paidtoclickreview.com Open in urlscan Pro
104.219.248.46 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://paidtoclickreview.com/
Submission: On September 21 via api (September 21st 2023, 9:01:21 pm UTC) from US — Scanned from US

Summary HTTP 53 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 24 IPs in 6 countries across 26 domains to perform 53 HTTP transactions. The main IP is 104.219.248.46, located in United States and belongs to NAMECHEAP-NET, US. The main domain is paidtoclickreview.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 5th 2023. Valid for: a year.

This is the only time paidtoclickreview.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	104.219.248.46 104.219.248.46	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	144.217.66.46 144.217.66.46	16276 (OVH) (OVH)
3	144.76.199.3 144.76.199.3	24940 (HETZNER-AS) (HETZNER-AS)
2	104.161.23.62 104.161.23.62	53755 (IOFLOOD) (IOFLOOD)
1	2a02:4780:3:7... 2a02:4780:3:700:0:21eb:70f8:5	47583 (AS-HOSTINGER) (AS-HOSTINGER)
1	92.205.9.53 92.205.9.53	21499 (GODADDY-SXB) (GODADDY-SXB)
2	45.14.225.191 45.14.225.191	62068 (SPECTRAIP...) (SPECTRAIP SpectraIP B.V.)
1	66.29.141.21 66.29.141.21	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	176.9.11.135 176.9.11.135	24940 (HETZNER-AS) (HETZNER-AS)
1	78.46.143.195 78.46.143.195	24940 (HETZNER-AS) (HETZNER-AS)
1	2a02:4780:1:4... 2a02:4780:1:455:0:d7d:b946:1	47583 (AS-HOSTINGER) (AS-HOSTINGER)
1	67.23.238.71 67.23.238.71	33182 (DIMENOC) (DIMENOC)
1	2606:4700:303... 2606:4700:3031::6815:2dfb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	66.154.110.210 66.154.110.210	8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL)
8	2607:f8b0:402... 2607:f8b0:4020:804::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:402... 2607:f8b0:4020:806::2003	15169 (GOOGLE) (GOOGLE)
1 2	2607:f8b0:402... 2607:f8b0:4020:806::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:821::2006	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:402... 2607:f8b0:4020:805::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4020:807::2004	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4020:807::2016	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80b::2001	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:402... 2607:f8b0:4020:807::2003	15169 (GOOGLE) (GOOGLE)
53	24

12 104.219.248.46 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server139-2.web-hosting.com

paidtoclickreview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.217.66.46 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: eshared.hostptc.com

www.earnations.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 144.76.199.3 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.3.199.76.144.clients.your-server.de

everprofitbux.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
evergreenclix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
everworkclix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.161.23.62 (Phoenix, United States)

ASN53755 (IOFLOOD, US)
PTR: corporate.vip2.noc401.com

greenbuxx.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
catbux.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:4780:3:700:0:21eb:70f8:5 (Singapore)

ASN47583 (AS-HOSTINGER, CY)

workpaid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.205.9.53 (Strasbourg, France)

ASN21499 (GODADDY-SXB, DE)
PTR: 53.9.205.92.host.secureserver.net

eyebux.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.14.225.191 (Amsterdam, Netherlands)

ASN62068 (SPECTRAIP SpectraIP B.V., NL)
PTR: server.linuxcloudns.com

clickmedia.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ideaclix.pw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.29.141.21 (Charlotte, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: snehads.com

snehads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.9.11.135 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: s3-de.thehost.ua

bombmayaclicks.pw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.143.195 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: omni-cash.com

omni-cash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:4780:1:455:0:d7d:b946:1 (Asheville, United States)

ASN47583 (AS-HOSTINGER, CY)

mathibux.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.23.238.71 (Orlando, United States)

ASN33182 (DIMENOC, US)
PTR: us133-pl.valueserver.net

www.adsbet.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:2dfb (United States)

ASN13335 (CLOUDFLARENET, US)

static.surfe.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.154.110.210 (Atlanta, United States)

ASN8100 (ASN-QUADRANET-GLOBAL, US)

s01.flagcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4020:804::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:806::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:806::2002 (Montreal, Canada) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:821::2006 (United States)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4020:805::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:807::2004 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:807::2016 (Montreal, Canada)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::2001 (United States)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:807::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	paidtoclickreview.com paidtoclickreview.com	668 KB
8	youtube.com www.youtube.com — Cisco Umbrella Rank: 80	1012 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	49 KB
4	googleapis.com fonts.googleapis.com Failed jnn-pa.googleapis.com — Cisco Umbrella Rank: 305	32 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 static.doubleclick.net — Cisco Umbrella Rank: 400	1 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 194	2 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 102	28 KB
1	google.com www.google.com — Cisco Umbrella Rank: 11	15 KB
1	flagcounter.com s01.flagcounter.com — Cisco Umbrella Rank: 166476	49 KB
1	surfe.pro static.surfe.pro — Cisco Umbrella Rank: 316129	3 KB
1	adsbet.com.br www.adsbet.com.br	20 KB
1	mathibux.com mathibux.com	2 MB
1	omni-cash.com omni-cash.com	266 KB
1	bombmayaclicks.pw bombmayaclicks.pw	127 KB
1	ideaclix.pw ideaclix.pw	53 KB
1	snehads.com snehads.com	217 KB
1	clickmedia.fun clickmedia.fun
1	eyebux.com eyebux.com	149 KB
1	everworkclix.com everworkclix.com	42 KB
1	evergreenclix.com evergreenclix.com	89 KB
1	catbux.xyz catbux.xyz	24 KB
1	workpaid.net workpaid.net	268 KB
1	greenbuxx.xyz greenbuxx.xyz	809 KB
1	everprofitbux.com everprofitbux.com	181 KB
1	earnations.com www.earnations.com	15 KB
0	herobux.cam Failed herobux.cam Failed
53	26

