earnads.xyz Open in urlscan Pro
104.21.95.52 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://earnads.xyz/
Submission: On March 21 via api (March 21st 2024, 11:48:33 pm UTC) from US — Scanned from US

Summary HTTP 54 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 54 HTTP transactions. The main IP is 104.21.95.52, located in and belongs to CLOUDFLARENET, US. The main domain is earnads.xyz.
TLS certificate: Issued by GTS CA 1P5 on March 20th 2024. Valid for: 3 months.

This is the only time earnads.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	104.21.95.52 104.21.95.52	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	172.67.207.240 172.67.207.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.161.233 172.67.161.233	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	31.220.27.98 31.220.27.98	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
6	185.162.85.14 185.162.85.14	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
6	185.162.85.20 185.162.85.20	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	142.251.40.130 142.251.40.130	15169 (GOOGLE) (GOOGLE)
2	172.67.163.55 172.67.163.55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	185.162.85.1 185.162.85.1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
6	45.133.44.33 45.133.44.33	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
54	11

13 104.21.95.52 (None, )

ASN13335 (CLOUDFLARENET, US)

earnads.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.67.207.240 (United States)

ASN13335 (CLOUDFLARENET, US)

mcizas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.161.233 (United States)

ASN13335 (CLOUDFLARENET, US)

ajfnee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.98 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

cjvdfw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.162.85.14 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

wivyiz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.162.85.20 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

tdmrfw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.40.130 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.163.55 (United States)

ASN13335 (CLOUDFLARENET, US)

himgta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.162.85.1 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

ptxhzp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 45.133.44.33 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

i.wmgtr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	earnads.xyz earnads.xyz	286 KB
7	mcizas.com mcizas.com — Cisco Umbrella Rank: 75744	22 KB
6	wmgtr.com i.wmgtr.com — Cisco Umbrella Rank: 12501	32 KB
6	tdmrfw.com tdmrfw.com — Cisco Umbrella Rank: 62075	2 KB
6	wivyiz.com wivyiz.com — Cisco Umbrella Rank: 63218	278 B
3	ptxhzp.com ptxhzp.com — Cisco Umbrella Rank: 70902
3	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 143
2	himgta.com himgta.com — Cisco Umbrella Rank: 39014	6 KB
1	cjvdfw.com cjvdfw.com — Cisco Umbrella Rank: 581673	3 KB
1	ajfnee.com ajfnee.com — Cisco Umbrella Rank: 153465	4 KB
54	10

	Domain	Requested by
13	earnads.xyz	earnads.xyz
7	mcizas.com	earnads.xyz mcizas.com
6	i.wmgtr.com	earnads.xyz mcizas.com
6	tdmrfw.com	mcizas.com
6	wivyiz.com	ajfnee.com
3	ptxhzp.com	mcizas.com
3	pagead2.googlesyndication.com	mcizas.com
2	himgta.com	cjvdfw.com himgta.com
1	cjvdfw.com	earnads.xyz
1	ajfnee.com	earnads.xyz
54	10

This site contains links to these domains. Also see Links.

Domain
wordpress.org

Subject Issuer	Validity	Valid
earnads.xyz GTS CA 1P5	`2024-03-20` - `2024-06-18`	3 months	crt.sh
mcizas.com GTS CA 1P5	`2024-02-01` - `2024-05-01`	3 months	crt.sh
ajfnee.com GTS CA 1P5	`2024-02-28` - `2024-05-28`	3 months	crt.sh
cjvdfw.com R3	`2023-11-05` - `2024-02-03`	3 months	crt.sh
wivyiz.com R3	`2024-01-18` - `2024-04-17`	3 months	crt.sh
tdmrfw.com R3	`2024-01-17` - `2024-04-16`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
himgta.com GTS CA 1P5	`2024-02-01` - `2024-05-01`	3 months	crt.sh
ptxhzp.com R3	`2024-01-18` - `2024-04-17`	3 months	crt.sh
i.wmgtr.com R3	`2024-02-20` - `2024-05-20`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://earnads.xyz/
Frame ID: 8D37B0DE729E7D0433DB0783DF32DA51
Requests: 48 HTTP requests in this frame

Frame: https://i.wmgtr.com/cic/CjQ69BSIcaVIGpg1YjaCZ-F9v9raYB_P.png
Frame ID: A0E8AA68836D180E739B74E78F802397
Requests: 1 HTTP requests in this frame

Frame: https://i.wmgtr.com/cic/_-w0H72OxbOhSFyKFx4F9_DbABKQMzlx.png
Frame ID: 4A616E918969B24ACA8AA19EDD1F22AF
Requests: 1 HTTP requests in this frame

Frame: https://i.wmgtr.com/cic/RgFm8mwS5oONnU7W-hVUPW_UrcuHHXzI.png
Frame ID: 794F69EA80C70F5E6942FB6B76AFC948
Requests: 1 HTTP requests in this frame

