wavesclaim.com Open in urlscan Pro
2606:4700:3030::6815:3262 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://wavesclaim.com/
Submission: On August 28 via automatic, source certstream-suspicious (August 28th 2021, 9:04:52 pm UTC)

Summary HTTP 127 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 53 IPs in 8 countries across 48 domains to perform 127 HTTP transactions. The main IP is 2606:4700:3030::6815:3262, located in United States and belongs to CLOUDFLARENET, US. The main domain is wavesclaim.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 12th 2021. Valid for: a year.

This is the only time wavesclaim.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	2606:4700:303... 2606:4700:3030::6815:3262	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:21f... 2600:9000:21f3:5600:16:9649:e700:93a1	16509 (AMAZON-02) (AMAZON-02)
4	185.66.200.220 185.66.200.220	201702 (SKHOSTING-EU) (SKHOSTING-EU)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	104.16.169.131 104.16.169.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	104.22.3.144 104.22.3.144	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	13.224.96.61 13.224.96.61	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3030::6815:32f6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
6	2606:4700:20:... 2606:4700:20::ac43:4b23	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1d78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:bb8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3030::ac43:8691	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	185.66.200.127 185.66.200.127	201702 (SKHOSTING-EU) (SKHOSTING-EU)
1	13.224.96.11 13.224.96.11	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::ac43:4a0f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	13.224.96.22 13.224.96.22	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3037::ac43:8e31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.186.238.175 35.186.238.175	15169 (GOOGLE) (GOOGLE)
2	185.66.201.59 185.66.201.59	201702 (SKHOSTING-EU) (SKHOSTING-EU)
1	35.190.71.96 35.190.71.96	15169 (GOOGLE) (GOOGLE)
1	208.100.17.185 208.100.17.185	32748 (STEADFAST) (STEADFAST)
2 6	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
6 6	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	37.252.172.36 37.252.172.36	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1 1	70.42.32.63 70.42.32.63	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	34.243.225.216 34.243.225.216	16509 (AMAZON-02) (AMAZON-02)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2 2	18.159.118.206 18.159.118.206	16509 (AMAZON-02) (AMAZON-02)
1	38.27.122.158 38.27.122.158	174 (COGENT-174) (COGENT-174)
2 2	72.251.249.14 72.251.249.14	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2 2	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
1	67.202.110.22 67.202.110.22	32748 (STEADFAST) (STEADFAST)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1 2	209.54.178.82 209.54.178.82	16509 (AMAZON-02) (AMAZON-02)
1	37.157.2.235 37.157.2.235	198622 (ADFORM) (ADFORM)
2 3	104.111.242.53 104.111.242.53	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.57.222.152 52.57.222.152	16509 (AMAZON-02) (AMAZON-02)
1	104.16.168.131 104.16.168.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
4	2606:4700:303... 2606:4700:3032::6815:15f1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1 1	185.33.221.15 185.33.221.15	29990 (ASN-APPNEX) (ASN-APPNEX)
127	53

21 2606:4700:3030::6815:3262 (United States)

ASN13335 (CLOUDFLARENET, US)

wavesclaim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
revive.wavesclaim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:5600:16:9649:e700:93a1 (United States)

ASN16509 (AMAZON-02, US)

sdk.audienceplay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.66.200.220 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.220.skhosting.eu

uprimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.16.169.131 (United States)

ASN13335 (CLOUDFLARENET, US)

www.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 104.22.3.144 (United States)

ASN13335 (CLOUDFLARENET, US)

resources.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
router.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-61.zrh50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:32f6 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.foxpush.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::ac43:4b23 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.bmcdn1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1d78 (United States)

ASN13335 (CLOUDFLARENET, US)

api.coingecko.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:bb8 (United States)

ASN13335 (CLOUDFLARENET, US)

json.foxpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::ac43:8691 (United States)

ASN13335 (CLOUDFLARENET, US)

acdcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.66.200.127 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.127.skhosting.eu

ylx-i.advertica-cdn2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-11.zrh50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4a0f (United States)

ASN13335 (CLOUDFLARENET, US)

www.foxpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-22.zrh50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:8e31 (United States)

ASN13335 (CLOUDFLARENET, US)

ufpcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.238.175 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 175.238.186.35.bc.googleusercontent.com

mena-gmtdmp.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.66.201.59 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.201.59.skhosting.eu

xe9o.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.71.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.71.190.35.bc.googleusercontent.com

onclickgenius.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.185 (United States)

ASN32748 (STEADFAST, US)
PTR: ip185.208-100-17.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.190.79 (United Kingdom) 6 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.162 (Mountain View, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.80 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.81 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.172.36 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.56.137 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.63 (United States) 1 redirects

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Madrid, Spain)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.243.225.216 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-225-216.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.159.118.206 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-118-206.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.27.122.158 (Chestertown, United States)

ASN174 (COGENT-174, US)

match.bnmla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.14 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.129 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.110.22 (Crown Point, United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-110.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e04cba7c5a662fd6eadb31eaf81234f8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.54.178.82 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.235 (Denmark)

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.242.53 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.222.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-222-152.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.168.131 (United States)

ASN13335 (CLOUDFLARENET, US)

hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3032::6815:15f1 (United States)

ASN13335 (CLOUDFLARENET, US)

pixel.digitalkites.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.15 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	wavesclaim.com wavesclaim.com revive.wavesclaim.com	283 KB
16	googlesyndication.com pagead2.googlesyndication.com e04cba7c5a662fd6eadb31eaf81234f8.safeframe.googlesyndication.com tpc.googlesyndication.com	211 KB
15	infolinks.com resources.infolinks.com router.infolinks.com	280 KB
10	pubmatic.com 10 redirects image8.pubmatic.com image2.pubmatic.com image4.pubmatic.com	3 KB
9	doubleclick.net 4 redirects googleads.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net	148 KB
8	hcaptcha.com www.hcaptcha.com newassets.hcaptcha.com hcaptcha.com	452 KB
6	casalemedia.com 2 redirects ssum-sec.casalemedia.com dsum-sec.casalemedia.com	7 KB
6	bmcdn1.com cdn.bmcdn1.com	99 KB
5	adnxs.com 5 redirects ib.adnxs.com secure.adnxs.com	5 KB
4	digitalkites.com pixel.digitalkites.com	2 KB
4	google.com adservice.google.com www.google.com	2 KB
4	uprimp.com uprimp.com	6 KB
3	owneriq.net 2 redirects px.owneriq.net	1 KB
3	yahoo.com 3 redirects ups.analytics.yahoo.com	3 KB
3	advertica-cdn2.com ylx-i.advertica-cdn2.com	36 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	63 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	1 KB
2	rfihub.com 2 redirects p.rfihub.com	2 KB
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	advertising.com 2 redirects pixel.advertising.com	674 B
2	xe9o.xyz xe9o.xyz	8 KB
2	acdcdn.com acdcdn.com	21 KB
2	foxpush.com json.foxpush.com www.foxpush.com	2 KB
2	cloudflare.com cdnjs.cloudflare.com	6 KB
1	bidswitch.net x.bidswitch.net	146 B
1	adform.net c1.adform.net	331 B
1	google.be adservice.google.be	853 B
1	33across.com ssc-cms.33across.com	72 B
1	bnmla.com match.bnmla.com	114 B
1	adkernel.com dsp.adkernel.com	233 B
1	cpx.to s.cpx.to	945 B
1	sonobi.com sync.go.sonobi.com	474 B
1	zemanta.com 1 redirects b1sync.zemanta.com	288 B
1	onetag-sys.com onetag-sys.com	823 B
1	tynt.com de.tynt.com	289 B
1	onclickgenius.com onclickgenius.com	71 B
1	mookie1.com mena-gmtdmp.mookie1.com	324 B
1	ufpcdn.com ufpcdn.com	2 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	google.de adservice.google.de	165 B
1	googleadservices.com partner.googleadservices.com	262 B
1	coingecko.com api.coingecko.com	607 B
1	gstatic.com fonts.gstatic.com	8 KB
1	foxpush.net cdn.foxpush.net	11 KB
1	jquery.com code.jquery.com	33 KB
1	googleapis.com fonts.googleapis.com	527 B
1	audienceplay.com sdk.audienceplay.com	2 KB
0	adsrvr.org Failed match.adsrvr.org Failed
127	48

	Domain	Requested by
16	wavesclaim.com	wavesclaim.com
12	router.infolinks.com	resources.infolinks.com router.infolinks.com ssum-sec.casalemedia.com
11	pagead2.googlesyndication.com	wavesclaim.com pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
6	image8.pubmatic.com	6 redirects
6	cdn.bmcdn1.com	wavesclaim.com
5	newassets.hcaptcha.com	www.hcaptcha.com newassets.hcaptcha.com
5	revive.wavesclaim.com	wavesclaim.com revive.wavesclaim.com
4	pixel.digitalkites.com	sdk.audienceplay.com pixel.digitalkites.com
4	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
4	ib.adnxs.com	4 redirects
4	cm.g.doubleclick.net	4 redirects
4	uprimp.com	wavesclaim.com code.jquery.com uprimp.com
3	px.owneriq.net	2 redirects ssum-sec.casalemedia.com
3	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
3	ups.analytics.yahoo.com	3 redirects
3	ssum-sec.casalemedia.com	1 redirects router.infolinks.com ssum-sec.casalemedia.com
3	securepubads.g.doubleclick.net	www.foxpush.com securepubads.g.doubleclick.net
3	ylx-i.advertica-cdn2.com	wavesclaim.com uprimp.com
3	resources.infolinks.com	wavesclaim.com resources.infolinks.com
2	www.google.com	tpc.googlesyndication.com
2	hcaptcha.com	newassets.hcaptcha.com
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	p.rfihub.com	2 redirects
2	ap.lijit.com	2 redirects
2	pixel.advertising.com	2 redirects
2	image4.pubmatic.com	2 redirects
2	image2.pubmatic.com	2 redirects
2	xe9o.xyz	uprimp.com xe9o.xyz
2	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	acdcdn.com	wavesclaim.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	cdnjs.cloudflare.com	wavesclaim.com
1	secure.adnxs.com	1 redirects
1	x.bidswitch.net	ssum-sec.casalemedia.com
1	c1.adform.net	ssum-sec.casalemedia.com
1	e04cba7c5a662fd6eadb31eaf81234f8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.be	securepubads.g.doubleclick.net
1	ssc-cms.33across.com	router.infolinks.com
1	match.bnmla.com	router.infolinks.com
1	dsp.adkernel.com	router.infolinks.com
1	s.cpx.to	router.infolinks.com
1	sync.go.sonobi.com	router.infolinks.com
1	b1sync.zemanta.com	1 redirects
1	onetag-sys.com	router.infolinks.com
1	de.tynt.com	router.infolinks.com
1	onclickgenius.com	wavesclaim.com
1	mena-gmtdmp.mookie1.com	www.foxpush.com
1	ufpcdn.com	wavesclaim.com
1	vars.hotjar.com	static.hotjar.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.foxpush.com	cdn.foxpush.net
1	script.hotjar.com	static.hotjar.com
1	json.foxpush.com	cdn.foxpush.net
1	api.coingecko.com	wavesclaim.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.foxpush.net	wavesclaim.com
1	static.hotjar.com	wavesclaim.com
1	code.jquery.com	uprimp.com
1	www.hcaptcha.com	wavesclaim.com
1	fonts.googleapis.com	wavesclaim.com
1	sdk.audienceplay.com	wavesclaim.com
0	match.adsrvr.org Failed	router.infolinks.com ssum-sec.casalemedia.com
127	64

This site contains links to these domains. Also see Links.

Domain
yllix.com
waves.exchange
t.me
bit.ly
app.1inch.io
tinyurl.com
www.wavesexplorer.com
btcmaker.io

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-08-12` - `2022-08-11`	a year	crt.sh
sdk.audienceplay.com Amazon	`2021-05-22` - `2022-06-20`	a year	crt.sh
uprimp.com R3	`2021-07-01` - `2021-09-29`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
foxpush.net Cloudflare Inc ECC CA-3	`2021-06-06` - `2022-06-05`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
api.coingecko.com Cloudflare Inc ECC CA-3	`2021-08-03` - `2022-08-02`	a year	crt.sh
foxpush.com Cloudflare Inc ECC CA-3	`2021-06-06` - `2022-06-05`	a year	crt.sh
ylx-i.advertica-cdn2.com R3	`2021-08-09` - `2021-11-07`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
xe9o.xyz R3	`2021-07-02` - `2021-09-30`	3 months	crt.sh
onclickgenius.com Sectigo RSA Domain Validation Secure Server CA	`2021-01-22` - `2022-01-22`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
onetag-sys.com R3	`2021-07-26` - `2021-10-24`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
s.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2021-02-03` - `2022-02-09`	a year	crt.sh
*.adkernel.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-22` - `2022-01-05`	a year	crt.sh
*.bnmla.com Go Daddy Secure Certificate Authority - G2	`2021-01-06` - `2022-02-07`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
*.google.be GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
s.amazon-adsystem.com Amazon	`2021-07-14` - `2022-06-27`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.owneriq.net GeoTrust RSA CA 2018	`2021-01-29` - `2022-02-02`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh

This page contains 21 frames:

Primary Page: https://wavesclaim.com/
Frame ID: 731629E576D23B06C4126AA066D2B1C4
Requests: 61 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210824/r20190131/zrt_lookup.html
Frame ID: 82BD4CC757E129A55B72723AB4DA3C8F
Requests: 1 HTTP requests in this frame

Frame: https://uprimp.com/banner_show.php?section=General&pub=577534&format=160x600&ga=g&slider=149fda8ea603bc03dc90cde95f707048
Frame ID: DAD788CA237FDA9F00806E6ED79224AD
Requests: 1 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/cf3b14a/static/hcaptcha-challenge.html
Frame ID: D5DB21ABA94735313409C1D4D5E3DB52
Requests: 3 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/cf3b14a/static/hcaptcha-checkbox.html
Frame ID: 57B86BDF5A3815F745B8832CDBF1D8DC
Requests: 4 HTTP requests in this frame

Frame: https://www.foxpush.com/source/index.html?fox_domain=wavesclaimcom.foxpush.net&hurl=https%3A%2F%2Fwavesclaim.com%2F
Frame ID: A140C5F27A63FDA348DC507578BD483F
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9232038510402231&output=html&adk=1812271804&adf=3025194257&lmt=1630184672&plat=1%3A16777216%2C2%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwavesclaim.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630184672185&bpp=4&bdt=291&idt=80&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=144680711805&frm=20&pv=2&ga_vid=847171135.1630184672&ga_sid=1630184672&ga_hid=1907810728&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062297&oid=3&pvsid=2462723019140492&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210824&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=97
Frame ID: 0532B7E93EA7F87143737BFC527B6E47
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 194ED503899F12C43522AA40878D38E3
Requests: 1 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3303235&wsid=0&pdom=wavesclaim.com&purl=https://wavesclaim.com/
Frame ID: 238FFFE19C31C461077ABEC337A0465D
Requests: 16 HTTP requests in this frame

Frame: https://ufpcdn.com/script/identify.html?frmt=0
Frame ID: B0A782123638636C949882540C40C89D
Requests: 1 HTTP requests in this frame

Frame: https://uprimp.com/show.php?u57021630184672=true&ad=673873&f=160x600&a=781385&cri=0&s=ZDRiYmRhNzE0ZjI0NDc1ZDNiNDYzYjJjNDRkN2Q0ZDg=&u=577534&si=979397874&di=40367674&ci=16&h=ab1f72604f226271fc5026382830b006&cc=BE&slider=149fda8ea603bc03dc90cde95f707048&https=1&useAf=loaded_string_351962dd4ad90f02a165ba447c44ac8d6336d_2430953_1630184672.3043_30591&ar=aHR0cHM6Ly93YXZlc2NsYWltLmNvbS8=
Frame ID: BFB70D8DE81588FA39820D25745E0C51
Requests: 5 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Frame ID: A265DBBFBFD7A29908E4820CDD5E7D56
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Frame ID: 83DBFE6CD7058279F9103EAD4031A315
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Frame ID: 740D81521A1089630D65EE63E9A598B4
Requests: 1 HTTP requests in this frame

Frame: https://e04cba7c5a662fd6eadb31eaf81234f8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: CE34689AAC2B13A4903DEA3B0AFDC948
Requests: 1 HTTP requests in this frame

Frame: https://xe9o.xyz/87d1c6c507/4f9c843bb0/?placementName=ROTATOR&type=n&cv=XZxCkGkikGjGpCGjrijACACjZNrxZNrkNridCrCZZZCCrixCkZCrCrGCxCrpiAppxrZCCr_30148&adApiR=loaded_string_351962dd4ad90f02a165ba447c44ac8d6336d_2430953_1630184672.3043_30591&refferer=1137384903_aHR0cHM6Ly93YXZlc2NsYWltLmNvbS8=&width=160&height=600&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=9619456406&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
Frame ID: 2EC67ADF0341AB83204D79FA99664272
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: FC0A934DC9882229AD590CE4838D3D7C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 235C963C010EA1BDC8A731B83C218468
Requests: 1 HTTP requests in this frame

Frame: https://pixel.digitalkites.com/prod/sync?plid=16301846750679424
Frame ID: 84C440D666C21A0D08BBD5F99F587BBC
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 9D8A3593EF84353E0F38027157FA1AAE
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2EB554E7CDB3DE8AD0CEC4FA8B21D35C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

WavesClaim - WAVES and WAVES token cryptocurrency faucet

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

127
Requests

98 %
HTTPS

44 %
IPv6

48
Domains

64
Subdomains

53
IPs

8
Countries

1711 kB
Transfer

4905 kB
Size

29
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://yllix.com/advertisers/577534
Title: Advertise Here!