	Domain	Requested by
12	paidtoclickreview.com	paidtoclickreview.com
8	www.youtube.com	paidtoclickreview.com www.youtube.com
4	jnn-pa.googleapis.com	www.youtube.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	fonts.gstatic.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	s01.flagcounter.com	paidtoclickreview.com
1	static.surfe.pro	paidtoclickreview.com
1	www.adsbet.com.br	paidtoclickreview.com
1	mathibux.com	paidtoclickreview.com
1	omni-cash.com	paidtoclickreview.com
1	bombmayaclicks.pw	paidtoclickreview.com
1	ideaclix.pw	paidtoclickreview.com
1	snehads.com	paidtoclickreview.com
1	clickmedia.fun	paidtoclickreview.com
1	eyebux.com	paidtoclickreview.com
1	everworkclix.com	paidtoclickreview.com
1	evergreenclix.com	paidtoclickreview.com
1	catbux.xyz	paidtoclickreview.com
1	workpaid.net	paidtoclickreview.com
1	greenbuxx.xyz	paidtoclickreview.com
1	everprofitbux.com	paidtoclickreview.com
1	www.earnations.com	paidtoclickreview.com
0	fonts.googleapis.com Failed	paidtoclickreview.com
0	herobux.cam Failed	paidtoclickreview.com
53	29

This site contains links to these domains. Also see Links.

Domain
info.flagcounter.com

Subject Issuer	Validity	Valid
paidtoclickreview.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-05` - `2024-09-05`	a year	crt.sh
earnations.com cPanel, Inc. Certification Authority	`2023-07-28` - `2023-10-26`	3 months	crt.sh
everprofitbux.com R3	`2023-09-18` - `2023-12-17`	3 months	crt.sh
*.greenbuxx.xyz R3	`2023-08-06` - `2023-11-04`	3 months	crt.sh
workpaid.net R3	`2023-09-09` - `2023-12-08`	3 months	crt.sh
catbux.xyz R3	`2023-09-14` - `2023-12-13`	3 months	crt.sh
evergreenclix.com R3	`2023-09-18` - `2023-12-17`	3 months	crt.sh
everworkclix.com R3	`2023-09-18` - `2023-12-17`	3 months	crt.sh
eyebux.com R3	`2023-09-10` - `2023-12-09`	3 months	crt.sh
*.clickmedia.fun R3	`2023-08-13` - `2023-11-11`	3 months	crt.sh
snehads.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-23` - `2024-07-23`	a year	crt.sh
www.ideaclix.clickmedia.fun R3	`2023-08-16` - `2023-11-14`	3 months	crt.sh
bombmayaclicks.pw R3	`2023-07-27` - `2023-10-25`	3 months	crt.sh
omni-cash.com Encryption Everywhere DV TLS CA - G2	`2023-05-25` - `2024-05-24`	a year	crt.sh
mathibux.com R3	`2023-08-01` - `2023-10-30`	3 months	crt.sh
adsbet.com.br R3	`2023-09-15` - `2023-12-14`	3 months	crt.sh
surfe.pro E1	`2023-08-01` - `2023-10-30`	3 months	crt.sh
flagcounter.com R3	`2023-08-23` - `2023-11-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://paidtoclickreview.com/
Frame ID: 942E9A60B36DF6021C6A36C6B3DDC8D5
Requests: 32 HTTP requests in this frame

Frame: https://www.youtube.com/embed/yZR_aX7me1g?si=SWNDbe1Ms1fy2Ds1
Frame ID: A2824CAC2A71FA82A02E8A0CE8C2D449
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Paid to Click Review - Get Free Review on YouTube

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

53
Requests

92 %
HTTPS

52 %
IPv6

26
Domains

29
Subdomains

24
IPs

6
Countries

5910 kB
Transfer

8660 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://info.flagcounter.com/nLgK

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

53 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
paidtoclickreview.com/ 19 KB
4 KB 549ms
172ms Document
text/html 104.219.248.46
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://paidtoclickreview.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.219.248.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server139-2.web-hosting.com
Software: LiteSpeed / PHP/5.6.40
Resource Hash: 2a438c2573047c153ecbf7b969d4d6df7d6c7148e277f2ef03ea644930646270

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 21 Sep 2023 21:01:03 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
x-turbo-charged-by: LiteSpeed

GET
H2 200 bootstrap.css
paidtoclickreview.com/css/ 118 KB
17 KB 116ms
112ms Stylesheet
text/css 104.219.248.46
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://paidtoclickreview.com/css/bootstrap.css
Requested by: Host: paidtoclickreview.com
URL: https://paidtoclickreview.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.219.248.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server139-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 09ad856fa7a1fbe2b6e7781baddbafe610b0ca1f610832924c04aed272f35604

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paidtoclickreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 21:01:04 GMT
content-encoding: br
last-modified: Mon, 29 Sep 2014 14:53:32 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 17154
expires: Thu, 28 Sep 2023 21:01:04 GMT

GET
H2 200 style.css
paidtoclickreview.com/css/ 44 KB
8 KB 220ms
216ms Stylesheet
text/css 104.219.248.46
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://paidtoclickreview.com/css/style.css
Requested by: Host: paidtoclickreview.com
URL: https://paidtoclickreview.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.219.248.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server139-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: b7412b1951469e6610a74d96616820a4d256a2b835481da07585827817d53773

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paidtoclickreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 21:01:04 GMT
content-encoding: br
last-modified: Mon, 10 Oct 2022 15:04:28 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 7795
expires: Thu, 28 Sep 2023 21:01:04 GMT

