAjywPrQLUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6839a256ebfe4ea4-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H/1.1 200
OK ocounter.php Show response
freehostedscripts.net/ 195 B
1 KB 397ms
292ms Script
application/javascript 172.67.189.49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freehostedscripts.net/ocounter.php?site=5657462&e1=Online%20User&e2=Online%20Users&r=&wh=1600%20x%201200&a=1&pn=https://autoclaim.site/
Requested by: Host: autoclaim.site
URL: https://autoclaim.site/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.189.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.3.10-1ubuntu3.26
Resource Hash: 060dd503d6d0621942a0d816f968c8b7d5e89244f1c80a51b059de440a3414f1

Request headers

Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 24 Aug 2021 03:53:32 GMT
Content-Encoding: br
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/5.3.10-1ubuntu3.26
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
pragma: no-cache
last-modified: Tue, 24 Aug 2021 03:53:32 GMT
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=evFNfqrP82mfPQgoAnxDGpzU7g2iVG3PFHwiop%2Be5mmVTFARANrmZkP1GZWBxA%2F1ais%2Bn8NQsIWkgyaTxi8OEHFRcTLJECE5CMf1T8Rk8QeEnSHef0lfgwbMpVRmJA0SWnUonaqTjiA%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
CF-RAY: 6839a2577dc3547b-LHR
expires: Tue, 01 Jan 2000 00:00:00 GMT

GET
H2 200 I Show response
refpa.top/ Frame 37E5 727 B
647 B 199ms
100ms Document
text/html 83.147.204.15
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://refpa.top/I?tag=b_915181m_44611c_&site=915181&ad=44611

Requested by

Host: autoclaim.site
URL: https://autoclaim.site/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

83.147.204.15 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

86a46b0872a3c9f60ebe01d214b10807aca8e33ff5c4ac3aee268b7bcd6ef08d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

:method: GET
:authority: refpa.top
:scheme: https
:path: /I?tag=b_915181m_44611c_&site=915181&ad=44611
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://autoclaim.site/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://autoclaim.site/

Response headers

server: nginx
date: Tue, 24 Aug 2021 03:53:32 GMT
content-type: text/html; charset=utf-8
content-length: 448
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
x-aspnetmvc-version: 5.0
strict-transport-security: max-age=63072000; includeSubDomains; preload

GET
H2 200 show.php Show response
freelitecoin.vip/network/ Frame 57C5 1 KB
1 KB 161ms
96ms Document
text/html 2606:4700:3037::ac43:8e32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freelitecoin.vip/network/show.php?z=28&pl=47

Requested by

Host: autoclaim.site
URL: https://autoclaim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:8e32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8c923f30567dbb2196ebeae312536175302ad890a869ad90467a0f76ef23490

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: freelitecoin.vip
:scheme: https
:path: /network/show.php?z=28&pl=47
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://autoclaim.site/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://autoclaim.site/

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=ueb91qpfngo35u06r7l0j5gutm; path=/
strict-transport-security: max-age=15768000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hlPCk8d8e5u0Z9etNML8bNYLLJm2LLyR1zLT9xR2700wgyHL2ZOFCtNLdeiM%2BDcYYRsUo6WrBquVdHbOX2QuBUpScM9TQuD4jD4sH8JjlKrVK%2BsAFNeKIqNtkoVR0GqMJH%2FSVRpZdlCPyAwQhfTG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6839a2575b8705dc-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 200 jquery.min.js Show response
coinad.xyz/javascripts/ Frame 1DCD 94 KB
34 KB 18ms
17ms Script
application/javascript 2606:4700:3030::ac43:9e20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://coinad.xyz/javascripts/jquery.min.js

Requested by

Host: coinad.xyz
URL: https://coinad.xyz/show_i.php?b=13627

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:9e20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://coinad.xyz/show_i.php?b=13627
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 624163
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Apr 2019 08:27:54 GMT
server: cloudflare
etag: W/"5cc01e0a-1787d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X8mbVOJcN83HFInME4eJeVDqvyQTg6nO8%2FNJSErURgcJarPXUFSBDf04V52Qd7c4Ydd3%2FSisPE5hWR9M0qYUWgIrmd0vq0f6pLHIZCuE2xySyJo07Ak9JJKQFzPiIfzkIU5HGyB7xg5s"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6839a2570c434de2-FRA
expires: Wed, 15 Sep 2021 22:30:49 GMT

GET
H3-29 200 javascripts.js Show response
coinad.xyz/javascripts/ Frame 1DCD 12 KB
3 KB 13ms
12ms Script
application/javascript 2606:4700:3030::ac43:9e20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://coinad.xyz/javascripts/javascripts.js

Requested by

Host: coinad.xyz
URL: https://coinad.xyz/show_i.php?b=13627

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:9e20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83c58816534e3e403d03859d82b1fdbb0577c40f59cdaaba006f6de49c81a99b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://coinad.xyz/show_i.php?b=13627
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 253702
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Apr 2019 08:27:54 GMT
server: cloudflare
etag: W/"5cc01e0a-319a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TI5%2FzOd1iKVDPTitmlnwO%2Brux9646T9fFfQh03LnmVy3EOBi1%2B3DVf9eJg0Y5wu9d6Fb44Mh4X%2BVUYwNRTsdVAvdddqhbNjOQGfmuB90SBBvMwIuedbUBNHaZBa3rxigTEEKkCGnTLw4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6839a2570c454de2-FRA
expires: Mon, 20 Sep 2021 05:25:10 GMT

GET
H3-29 200 iframe.tracker.js Show response
coinad.xyz/javascripts/ Frame 1DCD 4 KB
2 KB 14ms
13ms Script
application/javascript 2606:4700:3030::ac43:9e20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://coinad.xyz/javascripts/iframe.tracker.js

Requested by

Host: coinad.xyz
URL: https://coinad.xyz/show_i.php?b=13627

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:9e20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

259c81f75e7c877c3050416e38b7389146c95310f9234582b399c4b11c694a7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://coinad.xyz/show_i.php?b=13627
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 253702
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Apr 2019 08:27:54 GMT
server: cloudflare
etag: W/"5cc01e0a-edf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ScV%2FjH0o%2FXO%2B8CY9xsgPCdEVlD4ZEWOGVlE5GFnbpKGmcDwktcIbjc%2Ft1dwD9q0eVmjkXSXiSgZ%2FMH3ZZlAeacNhBWf8p98Dh01iO1yyoQUJ7Vyatgzv8aGo%2F0xktYGz4QaNh%2FeSd0xH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6839a2570c464de2-FRA
expires: Mon, 20 Sep 2021 05:25:10 GMT

GET
H3-29 200 smalllogo.png
coinad.xyz/ Frame 1DCD 2 KB
3 KB 12ms
11ms Image
image/png 2606:4700:3030::ac43:9e20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://coinad.xyz/smalllogo.png

Requested by

Host: coinad.xyz
URL: https://coinad.xyz/show_i.php?b=13627

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:9e20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16f35061c69aa6ec4053fd017ba8a72d05bdd5137eec4cde6aed95bb3af6e246

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://coinad.xyz/show_i.php?b=13627
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 254060
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1993
x-xss-protection: 1; mode=block
last-modified: Sun, 18 Apr 2021 05:21:30 GMT
server: cloudflare
etag: "607bc1da-7c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1umd28ehO4tsSOd3QxCo2Ho3E%2BxgInHrBu%2FG6TxsPDoe5tcHxvul2EhWWGQ7XEgj6ZUP0IWsHrW%2FdnuU%2Bk%2BZ7VHw%2F%2BDJCQpZnlXm1mtkhfv3e067N7aKxdvoCNNjYUXvqvwHyuiaRFWi"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6839a2570c484de2-FRA
expires: Mon, 20 Sep 2021 05:19:12 GMT

GET
H3-29 200 show_i.php Show response
freebitcoin.vip/network/ Frame 5994 4 KB
2 KB 54ms
53ms Document
text/html 2606:4700:3036::ac43:9848
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freebitcoin.vip/network/show_i.php?b=4916

Requested by

Host: freebitcoin.vip
URL: https://freebitcoin.vip/network/show.php?z=1&pl=48

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:9848 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8557930aab2dd34c2547eff4c8d880d4a2977ee97742c3a248faf9ad2d7ee12a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: freebitcoin.vip
:scheme: https
:path: /network/show_i.php?b=4916
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://freebitcoin.vip/network/show.php?z=1&pl=48
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://freebitcoin.vip/network/show.php?z=1&pl=48

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=k9evb69ui7etsq0laqtpn45jjj; path=/
strict-transport-security: max-age=15768000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UlzCKwxokwgw%2Fsw0HYZonp%2FdiLqBOrIbRrTqNLi9bIYZcFZw6Ya1hKQ4gHUho%2F2X8kiYRlUkuT24obkIky2bh6V6zgfZqmkclumGfCQiSeGIhLkq%2F9kxszmOGs1c2m7VEKxx%2FKwemLcmJ%2BX7ZLo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6839a2570a055b5c-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 jquery.min.js Show response
freebitcoin.vip/network/javascripts/ Frame CFC3 94 KB
34 KB 17ms
15ms Script
application/javascript 2606:4700:3036::ac43:9848
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freebitcoin.vip/network/javascripts/jquery.min.js

Requested by

Host: freebitcoin.vip
URL: https://freebitcoin.vip/network/show_i.php?b=4915

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:9848 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freebitcoin.vip/network/show_i.php?b=4915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1952539
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Apr 2019 08:27:54 GMT
server: cloudflare
etag: W/"5cc01e0a-1787d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YWwAZ5GH2n9Cr%2FdrsIjT%2FTdK54WrGgx1zHDiyRnlqdJ6uu5A2zMLlN5eMLAIVJBBU0X0Iq%2Ft5QuyAqWPL5sfazI6TLUaFAEnmmblqvojeEcsUvBXUWMknjyCipzJ2oqjiWhDBUh%2Bg%2F5hpaaFu%2B4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6839a2570a035b5c-FRA
expires: Tue, 31 Aug 2021 13:31:13 GMT

GET
H3-29 200 javascripts.js Show response
freebitcoin.vip/network/javascripts/ Frame CFC3 12 KB
3 KB 14ms
12ms Script
application/javascript 2606:4700:3036::ac43:9848
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freebitcoin.vip/network/javascripts/javascripts.js

Requested by

Host: freebitcoin.vip
URL: https://freebitcoin.vip/network/show_i.php?b=4915

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:9848 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83c58816534e3e403d03859d82b1fdbb0577c40f59cdaaba006f6de49c81a99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freebitcoin.vip/network/show_i.php?b=4915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6914
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Apr 2019 08:27:54 GMT
server: cloudflare
etag: W/"5cc01e0a-319a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=69vuWaDjLGxCWQWhj0eKKxhiy8KboPRaIkxx8ZOXcg514ETWFSpkqVQHWqE%2FbD3cuDKs1Z3Y6VZZ3mgG1wkKvo0ck3NsZXOaStNsl4FtpI6ikHI9M5W1FpTaBVL4TJoUg%2BeV1YWNjqj9pkfxzyM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6839a2570a065b5c-FRA
expires: Thu, 23 Sep 2021 01:58:18 GMT

GET
H3-29 200 iframe.tracker.js Show response
freebitcoin.vip/network/javascripts/ Frame CFC3 4 KB
2 KB 15ms
13ms Script
application/javascript 2606:4700:3036::ac43:9848
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freebitcoin.vip/network/javascripts/iframe.tracker.js

Requested by

Host: freebitcoin.vip
URL: https://freebitcoin.vip/network/show_i.php?b=4915

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:9848 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

259c81f75e7c877c3050416e38b7389146c95310f9234582b399c4b11c694a7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freebitcoin.vip/network/show_i.php?b=4915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1952536
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Apr 2019 08:27:54 GMT
server: cloudflare
etag: W/"5cc01e0a-edf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gTOKydm%2Bl0z%2BQMMcO8VUS3xa%2FlAasHgbaIfS0CscuLbqF00f9qIwsWskD9jgfDSM%2FuN8dLzXrDb9GdFHmBGEE%2BlrJs1wsdld285Bqv%2BJXUac%2F6BTdhPyOiJPtfhDcc8XPkcHkcqGDGMH5e8O7O4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6839a2570a075b5c-FRA
expires: Tue, 31 Aug 2021 13:31:16 GMT

GET
H3-29 200 smalllogo.png
coinad.xyz/ Frame CFC3 2 KB
3 KB 12ms
11ms Image
image/png 2606:4700:3030::ac43:9e20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://coinad.xyz/smalllogo.png

Requested by

Host: freebitcoin.vip
URL: https://freebitcoin.vip/network/show_i.php?b=4915

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:9e20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16f35061c69aa6ec4053fd017ba8a72d05bdd5137eec4cde6aed95bb3af6e246

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freebitcoin.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 254060
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1993
x-xss-protection: 1; mode=block
last-modified: Sun, 18 Apr 2021 05:21:30 GMT
server: cloudflare
etag: "607bc1da-7c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2BTHBo9FD8xPhSFayzTmS38PlT%2B7KKYKkkcJR8bYm8tOaOJ6EzaZY%2F08hWE712QQbTRJWfYz8yJW4jL3D5vZIbtf2QiD2ivsTxj3mmdyonf5fpNjgTEfm2w0htyuA9uDb%2FVUoZfizGQc"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6839a2570c4d4de2-FRA
expires: Mon, 20 Sep 2021 05:19:12 GMT

GET
DATA 200
OK truncated
/ Frame 1010 305 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 show_i.php Show response
coinad.xyz/ Frame 874F 1 KB
1 KB 25ms
23ms Document
text/html 2606:4700:3030::ac43:9e20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://coinad.xyz/show_i.php?a=315&x=TVRZeU9UYzNOekl4TVMweE5qSXVNVFU0TGpreExqRTJNdz09&z=29&d=1&pvars=cHZhcnNfdGltZXN0YW1wPTE2Mjk3NzcyMTEmcHZhcnNfb3M9TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzkyLjAuNDUxNS4xNTkgU2FmYXJpLzUzNy4zNiZwdmFyc19yZWZlcj1odHRwczovL2F1dG9jbGFpbS5zaXRlLyZwdmFyc19pcD0xNjIuMTU4LjkxLjE2MyZwdmFyc19wbGFjZV9uPTcxJnB2YXJzX3B1Ymxpc2hlcl9uPTI=&target=_blank&refer=htttps%3A%2F%2Fautoclaim.site%2F

Requested by

Host: coinad.xyz
URL: https://coinad.xyz/show_i.php?b=13627

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:9e20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fae605fe8a89c44f7e280ad95dba42fd20b61261cbe81267216a93b413961e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: coinad.xyz
:scheme: https
:path: /show_i.php?a=315&x=TVRZeU9UYzNOekl4TVMweE5qSXVNVFU0TGpreExqRTJNdz09&z=29&d=1&pvars=cHZhcnNfdGltZXN0YW1wPTE2Mjk3NzcyMTEmcHZhcnNfb3M9TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzkyLjAuNDUxNS4xNTkgU2FmYXJpLzUzNy4zNiZwdmFyc19yZWZlcj1odHRwczovL2F1dG9jbGFpbS5zaXRlLyZwdmFyc19pcD0xNjIuMTU4LjkxLjE2MyZwdmFyc19wbGFjZV9uPTcxJnB2YXJzX3B1Ymxpc2hlcl9uPTI=&target=_blank&refer=htttps%3A%2F%2Fautoclaim.site%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://coinad.xyz/show_i.php?b=13627
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://coinad.xyz/show_i.php?b=13627

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=8j1gkuic6smhlc332h4pqdafj0; path=/
strict-transport-security: max-age=15768000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B6teka6vHDO%2BqKlRJaOOL4Jl6IFVtJTpsiK1JQDiNSD5AKBW14EDlkZ92TPCVghC4P8NxC3HfpB6DKJao8EdawZBcFq6s3H185lbxn4PaQc%2FPSm%2FsMooId4yGag59N7HqWYDb9BtDoPS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6839a257fd484de2-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 show_i.php Show response
freebitcoin.vip/network/ Frame 75A4 1 KB
1 KB 22ms
22ms Document
text/html 2606:4700:3036::ac43:9848
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freebitcoin.vip/network/show_i.php?a=35&x=TVRZeU9UYzNOekl4TVMweE5qSXVNVFU0TGpnNExqSTA=&z=27&d=1&pvars=cHZhcnNfdGltZXN0YW1wPTE2Mjk3NzcyMTEmcHZhcnNfb3M9TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzkyLjAuNDUxNS4xNTkgU2FmYXJpLzUzNy4zNiZwdmFyc19yZWZlcj1odHRwczovL2F1dG9jbGFpbS5zaXRlLyZwdmFyc19pcD0xNjIuMTU4Ljg4LjI0JnB2YXJzX3BsYWNlX249NTAmcHZhcnNfcHVibGlzaGVyX249MQ==&target=_blank&refer=htttps%3A%2F%2Fautoclaim.site%2F