Search URL Search Domain Scan URL

URL: https://waves.exchange/?ref=3P8udu4KVEAw2Dd1Snif8VVcLSKoji15JTU
Title: Get a Wallet

Search URL Search Domain Scan URL

URL: https://t.me/wavesclaim
Title: Telegram Group

Search URL Search Domain Scan URL

URL: https://bit.ly/2UmNqk4
Title: https://bit.ly/2UmNqk4

Search URL Search Domain Scan URL

URL: https://app.1inch.io/#/1/swap/ETH/CROWN
Title: https://app.1inch.io/#/1/swap/ETH/CROWN

Search URL Search Domain Scan URL

URL: https://tinyurl.com/yourdestinyandchance
Title: https://tinyurl.com/yourdestinyandchance

Search URL Search Domain Scan URL

URL: https://bit.ly/2RYkPAO
Title: https://bit.ly/2RYkPAO

Search URL Search Domain Scan URL

URL: https://www.wavesexplorer.com/address/3PKeqjxAhRCQvUD9d11ZGmemF6mer9e92XT
Title: Payment Proofs

Search URL Search Domain Scan URL

URL: https://t.me/Dogecoin_click_bot?start=A9f7
Title: Earn Free DogeCoin

Search URL Search Domain Scan URL

URL: https://t.me/BitcoinClick_bot?start=x3R1
Title: Earn Free Bitcoin

Search URL Search Domain Scan URL

URL: https://btcmaker.io/?ref=WavesClaim
Title: Earn More Free Bitcoin

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76

https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

Request Chain 78

https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzVCMDBDQkUtRjY1Mi00OEQxLUE5N0ItQThDMTlFNkZFN0Q0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3D17F0DCD6-63EC-4EF9-9430-241ACED1AE03 HTTP 302
https://router.infolinks.com/dyn/usersync?pmuservalue=17F0DCD6-63EC-4EF9-9430-241ACED1AE03

Request Chain 79

https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID HTTP 302
https://router.infolinks.com/dyn/apn-usync?user_id=5835301072056174651

Request Chain 80

https://ups.analytics.yahoo.com/ups/58422/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58422/occ?verify=true HTTP 302
https://router.infolinks.com/dyn/VR-usync?uid=y-V3UHhoNE2uHAevkMlSxHNv0lxDOFyj7z7uhr5f8-~A

Request Chain 81

https://sync.1rx.io/usersync2/infolinks HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8000503593

Request Chain 82

https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ HTTP 302
https://router.infolinks.com/dyn/zmn-usync?uid=

Request Chain 84

https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fwavesclaim.com%252F&pid=12306&adnxs_uid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fwavesclaim.com%25252F%26pid%3D12306%26adnxs_uid%3D%24UID HTTP 302
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwavesclaim.com%2F&pid=12306&adnxs_uid=8468045726851458069

Request Chain 86

https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP8af2c6e3-0843-11ec-afd8-06981d4a6a00 HTTP 302
https://router.infolinks.com/dyn/outh-usync?uid=y-HeidMRVE2uG3ZcMsn4isTOMIxHfUwsCs~A~UP8af2c6e3-0843-11ec-afd8-06981d4a6a00

Request Chain 88

https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true HTTP 307
https://router.infolinks.com/dyn/sovrn-usync?uid=4689b8548ede7e1600f32c8a

Request Chain 89

https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTdGMERDRDYtNjNFQy00RUY5LTk0MzAtMjQxQUNFRDFBRTAz&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3D17F0DCD6-63EC-4EF9-9430-241ACED1AE03 HTTP 302
https://router.infolinks.com/dyn/usersync?pmuservalue=17F0DCD6-63EC-4EF9-9430-241ACED1AE03

Request Chain 91

https://p.rfihub.com/cm?pub=43153&in=1 HTTP 302
https://router.infolinks.com/dyn/zeta-usync?uid=2159827873535228720

Request Chain 98

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YSqk4BzejXq5D7Nkqcps4QAABFEAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEI8KQ4GRTb-BNROdeYtr87Y&google_cver=1

Request Chain 100

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YSqk4BzejXq5D7Nkqcps4QAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECH3ICzmhFgH11J-aH_5zlc&google_cver=1&gdpr=1

Request Chain 101

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSqk4BzejXq5D7Nkqcps4QAABFEAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSqk4BzejXq5D7Nkqcps4QAABFEAAAAB&dcc=t

Request Chain 102

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2159827873535228720

Request Chain 104

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6834710731736051871&uid=Q6834710731736051871&ref=%2Feucm%2Fp%2Fcc HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 125

https://secure.adnxs.com/getuid?https://pixel.digitalkites.com/prod/dksync?cookie=$UID&type=adnxs&plid=16301846750679424 HTTP 302
https://pixel.digitalkites.com/prod/dksync?cookie=5835301072056174651&type=adnxs&plid=16301846750679424

127 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
wavesclaim.com/ 67 KB
16 KB 1072ms
1046ms Document
text/html 2606:4700:3030::6815:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f1d224b669f836baa68b8fa26e6476f190ba3632630bc20ab7ba2c4d67168f7

Request headers

:method: GET
:authority: wavesclaim.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:31 GMT
content-type: text/html; charset=UTF-8
x-mod-pagespeed: 1.13.35.2-0
vary: Accept-Encoding
cache-control: max-age=0, no-cache, s-maxage=10
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7mgipGuETbvQIKEHGXeTGV75Ux%2BViSYKsDhZvF6yBzXB9LUnfRM2ZRdKkV8H49bfLAv2I6fwqr2M315QEujQTZX736iW9DPnNxyOpue7Hq%2B5eAQDl1%2FUrDOdO5iaaMfBRnT2HxeHBCoqIKOuQg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 68607e10ca9196b6-FRA
content-encoding: br

GET
H2 200 nucleo-icons.woff2
wavesclaim.com/assets/vendor/nucleo/fonts/ 8 KB
9 KB 20ms
20ms Font
application/octet-stream 2606:4700:3030::6815:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wavesclaim.com/assets/vendor/nucleo/fonts/nucleo-icons.woff2
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3180896cdbb6e4503702f23f81a4663a12bbe7b9c77b8f20a074211d997bc35f

Request headers

:path: /assets/vendor/nucleo/fonts/nucleo-icons.woff2
pragma: no-cache
origin: https://wavesclaim.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: wavesclaim.com
referer: https://wavesclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://wavesclaim.com
Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:31 GMT
cf-cache-status: HIT
last-modified: Tue, 27 Oct 2020 07:25:34 GMT
server: cloudflare
age: 3552
etag: "2184-5b2a1f3d842f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A82oiuFWftQw7QONt2ff1%2BMJCn9JJVwrWOq9Rv1X0gNHCROrvWvBl%2BxvrTpqhVsa1jgLpHdKxN1POeDmAH6KtfHg2zwsxopv8ch%2FDFM2AWqskesU9SShxv07BeOUrZQG0YuRSHagIfkl3A9LMA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 68607e175d1996b6-FRA
content-length: 8580

GET
H2 200 audienceplay.js Show response
sdk.audienceplay.com/ 3 KB
2 KB 45ms
11ms Script
application/javascript 2600:9000:21f3:5600:16:9649:e700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.audienceplay.com/audienceplay.js
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:5600:16:9649:e700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: de7db1eed1f70c856ca9c1bb853affb54ef99d34b05be5e9a9fb0994f1377b8e

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:03:31 GMT
content-encoding: gzip
last-modified: Fri, 30 Oct 2020 08:13:46 GMT
server: AmazonS3
age: 64
etag: W/"2e49dfb586bf1342414c92867e9bfa00"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
cache-control: max-age=300,s-maxage=300
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 7hp89vGwSh1c_rqY-lpKSf_NG9L8TCYDf7WrNP4dnBHKqiUVBoNS3Q==

GET
H2 200 slider.php Show response
uprimp.com/ 2 KB
2 KB 150ms
53ms Script
application/javascript 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/slider.php?section=General&pub=577534&ga=g&side=right
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: 4af41bb424ffb7ff4017ea15e2aa8c8f0a46bb659b19f80f4715621354de6a8b

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 21:04:32 GMT
last-modified: Sat, 28 Aug 2021 21:04:32 GMT
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex, nofollow, noarchive, nosnippet
expires: Sat, 28 Aug 2021 21:04:32 GMT

GET
H2 200 css
fonts.googleapis.com/ 1003 B
527 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins

Requested by

Host: wavesclaim.com
URL: https://wavesclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

83b2db06e4e840f5c818b986001e24ed7added38a25e036e6e12607025d14f0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 28 Aug 2021 20:12:38 GMT
server: ESF
date: Sat, 28 Aug 2021 21:04:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 28 Aug 2021 21:04:31 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 29ms
26ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: wavesclaim.com
URL: https://wavesclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41c36545904182a753a5d6d64356fb7dea4eb2cc5f6c62dd6cc3b4da8809a6e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49997
x-xss-protection: 0
server: cafe
etag: 15562034904911884318
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 28 Aug 2021 21:04:32 GMT

GET
H2 200 vendor,_nucleo,_css,_nucleo.css+vendor,_,40fortawesome,_fontawesome-free,_css,_all.min.css+css,_argon.css,qv==1.2.0.pagespeed.cc.EicLIUhszr.css
wavesclaim.com/assets/ 414 KB
68 KB 29ms
27ms Stylesheet
text/css 2606:4700:3030::6815:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wavesclaim.com/assets/vendor,_nucleo,_css,_nucleo.css+vendor,_,40fortawesome,_fontawesome-free,_css,_all.min.css+css,_argon.css,qv==1.2.0.pagespeed.cc.EicLIUhszr.css
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8be0f59c1c11272daef0f91278fa802586b7924e0a67a3ac3ca78dd195010050

Request headers

:path: /assets/vendor,_nucleo,_css,_nucleo.css+vendor,_,40fortawesome,_fontawesome-free,_css,_all.min.css+css,_argon.css,qv==1.2.0.pagespeed.cc.EicLIUhszr.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: wavesclaim.com
referer: https://wavesclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:31 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
x-original-content-length: 423621
age: 2124101
last-modified: Wed, 04 Aug 2021 06:56:43 GMT
server: cloudflare
etag: W/"0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xa7z6hFEeJ7PHkSeDmT%2BFHRBftl%2FvfA4hV6DVCntdLCmHRKBIi%2FVReLtDD1UQwkgxXZfb0t1DIebaN3Q%2FtSUymyzlfmsQk0ETNZDUrDhObvGr0wpyEptriStobqjz8cJ9qbtS5jkd0sDNgs95Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 68607e175d1a96b6-FRA
expires: Thu, 04 Aug 2022 06:56:43 GMT

GET
H2 200 asyncjs.php Show response
revive.wavesclaim.com/www/delivery/ 10 KB
4 KB 67ms
42ms Script
text/javascript 2606:4700:3030::6815:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://revive.wavesclaim.com/www/delivery/asyncjs.php
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd62c826eddd50a901fa65873318c2be563137ba6a467160d0e72a433b6f4179

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expire: Sat, 28 Aug 2021 22:04:32 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jcwv%2BCUVviuFJ0ipqZyvMWBxc%2B0DAsrpIMzfZeD%2BYL%2FMTR7uTtcZo3WRnHnIyQALTbEA%2BvuigwO1zE2UhldqK0N82vUcpeeN1O3b%2Bd7rQJXQy7%2FaSgOIZwKBbr3tNDIjYn%2BffZGshOdRIbS4DcFWUZXEDNs%3D"}],"group":"cf-nel","max_age":604800}
p3p: CP="CUR ADM OUR NOR STA NID"
content-type: text/javascript;charset=UTF-8
cache-control: private, max-age=3600
cf-ray: 68607e188d8e96b6-FRA

GET
H2 200 toastr.min.css
cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/css/ 7 KB
3 KB 19ms
18ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/css/toastr.min.css

Requested by

Host: wavesclaim.com
URL: https://wavesclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10d159adb573ca535b8275f1d27dc8d60fffd9678ee3b5f1a0f7b4be4a77342f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://wavesclaim.com
Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1917267
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2672
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ffe-1a55"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5GUIsVr8ZZ8KMZFFZyS0UfwS%2BonJrxGIeYNNXZUMGLYERyhZ4bE6DrY75Oihynzf2mpcgHhqBcLtrTYbOqxQObBE8SSY21RWkj9vh6iLoi%2FXUVW8Lq2q2%2B7SeCJl4xPCn511lr7D3zxacz612a%2BwPH9I"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 68607e176c074eb6-FRA
expires: Thu, 18 Aug 2022 21:04:31 GMT

GET
H2 200 adsbygoogle.js Show response
wavesclaim.com/assets/js/ 21 B
378 B 35ms
34ms Script
application/javascript 2606:4700:3030::6815:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wavesclaim.com/assets/js/adsbygoogle.js

Requested by

Host: wavesclaim.com
URL: https://wavesclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:3262 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abd9155ac0fe0e62fdb9e2c1c333357cd33107972a57eff5224b0f3d0d2df316

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /assets/js/adsbygoogle.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: wavesclaim.com
referer: https://wavesclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-original-content-length: 21
vary: Accept-Encoding
last-modified: Wed, 23 Dec 2020 15:16:35 GMT
server: cloudflare
etag: W/"15-5b7232d483ac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FrdsQamXg28rceV5EPdtv%2FnkPD7a1ETOUjRCe8rPrAwYpowly6GwEArvqze64mx7a5ncz6xwAuNSKQDswcfx%2BDkP7Zxts6XDK%2B5iGIaf9ABR5CW6ZmIhP0F1lVV49lXpdp3XSMfZAOLStIPBvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400, s-maxage=10
cf-ray: 68607e175d1e96b6-FRA
expires: Sat, 28 Aug 2021 13:36:28 GMT

GET
H2 200 progressbar.min.js Show response
wavesclaim.com/assets/js/ 21 KB
7 KB 34ms
33ms Script
application/javascript 2606:4700:3030::6815:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wavesclaim.com/assets/js/progressbar.min.js

Requested by

Host: wavesclaim.com
URL: https://wavesclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:3262 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56ea4cd865555cad9cdd29aae4bc578d41c166f7964ecdf986ed5a97ab2cea49

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /assets/js/progressbar.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: wavesclaim.com
referer: https://wavesclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-original-content-length: 21693
vary: Accept-Encoding
last-modified: Mon, 18 Jan 2021 08:52:00 GMT
server: cloudflare
etag: W/"54bd-5b928d5d2fe89"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pSu5TPtlVU6kyLEl1dasgAjBz1Gt%2BHNg0xMrBNWLwXcmAOSLpHAoqzA0ZbKgoG%2BxG4xktzKgcA5VYi93VDV2OfhHe4Yh34m4%2BoviXcM0WCbOkU3nYhv8Vhfq3ScWX%2FFc1dM91QdhNr6Lr76Bog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400, s-maxage=10
cf-ray: 68607e175d1f96b6-FRA
expires: Sat, 28 Aug 2021 11:45:06 GMT

GET
H2 200 xblue4.png.pagespeed.ic.kZu8whVEAn.webp
wavesclaim.com/assets/img/brand/ 12 KB
13 KB 22ms
19ms Image
image/webp 2606:4700:3030::6815:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wavesclaim.com/assets/img/brand/xblue4.png.pagespeed.ic.kZu8whVEAn.webp
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1563242650b171ec2891fd663277b9e83aad237cfbbe9576680771451849df64

Request headers

:path: /assets/img/brand/xblue4.png.pagespeed.ic.kZu8whVEAn.webp
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: wavesclaim.com
referer: https://wavesclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:32 GMT
vary: Accept-Encoding
cf-cache-status: HIT
x-original-content-length: 21870
age: 5204041
content-length: 12380
last-modified: Tue, 29 Jun 2021 08:08:56 GMT
server: cloudflare
etag: W/"0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PYS%2BFhlgc4VYZQCQuRSdUJHNZ%2B6Ih%2B4b1RilULFxiEMIxuS%2FXzC1coX4LT9qNMo3fZvcoUlmlqO%2FEHGsgVpn%2FFavOQG12Sl1Jer4IGdWVy%2ByQpBMwTqR9ALSwPNnEIyl1C%2FlDlvFIiyCLqnFrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 68607e186d7f96b6-FRA
link: <http://wavesclaim.com/assets/img/brand/blue4.png>; rel="canonical"
expires: Wed, 29 Jun 2022 08:08:56 GMT

GET
H2 200 jquery.min.js Show response
wavesclaim.com/assets/vendor/jquery/dist/ 86 KB
31 KB 63ms
62ms Script
application/javascript 2606:4700:3030::6815:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wavesclaim.com/assets/vendor/jquery/dist/jquery.min.js

Requested by

Host: wavesclaim.com
URL: https://wavesclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:3262 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /assets/vendor/jquery/dist/jquery.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: wavesclaim.com
referer: https://wavesclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-original-content-length: 88145
vary: Accept-Encoding
last-modified: Tue, 27 Oct 2020 07:25:34 GMT
server: cloudflare
etag: W/"15851-5b2a1f3d92d55"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hle5asOMd8SdUwNSudmvLQw9UEwjfFI%2B2iNAPg05EGF0Ekwzo1g8YirTKYnb2AVNf8RWzX%2ByKCz35cECBWCPiW%2FqkelSc8knGmbhUakl6pRrTuC6yDDz0IfXqywodMRyBL3Wql0WQGZcziXdcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400, s-maxage=10
cf-ray: 68607e17ad3696b6-FRA
expires: Sat, 28 Aug 2021 08:35:07 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
wavesclaim.com/assets/vendor/bootstrap/dist/js/ 79 KB
23 KB 27ms
27ms Script
application/javascript 2606:4700:3030::6815:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wavesclaim.com/assets/vendor/bootstrap/dist/js/bootstrap.bundle.min.js

Requested by

Host: wavesclaim.com
URL: https://wavesclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:3262 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

394156ee114ed3faf968419340ecfd17f69740eb7e4f0a88d59e1f6d5bf0c34e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /assets/vendor/bootstrap/dist/js/bootstrap.bundle.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: wavesclaim.com
referer: https://wavesclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-original-content-length: 80698
vary: Accept-Encoding
last-modified: Tue, 27 Oct 2020 07:25:34 GMT
server: cloudflare
etag: W/"13b3a-5b2a1f3d92d55"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0mwopndhsd4hydczx2%2F8q%2FEvTA2eJobb0HygSnDQ838NdNgnysH%2BZi7h3VyXh3%2Fev930xnfxsgW7oLFLT7pGTgtgQoKEIqDXcSAazuy6dZAcozP6U4hU47Z5nYX3yp9ASRtEVN1uCM%2BxvQ%2FP7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400, s-maxage=10
cf-ray: 68607e180d5396b6-FRA
expires: Sat, 28 Aug 2021 08:35:07 GMT

