www.claimcash.top.cryptospaying.com Open in urlscan Pro
23.111.182.242 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.claimcash.top.cryptospaying.com/
Submission: On August 22 via api (August 22nd 2023, 12:42:08 pm UTC) from US — Scanned from US

Summary HTTP 43 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 17 domains to perform 43 HTTP transactions. The main IP is 23.111.182.242, located in Tampa, United States and belongs to HVC-AS, US. The main domain is www.claimcash.top.cryptospaying.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on July 23rd 2023. Valid for: 3 months.

This is the only time www.claimcash.top.cryptospaying.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	23.111.182.242 23.111.182.242	29802 (HVC-AS) (HVC-AS)
1	142.250.72.106 142.250.72.106	15169 (GOOGLE) (GOOGLE)
1	169.150.236.97 169.150.236.97	60068 (CDN77 ^_^) (CDN77 ^_^)
2	192.243.59.20 192.243.59.20	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	192.243.59.12 192.243.59.12	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	213.174.129.64 213.174.129.64	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	199.241.100.27 199.241.100.27	27589 (MOJOHOST) (MOJOHOST)
1	69.57.162.10 69.57.162.10	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	142.251.40.163 142.251.40.163	15169 (GOOGLE) (GOOGLE)
7	139.45.197.238 139.45.197.238	9002 (RETN-AS) (RETN-AS)
1	162.0.235.250 162.0.235.250	22612 (NAMECHEAP...) (NAMECHEAP-NET)
10	136.243.11.250 136.243.11.250	24940 (HETZNER-AS) (HETZNER-AS)
1	172.67.134.147 172.67.134.147	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	139.45.195.254 139.45.195.254	9002 (RETN-AS) (RETN-AS)
2	139.45.197.151 139.45.197.151	9002 (RETN-AS) (RETN-AS)
2	2606:4700:10:... 2606:4700:10::6816:21ac	() ()
43	18

8 23.111.182.242 (Tampa, United States)

ASN29802 (HVC-AS, US)
PTR: pacific.us.hostns.io

www.claimcash.top.cryptospaying.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
claimcash.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.72.106 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.150.236.97 (Chicago, United States)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-169-150-236-97.datapacket.com

ss.mndsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

pl18979063.highcpmrevenuegate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.profitablecreativeformat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

pl18979039.highcpmrevenuegate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.174.129.64 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

www.ipweb.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.241.100.27 (United States)

ASN27589 (MOJOHOST, US)
PTR: cs2196.mojohost.com

pp.mndsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.57.162.10 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium264-2.web-hosting.com

ayelads.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.163 (Newark, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 139.45.197.238 (United Kingdom)

ASN9002 (RETN-AS, GB)

foomaque.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.0.235.250 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium161-4.web-hosting.com

ayelads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 136.243.11.250 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.250.11.243.136.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.134.147 (United States)

ASN13335 (CLOUDFLARENET, US)

tzegilo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)

fleraprt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.151 (United Kingdom)

ASN9002 (RETN-AS, GB)

static.cdnativepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:21ac (None, )

ASN- ()

offerimage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	a-ads.com ad.a-ads.com — Cisco Umbrella Rank: 31174 static.a-ads.com — Cisco Umbrella Rank: 42489	188 KB
7	foomaque.net foomaque.net	37 KB
7	claimcash.top claimcash.top	88 KB
2	offerimage.com offerimage.com	18 KB
2	cdnativepush.com static.cdnativepush.com — Cisco Umbrella Rank: 31448	5 KB
2	highcpmrevenuegate.com pl18979063.highcpmrevenuegate.com pl18979039.highcpmrevenuegate.com
2	mndsrv.com ss.mndsrv.com — Cisco Umbrella Rank: 148109 pp.mndsrv.com — Cisco Umbrella Rank: 133648	13 KB
1	fleraprt.com fleraprt.com — Cisco Umbrella Rank: 14963	505 B
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 9422	558 B
1	tzegilo.com tzegilo.com — Cisco Umbrella Rank: 16005	7 KB
1	ayelads.com ayelads.com	704 B
1	gstatic.com fonts.gstatic.com	36 KB
1	ayelads.click ayelads.click	1 KB
1	profitablecreativeformat.com www.profitablecreativeformat.com — Cisco Umbrella Rank: 139142
1	ipweb.pro www.ipweb.pro	125 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 73	1 KB
1	cryptospaying.com www.claimcash.top.cryptospaying.com	2 KB
43	17

	Domain	Requested by
7	foomaque.net	www.claimcash.top.cryptospaying.com foomaque.net
7	claimcash.top	www.claimcash.top.cryptospaying.com
5	static.a-ads.com	ad.a-ads.com
5	ad.a-ads.com	ayelads.click
2	offerimage.com	foomaque.net
2	static.cdnativepush.com
1	fleraprt.com	tzegilo.com
1	my.rtmark.net	foomaque.net
1	tzegilo.com	foomaque.net
1	ayelads.com	ayelads.click
1	fonts.gstatic.com	fonts.googleapis.com
1	ayelads.click	www.claimcash.top.cryptospaying.com
1	pp.mndsrv.com	ss.mndsrv.com
1	www.profitablecreativeformat.com	www.claimcash.top.cryptospaying.com
1	www.ipweb.pro	www.claimcash.top.cryptospaying.com
1	pl18979039.highcpmrevenuegate.com	www.claimcash.top.cryptospaying.com
1	pl18979063.highcpmrevenuegate.com	www.claimcash.top.cryptospaying.com
1	ss.mndsrv.com	www.claimcash.top.cryptospaying.com
1	fonts.googleapis.com	www.claimcash.top.cryptospaying.com
1	www.claimcash.top.cryptospaying.com
43	20

This site contains links to these domains. Also see Links.