Frame: https://i.wmgtr.com/cic/mNNTBiVlMWgDQW_92myAiSZTMO9noDpw.png
Frame ID: 765A293DDE8BB6207ED6DDC7F7AF753F
Requests: 1 HTTP requests in this frame

Frame: https://i.wmgtr.com/cic/_-w0H72OxbOhSFyKFx4F9_DbABKQMzlx.png
Frame ID: B086D0B044E84D6A415D68C9C5054872
Requests: 1 HTTP requests in this frame

Frame: https://i.wmgtr.com/cic/WM6guxzkP2G8CbJkrceNJYOYZYBVx3EU.png
Frame ID: BA3BA0F249279ECA26FD4C0692C65F4D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Earn ads

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

Page Statistics

54
Requests

87 %
HTTPS

0 %
IPv6

10
Domains

10
Subdomains

11
IPs

3
Countries

355 kB
Transfer

501 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

54 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
earnads.xyz/ 83 KB
15 KB 472ms
360ms Document
text/html 104.21.95.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://earnads.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.95.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e958b6f27999f46e6e2a4ca53734193277bd5aa1efb93aa609b82838dfc0d6d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8681d5270a40e8fd-DFW
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 21 Mar 2024 23:48:25 GMT
link: </index.php?rest_route=/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gXVYF6INUqSGulwsUq5D26inhEprkmurAtk%2BDJska2H9HFzr7vcjr5aLH%2Fv1wo%2FmUxXqFQhlQH8jPAwRrPJ%2FUHyGeRW50INjoR9MAYMKTGVfrTy%2BhQErlqVQ3nDFYA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 style.min.css
earnads.xyz/wp-includes/blocks/navigation/ 16 KB
3 KB 137ms
135ms Stylesheet
text/css 104.21.95.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://earnads.xyz/wp-includes/blocks/navigation/style.min.css?ver=6.4.3
Requested by: Host: earnads.xyz
URL: https://earnads.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.95.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38b1136cf93f9cb1dc433fd40347fed72ebce9522a55393f95feae15a8268233

Request headers

accept-language: en-US,en;q=0.9
Referer: https://earnads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 23:48:25 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Sep 2023 19:11:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TRFoiN7XBX7lu6MPPmNOgae9e0bcQZDkY66Ye18vL9eLpZrV1AaeRufG4AE6MKWLy9RpKdpHdxAKbcyqS1QTd9o0JH2x857hHWdjGEXMk7drg%2FBiKoDq%2Fs5Q3%2FOJgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8681d5295ddee8fd-DFW
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.min.css
earnads.xyz/wp-includes/blocks/image/ 7 KB
2 KB 130ms
130ms Stylesheet
text/css 104.21.95.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://earnads.xyz/wp-includes/blocks/image/style.min.css?ver=6.4.3
Requested by: Host: earnads.xyz
URL: https://earnads.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.95.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3efa3c6425365194636fb000719357c63e1dfed613742166e3f7a102cdf4f811

Request headers

accept-language: en-US,en;q=0.9
Referer: https://earnads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 23:48:25 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 05 Nov 2023 19:40:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rlXdSZ2cbLWrxf%2FBrVEvwseASobckeO12Yn9hyD7mZ01dH2Q6OhhK%2F4wzuxrKjA7dtDhs6awclgke2muU5VmPLPlUn9zS2%2BieAzKTMpqsKo1arJzHM7PN0KgcdVdLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8681d5295ddfe8fd-DFW
alt-svc: h3=":443"; ma=86400

GET
H3 404 interactivity.min.js
earnads.xyz/wp-includes/js/dist/ 0
0 77ms
75ms Script
text/html 104.21.95.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://earnads.xyz/wp-includes/js/dist/interactivity.min.js?ver=6.4.3

Requested by

Host: earnads.xyz
URL: https://earnads.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.95.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://earnads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 23:48:25 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2qcxgBEvw9wd%2FClB6dj1ZPqlDDE1bsjHMq640b2oEnFzkbypJNbcx6vDNiTbZYUk%2BKbbWbnYJSD6XhmPCbMBW1h47sKku%2BJYykfNvpmv2gf34kTORHCaP%2F9sS5sYHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 8681d52a49d36bfb-DFW
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0

GET
H3 404 view.min.js
earnads.xyz/wp-includes/blocks/navigation/ 0
0 77ms
75ms Script
text/html 104.21.95.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://earnads.xyz/wp-includes/blocks/navigation/view.min.js?ver=e3d6f3216904b5b42831