GET
H2 200 js.cookie.js Show response
wavesclaim.com/assets/vendor/js-cookie/ 4 KB
2 KB 26ms
26ms Script
application/javascript 2606:4700:3030::6815:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wavesclaim.com/assets/vendor/js-cookie/js.cookie.js

Requested by

Host: wavesclaim.com
URL: https://wavesclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:3262 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6533050afa2e853568cd4b0b8048ed64e94963e38088b226575a7cca8054f4e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /assets/vendor/js-cookie/js.cookie.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: wavesclaim.com
referer: https://wavesclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-original-content-length: 3886
vary: Accept-Encoding
last-modified: Tue, 27 Oct 2020 07:25:34 GMT
server: cloudflare
etag: W/"f2e-5b2a1f3dcb793"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7U2wRzUC235cTlyiRjV9DWZlZQVX867%2BWdlpqzjIHXVLGgaiN19B1jGXRjhLuuIEnfeW0rD8nPu4uoWPOASs9LAlgqdyoAo8NR1BpfeYew17EiPUl2QCB2RK%2FRW1hS5Oob9KmdIl9Niyk7y9Kg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400, s-maxage=10
cf-ray: 68607e183d6c96b6-FRA
expires: Sat, 28 Aug 2021 08:35:07 GMT

GET
H2 200 jquery.scrollbar.min.js Show response
wavesclaim.com/assets/vendor/jquery.scrollbar/ 13 KB
5 KB 33ms
33ms Script
application/javascript 2606:4700:3030::6815:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wavesclaim.com/assets/vendor/jquery.scrollbar/jquery.scrollbar.min.js

Requested by

Host: wavesclaim.com
URL: https://wavesclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:3262 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95cafb5c72abcbea04a038bfc7197eff0f8b5d70304256be7abc6ac600a6ee6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /assets/vendor/jquery.scrollbar/jquery.scrollbar.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: wavesclaim.com
referer: https://wavesclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-original-content-length: 13041
vary: Accept-Encoding
last-modified: Tue, 27 Oct 2020 07:25:34 GMT
server: cloudflare
etag: W/"32f1-5b2a1f3d86235"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HaRU4YmLa9TckntMokm%2BTnqgv9e8bHPJNgwG%2FcF4iBPPef2qMvi%2FVoB5arGHKXq9mn0pku%2FDW4TIHIvz6YzqGd0M6whQcuYu%2BHot%2FLWJLOtf8J35OknBkYx3vHi7Ar812XYNHWKs17MhpDegTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400, s-maxage=10
cf-ray: 68607e184d6e96b6-FRA
expires: Sat, 28 Aug 2021 08:35:07 GMT

GET
H2 200 jquery-scrollLock.min.js Show response
wavesclaim.com/assets/vendor/jquery-scroll-lock/dist/ 5 KB
2 KB 31ms
28ms Script
application/javascript 2606:4700:3030::6815:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wavesclaim.com/assets/vendor/jquery-scroll-lock/dist/jquery-scrollLock.min.js

Requested by

Host: wavesclaim.com
URL: https://wavesclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:3262 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ec49404c2e842eaeb5786f9dbce5b10272d149994064b326aff12f61e91915c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /assets/vendor/jquery-scroll-lock/dist/jquery-scrollLock.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: wavesclaim.com
referer: https://wavesclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-original-content-length: 4636
vary: Accept-Encoding
last-modified: Tue, 27 Oct 2020 07:25:34 GMT
server: cloudflare
etag: W/"121c-5b2a1f3d8df35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MLfYM020IGEc7FRh3C59kWcNI2OFrK2mNXRBIygzq%2B0BwZ4G2FVJxQze0x0%2B%2B6v%2BpW%2BtPfjuE%2FwtOIm%2B7tbU48SPzsh8igl7pqh5ACeiwyGPi%2FlLz7IDdqiMESPV8B1nc5CJN%2Fm%2B%2B9v4dMCyPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400, s-maxage=10
cf-ray: 68607e186d7b96b6-FRA
expires: Sat, 28 Aug 2021 20:42:03 GMT

GET
H2 200 argon.js Show response
wavesclaim.com/assets/js/ 14 KB
4 KB 36ms
32ms Script
application/javascript 2606:4700:3030::6815:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wavesclaim.com/assets/js/argon.js?v=1.2.0

Requested by

Host: wavesclaim.com
URL: https://wavesclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:3262 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad9b49c142be2f82711d8244a060e39f96536a664fe5ffd062de8c78020707a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /assets/js/argon.js?v=1.2.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: wavesclaim.com
referer: https://wavesclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-original-content-length: 21706
server: cloudflare
etag: W/"PSA-aj-u3WULcIKpD"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pUoCINPJLJKVt3rnAtP%2F%2BUNfyqsgESGo013btt6SuGDebx58vB1uwKjDj1rtDtfaqcPZAb1dJPsVgkd1%2Fo3ZRhflIyk51SHqh08Q2mrWvDAK3ZIrUGPFYO2aroo%2BEjG0dX2ef%2BPdGpEL1RqVfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=53
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68607e186d7c96b6-FRA
expires: Sat, 28 Aug 2021 21:05:26 GMT

GET
H2 200 api.js Show response
www.hcaptcha.com/1/ 82 KB
26 KB 99ms
45ms Script
application/javascript 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hcaptcha.com/1/api.js

Requested by

Host: wavesclaim.com
URL: https://wavesclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.169.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d101c6fb09ca82152649885b2b065dc143fa2b961e8e9341754fd41aa2f59079

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:32 GMT
via: 1.1 415e8d76bf2c69e5e03b89ba8461cd7e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 91
cf-polished: origSize=84476
x-cache: Hit from cloudfront
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Fri, 27 Aug 2021 12:42:30 GMT
server: cloudflare
etag: W/"2d34f3a6c388dfbda8adb8952b17304a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=120
x-amz-cf-pop: AMS50-C1
cf-ray: 68607e18cddc415a-AMS
x-amz-cf-id: 4FJckETCBoI6tq7pHZbLytLDCSeioIgACzk2JotI4bgrYBJo_ygSUw==
cf-bgj: minify

GET
H3-29 200 toastr.min.js Show response
cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/ 5 KB
3 KB 23ms
13ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/toastr.min.js

Requested by

Host: wavesclaim.com
URL: https://wavesclaim.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://wavesclaim.com
Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 864281
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1885
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ffe-15a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8DXdMSguXhtyvJGOHtfu4vvL3Z%2FBdm%2BVx7jzWp%2B43Uck1odqgtLX4oy%2BB2gsvAzf3pnCphFf69deSsTcR49fAl7cu%2Bn41ZKMBUCgT9j2TvDsnHyDUwYkkowg2krOs718sRUPkgFyVoHV2wTg1yd0sCCR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 68607e187c6a4e86-FRA
expires: Thu, 18 Aug 2022 21:04:32 GMT

GET
H2 200 waveskeeper.js Show response
wavesclaim.com/assets/js/ 908 B
904 B 32ms
29ms Script
application/javascript 2606:4700:3030::6815:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wavesclaim.com/assets/js/waveskeeper.js

Requested by

Host: wavesclaim.com
URL: https://wavesclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:3262 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9174046dfe997b322f7c1db012ef1b2f0af72a7ccdcd2dfb47b0344ebd3495b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /assets/js/waveskeeper.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: wavesclaim.com
referer: https://wavesclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-original-content-length: 1777
server: cloudflare
etag: W/"PSA-aj-_5e40jUVLZ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lgXoXSYySo2C88ss01VeGQCj1ZF%2FRqESNgUT63RXn7s%2FMPA8c94aeR3y2JWJn0GYLbLbnGOrASY2T4T48BKrRSrbKzx%2BMDv7%2FATjbyTlrtqhrgMziu7EaoD51V4LTud7%2BU6LFocpq1uRsMi8qQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68607e186d7d96b6-FRA
expires: Sat, 28 Aug 2021 21:05:26 GMT

GET
H2 200 infolinks_main.js Show response
resources.infolinks.com/js/ 3 KB
2 KB 84ms
32ms Script
application/javascript 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/infolinks_main.js
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c94204707a34fcdb26f2880fd1e098140151024badffec94b2b8e196efe3afe

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

cf-ray: 68607e18c810fa18-AMS
date: Sat, 28 Aug 2021 21:04:32 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 25 Aug 2021 06:13:58 GMT
server: cloudflare
age: 10195
etag: W/"d05-5ca5c27db91e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
content-encoding: gzip
expires: Sat, 28 Aug 2021 19:14:37 GMT

GET
H2 200 jquery-1.7.2.min.js Show response
code.jquery.com/ 93 KB
33 KB 27ms
8ms Script
application/javascript 2001:4de0:ac18::1:a:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.7.2.min.js
Requested by: Host: uprimp.com
URL: https://uprimp.com/slider.php?section=General&pub=577534&ga=g&side=right
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:32 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:07 GMT
server: nginx
etag: W/"54499a47-17278"
vary: Accept-Encoding
x-hw: 1630184672.dop201.fr8.t,1630184672.cds288.fr8.hn,1630184672.cds292.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33626

GET
H2 200 matomo.js Show response
wavesclaim.com/analytics/ 60 KB
20 KB 50ms
48ms Script
application/javascript 2606:4700:3030::6815:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wavesclaim.com/analytics/matomo.js

Requested by

Host: wavesclaim.com
URL: https://wavesclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:3262 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

340af9cf232bd437b63b6a3b2ec3fcc8e0988a79fd8af20514743908ee9f8765

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /analytics/matomo.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: wavesclaim.com
referer: https://wavesclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-original-content-length: 62256
server: cloudflare
etag: W/"PSA-aj-0U_d46GGNp"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=44nOFlrEQzSubSno41uzMZF98c27ekEcMyraTWRNWFoqqaT6tgF8MRImXmHwr3syH2s08QzU1qtzbiLvHyfo9lT%2FUHV%2FTa6yrhhWy6FRAkx4i9AoWEVRIm8PvQH5H%2BJpCTgtOBSRDMUttVQ7%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68607e186d8096b6-FRA
expires: Sat, 28 Aug 2021 21:07:17 GMT

GET
H2 200 hotjar-2096837.js Show response
static.hotjar.com/c/ 6 KB
3 KB 162ms
81ms Script
application/javascript 13.224.96.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2096837.js?sv=6

Requested by

Host: wavesclaim.com
URL: https://wavesclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-61.zrh50.r.cloudfront.net

Software

Resource Hash

83f49a3ac40d83bbaecda7bf4de6558db20ed2ecb2d2582b6038ca0b065caf0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:32 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: ZRH50-C1
etag: W/4fc39b03e195bf6ca976f842c136a9eb
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-id: DHSwNLVT_z0WzWQXKK2RQ7jniHiIcjRqV-87tUGTUMvj_VlBiIkfYg==
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)

GET
H2 200 foxpush_SDK_min.js Show response
cdn.foxpush.net/sdk/ 39 KB
11 KB 45ms
20ms Script
application/javascript 2606:4700:3030::6815:32f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.foxpush.net/sdk/foxpush_SDK_min.js
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:32f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae541ac1f906334afea0ed870a8680217d869f184a12d5e40a9712ab74cee403

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:32 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 06 Jul 2021 20:40:07 GMT
server: cloudflare
etag: W/"9dc9-17a7d8ca7be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nTDWPPR85TnlhATQxJL16%2FrIMOAcmzTk9fybbk1eqwxbFuIT5OsIRvTB9gfLyslCMARp7zPHFA%2FJqj359%2FPPfN3Y1ksqiYjn85aiSCpeXmDPfdnjJd7BRzlc%2FzLBCUMqNqQ1fOFfx5V1p2xcQj0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 68607e188e0c2bd6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://wavesclaim.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 00:41:05 GMT
x-content-type-options: nosniff
age: 246207
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7900
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:02:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Aug 2022 00:41:05 GMT

GET
H2 200 fa-solid-900.woff2
wavesclaim.com/assets/vendor/@fortawesome/fontawesome-free/webfonts/ 74 KB
75 KB 20ms
20ms Font
application/octet-stream 2606:4700:3030::6815:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wavesclaim.com/assets/vendor/@fortawesome/fontawesome-free/webfonts/fa-solid-900.woff2
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/assets/vendor,_nucleo,_css,_nucleo.css+vendor,_,40fortawesome,_fontawesome-free,_css,_all.min.css+css,_argon.css,qv==1.2.0.pagespeed.cc.EicLIUhszr.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4

Request headers

:path: /assets/vendor/@fortawesome/fontawesome-free/webfonts/fa-solid-900.woff2
pragma: no-cache
origin: https://wavesclaim.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: wavesclaim.com
referer: https://wavesclaim.com/assets/vendor,_nucleo,_css,_nucleo.css+vendor,_,40fortawesome,_fontawesome-free,_css,_all.min.css+css,_argon.css,qv==1.2.0.pagespeed.cc.EicLIUhszr.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://wavesclaim.com
Referer: https://wavesclaim.com/assets/vendor,_nucleo,_css,_nucleo.css+vendor,_,40fortawesome,_fontawesome-free,_css,_all.min.css+css,_argon.css,qv==1.2.0.pagespeed.cc.EicLIUhszr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:32 GMT
cf-cache-status: HIT
last-modified: Tue, 27 Oct 2020 07:25:34 GMT
server: cloudflare
age: 3552
etag: "12934-5b2a1f3da5634"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=umtgjuJxVNtNQswNIRIWAirdgCJLVjj14vqAh1JfGfBPUpT%2F8jEhXBoTpYPfqPCZteyragAEXUgohC%2FuPdCD11zrMl%2BhYznZxm5BJbdGgbryPPh2T5OtRK8hF8QZDXOMqH0crvLK7T67fYvYiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 68607e187d8496b6-FRA
content-length: 76084

GET
H2 200 6081ce1ecf6a8d610cfe2765.js Show response
cdn.bmcdn1.com/js/ 61 KB
20 KB 149ms
122ms Script
application/javascript 2606:4700:20::ac43:4b23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bmcdn1.com/js/6081ce1ecf6a8d610cfe2765.js
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c86edc8077f0f1aac47d7767d5001dcfd18370d709c8a05adfc8826ecb4cd839

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vdVmeEc3hilpLQVYb693hfi4ig7sVdLfkx7mpgZ2W0VQnRlOcCaJRNbVnLKWHk16J%2Fcv2D9FapGwqTg3fl7FC6PGoxXhGaqM5CjGY%2FJ8KsoKKovwKsSBSaTm9pLaU8Ttz150fA4klCdbiKxV"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1800, public
cf-ray: 68607e18c83305c4-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Sat, 28 Aug 2021 21:34:32 GMT

GET
H2 200 6086b114cf6a8df307fe2a2a.js Show response
cdn.bmcdn1.com/js/ 61 KB
20 KB 131ms
124ms Script
application/javascript 2606:4700:20::ac43:4b23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bmcdn1.com/js/6086b114cf6a8df307fe2a2a.js
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05f40e574c4e4b91a0fdfb6ee91808f1ad41eb09094d46760c7da79ced96e31f

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AmZX2454jFscfaviaM7JNnxkKWWO4mf4Ec%2FIYhXVN6gxcP7a3%2FH6H7X5UhTjENW3lWABFYSG5fDNYfJ%2FFe7r1jK%2BnPGsSa4%2FfxNn1ZGgLY7jBJheF1dVsEJ0%2BvgNqU%2FeBhHlVrMmrnpopa%2BV"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1800, public
cf-ray: 68607e18c83805c4-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Sat, 28 Aug 2021 21:34:32 GMT

GET
H2 200 6086b1f6cf6a8ded33fe2a2b.js Show response
cdn.bmcdn1.com/js/ 61 KB
20 KB 133ms
126ms Script
application/javascript 2606:4700:20::ac43:4b23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bmcdn1.com/js/6086b1f6cf6a8ded33fe2a2b.js
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 763bacb6026f3592f0303144432bd7e0ab62db4fc9e2133262d53ccb641b36e0

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zdAJrqElu7bKE9lJ85kUMl0ET2Scv0kh6ugRt05vkyFfAc0It5VEvU9GBiZ1rUiSB6wsuxFE%2B5aWEuo2d2Y2LipaaGCQypEuYPPOSQahWqmonqEN0yOy1bCbxjsF0jZqWxQkehmmLUIh8o64"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1800, public
cf-ray: 68607e18c83705c4-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Sat, 28 Aug 2021 21:34:32 GMT

GET
H2 200 price Show response
api.coingecko.com/api/v3/simple/ 23 B
607 B 204ms
189ms XHR
application/json 2606:4700::6812:1d78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.coingecko.com/api/v3/simple/price?ids=waves&vs_currencies=usd
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/assets/vendor/jquery/dist/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2410a0eda560817921430999d3f8cf5ef99fcea00f0005235092e66d0982ffa

Request headers

Accept: */*
Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:32 GMT
access-control-request-method: *
vary: Accept-Encoding, Origin
cf-cache-status: EXPIRED
content-encoding: br
alternate-protocol: 443:npn-spdy/2
x-request-id: 2e4cd5a9-fa00-42eb-b8dd-964a1d83b0a2
x-runtime: 0.013145
server: cloudflare
etag: W/"41b2caef4fafdc08223c05525247cb65"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
access-control-allow-methods: POST, PUT, DELETE, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: link, per-page, total
cache-control: max-age=30, public, must-revalidate, s-maxage=60
cf-ray: 68607e190cd10eb3-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

HEAD
H3-29 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 32ms
32ms Fetch
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: wavesclaim.com
URL: https://wavesclaim.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49997
x-xss-protection: 0
server: cafe
etag: 2716091990880905997
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 28 Aug 2021 21:04:32 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108240101/ 252 KB
93 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9232038510402231&plah=wavesclaim.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b0cdd883ba5aba9619606b07e5354d7a7d02c613f16304b2be6f14382142a7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95603
x-xss-protection: 0
server: cafe
etag: 14975429524352139583
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 28 Aug 2021 21:04:32 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210824/r20190131/ Frame 82BD 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210824/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210824/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wavesclaim.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://wavesclaim.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 28 Aug 2021 16:22:09 GMT
expires: Sat, 11 Sep 2021 16:22:09 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
age: 16943
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 wavesclaimcom.json Show response
json.foxpush.com/ 1 KB
1 KB 41ms
24ms XHR
application/json 2606:4700:20::681a:bb8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://json.foxpush.com/wavesclaimcom.json?v=0.9104580205100616
Requested by: Host: cdn.foxpush.net
URL: https://cdn.foxpush.net/sdk/foxpush_SDK_min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bb8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bcf712fbb4b808d58b151936a103e13bbd92cc7664c8a020ded150fb78f00ec