GET
H2 200 jquery.min.js Show response
paidtoclickreview.com/js/ 92 KB
31 KB 221ms
218ms Script
application/javascript 104.219.248.46
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://paidtoclickreview.com/js/jquery.min.js
Requested by: Host: paidtoclickreview.com
URL: https://paidtoclickreview.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.219.248.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server139-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paidtoclickreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 21:01:04 GMT
content-encoding: br
last-modified: Mon, 15 Sep 2014 19:11:54 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 32005
expires: Thu, 28 Sep 2023 21:01:04 GMT

GET
H2 200 responsiveslides.min.js Show response
paidtoclickreview.com/js/ 3 KB
2 KB 220ms
217ms Script
application/javascript 104.219.248.46
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://paidtoclickreview.com/js/responsiveslides.min.js
Requested by: Host: paidtoclickreview.com
URL: https://paidtoclickreview.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.219.248.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server139-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 1f306db5a9c29477acdd6b78d57734f0aa7936a1fa9b9ba8bd36204ba12aaf40

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paidtoclickreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 21:01:04 GMT
content-encoding: br
last-modified: Tue, 12 May 2015 19:11:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1340
expires: Thu, 28 Sep 2023 21:01:04 GMT

GET
H2 200 logo.jpg
paidtoclickreview.com/images/ 578 KB
578 KB 113ms
107ms Image
image/jpeg 104.219.248.46
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paidtoclickreview.com/images/logo.jpg
Requested by: Host: paidtoclickreview.com
URL: https://paidtoclickreview.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.219.248.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server139-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: f985d414e88588a723f8cec67c16f484b482e4629601baf3fe11772fd39a9532

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paidtoclickreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 21:01:05 GMT
last-modified: Wed, 23 Aug 2023 19:18:42 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 591482
expires: Thu, 28 Sep 2023 21:01:05 GMT

GET
H2 200 1.gif
paidtoclickreview.com/banners/ 16 KB
16 KB 306ms
300ms Image
image/gif 104.219.248.46
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paidtoclickreview.com/banners/1.gif
Requested by: Host: paidtoclickreview.com
URL: https://paidtoclickreview.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.219.248.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server139-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: fb5e8d4c8cd2c46ab6341a205223845dd764bf5e71d38ce1b0e8cab1dd3be9d5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paidtoclickreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 21:01:05 GMT
last-modified: Wed, 06 Sep 2023 22:02:28 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 16478
expires: Thu, 28 Sep 2023 21:01:05 GMT

GET
H/1.1 200
OK banner1.gif
www.earnations.com/banners/ 15 KB
15 KB 965ms
72ms Image
image/gif 144.217.66.46
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.earnations.com/banners/banner1.gif
Requested by: Host: paidtoclickreview.com
URL: https://paidtoclickreview.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 144.217.66.46 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: eshared.hostptc.com
Software: Apache /
Resource Hash: 39559c9ad543aff6e14ab1c6dc91662ccb5747ec02a4bfc4cf626b27a9586c10

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paidtoclickreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Thu, 21 Sep 2023 21:01:05 GMT
Last-Modified: Sat, 29 Jul 2023 13:15:54 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 15607

GET
H2 200 tick.png
paidtoclickreview.com/images/ 5 KB
5 KB 324ms
319ms Image
image/png 104.219.248.46
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paidtoclickreview.com/images/tick.png
Requested by: Host: paidtoclickreview.com
URL: https://paidtoclickreview.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.219.248.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server139-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 5d3f09f018854ef2c6336e88910df2f73967a8f90a28cc14a5eaf306df13d614

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paidtoclickreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 21:01:05 GMT
last-modified: Tue, 06 Aug 2019 14:25:18 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4956
expires: Thu, 28 Sep 2023 21:01:05 GMT

GET
H2 200 no.png
paidtoclickreview.com/images/ 2 KB
2 KB 326ms
321ms Image
image/png 104.219.248.46
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paidtoclickreview.com/images/no.png
Requested by: Host: paidtoclickreview.com
URL: https://paidtoclickreview.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.219.248.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server139-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 7b14d0e520eba52a956e04f14259aa4049643600babae6f57311484a725f9436

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paidtoclickreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 21:01:05 GMT
last-modified: Thu, 22 Dec 2016 05:23:02 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2288
expires: Thu, 28 Sep 2023 21:01:05 GMT

GET banner.jpg
herobux.cam/ 0
0

GET
H/1.1 200
OK 468x60-gif.gif
everprofitbux.com/ 181 KB
181 KB 1332ms
438ms Image
image/gif 144.76.199.3
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://everprofitbux.com/468x60-gif.gif
Requested by: Host: paidtoclickreview.com
URL: https://paidtoclickreview.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.199.3 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.3.199.76.144.clients.your-server.de
Software: nginx / PleskLin
Resource Hash: 8ba1f1fb1f92758f716883ede8dc8586259d960642c568440244224965f84ce7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paidtoclickreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Thu, 21 Sep 2023 21:01:05 GMT
Last-Modified: Wed, 11 Jan 2023 16:52:08 GMT
Server: nginx
ETag: "63bee938-2d400"
X-Powered-By: PleskLin
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 185344

GET
H2 200 banner1.gif
greenbuxx.xyz/ 808 KB
809 KB 980ms
84ms Image
image/gif 104.161.23.62
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenbuxx.xyz/banner1.gif
Requested by: Host: paidtoclickreview.com
URL: https://paidtoclickreview.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.62 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: e78a3f6cfc6eab54f7c0a18e71bac5f7b8d765ca492977439d2cd38df6a83ea0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paidtoclickreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 21:01:10 GMT
last-modified: Mon, 07 Aug 2023 13:13:29 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 827568
expires: Thu, 28 Sep 2023 21:01:10 GMT