Requested by

Host: freebitcoin.vip
URL: https://freebitcoin.vip/network/show_i.php?b=4915

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:9848 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d028792eebba3c8c7ebc259598b11e4ff3b0b61ac478833524d0e48f62f01e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: freebitcoin.vip
:scheme: https
:path: /network/show_i.php?a=35&x=TVRZeU9UYzNOekl4TVMweE5qSXVNVFU0TGpnNExqSTA=&z=27&d=1&pvars=cHZhcnNfdGltZXN0YW1wPTE2Mjk3NzcyMTEmcHZhcnNfb3M9TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzkyLjAuNDUxNS4xNTkgU2FmYXJpLzUzNy4zNiZwdmFyc19yZWZlcj1odHRwczovL2F1dG9jbGFpbS5zaXRlLyZwdmFyc19pcD0xNjIuMTU4Ljg4LjI0JnB2YXJzX3BsYWNlX249NTAmcHZhcnNfcHVibGlzaGVyX249MQ==&target=_blank&refer=htttps%3A%2F%2Fautoclaim.site%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://freebitcoin.vip/network/show_i.php?b=4915
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://freebitcoin.vip/network/show_i.php?b=4915

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=m6r969ajr5r5ntvqfpil1vrsck; path=/
strict-transport-security: max-age=15768000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dTn7rWA7d0NDA3yf8d8fjFrUOXfOb1Tkj7ivd51p1i%2B9s2NuOruDCuJ%2FG%2FwKKPMp4Xv4MhYf%2FgALoh%2F%2FFg2xJJdaXm78JbCpwvR0mfjdE7sCLNQaxYVIrFGHF%2F%2F0%2BZSf8Gbsj2VjM2t%2BYR%2Fxn74%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6839a2581b2e5b5c-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 show_i.php Show response
cryptolatest.news/network/ Frame E780 4 KB
2 KB 66ms
51ms Document
text/html 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cryptolatest.news/network/show_i.php?b=13624

Requested by

Host: cryptolatest.news
URL: https://cryptolatest.news/network/show.php?z=27&pl=50

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8506ee8749b9e99fcc00a8dd148751dc5cfed79b7e377003190f6fa69a00ddad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: cryptolatest.news
:scheme: https
:path: /network/show_i.php?b=13624
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cryptolatest.news/network/show.php?z=27&pl=50
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://cryptolatest.news/network/show.php?z=27&pl=50

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=t03v0qd6deoaffchu6hicq5jdq; path=/
strict-transport-security: max-age=15768000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f8MClkul1QJtp7cTfq2Y12o1Gjspw%2B%2FOsfHn0UGpalqVRE6PYayYWehsGsbV1TQPrXGAyiixesc3KQPlHGeoTGQ91YK7x1%2BcGhpSrg6n87XblvGJK%2BtnJvoaNFdHmXsicAQT3pSy6J3NWQ8iBFfMBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6839a258499c5c14-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 jquery.min.js Show response
freebitcoin.vip/network/javascripts/ Frame 5994 94 KB
34 KB 65ms
61ms Script
application/javascript 2606:4700:3036::ac43:9848
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freebitcoin.vip/network/javascripts/jquery.min.js

Requested by

Host: freebitcoin.vip
URL: https://freebitcoin.vip/network/show_i.php?b=4916

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:9848 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freebitcoin.vip/network/show_i.php?b=4916
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1952539
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Apr 2019 08:27:54 GMT
server: cloudflare
etag: W/"5cc01e0a-1787d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lrl6C%2BSzloTmevCRefmefUHujZEW2%2BcggkTLCAbEEl9%2B3SVmaLgXzaTHStxMkpYB4xPX75D%2FIgeB8TGgffGmr%2BHvv1mTjdTVS7JY2g%2BgpUzx7MsE8i78Ju4aRb6%2BhQUHY1D8RM2lCSWqGTYunTY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6839a2583b565b5c-FRA
expires: Tue, 31 Aug 2021 13:31:13 GMT

GET
H3-29 200 javascripts.js Show response
freebitcoin.vip/network/javascripts/ Frame 5994 12 KB
3 KB 15ms
11ms Script
application/javascript 2606:4700:3036::ac43:9848
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freebitcoin.vip/network/javascripts/javascripts.js

Requested by

Host: freebitcoin.vip
URL: https://freebitcoin.vip/network/show_i.php?b=4916

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:9848 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83c58816534e3e403d03859d82b1fdbb0577c40f59cdaaba006f6de49c81a99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freebitcoin.vip/network/show_i.php?b=4916
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6914
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Apr 2019 08:27:54 GMT
server: cloudflare
etag: W/"5cc01e0a-319a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gyUwvMz0vMHWuSSOc4Yju9v%2FYgolT%2BkBqTRLqEnG6LtD2NBbc5W9wn3hdkrmRxwG2e8Msqb9WzN8vsAX1A%2FyW6E%2Fu2S8InvvM7MwBEhWdGCDx2jpxNwjFO%2B1isRCGSdv3BKkmNem0SspS9%2FuwHI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6839a2583b585b5c-FRA
expires: Thu, 23 Sep 2021 01:58:18 GMT

GET
H3-29 200 iframe.tracker.js Show response
freebitcoin.vip/network/javascripts/ Frame 5994 4 KB
2 KB 15ms
12ms Script
application/javascript 2606:4700:3036::ac43:9848
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freebitcoin.vip/network/javascripts/iframe.tracker.js

Requested by

Host: freebitcoin.vip
URL: https://freebitcoin.vip/network/show_i.php?b=4916

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:9848 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

259c81f75e7c877c3050416e38b7389146c95310f9234582b399c4b11c694a7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freebitcoin.vip/network/show_i.php?b=4916
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1952536
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Apr 2019 08:27:54 GMT
server: cloudflare
etag: W/"5cc01e0a-edf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2F1YA2aSftqbO9rovc7sytV86v9sQyZsomoK2Ie%2BRkcDkeNWUbVZbX1uGnMfcw7lNpVjcHXk1FeEP8SQjk0Kquhp97VJi7wm7UNZCk%2FkLO2i0vE%2BExenpbKmk9Kt3JGktDdT%2FpNL3KTKpo6eRA0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6839a2583b595b5c-FRA
expires: Tue, 31 Aug 2021 13:31:16 GMT

GET
H3-29 200 smalllogo.png
coinad.xyz/ Frame 5994 2 KB
3 KB 60ms
56ms Image
image/png 2606:4700:3030::ac43:9e20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://coinad.xyz/smalllogo.png

Requested by

Host: freebitcoin.vip
URL: https://freebitcoin.vip/network/show_i.php?b=4916

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:9e20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16f35061c69aa6ec4053fd017ba8a72d05bdd5137eec4cde6aed95bb3af6e246

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freebitcoin.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 254060
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1993
x-xss-protection: 1; mode=block
last-modified: Sun, 18 Apr 2021 05:21:30 GMT
server: cloudflare
etag: "607bc1da-7c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Na4i0fphhTTQ3IUTNz5n5hoD1LcJw%2F7pRFfTfFzUz6Gj3UJLlEX1SNzx0BvksjsxdAeG6qg6C94zj08mo67pcKtnSUgmYTx4fz4UacISGfvaHjpPSHH%2BFwmn8GUQKqF75sYXQ%2BxTAPDc"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6839a2583d804de2-FRA
expires: Mon, 20 Sep 2021 05:19:12 GMT

GET
H2 200 broker.dcd0e0f1.js Show response
static.arc.io/broker/js/ Frame 9008 24 KB
9 KB 61ms
58ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/broker.dcd0e0f1.js
Requested by: Host: core.arc.io
URL: https://core.arc.io/broker.html?f3c7172
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-70.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8ff1ba9168acd72b164d43b76293ebc0dd85bb6ead45bc4eafc573cca190987a

Request headers

Origin: https://core.arc.io
Referer: https://core.arc.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 05:09:16 GMT
content-encoding: br
vary: Accept-Encoding
age: 859457
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Sat, 14 Aug 2021 05:04:21 GMT
server: AmazonS3
etag: W/"b9bd4615b13b095520ab7444cbff4593"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: E4KLLsP45p7lKdGBAUqpmiwRjAC_lTD2lCLaVSzx9fAatyCPHa2wzQ==

GET
H2 200 chunk-vendors.5e1d8045.js Show response
static.arc.io/broker/js/ Frame 9008 49 KB
18 KB 61ms
59ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/chunk-vendors.5e1d8045.js
Requested by: Host: core.arc.io
URL: https://core.arc.io/broker.html?f3c7172
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-70.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3082b0f5d766f08f34a2077d48da01d41c9283376883472fa0965bf1b77283e0

Request headers

Origin: https://core.arc.io
Referer: https://core.arc.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 19:16:05 GMT
content-encoding: gzip
age: 1413448
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 08 Jun 2021 01:24:16 GMT
server: AmazonS3
etag: W/"7baaa27cb0e1201fe90ecc5efca8fbcf"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: RR9cm6h-rBaBkiuU3M46z83SluQZhI4t_oaeTZIRWwKUG8ODZTyi0A==

GET
H2 200 lazy-iwc.9b430e25.js
static.arc.io/broker/js/ Frame 9008 0
5 KB 256ms
160ms Other
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/lazy-iwc.9b430e25.js
Requested by: Host: core.arc.io
URL: https://core.arc.io/broker.html?f3c7172
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-70.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://core.arc.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 15:56:54 GMT
content-encoding: gzip
age: 1338999
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 08 Jun 2021 01:24:16 GMT
server: AmazonS3
etag: W/"7fd8734437dbdc553c3513d10d0c0a97"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: EiUfFeHph_ui-mFM0I9vftqFno4REzdPEKvolGsM4-SU8V-Dvj-wqw==

GET
H2 200 lazy-modules.a169b1ec.js
static.arc.io/broker/js/ Frame 9008 0
15 KB 256ms
161ms Other
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/lazy-modules.a169b1ec.js
Requested by: Host: core.arc.io
URL: https://core.arc.io/broker.html?f3c7172
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-70.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://core.arc.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 23:19:10 GMT
content-encoding: gzip
age: 2003663
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 08 Jun 2021 01:24:16 GMT
server: AmazonS3
etag: W/"32ab6174f553ec44ff554a5a2406b76d"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: oYsVlyQJ6LBED7-GYfwIHliwrQVaJ897KxrUiPrMHfOK4bxEbWeXvQ==

GET
H2 200 vendors~widget-ui.js Show response
static.arc.io/widget/js/ 93 KB
31 KB 118ms
87ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/vendors~widget-ui.js?0fe7b9bd
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?f3c7172
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-70.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7a21d72f3da7e9d5a18918a6eec681ba746f2c31e1a7fb3802a0365eaa613fbf

Request headers

Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 22:54:57 GMT
content-encoding: br
vary: Accept-Encoding
age: 363516
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 19 Aug 2021 22:54:28 GMT
server: AmazonS3
etag: W/"a4b6ee9135f21578e822f5d6879ec661"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 9f4dwg22-LF0-GIwOsOA1ZWPRre2x5T-UO4WOCA7SymyegIff1wJ1g==

GET
H2 200 widget.css
static.arc.io/widget/css/ 84 KB
7 KB 95ms
64ms Stylesheet
text/css 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/css/widget.css?f3c7172
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?f3c7172
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-70.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 25a179ad46517ab44710bf38b5975a1a64f3f9a232e0a08b19035d7442bff99f

Request headers

Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 03:39:14 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 87259
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 03:37:39 GMT
server: AmazonS3
etag: W/"0c33782016ee5f3486237016152534e3"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: text/css
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: TkoQMoX5hxam1PwOf8kvI7GeteyWCXwUkxR5AZoG87KZjuzl0j7Diw==

GET
H2 200 widget-ui.js Show response
static.arc.io/widget/js/ 40 KB
13 KB 134ms
104ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/widget-ui.js?e17fd9c0
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?f3c7172
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-70.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9ef3a081d3d350577858992dbaad41f4b64d1eccc1020a3cce729b1aaa3cf30

Request headers

Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 03:39:15 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 87258
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 03:37:39 GMT
server: AmazonS3
etag: W/"c6018492188ae856c5a3bad07121be8d"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: eiYA8tEniONfTaqBPsP3Sty2RyXTbcwCa3GKQD5wH0bNrRG382rVuQ==

GET
H3-29 200 api.js Show response
freelitecoin.vip/cdn-cgi/bm/cv/669835187/ Frame 57C5 35 KB
9 KB 23ms
11ms Script
text/javascript 2606:4700:3037::ac43:8e32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freelitecoin.vip/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: freelitecoin.vip
URL: https://freelitecoin.vip/network/show.php?z=28&pl=47

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8e32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://freelitecoin.vip/network/show.php?z=28&pl=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UmMaFkL4sLwFCtIJLHSUuZrZlx4bN3RxqeXE%2FwG4L2TC3pK%2F4Auc6YT%2B3G0gbNbcagmHmTkI7GUgyaKlNXGi8zcunfDOL0P%2Fmmcu%2BbQOr7qwnpUZxNMXNgCACYoxadqvI8eihVUolBus%2FOsi9azY"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 6839a258bff84e3d-FRA

GET
H3-29 200 show_i.php Show response
freelitecoin.vip/network/ Frame 22FD 4 KB
2 KB 94ms
85ms Document
text/html 2606:4700:3037::ac43:8e32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freelitecoin.vip/network/show_i.php?b=4890

Requested by

Host: freelitecoin.vip
URL: https://freelitecoin.vip/network/show.php?z=28&pl=47

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8e32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

742086a3fa96d6c0515c0a14758f9dacc3fe1d2178b9dada00371bae533e4a4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: freelitecoin.vip
:scheme: https
:path: /network/show_i.php?b=4890
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://freelitecoin.vip/network/show.php?z=28&pl=47
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://freelitecoin.vip/network/show.php?z=28&pl=47

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=je0mpvdm3p6a9eitlh8bqso0br; path=/
strict-transport-security: max-age=15768000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dY%2FKd8a2If56GC6e55o0r1L2F%2BszC%2BMb%2B5Cbj76gCjs%2F1lt0aLzF0D8JrZ2z9WZ%2BPOUhNbuOoihEBtM784pARYWEdP0IjszhsaFoZCoAExTp4ZwXRRCzH9xasvwyo9Pd93a2sSOAQYTp1YC%2Fd28j"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6839a258bff94e3d-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 checker.js Show response
refpa.top/checker/ Frame 37E5 6 KB
2 KB 32ms
32ms Script
application/javascript 83.147.204.15
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://refpa.top/checker/checker.js

Requested by

Host: refpa.top
URL: https://refpa.top/I?tag=b_915181m_44611c_&site=915181&ad=44611

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

83.147.204.15 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

c3bbce28d032f99fb228d9570593f8c51d5c898d50ad5c214d033c84c22a53c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://refpa.top/I?tag=b_915181m_44611c_&site=915181&ad=44611
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
content-encoding: br
last-modified: Tue, 18 Aug 2020 08:08:27 GMT
server: nginx
etag: W/"5f3b8c7b-1832"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
expires: Tue, 24 Aug 2021 04:53:32 GMT

GET
H2 200 index.html Show response
refpazkjixes.top/img/AdAgent_19/7d358a7a-54da-4e14-adf1-c0cf5a658c23/ Frame 92BA 5 KB
2 KB 187ms
91ms Document
text/html 45.150.232.24
MELBICOM-EU-AS Me...