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 13 Aug 2021 19:03:52 GMT
server: cloudflare
etag: W/"442-17b40e63022"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=68aUp1CIrxrcQrrf%2FVEJVnkoci8vJZPmUf6npEG4T%2B854T7g8C8SldL91kKSr1UGJwGvdMUHHKExCOYbTiLs8SaAfgMqE%2BpiENr61lQJYHG3k4A%2F1uPx5vr4NPBUEILeQjZXAvl%2Fl4HVbD%2FnWQQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68607e196e2b3250-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

POST
H2 204 matomo.php
wavesclaim.com/analytics/ 0
268 B 285ms
285ms Ping
text/plain 2606:4700:3030::6815:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wavesclaim.com/analytics/matomo.php?action_name=WavesClaim%20-%20WAVES%20and%20WAVES%20token%20cryptocurrency%20faucet&idsite=1&rec=1&r=967431&h=23&m=4&s=32&url=https%3A%2F%2Fwavesclaim.com%2F&_id=ae56cc02d902acca&_idn=1&_refts=0&send_image=0&cookie=1&res=1600x1200&pv_id=QCaSZ2&pf_net=26&pf_srv=1046&pf_tfr=1
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/analytics/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: no-cors
origin: https://wavesclaim.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: sidenav-state=pinned; language=eng; new=no; _pk_id.1.84fd=ae56cc02d902acca.1630184672.; _pk_ses.1.84fd=1
content-length: 0
:path: /analytics/matomo.php?action_name=WavesClaim%20-%20WAVES%20and%20WAVES%20token%20cryptocurrency%20faucet&idsite=1&rec=1&r=967431&h=23&m=4&s=32&url=https%3A%2F%2Fwavesclaim.com%2F&_id=ae56cc02d902acca&_idn=1&_refts=0&send_image=0&cookie=1&res=1600x1200&pv_id=QCaSZ2&pf_net=26&pf_srv=1046&pf_tfr=1
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=utf-8
accept: */*
cache-control: no-cache
:authority: wavesclaim.com
referer: https://wavesclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

date: Sat, 28 Aug 2021 21:04:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NmKl7LyOAIHS0qA%2Fx2muAqqkAnIeT5nR7upfONt9M391A7n9YyzRDc9RpISnMRIWxEzTG5EFyp7ZfIORPDqL3RrjSUIUaEvnlvXPAVbS0nCdn2kiWa39sJLf%2Bof4Mw2Zc2Ww0cmBF0NBRz7MMA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://wavesclaim.com
access-control-allow-credentials: true
cf-ray: 68607e195dcd96b6-FRA

GET
H2 200 ice.js Show response
resources.infolinks.com/js/1755.008-3.025/ 588 KB
188 KB 30ms
30ms Script
application/javascript 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1755.008-3.025/ice.js
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44af7fb57e8a9bb73f53a09e86f4868147a1fe66f704021ad6d31a653a9af371

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

cf-ray: 68607e1968cefa18-AMS
date: Sat, 28 Aug 2021 21:04:32 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Mon, 23 Aug 2021 11:01:07 GMT
server: cloudflare
age: 6454
etag: W/"93152-5ca37ef1ad464"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
expires: Mon, 27 Sep 2021 19:16:58 GMT

GET
H2 200 compatibility.js Show response
acdcdn.com/script/ 20 KB
9 KB 44ms
16ms Script
application/javascript 2606:4700:3030::ac43:8691
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acdcdn.com/script/compatibility.js
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:8691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03241a470052a86e3d0bc4c77894ae3f87a1452092fff62ff01d499ead7decac

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-goog-hash: crc32c=6TBdZQ==, md5=wrvB4lRAScsDXDIZGb7yvA==
date: Sat, 28 Aug 2021 21:04:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2529
x-guploader-uploadid: ABg5-Uycmm2LK1-3HMYT6UwQ0O099yFYXIZ96jheD3-NF3hgWYM4yngmQ6SprV0tQzvxnf-f4Ap3VPnTeLDv4z4JATw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 15 Sep 2020 12:10:32 GMT
server: cloudflare
etag: W/"c2bbc1e2544049cb035c321919bef2bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dm1dBBdmBQTmsrMtk%2FqArnYnUfZKeSkN0w9jepFN90BHojOHfyzHgAanr0PfXSlwvhbzCJ63kZ8gWdIpak%2B680Y0slSCMx%2Bd%2Fd%2BS5St1JWcMksnW5Vs%2Femc1vL14QOxQNfl6EiUN3j4k"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1600171832181211
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=14400
x-goog-stored-content-length: 20647
cf-ray: 68607e1988b25c26-FRA
expires: Sat, 28 Aug 2021 20:31:01 GMT

GET
H2 200 banner_show.php Show response
uprimp.com/ Frame DAD7 1 KB
2 KB 116ms
116ms Document
text/html 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/banner_show.php?section=General&pub=577534&format=160x600&ga=g&slider=149fda8ea603bc03dc90cde95f707048
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.7.2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: 5ac703da62d510bc2d51c1831284a667761fa8a6de7996206e13beba1aabab5a

Request headers

:method: GET
:authority: uprimp.com
:scheme: https
:path: /banner_show.php?section=General&pub=577534&format=160x600&ga=g&slider=149fda8ea603bc03dc90cde95f707048
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wavesclaim.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://wavesclaim.com/

Response headers

server: nginx
date: Sat, 28 Aug 2021 21:04:32 GMT
content-type: text/html; charset=UTF-8
expires: Sat, 28 Aug 2021 21:04:32 GMT
last-modified: Sat, 28 Aug 2021 21:04:32 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
set-cookie: used_ad2430953=1; expires=Sun, 29-Aug-2021 04:00:00 GMT; Max-Age=24928; path=/; domain=uprimp.com; secure; HttpOnly; SameSite=None total_impressions=1; expires=Sun, 29-Aug-2021 04:00:00 GMT; Max-Age=24928; path=/; domain=uprimp.com; secure; HttpOnly; SameSite=None cpa_673873=160x600_979397874_5; expires=Mon, 27-Sep-2021 21:04:32 GMT; Max-Age=2592000; path=/; domain=uprimp.com; secure; SameSite=None

GET
H2 200 but_close.png
ylx-i.advertica-cdn2.com/ 664 B
922 B 162ms
52ms Image
image/png 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/but_close.png?1360094895
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.127 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.127.skhosting.eu
Software: nginx /
Resource Hash: 57bca4c5b764830392d8e4b6482fe19c7dddf0e8ae3627b68a22ebc398b27da3

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:32 GMT
content-encoding: gzip
last-modified: Tue, 05 Feb 2013 20:08:15 GMT
server: nginx
etag: W/"511166af-298"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Mon, 27 Sep 2021 21:04:32 GMT

GET
H2 200 asyncspc.php Show response
revive.wavesclaim.com/www/delivery/ 3 KB
1 KB 90ms
88ms XHR
application/json 2606:4700:3030::6815:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://revive.wavesclaim.com/www/delivery/asyncspc.php?zones=17%7C16%7C6&prefix=revive-0-&loc=https%3A%2F%2Fwavesclaim.com%2F
Requested by: Host: revive.wavesclaim.com
URL: https://revive.wavesclaim.com/www/delivery/asyncjs.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18f9419ad302201587523379f81fa7052a924066b2e329fd76c02be1d3fa3c5c

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 21:04:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=al2BdNS7Ea7ueONcRgsmb9M5X5V9PUyAUD76yTnHDttZugULKwn9jxkAdYbEJYo25LJGxnfYB7i03eeIoY1UOi9DxFB3CFuXRO39DIsaKZHa6cbxAnVUy49wRF%2FtJ93%2FlOZYCso2HMzIbUoVmF5BO4wdg9Q%3D"}],"group":"cf-nel","max_age":604800}
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://wavesclaim.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 68607e196dd596b6-FRA
content-type: application/json
expires: 0

GET
H2 200 modules.189ddfe225c89657c20d.js Show response
script.hotjar.com/ 221 KB
59 KB 116ms
40ms Script
application/javascript 13.224.96.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.189ddfe225c89657c20d.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2096837.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-11.zrh50.r.cloudfront.net

Software

Resource Hash

789370b292863a4c8d56e96d78b683704016735dbb08d7a2aa88b876cb100ae4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 08:57:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 130047
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59569
access-control-allow-origin: *
last-modified: Fri, 27 Aug 2021 08:56:36 GMT
etag: "00ab92e1048f75ffd0466b24cae7a3f0"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: V_RELPxdJSTQoN98t1h45nAHrlXf45WG5v8D61o2mtxZoepeLiRHgg==

GET
H2 200 hcaptcha-challenge.html Show response
newassets.hcaptcha.com/captcha/v1/cf3b14a/static/ Frame D5DB 2 KB
1 KB 35ms
32ms Document
text/html 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/cf3b14a/static/hcaptcha-challenge.html

Requested by

Host: www.hcaptcha.com
URL: https://www.hcaptcha.com/1/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.169.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8cba553e92c1721324f66ad221829bf2cf0983efbd7d31c445bfe53cd16bedf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: newassets.hcaptcha.com
:scheme: https
:path: /captcha/v1/cf3b14a/static/hcaptcha-challenge.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wavesclaim.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://wavesclaim.com/

Response headers

date: Sat, 28 Aug 2021 21:04:32 GMT
content-type: text/html
last-modified: Fri, 27 Aug 2021 12:42:30 GMT
cache-control: max-age=1209600
x-cache: Hit from cloudfront
via: 1.1 63cf97e5788a160a76e89d4e12e2ca29.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
x-amz-cf-id: SecFMp7vShfq8UMPpC_QbQFSiByxkKKVjyd3PMIcULFSXVNC1YGaJg==
age: 116476
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 68607e199f0e415a-AMS
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 hcaptcha-checkbox.html Show response
newassets.hcaptcha.com/captcha/v1/cf3b14a/static/ Frame 57B8 2 KB
1 KB 27ms
26ms Document
text/html 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/cf3b14a/static/hcaptcha-checkbox.html

Requested by

Host: www.hcaptcha.com
URL: https://www.hcaptcha.com/1/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.169.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8da7c93a327c25e852a73a5f94e38a0aa072fc74f8056f6558ed953b6b2014f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: newassets.hcaptcha.com
:scheme: https
:path: /captcha/v1/cf3b14a/static/hcaptcha-checkbox.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wavesclaim.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://wavesclaim.com/

Response headers

date: Sat, 28 Aug 2021 21:04:32 GMT
content-type: text/html
last-modified: Fri, 27 Aug 2021 12:42:30 GMT
cache-control: max-age=1209600
x-cache: Hit from cloudfront
via: 1.1 559401aa49f4b835c1816ad004278e3e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
x-amz-cf-id: R0ACBHaXWx5DAkSJe1wgz1zdWKsvSVsdVXp4LeqbcFHGoI0oYjBknQ==
age: 116476
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 68607e199f10415a-AMS
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 index.html Show response
www.foxpush.com/source/ Frame A140 1 KB
1 KB 48ms
23ms Document
text/html 2606:4700:20::ac43:4a0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.foxpush.com/source/index.html?fox_domain=wavesclaimcom.foxpush.net&hurl=https%3A%2F%2Fwavesclaim.com%2F
Requested by: Host: cdn.foxpush.net
URL: https://cdn.foxpush.net/sdk/foxpush_SDK_min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e62ca1eaa5187d6f70762cc4871ff7412cb4b5c8d63aa8dff42329f4dba15657

Request headers

:method: GET
:authority: www.foxpush.com
:scheme: https
:path: /source/index.html?fox_domain=wavesclaimcom.foxpush.net&hurl=https%3A%2F%2Fwavesclaim.com%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wavesclaim.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://wavesclaim.com/

Response headers

date: Sat, 28 Aug 2021 21:04:32 GMT
content-type: text/html
last-modified: Wed, 28 Jul 2021 19:37:19 GMT
x-amz-version-id: 7U79eS3jd6XVrFzX627aKt8THwzOWR.n
x-cache: Hit from cloudfront
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: uRco1dFe_9fXC_jTkx7ab2p2Bvhz9SVYFrILnf5uQLUKZOwxQVr5UQ==
age: 66344
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qtFeTGJ4b8re8FJ9PGBi6hfCvP0wh%2Bw3uYYQ3aVzOZfKzQgyvqTE5RSLfqkP1LD8ryVPyFOqdHaobKfAvO%2B%2Bt7UjrZWXLxFLcLZ1Ad9L%2BqPpP2Q%2FSq%2FMmJx%2Bq%2BIIShaMT8DdfEiPOrXsL6rbCA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 68607e19cd143233-FRA
content-encoding: br

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 204 B
262 B 31ms
30ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=wavesclaim.com&callback=_gfp_s_&client=ca-pub-9232038510402231

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9232038510402231&plah=wavesclaim.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

517eeb8b2d4388b40eee66ef6c731358f4bcfe2b522e045cbeea815acd5cfe48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
39ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwavesclaim.com%2F&tn=NAV&id=sidenav-main&cls=sidenav%20navbar%20navbar-vertical%20%20fixed-left%20%20navbar-expand-xs%20navbar-light%20bg-white&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: wavesclaim.com
URL: https://wavesclaim.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 21:04:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
39ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: wavesclaim.com
URL: https://wavesclaim.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 21:04:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=wavesclaim.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 28 Aug 2021 21:04:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=wavesclaim.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 28 Aug 2021 21:04:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0532 603 B
68 B 34ms
33ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9232038510402231&output=html&adk=1812271804&adf=3025194257&lmt=1630184672&plat=1%3A16777216%2C2%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwavesclaim.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630184672185&bpp=4&bdt=291&idt=80&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=144680711805&frm=20&pv=2&ga_vid=847171135.1630184672&ga_sid=1630184672&ga_hid=1907810728&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062297&oid=3&pvsid=2462723019140492&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210824&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=97

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9232038510402231&output=html&adk=1812271804&adf=3025194257&lmt=1630184672&plat=1%3A16777216%2C2%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwavesclaim.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630184672185&bpp=4&bdt=291&idt=80&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=144680711805&frm=20&pv=2&ga_vid=847171135.1630184672&ga_sid=1630184672&ga_hid=1907810728&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062297&oid=3&pvsid=2462723019140492&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210824&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=97
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wavesclaim.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://wavesclaim.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 28 Aug 2021 21:04:32 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 28-Aug-2021 21:19:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 28 Aug 2021 21:04:32 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e87d7c59119397293cf71c27dd7eac13e19f0f3cc3f2b85fc52a74864757b251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:32 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630063795307439"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27566
x-xss-protection: 0
expires: Sat, 28 Aug 2021 21:04:32 GMT

GET
H2 200 5fbcf50ff383064e65dbdae6.js Show response
cdn.bmcdn1.com/js/ 61 KB
20 KB 109ms
108ms Script
application/javascript 2606:4700:20::ac43:4b23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bmcdn1.com/js/5fbcf50ff383064e65dbdae6.js
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a3739ffc65f164017356daeb1fe2c376b4b45969fa7cce95595739de8a34c1f

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lXZRWmacSR6jUpqkcffKIagG3Zv16BP1aGegCv0KinDPuPBsOwU7qYIaYSIRed%2FQn9DgQhj8%2FLZ4snkzTqVNKKYYmYycDfSMFf3UC3bLwe%2FP3mOXsL%2FIukWc%2F6yhssf0WKf6x%2B81etpml0el"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1800, public
cf-ray: 68607e1a0a9d05c4-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Sat, 28 Aug 2021 21:34:32 GMT

GET
H2 200 5fbcf556f3830618fedbdae9.js Show response
cdn.bmcdn1.com/js/ 61 KB
20 KB 118ms
117ms Script
application/javascript 2606:4700:20::ac43:4b23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bmcdn1.com/js/5fbcf556f3830618fedbdae9.js
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b7e3e69c2e71edee7c7b64e2e9e915b6371db1f83768ac453ed6beb1fb139bc

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PItnlEDD2EjkAZWKVcfAuTnXcZ%2FucWaIP08GsOfkqOv3gdx9xRYVNZBab%2B4WMJSKwSpGFePERL5VZyE3LCBycWGtPEGdB5SVM4yHGhbn13ZfzjfMy0hTQLYdU%2FEDeRw2PJl6q8FsJBX7oeZ6"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1800, public
cf-ray: 68607e1a0aa105c4-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Sat, 28 Aug 2021 21:34:32 GMT

GET
H2 200 lg.php
revive.wavesclaim.com/www/delivery/ 43 B
352 B 56ms
55ms Image
image/gif 2606:4700:3030::6815:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://revive.wavesclaim.com/www/delivery/lg.php?bannerid=3&campaignid=1&zoneid=17&loc=https%3A%2F%2Fwavesclaim.com%2F&cb=01e410af27
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 21:04:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6IAAoxFHS0bJJcPhbuFqLiqps8%2FVBPZZbuRFoBEqYRK0FwBsXnKJMYpF6MFbsWjuaziaTO5C9EWl9PKrOeQLcLmpmzndTH2U9aimJu7D5RgSBzXP7TKJeFt4WXdC3z2la5pMBkl1lK25gulp171dzZpLM9s%3D"}],"group":"cf-nel","max_age":604800}
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 68607e1a0e0e96b6-FRA
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 lg.php
revive.wavesclaim.com/www/delivery/ 43 B
351 B 54ms
53ms Image
image/gif 2606:4700:3030::6815:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://revive.wavesclaim.com/www/delivery/lg.php?bannerid=8&campaignid=1&zoneid=16&loc=https%3A%2F%2Fwavesclaim.com%2F&cb=d9a70e63a7
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 21:04:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ne%2BOZXqtXRoxueqlBXTFokHOo43VayclvwUbHaGzNXZUTomt4sGZFtlt2YtUzIRsgaZ1BGg%2BIkJ0FdiD61%2BxyoLjOT0ENM4bTiz3RZXO2%2BsLVIqNeMxGtq%2FrVKOBAxlzJh0zJT%2Bjj8g6u3oYeX5YMGhFZPQ%3D"}],"group":"cf-nel","max_age":604800}
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 68607e1a0e0f96b6-FRA
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 lg.php
revive.wavesclaim.com/www/delivery/ 43 B
472 B 72ms
71ms Image
image/gif 2606:4700:3030::6815:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://revive.wavesclaim.com/www/delivery/lg.php?bannerid=8&campaignid=1&zoneid=6&loc=https%3A%2F%2Fwavesclaim.com%2F&cb=da8fcc7fd8
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 21:04:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJ1dY5V84BCT3n1lGTpOblEptWMyd%2BvIp1c%2BdMKjGEpMnwEGpffYkt0Zl3j9fgNU9vT3zYKt6eei%2BPlLKhjIMlB9AX4GzdLgSgAhlu1OXKFGE%2BNZ1rIDeXYDe6yXsDOkIeUx%2FwcUnqnNXZGHpQQ69mW%2BPiE%3D"}],"group":"cf-nel","max_age":604800}
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 68607e1a0e1096b6-FRA
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 box-25a418976ea02a6f393fbbe77cec94bb.html Show response
vars.hotjar.com/ Frame 194E 2 KB
1 KB 112ms
39ms Document
text/html 13.224.96.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2096837.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-22.zrh50.r.cloudfront.net
Software: /
Resource Hash: 7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-25a418976ea02a6f393fbbe77cec94bb.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wavesclaim.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://wavesclaim.com/