GET
H2 200 banner%2021468x60.gif
workpaid.net/images/ 267 KB
268 KB 1150ms
255ms Image
image/gif 2a02:4780:3:700:0:21eb:70f8:5
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://workpaid.net/images/banner%2021468x60.gif

Requested by

Host: paidtoclickreview.com
URL: https://paidtoclickreview.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:3:700:0:21eb:70f8:5 , Singapore, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

27c20d661dbdf5fd7cea830bfe15e8e34604c3d684da7f349b96474e9388d858

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paidtoclickreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 21:01:06 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 11 Jul 2023 19:24:03 GMT
server: LiteSpeed
etag: "42d17-64adac53-35ae131b344efcbf;;;"
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 273687
expires: Thu, 28 Sep 2023 21:01:06 GMT

GET
H2 200 468x60.jpg
catbux.xyz/ 24 KB
24 KB 1063ms
168ms Image
image/jpeg 104.161.23.62
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://catbux.xyz/468x60.jpg
Requested by: Host: paidtoclickreview.com
URL: https://paidtoclickreview.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.62 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 2be385ffb286cc337f675d865f528848e71ed4ef2881a6f25ceeeae7447b8f59

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paidtoclickreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 21:01:10 GMT
last-modified: Wed, 24 May 2023 10:13:05 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 24608
expires: Thu, 28 Sep 2023 21:01:10 GMT

GET
H/1.1 200
OK banner.gif
evergreenclix.com/ 89 KB
89 KB 1333ms
440ms Image
image/gif 144.76.199.3
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evergreenclix.com/banner.gif
Requested by: Host: paidtoclickreview.com
URL: https://paidtoclickreview.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.199.3 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.3.199.76.144.clients.your-server.de
Software: nginx / PleskLin
Resource Hash: 94155b46ea30ee28cfeae5bca27160b49eecf7366657077d79888dfe6cd2ea68

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paidtoclickreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Thu, 21 Sep 2023 21:01:05 GMT
Last-Modified: Wed, 11 Jan 2023 16:52:46 GMT
Server: nginx
ETag: "63bee95e-16228"
X-Powered-By: PleskLin
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 90664

GET
H/1.1 200
OK banner-5.gif
everworkclix.com/ 41 KB
42 KB 1221ms
329ms Image
image/gif 144.76.199.3
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://everworkclix.com/banner-5.gif
Requested by: Host: paidtoclickreview.com
URL: https://paidtoclickreview.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.199.3 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.3.199.76.144.clients.your-server.de
Software: nginx / PleskLin
Resource Hash: d59a6c4b19c181d1123ba8d5814edef4cc707f3ae178065b539ec0d5185778fa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paidtoclickreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Thu, 21 Sep 2023 21:01:05 GMT
Last-Modified: Mon, 08 May 2023 20:51:37 GMT
Server: nginx
ETag: "645960d9-a516"
X-Powered-By: PleskLin
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42262

GET
H2 200 banner2.gif
eyebux.com/ 149 KB
149 KB 1176ms
282ms Image
image/gif 92.205.9.53
GODADDY-SXB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eyebux.com/banner2.gif
Requested by: Host: paidtoclickreview.com
URL: https://paidtoclickreview.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.205.9.53 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),
Reverse DNS: 53.9.205.92.host.secureserver.net
Software: Apache /
Resource Hash: cbedce5982b72d7c809127c34ec863521a7868c423ffa9db669b34876cbc5f54

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paidtoclickreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 21:01:05 GMT
last-modified: Thu, 11 May 2023 16:55:53 GMT
server: Apache
accept-ranges: bytes
etag: "3020320-25300-5fb6ddc8e98e2"
content-length: 152320
content-type: image/gif

GET
H2 404 468x60banner.gif
clickmedia.fun/ 0
0 1269ms
133ms Image
text/html 45.14.225.191
SPECTRAIP Spectra...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clickmedia.fun/468x60banner.gif
Requested by: Host: paidtoclickreview.com
URL: https://paidtoclickreview.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.14.225.191 Amsterdam, Netherlands, ASN62068 (SPECTRAIP SpectraIP B.V., NL),
Reverse DNS: server.linuxcloudns.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paidtoclickreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

GET
H2 200 Banner468x60.gif
snehads.com/banner/ 217 KB
217 KB 1048ms
212ms Image
image/gif 66.29.141.21
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://snehads.com/banner/Banner468x60.gif
Requested by: Host: paidtoclickreview.com
URL: https://paidtoclickreview.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.141.21 Charlotte, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: snehads.com
Software: LiteSpeed /
Resource Hash: bc2dbba1efa88dc21fb1dfb5a996ffe800fb290cebfe1d210d5c90d448f960cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paidtoclickreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 21:01:05 GMT
last-modified: Sun, 23 Jul 2023 09:23:13 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 221917
expires: Thu, 28 Sep 2023 21:01:05 GMT

GET
H2 200 468x48banner.jpg
ideaclix.pw/ 53 KB
53 KB 1142ms
273ms Image
image/jpeg 45.14.225.191
SPECTRAIP Spectra...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ideaclix.pw/468x48banner.jpg
Requested by: Host: paidtoclickreview.com
URL: https://paidtoclickreview.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.14.225.191 Amsterdam, Netherlands, ASN62068 (SPECTRAIP SpectraIP B.V., NL),
Reverse DNS: server.linuxcloudns.com
Software: LiteSpeed /
Resource Hash: bea03bd1aa35857061fca60eb059a948697857fd773cdec3e022a09ebf0532b8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paidtoclickreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 21:01:05 GMT
last-modified: Wed, 16 Aug 2023 23:53:00 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 54146
expires: Thu, 28 Sep 2023 21:01:05 GMT