Domain
www.ipweb.pro

Subject Issuer	Validity	Valid
claimcash.top cPanel, Inc. Certification Authority	`2023-07-23` - `2023-10-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
ss.mndsrv.com R3	`2023-08-07` - `2023-11-05`	3 months	crt.sh
highcpmrevenuegate.com R3	`2023-07-31` - `2023-10-29`	3 months	crt.sh
ipweb.pro R3	`2023-07-12` - `2023-10-10`	3 months	crt.sh
profitablecreativeformat.com R3	`2023-07-31` - `2023-10-29`	3 months	crt.sh
pp.mndsrv.com R3	`2023-07-23` - `2023-10-21`	3 months	crt.sh
ayelads.click Sectigo RSA Domain Validation Secure Server CA	`2022-11-16` - `2023-11-16`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
foomaque.net R3	`2023-07-13` - `2023-10-11`	3 months	crt.sh
ayelads.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-01` - `2023-12-23`	a year	crt.sh
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA	`2022-12-21` - `2024-01-21`	a year	crt.sh
tzegilo.com GTS CA 1P5	`2023-08-07` - `2023-11-05`	3 months	crt.sh
rtmark.net R3	`2023-07-25` - `2023-10-23`	3 months	crt.sh
fleraprt.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-09` - `2024-01-14`	a year	crt.sh
cdnativepush.com R3	`2023-07-14` - `2023-10-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.claimcash.top.cryptospaying.com/
Frame ID: 0691B00F2C7E1DA6F6D3BB86BF8D379A
Requests: 27 HTTP requests in this frame

Frame: https://ayelads.click/display/items.php?ad=bbbTkrk&s=1&h=728x90
Frame ID: C93F7C7DDBC3E8706423D5075F677956
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/2126707?size=728x90
Frame ID: C99109F68FE69626622373F8FB9866D1
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/2126712?size=300x250
Frame ID: 6571D34692B8A4AF04DE2DB96471A175
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/2126713?size=468x60
Frame ID: B41E31982B38AE615E30AC6373E30952
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/2126714?size=160x600
Frame ID: 7BAF53B08F846CE82890DA01E9B669C1
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/2126715?size=320x50
Frame ID: A8E9C5D604D9E7317A62B0A8A7A933BE
Requests: 3 HTTP requests in this frame

Frame: https://static.cdnativepush.com/contents/s/fa/09/c3/d0d05f7d01ec388b4373228077/0377052970676.png
Frame ID: 3BD3B7463C3A141E5E48CD36A7004E70
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MultiCoin Faucet | Claim Cash

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

CodeIgniter (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

43
Requests

98 %
HTTPS

6 %
IPv6

17
Domains

20
Subdomains

18
IPs

3
Countries

523 kB
Transfer

1016 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ipweb.pro/?sadik1233

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.claimcash.top.cryptospaying.com/ 5 KB
2 KB 333ms
100ms Document
text/html 23.111.182.242
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.claimcash.top.cryptospaying.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.111.182.242 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: pacific.us.hostns.io
Software: LiteSpeed / PHP/7.4.33
Resource Hash: 240ddd016a08d5d7b481ca8950aa96aa473c871ec9c7aece6d2c91080c749a6a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-length: 1695
content-type: text/html; charset=UTF-8
date: Tue, 22 Aug 2023 12:41:52 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 all.min.css
claimcash.top/BSassets/vendor/fontawesome-free/css/ 58 KB
12 KB 132ms
52ms Stylesheet
text/css 23.111.182.242
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://claimcash.top/BSassets/vendor/fontawesome-free/css/all.min.css
Requested by: Host: www.claimcash.top.cryptospaying.com
URL: https://www.claimcash.top.cryptospaying.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.111.182.242 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: pacific.us.hostns.io
Software: LiteSpeed /
Resource Hash: d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.claimcash.top.cryptospaying.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 12:41:52 GMT
content-encoding: br
last-modified: Wed, 07 Sep 2022 19:24:25 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 12380
expires: Tue, 29 Aug 2023 12:41:52 GMT

GET
H2 200 css
fonts.googleapis.com/ 23 KB
1 KB 417ms
21ms Stylesheet
text/css 142.250.72.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i

Requested by

Host: www.claimcash.top.cryptospaying.com
URL: https://www.claimcash.top.cryptospaying.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f10.1e100.net

Software

ESF /

Resource Hash

efd15ebba9106e78e5786de7ee546178b97d963a2fc21ea0a65c04fb75fb2b9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.claimcash.top.cryptospaying.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 22 Aug 2023 12:41:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 12:20:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Aug 2023 12:41:53 GMT

GET
H2 200 sb-admin-2.min.css
claimcash.top/BSassets/css/ 167 KB
24 KB 132ms
51ms Stylesheet
text/css 23.111.182.242
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://claimcash.top/BSassets/css/sb-admin-2.min.css
Requested by: Host: www.claimcash.top.cryptospaying.com
URL: https://www.claimcash.top.cryptospaying.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.111.182.242 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: pacific.us.hostns.io
Software: LiteSpeed /
Resource Hash: 0832dfb004cac2772613a5a72a537060557ff5d21857b0d6ece8cc6e8c824157

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.claimcash.top.cryptospaying.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 12:41:52 GMT
content-encoding: br
last-modified: Wed, 07 Sep 2022 19:24:25 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 24620
expires: Tue, 29 Aug 2023 12:41:52 GMT

GET
H2 200 custom.css
claimcash.top/BSassets/css/ 311 B
203 B 132ms
52ms Stylesheet
text/css 23.111.182.242
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://claimcash.top/BSassets/css/custom.css
Requested by: Host: www.claimcash.top.cryptospaying.com
URL: https://www.claimcash.top.cryptospaying.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.111.182.242 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: pacific.us.hostns.io
Software: LiteSpeed /
Resource Hash: 2a600c66ad314ec87a79aa8be19103b39e68d856870161c69d3a160df24f0b6a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.claimcash.top.cryptospaying.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 12:41:52 GMT
content-encoding: br
last-modified: Wed, 07 Sep 2022 19:54:51 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 147
expires: Tue, 29 Aug 2023 12:41:52 GMT