Response headers

content-type: text/html
content-length: 1044
date: Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "76922233be8bdb14c053af468d29404a"
last-modified: Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: IYZGsIc2SvuQYFgp8jhUzsqXanNdU3AUcbdGyDRsiP-27Q_PrQxL0g==
age: 3617282

GET
H2 200 pbice.js Show response
resources.infolinks.com/js/pbice/3.025/ 279 KB
86 KB 40ms
39ms Script
application/javascript 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/pbice/3.025/pbice.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1755.008-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95efc6a1b0e18636b608c1280049e1e31e5dac2f28c111ae489cea912f8b927b

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

cf-ray: 68607e1bab33fa18-AMS
date: Sat, 28 Aug 2021 21:04:32 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 30 Jun 2021 09:40:59 GMT
server: cloudflare
age: 10577
etag: W/"45adc-5c5f8851c3ea8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
expires: Mon, 27 Sep 2021 18:08:15 GMT

GET
H2 200 manage Show response
router.infolinks.com/usync/ Frame 238F 8 KB
2 KB 196ms
194ms Document
text/html 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/manage?pid=3303235&wsid=0&pdom=wavesclaim.com&purl=https://wavesclaim.com/
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1755.008-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a0d1636e25b9b70c3e049a3e0b9efc2aaf536dd5355000e14df2a266a1ee894

Request headers

:method: GET
:authority: router.infolinks.com
:scheme: https
:path: /usync/manage?pid=3303235&wsid=0&pdom=wavesclaim.com&purl=https://wavesclaim.com/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wavesclaim.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://wavesclaim.com/

Response headers

date: Sat, 28 Aug 2021 21:04:32 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 68607e1bcb58fa18-AMS
content-encoding: gzip

GET
H2 200 lcmanage Show response
router.infolinks.com/usync/ 0
52 B 155ms
154ms Script
text/plain 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/lcmanage?pid=3303235&wsid=0&pdom=wavesclaim.com&purl=https%3A%2F%2Fwavesclaim.com%2F
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1755.008-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:32 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control: no-store
cf-ray: 68607e1bcb5afa18-AMS
content-length: 0

GET
H2 200 identify.html Show response
ufpcdn.com/script/ Frame B0A7 2 KB
2 KB 149ms
125ms Document
text/html 2606:4700:3037::ac43:8e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ufpcdn.com/script/identify.html?frmt=0
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:8e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a

Request headers

:method: GET
:authority: ufpcdn.com
:scheme: https
:path: /script/identify.html?frmt=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wavesclaim.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://wavesclaim.com/

Response headers

date: Sat, 28 Aug 2021 21:04:32 GMT
content-type: text/html
last-modified: Tue, 15 May 2018 06:39:25 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
set-cookie: __cf_bm=103a24b918c79ab3da1507bd7a47b7999168a1df-1630184672-1800-Aemv+GGkERbo9B7I9CuIEhMBHGSImI2CxdcLyaT6DJbiR4lZ663GAUiGrUZ23a1lOivVL3PJDXTeqeGMg/1YnTg=; path=/; expires=Sat, 28-Aug-21 21:34:32 GMT; domain=.ufpcdn.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tHsQivI8ga2EoHTp9%2BRgMX%2FPjcM1zsE%2Fg0Dr%2FVJAFL5g6xU1jbeXBgonsNi61P3YEOTh%2FsgN5Y85HWxFKamUZ4cFaqMxKqL8SP2VobbUg36Z4vx92K73PWhfLk5%2Fm1FpvJ3pThIZXQoW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 68607e1c0dfb4e5c-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 hcaptcha-checkbox.js Show response
newassets.hcaptcha.com/captcha/v1/cf3b14a/ Frame 57B8 129 KB
41 KB 330ms
28ms Script
application/javascript 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/cf3b14a/hcaptcha-checkbox.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/cf3b14a/static/hcaptcha-checkbox.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.169.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

730ba9a7cb0c5a155fe54672df0cce8cc266a6a7fc354a39081c3440841a48b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/cf3b14a/static/hcaptcha-checkbox.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:32 GMT
via: 1.1 ab1d15e056bdcedbea349504173a4ecb.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 116476
cf-polished: origSize=132272
x-cache: Hit from cloudfront
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Fri, 27 Aug 2021 12:42:29 GMT
server: cloudflare
etag: W/"9d44bfeaac77e35177a630e4bee3b13f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: AMS50-C1
cf-ray: 68607e1dccf0415a-AMS
x-amz-cf-id: cgtDF5gu760MzpjsMJ78W1jDEjypWcn0LGi305_mvUVPbpZyu2YmXw==
cf-bgj: minify

GET
H2 200 hcaptcha-challenge.js Show response
newassets.hcaptcha.com/captcha/v1/cf3b14a/ Frame D5DB 210 KB
59 KB 342ms
41ms Script
application/javascript 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/cf3b14a/hcaptcha-challenge.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/cf3b14a/static/hcaptcha-challenge.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.169.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c458142d26b778444f1ff262948603c23cd48776cc8ecaa4bda7034d5d6f085

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/cf3b14a/static/hcaptcha-challenge.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:32 GMT
via: 1.1 ec354e6d520d6c5c48f3933476169123.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 116476
cf-polished: origSize=215057
x-cache: Hit from cloudfront
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Fri, 27 Aug 2021 12:42:28 GMT
server: cloudflare
etag: W/"4718ce4586845ca419fb917f988523cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: AMS50-C1
cf-ray: 68607e1dccf1415a-AMS
x-amz-cf-id: fKlJ12BFNUH_1rKa_v8Pi50HI1RcwyhWA5BJlltYsNj73-TxAPmLjg==
cf-bgj: minify

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame A140 71 KB
25 KB 91ms
37ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.foxpush.com
URL: https://www.foxpush.com/source/index.html?fox_domain=wavesclaimcom.foxpush.net&hurl=https%3A%2F%2Fwavesclaim.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

14e0c642de6996b0683b294c021bfe3bad4897532b99cf5309a06606d37406d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.foxpush.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "972 / 280 of 1000 / last-modified: 1630102572"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25215
x-xss-protection: 0
expires: Sat, 28 Aug 2021 21:04:32 GMT

GET
H2 200 learn
mena-gmtdmp.mookie1.com/t/v2/ Frame A140 43 B
324 B 71ms
24ms Image
image/gif 35.186.238.175
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mena-gmtdmp.mookie1.com/t/v2/learn?tagid=V2_961593&src.rand=0.8200229794621356
Requested by: Host: www.foxpush.com
URL: https://www.foxpush.com/source/index.html?fox_domain=wavesclaimcom.foxpush.net&hurl=https%3A%2F%2Fwavesclaim.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.175 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 175.238.186.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.foxpush.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 21:04:32 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
cdn.bmcdn1.com/pv/5fbc07d5b8d66f0012447024/ 35 B
325 B 120ms
119ms Image
image/gif 2606:4700:20::ac43:4b23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bmcdn1.com/pv/5fbc07d5b8d66f0012447024/?source=https%3A%2F%2Fwavesclaim.com%2F&ref=&ent=&we=0&fid=a58207a8b0120f3886fb230cfbef5bfb&fidnoua=d207cad57686c4f6be3d54eae457fdfb&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F92.0.4515.159%20Safari%2F537.36&sig=0x00000&blocksubid=0&impid=c9b266f8a0c604faff85cffee5e270c4
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2FuHF2ZdTnbfWbIlLFGwrM%2Fk4Rule57FeGwy3IJXLccZyA9XJEGeXQjK8gfBFO%2FGGcI6s%2FWu7qlbmzRkNRX6vsgbJgvQ6IwEU2hqPmlIdLEwTKB6DEs7q8P7RI5LxSR%2BJ6wWSAiDLx94qpUi"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cf-ray: 68607e1c2e8605c4-FRA
content-length: 35

GET
H2 200 show.php Show response
uprimp.com/ Frame BFB7 2 KB
2 KB 52ms
52ms Document
text/html 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/show.php?u57021630184672=true&ad=673873&f=160x600&a=781385&cri=0&s=ZDRiYmRhNzE0ZjI0NDc1ZDNiNDYzYjJjNDRkN2Q0ZDg=&u=577534&si=979397874&di=40367674&ci=16&h=ab1f72604f226271fc5026382830b006&cc=BE&slider=149fda8ea603bc03dc90cde95f707048&https=1&useAf=loaded_string_351962dd4ad90f02a165ba447c44ac8d6336d_2430953_1630184672.3043_30591&ar=aHR0cHM6Ly93YXZlc2NsYWltLmNvbS8=
Requested by: Host: uprimp.com
URL: https://uprimp.com/banner_show.php?section=General&pub=577534&format=160x600&ga=g&slider=149fda8ea603bc03dc90cde95f707048
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: fcb82518d91c999dd0c7a29b16ad734afe71523c37e1363f7cbaf3ba2ea2ab25

Request headers

:method: GET
:authority: uprimp.com
:scheme: https
:path: /show.php?u57021630184672=true&ad=673873&f=160x600&a=781385&cri=0&s=ZDRiYmRhNzE0ZjI0NDc1ZDNiNDYzYjJjNDRkN2Q0ZDg=&u=577534&si=979397874&di=40367674&ci=16&h=ab1f72604f226271fc5026382830b006&cc=BE&slider=149fda8ea603bc03dc90cde95f707048&https=1&useAf=loaded_string_351962dd4ad90f02a165ba447c44ac8d6336d_2430953_1630184672.3043_30591&ar=aHR0cHM6Ly93YXZlc2NsYWltLmNvbS8=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://uprimp.com/banner_show.php?section=General&pub=577534&format=160x600&ga=g&slider=149fda8ea603bc03dc90cde95f707048
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: used_ad2430953=1; total_impressions=1; cpa_673873=160x600_979397874_5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://uprimp.com/banner_show.php?section=General&pub=577534&format=160x600&ga=g&slider=149fda8ea603bc03dc90cde95f707048

Response headers

server: nginx
date: Sat, 28 Aug 2021 21:04:32 GMT
content-type: text/html; charset=UTF-8
expires: Sat, 28 Aug 2021 21:04:32 GMT
last-modified: Sat, 28 Aug 2021 21:04:32 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet

GET
H3-29 200 pubads_impl_2021081901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame A140 331 KB
116 KB 41ms
41ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js?31062358

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

50235ec9793a0ef9fa1e16fc5d47fdfd56f199b343586308c7cbec1e9937435a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.foxpush.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 19 Aug 2021 08:39:07 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118670
x-xss-protection: 0
expires: Sat, 28 Aug 2021 21:04:32 GMT

GET
H2 200 / Show response
xe9o.xyz/87d1c6c507/4f9c843bb0/ Frame BFB7 1 KB
900 B 149ms
50ms Script
application/javascript 185.66.201.59
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://xe9o.xyz/87d1c6c507/4f9c843bb0/?placementName=ROTATOR&type=n&cv=XZxCkGkikGjGpCGjrijACACjZNrxZNrkNridCrCZZZCCrixCkZCrCrGCxCrpiAppxrZCCr_30148&adApiR=loaded_string_351962dd4ad90f02a165ba447c44ac8d6336d_2430953_1630184672.3043_30591&refferer=1137384903_aHR0cHM6Ly93YXZlc2NsYWltLmNvbS8=&width=160&height=600&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u57021630184672=true&ad=673873&f=160x600&a=781385&cri=0&s=ZDRiYmRhNzE0ZjI0NDc1ZDNiNDYzYjJjNDRkN2Q0ZDg=&u=577534&si=979397874&di=40367674&ci=16&h=ab1f72604f226271fc5026382830b006&cc=BE&slider=149fda8ea603bc03dc90cde95f707048&https=1&useAf=loaded_string_351962dd4ad90f02a165ba447c44ac8d6336d_2430953_1630184672.3043_30591&ar=aHR0cHM6Ly93YXZlc2NsYWltLmNvbS8=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.201.59 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.201.59.skhosting.eu
Software: nginx /
Resource Hash: 6a1d15908130634be5c09faf049757054b88e3a8e9c536fd2311cde9c5282aa2

Request headers

Referer: https://uprimp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 21:04:32 GMT
content-encoding: br
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex,nofollow
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 pub_le6kgi.png
ylx-i.advertica-cdn2.com/aff/ Frame BFB7 34 KB
34 KB 89ms
88ms Image
image/png 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/aff/pub_le6kgi.png?1480419362
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u57021630184672=true&ad=673873&f=160x600&a=781385&cri=0&s=ZDRiYmRhNzE0ZjI0NDc1ZDNiNDYzYjJjNDRkN2Q0ZDg=&u=577534&si=979397874&di=40367674&ci=16&h=ab1f72604f226271fc5026382830b006&cc=BE&slider=149fda8ea603bc03dc90cde95f707048&https=1&useAf=loaded_string_351962dd4ad90f02a165ba447c44ac8d6336d_2430953_1630184672.3043_30591&ar=aHR0cHM6Ly93YXZlc2NsYWltLmNvbS8=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.127 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.127.skhosting.eu
Software: nginx /
Resource Hash: c0b786773b8199074400ae53a7d18d0af81359e240a51e69c9e97482e7281b76

Request headers

Referer: https://uprimp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:32 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2016 11:36:02 GMT
server: nginx
etag: W/"583d6822-8610"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Mon, 27 Sep 2021 21:04:32 GMT

GET
H2 200 logo_n_small.png
ylx-i.advertica-cdn2.com/ Frame BFB7 2 KB
1 KB 95ms
94ms Image
image/png 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/logo_n_small.png?1480628810
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u57021630184672=true&ad=673873&f=160x600&a=781385&cri=0&s=ZDRiYmRhNzE0ZjI0NDc1ZDNiNDYzYjJjNDRkN2Q0ZDg=&u=577534&si=979397874&di=40367674&ci=16&h=ab1f72604f226271fc5026382830b006&cc=BE&slider=149fda8ea603bc03dc90cde95f707048&https=1&useAf=loaded_string_351962dd4ad90f02a165ba447c44ac8d6336d_2430953_1630184672.3043_30591&ar=aHR0cHM6Ly93YXZlc2NsYWltLmNvbS8=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.127 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.127.skhosting.eu
Software: nginx /
Resource Hash: 6c801b5acaa0dcffb9520f320a42f915fdd5d1d6331845e215edb0c578dd5a2f

Request headers

Referer: https://uprimp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:32 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2016 21:46:50 GMT
server: nginx
etag: W/"58409a4a-631"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Mon, 27 Sep 2021 21:04:32 GMT

GET
H2 200 /
uprimp.com/trk/ Frame BFB7 43 B
268 B 60ms
59ms Image
image/gif 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uprimp.com/trk/?ab1f72604f226271fc5026382830b006
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u57021630184672=true&ad=673873&f=160x600&a=781385&cri=0&s=ZDRiYmRhNzE0ZjI0NDc1ZDNiNDYzYjJjNDRkN2Q0ZDg=&u=577534&si=979397874&di=40367674&ci=16&h=ab1f72604f226271fc5026382830b006&cc=BE&slider=149fda8ea603bc03dc90cde95f707048&https=1&useAf=loaded_string_351962dd4ad90f02a165ba447c44ac8d6336d_2430953_1630184672.3043_30591&ar=aHR0cHM6Ly93YXZlc2NsYWltLmNvbS8=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://uprimp.com/show.php?u57021630184672=true&ad=673873&f=160x600&a=781385&cri=0&s=ZDRiYmRhNzE0ZjI0NDc1ZDNiNDYzYjJjNDRkN2Q0ZDg=&u=577534&si=979397874&di=40367674&ci=16&h=ab1f72604f226271fc5026382830b006&cc=BE&slider=149fda8ea603bc03dc90cde95f707048&https=1&useAf=loaded_string_351962dd4ad90f02a165ba447c44ac8d6336d_2430953_1630184672.3043_30591&ar=aHR0cHM6Ly93YXZlc2NsYWltLmNvbS8=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 21:04:32 GMT
last-modified: Sat, 28 Aug 2021 21:04:32 GMT
server: nginx
cache-directive: no-cache
content-type: image/gif
cache-control: public, no-cache
pragma-directive: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
content-length: 43
expires: 0

GET
H2 204 suurl.php Show response
onclickgenius.com/script/ 0
71 B 203ms
156ms Script
text/plain 35.190.71.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://onclickgenius.com/script/suurl.php?r=3990295&cbrandom=0.1662167222929758&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=WavesClaim%20-%20WAVES%20and%20WAVES%20token%20cryptocurrency%20faucet&cbref=&cbdescription=Start%20your%20own%20cryptocurrency%20faucet%20or%20get%20free%20WAVES%20or%20WAVES%20tokens%20here.%20CoffeeCoin%2C%20WAVES%20Coin%20and%20more%20is%20available%20to%20claim%20here&cbkeywords=&cbcdn=acdcdn.com&ufp=1636979707163227057947088968
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.71.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.71.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 28 Aug 2021 21:04:32 GMT
via: 1.1 google
server: openresty
alt-svc: clear