General

Check archive.org

Show headers Download Go to

Full URL

https://refpazkjixes.top/img/AdAgent_19/7d358a7a-54da-4e14-adf1-c0cf5a658c23/index.html?dataUrl=https://refpazkjixes.top%2fC%3ftag%3db_915181m_44611c_%26site%3d915181%26ad%3d44611%26urlred%3dhttp%253A%252F%252Fbitredirixe.top%252Fslots%252F

Requested by

Host: refpa.top
URL: https://refpa.top/I?tag=b_915181m_44611c_&site=915181&ad=44611

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.150.232.24 Amsterdam, Netherlands, ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT),

Reverse DNS

Software

nginx /

Resource Hash

1b6cfbf9057690d33ef0cc9558f04e1d9c44df4aea350f823c4c3ed2aa89e406

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

:method: GET
:authority: refpazkjixes.top
:scheme: https
:path: /img/AdAgent_19/7d358a7a-54da-4e14-adf1-c0cf5a658c23/index.html?dataUrl=https://refpazkjixes.top%2fC%3ftag%3db_915181m_44611c_%26site%3d915181%26ad%3d44611%26urlred%3dhttp%253A%252F%252Fbitredirixe.top%252Fslots%252F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://refpa.top/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://refpa.top/

Response headers

server: nginx
date: Tue, 24 Aug 2021 03:53:32 GMT
content-type: text/html; charset=utf-8
content-length: 1866
cache-control: max-age=86400
content-encoding: gzip
last-modified: Tue, 09 Feb 2021 08:49:28 GMT
etag: "0dc8579c0fed61:0"
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes

GET
DATA 200
OK truncated
/ Frame 381E 305 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 show_i.php Show response
freebitcoin.vip/network/ Frame F777 1 KB
1 KB 26ms
24ms Document
text/html 2606:4700:3036::ac43:9848
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freebitcoin.vip/network/show_i.php?a=39&x=TVRZeU9UYzNOekl4TVMweE5qSXVNVFU0TGpreExqUTM=&z=1&d=1&pvars=cHZhcnNfdGltZXN0YW1wPTE2Mjk3NzcyMTEmcHZhcnNfb3M9TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzkyLjAuNDUxNS4xNTkgU2FmYXJpLzUzNy4zNiZwdmFyc19yZWZlcj1odHRwczovL2F1dG9jbGFpbS5zaXRlLyZwdmFyc19pcD0xNjIuMTU4LjkxLjQ3JnB2YXJzX3BsYWNlX249NDgmcHZhcnNfcHVibGlzaGVyX249MQ==&target=_blank&refer=htttps%3A%2F%2Fautoclaim.site%2F

Requested by

Host: freebitcoin.vip
URL: https://freebitcoin.vip/network/show_i.php?b=4916

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:9848 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b9d5c4f9aad7b9cf2085a8852e9b4e26eb1983be46f0202ccc92b6c9a86c756

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: freebitcoin.vip
:scheme: https
:path: /network/show_i.php?a=39&x=TVRZeU9UYzNOekl4TVMweE5qSXVNVFU0TGpreExqUTM=&z=1&d=1&pvars=cHZhcnNfdGltZXN0YW1wPTE2Mjk3NzcyMTEmcHZhcnNfb3M9TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzkyLjAuNDUxNS4xNTkgU2FmYXJpLzUzNy4zNiZwdmFyc19yZWZlcj1odHRwczovL2F1dG9jbGFpbS5zaXRlLyZwdmFyc19pcD0xNjIuMTU4LjkxLjQ3JnB2YXJzX3BsYWNlX249NDgmcHZhcnNfcHVibGlzaGVyX249MQ==&target=_blank&refer=htttps%3A%2F%2Fautoclaim.site%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://freebitcoin.vip/network/show_i.php?b=4916
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://freebitcoin.vip/network/show_i.php?b=4916

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=lvqllhp7eemdp6q7pnd3tblif2; path=/
strict-transport-security: max-age=15768000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EO0e6jilL%2Bufu7Q6qv39giFYRuqIJBu9gvFA3vyNaST31k94VcnYeJQ2RmYFgi47yQMfGm6KNwlbG4WuIg3oB%2Bt5qrZbeXeNjnuKZoKNAVrqCYeQctBaX5X01E1YzCE62vsPDazsjoYv21JDu14%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6839a2594c2c5b5c-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 blank.gif
coinad.xyz/images/ Frame 874F 43 B
675 B 19ms
14ms Image
image/gif 2606:4700:3030::ac43:9e20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://coinad.xyz/images/blank.gif

Requested by

Host: coinad.xyz
URL: https://coinad.xyz/show_i.php?a=315&x=TVRZeU9UYzNOekl4TVMweE5qSXVNVFU0TGpreExqRTJNdz09&z=29&d=1&pvars=cHZhcnNfdGltZXN0YW1wPTE2Mjk3NzcyMTEmcHZhcnNfb3M9TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzkyLjAuNDUxNS4xNTkgU2FmYXJpLzUzNy4zNiZwdmFyc19yZWZlcj1odHRwczovL2F1dG9jbGFpbS5zaXRlLyZwdmFyc19pcD0xNjIuMTU4LjkxLjE2MyZwdmFyc19wbGFjZV9uPTcxJnB2YXJzX3B1Ymxpc2hlcl9uPTI=&target=_blank&refer=htttps%3A%2F%2Fautoclaim.site%2F

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:9e20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

204e26ceed9d428095faf4121c5049f1e106116971865681001c2298f7cc5689

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://coinad.xyz/show_i.php?a=315&x=TVRZeU9UYzNOekl4TVMweE5qSXVNVFU0TGpreExqRTJNdz09&z=29&d=1&pvars=cHZhcnNfdGltZXN0YW1wPTE2Mjk3NzcyMTEmcHZhcnNfb3M9TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzkyLjAuNDUxNS4xNTkgU2FmYXJpLzUzNy4zNiZwdmFyc19yZWZlcj1odHRwczovL2F1dG9jbGFpbS5zaXRlLyZwdmFyc19pcD0xNjIuMTU4LjkxLjE2MyZwdmFyc19wbGFjZV9uPTcxJnB2YXJzX3B1Ymxpc2hlcl9uPTI=&target=_blank&refer=htttps%3A%2F%2Fautoclaim.site%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2389288
strict-transport-security: max-age=15768000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 43
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Apr 2019 08:27:54 GMT
server: cloudflare
etag: "5cc01e0a-2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BuRQTfYoIP%2BnYzVtlKSVlk0LLznYRjuvJWXu0itqQxnsvngA%2FkUJkguFCnzR3tSQP%2FmaK3GF2yGkcbe4aSGt%2F4DsOsqPC6soJcbwl5EZEsU8A1LbSgBML7BzamCr5SJRAr3DXIP8lN2D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6839a2594e964de2-FRA
expires: Thu, 26 Aug 2021 12:12:04 GMT

GET
H/1.1 200
OK 1621622 Show response
ad.a-ads.com/ Frame 9AC7 6 KB
2 KB 95ms
93ms Document
text/html 136.243.11.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1621622?size=320x100

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

136.243.11.250 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.250.11.243.136.clients.your-server.de

Software

nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)

Resource Hash

d9d74eed9864540a1953d2f6b0de165c9eb36035438828b99e09b6b1595cd333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://coinad.xyz/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://coinad.xyz/

Response headers

Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 24 Aug 2021 03:53:32 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Original-Referer: https://coinad.xyz/
Content-Encoding: gzip

GET
H3-29 200 blank.gif
freebitcoin.vip/network/images/ Frame 75A4 43 B
683 B 13ms
11ms Image
image/gif 2606:4700:3036::ac43:9848
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freebitcoin.vip/network/images/blank.gif

Requested by

Host: freebitcoin.vip
URL: https://freebitcoin.vip/network/show_i.php?a=35&x=TVRZeU9UYzNOekl4TVMweE5qSXVNVFU0TGpnNExqSTA=&z=27&d=1&pvars=cHZhcnNfdGltZXN0YW1wPTE2Mjk3NzcyMTEmcHZhcnNfb3M9TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzkyLjAuNDUxNS4xNTkgU2FmYXJpLzUzNy4zNiZwdmFyc19yZWZlcj1odHRwczovL2F1dG9jbGFpbS5zaXRlLyZwdmFyc19pcD0xNjIuMTU4Ljg4LjI0JnB2YXJzX3BsYWNlX249NTAmcHZhcnNfcHVibGlzaGVyX249MQ==&target=_blank&refer=htttps%3A%2F%2Fautoclaim.site%2F

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:9848 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

204e26ceed9d428095faf4121c5049f1e106116971865681001c2298f7cc5689

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freebitcoin.vip/network/show_i.php?a=35&x=TVRZeU9UYzNOekl4TVMweE5qSXVNVFU0TGpnNExqSTA=&z=27&d=1&pvars=cHZhcnNfdGltZXN0YW1wPTE2Mjk3NzcyMTEmcHZhcnNfb3M9TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzkyLjAuNDUxNS4xNTkgU2FmYXJpLzUzNy4zNiZwdmFyc19yZWZlcj1odHRwczovL2F1dG9jbGFpbS5zaXRlLyZwdmFyc19pcD0xNjIuMTU4Ljg4LjI0JnB2YXJzX3BsYWNlX249NTAmcHZhcnNfcHVibGlzaGVyX249MQ==&target=_blank&refer=htttps%3A%2F%2Fautoclaim.site%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1952519
strict-transport-security: max-age=15768000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 43
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Apr 2019 08:27:54 GMT
server: cloudflare
etag: "5cc01e0a-2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kYykCKDKd0eb08ccy3gfXqX%2FW4%2F2VMEkvEgGg4zFlxhHkOcuvejNkV8yxJN35pLK6l%2Bayh51Q79FMALu3h%2BcY%2FAM74umanWRcrjQTsiF61tr9hjte1cOEIWW5bw4NDlZle5vkZ3fcjoXNauEmzo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6839a2595c445b5c-FRA
expires: Tue, 31 Aug 2021 13:31:33 GMT

GET
H3-29 200 ad.php Show response
freelitecoin.vip/ads/ Frame BD84 2 KB
1 KB 70ms
68ms Document
text/html 2606:4700:3037::ac43:8e32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freelitecoin.vip/ads/ad.php?size=728x90

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8e32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85ba876179780190c333634b6409a7dce794114f8b3325503443b13def995e24

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: freelitecoin.vip
:scheme: https
:path: /ads/ad.php?size=728x90
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://freebitcoin.vip/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://freebitcoin.vip/

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=15768000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OlT1buOvUtlQEoSm5nQ3IAZ81LmkXY7aJJT82Dt8pfLIGi9U99W4%2F%2FOrd4qkb839l8u8n6yAdlmABb%2BSIeVP%2BwN33lvdkbDpdwlBH6c4u%2F1w812OQy3xWHqjjZPZT%2FowJOhZEFrZ1hGu3LJgsWmB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6839a25968974e3d-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 jquery.min.js Show response
cryptolatest.news/network/javascripts/ Frame E780 94 KB
34 KB 19ms
15ms Script
application/javascript 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cryptolatest.news/network/javascripts/jquery.min.js

Requested by

Host: cryptolatest.news
URL: https://cryptolatest.news/network/show_i.php?b=13624

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cryptolatest.news/network/show_i.php?b=13624
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7204
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Apr 2019 08:27:54 GMT
server: cloudflare
etag: W/"5cc01e0a-1787d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KhWZQ8I0FcXWWLxGxgY9DU%2FCgtC6Bq9EQdwW0mRaS9v4IYvacYhfzgaLEC6rkYDFrqKAuW4eDTa4bUz1EyyJ43VTbm%2F9EdwskDa%2FH9BDIpCUHVxJOSoB1CeaXd1%2BqYBZzItjnYBl9wYcdvL%2Bq05XEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6839a259dbad5c14-FRA
expires: Thu, 23 Sep 2021 01:53:28 GMT

GET
H3-29 200 javascripts.js Show response
cryptolatest.news/network/javascripts/ Frame E780 12 KB
3 KB 14ms
12ms Script
application/javascript 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cryptolatest.news/network/javascripts/javascripts.js

Requested by

Host: cryptolatest.news
URL: https://cryptolatest.news/network/show_i.php?b=13624

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83c58816534e3e403d03859d82b1fdbb0577c40f59cdaaba006f6de49c81a99b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cryptolatest.news/network/show_i.php?b=13624
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1823588
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Apr 2019 08:27:54 GMT
server: cloudflare
etag: W/"5cc01e0a-319a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e4POCrBjHTqZ6cTzMuOWWvP4jPtXAY75UUHDgqtZYoF1vZClpmwLT50Wd7WSZHei9rAWSHlQaTt4P2YqwR5CuxGh5woVRZu0MZ8vpdIy3k6dsRsb%2FLlOxGVOP5Zx7h9YT%2BqCjwn%2BhzQcz6a%2BHHFEXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6839a259dbae5c14-FRA
expires: Thu, 02 Sep 2021 01:20:24 GMT

GET
H3-29 200 iframe.tracker.js Show response
cryptolatest.news/network/javascripts/ Frame E780 4 KB
2 KB 13ms
11ms Script
application/javascript 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cryptolatest.news/network/javascripts/iframe.tracker.js

Requested by

Host: cryptolatest.news
URL: https://cryptolatest.news/network/show_i.php?b=13624

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

259c81f75e7c877c3050416e38b7389146c95310f9234582b399c4b11c694a7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cryptolatest.news/network/show_i.php?b=13624
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1823588
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Apr 2019 08:27:54 GMT
server: cloudflare
etag: W/"5cc01e0a-edf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bhRrHwOosqA4UzGqkANdle8Bv7DVkzc1vhLyo4vU%2BnaOma0YTMDA55TPkCZQGLPj5NzwyDH7rS3IvTuLpU3k%2BLcORnzS9Q1lAGgyJNLgVy3E9w2WZourRWPdHfT%2FCMeDaPcfivm%2F3e7EUz%2FKyyVqpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6839a259dbaf5c14-FRA
expires: Thu, 02 Sep 2021 01:20:24 GMT

GET
H3-29 200 smalllogo.png
coinad.xyz/ Frame E780 2 KB
3 KB 12ms
10ms Image
image/png 2606:4700:3030::ac43:9e20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://coinad.xyz/smalllogo.png

Requested by

Host: cryptolatest.news
URL: https://cryptolatest.news/network/show_i.php?b=13624

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:9e20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16f35061c69aa6ec4053fd017ba8a72d05bdd5137eec4cde6aed95bb3af6e246

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cryptolatest.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 254060
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1993
x-xss-protection: 1; mode=block
last-modified: Sun, 18 Apr 2021 05:21:30 GMT
server: cloudflare
etag: "607bc1da-7c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=punk1%2FUWOW%2Bu%2Fv68SM0Z%2F3TBZXE4KRo31X5hDxrCxFXbuQdjjA3RqBWdsHDgXacRTz574IfSv2SYzQ1Bli1Udahwcnjd4C3BMOI5zbGQmUacNkj0c71EL5RH1ViQIEs%2FterQLYKnWwKQ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6839a259df304de2-FRA
expires: Mon, 20 Sep 2021 05:19:12 GMT

GET
H2 200 brokers.js Show response
static.arc.io/widget/js/ 23 KB
8 KB 34ms
34ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/brokers.js?d199f59c
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?f3c7172
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-70.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c3d97f6528473b11cf17e80e0ee92f1eb59551b0f5b25c60cb483c8593dd259a

Request headers

Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 23:01:04 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 363149
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 19 Aug 2021 22:54:28 GMT
server: AmazonS3
etag: W/"18bfde6b86fff4624dde79167dc54cc0"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: vTN0w8Nph-oxCV7z8GW5t3x8NHfvy8Xye3-5HKI21y-J_O84AjtVxA==

GET
H3-29 200 api.js Show response
freelitecoin.vip/cdn-cgi/bm/cv/669835187/ Frame 22FD 35 KB
9 KB 62ms
59ms Script
text/javascript 2606:4700:3037::ac43:8e32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freelitecoin.vip/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: freelitecoin.vip
URL: https://freelitecoin.vip/network/show_i.php?b=4890

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8e32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://freelitecoin.vip/network/show_i.php?b=4890
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zp90biDaEvEgrheSUj61fKL%2BSqzYY%2F04ZsYTwnm1UdeSkYM1lAl6U5zMLmi1XwQKtg9Tb7rlxpjm4G2tuwG%2FPTDWzuVvQKnq4HH0F8PS6WUYrsXZQfZnleXVXFhN%2FRgtW08Uvj5TcBfGmoFaqahk"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 6839a25a193d4e3d-FRA

GET
H3-29 200 jquery.min.js Show response
freelitecoin.vip/network/javascripts/ Frame 22FD 94 KB
34 KB 66ms
64ms Script
application/javascript 2606:4700:3037::ac43:8e32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freelitecoin.vip/network/javascripts/jquery.min.js

Requested by

Host: freelitecoin.vip
URL: https://freelitecoin.vip/network/show_i.php?b=4890

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8e32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freelitecoin.vip/network/show_i.php?b=4890
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2311329
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Apr 2019 08:27:54 GMT
server: cloudflare
etag: W/"5cc01e0a-1787d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fu0Fir47dL70EGmRNXhvEgB69HmVxvzHFM5iZm2kV8VTCR6F7kWOmqXtU8yOPMV3MXrxn%2FemNbCEa8o5%2Fu1A2oHwR3fVL%2Fyo2rirM5CNiRRwWBK66SkAAPueiDoZtQQ4MXNqnPNgz6zc0aolsTbg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6839a25a19394e3d-FRA
expires: Fri, 27 Aug 2021 09:51:23 GMT