GET
H2 200 468x60_banner.gif
bombmayaclicks.pw/images/ 126 KB
127 KB 1227ms
359ms Image
image/gif 176.9.11.135
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bombmayaclicks.pw/images/468x60_banner.gif
Requested by: Host: paidtoclickreview.com
URL: https://paidtoclickreview.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.11.135 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s3-de.thehost.ua
Software: nginx /
Resource Hash: cc37fd27694307ad3e464553c4e4aa87b50f815871e2a0ae03b014b339af23ec

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paidtoclickreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 21:01:05 GMT
last-modified: Sun, 27 Aug 2023 07:03:40 GMT
server: nginx
accept-ranges: bytes
etag: "64eaf54c-1f90d"
content-length: 129293
content-type: image/gif

GET
H2 200 468x60.gif
omni-cash.com/images/banner/ 265 KB
266 KB 1195ms
327ms Image
image/gif 78.46.143.195
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://omni-cash.com/images/banner/468x60.gif
Requested by: Host: paidtoclickreview.com
URL: https://paidtoclickreview.com/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 78.46.143.195 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: omni-cash.com
Software: Apache /
Resource Hash: e59e1a7988c467089245c4545af3251422beea32dd23e0954a47330d85ed0433

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paidtoclickreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 21:01:05 GMT
last-modified: Mon, 24 Jul 2023 12:43:25 GMT
server: Apache
accept-ranges: bytes
etag: "42581-6013af5e1c44d"
content-length: 271745
content-type: image/gif

GET
H2 200 banner1.gif
mathibux.com/banners/ 2 MB
2 MB 937ms
69ms Image
image/gif 2a02:4780:1:455:0:d7d:b946:1
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mathibux.com/banners/banner1.gif

Requested by

Host: paidtoclickreview.com
URL: https://paidtoclickreview.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:455:0:d7d:b946:1 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

cb853ecfd1e475915177d40217ce15b46ded786718b0fa8955fe7a7be1702c79

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paidtoclickreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 21:01:05 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sun, 06 Mar 2022 16:13:51 GMT
server: LiteSpeed
etag: "1bfdf7-6224ddbf-f2cd477fc9cf2b02;;;"
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1834487
expires: Thu, 28 Sep 2023 21:01:05 GMT

GET
H/1.1 200
OK banner1.png
www.adsbet.com.br/assets/banners/ 20 KB
20 KB 1078ms
212ms Image
image/png 67.23.238.71
DIMENOC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.adsbet.com.br/assets/banners/banner1.png
Requested by: Host: paidtoclickreview.com
URL: https://paidtoclickreview.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.23.238.71 Orlando, United States, ASN33182 (DIMENOC, US),
Reverse DNS: us133-pl.valueserver.net
Software: nginx / PleskLin
Resource Hash: d24a74841bfcb68de8ee485d58be5f51689c27b0fce0207aa58762a3f41675e7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paidtoclickreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Thu, 21 Sep 2023 21:01:05 GMT
Last-Modified: Sun, 17 Sep 2023 02:33:36 GMT
Server: nginx
ETag: "65066580-4e21"
X-Cache-Status: BYPASS
X-Powered-By: PleskLin
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20001

GET
H2 200 r3.png
paidtoclickreview.com/images/ 1 KB
1 KB 323ms
320ms Image
image/png 104.219.248.46
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paidtoclickreview.com/images/r3.png
Requested by: Host: paidtoclickreview.com
URL: https://paidtoclickreview.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.219.248.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server139-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: eaf737487d45432978421c3875051ee5379ee8c47c6431113b2d106d74db3a6a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paidtoclickreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 21:01:05 GMT
last-modified: Tue, 23 Feb 2021 04:14:14 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1234
expires: Thu, 28 Sep 2023 21:01:05 GMT

GET
H2 200 net.js Show response
static.surfe.pro/js/ 5 KB
3 KB 129ms
43ms Script
application/javascript 2606:4700:3031::6815:2dfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.surfe.pro/js/net.js

Requested by

Host: paidtoclickreview.com
URL: https://paidtoclickreview.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:2dfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54ff068f75ab9c67ef582a75bc9117ebee2bc972450f961051b24858d2a975e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paidtoclickreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 21:01:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3079
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 26 Jun 2023 08:54:51 GMT
server: cloudflare
etag: W/"6499525b-1223"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kPwSqESOMk4v8HOnOXiqG9ubqmDCTmXPXQp1RqRDFSdIQPU8dxybIHMlCApXVBSaVCT83QvDfrf20OcfA1YEAuhiRQKdA1UbXT1aF282e0STqXd85RqVnJEljcl8UAZAdlZF2EB8ueI8YOcD6O1p"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=(),geolocation=(self), camera=()
cf-ray: 80a53dca2e794958-MIA

GET
H2 200 jquery.flexisel.js Show response
paidtoclickreview.com/js/ 8 KB
2 KB 106ms
105ms Script
application/javascript 104.219.248.46
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://paidtoclickreview.com/js/jquery.flexisel.js
Requested by: Host: paidtoclickreview.com
URL: https://paidtoclickreview.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.219.248.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server139-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: fceb3d2bafb7c6c0f944caf780f1406539c661ca0a7e438c586682aa55043b6d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paidtoclickreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 21:01:05 GMT
content-encoding: br
last-modified: Thu, 21 May 2015 18:46:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1901
expires: Thu, 28 Sep 2023 21:01:05 GMT