Requested by

Host: earnads.xyz
URL: https://earnads.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.95.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://earnads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 23:48:25 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E8lGAdNtpCABBfLLLd75THaBZIWxNKk1pcCCwKm7idmfzGVJC1Or0njxf2tl9liZg16BDBmk4OvdNQFQsVMS8PmSXEpzpcU652rdNHmHIpPf2bi%2BG0Bx1P6ylPMX7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 8681d52a49d46bfb-DFW
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0

GET
H2 200 tracker.js Show response
earnads.xyz/wp-content/plugins/wp-statistics/assets/js/ 9 KB
4 KB 134ms
133ms Script
text/javascript 104.21.95.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://earnads.xyz/wp-content/plugins/wp-statistics/assets/js/tracker.js?ver=6.4.3
Requested by: Host: earnads.xyz
URL: https://earnads.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.95.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 811896b153311b98ac3a0c4674ac679e6551716b27b728dd3813157a08d6137e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://earnads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 23:48:25 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 21 Mar 2024 01:13:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fd7nxezs72MoWppBGIbJuOvKKBHyDlheOrEZxyjWaJ2u0nJDDWk86Kxw8%2BJj6lGyH5ndbKZipOPvYvxpfIiyn%2B1vX%2BizGI8wVyjbDwfrtbYH7OXcVmO%2BMCYzEV9amw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 8681d5295de0e8fd-DFW
alt-svc: h3=":443"; ma=86400

GET
H2 200 waWQiOjExNTg1MzAsInNpZCI6MTI1NzU0MSwid2lkIjo0NzQ0ODksInNyYyI6Mn0=eyJ.js Show response
mcizas.com/pw/ 28 KB
10 KB 438ms
335ms Script
application/javascript 172.67.207.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mcizas.com/pw/waWQiOjExNTg1MzAsInNpZCI6MTI1NzU0MSwid2lkIjo0NzQ0ODksInNyYyI6Mn0=eyJ.js
Requested by: Host: earnads.xyz
URL: https://earnads.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.207.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71b43afa599e1045d172c1502f75a11f4130927f06e7a4be12ac71a0317b366a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://earnads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 23:48:25 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 21 Mar 2024 23:48:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
e-tag: 301971fbb63841383f5b1ffca5ff1d5e
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tiLr99VWOV91kBC97RhCx6TItzdHUrOvDJvgie4FsNjXwyIJNthoN%2BmRHvOhoF4C4HG8XH4a6xhcMs1nYYNxhSTE2wls3J%2BW5zXU%2F1K8j%2FPx6MT3p83b4Y%2BJheGC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://earnads.xyz
cache-control: max-age=14400
cf-ray: 8681d52aedb76b7c-DFW
alt-svc: h3=":443"; ma=86400

GET
H2 200 waWQiOjExNTg1MzAsInNpZCI6MTI1NzU0MSwid2lkIjo0NzQ1MjksInNyYyI6Mn0=eyJ.js Show response
ajfnee.com/p/ 11 KB
4 KB 434ms
326ms Script
application/javascript 172.67.161.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ajfnee.com/p/waWQiOjExNTg1MzAsInNpZCI6MTI1NzU0MSwid2lkIjo0NzQ1MjksInNyYyI6Mn0=eyJ.js
Requested by: Host: earnads.xyz
URL: https://earnads.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.161.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1867d52a46e92ada66aeb4a276561ce757ef663b7e7ce84b46ef7c3bd6309932

Request headers

accept-language: en-US,en;q=0.9
Referer: https://earnads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 23:48:25 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 21 Mar 2024 23:48:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
e-tag: 7f63efccc982bba1d13f84273df50125
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=votDWNcLBssDZ6R14XL7oC6efhayaM0r0eIN7KD6QrrDX2rWmp5UAOfja%2FUA5DTcekLXzpE6HcrAWRGZ8pGpFiwuMM7r9QO5uIBNCsYFT6jx%2FB%2FOIRtmKp95NHB4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://earnads.xyz
cache-control: max-age=14400
cf-ray: 8681d52ae9de8787-DFW
alt-svc: h3=":443"; ma=86400

GET
H2 200 building-exterior.webp
earnads.xyz/wp-content/themes/twentytwentyfour/assets/images/ 195 KB
196 KB 139ms
138ms Image
image/webp 104.21.95.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://earnads.xyz/wp-content/themes/twentytwentyfour/assets/images/building-exterior.webp
Requested by: Host: earnads.xyz
URL: https://earnads.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.95.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ab1e25df9f0e9825e577187a3c73ebda9c0a068d9b35d2a235b8e924b9c58e5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://earnads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 23:48:25 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 04 Oct 2023 17:02:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qSmi8RM2FDgeKmFWTAqnSS0YQRZiV5Hil2CCja660oNC%2BAK%2FZtV07o1qiK%2FX7LcaqxDF0%2FzazZYFrcyDxiepVYMvlSZUXeDHlrTwfHvTojsFsaYmqVdRTmhTOjk4cw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8681d5295de1e8fd-DFW
alt-svc: h3=":443"; ma=86400
content-length: 199724