GET
H3-29 200 chrome.js Show response
acdcdn.com/script/ 36 KB
13 KB 30ms
20ms Script
application/javascript 2606:4700:3030::ac43:8691
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acdcdn.com/script/chrome.js
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:8691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59f4d7efe6da31323c45da80772acec8cd177a21530c2de576f86ee3fcefd946

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-goog-hash: crc32c=KoLUvQ==, md5=72VlqyWdr7wIRotNC7RnYg==
date: Sat, 28 Aug 2021 21:04:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1104
x-guploader-uploadid: ABg5-Uw4gesEfcZV-Or9XtfnkVkS3R6ERtHu5ufQfV_vOqhkKiJt1GqsHBTd14kpaU35qAIU1zGU_ledc6H44BcJ4KLUzKTpUg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Mon, 14 Sep 2020 09:15:29 GMT
server: cloudflare
etag: W/"ef6565ab259dafbc08468b4d0bb46762"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kV0Y0vvxsB2gHi02%2FOKx1O%2BZGn7HIhWsrLrVGxfe0bl30JoKu%2FCXsQVY52np%2BvU3jLi8umbc9Q1XOvrmNPs9Yjs5%2Bo6p3RUUmF1lRqbos0eyfD%2Bfa%2BHSDxt8x1ESGXBsMWmifI4%2B%2FYP0"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1600074929755781
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=14400
x-goog-stored-content-length: 37300
cf-ray: 68607e1ceec5061c-FRA
expires: Sat, 28 Aug 2021 21:00:12 GMT

GET
H2 200 / Show response
de.tynt.com/deb/ Frame A265 75 B
289 B 353ms
117ms Document
text/html 208.100.17.185
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3303235&wsid=0&pdom=wavesclaim.com&purl=https://wavesclaim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.185 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip185.208-100-17.static.steadfastdns.net
Software: /
Resource Hash: e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

:method: GET
:authority: de.tynt.com
:scheme: https
:path: /deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://router.infolinks.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://router.infolinks.com/

Response headers

cache-control: max-age=86400
expires: Sun, 29 Aug 2021 21:04:33 GMT
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Sat, 28 Aug 2021 21:04:32 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 83DB
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

2 KB
3 KB

44ms
43ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3303235&wsid=0&pdom=wavesclaim.com&purl=https://wavesclaim.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94dbffa7c2f61be0f3e4481baca0ff583017dd194a0d55b63b70b9ef75e31daf

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://router.infolinks.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YSqk4BzejXq5D7Nkqcps4QAA; CMPS=1132
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://router.infolinks.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 230|39|45|241|57|111|31|51
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1586
Expires: Sat, 28 Aug 2021 21:04:32 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 28 Aug 2021 21:04:32 GMT
Connection: keep-alive
Set-Cookie: CMID=YSqk4BzejXq5D7Nkqcps4QAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 28 Aug 2022 21:04:32 GMT CMPS=1132;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 26 Nov 2021 21:04:32 GMT CMPRO=1105;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 26 Nov 2021 21:04:32 GMT CMST=YSqk4GEqpOAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 29 Aug 2021 21:04:32 GMT CMRUM3=6f612aa4e005a0&1f612aa4e005a00&f1612aa4e005a0&27612aa4e00b40&e6612aa4e02760&2d612aa4e005a0&39612aa4e005a0&33612aa4e005a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 28 Aug 2022 21:04:32 GMT

Redirect headers

Server: Apache
Content-Length: 311
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Sat, 28 Aug 2021 21:04:32 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 28 Aug 2021 21:04:32 GMT
Connection: keep-alive
Set-Cookie: CMID=YSqk4BzejXq5D7Nkqcps4QAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 28 Aug 2022 21:04:32 GMT CMPS=1132;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 26 Nov 2021 21:04:32 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 740D 2 KB
823 B 69ms
22ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3303235&wsid=0&pdom=wavesclaim.com&purl=https://wavesclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=598ce3ddaee8c90
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://router.infolinks.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://router.infolinks.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2

200

usersync
router.infolinks.com/dyn/ Frame 238F
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzVCMDBDQkUtRjY1Mi00OEQxLUE5N0ItQThDMTlFNkZFN0Q0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3D17F0DCD6-63EC-4EF9-9430-241ACED1AE03
https://router.infolinks.com/dyn/usersync?pmuservalue=17F0DCD6-63EC-4EF9-9430-241ACED1AE03

0
157 B

183ms
183ms

Image
text/plain

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/usersync?pmuservalue=17F0DCD6-63EC-4EF9-9430-241ACED1AE03
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3303235&wsid=0&pdom=wavesclaim.com&purl=https://wavesclaim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:33 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
cache-control: no-store
cf-ray: 68607e1fff89fa18-AMS
content-length: 0

Redirect headers

location: https://router.infolinks.com/dyn/usersync?pmuservalue=17F0DCD6-63EC-4EF9-9430-241ACED1AE03
date: Sat, 28 Aug 2021 21:04:33 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

apn-usync
router.infolinks.com/dyn/ Frame 238F
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
https://router.infolinks.com/dyn/apn-usync?user_id=5835301072056174651

35 B
187 B

196ms
196ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/apn-usync?user_id=5835301072056174651
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3303235&wsid=0&pdom=wavesclaim.com&purl=https://wavesclaim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 21:04:33 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 68607e1dbd44fa18-AMS
content-length: 35
expires: Fri, 28 Aug 2020 21:04:33 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 21:04:32 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 50cb956e-5e60-4d1b-b196-2c39d83ebddb
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://router.infolinks.com/dyn/apn-usync?user_id=5835301072056174651
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

VR-usync
router.infolinks.com/dyn/ Frame 238F
Redirect Chain

https://ups.analytics.yahoo.com/ups/58422/occ
https://ups.analytics.yahoo.com/ups/58422/occ?verify=true
https://router.infolinks.com/dyn/VR-usync?uid=y-V3UHhoNE2uHAevkMlSxHNv0lxDOFyj7z7uhr5f8-~A

35 B
301 B

185ms
185ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/VR-usync?uid=y-V3UHhoNE2uHAevkMlSxHNv0lxDOFyj7z7uhr5f8-~A
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3303235&wsid=0&pdom=wavesclaim.com&purl=https://wavesclaim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 21:04:33 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 68607e1dbd43fa18-AMS
content-length: 35
expires: Fri, 28 Aug 2020 21:04:33 GMT

Redirect headers

Date: Sat, 28 Aug 2021 21:04:32 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://router.infolinks.com/dyn/VR-usync?uid=y-V3UHhoNE2uHAevkMlSxHNv0lxDOFyj7z7uhr5f8-~A
Connection: keep-alive
Content-Length: 0

GET

generic
match.adsrvr.org/track/cmf/ Frame 238F
Redirect Chain

https://sync.1rx.io/usersync2/infolinks
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8000503593

0
0

GET
H2

200

zmn-usync
router.infolinks.com/dyn/ Frame 238F
Redirect Chain

https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
https://router.infolinks.com/dyn/zmn-usync?uid=

35 B
178 B

176ms
176ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/zmn-usync?uid=
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3303235&wsid=0&pdom=wavesclaim.com&purl=https://wavesclaim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 21:04:33 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 68607e1fbf4cfa18-AMS
content-length: 35
expires: Fri, 28 Aug 2020 21:04:33 GMT

Redirect headers

Location: https://router.infolinks.com/dyn/zmn-usync?uid=
Pragma: no-cache
Date: Sat, 28 Aug 2021 21:04:33 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 70
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 238F 0
474 B 81ms
18ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3303235&wsid=0&pdom=wavesclaim.com&purl=https://wavesclaim.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 21:04:32 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ca.png
s.cpx.to/ Frame 238F
Redirect Chain

https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fwavesclaim.com%252F&pid=12306&adnxs_uid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fwavesclaim.com%25252F%26pid%3D12306%26adnxs_uid%3D%24UID
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwavesclaim.com%2F&pid=12306&adnxs_uid=8468045726851458069

95 B
945 B

128ms
31ms

Image
image/png

34.243.225.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwavesclaim.com%2F&pid=12306&adnxs_uid=8468045726851458069

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3303235&wsid=0&pdom=wavesclaim.com&purl=https://wavesclaim.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.243.225.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-243-225-216.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache, no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Sat, 28 Aug 2021 21:04:33 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0, no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Sat, 28 Aug 2021 21:04:33 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 21:04:32 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: d363d03b-c06c-401e-b7cc-0cb490d86ebf
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwavesclaim.com%2F&pid=12306&adnxs_uid=8468045726851458069
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 238F 42 B
233 B 2264ms
87ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=202&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fearn-usync%3Fuid%3D%7BUID%7D
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3303235&wsid=0&pdom=wavesclaim.com&purl=https://wavesclaim.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 21:04:35 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2

200

outh-usync
router.infolinks.com/dyn/ Frame 238F
Redirect Chain

https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP8af2c6e3-0843-11ec-afd8-06981d4a6a00
https://router.infolinks.com/dyn/outh-usync?uid=y-HeidMRVE2uG3ZcMsn4isTOMIxHfUwsCs~A~UP8af2c6e3-0843-11ec-afd8-06981d4a6a00

35 B
234 B

266ms
266ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/outh-usync?uid=y-HeidMRVE2uG3ZcMsn4isTOMIxHfUwsCs~A~UP8af2c6e3-0843-11ec-afd8-06981d4a6a00
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3303235&wsid=0&pdom=wavesclaim.com&purl=https://wavesclaim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 21:04:33 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 68607e1e0d96fa18-AMS
content-length: 35
expires: Fri, 28 Aug 2020 21:04:33 GMT

Redirect headers

Date: Sat, 28 Aug 2021 21:04:32 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://router.infolinks.com/dyn/outh-usync?uid=y-HeidMRVE2uG3ZcMsn4isTOMIxHfUwsCs~A~UP8af2c6e3-0843-11ec-afd8-06981d4a6a00
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK usersync
match.bnmla.com/ Frame 238F 0
114 B 309ms
101ms Image
text/plain 38.27.122.158
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.bnmla.com/usersync?sspid=1000361&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fenbd-usync%3Fuid%3D%5BUUID%5D
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3303235&wsid=0&pdom=wavesclaim.com&purl=https://wavesclaim.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.27.122.158 Chestertown, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 21:04:33 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

sovrn-usync
router.infolinks.com/dyn/ Frame 238F
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true
https://router.infolinks.com/dyn/sovrn-usync?uid=4689b8548ede7e1600f32c8a

35 B
194 B

152ms
152ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/sovrn-usync?uid=4689b8548ede7e1600f32c8a
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3303235&wsid=0&pdom=wavesclaim.com&purl=https://wavesclaim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 21:04:33 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 68607e1e1da4fa18-AMS
content-length: 35
expires: Fri, 28 Aug 2020 21:04:33 GMT

Redirect headers

Date: Sat, 28 Aug 2021 21:04:32 GMT
Server: nginx
Location: https://router.infolinks.com/dyn/sovrn-usync?uid=4689b8548ede7e1600f32c8a
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

usersync
router.infolinks.com/dyn/ Frame 238F
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTdGMERDRDYtNjNFQy00RUY5LTk0MzAtMjQxQUNFRDFBRTAz&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3D17F0DCD6-63EC-4EF9-9430-241ACED1AE03
https://router.infolinks.com/dyn/usersync?pmuservalue=17F0DCD6-63EC-4EF9-9430-241ACED1AE03

0
157 B

258ms
258ms

Image
text/plain

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/usersync?pmuservalue=17F0DCD6-63EC-4EF9-9430-241ACED1AE03
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3303235&wsid=0&pdom=wavesclaim.com&purl=https://wavesclaim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:33 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
cache-control: no-store
cf-ray: 68607e1fff88fa18-AMS
content-length: 0

Redirect headers

location: https://router.infolinks.com/dyn/usersync?pmuservalue=17F0DCD6-63EC-4EF9-9430-241ACED1AE03
date: Sat, 28 Aug 2021 21:04:33 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 iq-usync
router.infolinks.com/dyn/ Frame 238F 0
35 B 190ms
190ms Image
text/plain 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/iq-usync
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3303235&wsid=0&pdom=wavesclaim.com&purl=https://wavesclaim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://router.infolinks.com/usync/manage?pid=3303235&wsid=0&pdom=wavesclaim.com&purl=https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:33 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control: no-store
cf-ray: 68607e1e2db2fa18-AMS
content-length: 0

GET
H2

200

zeta-usync
router.infolinks.com/dyn/ Frame 238F
Redirect Chain

https://p.rfihub.com/cm?pub=43153&in=1
https://router.infolinks.com/dyn/zeta-usync?uid=2159827873535228720

35 B
188 B

188ms
188ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/zeta-usync?uid=2159827873535228720
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3303235&wsid=0&pdom=wavesclaim.com&purl=https://wavesclaim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 21:04:33 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 68607e1eae2dfa18-AMS
content-length: 35
expires: Fri, 28 Aug 2020 21:04:33 GMT

Redirect headers

Location: https://router.infolinks.com/dyn/zeta-usync?uid=2159827873535228720
Date: Sat, 28 Aug 2021 21:04:33 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 238F 0
72 B 356ms
116ms Image
text/plain 67.202.110.22
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3303235&wsid=0&pdom=wavesclaim.com&purl=https://wavesclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.22 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip22.67-202-110.static.steadfastdns.net
Software: 33XP002 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-33x-status: 2000208
date: Sat, 28 Aug 2021 21:04:32 GMT
server: 33XP002

GET
H2 200 integrator.js Show response
adservice.google.be/adsid/ Frame A140 107 B
853 B 49ms
16ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.be/adsid/integrator.js?domain=www.foxpush.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js?31062358

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.foxpush.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 28 Aug 2021 21:04:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame A140 107 B
122 B 24ms
22ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.foxpush.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js?31062358

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.foxpush.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 28 Aug 2021 21:04:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame A140 347 B
180 B 201ms
201ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2162507956242580&correlator=3305410088036572&output=ldjh&impl=fifs&eid=31062358%2C31062297%2C31062093&vrg=2021081901&ptt=17&sc=1&sfv=1-0-38&ecs=20210828&iu_parts=21795300705%2CDSP_interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x480&cdm=www.foxpush.com&bc=31&abxe=1&lmt=1627501039&dt=1630184672868&dlt=1630184672324&idt=523&ea=0&frm=24&biw=-12245933&bih=-12245933&oid=3&adxs=-12245933&adys=-12245933&adks=665474176&ucis=xxcvdij81yrc&ifi=1&ifk=4077135688&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&nhd=1&url=https%3A%2F%2Fwww.foxpush.com%2Fsource%2Findex.html%3Ffox_domain%3Dwavesclaimcom.foxpush.net%26hurl%3Dhttps%253A%252F%252Fwavesclaim.com%252F&ref=https%3A%2F%2Fwavesclaim.com%2F&top=https%3A%2F%2Fwavesclaim.com%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x0&ga_vid=741407049.1630184673&ga_sid=1630184673&ga_hid=800259198&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js?31062358

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

826796c31d063f4ae558d0de68c3d5383f162f54877c9418f8f70bba5212d2ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.foxpush.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 149
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.foxpush.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e04cba7c5a662fd6eadb31eaf81234f8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CE34 6 KB
3 KB 39ms
13ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e04cba7c5a662fd6eadb31eaf81234f8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js?31062358

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: e04cba7c5a662fd6eadb31eaf81234f8.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.foxpush.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.foxpush.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 28 Aug 2021 21:04:32 GMT
expires: Sun, 28 Aug 2022 21:04:32 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
xe9o.xyz/87d1c6c507/4f9c843bb0/ Frame 2EC6 44 KB
7 KB 60ms
60ms Document
text/html 185.66.201.59
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://xe9o.xyz/87d1c6c507/4f9c843bb0/?placementName=ROTATOR&type=n&cv=XZxCkGkikGjGpCGjrijACACjZNrxZNrkNridCrCZZZCCrixCkZCrCrGCxCrpiAppxrZCCr_30148&adApiR=loaded_string_351962dd4ad90f02a165ba447c44ac8d6336d_2430953_1630184672.3043_30591&refferer=1137384903_aHR0cHM6Ly93YXZlc2NsYWltLmNvbS8=&width=160&height=600&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=9619456406&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
Requested by: Host: xe9o.xyz
URL: https://xe9o.xyz/87d1c6c507/4f9c843bb0/?placementName=ROTATOR&type=n&cv=XZxCkGkikGjGpCGjrijACACjZNrxZNrkNridCrCZZZCCrixCkZCrCrGCxCrpiAppxrZCCr_30148&adApiR=loaded_string_351962dd4ad90f02a165ba447c44ac8d6336d_2430953_1630184672.3043_30591&refferer=1137384903_aHR0cHM6Ly93YXZlc2NsYWltLmNvbS8=&width=160&height=600&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.201.59 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.201.59.skhosting.eu
Software: nginx /
Resource Hash: 14540217682f3e7626c7103795d2c7f61861ddf9d68f8689573879a8fde8a537

Request headers

:method: GET
:authority: xe9o.xyz
:scheme: https
:path: /87d1c6c507/4f9c843bb0/?placementName=ROTATOR&type=n&cv=XZxCkGkikGjGpCGjrijACACjZNrxZNrkNridCrCZZZCCrixCkZCrCrGCxCrpiAppxrZCCr_30148&adApiR=loaded_string_351962dd4ad90f02a165ba447c44ac8d6336d_2430953_1630184672.3043_30591&refferer=1137384903_aHR0cHM6Ly93YXZlc2NsYWltLmNvbS8=&width=160&height=600&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=9619456406&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://uprimp.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://uprimp.com/

Response headers

server: nginx
date: Sat, 28 Aug 2021 21:04:32 GMT
content-type: text/html; charset=UTF-8
set-cookie: total_impressions=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; secure; SameSite=None used_ad2430953=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; SameSite=None
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-origin: *
content-encoding: br

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 83DB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YSqk4BzejXq5D7Nkqcps4QAABFEAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEI8KQ4GRTb-BNROdeYtr87Y&google_cver=1

43 B
315 B

34ms
34ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEI8KQ4GRTb-BNROdeYtr87Y&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 21:04:33 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Sat, 28 Aug 2021 21:04:33 GMT

Redirect headers

pragma: no-cache
date: Sat, 28 Aug 2021 21:04:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEI8KQ4GRTb-BNROdeYtr87Y&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET casale
match.adsrvr.org/track/cmf/ Frame 83DB 0
0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 83DB
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YSqk4BzejXq5D7Nkqcps4QAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECH3ICzmhFgH11J-aH_5zlc&google_cver=1&gdpr=1