GET
H3-29 200 javascripts.js Show response
freelitecoin.vip/network/javascripts/ Frame 22FD 12 KB
3 KB 72ms
70ms Script
application/javascript 2606:4700:3037::ac43:8e32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freelitecoin.vip/network/javascripts/javascripts.js

Requested by

Host: freelitecoin.vip
URL: https://freelitecoin.vip/network/show_i.php?b=4890

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8e32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83c58816534e3e403d03859d82b1fdbb0577c40f59cdaaba006f6de49c81a99b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freelitecoin.vip/network/show_i.php?b=4890
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2313685
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Apr 2019 08:27:54 GMT
server: cloudflare
etag: W/"5cc01e0a-319a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nDLlxMwBbTGTBusyzC9pbcOnGsYMkJ9m9CLW4HQV8vnEilbRlPuGsms9ylH3WX6%2Br%2F%2BZHaAw7vFoghGS7vfJXWjbgvthU2jpRQrB95jOwVU06bkZBxG%2BbI8CHvUSU5cwHI49j%2F6zgMF156FHLjlg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6839a25a193b4e3d-FRA
expires: Fri, 27 Aug 2021 09:12:07 GMT

GET
H3-29 200 iframe.tracker.js Show response
freelitecoin.vip/network/javascripts/ Frame 22FD 4 KB
2 KB 62ms
60ms Script
application/javascript 2606:4700:3037::ac43:8e32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freelitecoin.vip/network/javascripts/iframe.tracker.js

Requested by

Host: freelitecoin.vip
URL: https://freelitecoin.vip/network/show_i.php?b=4890

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8e32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

259c81f75e7c877c3050416e38b7389146c95310f9234582b399c4b11c694a7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freelitecoin.vip/network/show_i.php?b=4890
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2311329
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Apr 2019 08:27:54 GMT
server: cloudflare
etag: W/"5cc01e0a-edf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=icJvA3MwyE%2FIy4S6X80wQbMNeAWzGI21O9GxJ0cCGgen%2BwJfkJktwnBZHtEHHZ1PinuKdG5EDn2cedFxFLwTCScjmU74CsV12oX3S2tSfNXHvDBNnnJID93t6FSsy6ZKsIFa7h4vOC%2FLFPs4YXny"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6839a25a193c4e3d-FRA
expires: Fri, 27 Aug 2021 09:51:23 GMT

GET
H3-29 200 smalllogo.png
coinad.xyz/ Frame 22FD 2 KB
3 KB 61ms
59ms Image
image/png 2606:4700:3030::ac43:9e20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://coinad.xyz/smalllogo.png

Requested by

Host: freelitecoin.vip
URL: https://freelitecoin.vip/network/show_i.php?b=4890

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:9e20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16f35061c69aa6ec4053fd017ba8a72d05bdd5137eec4cde6aed95bb3af6e246

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freelitecoin.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 254060
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1993
x-xss-protection: 1; mode=block
last-modified: Sun, 18 Apr 2021 05:21:30 GMT
server: cloudflare
etag: "607bc1da-7c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ffCPNxt%2Fi6dJz%2FSvX6AbuQ%2ByJ8mt7Lxawot07kDBimn7ehqiPR37asvjY%2BR8ScVAXLrtLMTDs5hvztJw1EuDWH1xjdqjFyCEiHYgSr3H6xzbbZojmO5IcNZzBU6vEbPWz%2Bx1kB83UOOo"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6839a25a1f684de2-FRA
expires: Mon, 20 Sep 2021 05:19:12 GMT

GET
H3-29 200 show_i.php Show response
cryptolatest.news/network/ Frame 07D8 1 KB
1 KB 27ms
27ms Document
text/html 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cryptolatest.news/network/show_i.php?a=52&x=TVRZeU9UYzNOekl4TWkweE5qSXVNVFU0TGprekxqSTBPUT09&z=27&d=1&pvars=cHZhcnNfdGltZXN0YW1wPTE2Mjk3NzcyMTImcHZhcnNfb3M9TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzkyLjAuNDUxNS4xNTkgU2FmYXJpLzUzNy4zNiZwdmFyc19yZWZlcj1odHRwczovL2F1dG9jbGFpbS5zaXRlLyZwdmFyc19pcD0xNjIuMTU4LjkzLjI0OSZwdmFyc19wbGFjZV9uPTUwJnB2YXJzX3B1Ymxpc2hlcl9uPTE=&target=_blank&refer=htttps%3A%2F%2Fautoclaim.site%2F

Requested by

Host: cryptolatest.news
URL: https://cryptolatest.news/network/show_i.php?b=13624

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecf37d788b10e6285d11d57933fec1f3999b4267ae796d57446e23f6368b79f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: cryptolatest.news
:scheme: https
:path: /network/show_i.php?a=52&x=TVRZeU9UYzNOekl4TWkweE5qSXVNVFU0TGprekxqSTBPUT09&z=27&d=1&pvars=cHZhcnNfdGltZXN0YW1wPTE2Mjk3NzcyMTImcHZhcnNfb3M9TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzkyLjAuNDUxNS4xNTkgU2FmYXJpLzUzNy4zNiZwdmFyc19yZWZlcj1odHRwczovL2F1dG9jbGFpbS5zaXRlLyZwdmFyc19pcD0xNjIuMTU4LjkzLjI0OSZwdmFyc19wbGFjZV9uPTUwJnB2YXJzX3B1Ymxpc2hlcl9uPTE=&target=_blank&refer=htttps%3A%2F%2Fautoclaim.site%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cryptolatest.news/network/show_i.php?b=13624
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://cryptolatest.news/network/show_i.php?b=13624

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=a7orslp3atlomt6qppkrotdb87; path=/
strict-transport-security: max-age=15768000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FfivHuQz%2FzHUgCzedYKNMuPN9il2SAeL9%2Bkxy8l3Ku18USxSgmHUFuWKEk34KKi6KM4Lo2NJx2K2GjOgwx40la8ylcd7v5AZWbua6ZHLcLTf4%2Fy%2B0BkFd6AEf%2Bje0wrAThj%2F%2Bbsd1oHdEHCDIUlEaA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6839a25b2d255c14-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 blank.gif
freebitcoin.vip/network/images/ Frame F777 43 B
678 B 11ms
10ms Image
image/gif 2606:4700:3036::ac43:9848
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freebitcoin.vip/network/images/blank.gif

Requested by

Host: freebitcoin.vip
URL: https://freebitcoin.vip/network/show_i.php?a=39&x=TVRZeU9UYzNOekl4TVMweE5qSXVNVFU0TGpreExqUTM=&z=1&d=1&pvars=cHZhcnNfdGltZXN0YW1wPTE2Mjk3NzcyMTEmcHZhcnNfb3M9TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzkyLjAuNDUxNS4xNTkgU2FmYXJpLzUzNy4zNiZwdmFyc19yZWZlcj1odHRwczovL2F1dG9jbGFpbS5zaXRlLyZwdmFyc19pcD0xNjIuMTU4LjkxLjQ3JnB2YXJzX3BsYWNlX249NDgmcHZhcnNfcHVibGlzaGVyX249MQ==&target=_blank&refer=htttps%3A%2F%2Fautoclaim.site%2F

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:9848 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

204e26ceed9d428095faf4121c5049f1e106116971865681001c2298f7cc5689

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freebitcoin.vip/network/show_i.php?a=39&x=TVRZeU9UYzNOekl4TVMweE5qSXVNVFU0TGpreExqUTM=&z=1&d=1&pvars=cHZhcnNfdGltZXN0YW1wPTE2Mjk3NzcyMTEmcHZhcnNfb3M9TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzkyLjAuNDUxNS4xNTkgU2FmYXJpLzUzNy4zNiZwdmFyc19yZWZlcj1odHRwczovL2F1dG9jbGFpbS5zaXRlLyZwdmFyc19pcD0xNjIuMTU4LjkxLjQ3JnB2YXJzX3BsYWNlX249NDgmcHZhcnNfcHVibGlzaGVyX249MQ==&target=_blank&refer=htttps%3A%2F%2Fautoclaim.site%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1952519
strict-transport-security: max-age=15768000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 43
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Apr 2019 08:27:54 GMT
server: cloudflare
etag: "5cc01e0a-2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=glNnGuCDLKuhgYBfj%2F8tms7r1g2SyH94AsaT6JUQSehiQC47EQaWmWGHPoBajJ8B0yoZKQsXts1Us5yXIOiyZpbMfrYkVqcBYZ1HEKMS7FnqVT2YaqoKRKNz59oc45I7ixwXMA75UTYAPHAhboA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6839a25b2db35b5c-FRA
expires: Tue, 31 Aug 2021 13:31:33 GMT

GET
H/1.1 200
OK Cookie set DAEAF3B21142 Show response
mellowads.com/view/ Frame 96FC 2 KB
1 KB 285ms
261ms Document
text/html 2606:4700::6810:e633
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mellowads.com/view/DAEAF3B21142
Requested by: Host: freebitcoin.vip
URL: https://freebitcoin.vip/network/show_i.php?a=39&x=TVRZeU9UYzNOekl4TVMweE5qSXVNVFU0TGpreExqUTM=&z=1&d=1&pvars=cHZhcnNfdGltZXN0YW1wPTE2Mjk3NzcyMTEmcHZhcnNfb3M9TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzkyLjAuNDUxNS4xNTkgU2FmYXJpLzUzNy4zNiZwdmFyc19yZWZlcj1odHRwczovL2F1dG9jbGFpbS5zaXRlLyZwdmFyc19pcD0xNjIuMTU4LjkxLjQ3JnB2YXJzX3BsYWNlX249NDgmcHZhcnNfcHVibGlzaGVyX249MQ==&target=_blank&refer=htttps%3A%2F%2Fautoclaim.site%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:e633 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66eebc0bfc49466af9d45b579a1eb1a5c447e07c0d2c8f1371e1520ae7e1fe22

Request headers

Host: mellowads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://freebitcoin.vip/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://freebitcoin.vip/

Response headers

Date: Tue, 24 Aug 2021 03:53:32 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private
X-AspNet-Version: 4.0.30319
Set-Cookie: user=referrer=; expires=Mon, 22-Nov-2021 04:53:29 GMT; path=/
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 6839a25b580f0631-FRA
Content-Encoding: gzip

POST
H3-29 204 result Show response
freelitecoin.vip/cdn-cgi/bm/cv/ Frame 57C5 0
673 B 9ms
8ms XHR
text/plain 2606:4700:3037::ac43:8e32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freelitecoin.vip/cdn-cgi/bm/cv/result?req_id=6839a2575b8705dc
Requested by: Host: freelitecoin.vip
URL: https://freelitecoin.vip/cdn-cgi/bm/cv/669835187/api.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8e32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://freelitecoin.vip/network/show.php?z=28&pl=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6839a25b4a3d4e3d-FRA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AudnBOLEtBCOgKDPhJXoWdV2ioCPbam4R8Mcm4NkiRRERKtZRRrcQZOjX%2BEIL7xb92cdvjV53SkC%2FFk1bLHzqh5x30w0AQYydgtoYposZZllIbAEPgvBy06hPR46rhT2iWRBdshK6m2hI56pF9c2"}],"group":"cf-nel","max_age":604800}

GET
H2 200 createjs-2015.11.26.min.js Show response
refpazkjixes.top/img/AdAgent_19/7d358a7a-54da-4e14-adf1-c0cf5a658c23/libs/ Frame 92BA 186 KB
49 KB 82ms
79ms Script
application/javascript 45.150.232.24
MELBICOM-EU-AS Me...

General

Check archive.org

Show headers Download Go to

Full URL

https://refpazkjixes.top/img/AdAgent_19/7d358a7a-54da-4e14-adf1-c0cf5a658c23/libs/createjs-2015.11.26.min.js

Requested by

Host: refpazkjixes.top
URL: https://refpazkjixes.top/img/AdAgent_19/7d358a7a-54da-4e14-adf1-c0cf5a658c23/index.html?dataUrl=https://refpazkjixes.top%2fC%3ftag%3db_915181m_44611c_%26site%3d915181%26ad%3d44611%26urlred%3dhttp%253A%252F%252Fbitredirixe.top%252Fslots%252F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.150.232.24 Amsterdam, Netherlands, ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT),

Reverse DNS

Software

nginx /

Resource Hash

575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://refpazkjixes.top/img/AdAgent_19/7d358a7a-54da-4e14-adf1-c0cf5a658c23/index.html?dataUrl=https://refpazkjixes.top%2fC%3ftag%3db_915181m_44611c_%26site%3d915181%26ad%3d44611%26urlred%3dhttp%253A%252F%252Fbitredirixe.top%252Fslots%252F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
content-encoding: gzip
last-modified: Wed, 28 Aug 2019 12:57:42 GMT
server: nginx
etag: "0a7b02da05dd51:0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 49539

GET
H2 200 index.js Show response
refpazkjixes.top/img/AdAgent_19/7d358a7a-54da-4e14-adf1-c0cf5a658c23/ Frame 92BA 49 KB
9 KB 63ms
60ms Script
application/javascript 45.150.232.24
MELBICOM-EU-AS Me...

General

Check archive.org

Show headers Download Go to

Full URL

https://refpazkjixes.top/img/AdAgent_19/7d358a7a-54da-4e14-adf1-c0cf5a658c23/index.js?1576492638012

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.150.232.24 Amsterdam, Netherlands, ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT),

Reverse DNS

Software

nginx /

Resource Hash

272b5e5ebc3c71bb8d6007f8c990e2f5a74c25ab0bc624d49c215cdc14e6dd81

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://refpazkjixes.top/img/AdAgent_19/7d358a7a-54da-4e14-adf1-c0cf5a658c23/index.html?dataUrl=https://refpazkjixes.top%2fC%3ftag%3db_915181m_44611c_%26site%3d915181%26ad%3d44611%26urlred%3dhttp%253A%252F%252Fbitredirixe.top%252Fslots%252F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
content-encoding: gzip
last-modified: Tue, 23 Mar 2021 14:06:28 GMT
server: nginx
etag: "0aadb7ed1fd71:0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 9236

GET
H3-29 200 api.js Show response
freelitecoin.vip/cdn-cgi/bm/cv/669835187/ Frame BD84 35 KB
9 KB 10ms
9ms Script
text/javascript 2606:4700:3037::ac43:8e32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freelitecoin.vip/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: freelitecoin.vip
URL: https://freelitecoin.vip/ads/ad.php?size=728x90

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8e32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://freelitecoin.vip/ads/ad.php?size=728x90
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rGjJ6wiXtgKLUx%2B%2F5RzPDjwxz9LElwMk%2B2wuu2ww7usm3tHE6uB%2FCtocfWHdU%2FnIH0uIrRnz8HM75Hj3F%2F6M%2FJoQxPlLUrPrvNofBvY%2FAK2TqVQ%2BXqzQ5aUu9N8xLREu5gDecmE1tDQV%2BzcwiFKr"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 6839a25b5a4b4e3d-FRA

GET
H2 200 5ddedb0df918d6723b22331a.js Show response
cdn.bmcdn1.com/js/ Frame BD84 60 KB
19 KB 184ms
118ms Script
application/javascript 2606:4700:20::681a:5b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bmcdn1.com/js/5ddedb0df918d6723b22331a.js
Requested by: Host: freelitecoin.vip
URL: https://freelitecoin.vip/ads/ad.php?size=728x90
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1ac2f4467de247dd0fc63152998602035a7ec58baed162296fad2b059a4a6bc

Request headers

Referer: https://freelitecoin.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TE53X9iLKDg4ZDzu3Hi8Ln%2FNgB60pcLp8KSl4g0%2FfUbdB%2FYjyIoplU7TouDnwbokbd0Fi0e%2BCK7x1Tj6HuwVQbcu4NdKK%2FK5PGGa7TvcNZOlF8T1kE7gIzZr%2FlGJ5sxu9rsFMW7jb0Ay9BBF"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1800, public
cf-ray: 6839a25bb89d4ec8-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Tue, 24 Aug 2021 04:23:32 GMT