GET
H/1.1 200
OK /
s01.flagcounter.com/count2/nLgK/bg_FFFFFF/txt_000000/border_CCCCCC/columns_8/maxflags_250/viewers_0/labels_1/pageviews_1/flags_0/percent_0/ 49 KB
49 KB 299ms
136ms Image
image/png 66.154.110.210
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s01.flagcounter.com/count2/nLgK/bg_FFFFFF/txt_000000/border_CCCCCC/columns_8/maxflags_250/viewers_0/labels_1/pageviews_1/flags_0/percent_0/
Requested by: Host: paidtoclickreview.com
URL: https://paidtoclickreview.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.154.110.210 Atlanta, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips /
Resource Hash: 83459f5044dfcd3a240bf84b95795c22a0fff4924e220a5ecc7093be458f9688

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paidtoclickreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Sep 2023 21:01:08 GMT
Cache-control: no-cache
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
Connection: close
Transfer-Encoding: chunked
Content-Type: image/png

GET css
fonts.googleapis.com/ 0
0

GET
H2 200 yZR_aX7me1g Show response
www.youtube.com/embed/ Frame A282 88 KB
38 KB 385ms
202ms Document
text/html 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/yZR_aX7me1g?si=SWNDbe1Ms1fy2Ds1

Requested by

Host: paidtoclickreview.com
URL: https://paidtoclickreview.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

38cfc76abbc7052a49f690cb667b17a041ace4516fd16fc9072a44fa2600cacf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paidtoclickreview.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 21:01:05 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 search-icon.png
paidtoclickreview.com/images/ 779 B
979 B 328ms
324ms Image
image/png 104.219.248.46
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paidtoclickreview.com/images/search-icon.png
Requested by: Host: paidtoclickreview.com
URL: https://paidtoclickreview.com/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.219.248.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server139-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 15dddddc59d3dd7beaf56d582f485b7a9e31fae916a8c3e228c2419afc4ebce5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://paidtoclickreview.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 21:01:05 GMT
last-modified: Wed, 13 May 2015 14:37:28 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 779
expires: Thu, 28 Sep 2023 21:01:05 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/019a2dc2/ Frame A282 378 KB
48 KB 73ms
72ms Stylesheet
text/css 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/019a2dc2/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/yZR_aX7me1g?si=SWNDbe1Ms1fy2Ds1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

184f263c8a0cf32ae43d5a71874448ee748057dae78d16b189355f20856d1571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/yZR_aX7me1g?si=SWNDbe1Ms1fy2Ds1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 22:00:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 169231
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48765
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 19:11:44 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 18 Sep 2024 22:00:34 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/019a2dc2/player_ias.vflset/en_US/ Frame A282 54 KB
17 KB 115ms
114ms Script
text/javascript 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/019a2dc2/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/yZR_aX7me1g?si=SWNDbe1Ms1fy2Ds1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3d9fa7c642881a90b8c09b5fab79833bc77b873fabb77da50564d4468ea4acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/yZR_aX7me1g?si=SWNDbe1Ms1fy2Ds1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 22:00:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 169230
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17154
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 19:11:44 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 18 Sep 2024 22:00:35 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/019a2dc2/www-embed-player.vflset/ Frame A282 314 KB
94 KB 146ms
145ms Script
text/javascript 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/019a2dc2/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/yZR_aX7me1g?si=SWNDbe1Ms1fy2Ds1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba96780d2ab1b1efe09f18d20459cbc7d0aeda172548a23ea7dc1274aad29c98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/yZR_aX7me1g?si=SWNDbe1Ms1fy2Ds1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 22:00:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 169231
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96160
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 19:11:44 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 18 Sep 2024 22:00:34 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/019a2dc2/player_ias.vflset/en_US/ Frame A282 2 MB
782 KB 182ms
181ms Script
text/javascript 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/019a2dc2/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/yZR_aX7me1g?si=SWNDbe1Ms1fy2Ds1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f2325a12b869433d24b6988af29280bdcc814eb7425d12d5ef8e91b7284049d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/yZR_aX7me1g?si=SWNDbe1Ms1fy2Ds1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 22:00:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169230
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 800611
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 19:11:44 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 18 Sep 2024 22:00:35 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A282 15 KB
15 KB 258ms
94ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/yZR_aX7me1g?si=SWNDbe1Ms1fy2Ds1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 13:00:12 GMT
x-content-type-options: nosniff
age: 460854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Sep 2024 13:00:12 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A282 15 KB
16 KB 236ms
73ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/yZR_aX7me1g?si=SWNDbe1Ms1fy2Ds1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 16:17:15 GMT
x-content-type-options: nosniff
age: 449031
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Sep 2024 16:17:15 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame A282
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

106ms
95ms

XHR
application/json

2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/yZR_aX7me1g?si=SWNDbe1Ms1fy2Ds1

Protocol

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

561ea8a5287c2a17b4a9890335f95c16defead9ffaae031c66262646ab15e520

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 21:01:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 21 Sep 2023 21:01:07 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame A282 29 B
495 B 237ms
64ms Script
text/javascript 2607:f8b0:4006:821::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/019a2dc2/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 20:51:58 GMT
x-content-type-options: nosniff
age: 549
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Sep 2023 21:06:58 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 265ms
90ms Preflight
text/html 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 21 Sep 2023 21:01:07 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame A282 68 KB
31 KB 104ms
99ms XHR
application/json+protobuf 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/019a2dc2/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

866be852df3ad55722e5b8a8d208d459e23696e3019aea57b1f90ebe9ef4b409

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 21 Sep 2023 21:01:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31933
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/019a2dc2/player_ias.vflset/en_US/ Frame A282 116 KB
33 KB 77ms
76ms Script
text/javascript 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/019a2dc2/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/019a2dc2/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456e4272b4f32d87ed74aa73c4b017ea5e542f10bab6659cf03f85417f563ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/yZR_aX7me1g?si=SWNDbe1Ms1fy2Ds1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 21:39:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84115
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33510
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 19:11:44 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 19 Sep 2024 21:39:12 GMT