GET
H2 200 tourist-and-building.webp
earnads.xyz/wp-content/themes/twentytwentyfour/assets/images/ 65 KB
65 KB 262ms
262ms Image
image/webp 104.21.95.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://earnads.xyz/wp-content/themes/twentytwentyfour/assets/images/tourist-and-building.webp
Requested by: Host: earnads.xyz
URL: https://earnads.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.95.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fc42e518e17733d6c766ceec3a2154896e332571f130fae27e4f20480e0980c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://earnads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 23:48:25 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 04 Oct 2023 17:02:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ctKlQGXl30SBW5Vwu3%2Bcf8%2B8zYWtI7i0n2ezuU7M7IOIWv5RhA2lj8QbT2L7aZICOHU0t3RHOy03ykLpKfNE7UU%2B916GeZku8wxd8W9h%2BRwv%2F%2BE%2Bbyzqg084pN62zQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8681d5295de2e8fd-DFW
alt-svc: h3=":443"; ma=86400
content-length: 66482

GET
H3 404 windows.webp
earnads.xyz/wp-content/themes/twentytwentyfour/assets/images/ 2 KB
2 KB 86ms
84ms Image
text/html 104.21.95.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://earnads.xyz/wp-content/themes/twentytwentyfour/assets/images/windows.webp

Requested by

Host: earnads.xyz
URL: https://earnads.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.95.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

718d3c3a2fb7749bcc3e582497affa8235ef0b5dcff8247766eedad118089c79

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://earnads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 23:48:25 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FWun90g3nBabxgd4Gu2N4QhDrJCu%2Fqjm8l1iFS1pQtMTZcAJfibDlwyyM%2BBIAvsoWUlTtyg84GklMGyrVTwSh%2Bb0pYEZSaiCqMsXSESoOHc7QtYSz0pCa56OxfYRag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 8681d52a49d26bfb-DFW
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0

GET
BLOB 200
OK 9f8fe36c-32bf-458b-b2e2-6c4fb2bca816
https://earnads.xyz/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://earnads.xyz/9f8fe36c-32bf-458b-b2e2-6c4fb2bca816
Requested by: Host: earnads.xyz
URL: https://earnads.xyz/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 native.js Show response
cjvdfw.com/code/ 7 KB
3 KB 1231ms
164ms Script
application/javascript 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cjvdfw.com/code/native.js?h=waWQiOjExNTg1MzAsInNpZCI6MTI1NzU0MSwid2lkIjo0NzQ0ODcsInNyYyI6Mn0=eyJ
Requested by: Host: earnads.xyz
URL: https://earnads.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: eb02101065748a42ce2f94b93c470f6ad6caebc6a28af050b41d4b900fe36062

Request headers

accept-language: en-US,en;q=0.9
Referer: https://earnads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin: https://earnads.xyz
date: Thu, 21 Mar 2024 23:48:26 GMT
content-encoding: gzip
server: nginx/1.25.0
x-zone: eu
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8

GET
H3 404 Inter-VariableFont_slnt,wght.woff2
earnads.xyz/wp-content/themes/twentytwentyfour/assets/fonts/inter/ 0
0 83ms
82ms Font
text/html 104.21.95.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://earnads.xyz/wp-content/themes/twentytwentyfour/assets/fonts/inter/Inter-VariableFont_slnt,wght.woff2

Requested by

Host: earnads.xyz
URL: https://earnads.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.95.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://earnads.xyz/
Origin: https://earnads.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 23:48:25 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dIg5r9J8336jyxywlxWIxq3O%2FrWrAV6uK1jX3d%2BdgZN9tWtj9IvX7aNo7juoCl97tN1M06JERpoDuyhZ%2BSEcNnlWeUBXoc8Itbay1%2FnvfooyH2bivnDrDZQATxQKlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 8681d52a49dc6bfb-DFW
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0

GET
H3 404 cardo_normal_400.woff2
earnads.xyz/wp-content/themes/twentytwentyfour/assets/fonts/cardo/ 0
0 71ms
70ms Font
text/html 104.21.95.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://earnads.xyz/wp-content/themes/twentytwentyfour/assets/fonts/cardo/cardo_normal_400.woff2

Requested by

Host: earnads.xyz
URL: https://earnads.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.95.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://earnads.xyz/
Origin: https://earnads.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 23:48:25 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xw3n%2Fmv1BN12RSG4xBdcj8Kgkg54pzJyGY5SIYn%2BJzvJQUt4v%2Bh78YkRgBQWn5Um17g1uhmaNVxP%2B04984i3CIoKvsqHgI0ghQXWZI6YAGGsz3BZuMuXbcVcItpNZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 8681d52a49e26bfb-DFW
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0