43 B
1019 B

38ms
38ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECH3ICzmhFgH11J-aH_5zlc&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 21:04:33 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 28 Aug 2021 21:04:33 GMT

Redirect headers

pragma: no-cache
date: Sat, 28 Aug 2021 21:04:33 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECH3ICzmhFgH11J-aH_5zlc&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 83DB
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSqk4BzejXq5D7Nkqcps4QAABFEAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSqk4BzejXq5D7Nkqcps4QAABFEAAAAB&dcc=t

43 B
645 B

105ms
105ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSqk4BzejXq5D7Nkqcps4QAABFEAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 21:04:33 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: TQKNDYZMZCX830SM672H
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 21:04:33 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 739R9E28NCE6FCPFGXTW
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSqk4BzejXq5D7Nkqcps4QAABFEAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 83DB
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2159827873535228720

43 B
992 B

42ms
39ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2159827873535228720
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 21:04:33 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 28 Aug 2021 21:04:33 GMT

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2159827873535228720
Date: Sat, 28 Aug 2021 21:04:33 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 403 match
c1.adform.net/serving/cookie/ Frame 83DB 0
331 B 97ms
30ms Image
text/plain 37.157.2.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=29&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 21:04:33 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame 83DB
Redirect Chain

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6834710731736051871&uid=Q6834710731736051871&ref=%2Feucm%2Fp%2Fcc
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

28ms
28ms

Image
image/gif

104.111.242.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-53.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 21:04:33 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/5.3.3
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Sat, 28 Aug 2021 21:04:33 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 83DB 43 B
146 B 76ms
23ms Image
image/gif 52.57.222.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.222.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-222-152.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:33 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 ix-usync
router.infolinks.com/dyn/ Frame 83DB 35 B
197 B 148ms
147ms Image
image/gif 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/ix-usync?uid=YSqk4BzejXq5D7Nkqcps4QAA%261105
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 21:04:33 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 68607e1dfd8dfa18-AMS
content-length: 35
expires: Fri, 28 Aug 2020 21:04:33 GMT

GET
DATA 200
OK truncated
/ Frame 57B8 798 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 checksiteconfig Show response
hcaptcha.com/ Frame 57B8 508 B
929 B 51ms
51ms XHR
application/json 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/checksiteconfig?host=wavesclaim.com&sitekey=66e5212a-9dcb-4b2a-bc2d-17b88d0a1439&sc=1&swa=1

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/cf3b14a/hcaptcha-checkbox.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

104.16.169.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36e72edac241ebbe7bc74a1d8f4fdb224697d8beb23282b9adbde1e4ba39e151

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://newassets.hcaptcha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sat, 28 Aug 2021 21:04:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
cf-chl-bypass: 2
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-credentials: true
strict-transport-security: max-age=2592000; includeSubDomains; preload
cf-ray: 68607e1e9a7dfa1c-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

OPTIONS
H2 200 checksiteconfig
hcaptcha.com/ Frame 0
0 72ms
31ms Preflight 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/checksiteconfig?host=wavesclaim.com&sitekey=66e5212a-9dcb-4b2a-bc2d-17b88d0a1439&sc=1&swa=1

Protocol

Server

104.16.168.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cache-control,content-type
Origin: https://newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 28 Aug 2021 21:04:33 GMT
content-length: 0
access-control-allow-origin: https://newassets.hcaptcha.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
access-control-allow-methods: GET, HEAD, POST, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 68607e1e6ab61f95-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A140 11 KB
8 KB 25ms
24ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021081901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js?31062358

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd7c629521477324548f75836e2cbd5d932b452f9d77b11fe3dcc327d654252f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.foxpush.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 28 Aug 2021 21:04:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8590
x-xss-protection: 0

GET
H3-29 200 hsw.js Show response
newassets.hcaptcha.com/c/3e8078f0/ Frame D5DB 853 KB
323 KB 134ms
134ms Script
application/javascript 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/c/3e8078f0/hsw.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/cf3b14a/hcaptcha-challenge.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

104.16.169.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44a3867381adb7e33c6dbad98c7b1ac198e873340ed24cf3f7c03ef139f403d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/cf3b14a/static/hcaptcha-challenge.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:33 GMT
via: 1.1 614841c4d4b9d16b3be042dd1938400c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 83761
cf-polished: origSize=873288
x-cache: Hit from cloudfront
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Fri, 27 Aug 2021 21:43:13 GMT
server: cloudflare
etag: W/"373c84793b699a747aae557d2514a87e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: AMS50-C1
cf-ray: 68607e1f9bd5fa1c-AMS
x-amz-cf-id: qCfXrKeVjdqRh2XXS_m8rBOECCaukq8UOoXgyFJxZWy2YwxKf4rQLg==
cf-bgj: minify

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A140 17 KB
6 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js?31062358

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.foxpush.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Sat, 28 Aug 2021 21:04:33 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame FC0A 12 KB
5 KB 16ms
13ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.foxpush.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.foxpush.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Sat, 28 Aug 2021 18:47:58 GMT
expires: Sun, 28 Aug 2022 18:47:58 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 8195
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 235C 783 B
761 B 15ms
14ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

32e7623b408a7eba169df291077fd6ce88a8d035c579d0e7282a66ebcc11fc84

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-+IYYpHHieX3oTqKIXgPagQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.foxpush.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.foxpush.com/

Response headers

expires: Sat, 28 Aug 2021 21:04:33 GMT
date: Sat, 28 Aug 2021 21:04:33 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-+IYYpHHieX3oTqKIXgPagQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 sQt6kG1VEX4ZkVCQ2zrYBt2h-USstYHheUuBM8cMhT0.js Show response
pagead2.googlesyndication.com/bg/ Frame FC0A 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sQt6kG1VEX4ZkVCQ2zrYBt2h-USstYHheUuBM8cMhT0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b10b7a906d55117e19915090db3ad806dda1f944acb581e1794b8133c70c853d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 14:44:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13256
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 15:08:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Aug 2022 14:44:53 GMT

GET
H3-29 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A140 0
0 48ms
47ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gpt_2021081901&jk=2162507956242580&bg=!oKOlo-fNAAYXVutgF1Y7ACkAdvg8WvOELdCmKuSRe-4xciB5IyZDhq2QEE4E_mRe_oJ7ftCs9Z3SFQIAAABzUgAAADBoAQeZApWllxVol6TSCgufZlXJpdIBUdodoNEVMrRMT79AnCHcL0a_nsz1UCH7MpQw2HUrnUpeNQ_Ie9vV2yDHlu63jVN8APIkhUQ3w0hsP1pFg61hZmlSvP4HE0lgs2xcBTQ2tk66xISgt_Xi2OLMeHKfsv5oR-K5c6GkfQznjcFIrVFmvunEwyTKjoq_rl9OklmX1H8upJF9OpHUR-H_x_InpUDnAE-Hfjr0Cb0uZ4HH_tK1Yy4-wEdS7VsPxGY9BQn5XVFuAgxVDBmvOiQTjHyYQ1tiULh-8sAW2ugOvWfIhyQ2bnUWw-1Zq5H3LI5bVt-33T62HBa0j4zvEprlYwcMPYvGkv_Vst_hNN7BosT_P1GPdFtG_WWtFiD0BHxVppV2le9sBFBy_eGNQWFhrlee4oiZpaXXRIKYXfpiEYS4KIyUtzEFiT0MGFU8EXiBRqZ80NmBFvp823DZcGLD-B2BmFmmzRAZDivI3pyCvv3go3Mp6a95XetYvLCkHP6jPr4F3_4mq1a1zv9nScaK8GdV8qhcNJL5QdDiEYo0D9yws-OCaPK_qFot6XJXYqBJt46tdCXUiGzX6nARoLUl3U8-Sp8bFDypcMX-AHPL5hujiNcsjZfhMpUjLeCpKXQc7zRSaOP6_BMDWGFayQHgFuRfhwdwOiJ7045IlhQV8mkZzRAYp1UMHv7qp3uzFLk-8I1b59w3xqjQBEsaSYFOdFbYB7RduU4Mq4qQxtezuaoO9V40yz34rRcJNEnC79nv1kX_yYqjkYdpP1lQbixt6iKKQ8Esr0KN8jOlT0fzRtgNIWBL3mb_uAd_BFRKnfooKP8MbIbPTDe3_Z0WngquJBxdRjjWnzYZvWAvL490cMt_ygI9ozUHPBBH
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.foxpush.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 sync Show response
pixel.digitalkites.com/prod/ Frame 84C4 150 B
1 KB 157ms
131ms Document
text/html 2606:4700:3032::6815:15f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.digitalkites.com/prod/sync?plid=16301846750679424

Requested by

Host: sdk.audienceplay.com
URL: https://sdk.audienceplay.com/audienceplay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:15f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

6fe8d13545c21014fa02d3e52eeb085fb0b7600777496e9c545674ae4b039816

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http://localhost:3234 secure.adnxs.com a.audrte.com pixel.tapad.com cm.g.doubleclick.net match.adsrvr.org;script-src 'self' localhost:3234 code.jquery.com maxcdn.bootstrapcdn.com pixel.digitalkites.com;style-src 'self' maxcdn.bootstrapcdn.com;font-src 'self' maxcdn.bootstrapcdn.com

Request headers

:method: GET
:authority: pixel.digitalkites.com
:scheme: https
:path: /prod/sync?plid=16301846750679424
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wavesclaim.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://wavesclaim.com/

Response headers

date: Sat, 28 Aug 2021 21:04:35 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
content-security-policy: default-src 'self' http://localhost:3234 secure.adnxs.com a.audrte.com pixel.tapad.com cm.g.doubleclick.net match.adsrvr.org;script-src 'self' localhost:3234 code.jquery.com maxcdn.bootstrapcdn.com pixel.digitalkites.com;style-src 'self' maxcdn.bootstrapcdn.com;font-src 'self' maxcdn.bootstrapcdn.com
vary: Origin
access-control-allow-credentials: true
set-cookie: audience_play=j%3A%7B%22dk_cookie_id%22%3A16301846750679424%7D; Max-Age=7257; Domain=.digitalkites.com; Path=/; Expires=Sat, 28 Aug 2021 23:05:32 GMT; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wyZ8hnjR5Q5xZpUKaCHd29xudHRnsof04mTjZ0d6H8mKiCyYnfvmrXHCTGJufrURkxy0Te1iUHKKxEILEaYYBKblg42IpNaCEgV61ns4OAsCcdbfw2kTUxytIYUu9yV42cOA%2FnUgnCS%2B2a5Jgs1YAkjHHjz7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 68607e2b5b02c2ea-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

OPTIONS
H2 204 id
pixel.digitalkites.com/prod/ Frame 0
0 161ms
134ms Preflight 2606:4700:3032::6815:15f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.digitalkites.com/prod/id

Protocol

Server

2606:4700:3032::6815:15f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http://localhost:3234 secure.adnxs.com a.audrte.com pixel.tapad.com cm.g.doubleclick.net match.adsrvr.org;script-src 'self' localhost:3234 code.jquery.com maxcdn.bootstrapcdn.com pixel.digitalkites.com;style-src 'self' maxcdn.bootstrapcdn.com;font-src 'self' maxcdn.bootstrapcdn.com

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: datain,uniqid,x-access-token
Origin: https://wavesclaim.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 28 Aug 2021 21:04:35 GMT
content-length: 0
x-powered-by: Express
content-security-policy: default-src 'self' http://localhost:3234 secure.adnxs.com a.audrte.com pixel.tapad.com cm.g.doubleclick.net match.adsrvr.org;script-src 'self' localhost:3234 code.jquery.com maxcdn.bootstrapcdn.com pixel.digitalkites.com;style-src 'self' maxcdn.bootstrapcdn.com;font-src 'self' maxcdn.bootstrapcdn.com
access-control-allow-origin: https://wavesclaim.com
vary: Origin, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers: datain,uniqid,x-access-token
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OQ3bVyd%2FVvFPU%2F8AH6O2iC0V7UTG9Au8NPHd%2FgvWlZHR7sfd7qxWhgdKCXuotTyuIyHCtkriL7PsWpX5cLF9I3VUOf5eurZTbuSC8Ge3uf4Iu2cbDYdxug9SsbLYsA33x%2BW3GXUMnaQ87KEQna4yhdH9WGxt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 68607e2b59562b16-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 id Show response
pixel.digitalkites.com/prod/ 20 B
1 KB 144ms
133ms XHR
application/json 2606:4700:3032::6815:15f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.digitalkites.com/prod/id

Requested by

Host: sdk.audienceplay.com
URL: https://sdk.audienceplay.com/audienceplay.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:15f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

6c5ca05e40e26d3c25d4d8c3cd33b5c1e0e8b68155e7cda7e05786cb0ccadb37

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http://localhost:3234 secure.adnxs.com a.audrte.com pixel.tapad.com cm.g.doubleclick.net match.adsrvr.org;script-src 'self' localhost:3234 code.jquery.com maxcdn.bootstrapcdn.com pixel.digitalkites.com;style-src 'self' maxcdn.bootstrapcdn.com;font-src 'self' maxcdn.bootstrapcdn.com

Request headers

datain: [{"traitGroup":"Users","data":[]}]
uniqid: 16301846750679424
Referer: https://wavesclaim.com/
x-access-token: acp15ghuz3l0knye9bpo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 20
server: cloudflare
etag: W/"14-qdqXlrDBN/kIMzlc4jWECkUKQoM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AMXcf3fKRfvfdobZ7a5fuxgIFnkx1UuMQ3GISsr7yWcedyIqDKa9YdPOo9BEk9Gpd4dPFEbTGcvXZtVYMzvWrBtkDyrLSXmldtdhvlh2IJODORzu7Q6WrJvkdOvfzxVNlPIGqDPxBxern86GTtOY83IPRwIg"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wavesclaim.com
access-control-allow-credentials: true
content-security-policy: default-src 'self' http://localhost:3234 secure.adnxs.com a.audrte.com pixel.tapad.com cm.g.doubleclick.net match.adsrvr.org;script-src 'self' localhost:3234 code.jquery.com maxcdn.bootstrapcdn.com pixel.digitalkites.com;style-src 'self' maxcdn.bootstrapcdn.com;font-src 'self' maxcdn.bootstrapcdn.com
cf-ray: 68607e2c3e844ab6-FRA

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 28ms
27ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210823&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ebb24eb59072bdd95e76a901f42a807a736baf542c044707c7717c23a46dcbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 28 Aug 2021 21:04:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8706
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Sat, 28 Aug 2021 21:04:35 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 9D8A 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wavesclaim.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://wavesclaim.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Sat, 28 Aug 2021 18:47:58 GMT
expires: Sun, 28 Aug 2022 18:47:58 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 8197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2EB5 783 B
532 B 25ms
24ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

22d0c167003c2e4a4c040fbacf6481c7d6d91c750f0ebafc9218b08c2c04d395

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-/89Z/iyhxJlW8KD3mTVlmw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wavesclaim.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://wavesclaim.com/

Response headers

expires: Sat, 28 Aug 2021 21:04:35 GMT
date: Sat, 28 Aug 2021 21:04:35 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-/89Z/iyhxJlW8KD3mTVlmw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 sQt6kG1VEX4ZkVCQ2zrYBt2h-USstYHheUuBM8cMhT0.js Show response
pagead2.googlesyndication.com/bg/ Frame 9D8A 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sQt6kG1VEX4ZkVCQ2zrYBt2h-USstYHheUuBM8cMhT0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b10b7a906d55117e19915090db3ad806dda1f944acb581e1794b8133c70c853d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 14:44:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22782
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13256
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 15:08:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Aug 2022 14:44:53 GMT

GET
H3-29

200

dksync
pixel.digitalkites.com/prod/ Frame 84C4
Redirect Chain

https://secure.adnxs.com/getuid?https://pixel.digitalkites.com/prod/dksync?cookie=$UID&type=adnxs&plid=16301846750679424
https://pixel.digitalkites.com/prod/dksync?cookie=5835301072056174651&type=adnxs&plid=16301846750679424

15 B
15 B

470ms
470ms

Image
application/json

2606:4700:3032::6815:15f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.digitalkites.com/prod/dksync?cookie=5835301072056174651&type=adnxs&plid=16301846750679424

Requested by

Host: pixel.digitalkites.com
URL: https://pixel.digitalkites.com/prod/sync?plid=16301846750679424

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:15f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http://localhost:3234 secure.adnxs.com a.audrte.com pixel.tapad.com cm.g.doubleclick.net match.adsrvr.org;script-src 'self' localhost:3234 code.jquery.com maxcdn.bootstrapcdn.com pixel.digitalkites.com;style-src 'self' maxcdn.bootstrapcdn.com;font-src 'self' maxcdn.bootstrapcdn.com

Request headers

Referer: https://pixel.digitalkites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 21:04:35 GMT
etag: W/"f-df0i8xWIsJg/Z92dk+WpwQxAy7I"
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UuPLn%2BjM2Zrx%2BS5cVwHKw3bStowj4VsfCgW8VoclHIcDq7f4cGpVuXkMm5Nsp8SBuWkrWp%2B72lgqrslgr%2BtyM6S6SEMdSBGpcdg4wQIsm%2BTfJUY0YzQfgG2rpJUVe5gUBFFH%2BRXlXnGbFVt6doN%2B5StOXVfA"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
content-security-policy: default-src 'self' http://localhost:3234 secure.adnxs.com a.audrte.com pixel.tapad.com cm.g.doubleclick.net match.adsrvr.org;script-src 'self' localhost:3234 code.jquery.com maxcdn.bootstrapcdn.com pixel.digitalkites.com;style-src 'self' maxcdn.bootstrapcdn.com;font-src 'self' maxcdn.bootstrapcdn.com
cf-ray: 68607e2c9f554ab6-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 15