GET
H2 200 sIWmSEdPII8nSuZW7eGxL1Y8VxB4LRbPNz5y2TWnYOc.js Show response
www.google.com/js/th/ Frame A282 37 KB
15 KB 295ms
72ms Script
text/javascript 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/sIWmSEdPII8nSuZW7eGxL1Y8VxB4LRbPNz5y2TWnYOc.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/019a2dc2/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b085a648474f208f274ae656ede1b12f563c5710782d16cf373e72d935a760e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 22:35:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 339916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14676
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 16 Sep 2024 22:35:51 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/yZR_aX7me1g/ Frame A282 27 KB
28 KB 326ms
138ms Image
image/webp 2607:f8b0:4020:807::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/yZR_aX7me1g/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/yZR_aX7me1g?si=SWNDbe1Ms1fy2Ds1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2016 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0207f7f126ed44bf36af3d9bce4c4615191c9eedee8bd7873f9d27e7a19995b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 21:01:07 GMT
x-content-type-options: nosniff
server: sffe
etag: "1694349845"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28082
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 21 Sep 2023 23:01:07 GMT

GET
DATA 200
OK truncated
/ Frame A282 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KrATSQ1dfs4kTd5UN6Vk_wLNCrJ0aCP0mdK8UQ1kIU-cySJkcZ8z9INNmM504PHTE2MzD2E7dQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame A282 2 KB
2 KB 227ms
88ms Image
image/jpeg 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/KrATSQ1dfs4kTd5UN6Vk_wLNCrJ0aCP0mdK8UQ1kIU-cySJkcZ8z9INNmM504PHTE2MzD2E7dQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/yZR_aX7me1g?si=SWNDbe1Ms1fy2Ds1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

61be431bce247156b8bb908ebd7137ad8dcf6c71245f8a78a127f900c5fde483

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 21:01:07 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2164
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 22 Sep 2023 21:01:07 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame A282 4 KB
2 KB 297ms
110ms Script
text/javascript 2607:f8b0:4020:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/019a2dc2/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 21:01:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Sep 2023 21:01:07 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame A282 0
10 B 78ms
77ms Image
text/plain 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?HapHLw
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/yZR_aX7me1g?si=SWNDbe1Ms1fy2Ds1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/yZR_aX7me1g?si=SWNDbe1Ms1fy2Ds1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 21:01:07 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame A282 90 B
134 B 102ms
102ms XHR
application/json+protobuf 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/019a2dc2/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

65ce707f5a8b9f9b6cc752b10d349cf326d2485cdef43d670d900d0b8dbd072a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 21 Sep 2023 21:01:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 95ms
92ms Preflight
text/html 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 21 Sep 2023 21:01:07 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/117/ Frame A282 51 KB
15 KB 75ms
74ms Script
text/javascript 2607:f8b0:4020:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/117/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cdf2602ac04f7e2bed582d4299c73d464fc4ab069e3ad5a20ee2b6635a015b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 20:59:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15373
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 15:05:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 22 Sep 2023 20:59:14 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame A282 28 B
50 B 110ms
103ms XHR
application/json 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/019a2dc2/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
X-Goog-Request-Time: 1695330069912
Content-Type: application/json
X-YouTube-Utc-Offset: -600
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/yZR_aX7me1g?si=SWNDbe1Ms1fy2Ds1
X-YouTube-Client-Version: 1.20230917.00.01
X-YouTube-Time-Zone: Pacific/Honolulu
X-Goog-Visitor-Id: CgtleVRRckdKOW1QbyiR3rKoBjIICgJVUxICGgA%3D
X-YouTube-Ad-Signals: dt=1695330066118&flash=0&frm=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C795%2C447&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 21 Sep 2023 21:01:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: herobux.cam
URL: https://herobux.cam/banner.jpg

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Source+Sans+Pro:200,300,400,600,700,900

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Libre+Baskerville:400,700

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
paidtoclickreview.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: i0c4eogpl6mqhfqjulki7hkv07
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 0vb1hBjTSUA
.youtube.com/	1970-01-20 19:14:42	Name: VISITOR_INFO1_LIVE Value: eyTQrGJ9mPo