GET
H3 404 cardo_italic_400.woff2
earnads.xyz/wp-content/themes/twentytwentyfour/assets/fonts/cardo/ 0
0 82ms
81ms Font
text/html 104.21.95.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://earnads.xyz/wp-content/themes/twentytwentyfour/assets/fonts/cardo/cardo_italic_400.woff2

Requested by

Host: earnads.xyz
URL: https://earnads.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.95.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://earnads.xyz/
Origin: https://earnads.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 23:48:25 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7BhOZUz8%2BNa9Tg7FmWv%2FpmR8uTKXLRL1ArrTwXBG%2Ffkm3YGE%2BzfgfXGHmIG21krJ33%2FyeXEO4OX%2FqoN31SutgN1iXMoUsH5%2FGu7odWP0XCK5rcjy4LJ%2F0NpDHB1DEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 8681d52a49e36bfb-DFW
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0

GET
H3 404 wp-emoji-release.min.js
earnads.xyz/wp-includes/js/ 0
0 80ms
79ms Script
text/html 104.21.95.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://earnads.xyz/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: earnads.xyz
URL: https://earnads.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.95.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://earnads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 23:48:25 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=puIWZkqWhMUCVP5Q1CCBG9svtkTSKUM15a%2Fph%2FK07XzDTAlBOx2ZX9uuJRhC8da4wMkB67AKCYBBaVg0aceBNfITvePnANiW5tz3VGzXSO%2FqrpxFrr64HvHAv7VMLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 8681d52abab16bfb-DFW
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0

GET
H2 200 er
wivyiz.com/ 0
0 491ms
160ms Fetch 185.162.85.14
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wivyiz.com/er?a=1
Requested by: Host: ajfnee.com
URL: https://ajfnee.com/p/waWQiOjExNTg1MzAsInNpZCI6MTI1NzU0MSwid2lkIjo0NzQ1MjksInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.162.85.14 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://earnads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 21 Mar 2024 23:48:26 GMT
access-control-allow-credentials: true
server: nginx/1.18.0
content-length: 0

GET
H2 200 er
wivyiz.com/ 0
0 433ms
159ms Fetch 185.162.85.14
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wivyiz.com/er?a=1
Requested by: Host: ajfnee.com
URL: https://ajfnee.com/p/waWQiOjExNTg1MzAsInNpZCI6MTI1NzU0MSwid2lkIjo0NzQ1MjksInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.162.85.14 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://earnads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 21 Mar 2024 23:48:26 GMT
access-control-allow-credentials: true
server: nginx/1.18.0
content-length: 0

GET
H2 200 cuload Show response
wivyiz.com/ 2 B
139 B 606ms
341ms Fetch
application/javascript 185.162.85.14
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wivyiz.com/cuload?a=1&e=aeyJwaWQiOjExNTg1MzAsInNpZCI6MTI1NzU0MSwid2lkIjo0NzQ1MjksImQiOiJlYXJuYWRzLnh5eiIsImxpIjoxfQ==&tz=-10&if=0&u=aHR0cHM6Ly9lYXJuYWRzLnh5ei8=
Requested by: Host: ajfnee.com
URL: https://ajfnee.com/p/waWQiOjExNTg1MzAsInNpZCI6MTI1NzU0MSwid2lkIjo0NzQ1MjksInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.162.85.14 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: en-US,en;q=0.9
Referer: https://earnads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 21 Mar 2024 23:48:26 GMT
server: nginx/1.18.0
accept-ch: Sec-CH-UA-Platform-Version
content-length: 2
content-type: application/javascript; charset=utf-8

GET
BLOB 200
OK 5fa2996c-ea74-4afa-b99e-1d5af8d2c599
https://earnads.xyz/ 91 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://earnads.xyz/5fa2996c-ea74-4afa-b99e-1d5af8d2c599
Requested by: Host: earnads.xyz
URL: https://earnads.xyz/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Length: 91
Content-Type: application/javascript

GET
H2 200 cuload Show response
wivyiz.com/ 2 B
139 B 606ms
341ms Fetch
application/javascript 185.162.85.14
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wivyiz.com/cuload?a=1&e=aeyJwaWQiOjExNTg1MzAsInNpZCI6MTI1NzU0MSwid2lkIjo0NzQ1MjksImQiOiJlYXJuYWRzLnh5eiIsImxpIjoxfQ==&tz=-10&if=0&u=aHR0cHM6Ly9lYXJuYWRzLnh5ei8=
Requested by: Host: ajfnee.com
URL: https://ajfnee.com/p/waWQiOjExNTg1MzAsInNpZCI6MTI1NzU0MSwid2lkIjo0NzQ1MjksInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.162.85.14 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: en-US,en;q=0.9
Referer: https://earnads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 21 Mar 2024 23:48:26 GMT
server: nginx/1.18.0
accept-ch: Sec-CH-UA-Platform-Version
content-length: 2
content-type: application/javascript; charset=utf-8