GET
H2 200 7ccf91aa-af78-44cf-b7e8-8229dcf7b18a.js Show response
ss.mndsrv.com/static/ 30 KB
13 KB 492ms
0ms Script
application/javascript 169.150.236.97
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ss.mndsrv.com/static/7ccf91aa-af78-44cf-b7e8-8229dcf7b18a.js
Requested by: Host: www.claimcash.top.cryptospaying.com
URL: https://www.claimcash.top.cryptospaying.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.236.97 Chicago, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-236-97.datapacket.com
Software: BunnyCDN-IL1-1067 /
Resource Hash: 29cae188d1bc9c754eb5454ec14ab15f7dc77f545c2f13ff72cc586923b1f266

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.claimcash.top.cryptospaying.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 12:41:53 GMT
content-encoding: br
cdn-edgestorageid: 1067
cdn-cachedat: 08/22/2023 12:39:20
cdn-pullzone: 1495838
last-modified: Tue, 22 Aug 2023 12:06:38 GMT
server: BunnyCDN-IL1-1067
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"64e4a4ce-7830"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 5ceed8e7-cd08-4fa9-9fd5-2c309512d291
cache-control: public, max-age=86400
cdn-requestid: a192d5a9d988ca94cd6494dc147ef91d
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 403
Forbidden 12eb7e97f361d92f7d97f16da75a7f44.js
pl18979063.highcpmrevenuegate.com/12/eb/7e/ 0
0 103ms
32ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pl18979063.highcpmrevenuegate.com/12/eb/7e/12eb7e97f361d92f7d97f16da75a7f44.js
Requested by: Host: www.claimcash.top.cryptospaying.com
URL: https://www.claimcash.top.cryptospaying.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.claimcash.top.cryptospaying.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 12:41:52 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 403
Forbidden 078e8e1a22349e3dd763687fbf01cf4f.js
pl18979039.highcpmrevenuegate.com/07/8e/8e/ 0
0 86ms
18ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pl18979039.highcpmrevenuegate.com/07/8e/8e/078e8e1a22349e3dd763687fbf01cf4f.js
Requested by: Host: www.claimcash.top.cryptospaying.com
URL: https://www.claimcash.top.cryptospaying.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.claimcash.top.cryptospaying.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 12:41:52 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK ipweb_720_90_2_en.gif
www.ipweb.pro/banners/ 125 KB
125 KB 87ms
9ms Image
image/gif 213.174.129.64
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ipweb.pro/banners/ipweb_720_90_2_en.gif
Requested by: Host: www.claimcash.top.cryptospaying.com
URL: https://www.claimcash.top.cryptospaying.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.174.129.64 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: edf53806867a48e7236636134e1d6571fda214dc934c7c2c99c78b2383a491e0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.claimcash.top.cryptospaying.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 12:41:51 GMT
Last-Modified: Tue, 22 Aug 2023 10:56:08 GMT
Server: nginx/1.12.2
ETag: "64e49448-1f2d0"
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 127696
Expires: Thu, 21 Sep 2023 12:41:51 GMT

GET
H2 200 jquery.min.js Show response
claimcash.top/BSassets/vendor/jquery/ 87 KB
30 KB 164ms
85ms Script
application/javascript 23.111.182.242
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://claimcash.top/BSassets/vendor/jquery/jquery.min.js
Requested by: Host: www.claimcash.top.cryptospaying.com
URL: https://www.claimcash.top.cryptospaying.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.111.182.242 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: pacific.us.hostns.io
Software: LiteSpeed /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.claimcash.top.cryptospaying.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 12:41:52 GMT
content-encoding: br
last-modified: Wed, 07 Sep 2022 19:24:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 30267
expires: Tue, 29 Aug 2023 12:41:52 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
claimcash.top/BSassets/vendor/bootstrap/js/ 82 KB
21 KB 165ms
87ms Script
application/javascript 23.111.182.242
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://claimcash.top/BSassets/vendor/bootstrap/js/bootstrap.bundle.min.js
Requested by: Host: www.claimcash.top.cryptospaying.com
URL: https://www.claimcash.top.cryptospaying.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.111.182.242 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: pacific.us.hostns.io
Software: LiteSpeed /
Resource Hash: b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.claimcash.top.cryptospaying.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 12:41:52 GMT
content-encoding: br
last-modified: Wed, 07 Sep 2022 19:24:25 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 20975
expires: Tue, 29 Aug 2023 12:41:52 GMT

GET
H2 200 jquery.easing.min.js Show response
claimcash.top/BSassets/vendor/jquery-easing/ 2 KB
822 B 164ms
86ms Script
application/javascript 23.111.182.242
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://claimcash.top/BSassets/vendor/jquery-easing/jquery.easing.min.js
Requested by: Host: www.claimcash.top.cryptospaying.com
URL: https://www.claimcash.top.cryptospaying.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.111.182.242 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: pacific.us.hostns.io
Software: LiteSpeed /
Resource Hash: 1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.claimcash.top.cryptospaying.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 12:41:52 GMT
content-encoding: br
last-modified: Wed, 07 Sep 2022 19:24:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 789
expires: Tue, 29 Aug 2023 12:41:52 GMT

GET
H2 200 sb-admin-2.min.js Show response
claimcash.top/BSassets/js/ 1 KB
561 B 55ms
51ms Script
application/javascript 23.111.182.242
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://claimcash.top/BSassets/js/sb-admin-2.min.js
Requested by: Host: www.claimcash.top.cryptospaying.com
URL: https://www.claimcash.top.cryptospaying.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.111.182.242 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: pacific.us.hostns.io
Software: LiteSpeed /
Resource Hash: 3dbd135d6f876957fb80b8871b4084bfe81e449c8387bbdaf07b8b2451732787

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.claimcash.top.cryptospaying.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 12:41:52 GMT
content-encoding: br
last-modified: Wed, 07 Sep 2022 19:24:25 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 528
expires: Tue, 29 Aug 2023 12:41:52 GMT

GET
H/1.1 403
Forbidden invoke.js
www.profitablecreativeformat.com/6d0435f631bfeacc5ff8d91126d61b05/ 0
0 108ms
20ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.profitablecreativeformat.com/6d0435f631bfeacc5ff8d91126d61b05/invoke.js
Requested by: Host: www.claimcash.top.cryptospaying.com
URL: https://www.claimcash.top.cryptospaying.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: https://www.claimcash.top.cryptospaying.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Tue, 22 Aug 2023 12:41:53 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