Redirect headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 21:04:35 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ce1182d3-a74a-4bb1-a62b-89a61029583a
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://pixel.digitalkites.com/prod/dksync?cookie=5835301072056174651&type=adnxs&plid=16301846750679424
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 32ms
31ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210823&jk=2462723019140492&bg=!qqmlqe3NAAYXVutgF1Y7ACkAdvg8WhImrMUHxrIttr62A_xHbdlIrC7Q0VtVAxH_yNBxUwaNhT3vDgIAAABvUgAAAAxoAQcKAGJns3cjmTxqxksiiCpGviWYfVnkWlL6IrI1ZZ1eDYOeG3JvB3_J5mMSgu51ZrCgJMqq2ToW2E3kuwnOFy8WcAMztRjMu9dFT3lmqRo8uz9wQvUVMkzFIM-b_RvWYbExVwF3o5kCf2FOlaQ1pwpLnivJYnddtSWweMr1mTvkiwioP36CAYQWIw1mulkjNYVCGgweyxqLF4Mch1X-tBu0coDQSuH62ZpT-yvmf65s1RvbrV_Dj_n9b19hwoGZOfIEOo-_QUaC0WEo1BRvEEGwifssn3UdGXdyhi5FHYmpH8RH9vy6eG0kMc9S8qStiZgJzZF0_0hvcLWLbe4iLtUoAE0RLNXmsHfSvr7jE-MP2BkKAFdeMr4yYCF4Q0pSgMex7OzubDjQMcxP9vMStrAIjUF5bvdKVWM0RRU0BlAUdDBa0R0rD2tDF56h-LXzBm2weKVXKbsKfd5LR-rgCZPsJE9vC19nn_DpIRMm-lbr-sFri8tsUDTGW4GY52Sy1yGTq9vBuus_fGFLce10HWOvOzwBx6Oh3nYdjs4eKpmD042ZO4ZAIGlmZPOHtT20ByXgdqYrXVRMRMYJaIR2Yl_Qwt-NgzKzbD01OGj91P0iRVhOGehC6YdA64b2Nfe3NoK50b9-zhF_Q_IvnR8WIs6VvREiEkhf4Z2-H8zv3YRpMzr1CR1XoL4k6Nw6MSco9do6C83hUUqnG-kUS2h8kFQIhtYGAjNWXlML2pDtzGa7O4GY9DpabRATsP0930Qz31McWJX1v0vFzbRoJShFaV1FjWFYwCZHR5R6l69yr2mfudLDxlHo59i2-ofKpecSsXt7KRVhyqEN3TR-TAuQipaKqrPCHpZPcHG-a0cjwWL8S9csgS9-FBO73Kf3M1PxsvUVwGEJA0Kqp22wgi6EmFkzhBZaaDevH0zs44VHwm4WNOQ6C48bDyT0lnppojVQy9mUeWnySZ18L_AHCAlN7YD102_Yrc1GcA
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: match.adsrvr.org
URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8000503593

Domain: match.adsrvr.org
URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1

Verdicts & Comments Add Verdict or Comment

195 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.casalemedia.com/	1970-01-20 05:35:20	Name: CMRUM3 Value: 1f612aa4e005a00&6f612aa4e005a0&39612aa4e127602159827873535228720&e6612aa4e02760&2d612aa4e12760CAESECH3ICzmhFgH11J-aH_5zlc&33612aa4e005a0&f1612aa4e005a0&27612aa4e00b40
.casalemedia.com/	1970-01-19 22:59:20	Name: CMPRO Value: 1105
.casalemedia.com/	1970-01-19 22:59:20	Name: CMPS Value: 1132
.casalemedia.com/	1970-01-20 05:35:20	Name: CMID Value: YSqk4BzejXq5D7Nkqcps4QAA
.ufpcdn.com/	1970-01-19 20:49:46	Name: __cf_bm Value: 103a24b918c79ab3da1507bd7a47b7999168a1df-1630184672-1800-Aemv+GGkERbo9B7I9CuIEhMBHGSImI2CxdcLyaT6DJbiR4lZ663GAUiGrUZ23a1lOivVL3PJDXTeqeGMg/1YnTg=
.infolinks.com/	1970-01-19 22:59:20	Name: ANUSERCOOKIE Value: 5835301072056174651
.infolinks.com/	1970-01-19 20:51:11	Name: SOVRNUSERCOOKIE Value: 4689b8548ede7e1600f32c8a
.infolinks.com/	1970-01-19 20:51:11	Name: IXUSERCOOKIE Value: YSqk4BzejXq5D7Nkqcps4QAA&1105
.infolinks.com/	1970-01-19 22:59:20	Name: ZMNUSERCOOKIE Value: ""
wavesclaim.com/	1970-01-19 22:16:08	Name: adcashufpv3 Value: 1636979707163227057947088968
.uprimp.com/	1970-01-19 21:32:56	Name: cpa_673873 Value: 160x600_979397874_5
.uprimp.com/	1970-01-19 20:50:09	Name: used_ad2430953 Value: 1
.casalemedia.com/	1970-01-19 20:51:11	Name: CMST Value: YSqk4GEqpOEA
.wavesclaim.com/	1970-01-19 20:49:46	Name: _hjFirstSeen Value: 1
.doubleclick.net/	1970-01-20 06:11:20	Name: IDE Value: AHWqTUmNFSO8NSA33V0i4oAH3z3RklhIk8Io130Rg8i13Gsh7mpLYbtvoeN-sK4E2q0
.infolinks.com/	1970-01-19 20:51:11	Name: KADUSERCOOKIE Value: 17F0DCD6-63EC-4EF9-9430-241ACED1AE03~1630184759836
wavesclaim.com/	1969-12-31 23:59:59	Name: new Value: no
wavesclaim.com/	1970-01-19 20:59:56	Name: bitmedia_fid Value: eyJmaWQiOiJhNTgyMDdhOGIwMTIwZjM4ODZmYjIzMGNmYmVmNWJmYiIsImZpZG5vdWEiOiJkMjA3Y2FkNTc2ODZjNGY2YmUzZDU0ZWFlNDU3ZmRmYiJ9
wavesclaim.com/	1969-12-31 23:59:59	Name: logglytrackingsession Value: 634dcb70-ae65-4fe7-9ded-f85e8b93c881
.infolinks.com/	1970-01-19 20:51:11	Name: VRUSERCOOKIE Value: y-V3UHhoNE2uHAevkMlSxHNv0lxDOFyj7z7uhr5f8-~A
.wavesclaim.com/	1970-01-20 06:11:20	Name: __gads Value: ID=598b8796e52088f9-2230208701ca002c:T=1630184672:RT=1630184672:S=ALNI_MaZlG5X_5od8lEwN5wxFpO8RQawXw
.infolinks.com/	1970-01-19 20:51:11	Name: ZTUSERCOOKIE Value: 2159827873535228720
.uprimp.com/	1970-01-19 20:50:09	Name: total_impressions Value: 1
wavesclaim.com/	1970-01-24 20:49:44	Name: language Value: eng
.wavesclaim.com/	1970-01-20 05:35:20	Name: _hjid Value: 545987c6-9a0c-40cb-a42e-70514e8e8f79
wavesclaim.com/	1970-01-20 06:15:39	Name: _pk_id.1.84fd Value: ae56cc02d902acca.1630184672.
wavesclaim.com/	1969-12-31 23:59:59	Name: sidenav-state Value: pinned
.infolinks.com/	1970-01-19 20:51:11	Name: OUTHUSERCOOKIE Value: y-HeidMRVE2uG3ZcMsn4isTOMIxHfUwsCs~A~UP8af2c6e3-0843-11ec-afd8-06981d4a6a00
wavesclaim.com/	1970-01-19 20:49:46	Name: _pk_ses.1.84fd Value: 1

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://www.hcaptcha.com/1/api.js(Line 1) Message: [hCaptcha] You are loading hCaptcha js api using a "www" prefix. Please remove the prefix.
console-api	log	URL: https://cdn.foxpush.net/sdk/foxpush_SDK_min.js(Line 2) Message: %c Push notifications powered by: FoxPush.com background: #222; color: #bada55;font-size:20px;
console-api	log	URL: https://resources.infolinks.com/js/1755.008-3.025/ice.js(Line 1) Message: [object Object]
console-api	log	URL: https://resources.infolinks.com/js/1755.008-3.025/ice.js(Line 1) Message: Failed to log to loggly because of this exception: SecurityError: Blocked a frame with origin "https://wavesclaim.com" from accessing a cross-origin frame.
console-api	log	URL: https://resources.infolinks.com/js/1755.008-3.025/ice.js(Line 1) Message: Failed log data: [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdcdn.com
adservice.google.be
adservice.google.com
adservice.google.de
ap.lijit.com
api.coingecko.com
b1sync.zemanta.com
c1.adform.net
cdn.bmcdn1.com
cdn.foxpush.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.jquery.com
de.tynt.com
dsp.adkernel.com
dsum-sec.casalemedia.com
e04cba7c5a662fd6eadb31eaf81234f8.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hcaptcha.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
json.foxpush.com
match.adsrvr.org
match.bnmla.com
mena-gmtdmp.mookie1.com
newassets.hcaptcha.com
onclickgenius.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.advertising.com
pixel.digitalkites.com
px.owneriq.net
resources.infolinks.com
revive.wavesclaim.com
router.infolinks.com
s.amazon-adsystem.com
s.cpx.to
script.hotjar.com
sdk.audienceplay.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssc-cms.33across.com
ssum-sec.casalemedia.com
static.hotjar.com
sync.go.sonobi.com
tpc.googlesyndication.com
ufpcdn.com
uprimp.com
ups.analytics.yahoo.com
vars.hotjar.com
wavesclaim.com
www.foxpush.com
www.google.com
www.googletagservices.com
www.hcaptcha.com
x.bidswitch.net
xe9o.xyz
ylx-i.advertica-cdn2.com
match.adsrvr.org
104.111.242.53
104.16.168.131
104.16.169.131
104.22.3.144
13.224.96.11
13.224.96.22
13.224.96.61
142.250.184.226
174.137.133.49
178.162.133.149
18.159.118.206
185.33.221.15
185.64.190.79
185.64.190.80
185.64.190.81
185.66.200.127
185.66.200.220
185.66.201.59
193.0.160.129
2.18.234.21
2001:4de0:ac18::1:a:2a
208.100.17.185
209.54.178.82
216.58.212.162
2600:9000:21f3:5600:16:9649:e700:93a1
2606:4700:20::681a:bb8
2606:4700:20::ac43:4a0f
2606:4700:20::ac43:4b23
2606:4700:3030::6815:3262
2606:4700:3030::6815:32f6
2606:4700:3030::ac43:8691
2606:4700:3032::6815:15f1
2606:4700:3037::ac43:8e31
2606:4700::6810:125e
2606:4700::6810:135e
2606:4700::6812:1d78
2a00:1450:4001:800::2002
2a00:1450:4001:800::2004
2a00:1450:4001:803::2002
2a00:1450:4001:808::2001
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2002
2a00:1450:4001:828::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2002
3.126.56.137
34.243.225.216
35.186.238.175
35.190.71.96
37.157.2.235
37.252.172.36
38.27.122.158
51.89.9.254
52.57.222.152
67.202.110.22
70.42.32.63
72.251.249.14
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
03241a470052a86e3d0bc4c77894ae3f87a1452092fff62ff01d499ead7decac
05f40e574c4e4b91a0fdfb6ee91808f1ad41eb09094d46760c7da79ced96e31f
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0c94204707a34fcdb26f2880fd1e098140151024badffec94b2b8e196efe3afe
10d159adb573ca535b8275f1d27dc8d60fffd9678ee3b5f1a0f7b4be4a77342f
14540217682f3e7626c7103795d2c7f61861ddf9d68f8689573879a8fde8a537
14e0c642de6996b0683b294c021bfe3bad4897532b99cf5309a06606d37406d9
1563242650b171ec2891fd663277b9e83aad237cfbbe9576680771451849df64
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
18f9419ad302201587523379f81fa7052a924066b2e329fd76c02be1d3fa3c5c
22d0c167003c2e4a4c040fbacf6481c7d6d91c750f0ebafc9218b08c2c04d395
3180896cdbb6e4503702f23f81a4663a12bbe7b9c77b8f20a074211d997bc35f
32e7623b408a7eba169df291077fd6ce88a8d035c579d0e7282a66ebcc11fc84
340af9cf232bd437b63b6a3b2ec3fcc8e0988a79fd8af20514743908ee9f8765
36e72edac241ebbe7bc74a1d8f4fdb224697d8beb23282b9adbde1e4ba39e151
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
394156ee114ed3faf968419340ecfd17f69740eb7e4f0a88d59e1f6d5bf0c34e
3ec49404c2e842eaeb5786f9dbce5b10272d149994064b326aff12f61e91915c
41c36545904182a753a5d6d64356fb7dea4eb2cc5f6c62dd6cc3b4da8809a6e8
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
44a3867381adb7e33c6dbad98c7b1ac198e873340ed24cf3f7c03ef139f403d8
44af7fb57e8a9bb73f53a09e86f4868147a1fe66f704021ad6d31a653a9af371
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
4a0d1636e25b9b70c3e049a3e0b9efc2aaf536dd5355000e14df2a266a1ee894
4af41bb424ffb7ff4017ea15e2aa8c8f0a46bb659b19f80f4715621354de6a8b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ebb24eb59072bdd95e76a901f42a807a736baf542c044707c7717c23a46dcbb
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
50235ec9793a0ef9fa1e16fc5d47fdfd56f199b343586308c7cbec1e9937435a
517eeb8b2d4388b40eee66ef6c731358f4bcfe2b522e045cbeea815acd5cfe48
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56ea4cd865555cad9cdd29aae4bc578d41c166f7964ecdf986ed5a97ab2cea49
57bca4c5b764830392d8e4b6482fe19c7dddf0e8ae3627b68a22ebc398b27da3
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7
59f4d7efe6da31323c45da80772acec8cd177a21530c2de576f86ee3fcefd946
5ac703da62d510bc2d51c1831284a667761fa8a6de7996206e13beba1aabab5a
6533050afa2e853568cd4b0b8048ed64e94963e38088b226575a7cca8054f4e2
6a1d15908130634be5c09faf049757054b88e3a8e9c536fd2311cde9c5282aa2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c5ca05e40e26d3c25d4d8c3cd33b5c1e0e8b68155e7cda7e05786cb0ccadb37
6c801b5acaa0dcffb9520f320a42f915fdd5d1d6331845e215edb0c578dd5a2f
6fe8d13545c21014fa02d3e52eeb085fb0b7600777496e9c545674ae4b039816
730ba9a7cb0c5a155fe54672df0cce8cc266a6a7fc354a39081c3440841a48b1
763bacb6026f3592f0303144432bd7e0ab62db4fc9e2133262d53ccb641b36e0
787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4
789370b292863a4c8d56e96d78b683704016735dbb08d7a2aa88b876cb100ae4
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9
7b7e3e69c2e71edee7c7b64e2e9e915b6371db1f83768ac453ed6beb1fb139bc
7f1d224b669f836baa68b8fa26e6476f190ba3632630bc20ab7ba2c4d67168f7
826796c31d063f4ae558d0de68c3d5383f162f54877c9418f8f70bba5212d2ed
83b2db06e4e840f5c818b986001e24ed7added38a25e036e6e12607025d14f0e
83f49a3ac40d83bbaecda7bf4de6558db20ed2ecb2d2582b6038ca0b065caf0b
8a3739ffc65f164017356daeb1fe2c376b4b45969fa7cce95595739de8a34c1f
8be0f59c1c11272daef0f91278fa802586b7924e0a67a3ac3ca78dd195010050
9174046dfe997b322f7c1db012ef1b2f0af72a7ccdcd2dfb47b0344ebd3495b0
94dbffa7c2f61be0f3e4481baca0ff583017dd194a0d55b63b70b9ef75e31daf
95cafb5c72abcbea04a038bfc7197eff0f8b5d70304256be7abc6ac600a6ee6d
95efc6a1b0e18636b608c1280049e1e31e5dac2f28c111ae489cea912f8b927b
9b0cdd883ba5aba9619606b07e5354d7a7d02c613f16304b2be6f14382142a7b
9bcf712fbb4b808d58b151936a103e13bbd92cc7664c8a020ded150fb78f00ec
9c458142d26b778444f1ff262948603c23cd48776cc8ecaa4bda7034d5d6f085
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
abd9155ac0fe0e62fdb9e2c1c333357cd33107972a57eff5224b0f3d0d2df316
ad9b49c142be2f82711d8244a060e39f96536a664fe5ffd062de8c78020707a7
ae541ac1f906334afea0ed870a8680217d869f184a12d5e40a9712ab74cee403
b10b7a906d55117e19915090db3ad806dda1f944acb581e1794b8133c70c853d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2410a0eda560817921430999d3f8cf5ef99fcea00f0005235092e66d0982ffa
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
c0b786773b8199074400ae53a7d18d0af81359e240a51e69c9e97482e7281b76
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c86edc8077f0f1aac47d7767d5001dcfd18370d709c8a05adfc8826ecb4cd839
cd7c629521477324548f75836e2cbd5d932b452f9d77b11fe3dcc327d654252f
d101c6fb09ca82152649885b2b065dc143fa2b961e8e9341754fd41aa2f59079
d8cba553e92c1721324f66ad221829bf2cf0983efbd7d31c445bfe53cd16bedf
d8da7c93a327c25e852a73a5f94e38a0aa072fc74f8056f6558ed953b6b2014f
ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09
de7db1eed1f70c856ca9c1bb853affb54ef99d34b05be5e9a9fb0994f1377b8e
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62ca1eaa5187d6f70762cc4871ff7412cb4b5c8d63aa8dff42329f4dba15657
e87d7c59119397293cf71c27dd7eac13e19f0f3cc3f2b85fc52a74864757b251
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fcb82518d91c999dd0c7a29b16ad734afe71523c37e1363f7cbaf3ba2ea2ab25
fd62c826eddd50a901fa65873318c2be563137ba6a467160d0e72a433b6f4179
ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a

wavesclaim.com Open in urlscan Pro 2606:4700:3030::6815:3262 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

127 Requests

98 %HTTPS

44 %IPv6

48 Domains

64 Subdomains

53 IPs

8 Countries

1711 kBTransfer

4905 kBSize

29 Cookies

11 Outgoing links

Redirected requests

127 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

wavesclaim.com Open in urlscan Pro
2606:4700:3030::6815:3262 Public Scan

Screenshot
Live screenshot

Full Image

127
Requests

98 %
HTTPS

44 %
IPv6

48
Domains

64
Subdomains

53
IPs

8
Countries

1711 kB
Transfer

4905 kB
Size

29
Cookies

127 HTTP transactions
1 data transactions