GET
BLOB 200
OK 2289a4b5-8da5-41ae-976c-d2b8fe201c22
https://earnads.xyz/ 91 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://earnads.xyz/2289a4b5-8da5-41ae-976c-d2b8fe201c22
Requested by: Host: earnads.xyz
URL: https://earnads.xyz/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Length: 91
Content-Type: application/javascript

GET
BLOB 200
OK 1fa9aa1c-d927-4d84-872b-bb95aab0e7ed
https://earnads.xyz/ 91 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://earnads.xyz/1fa9aa1c-d927-4d84-872b-bb95aab0e7ed
Requested by: Host: earnads.xyz
URL: https://earnads.xyz/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Length: 91
Content-Type: application/javascript

GET
BLOB 200
OK 82a5f0fa-1e4f-444f-8ed1-b71cefcf7d09
https://earnads.xyz/ 91 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://earnads.xyz/82a5f0fa-1e4f-444f-8ed1-b71cefcf7d09
Requested by: Host: earnads.xyz
URL: https://earnads.xyz/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Length: 91
Content-Type: application/javascript

GET
BLOB 200
OK 0c889f33-8298-4f96-9872-860965bb0ec3
https://earnads.xyz/ 91 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://earnads.xyz/0c889f33-8298-4f96-9872-860965bb0ec3
Requested by: Host: earnads.xyz
URL: https://earnads.xyz/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Length: 91
Content-Type: application/javascript

GET
H2 200 wnload Show response
tdmrfw.com/ 726 B
610 B 533ms
205ms Fetch
application/javascript 185.162.85.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tdmrfw.com/wnload?a=1&e=aeyJwaWQiOjExNTg1MzAsInNpZCI6MTI1NzU0MSwid2lkIjo0NzQ0ODksImQiOiJlYXJuYWRzLnh5eiIsImxpIjoyfQ==&tz=-10&if=0&u=aHR0cHM6Ly9lYXJuYWRzLnh5ei8=&inc=1
Requested by: Host: mcizas.com
URL: https://mcizas.com/pw/waWQiOjExNTg1MzAsInNpZCI6MTI1NzU0MSwid2lkIjo0NzQ0ODksInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.162.85.20 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 9538f2ce0a7ba2fee49aea13164eb80a2be3ca9b2b34b1cf3ede90d4c01db49f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://earnads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 23:48:26 GMT
content-encoding: gzip
server: nginx/1.18.0
accept-ch: Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true

GET
H2 200 wnload Show response
tdmrfw.com/ 692 B
573 B 496ms
171ms Fetch
application/javascript 185.162.85.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tdmrfw.com/wnload?a=1&e=aeyJwaWQiOjExNTg1MzAsInNpZCI6MTI1NzU0MSwid2lkIjo0NzQ0ODksImQiOiJlYXJuYWRzLnh5eiIsImxpIjoyfQ==&tz=-10&if=0&u=aHR0cHM6Ly9lYXJuYWRzLnh5ei8=&inc=1
Requested by: Host: mcizas.com
URL: https://mcizas.com/pw/waWQiOjExNTg1MzAsInNpZCI6MTI1NzU0MSwid2lkIjo0NzQ0ODksInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.162.85.20 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 3beb0ddef7f01b314403ea0d2b2ad1277fccbba2a84d5429315755bded8e69d6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://earnads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 23:48:26 GMT
content-encoding: gzip
server: nginx/1.18.0
accept-ch: Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true

GET
H2 200 wnload Show response
tdmrfw.com/ 737 B
637 B 499ms
173ms Fetch
application/javascript 185.162.85.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tdmrfw.com/wnload?a=1&e=aeyJwaWQiOjExNTg1MzAsInNpZCI6MTI1NzU0MSwid2lkIjo0NzQ0ODksImQiOiJlYXJuYWRzLnh5eiIsImxpIjoyfQ==&tz=-10&if=0&u=aHR0cHM6Ly9lYXJuYWRzLnh5ei8=&inc=1
Requested by: Host: mcizas.com
URL: https://mcizas.com/pw/waWQiOjExNTg1MzAsInNpZCI6MTI1NzU0MSwid2lkIjo0NzQ0ODksInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.162.85.20 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: decd71a6384e1685ba650e326265dfc968b2a554d77acb234e6ddd7f4f61b468

Request headers

accept-language: en-US,en;q=0.9
Referer: https://earnads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 23:48:26 GMT
content-encoding: gzip
server: nginx/1.18.0
accept-ch: Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true