GET
H3-29 503 show_i.php
freelitecoin.vip/network/ Frame F529 0
0 11ms
11ms Document
text/html 2606:4700:3037::ac43:8e32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freelitecoin.vip/network/show_i.php?a=33&x=TVRZeU9UYzNOekl4TWkweE5qSXVNVFU0TGpnNExqZzM=&z=28&d=1&pvars=cHZhcnNfdGltZXN0YW1wPTE2Mjk3NzcyMTImcHZhcnNfb3M9TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzkyLjAuNDUxNS4xNTkgU2FmYXJpLzUzNy4zNiZwdmFyc19yZWZlcj1odHRwczovL2F1dG9jbGFpbS5zaXRlLyZwdmFyc19pcD0xNjIuMTU4Ljg4Ljg3JnB2YXJzX3BsYWNlX249NDcmcHZhcnNfcHVibGlzaGVyX249MQ==&target=_blank&refer=htttps%3A%2F%2Fautoclaim.site%2F

Requested by

Host: freelitecoin.vip
URL: https://freelitecoin.vip/network/show_i.php?b=4890

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8e32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: freelitecoin.vip
:scheme: https
:path: /network/show_i.php?a=33&x=TVRZeU9UYzNOekl4TWkweE5qSXVNVFU0TGpnNExqZzM=&z=28&d=1&pvars=cHZhcnNfdGltZXN0YW1wPTE2Mjk3NzcyMTImcHZhcnNfb3M9TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzkyLjAuNDUxNS4xNTkgU2FmYXJpLzUzNy4zNiZwdmFyc19yZWZlcj1odHRwczovL2F1dG9jbGFpbS5zaXRlLyZwdmFyc19pcD0xNjIuMTU4Ljg4Ljg3JnB2YXJzX3BsYWNlX249NDcmcHZhcnNfcHVibGlzaGVyX249MQ==&target=_blank&refer=htttps%3A%2F%2Fautoclaim.site%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://freelitecoin.vip/network/show_i.php?b=4890
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cf_bm=9ba4a0d98aca79ea14ca1c88c2f9d70fd15230f0-1629777212-1800-ASxuJPNNP7NJ92z/9L5iS6yYIbhSsDwu7Xjq1WbDdOCsrLhYihAxh68ZPz5xbNvnAi16OXcyV41CZdrHwZ2+TpMMAwUsZJyE16/n+t9K8ZxVuMG1/yw99rXGUMOI5ggLj0MXcWNfk7Sex1YsripCDo0=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://freelitecoin.vip/network/show_i.php?b=4890

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mZcvGt3YYZgdmZ376CdGp7SnoB8OrXWlEXU40dgseOj47aRNqVdtMTkXiknKqURUagF2tXFNqLo6MWZBle9Vkx%2FUnPj9MKB%2BdgYSqTUjQR1kWlX43ow3eqDWLb3YUVYIGo0UWHXmtSLLzxM01DjL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6839a25bcab64e3d-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H/1.1 200
OK 320x100
static.a-ads.com/a-ads-banners/248033/ Frame 9AC7 32 KB
33 KB 183ms
89ms Image
image/jpeg 144.76.28.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/248033/320x100?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1621622?size=320x100
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.28.254 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.254.28.76.144.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 92ac0822865b82140275f187dbc1a802b80e6d2c36e39c58b19dd38310b36e2e

Request headers

Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 24 Aug 2021 03:53:32 GMT
Last-Modified: Sun, 15 Aug 2021 04:56:56 GMT
Server: nginx/1.18.0 (Ubuntu)
x-amz-request-id: VDX0QDPR9V249WH1
ETag: "3b13b89c70b9420529ca1e07684ac6f8"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
x-amz-replication-status: COMPLETED
Content-Length: 32855
Connection: keep-alive
Accept-Ranges: bytes
x-amz-version-id: qPPuwFWT.URSzxuFmG_AdHJ21pl6N6wR
x-amz-id-2: cMO/3wnEEM+P7ywXXlY8EvLNu2V6F8wLJlY1jhxejTJoIO9u97I8nVHnSjM5jIf0Of2usoaPaa4=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 9AC7 305 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bundle.min.js Show response
browser.sentry-cdn.com/6.2.2/ 65 KB
20 KB 82ms
6ms Script
application/javascript 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/6.2.2/bundle.min.js

Requested by

Host: arc.io
URL: https://arc.io/widget.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e593e95cfe0f3335088d5643951e90c8b4b3a4dfbe773614bb0070d544edb02e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://autoclaim.site
Referer: https://autoclaim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 09:25:54 GMT
server: Fastly
age: 14319789
etag: "a948fc086ec14683f3f2270913c7f702"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 20633
expires: Fri, 11 Mar 2022 10:10:24 GMT

GET
H3-29 200 blank.gif
cryptolatest.news/network/images/ Frame 07D8 43 B
684 B 69ms
69ms Image
image/gif 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cryptolatest.news/network/images/blank.gif

Requested by

Host: cryptolatest.news
URL: https://cryptolatest.news/network/show_i.php?a=52&x=TVRZeU9UYzNOekl4TWkweE5qSXVNVFU0TGprekxqSTBPUT09&z=27&d=1&pvars=cHZhcnNfdGltZXN0YW1wPTE2Mjk3NzcyMTImcHZhcnNfb3M9TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzkyLjAuNDUxNS4xNTkgU2FmYXJpLzUzNy4zNiZwdmFyc19yZWZlcj1odHRwczovL2F1dG9jbGFpbS5zaXRlLyZwdmFyc19pcD0xNjIuMTU4LjkzLjI0OSZwdmFyc19wbGFjZV9uPTUwJnB2YXJzX3B1Ymxpc2hlcl9uPTE=&target=_blank&refer=htttps%3A%2F%2Fautoclaim.site%2F

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

204e26ceed9d428095faf4121c5049f1e106116971865681001c2298f7cc5689

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cryptolatest.news/network/show_i.php?a=52&x=TVRZeU9UYzNOekl4TWkweE5qSXVNVFU0TGprekxqSTBPUT09&z=27&d=1&pvars=cHZhcnNfdGltZXN0YW1wPTE2Mjk3NzcyMTImcHZhcnNfb3M9TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzkyLjAuNDUxNS4xNTkgU2FmYXJpLzUzNy4zNiZwdmFyc19yZWZlcj1odHRwczovL2F1dG9jbGFpbS5zaXRlLyZwdmFyc19pcD0xNjIuMTU4LjkzLjI0OSZwdmFyc19wbGFjZV9uPTUwJnB2YXJzX3B1Ymxpc2hlcl9uPTE=&target=_blank&refer=htttps%3A%2F%2Fautoclaim.site%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1823586
strict-transport-security: max-age=15768000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 43
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Apr 2019 08:27:54 GMT
server: cloudflare
etag: "5cc01e0a-2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z2EcLzIvlnUcznItegsKU3s%2B8mTbkusBfyBujh3kkpule998COw5KgtewNAyOlUTFguhsFRhqrd9BDXZsOJFaIE7emvzzn%2B8TKcTq4sg0Waf4n1nxlxPlWEi%2FA442uCYGeheGg0PTssIOT8IPufwVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6839a25bee015c14-FRA
expires: Thu, 02 Sep 2021 01:20:26 GMT

GET
H/1.1 200
OK 1656746 Show response
ad.a-ads.com/ Frame 4B99 6 KB
2 KB 66ms
64ms Document
text/html 136.243.11.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1656746?size=728x90

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

136.243.11.250 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.250.11.243.136.clients.your-server.de

Software

nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)

Resource Hash

cda4b2583ba756c78a0e46d59bca94ab9e4f83538f63a0a066815e6bab3e4aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://cryptolatest.news/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://cryptolatest.news/

Response headers

Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 24 Aug 2021 03:53:32 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Original-Referer: https://cryptolatest.news/
Content-Encoding: gzip

GET
H2 200 lazy-modules.a169b1ec.js Show response
static.arc.io/broker/js/ Frame 9008 45 KB
15 KB 62ms
62ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/lazy-modules.a169b1ec.js
Requested by: Host: static.arc.io
URL: https://static.arc.io/broker/js/broker.dcd0e0f1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-70.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 45344ec706e661760887e42f8797c4dd446805b24657d99318b08d211f2e549b

Request headers

Referer: https://core.arc.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 23:19:10 GMT
content-encoding: gzip
age: 2003663
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 08 Jun 2021 01:24:16 GMT
server: AmazonS3
etag: W/"32ab6174f553ec44ff554a5a2406b76d"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: H1fIk8QHBwg7iIRNy1DXF8XrtpwMw77i3DOrQe22-DzEodtTnkZNDg==

GET
H2 200 bg.jpg
refpazkjixes.top/img/AdAgent_19/7d358a7a-54da-4e14-adf1-c0cf5a658c23/images/ Frame 92BA 3 KB
4 KB 52ms
51ms Image
image/jpeg 45.150.232.24
MELBICOM-EU-AS Me...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refpazkjixes.top/img/AdAgent_19/7d358a7a-54da-4e14-adf1-c0cf5a658c23/images/bg.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.150.232.24 Amsterdam, Netherlands, ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT),

Reverse DNS

Software

nginx /

Resource Hash

6526d9f8a9f514c0b7e6928c9fbdf9b802f87b1616bee272d2a8133709d0288c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://refpazkjixes.top/img/AdAgent_19/7d358a7a-54da-4e14-adf1-c0cf5a658c23/index.html?dataUrl=https://refpazkjixes.top%2fC%3ftag%3db_915181m_44611c_%26site%3d915181%26ad%3d44611%26urlred%3dhttp%253A%252F%252Fbitredirixe.top%252Fslots%252F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
last-modified: Tue, 23 Mar 2021 13:40:40 GMT
server: nginx
etag: "0fcfe1cea1fd71:0"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 3510

POST
H3-29 204 result Show response
freelitecoin.vip/cdn-cgi/bm/cv/ Frame 22FD 0
685 B 9ms
8ms XHR
text/plain 2606:4700:3037::ac43:8e32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freelitecoin.vip/cdn-cgi/bm/cv/result?req_id=6839a258bff94e3d
Requested by: Host: freelitecoin.vip
URL: https://freelitecoin.vip/cdn-cgi/bm/cv/669835187/api.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8e32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://freelitecoin.vip/network/show_i.php?b=4890
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 24 Aug 2021 03:53:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6839a25d1bda4e3d-FRA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yb2rHSkMF9E%2BPnkEgJKV8nJR6ROa2aVM9rZJ7Iz4fBqQB5K9jyHtJ0Ws%2FY0c4CjZvEwPiMOMoj%2BAi3L1j8VwxyFoQ96EXIgMzItoG4zmo8Q%2BxpOSD%2F8aEVezHuD%2B%2BVAPxtWUDGyppq7uGB7I12KG"}],"group":"cf-nel","max_age":604800}

GET
H2 200 bit.png
refpazkjixes.top/img/AdAgent_19/7d358a7a-54da-4e14-adf1-c0cf5a658c23/images/ Frame 92BA 4 KB
5 KB 41ms
40ms Image
image/png 45.150.232.24
MELBICOM-EU-AS Me...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refpazkjixes.top/img/AdAgent_19/7d358a7a-54da-4e14-adf1-c0cf5a658c23/images/bit.png

Requested by

Host: refpa.top
URL: https://refpa.top/I?tag=b_915181m_44611c_&site=915181&ad=44611

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.150.232.24 Amsterdam, Netherlands, ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT),

Reverse DNS

Software

nginx /

Resource Hash

b04e896be9e7223c4dcde252c5d996e09fe16aaf8d036dbe945226d29eb13964

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://refpazkjixes.top/img/AdAgent_19/7d358a7a-54da-4e14-adf1-c0cf5a658c23/index.html?dataUrl=https://refpazkjixes.top%2fC%3ftag%3db_915181m_44611c_%26site%3d915181%26ad%3d44611%26urlred%3dhttp%253A%252F%252Fbitredirixe.top%252Fslots%252F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:33 GMT
last-modified: Tue, 23 Mar 2021 14:06:28 GMT
server: nginx
etag: "0aadb7ed1fd71:0"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 4401

GET
H2 200 / Show response
refpa.top/redirect/stat/run/ Frame 37E5 137 B
761 B 72ms
72ms XHR
application/json 83.147.204.15
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://refpa.top/redirect/stat/run/

Requested by

Host: refpa.top
URL: https://refpa.top/checker/checker.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

83.147.204.15 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

ec7c86dbae825ccc55d9ac56ccb75a8a69f119b4fd206a6667e5febb7daa0e08

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://refpa.top/I?tag=b_915181m_44611c_&site=915181&ad=44611
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
x-requested-with: XMLHttpRequest

Response headers

pragma: no-cache
date: Tue, 24 Aug 2021 03:53:33 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-store, no-cache, must-revalidate
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 137
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H3-29 204 result Show response
freelitecoin.vip/cdn-cgi/bm/cv/ Frame BD84 0
676 B 9ms
8ms XHR
text/plain 2606:4700:3037::ac43:8e32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freelitecoin.vip/cdn-cgi/bm/cv/result?req_id=6839a25968974e3d
Requested by: Host: freelitecoin.vip
URL: https://freelitecoin.vip/cdn-cgi/bm/cv/669835187/api.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8e32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://freelitecoin.vip/ads/ad.php?size=728x90
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 24 Aug 2021 03:53:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6839a25dec974e3d-FRA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6658jVk90lFaxrQL%2FdSezSz9xSHBm4HdSy71mF4ZntL25b%2BbcmmgKjkCRJ9lkU3v%2BRgJ8WYkSO13M1DQaBgyMUqCjrZgfxPASRvxn7zvdLUnpH6S3pzat7svxAgsiYGtfu5OuGjJE7uw6vyyWNIp"}],"group":"cf-nel","max_age":604800}

GET
H/1.1 200
OK 728x90
static.a-ads.com/a-ads-banners/254594/ Frame 4B99 132 KB
132 KB 52ms
52ms Image
image/gif 144.76.28.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/254594/728x90?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1656746?size=728x90
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.28.254 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.254.28.76.144.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 39be3702a0d494ff8b5aa156339b7fd82358ad35b6a2697f251038316206208a

Request headers

Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 24 Aug 2021 03:53:33 GMT
Last-Modified: Sun, 22 Aug 2021 17:30:36 GMT
Server: nginx/1.18.0 (Ubuntu)
x-amz-request-id: ZN6TS667A0Y12WA6
ETag: "b2303b43a54de012d5b2c355a867e0d3"
Content-Type: image/gif
Cache-Control: max-age=315360000
x-amz-replication-status: COMPLETED
Content-Length: 134664
Connection: keep-alive
Accept-Ranges: bytes
x-amz-version-id: ObikXc1EJmTyWNTMAMR2GiFR1xJYvunA
x-amz-id-2: /zrVdYDhJ1tlGDtODjNmNrUwiCIYTjTHocvtrGgyNNUsJjlP6YayENgFKxetmX7WeN0IcV+ODvA=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 4B99 305 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 koldun.png
refpazkjixes.top/img/AdAgent_19/7d358a7a-54da-4e14-adf1-c0cf5a658c23/images/ Frame 92BA 41 KB
41 KB 61ms
60ms Image
image/png 45.150.232.24
MELBICOM-EU-AS Me...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refpazkjixes.top/img/AdAgent_19/7d358a7a-54da-4e14-adf1-c0cf5a658c23/images/koldun.png

Requested by

Host: autoclaim.site
URL: https://autoclaim.site/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.150.232.24 Amsterdam, Netherlands, ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT),

Reverse DNS

Software

nginx /

Resource Hash

6e2322bbde367cb7a405392e572a5c6747926c547d313b65b647c4c3591d70a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://refpazkjixes.top/img/AdAgent_19/7d358a7a-54da-4e14-adf1-c0cf5a658c23/index.html?dataUrl=https://refpazkjixes.top%2fC%3ftag%3db_915181m_44611c_%26site%3d915181%26ad%3d44611%26urlred%3dhttp%253A%252F%252Fbitredirixe.top%252Fslots%252F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:33 GMT
last-modified: Tue, 23 Mar 2021 14:06:28 GMT
server: nginx
etag: "0aadb7ed1fd71:0"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 41863

GET
H2 200 size0.css
mellowads.b-cdn.net/css/ Frame 96FC 395 B
1 KB 120ms
36ms Stylesheet
text/css 185.59.220.193
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://mellowads.b-cdn.net/css/size0.css?v18
Requested by: Host: mellowads.com
URL: https://mellowads.com/view/DAEAF3B21142
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.193 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-601.bunnyinfra.net
Software: BunnyCDN-DE1-601 /
Resource Hash: ab678728d50221c34ab637a8db8060f2d87621fced24a19b1f41ee4ca6a3e3ff