POST
H/1.1 204
No Content 7ccf91aa-af78-44cf-b7e8-8229dcf7b18a Show response
pp.mndsrv.com/v1/ 0
142 B 206ms
89ms XHR
text/plain 199.241.100.27
MOJOHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://pp.mndsrv.com/v1/7ccf91aa-af78-44cf-b7e8-8229dcf7b18a
Requested by: Host: ss.mndsrv.com
URL: https://ss.mndsrv.com/static/7ccf91aa-af78-44cf-b7e8-8229dcf7b18a.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.241.100.27 , United States, ASN27589 (MOJOHOST, US),
Reverse DNS: cs2196.mojohost.com
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.claimcash.top.cryptospaying.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 22 Aug 2023 12:41:53 GMT
Server: nginx/1.20.1
Connection: keep-alive

GET
H2 200 items.php Show response
ayelads.click/display/ Frame C93F 2 KB
1 KB 334ms
137ms Document
text/html 69.57.162.10
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ayelads.click/display/items.php?ad=bbbTkrk&s=1&h=728x90
Requested by: Host: www.claimcash.top.cryptospaying.com
URL: https://www.claimcash.top.cryptospaying.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.57.162.10 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium264-2.web-hosting.com
Software: LiteSpeed / PHP/7.2.34
Resource Hash: 8a640be69f7f03bff8a8981a875df6a3ec1bb130935e2412a2bd46d38e01d191

Request headers

Referer: https://www.claimcash.top.cryptospaying.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-length: 548
content-type: text/html; charset=UTF-8
date: Tue, 22 Aug 2023 12:41:53 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.2.34
x-turbo-charged-by: LiteSpeed

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v25/ 35 KB
36 KB 449ms
12ms Font
font/woff2 142.251.40.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.163 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f3.1e100.net

Software

sffe /

Resource Hash

96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.claimcash.top.cryptospaying.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 17:55:04 GMT
x-content-type-options: nosniff
age: 326809
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35904
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Aug 2024 17:55:04 GMT

GET
H2 200 6186734 Show response
foomaque.net/400/ 82 KB
31 KB 413ms
126ms Script
application/javascript 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://foomaque.net/400/6186734

Requested by

Host: www.claimcash.top.cryptospaying.com
URL: https://www.claimcash.top.cryptospaying.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e0952669e9d21e84c9c930a0ca406c93bbe5f3970d2691d15a924588d4d99e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.claimcash.top.cryptospaying.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 12:41:53 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: eff3482667cf8e3d0a3625ca1bae7e2c
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 logo_ad1.png
ayelads.com/page/image/ Frame C93F 503 B
704 B 852ms
520ms Image
image/png 162.0.235.250
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ayelads.com/page/image/logo_ad1.png
Requested by: Host: ayelads.click
URL: https://ayelads.click/display/items.php?ad=bbbTkrk&s=1&h=728x90
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.235.250 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium161-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 997d968621d97121b423e07a7188084805214b3d2a874d576cc5b795686dac7d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ayelads.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 12:41:54 GMT
last-modified: Fri, 27 Nov 2020 10:25:31 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 503
expires: Tue, 29 Aug 2023 12:41:54 GMT

GET
H2 200 2126707 Show response
ad.a-ads.com/ Frame C991 12 KB
5 KB 602ms
196ms Document
text/html 136.243.11.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/2126707?size=728x90

Requested by

Host: ayelads.click
URL: https://ayelads.click/display/items.php?ad=bbbTkrk&s=1&h=728x90

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.243.11.250 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.250.11.243.136.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

5ab5731186c5d3cd828551b8124e1f0c82e592eb4a77a4c35272aa81d6351e69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ayelads.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Tue, 22 Aug 2023 12:41:54 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://ayelads.click/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 2126712 Show response
ad.a-ads.com/ Frame 6571 12 KB
5 KB 509ms
104ms Document
text/html 136.243.11.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/2126712?size=300x250

Requested by

Host: ayelads.click
URL: https://ayelads.click/display/items.php?ad=bbbTkrk&s=1&h=728x90

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.243.11.250 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.250.11.243.136.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

a1341ed57a7cf6827b98cf4b316a8ee8375f6b09803ca5ab496de9f1213c59e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ayelads.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Tue, 22 Aug 2023 12:41:54 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://ayelads.click/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 2126713 Show response
ad.a-ads.com/ Frame B41E 12 KB
5 KB 534ms
136ms Document
text/html 136.243.11.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/2126713?size=468x60

Requested by

Host: ayelads.click
URL: https://ayelads.click/display/items.php?ad=bbbTkrk&s=1&h=728x90

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.243.11.250 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.250.11.243.136.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

c98842c4bd7a797d24b62766e62f689417020cb8d59eb61b04297e0fe1f53da2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ayelads.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Tue, 22 Aug 2023 12:41:54 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://ayelads.click/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 2126714 Show response
ad.a-ads.com/ Frame 7BAF 12 KB
5 KB 516ms
134ms Document
text/html 136.243.11.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/2126714?size=160x600

Requested by

Host: ayelads.click
URL: https://ayelads.click/display/items.php?ad=bbbTkrk&s=1&h=728x90

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.243.11.250 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.250.11.243.136.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

fce40e9265a316b2e6785dae21403a5ca3b3dd5e5b976b15befd8f3f4c2a16f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ayelads.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Tue, 22 Aug 2023 12:41:54 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://ayelads.click/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 2126715 Show response
ad.a-ads.com/ Frame A8E9 12 KB
5 KB 568ms
193ms Document
text/html 136.243.11.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/2126715?size=320x50

Requested by

Host: ayelads.click
URL: https://ayelads.click/display/items.php?ad=bbbTkrk&s=1&h=728x90