GET
H2 200 trt
wivyiz.com/ 0
0 179ms
178ms Fetch 185.162.85.14
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wivyiz.com/trt?a=1&t=435
Requested by: Host: ajfnee.com
URL: https://ajfnee.com/p/waWQiOjExNTg1MzAsInNpZCI6MTI1NzU0MSwid2lkIjo0NzQ1MjksInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.162.85.14 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://earnads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 21 Mar 2024 23:48:26 GMT
access-control-allow-credentials: true
server: nginx/1.18.0
content-length: 0

GET
H2 200 trt
wivyiz.com/ 0
0 178ms
177ms Fetch 185.162.85.14
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wivyiz.com/trt?a=1&t=494
Requested by: Host: ajfnee.com
URL: https://ajfnee.com/p/waWQiOjExNTg1MzAsInNpZCI6MTI1NzU0MSwid2lkIjo0NzQ1MjksInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.162.85.14 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://earnads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 21 Mar 2024 23:48:26 GMT
access-control-allow-credentials: true
server: nginx/1.18.0
content-length: 0

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 425ms
147ms Fetch
text/javascript 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: mcizas.com
URL: https://mcizas.com/pw/waWQiOjExNTg1MzAsInNpZCI6MTI1NzU0MSwid2lkIjo0NzQ0ODksInNyYyI6Mn0=eyJ.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://earnads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 23:48:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51021
x-xss-protection: 0
server: cafe
etag: 15521190621633174180
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 21 Mar 2024 23:48:26 GMT

GET
H3 200 dark.html Show response
mcizas.com/template/ 5 KB
2 KB 528ms
257ms Fetch
text/html 172.67.207.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mcizas.com/template/dark.html
Requested by: Host: mcizas.com
URL: https://mcizas.com/pw/waWQiOjExNTg1MzAsInNpZCI6MTI1NzU0MSwid2lkIjo0NzQ0ODksInNyYyI6Mn0=eyJ.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.207.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8069f7d1e6b8a2d641dc76a20035a55e132d5dde949089a74ab119d0095ee4a8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://earnads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 23:48:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 21 Mar 2024 23:48:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F1FHxpjpyzOdgVJ4IqBtSwstUnCtDO0T5i6NANnIBrU9QX8JJzsYHCPTFrgTnQYEzSvGdGUrqRd8kgbRQQHH5HbFSS7HLovAipIrHgp%2BlSKF0axi%2BQ05m5CSzE1v"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://earnads.xyz
cache-control: max-age=14400
cf-ray: 8681d5325ec62e6d-DFW
alt-svc: h3=":443"; ma=86400

GET
H3 200 dark.html Show response
mcizas.com/template/ 5 KB
2 KB 511ms
241ms Fetch
text/html 172.67.207.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mcizas.com/template/dark.html
Requested by: Host: mcizas.com
URL: https://mcizas.com/pw/waWQiOjExNTg1MzAsInNpZCI6MTI1NzU0MSwid2lkIjo0NzQ0ODksInNyYyI6Mn0=eyJ.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.207.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8069f7d1e6b8a2d641dc76a20035a55e132d5dde949089a74ab119d0095ee4a8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://earnads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 23:48:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 21 Mar 2024 23:48:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w30TRJWW7DXVnJI4Zn8nI4iDDV%2BDG9z1UhHYEaDFNG9MJKaaxWBPxY3Fqj62TMCNJ%2BgVRzAHjytTnBfUKpn2tcsc0GKTj73F6gU4VcDHWaSNa6L6SiHU3AMF20ZY"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://earnads.xyz
cache-control: max-age=14400
cf-ray: 8681d5325ecd2e6d-DFW
alt-svc: h3=":443"; ma=86400

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 417ms
143ms Fetch
text/javascript 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: mcizas.com
URL: https://mcizas.com/pw/waWQiOjExNTg1MzAsInNpZCI6MTI1NzU0MSwid2lkIjo0NzQ0ODksInNyYyI6Mn0=eyJ.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://earnads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 23:48:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51079
x-xss-protection: 0
server: cafe
etag: 3656576361400544689
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 21 Mar 2024 23:48:26 GMT

GET
H3 200 dark.html Show response
mcizas.com/template/ 5 KB
2 KB 512ms
243ms Fetch
text/html 172.67.207.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mcizas.com/template/dark.html
Requested by: Host: mcizas.com
URL: https://mcizas.com/pw/waWQiOjExNTg1MzAsInNpZCI6MTI1NzU0MSwid2lkIjo0NzQ0ODksInNyYyI6Mn0=eyJ.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.207.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8069f7d1e6b8a2d641dc76a20035a55e132d5dde949089a74ab119d0095ee4a8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://earnads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 23:48:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 21 Mar 2024 23:48:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BFJ%2B5KTsV5OFfjykkLCZMEF43qxsufGRE87Y4cAuMfb8%2B%2FMPJ%2BcKwMkLWplfUZNqC2zoXHJQC1Zcwk3SBlVTNeJDcGVsQoE5RkcBYDzZtqMABVFuEbtCl4CvvDF%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://earnads.xyz
cache-control: max-age=14400
cf-ray: 8681d5325ecb2e6d-DFW
alt-svc: h3=":443"; ma=86400