Request headers

Referer: https://mellowads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:33 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cdn-edgestorageid: 601
access-control-allow-origin: *
cf-polished: origSize=593
cdn-cachedat: 2021-08-03 01:11:10
cdn-pullzone: 419676
cf-bgj: minify
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires: Thu, 02 Sep 2021 23:11:10 GMT
last-modified: Wed, 15 Nov 2017 09:57:32 GMT
server: BunnyCDN-DE1-601
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2678400
cdn-uid: 5aae3959-a123-4877-a9c8-a7b3eb94fb05
cdn-requestid: 0a50bd3f652afea00854c7eda87c416e
cf-ray: 678afbd9cb47faea-DUS
cdn-requestcountrycode: FR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 minibrand.png
mellowads.b-cdn.net/img/ Frame 96FC 880 B
1 KB 120ms
37ms Image
image/png 185.59.220.193
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mellowads.b-cdn.net/img/minibrand.png
Requested by: Host: mellowads.com
URL: https://mellowads.com/view/DAEAF3B21142
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.193 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-601.bunnyinfra.net
Software: BunnyCDN-DE1-601 /
Resource Hash: 2e14c1a668a02a6e7d92ccef711b8ecb2d73523c4c2f41f6ec4218da1953c0f0

Request headers

Referer: https://mellowads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:33 GMT
cf-cache-status: HIT
cdn-edgestorageid: 756
age: 393984
cf-polished: status=not_needed
cdn-cachedat: 2021-08-12 13:48:34
cdn-pullzone: 419676
cf-bgj: imgq:100,h2pri
content-length: 880
last-modified: Wed, 15 Nov 2017 09:57:38 GMT
server: BunnyCDN-DE1-601
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cdn-cache: HIT
expires: Sun, 12 Sep 2021 11:48:34 GMT
cache-control: public, max-age=2678400
cdn-uid: 5aae3959-a123-4877-a9c8-a7b3eb94fb05
cdn-requestid: a855cf2d0656166c30f37ca6d9ac2f5d
accept-ranges: bytes
cf-ray: 67d979b5bed32187-DUS
cdn-requestcountrycode: FR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 CACB3CB80637.gif
mellowads.b-cdn.net/ads/ Frame 96FC 65 KB
65 KB 145ms
62ms Image
image/gif 185.59.220.193
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mellowads.b-cdn.net/ads/CACB3CB80637.gif
Requested by: Host: mellowads.com
URL: https://mellowads.com/view/DAEAF3B21142
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.193 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-601.bunnyinfra.net
Software: BunnyCDN-DE1-601 /
Resource Hash: 1fa232a21d87a8f414d57819642249d553cb2067cf6e182fe6e251933cf23b38

Request headers

Referer: https://mellowads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:33 GMT
cf-cache-status: HIT
cdn-edgestorageid: 723
age: 224456
cf-polished: status=not_needed
cdn-cachedat: 2021-07-24 16:48:44
cdn-pullzone: 419676
cf-bgj: imgq:100,h2pri
content-length: 66166
last-modified: Wed, 20 May 2020 12:13:46 GMT
server: BunnyCDN-DE1-601
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cdn-cache: HIT
expires: Tue, 24 Aug 2021 14:48:44 GMT
cache-control: public, max-age=2678400
cdn-uid: 5aae3959-a123-4877-a9c8-a7b3eb94fb05
cdn-requestid: 05a1f002ad8b5fab07ddec6f14f31b6c
accept-ranges: bytes
cf-ray: 673df380cd952169-DUS
cdn-requestcountrycode: FR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 /
cdn.bmcdn1.com/pv/5dde60e0f918d6e313220b1f/ Frame BD84 35 B
322 B 103ms
102ms Image
image/gif 2606:4700:20::681a:5b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bmcdn1.com/pv/5dde60e0f918d6e313220b1f/?source=https%3A%2F%2Ffreelitecoin.vip%2Fads%2Fad.php%3Fsize%3D728x90&ref=https%3A%2F%2Ffreebitcoin.vip%2F&ent=&we=0&fid=8ba59ead797a3c2568f9b14f0043812d&fidnoua=9941766d580b9154eca1e6e24bbf3889&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F92.0.4515.159%20Safari%2F537.36&sig=0x00000&blocksubid=0&impid=0e61a228556609869f2abf949b59923f
Requested by: Host: autoclaim.site
URL: https://autoclaim.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://freelitecoin.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ftTvd%2B%2FarVKs0wdJhEqlJthXiXy%2FLz1ETFrHU7Bv9rFDkyPgP8QyqJTMV1GI8ZuqtnermoYtRfOD1XqxJNaOroAz%2BmpzbCxDhwuaw1G%2FcnHycPhtqnmRCSfLZI6V2dC8NHJYdavFPE0iis6j"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cf-ray: 6839a25f3c1b4ec8-FRA
content-length: 35

GET
H2 200 5ddedb0df918d6723b22331a
cdn.bmcdn1.com/pb/5dde60e0f918d6e313220b1f/ Frame BD84 0
286 B 99ms
98ms Image
text/plain 2606:4700:20::681a:5b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bmcdn1.com/pb/5dde60e0f918d6e313220b1f/5ddedb0df918d6723b22331a?type=iframe&fid=8ba59ead797a3c2568f9b14f0043812d&fidnoua=9941766d580b9154eca1e6e24bbf3889&ref=https%3A%2F%2Ffreebitcoin.vip%2F&impid=0e61a228556609869f2abf949b59923f
Requested by: Host: autoclaim.site
URL: https://autoclaim.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://freelitecoin.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=McrTk4q%2FM58gI%2Bi5H%2FrkX9%2B81FRW9yT%2F5fDOokruLaK8CuyMtJK9THH2nkLE4vjuziyM2uKgPsj7dMdPoi08h6M%2FuJjUpaMdf0CMh5EXZ2bySGuwZrlQSnj%2FmBE0Q1Lj3K3P9%2Flpa62EqWlS"}],"group":"cf-nel","max_age":604800}
cf-ray: 6839a25f3c1f4ec8-FRA
content-length: 0

GET
H2 200 morgana.png
refpazkjixes.top/img/AdAgent_19/7d358a7a-54da-4e14-adf1-c0cf5a658c23/images/ Frame 92BA 21 KB
21 KB 45ms
45ms Image
image/png 45.150.232.24
MELBICOM-EU-AS Me...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refpazkjixes.top/img/AdAgent_19/7d358a7a-54da-4e14-adf1-c0cf5a658c23/images/morgana.png

Requested by

Host: autoclaim.site
URL: https://autoclaim.site/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.150.232.24 Amsterdam, Netherlands, ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT),

Reverse DNS

Software

nginx /

Resource Hash

4ef6a2a8352d9fdd0c3d4e4965efa38b080cab903e894b86dc1fc6411380ca58

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://refpazkjixes.top/img/AdAgent_19/7d358a7a-54da-4e14-adf1-c0cf5a658c23/index.html?dataUrl=https://refpazkjixes.top%2fC%3ftag%3db_915181m_44611c_%26site%3d915181%26ad%3d44611%26urlred%3dhttp%253A%252F%252Fbitredirixe.top%252Fslots%252F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:33 GMT
last-modified: Tue, 23 Mar 2021 14:06:28 GMT
server: nginx
etag: "0aadb7ed1fd71:0"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 21177

GET
H2 200 one.png
refpazkjixes.top/img/AdAgent_19/7d358a7a-54da-4e14-adf1-c0cf5a658c23/images/ Frame 92BA 376 B
591 B 40ms
40ms Image
image/png 45.150.232.24
MELBICOM-EU-AS Me...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refpazkjixes.top/img/AdAgent_19/7d358a7a-54da-4e14-adf1-c0cf5a658c23/images/one.png

Requested by

Host: autoclaim.site
URL: https://autoclaim.site/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.150.232.24 Amsterdam, Netherlands, ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT),

Reverse DNS

Software

nginx /

Resource Hash

72d21bebd0dc7761ed9918da7881c75a35e5f924a2126b563b5d0b1c8336af30

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://refpazkjixes.top/img/AdAgent_19/7d358a7a-54da-4e14-adf1-c0cf5a658c23/index.html?dataUrl=https://refpazkjixes.top%2fC%3ftag%3db_915181m_44611c_%26site%3d915181%26ad%3d44611%26urlred%3dhttp%253A%252F%252Fbitredirixe.top%252Fslots%252F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:33 GMT
last-modified: Tue, 23 Mar 2021 14:06:28 GMT
server: nginx
etag: "0aadb7ed1fd71:0"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 376

GET
H2 200 widget.css
static.arc.io/widget/css/ Frame 18FA 84 KB
7 KB 33ms
33ms Stylesheet
text/css 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/css/widget.css?f3c7172
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?e17fd9c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-70.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 25a179ad46517ab44710bf38b5975a1a64f3f9a232e0a08b19035d7442bff99f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 03:39:14 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 87260
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 03:37:39 GMT
server: AmazonS3
etag: W/"0c33782016ee5f3486237016152534e3"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: text/css
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: UNb-G_Y9hpzbab0Mht4qCqcDuXhFkUnmN2p5xznJlmUYAUPcvN5ylg==

GET
H2 200 normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/ Frame 18FA 2 KB
1021 B 11ms
11ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css

Requested by

Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?e17fd9c0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4535735
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 631
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f2b-732"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2Fn%2FXCuZwnOvUUKp%2FrOTpz5tsw9VOHFvzr0oA22LExck7aQFDzrB%2BJkSLjoSY5q6AB9suJQYQoB1%2Bi3QOvYWqKfKpXMhgbpqw2HzoKXW8Uue8mhZBZtFuY6iMJdFnHgBZSN0O4A64Vzt5NFpSP6YoyHM"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6839a2603d6c4aa4-FRA
expires: Sun, 14 Aug 2022 03:53:33 GMT

GET
H2 200 widget.css
static.arc.io/widget/css/ Frame 60E0 84 KB
7 KB 33ms
33ms Stylesheet
text/css 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/css/widget.css?f3c7172
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?e17fd9c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-70.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 25a179ad46517ab44710bf38b5975a1a64f3f9a232e0a08b19035d7442bff99f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 03:39:14 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 87260
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 03:37:39 GMT
server: AmazonS3
etag: W/"0c33782016ee5f3486237016152534e3"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: text/css
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: zgrtmtGXUV9EjObEIBx3F4cufbi9D20DQVFqa50gmx7edrQk37DpTQ==

GET
H2 200 normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/ Frame 60E0 2 KB
925 B 12ms
11ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css

Requested by

Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?e17fd9c0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4535735
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 631
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f2b-732"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FO7J3HT8aM13G4IwmCVvyohTgpLWGT1xf2Cjka2weMgdjuVUVnJzorHK1BxjpCgK9Q1SGQ88oI1vmN4JGBXUGytU71vDxph48eYGbae7koGhBKBJe%2F%2Fdl8S99gMLPJdIoYXOyskbPdIo%2BOBX3gtVapBy"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6839a2603d704aa4-FRA
expires: Sun, 14 Aug 2022 03:53:33 GMT

GET
DATA 200
OK truncated
/ Frame 18FA 411 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 60E0 411 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 60E0 277 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb2b1971e54b31144a8794057598aba69ebe1d416c8c75d3a142942917f5e58b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 60E0 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19311967464cd6447bb7fba382aa67939dcca903a56f1ac925ac2a80ff33642e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 60E0 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b08cb6068e70fb67de0576ef27d427a403e1f0055777b7fc5d736963e6c1ea6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 60E0 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35e8d96d42f0ffa258060a98b45f013829bc57b3ae7be71c9f54c037b6e0e707

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 60E0 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb1d7b6144bde90327cd64b86e7742a9b11a3b2b3658d71dd80115195ff2debb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 60E0 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8fe9d28d12e8c33e9f1d5ab109c2570547ee6648ca11fdd79b7523c6d2e2f6a2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 / Show response
cdn.bmcdn1.com/p/5ddedb0df918d6723b22331a/ Frame 4E94 1 KB
1 KB 126ms
125ms Document
text/html 2606:4700:20::681a:5b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bmcdn1.com/p/5ddedb0df918d6723b22331a/?source=https%3A%2F%2Ffreelitecoin.vip%2Fads%2Fad.php%3Fsize%3D728x90&ref=https%3A%2F%2Ffreebitcoin.vip%2F&ent=&we=0&fid=8ba59ead797a3c2568f9b14f0043812d&fidnoua=9941766d580b9154eca1e6e24bbf3889&impid=0e61a228556609869f2abf949b59923f&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F92.0.4515.159%20Safari%2F537.36&sig=0x00000&blocksubid=0
Requested by: Host: cdn.bmcdn1.com
URL: https://cdn.bmcdn1.com/js/5ddedb0df918d6723b22331a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88c03725f0bcd50965ee334d6ed907b5b4d080a0d5b659272d99e08169b13140

Request headers

:method: GET
:authority: cdn.bmcdn1.com
:scheme: https
:path: /p/5ddedb0df918d6723b22331a/?source=https%3A%2F%2Ffreelitecoin.vip%2Fads%2Fad.php%3Fsize%3D728x90&ref=https%3A%2F%2Ffreebitcoin.vip%2F&ent=&we=0&fid=8ba59ead797a3c2568f9b14f0043812d&fidnoua=9941766d580b9154eca1e6e24bbf3889&impid=0e61a228556609869f2abf949b59923f&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F92.0.4515.159%20Safari%2F537.36&sig=0x00000&blocksubid=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://freelitecoin.vip/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://freelitecoin.vip/

Response headers

date: Tue, 24 Aug 2021 03:53:34 GMT
content-type: text/html
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CsaaTThIkJkcgYwZ3ycSJVPnJrgbT50681eEcFUT3ZFjk%2BrplkwRWlYvRsP0cMZFUyJ4zuPyAZMu21ulTlLNfn5XHveCXj0JLiTa6NRy661B8RedHdj977OibOgcAdCW1NdZEpiIQJIzwBdf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6839a263e8844ec8-FRA
content-encoding: br

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ Frame 4E94 887 B
681 B 17ms
16ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?render=6LdV3HgUAAAAACYiz5ZDTI3X6PRiwnqmJPNrXNpG

Requested by

Host: cdn.bmcdn1.com
URL: https://cdn.bmcdn1.com/p/5ddedb0df918d6723b22331a/?source=https%3A%2F%2Ffreelitecoin.vip%2Fads%2Fad.php%3Fsize%3D728x90&ref=https%3A%2F%2Ffreebitcoin.vip%2F&ent=&we=0&fid=8ba59ead797a3c2568f9b14f0043812d&fidnoua=9941766d580b9154eca1e6e24bbf3889&impid=0e61a228556609869f2abf949b59923f&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F92.0.4515.159%20Safari%2F537.36&sig=0x00000&blocksubid=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4f563023046f7db91d19d52e0ef1e7c080d79f06fbc91f6af93535ba40cdb78b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.bmcdn1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 589
x-xss-protection: 1; mode=block
expires: Tue, 24 Aug 2021 03:53:34 GMT

GET
H2 200 grecaptcha.js Show response
static.bmcdn1.com/js/ Frame 4E94 1 KB
875 B 15ms
13ms Script
application/javascript 2606:4700:20::681a:5b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.bmcdn1.com/js/grecaptcha.js?v=v1.24.0
Requested by: Host: cdn.bmcdn1.com
URL: https://cdn.bmcdn1.com/p/5ddedb0df918d6723b22331a/?source=https%3A%2F%2Ffreelitecoin.vip%2Fads%2Fad.php%3Fsize%3D728x90&ref=https%3A%2F%2Ffreebitcoin.vip%2F&ent=&we=0&fid=8ba59ead797a3c2568f9b14f0043812d&fidnoua=9941766d580b9154eca1e6e24bbf3889&impid=0e61a228556609869f2abf949b59923f&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F92.0.4515.159%20Safari%2F537.36&sig=0x00000&blocksubid=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbfbfbd6dd6c5235592a2758e9e25d14b2bf0c92c466f6fb99f647a9190696d4

Request headers

Referer: https://cdn.bmcdn1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Dec 2020 14:22:14 GMT
server: cloudflare
age: 4484
etag: W/"5fd38096-4d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=49JT7nhAhfuj7zBZS%2FF9tVYMNtfADiT%2BXkOt22RwWm7pXbvHJAEZAQ383CYf8LIcAY3vNVOfTb06CtY91zhl8wruIZcv7BS289wxSE%2FG4PNqW%2FcsgbRLjgmEbXXNgtDmL7bL6ImbxbP0ja3Bq0nI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6839a264b9294ec8-FRA