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://paidtoclickreview.com/ Message: Mixed Content: The page at 'https://paidtoclickreview.com/' was loaded over HTTPS, but requested an insecure element 'http://eyebux.com/banner2.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://paidtoclickreview.com/(Line 10) Message: Mixed Content: The page at 'https://paidtoclickreview.com/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Source+Sans+Pro:200,300,400,600,700,900'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://paidtoclickreview.com/(Line 11) Message: Mixed Content: The page at 'https://paidtoclickreview.com/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Libre+Baskerville:400,700'. This request has been blocked; the content must be served over HTTPS.
other	warning	URL: https://paidtoclickreview.com/(Line 123) Message: Unrecognized feature: 'web-share'.
security	warning	URL: https://paidtoclickreview.com/(Line 514) Message: Mixed Content: The page at 'https://paidtoclickreview.com/' was loaded over HTTPS, but requested an insecure element 'http://eyebux.com/banner2.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://clickmedia.fun/468x60banner.gif Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://herobux.cam/banner.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bombmayaclicks.pw
catbux.xyz
clickmedia.fun
evergreenclix.com
everprofitbux.com
everworkclix.com
eyebux.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
greenbuxx.xyz
herobux.cam
i.ytimg.com
ideaclix.pw
jnn-pa.googleapis.com
mathibux.com
omni-cash.com
paidtoclickreview.com
s01.flagcounter.com
snehads.com
static.doubleclick.net
static.surfe.pro
workpaid.net
www.adsbet.com.br
www.earnations.com
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
fonts.googleapis.com
herobux.cam
104.161.23.62
104.219.248.46
144.217.66.46
144.76.199.3
176.9.11.135
2606:4700:3031::6815:2dfb
2607:f8b0:4006:80b::2001
2607:f8b0:4006:821::2006
2607:f8b0:4020:804::200e
2607:f8b0:4020:805::200a
2607:f8b0:4020:806::2002
2607:f8b0:4020:806::2003
2607:f8b0:4020:807::2003
2607:f8b0:4020:807::2004
2607:f8b0:4020:807::2016
2a02:4780:1:455:0:d7d:b946:1
2a02:4780:3:700:0:21eb:70f8:5
45.14.225.191
66.154.110.210
66.29.141.21
67.23.238.71
78.46.143.195
92.205.9.53
0207f7f126ed44bf36af3d9bce4c4615191c9eedee8bd7873f9d27e7a19995b0
09ad856fa7a1fbe2b6e7781baddbafe610b0ca1f610832924c04aed272f35604
15dddddc59d3dd7beaf56d582f485b7a9e31fae916a8c3e228c2419afc4ebce5
184f263c8a0cf32ae43d5a71874448ee748057dae78d16b189355f20856d1571
1f306db5a9c29477acdd6b78d57734f0aa7936a1fa9b9ba8bd36204ba12aaf40
27c20d661dbdf5fd7cea830bfe15e8e34604c3d684da7f349b96474e9388d858
2a438c2573047c153ecbf7b969d4d6df7d6c7148e277f2ef03ea644930646270
2be385ffb286cc337f675d865f528848e71ed4ef2881a6f25ceeeae7447b8f59
3456e4272b4f32d87ed74aa73c4b017ea5e542f10bab6659cf03f85417f563ce
38cfc76abbc7052a49f690cb667b17a041ace4516fd16fc9072a44fa2600cacf
39559c9ad543aff6e14ab1c6dc91662ccb5747ec02a4bfc4cf626b27a9586c10
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4f2325a12b869433d24b6988af29280bdcc814eb7425d12d5ef8e91b7284049d
54ff068f75ab9c67ef582a75bc9117ebee2bc972450f961051b24858d2a975e6
561ea8a5287c2a17b4a9890335f95c16defead9ffaae031c66262646ab15e520
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5d3f09f018854ef2c6336e88910df2f73967a8f90a28cc14a5eaf306df13d614
61be431bce247156b8bb908ebd7137ad8dcf6c71245f8a78a127f900c5fde483
65ce707f5a8b9f9b6cc752b10d349cf326d2485cdef43d670d900d0b8dbd072a
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
7b14d0e520eba52a956e04f14259aa4049643600babae6f57311484a725f9436
83459f5044dfcd3a240bf84b95795c22a0fff4924e220a5ecc7093be458f9688
866be852df3ad55722e5b8a8d208d459e23696e3019aea57b1f90ebe9ef4b409
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8ba1f1fb1f92758f716883ede8dc8586259d960642c568440244224965f84ce7
94155b46ea30ee28cfeae5bca27160b49eecf7366657077d79888dfe6cd2ea68
9cdf2602ac04f7e2bed582d4299c73d464fc4ab069e3ad5a20ee2b6635a015b8
b085a648474f208f274ae656ede1b12f563c5710782d16cf373e72d935a760e7
b7412b1951469e6610a74d96616820a4d256a2b835481da07585827817d53773
ba96780d2ab1b1efe09f18d20459cbc7d0aeda172548a23ea7dc1274aad29c98
bc2dbba1efa88dc21fb1dfb5a996ffe800fb290cebfe1d210d5c90d448f960cf
bea03bd1aa35857061fca60eb059a948697857fd773cdec3e022a09ebf0532b8
c3d9fa7c642881a90b8c09b5fab79833bc77b873fabb77da50564d4468ea4acf
cb853ecfd1e475915177d40217ce15b46ded786718b0fa8955fe7a7be1702c79
cbedce5982b72d7c809127c34ec863521a7868c423ffa9db669b34876cbc5f54
cc37fd27694307ad3e464553c4e4aa87b50f815871e2a0ae03b014b339af23ec
d24a74841bfcb68de8ee485d58be5f51689c27b0fce0207aa58762a3f41675e7
d59a6c4b19c181d1123ba8d5814edef4cc707f3ae178065b539ec0d5185778fa
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59e1a7988c467089245c4545af3251422beea32dd23e0954a47330d85ed0433
e78a3f6cfc6eab54f7c0a18e71bac5f7b8d765ca492977439d2cd38df6a83ea0
eaf737487d45432978421c3875051ee5379ee8c47c6431113b2d106d74db3a6a
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f985d414e88588a723f8cec67c16f484b482e4629601baf3fe11772fd39a9532
fb5e8d4c8cd2c46ab6341a205223845dd764bf5e71d38ce1b0e8cab1dd3be9d5
fceb3d2bafb7c6c0f944caf780f1406539c661ca0a7e438c586682aa55043b6d

paidtoclickreview.com Open in urlscan Pro 104.219.248.46 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

53 Requests

92 %HTTPS

52 %IPv6

26 Domains

29 Subdomains

24 IPs

6 Countries

5910 kBTransfer

8660 kBSize

3 Cookies

1 Outgoing links

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

paidtoclickreview.com Open in urlscan Pro
104.219.248.46 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

92 %
HTTPS

52 %
IPv6

26
Domains

29
Subdomains

24
IPs

6
Countries

5910 kB
Transfer

8660 kB
Size

3
Cookies

53 HTTP transactions
1 data transactions