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.243.11.250 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.250.11.243.136.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

a2f8973045f838d0002032a94910914ea34b20e7312bbe6c004d08b03cd34c3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ayelads.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Tue, 22 Aug 2023 12:41:54 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://ayelads.click/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 stattag.js Show response
tzegilo.com/ 17 KB
7 KB 462ms
15ms Script
application/javascript 172.67.134.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tzegilo.com/stattag.js
Requested by: Host: foomaque.net
URL: https://foomaque.net/400/6186734
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.134.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63f957dde1ae04a83eaff7e442e693725562c4aa1062bc072b7509640ec4f663

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.claimcash.top.cryptospaying.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 12:41:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 May 2023 08:43:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1580
etag: W/"646736cf-4447"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5mD%2B%2Fam88POK43g9P8k52CcREHsOPv1wUI0NkW2KeiQWtGTaMYpSaL22kHbpCW2eDTmmAmxuakbK9k4TFN0qS1V0CUa1vZbJRDsZpNQWUcQzQiFgDcKSW5%2BMg%2B2oSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7fab31535ec21815-EWR
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
alt-svc: h3=":443"; ma=86400

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
558 B 420ms
81ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: foomaque.net
URL: https://foomaque.net/400/6186734

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

1150a8c7e8b2a757dccd9d32d8867a2a7a06e8a49b15cc52fe35ab1646b5697a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.claimcash.top.cryptospaying.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 12:41:54 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.claimcash.top.cryptospaying.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 300x250
static.a-ads.com/a-ads-banners/470982/ Frame 6571 44 KB
45 KB 108ms
99ms Image
image/png 136.243.11.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/470982/300x250?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/2126712?size=300x250
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.11.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.11.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 07f01392062ad8d27dcfc688e09f1fb64fb8d4bfb83c5242b13ac22e86a847c0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 12:41:54 GMT
x-amz-version-id: 2msJ3zr6A7yHFASyksZSfVVdjuG7v619
last-modified: Mon, 17 Jul 2023 06:33:12 GMT
server: nginx
x-amz-request-id: 1P2QE23V7FF3WVJG
etag: "e038824820a11c718b6ffaa976c78801"
x-amz-server-side-encryption: AES256
content-type: image/png
cache-control: max-age=315360000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 45528
x-amz-id-2: o7bqUuim08KNDO6MYmjujav4pf46ck52WtRh35M7yKPSbWDhho3aPjIbVbX0aKFKaRPHejwHbZ0=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 6571 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 160x600
static.a-ads.com/a-ads-banners/470978/ Frame 7BAF 52 KB
52 KB 160ms
159ms Image
image/png 136.243.11.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/470978/160x600?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/2126714?size=160x600
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.11.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.11.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 744186ca2d27912285a45975ffcee5625456f31fc9e475aa94f13f43ecfcf989

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 12:41:54 GMT
x-amz-version-id: 4rH6Q4daBtHUxcJcJQEN_pGXp3sjPXBr
last-modified: Mon, 17 Jul 2023 06:32:13 GMT
server: nginx
x-amz-request-id: 8GW9WTGZCBTGAJ2K
etag: "09c967c49418e1015141edd11c6fd16c"
x-amz-server-side-encryption: AES256
content-type: image/png
cache-control: max-age=315360000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 52862
x-amz-id-2: GLgUe1QiFYzbYj6/jec7XGRMiWyi/TAD1+s0+vDS6RQY7xXW+fA105pd+uMihVpMib+1RAR2hvE=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 468x60
static.a-ads.com/a-ads-banners/452147/ Frame B41E 19 KB
19 KB 192ms
191ms Image
image/gif 136.243.11.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/452147/468x60?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/2126713?size=468x60
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.11.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.11.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 97ce5e4c10240ca98bd3c5458280f5ba6094d805d84867673d2b2c3340fbcc33

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 12:41:54 GMT
x-amz-version-id: IaLhKubAFfBnoEtaKRduB2h6vdPLWuD9
last-modified: Sat, 29 Apr 2023 12:10:47 GMT
server: nginx
x-amz-request-id: 83YD6B1PJ96YJS33
etag: "19492d0aabc2632e6dff63e0cb0347ef"
x-amz-server-side-encryption: AES256
content-type: image/gif
cache-control: max-age=315360000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 19103
x-amz-id-2: 074Ur7l8PihDKBieYz6TBbnVynzfO5ri3bDpi5cf0/pnPEab/ZHX9LGUf7oAG6UYD3l9Fpmz+Jg=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 7BAF 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B41E 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H/1.1 200
OK add Show response
fleraprt.com/log/ 12 B
505 B 358ms
88ms XHR
application/json 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
Requested by: Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Request headers

Referer: https://www.claimcash.top.cryptospaying.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 22 Aug 2023 12:42:53 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.claimcash.top.cryptospaying.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 12

GET
H2 200 320x50
static.a-ads.com/a-ads-banners/452145/ Frame A8E9 14 KB
14 KB 155ms
89ms Image
image/gif 136.243.11.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/452145/320x50?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/2126715?size=320x50
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.11.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.11.243.136.clients.your-server.de
Software: nginx /
Resource Hash: fd7b4cdf4eadff478c4887b5d89fed5588374b3d3d4af1f4eebedec44a43e197

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 12:41:54 GMT
x-amz-version-id: e3w6.pTaCaxFbNksHfWVJqUwbNPMVpk3
last-modified: Sat, 29 Apr 2023 12:10:47 GMT
server: nginx
x-amz-request-id: SPA8B9W02V4WT82Z
etag: "40846c748b108cf688f9271caf57b86f"
x-amz-server-side-encryption: AES256
content-type: image/gif
cache-control: max-age=315360000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 13983
x-amz-id-2: 6FUdIS2yJhzLgw1FZ6T3iPqICoGvQwlyiSAtbNXF8OVaC5XQqVRjlahAhQu+lc3kDtFiXMMUbw8=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 728x90
static.a-ads.com/a-ads-banners/452146/ Frame C991 33 KB
34 KB 169ms
103ms Image
image/gif 136.243.11.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/452146/728x90?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/2126707?size=728x90
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.11.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.11.243.136.clients.your-server.de
Software: nginx /
Resource Hash: df3f1522e3c1cfad89800cef7a2a5b3287cccf8efaf9b509153f5481a3bc5210