GET
H2 200 basic.css
static.bmcdn1.com/css/ Frame 4E94 2 KB
790 B 16ms
14ms Stylesheet
text/css 2606:4700:20::681a:5b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.bmcdn1.com/css/basic.css?v=v1.24.0
Requested by: Host: cdn.bmcdn1.com
URL: https://cdn.bmcdn1.com/p/5ddedb0df918d6723b22331a/?source=https%3A%2F%2Ffreelitecoin.vip%2Fads%2Fad.php%3Fsize%3D728x90&ref=https%3A%2F%2Ffreebitcoin.vip%2F&ent=&we=0&fid=8ba59ead797a3c2568f9b14f0043812d&fidnoua=9941766d580b9154eca1e6e24bbf3889&impid=0e61a228556609869f2abf949b59923f&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F92.0.4515.159%20Safari%2F537.36&sig=0x00000&blocksubid=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31b433ff737eab9512e7bb0bfb44619768f6b9590f5cc36d78fd03a147dd9582

Request headers

Referer: https://cdn.bmcdn1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 10 Dec 2020 17:46:14 GMT
server: cloudflare
age: 4555
etag: W/"5fd25ee6-6c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B4j9OLMg2G8yQwYlTgGRN%2FyDDMa20dOzu24%2FElXEOTrTFpSGYXEe7lsvnpqEjiUd%2FPvHWBMQx%2BblqRD4RIDRbZNc9V3ujipq1D1OXnQ7025NnIKDrMvzGmVNfFPIEtCHNsERf%2F90adcjgCfItyp0"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6839a264b9284ec8-FRA

GET
H2 200 img.css
static.bmcdn1.com/css/ Frame 4E94 401 B
549 B 14ms
13ms Stylesheet
text/css 2606:4700:20::681a:5b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.bmcdn1.com/css/img.css?v=v1.24.0
Requested by: Host: cdn.bmcdn1.com
URL: https://cdn.bmcdn1.com/p/5ddedb0df918d6723b22331a/?source=https%3A%2F%2Ffreelitecoin.vip%2Fads%2Fad.php%3Fsize%3D728x90&ref=https%3A%2F%2Ffreebitcoin.vip%2F&ent=&we=0&fid=8ba59ead797a3c2568f9b14f0043812d&fidnoua=9941766d580b9154eca1e6e24bbf3889&impid=0e61a228556609869f2abf949b59923f&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F92.0.4515.159%20Safari%2F537.36&sig=0x00000&blocksubid=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a35210cbca0e6febd9e208d1aedcde494c3320f8d849521d4e77d38e04675e72

Request headers

Referer: https://cdn.bmcdn1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Nov 2020 15:55:58 GMT
server: cloudflare
age: 4555
etag: W/"5fa17d8e-191"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e8AWNXDTFJ7XM%2BL%2BOORWA%2B1MAiXnt33IwyEx3bst5S4oO%2FK3Mu%2Bgp45A5VqlNGTQtLJwv6XkV8EWFs2952iI%2BVUwgSwBwXgEnDrDBDq6rzob03kQb3fy7HWY0WqxNPTopOA89GlFmWIfzvENaK83"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6839a264b9274ec8-FRA

GET
H2 200 d4be3d60-a113-11eb-a797-efdfffa889382d921356-9364-44ab-bf7b-93a7033f1d36.png
media.bmcdn1.com/static/ Frame 4E94 53 KB
53 KB 20ms
12ms Image
image/png 2606:4700:20::681a:5b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.bmcdn1.com/static/d4be3d60-a113-11eb-a797-efdfffa889382d921356-9364-44ab-bf7b-93a7033f1d36.png
Requested by: Host: cdn.bmcdn1.com
URL: https://cdn.bmcdn1.com/p/5ddedb0df918d6723b22331a/?source=https%3A%2F%2Ffreelitecoin.vip%2Fads%2Fad.php%3Fsize%3D728x90&ref=https%3A%2F%2Ffreebitcoin.vip%2F&ent=&we=0&fid=8ba59ead797a3c2568f9b14f0043812d&fidnoua=9941766d580b9154eca1e6e24bbf3889&impid=0e61a228556609869f2abf949b59923f&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F92.0.4515.159%20Safari%2F537.36&sig=0x00000&blocksubid=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52154babc2bc8a3aa56b8a58f409a604ec49b2b5d0c0facc48a9816238ed62a5

Request headers

Referer: https://cdn.bmcdn1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:34 GMT
cf-cache-status: HIT
last-modified: Mon, 19 Apr 2021 13:33:31 GMT
server: cloudflare
age: 3202
etag: "607d86ab-d3de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MCwsPFOrp%2FdLUJ%2Bk8STgjpulLLjgoQD3DNUtZiu0LiwI%2B28fSNqWjInz83hlgt8rm0lFU2A%2B93Ek8FnhoTTnILX01TnceFLMsDa4pIn0Q9zwufijgvf1MM4NeGuivyDRs2tSxDY9aqz%2B01pyo2c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6839a264e9504ec8-FRA
content-length: 54238

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/ Frame 4E94 340 KB
132 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__en.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?render=6LdV3HgUAAAAACYiz5ZDTI3X6PRiwnqmJPNrXNpG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b168b017f9db602024341f3e4fce6b102b26e59a60f2ee8f6083b86f83e58c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://cdn.bmcdn1.com
Referer: https://cdn.bmcdn1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 17:27:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37535
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135293
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 04:14:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 Aug 2022 17:27:59 GMT

GET
H2 200 new_bm_logo_v2.svg
static.bmcdn1.com/img/ Frame 4E94 675 B
729 B 13ms
12ms Image
image/svg+xml 2606:4700:20::681a:5b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bmcdn1.com/img/new_bm_logo_v2.svg
Requested by: Host: static.bmcdn1.com
URL: https://static.bmcdn1.com/css/basic.css?v=v1.24.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5dad722ce42464ca6eeba6979cce9e699d33df3024b38282f34f104c123f6b9

Request headers

Referer: https://static.bmcdn1.com/css/basic.css?v=v1.24.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 17 Jan 2019 10:06:54 GMT
server: cloudflare
age: 6598
etag: W/"5c4053be-2a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3z1p4%2FN%2BJ9l2MSAaYKpH9hXP2aKFp4ZvQboe0UUxXhGgbVFY4%2BbeGAOxbAO0Ty0%2BDO3bEJ4D4IgmmOFj6b5FJEnA2uQCTjM1%2Be9ufK8gNSYcBL9FUscyFzoXf%2FvHnQrtKRsUgWgWO%2FaTo8Jg0Xif"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6839a264d9494ec8-FRA

GET
H2 200 by_bm_v2.svg
static.bmcdn1.com/img/ Frame 4E94 4 KB
2 KB 18ms
18ms Image
image/svg+xml 2606:4700:20::681a:5b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bmcdn1.com/img/by_bm_v2.svg
Requested by: Host: static.bmcdn1.com
URL: https://static.bmcdn1.com/css/basic.css?v=v1.24.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13709341c595645bf12fce15afd2d622beb3bfbc018d872d117432c87bf3f95b

Request headers

Referer: https://static.bmcdn1.com/css/basic.css?v=v1.24.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Oct 2020 11:45:28 GMT
server: cloudflare
age: 4548
etag: W/"5f883658-e03"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BSf9u2v2UKmBtj9VVB%2BQN9hoFvdrwgf%2BW%2Bgq2QS2l82IseLBMPtSma1QDUGr0EihW%2FMRObXBCdmsE9fsF0hXgfVbQ7Cuvej%2F27ZDO8MsIPr0PulrBnEVx7gPqb2JrxOsWoYvok6Ujor0UL2tqj8I"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6839a264d94a4ec8-FRA

GET
H2 200 choice_v2.svg
static.bmcdn1.com/img/ Frame 4E94 351 B
682 B 15ms
15ms Image
image/svg+xml 2606:4700:20::681a:5b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bmcdn1.com/img/choice_v2.svg
Requested by: Host: static.bmcdn1.com
URL: https://static.bmcdn1.com/css/basic.css?v=v1.24.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06bc03e4f5a5277ac8d3d697b8dee3a3cfdf698b96a7ebe6d1027fe0e01ec199

Request headers

Referer: https://static.bmcdn1.com/css/basic.css?v=v1.24.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Oct 2020 11:44:30 GMT
server: cloudflare
age: 3572
etag: W/"5f88361e-15f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qEcHk8ZH147l3nbWFIWTQN5%2BQHQZ%2F8aGOGuhnym2B2NgCt8UqWGpd6IJZegOOIogGcwLz2iRgyMHaTBKPLGcXVSwaUfFGA2x5ZLHhUu%2Fo3XGochPDfvLVRlUam2r8otnhpEtXWIR6hJh1U4fvBL5"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6839a264d94b4ec8-FRA

GET
H2 200 choices_v2.svg
static.bmcdn1.com/img/ Frame 4E94 2 KB
1 KB 19ms
18ms Image
image/svg+xml 2606:4700:20::681a:5b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bmcdn1.com/img/choices_v2.svg
Requested by: Host: static.bmcdn1.com
URL: https://static.bmcdn1.com/css/basic.css?v=v1.24.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 967af3993132271f062ec7da3ac3ed4290536b65bac071c7c30f7ae3ff83ac48

Request headers

Referer: https://static.bmcdn1.com/css/basic.css?v=v1.24.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Oct 2020 11:45:54 GMT
server: cloudflare
age: 4553
etag: W/"5f883672-892"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IxpDMfZUYmgy9jjNiLcDl0mWKtq%2Bbl%2BReNIgU0mADVvj75tRMubYpqYIn95TazgN%2Bvvfv8vMrapIE3KSYWfe%2BjsRmJ7tBKSyeYWG6CNKx2LJrzdQMQ4Ms6vNsABzwCHmJAYwj7pcUdmfZBLN39Yd"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6839a264d94d4ec8-FRA

GET
H3-29 200 anchor Show response
www.recaptcha.net/recaptcha/api2/ Frame BB87 39 KB
20 KB 30ms
30ms Document
text/html 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdV3HgUAAAAACYiz5ZDTI3X6PRiwnqmJPNrXNpG&co=aHR0cHM6Ly9jZG4uYm1jZG4xLmNvbTo0NDM.&hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=invisible&cb=qpjuuwbbvecr

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c589cda847f444082ecd001ea6c9969b56cfb5de8fc598b15f72bb5c51a451c3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-q78E2qQyrArO0NNRoBjwww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.recaptcha.net
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LdV3HgUAAAAACYiz5ZDTI3X6PRiwnqmJPNrXNpG&co=aHR0cHM6Ly9jZG4uYm1jZG4xLmNvbTo0NDM.&hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=invisible&cb=qpjuuwbbvecr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.bmcdn1.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://cdn.bmcdn1.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 24 Aug 2021 03:53:34 GMT
content-security-policy: script-src 'report-sample' 'nonce-q78E2qQyrArO0NNRoBjwww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20092
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/ Frame BB87 52 KB
25 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/styles__ltr.css

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdV3HgUAAAAACYiz5ZDTI3X6PRiwnqmJPNrXNpG&co=aHR0cHM6Ly9jZG4uYm1jZG4xLmNvbTo0NDM.&hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=invisible&cb=qpjuuwbbvecr

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 15:55:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 04:14:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 Aug 2022 15:55:36 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/ Frame BB87 340 KB
132 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__en.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b168b017f9db602024341f3e4fce6b102b26e59a60f2ee8f6083b86f83e58c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 17:27:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37535
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135293
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 04:14:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 Aug 2022 17:27:59 GMT

GET
H3-29 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame BB87 2 KB
2 KB 9ms
7ms Image
image/png 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 23:34:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 15569
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
expires: Mon, 30 Aug 2021 23:34:05 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BB87 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.recaptcha.net
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 21:27:21 GMT
x-content-type-options: nosniff
age: 23173
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Aug 2022 21:27:21 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BB87 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.recaptcha.net
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 14:26:18 GMT
x-content-type-options: nosniff
age: 566836
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 14:26:18 GMT

GET
H3-29 200 webworker.js
www.recaptcha.net/recaptcha/api2/ Frame BB87 102 B
132 B 20ms
19ms Other
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

718c7e416390d518d57d2da05f6957956b1b2e2a829522f3bcc6fa46972da72c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdV3HgUAAAAACYiz5ZDTI3X6PRiwnqmJPNrXNpG&co=aHR0cHM6Ly9jZG4uYm1jZG4xLmNvbTo0NDM.&hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=invisible&cb=qpjuuwbbvecr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:53:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 24 Aug 2021 03:53:34 GMT

POST
H3-29 200 reload Show response
www.recaptcha.net/recaptcha/api2/ Frame BB87 29 KB
16 KB 45ms
44ms XHR
application/json 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/reload?k=6LdV3HgUAAAAACYiz5ZDTI3X6PRiwnqmJPNrXNpG

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b02f601dca6cdd87ee32ac45ec658435baadb1a862dfcae014b6a32ff7e5963b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdV3HgUAAAAACYiz5ZDTI3X6PRiwnqmJPNrXNpG&co=aHR0cHM6Ly9jZG4uYm1jZG4xLmNvbTo0NDM.&hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=invisible&cb=qpjuuwbbvecr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Tue, 24 Aug 2021 03:53:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16375
x-xss-protection: 1; mode=block
expires: Tue, 24 Aug 2021 03:53:34 GMT

GET
H2 200 /
cdn.bmcdn1.com/reconfirm/ Frame BD84 35 B
353 B 126ms
125ms Image
image/gif 2606:4700:20::681a:5b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bmcdn1.com/reconfirm/?clickid=cf8c1593-b81b-4d1b-9722-117d0f7579d2&token=03AGdBq26xRoHjB6_QPKegGADpy93qRYPbws86rE1rR5pG-tDA_tDDdyUaVLu_y7VXu43IjDeqFD3gNObxcGE6kd8KhnO0fka-WsmTMubkDXwHDcmC40VOqwI85WYcu9x846tEH4LS5QNM-_PPGqyzXhRkOa_rwXzdnj-qNYIqzWukjWlqnBv9ghCS7LL0axrtI44ic_BGUKx1QyLXxfAxjiDM-8FAxVw4_jKx288bT_6QbcpqkC8iLGjnrUNq46Hm3D1sDJDtzVEXpjK5DTawv_uAuxfikZBJmRtvKI0M9fkjoOBh8FsisUv2eGYb8rVTZt6V8PyGEMF7miqDOrIfjb3WTvW5hja5kkE6bYzlgTFtDjrPDesMonMZYHSx0eRd9QklqQgiwqO9wgoZmLYGwTRa1q6cYQ0Vy6qhZXT4JvjlzTO8NdYPKWIVmEpssRzC-r-93SyA7NDmfdAFhBuJgPBuoQThuZaPzQ&fid=8ba59ead797a3c2568f9b14f0043812d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://freelitecoin.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Aug 2021 03:53:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N3m%2FlSw4E2YaeOMEenfgWBdG3hJC0IdOT%2FsZjF5LFU%2FlLYdK0aaUZ7N7xVtQ1z8fXlpwk6bDKQHRoNS8ThkIkqlq7Y6QChs9vDwsLjbaKQJYg5MCuXCEJVm4%2BF490inPLgc7u3NRPlGSU2od"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 6839a267dc234ec8-FRA
content-length: 35

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: autoclaim.site
URL: http://autoclaim.site/404

Domain: autoclaim.site
URL: https://autoclaim.site/js/alert.js

Domain: autoclaim.site
URL: http://autoclaim.site/404

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.freelitecoin.vip/	1970-01-19 20:42:59	Name: __cf_bm Value: 0393023e19e63e59225f83d3e74dff34a58d23d1-1629777213-1800-AcedgJCX18Mw/1VIL6jFFr73haaFFq26Iy3m7x9nF29JIH4gh8IVPbakKJBQjBWUWAvVmk1V+kGsmmcs0uYRjLLG2fXGXe3M6d+Rqpk7Z0rHrMcgEwmhX51pTtRJ/eMChAgwgNraRCXGfcVGB/wC8eA=
			core.arc.io/	1970-01-20 05:28:33	Name: _immortal\|Arc_nodeId Value: QNKmYCENbMSEg6KctLfRm3

19 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://autoclaim.site/js/adblock.js(Line 50) Message: [BlockAdBlock][setOption] The option "debug" he was assigned to "true"
console-api	log	URL: https://autoclaim.site/js/adblock.js(Line 50) Message: [BlockAdBlock][on] A type of event "detected" was added
console-api	log	URL: https://autoclaim.site/js/adblock.js(Line 50) Message: [BlockAdBlock][on] A type of event "notDetected" was added
console-api	warning	URL: https://static.arc.io/widget/js/core.js?f3c7172(Line 30) Message: Failed to install Arc's Service Worker. For installation help, see https://portal.arc.io/installation. Service Worker documentation: https://developer.mozilla.org/en-US/docs/Web/API/Service_Worker_API/Using_Service_Workers#Why_is_my_service_worker_failing_to_register. TypeError Cannot read property 'removeItem' of null
console-api	log	URL: https://autoclaim.site/js/adblock.js(Line 50) Message: [BlockAdBlock][onload->eventCallback] A check loading is launched
console-api	log	URL: https://autoclaim.site/js/adblock.js(Line 50) Message: [BlockAdBlock][_creatBait] Bait has been created
console-api	log	URL: https://static.arc.io/widget/js/widget-ui.js?e17fd9c0(Line 1) Message: Vue global error handler TypeError: Cannot convert undefined or null to object [object Object] mounted hook (Promise/async)
console-api	log	URL: https://autoclaim.site/js/adblock.js(Line 50) Message: [BlockAdBlock][check] An audit was requested with a loop
console-api	log	URL: https://autoclaim.site/js/adblock.js(Line 50) Message: [BlockAdBlock][check] A check is in progress ...
console-api	log	URL: https://autoclaim.site/js/adblock.js(Line 50) Message: [BlockAdBlock][_checkBait] A check (1/5 ~1ms) was conducted and detection is negative
console-api	log	URL: https://autoclaim.site/js/adblock.js(Line 50) Message: [BlockAdBlock][_checkBait] A check (2/5 ~51ms) was conducted and detection is negative
console-api	log	URL: https://autoclaim.site/js/adblock.js(Line 50) Message: [BlockAdBlock][_checkBait] A check (3/5 ~101ms) was conducted and detection is negative
console-api	log	URL: https://autoclaim.site/js/adblock.js(Line 50) Message: [BlockAdBlock][_checkBait] A check (4/5 ~151ms) was conducted and detection is negative
console-api	log	URL: https://autoclaim.site/js/adblock.js(Line 50) Message: [BlockAdBlock][_checkBait] A check (5/5 ~201ms) was conducted and detection is negative
console-api	log	URL: https://autoclaim.site/js/adblock.js(Line 50) Message: [BlockAdBlock][_stopLoop] A loop has been stopped
console-api	log	URL: https://autoclaim.site/js/adblock.js(Line 50) Message: [BlockAdBlock][_destroyBait] Bait has been removed
console-api	log	URL: https://autoclaim.site/js/adblock.js(Line 50) Message: [BlockAdBlock][emitEvent] An event with a negative detection was called
console-api	log	URL: https://autoclaim.site/js/adblock.js(Line 50) Message: [BlockAdBlock][emitEvent] Call function 1/1
console-api	log	URL: https://autoclaim.site/js/adblock.js(Line 50) Message: [BlockAdBlock][clearEvent] The event list has been cleared

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.a-ads.com
ajax.googleapis.com
arc.io
autoclaim.site
bin.bnbstatic.com
browser.sentry-cdn.com
cdn.bmcdn1.com
cdnjs.cloudflare.com
coinad.xyz
cookieinfoscript.com
core.arc.io
cryptolatest.news
expresscrypto.io
fonts.googleapis.com
fonts.gstatic.com
freebitcoin.vip
freehostedscripts.net
freelitecoin.vip
ka-f.fontawesome.com
kit.fontawesome.com
media.bmcdn1.com
mellowads.b-cdn.net
mellowads.com
refpa.top
refpazkjixes.top
static.a-ads.com
static.arc.io
static.bmcdn1.com
www.gstatic.com
www.recaptcha.net
autoclaim.site
13.224.102.14
13.224.102.73
136.243.11.250
143.204.98.119
143.204.98.70
144.76.28.254
172.67.189.49
185.59.220.193
2606:4700:20::681a:5b7
2606:4700:20::ac43:4484
2606:4700:3030::6815:5183
2606:4700:3030::ac43:9e20
2606:4700:3031::ac43:992e
2606:4700:3034::6815:8ef
2606:4700:3036::ac43:9848
2606:4700:3037::ac43:8e32
2606:4700::6810:135e
2606:4700::6810:e633
2606:4700::6812:1734
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::200a
2a00:1450:4001:831::2003
2a04:4e42::729
45.150.232.24
66.29.141.56
83.147.204.15
03bf371e3ca4739cfe6bea61f0126b7cbb94e4713e970651f9acd5acb3d9e399
060dd503d6d0621942a0d816f968c8b7d5e89244f1c80a51b059de440a3414f1
065eb3954b9ea8584f535ede5b5c563383c3b40e4e0344f75a02c4bf3200314b
06bc03e4f5a5277ac8d3d697b8dee3a3cfdf698b96a7ebe6d1027fe0e01ec199
076139620d3fbab821402b5c85789c89f4f7c2af4108f365791c9dd57b61a8a5
0ab31a97c236988bb6e415187b2197cdbf689664173015dffd6da8eb96b1626f
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
1059fb792e4bf28255de90d843cc7eac9b42522ec3e3b2b553ea7a07c042ce2e
10d159adb573ca535b8275f1d27dc8d60fffd9678ee3b5f1a0f7b4be4a77342f
13709341c595645bf12fce15afd2d622beb3bfbc018d872d117432c87bf3f95b
16f35061c69aa6ec4053fd017ba8a72d05bdd5137eec4cde6aed95bb3af6e246
19311967464cd6447bb7fba382aa67939dcca903a56f1ac925ac2a80ff33642e
1a40b2c98da195835ff6f823322ce5f1af169fffbd8ffc2ac390b2aaeeec68c9
1b6cfbf9057690d33ef0cc9558f04e1d9c44df4aea350f823c4c3ed2aa89e406
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1fa232a21d87a8f414d57819642249d553cb2067cf6e182fe6e251933cf23b38
204e26ceed9d428095faf4121c5049f1e106116971865681001c2298f7cc5689
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
259c81f75e7c877c3050416e38b7389146c95310f9234582b399c4b11c694a7f
25a179ad46517ab44710bf38b5975a1a64f3f9a232e0a08b19035d7442bff99f
267f86b986829cb9a3c46b9fcdbc56783bb923005ba5ef5b27efce504e72ecfa
272b5e5ebc3c71bb8d6007f8c990e2f5a74c25ab0bc624d49c215cdc14e6dd81
2a3d6c907ce94208068d374cc2e4640e46dbc6caeadfbed97f10d6a93cb0cea4
2b8b894d36c2d240d6b6927d211f791c38c7b714ff685cbf404e34212e5c7da9
2e14c1a668a02a6e7d92ccef711b8ecb2d73523c4c2f41f6ec4218da1953c0f0
2fae605fe8a89c44f7e280ad95dba42fd20b61261cbe81267216a93b413961e3
303efdbe23ca1d49284f639b27a700b3e17cda31859d5ac7e807fb3f17d3115e
3082b0f5d766f08f34a2077d48da01d41c9283376883472fa0965bf1b77283e0
31b433ff737eab9512e7bb0bfb44619768f6b9590f5cc36d78fd03a147dd9582
35e8d96d42f0ffa258060a98b45f013829bc57b3ae7be71c9f54c037b6e0e707
362daeaf1f7e05fee9a609e549f148aacbe518c166fbd96ead69057e295742af
36a88df037dc6c940450a9e251a34c9321d76d894d3d1734ee8cede45028d84c
39be3702a0d494ff8b5aa156339b7fd82358ad35b6a2697f251038316206208a
3a57826dd4437403ec9dffe3d8a907466926d7123e4a765ec724d79ae24e1d54
3b168b017f9db602024341f3e4fce6b102b26e59a60f2ee8f6083b86f83e58c0
3b9d5c4f9aad7b9cf2085a8852e9b4e26eb1983be46f0202ccc92b6c9a86c756
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ea14e481c971f10b980c574ded902d2f5caa7cc15d962f655a24ddfd9cb5527
45344ec706e661760887e42f8797c4dd446805b24657d99318b08d211f2e549b
4ef6a2a8352d9fdd0c3d4e4965efa38b080cab903e894b86dc1fc6411380ca58
4f563023046f7db91d19d52e0ef1e7c080d79f06fbc91f6af93535ba40cdb78b
52154babc2bc8a3aa56b8a58f409a604ec49b2b5d0c0facc48a9816238ed62a5
5666eb1d5d2528f465e66fa691befee1b51c363b209e5c6bb9929e521f02e813
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
59a1460df6cb458204ec993345ff4964fa7e1a77da4ab7137e50fce8434c1d6a
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c7dc92e5b1a4adf323cb96799e3ece32dda84e9f9d4c5ce6e59df7f04723157
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
6253c9db59382467c65f077a53bec1c94deecd9b69689e73df743955babcc77d
6257736b86b5ac1ef264e5cd03b3f4b6d531a481386fdbac3ec3e33b6bad5f38
6526d9f8a9f514c0b7e6928c9fbdf9b802f87b1616bee272d2a8133709d0288c
66eebc0bfc49466af9d45b579a1eb1a5c447e07c0d2c8f1371e1520ae7e1fe22
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b6890f7a15589c6121264c3fe5806b07b51b27ceb71b7a1fa2f4f7b2ba935e5
6e2322bbde367cb7a405392e572a5c6747926c547d313b65b647c4c3591d70a7
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
718c7e416390d518d57d2da05f6957956b1b2e2a829522f3bcc6fa46972da72c
72d21bebd0dc7761ed9918da7881c75a35e5f924a2126b563b5d0b1c8336af30
742086a3fa96d6c0515c0a14758f9dacc3fe1d2178b9dada00371bae533e4a4b
759bcbbf2058d0a33948eab23c35c499523a2d7fe779f3746fc40afe72020e7a
7a21d72f3da7e9d5a18918a6eec681ba746f2c31e1a7fb3802a0365eaa613fbf
7a795658fafa300a20d9ec1ce670f23751632880844f765a4bb191bba512f99d
7ca9ec4b5488e3429ff963775185ef5e26846961df691bbecda8de5b55aab223
8318ebbcb1cb4729eb0f78bb058dc618c3b63f9f9f0070a1a7a3265fdc79b833
83c58816534e3e403d03859d82b1fdbb0577c40f59cdaaba006f6de49c81a99b
8506ee8749b9e99fcc00a8dd148751dc5cfed79b7e377003190f6fa69a00ddad
8557930aab2dd34c2547eff4c8d880d4a2977ee97742c3a248faf9ad2d7ee12a
85ba876179780190c333634b6409a7dce794114f8b3325503443b13def995e24
86a46b0872a3c9f60ebe01d214b10807aca8e33ff5c4ac3aee268b7bcd6ef08d
88c03725f0bcd50965ee334d6ed907b5b4d080a0d5b659272d99e08169b13140
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8fe9d28d12e8c33e9f1d5ab109c2570547ee6648ca11fdd79b7523c6d2e2f6a2
8ff1ba9168acd72b164d43b76293ebc0dd85bb6ead45bc4eafc573cca190987a
900191a443115d8b48a9d68d3062e8b3d7129727951b8617465b485baf253006
92ac0822865b82140275f187dbc1a802b80e6d2c36e39c58b19dd38310b36e2e
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7
967af3993132271f062ec7da3ac3ed4290536b65bac071c7c30f7ae3ff83ac48
96b126417447a9c5d415f06e00e2e6372248c9857f5ff60b6477f8c6f55c449a
996d7e82ac91a22339b0c0ab2cd8b642a76a3c54b555f22678f4c4922f874d1a
9b08cb6068e70fb67de0576ef27d427a403e1f0055777b7fc5d736963e6c1ea6
a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e
a35210cbca0e6febd9e208d1aedcde494c3320f8d849521d4e77d38e04675e72
a66eec3031d524e29e43167bf50bbe373025a9f92bc041bacc859b06ccfb1d94
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
ab678728d50221c34ab637a8db8060f2d87621fced24a19b1f41ee4ca6a3e3ff
ac286a0319809fd30d7fb93d4ae68fad3aca67c3039db3e08faf799d2921845b
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
aff60aab429342ca14acac768a91f1877a51c6e7bf9d96f07f421f26f90bb9d6
b02f601dca6cdd87ee32ac45ec658435baadb1a862dfcae014b6a32ff7e5963b
b04e896be9e7223c4dcde252c5d996e09fe16aaf8d036dbe945226d29eb13964
b1ac2f4467de247dd0fc63152998602035a7ec58baed162296fad2b059a4a6bc
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b5552dc4fcd9717dd52e84906a5fafe2af02d28768feff85b0dd74621f63ca05
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc39faeca56080ddf58d15275b2fe0cfa3bc1ec8afd82508555b25555ec95086
bcc725208dc3c2e0b0c012a0b8b5506158727158b0277a6b2e2b6d9dbc102816
bfdec5e6af736b9e6dd3b40bd508ffd48c802d849d5531c962b38c19568d97ac
c2819ca1f7ad1af7ba53c4edfdfd395c547bcb16d29892a234d7860c689ed929
c2f58cd954dfa4b08214a1cbe0e33d33bd21343aa883662f2f2178e20b0c26a9
c323c06b01df371aca6e4b05568f7010bceeb11464f73abcbc4ab2e1eb4a5598
c3bbce28d032f99fb228d9570593f8c51d5c898d50ad5c214d033c84c22a53c6
c3d97f6528473b11cf17e80e0ee92f1eb59551b0f5b25c60cb483c8593dd259a
c589cda847f444082ecd001ea6c9969b56cfb5de8fc598b15f72bb5c51a451c3
c7715174662fc27c37868ec8a80ab6e58ba9088446e46faec56f0b64487f212c
c9a9a02e63bbf7ff5b0194743ab9de0c78315d3c1d8ef81c42042fa8e2c3d558
cda4b2583ba756c78a0e46d59bca94ab9e4f83538f63a0a066815e6bab3e4aec
cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8
d028792eebba3c8c7ebc259598b11e4ff3b0b61ac478833524d0e48f62f01e64
d5d9c805252fa0bbf1054ce303e51d18933af8abb6a5f4ee01fc436e7ee62387
d5dad722ce42464ca6eeba6979cce9e699d33df3024b38282f34f104c123f6b9
d8527d9e598ecb9b9c13c2d53f859bd83cc1966dadc49c302ec82164ce088b95
d9d74eed9864540a1953d2f6b0de165c9eb36035438828b99e09b6b1595cd333
d9ef3a081d3d350577858992dbaad41f4b64d1eccc1020a3cce729b1aaa3cf30
db38c6a8c5f7a567a809b00ac06e130668df0aadb8191c0667d1e335870ca86a
dbfbfbd6dd6c5235592a2758e9e25d14b2bf0c92c466f6fb99f647a9190696d4
ddc2bf3176d5baae32050259740e7b87a874d51fb3d03bb6e5a8d22af849b369
e2d071c6f9b908e5f7953bd2aec8f7e5501aec6e3b5f2db9e8700f58451b8f4b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d2e5353db7994ccb44b1f3ae7de36649b239f11909966d2af4b2d0e1c8f153
e593e95cfe0f3335088d5643951e90c8b4b3a4dfbe773614bb0070d544edb02e
e8c923f30567dbb2196ebeae312536175302ad890a869ad90467a0f76ef23490
ec7c86dbae825ccc55d9ac56ccb75a8a69f119b4fd206a6667e5febb7daa0e08
ecdd1ff2df99cc01f5b797b59078ad2bcd36ddc1a4f1727189a213257c1067d6
ecf37d788b10e6285d11d57933fec1f3999b4267ae796d57446e23f6368b79f5
ed8325c2420b4c9126d1349e9e0343b3352e352799bb8293377cfb5eb85442f7
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
f10d3f6877677aa36b5055eef0d959ad98c068dde2a1c6521bc6f7662ba30dcb
f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443
f98cfd8031682e7e94e64edfd3f280790195aedb30de7d99a322bafbabc81040
fb1d7b6144bde90327cd64b86e7742a9b11a3b2b3658d71dd80115195ff2debb
fb2b1971e54b31144a8794057598aba69ebe1d416c8c75d3a142942917f5e58b
fb562efb939b9e7454851c32bb14f578d8f9895c7fcc1352ef9b58973735cfb5

autoclaim.site Open in urlscan Pro 66.29.141.56 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

158 Requests

98 %HTTPS

61 %IPv6

22 Domains

30 Subdomains

29 IPs

4 Countries

1984 kBTransfer

4426 kBSize

2 Cookies

6 Outgoing links

Redirected requests

158 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

autoclaim.site Open in urlscan Pro
66.29.141.56 Public Scan

Screenshot
Live screenshot

Full Image

158
Requests

98 %
HTTPS

61 %
IPv6

22
Domains

30
Subdomains

29
IPs

4
Countries

1984 kB
Transfer

4426 kB
Size

2
Cookies

158 HTTP transactions
13 data transactions