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 12:41:54 GMT
x-amz-version-id: 76whst7qvmX0l_vkmSfQJ7pFURrIqrZI
last-modified: Sat, 29 Apr 2023 12:10:47 GMT
server: nginx
x-amz-request-id: 7YDTPRRWAT7QQWXK
etag: "abee5b951901db7d5808cc14c1803f86"
x-amz-server-side-encryption: AES256
content-type: image/gif
cache-control: max-age=315360000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 34060
x-amz-id-2: w6p4v2Zanjln8vOg1O5dNLlCOe2SEexXdSX7IIIbtyyUmNx5KFGA0hMCX/YdRr3/EJUKhbxPGjU=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 6186734 Show response
foomaque.net/500/ 2 KB
2 KB 191ms
186ms XHR
application/javascript 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://foomaque.net/500/6186734?excludes=&oaid=2def9c62242e43b0becb934ef3a1d6a5&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&pl=https%3A%2F%2Fwww.claimcash.top.cryptospaying.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=3

Requested by

Host: foomaque.net
URL: https://foomaque.net/400/6186734

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bacf94b15bbd89954e54aa7d62b2bf22ab2ce6f1b598b2d70eefd9836f183314

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.claimcash.top.cryptospaying.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 22 Aug 2023 12:41:55 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: 06504e3ef15db562c7abb8673d4f92e8
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://www.claimcash.top.cryptospaying.com
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 200 6186734
foomaque.net/500/ Frame 0
0 284ms
86ms Preflight 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.claimcash.top.cryptospaying.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.claimcash.top.cryptospaying.com
access-control-max-age: 600
allow: GET, OPTIONS
content-length: 0
date: Tue, 22 Aug 2023 12:41:54 GMT
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: *
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff

GET
DATA 200
OK truncated
/ Frame A8E9 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame C991 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 0377052970676.png
static.cdnativepush.com/contents/s/fa/09/c3/d0d05f7d01ec388b4373228077/ 2 KB
3 KB 280ms
78ms Image
image/png 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/fa/09/c3/d0d05f7d01ec388b4373228077/0377052970676.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: dfc621aca09ed0c1488b5131d842363a53b81589c81e60fd0de8d639f927acc6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.claimcash.top.cryptospaying.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 12:41:55 GMT
last-modified: Thu, 08 Apr 2021 14:22:06 GMT
server: nginx
etag: "606f118e-932"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 2354

GET
H2 200 pvNASJ05883Xl4t0bp--GqK0VCJvcRjrR3v9cfxErwTvdp1EsFUBvXCDUCovtiQylyBfE_0THw0BaAaljVOlk05_57wUJtCPFIygpOLCm30HRhiASJZ3-hVZxDrlbtH-U0Ait-MvqkgmmLnyCS65sB4YYVFWWeuOVFU-2J7vk8XG-djXhfo3oPNTaBtk2ek_XfNN5...
foomaque.net/impression/ 43 B
544 B 83ms
81ms Image
image/gif 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foomaque.net/impression/pvNASJ05883Xl4t0bp--GqK0VCJvcRjrR3v9cfxErwTvdp1EsFUBvXCDUCovtiQylyBfE_0THw0BaAaljVOlk05_57wUJtCPFIygpOLCm30HRhiASJZ3-hVZxDrlbtH-U0Ait-MvqkgmmLnyCS65sB4YYVFWWeuOVFU-2J7vk8XG-djXhfo3oPNTaBtk2ek_XfNN5jn7n0OvTHpH-kYhQKpjQUEEboA7VIgAmNf9OyR-_7ElsyhcdlwLKW21mT9kFS4cmdvUcy2A3z5MhqRsoPxvRxV08ENfRCbN_nK7KqS1ORjZ9-vtVq8HL5jtgYUw4be-tRJ-3kmcfjcsk7EhoeGmDWra-_dP7iDlbQLd0KtBMbc6qAcLH7312vTjEtqkiux8N0CUhfBFrkz9a9K8ff0jAxiXEBqhhR_xKKXdHewMlv5gm99jqfw5fCH_LZlNf4uPmcZwhsyV3rjZ13Xp2U--ElDbhp9VU4FfWGszyuRzm9FlkesvjYbjwvuz1nw5bqGtwhAQw5VJdHpheLJsAgP_gyJemhdWHidFQB-WApr7_5mzuKW3evBL97zKZ06gQh1Cnr9ZcYYZjVD_pf5veZ_KEE6Q6G4LW3KwWC6c_Idr9a5XHbQmDULYhd0QppwsDWuJqAdu-6feVA6fmMl0k3lmMFKZmRiqi2ilz6T-Sb6pLlg3zoeKaOagOxpP-SsEwSkZOHFm9-QZJlU2CsBFUo94w1v0PfSflj-p9UUPoK8PRQAWnla8FAwybfSvltejxIN4DtFMJNZ-uhkivgRWA0aMy8E9FXqdY8sF9squaKC4B0ZdE4l9AW4DAoizRCkp4iLxli3enyQI-ezhrYAtQeksEWM97tLK_FQegkWWo8zJQhjZ?_z=6186734&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&pl=https%3A%2F%2Fwww.claimcash.top.cryptospaying.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.claimcash.top.cryptospaying.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 12:42:04 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-length: 43
x-trace-id: 424937fce3f97fbfdff6969fbbc90d17
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 0377052970676.png
static.cdnativepush.com/contents/s/fa/09/c3/d0d05f7d01ec388b4373228077/ Frame 3BD3 2 KB
3 KB 78ms
78ms Image
image/png 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/fa/09/c3/d0d05f7d01ec388b4373228077/0377052970676.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: dfc621aca09ed0c1488b5131d842363a53b81589c81e60fd0de8d639f927acc6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 12:42:04 GMT
last-modified: Thu, 08 Apr 2021 14:22:06 GMT
server: nginx
etag: "606f118e-932"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 2354

GET
H2 200 6186734 Show response
foomaque.net/500/ 2 KB
2 KB 182ms
182ms XHR
application/javascript 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://foomaque.net/500/6186734?excludes=12543851&oaid=2def9c62242e43b0becb934ef3a1d6a5&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&pl=https%3A%2F%2Fwww.claimcash.top.cryptospaying.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=3

Requested by

Host: foomaque.net
URL: https://foomaque.net/400/6186734

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

6f16784ab196e5c0d718afe25a6ffb60f3456398495fc05bd6a7c8a76b6563d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.claimcash.top.cryptospaying.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 22 Aug 2023 12:42:04 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: 178bbf0ee66107f4eddfc5e58900d24a
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://www.claimcash.top.cryptospaying.com
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 200 6186734
foomaque.net/500/ Frame 0
0 79ms
79ms Preflight 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.claimcash.top.cryptospaying.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.claimcash.top.cryptospaying.com
access-control-max-age: 600
allow: GET, OPTIONS
content-length: 0
date: Tue, 22 Aug 2023 12:42:04 GMT
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: *
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff

GET
H2 200 5dfb9f83b486d705d281af0c332f61c0.png
offerimage.com/www/images/ 17 KB
18 KB 57ms
18ms Image
image/png 2606:4700:10::6816:21ac

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offerimage.com/www/images/5dfb9f83b486d705d281af0c332f61c0.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:21ac -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: fa2a7a67bd1c0553d26e0ff7c6684249cda4576f6359ee35012274084a8f88e5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.claimcash.top.cryptospaying.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 12:42:04 GMT
cf-cache-status: HIT
last-modified: Wed, 17 May 2023 09:16:18 GMT
server: cloudflare
age: 79917
etag: "64649b62-4558"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fab31923f33c346-EWR
content-length: 17752
expires: Tue, 22 Aug 2023 14:30:07 GMT

GET
H2 200 z-v7bS9rx10v7po5OakkdlWPUt_0u6Tplskgh2kQNXpSasN0yna_mw9rP2AJ5emSt8-D6OaxbFVciJHmqNL-KIk8O0tL4WhkVGtdwQ5JagAtxUMQKBRvR-SCfpeiYcWo9MOJrR-tb-Wvj29MhssUPlr_jGWb8M3Ib2aUQ05Qad8EIGZ5cdPYyAFK4E6Qm4zSFUMc2...
foomaque.net/impression/ 43 B
543 B 85ms
84ms Image
image/gif 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foomaque.net/impression/z-v7bS9rx10v7po5OakkdlWPUt_0u6Tplskgh2kQNXpSasN0yna_mw9rP2AJ5emSt8-D6OaxbFVciJHmqNL-KIk8O0tL4WhkVGtdwQ5JagAtxUMQKBRvR-SCfpeiYcWo9MOJrR-tb-Wvj29MhssUPlr_jGWb8M3Ib2aUQ05Qad8EIGZ5cdPYyAFK4E6Qm4zSFUMc2bc0KFiiajDROOhAwe5AdGxvvsUpMK45YgKHMdJmYZRygUm8-glyHGeC6Tdh3q5U44BSBMTftzSD6iGCHP0LJCiSOC8nUm6saDORnXYgZ-6o4CQd5vqCjlsX3vXkcJn-HVYJWmYohhMapW8c3c5XBu3mIq8FvgWxgpPZy0F3jq_sZwQFJFsLS3PepAjOlUwOu_ImYHFC2NpHQQXet8I82_m60HyIBqEcJVsir_TyiPYAc1U7EUdO_8vU9Y0U4xiwH3Er_4TBJyLuHaso4yJgnTIaApm8TOtBMTX0s3sGd39VA9uodXlnwFNbMQSYSuYyF9L8JFvKi8-F-o-J5cljwOJ4yyva9pp_ldnJhOr6cxmEGHFdedhPSNVGe0sdqmmWPQSAelcWZYGjvf1zgxNQEAgYnNV9StG0cJY8N___9xvzmwOefDn2rJ3KEhkNrp_ePO1xIkHAR1hRxYjBWk5pIfKkAZoOetq72IpBQ8Nz7zYiUDyAbnurTA1zcqOceOwwpoVkWp9yncyxwoncJvULuLxVfU_qKjwrtp1rczhvcujUAv7Qh0QG4QfnHMOIt9iJwCbsSI-D70ng98h5jsKSlI6PqKjxbG9t31DNfB6Ny7jXBk9LU9o-cC_8LzVSJv34o7zaNeCFe0ybtjR22KogYHSUYTm7_zUQ5l4hw5H37H_-t3WQi2l08UY=?_z=6186734&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&pl=https%3A%2F%2Fwww.claimcash.top.cryptospaying.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.claimcash.top.cryptospaying.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 12:42:07 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-length: 43
x-trace-id: 90fb9bde1ec667e4a8c607af52993aab
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET 5dfb9f83b486d705d281af0c332f61c0.png
offerimage.com/www/images/ 0
0

GET
H2 200 5dfb9f83b486d705d281af0c332f61c0.png
offerimage.com/www/images/ Frame 3BD3 17 KB
0 12ms
11ms Image
image/png 2606:4700:10::6816:21ac

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offerimage.com/www/images/5dfb9f83b486d705d281af0c332f61c0.png
Requested by: Host: foomaque.net
URL: https://foomaque.net/400/6186734
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:21ac -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 12:42:07 GMT
cf-cache-status: HIT
last-modified: Wed, 17 May 2023 09:16:18 GMT
server: cloudflare
age: 79920
etag: "64649b62-4558"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fab31a4fc16c346-EWR
content-length: 17752
expires: Tue, 22 Aug 2023 14:30:07 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: offerimage.com
URL: https://offerimage.com/www/images/5dfb9f83b486d705d281af0c332f61c0.png

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.claimcash.top.cryptospaying.com/	1970-01-20 14:11:55	Name: csrf_cookie_name Value: bb84840966f2a928227b9a7063f977f9
www.claimcash.top.cryptospaying.com/	1970-01-20 14:11:55	Name: ci_session Value: 9d2b8ef9627f15f4dafa50d4e79cd466a695b6d3
ayelads.click/	1970-01-20 14:11:51	Name: AYID Value: %7B%22sec_to_refresh%22%3A3%2C%22time_ads%22%3A1692708113%2C%22ads_viewed%22%3A%5B%5D%7D
ayelads.click/	1970-01-20 14:11:51	Name: bbbTkrk Value: %7B%22dataTag%22%3A%7B%22banners%22%3A%7B%22id%22%3A%5B%5D%2C%22rt%22%3A%5B%5D%7D%2C%22startG%22%3A%5B0%5D%2C%22status%22%3Anull%7D%7D
my.rtmark.net/	1970-01-20 22:57:24	Name: ID Value: 2def9c62242e43b0becb934ef3a1d6a5
foomaque.net/	1970-01-20 22:57:24	Name: OAID Value: 2def9c62242e43b0becb934ef3a1d6a5

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pl18979039.highcpmrevenuegate.com/07/8e/8e/078e8e1a22349e3dd763687fbf01cf4f.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://pl18979063.highcpmrevenuegate.com/12/eb/7e/12eb7e97f361d92f7d97f16da75a7f44.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://www.claimcash.top.cryptospaying.com/(Line 33) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.profitablecreativeformat.com/6d0435f631bfeacc5ff8d91126d61b05/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.claimcash.top.cryptospaying.com/(Line 33) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.profitablecreativeformat.com/6d0435f631bfeacc5ff8d91126d61b05/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://www.profitablecreativeformat.com/6d0435f631bfeacc5ff8d91126d61b05/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.a-ads.com
ayelads.click
ayelads.com
claimcash.top
fleraprt.com
fonts.googleapis.com
fonts.gstatic.com
foomaque.net
my.rtmark.net
offerimage.com
pl18979039.highcpmrevenuegate.com
pl18979063.highcpmrevenuegate.com
pp.mndsrv.com
ss.mndsrv.com
static.a-ads.com
static.cdnativepush.com
tzegilo.com
www.claimcash.top.cryptospaying.com
www.ipweb.pro
www.profitablecreativeformat.com
offerimage.com
136.243.11.250
139.45.195.254
139.45.195.8
139.45.197.151
139.45.197.238
142.250.72.106
142.251.40.163
162.0.235.250
169.150.236.97
172.67.134.147
192.243.59.12
192.243.59.20
199.241.100.27
213.174.129.64
23.111.182.242
2606:4700:10::6816:21ac
69.57.162.10
07f01392062ad8d27dcfc688e09f1fb64fb8d4bfb83c5242b13ac22e86a847c0
0832dfb004cac2772613a5a72a537060557ff5d21857b0d6ece8cc6e8c824157
1150a8c7e8b2a757dccd9d32d8867a2a7a06e8a49b15cc52fe35ab1646b5697a
1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
240ddd016a08d5d7b481ca8950aa96aa473c871ec9c7aece6d2c91080c749a6a
29cae188d1bc9c754eb5454ec14ab15f7dc77f545c2f13ff72cc586923b1f266
2a600c66ad314ec87a79aa8be19103b39e68d856870161c69d3a160df24f0b6a
3dbd135d6f876957fb80b8871b4084bfe81e449c8387bbdaf07b8b2451732787
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5ab5731186c5d3cd828551b8124e1f0c82e592eb4a77a4c35272aa81d6351e69
63f957dde1ae04a83eaff7e442e693725562c4aa1062bc072b7509640ec4f663
6f16784ab196e5c0d718afe25a6ffb60f3456398495fc05bd6a7c8a76b6563d0
744186ca2d27912285a45975ffcee5625456f31fc9e475aa94f13f43ecfcf989
8a640be69f7f03bff8a8981a875df6a3ec1bb130935e2412a2bd46d38e01d191
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
97ce5e4c10240ca98bd3c5458280f5ba6094d805d84867673d2b2c3340fbcc33
997d968621d97121b423e07a7188084805214b3d2a874d576cc5b795686dac7d
a1341ed57a7cf6827b98cf4b316a8ee8375f6b09803ca5ab496de9f1213c59e2
a2f8973045f838d0002032a94910914ea34b20e7312bbe6c004d08b03cd34c3f
b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b
bacf94b15bbd89954e54aa7d62b2bf22ab2ce6f1b598b2d70eefd9836f183314
c98842c4bd7a797d24b62766e62f689417020cb8d59eb61b04297e0fe1f53da2
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
df3f1522e3c1cfad89800cef7a2a5b3287cccf8efaf9b509153f5481a3bc5210
dfc621aca09ed0c1488b5131d842363a53b81589c81e60fd0de8d639f927acc6
e0952669e9d21e84c9c930a0ca406c93bbe5f3970d2691d15a924588d4d99e57
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edf53806867a48e7236636134e1d6571fda214dc934c7c2c99c78b2383a491e0
efd15ebba9106e78e5786de7ee546178b97d963a2fc21ea0a65c04fb75fb2b9a
fa2a7a67bd1c0553d26e0ff7c6684249cda4576f6359ee35012274084a8f88e5
fce40e9265a316b2e6785dae21403a5ca3b3dd5e5b976b15befd8f3f4c2a16f6
fd7b4cdf4eadff478c4887b5d89fed5588374b3d3d4af1f4eebedec44a43e197
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.claimcash.top.cryptospaying.com Open in urlscan Pro 23.111.182.242 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

43 Requests

98 %HTTPS

6 %IPv6

17 Domains

20 Subdomains

18 IPs

3 Countries

523 kBTransfer

1016 kBSize

6 Cookies

1 Outgoing links

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.claimcash.top.cryptospaying.com Open in urlscan Pro
23.111.182.242 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

98 %
HTTPS

6 %
IPv6

17
Domains

20
Subdomains

18
IPs

3
Countries

523 kB
Transfer

1016 kB
Size

6
Cookies

43 HTTP transactions
5 data transactions