GET
H3 200 light.html Show response
mcizas.com/template/ 5 KB
2 KB 458ms
189ms Fetch
text/html 172.67.207.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mcizas.com/template/light.html
Requested by: Host: mcizas.com
URL: https://mcizas.com/pw/waWQiOjExNTg1MzAsInNpZCI6MTI1NzU0MSwid2lkIjo0NzQ0ODksInNyYyI6Mn0=eyJ.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.207.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e87eb4e12fc90b4ff647824cb065012ca28bd18a584dc0ff9d8160b57de2d520

Request headers

accept-language: en-US,en;q=0.9
Referer: https://earnads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 23:48:26 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 21 Mar 2024 23:48:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mBNsRA1pWj1I%2FmtgLlLoBFNwU55Gzl6LmxfVURAN%2BrZdZy6KV98q5%2BPZ4VjfelCJe2g1hHrmWCsSaXiF0wQMQKy422KnWXaS1S5zJ3ZpWR69eYCF8PhgmMcPU6wu"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://earnads.xyz
cache-control: max-age=14400
cf-ray: 8681d5325ec72e6d-DFW
alt-svc: h3=":443"; ma=86400

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 389ms
145ms Fetch
text/javascript 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: mcizas.com
URL: https://mcizas.com/pw/waWQiOjExNTg1MzAsInNpZCI6MTI1NzU0MSwid2lkIjo0NzQ0ODksInNyYyI6Mn0=eyJ.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://earnads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 23:48:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51021
x-xss-protection: 0
server: cafe
etag: 9167460864443805130
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 21 Mar 2024 23:48:26 GMT

GET
H3 200 dark.html Show response
mcizas.com/template/ 5 KB
2 KB 443ms
204ms Fetch
text/html 172.67.207.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mcizas.com/template/dark.html
Requested by: Host: mcizas.com
URL: https://mcizas.com/pw/waWQiOjExNTg1MzAsInNpZCI6MTI1NzU0MSwid2lkIjo0NzQ0ODksInNyYyI6Mn0=eyJ.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.207.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8069f7d1e6b8a2d641dc76a20035a55e132d5dde949089a74ab119d0095ee4a8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://earnads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 23:48:26 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 21 Mar 2024 23:48:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tWq99GZSv%2FyvQBFhaDV0QYhcO28tbdjmB2lrdui7XUa2x3GefT1D5gthM8LdASYwmHUsfuQevRJ%2FpNMXBbNdiLrdz%2BJJXX0voXUQjqek%2FbSt2F0Q14Giunejxoie"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://earnads.xyz
cache-control: max-age=14400
cf-ray: 8681d5325ec92e6d-DFW
alt-svc: h3=":443"; ma=86400

GET
H3 200 light.html Show response
mcizas.com/template/ 5 KB
2 KB 481ms
242ms Fetch
text/html 172.67.207.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mcizas.com/template/light.html
Requested by: Host: mcizas.com
URL: https://mcizas.com/pw/waWQiOjExNTg1MzAsInNpZCI6MTI1NzU0MSwid2lkIjo0NzQ0ODksInNyYyI6Mn0=eyJ.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.207.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e87eb4e12fc90b4ff647824cb065012ca28bd18a584dc0ff9d8160b57de2d520

Request headers

accept-language: en-US,en;q=0.9
Referer: https://earnads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 23:48:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 21 Mar 2024 23:48:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JsG%2Bq8HSHIj77M8C3L9%2FFDU1UitgxVnu8EEcXa4u0Q3VBdVpk31dYiABTGWbfb2rfU3mm%2F142GpqKtcLNeeXd%2BD74t4fZxsdPrs98C%2FjDf9r%2FUDJIV%2BQbyGvHRo5"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://earnads.xyz
cache-control: max-age=14400
cf-ray: 8681d5325eca2e6d-DFW
alt-svc: h3=":443"; ma=86400

GET
H2 200 sdk.js Show response
himgta.com/v1/ 13 KB
5 KB 352ms
188ms Script
application/javascript 172.67.163.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://himgta.com/v1/sdk.js?h=waWQiOjExNTg1MzAsInNpZCI6MTI1NzU0MSwid2lkIjo0NzQ0ODcsInNyYyI6Mn0=eyJ&d=earnads.xyz&sw=evasw.js
Requested by: Host: cjvdfw.com
URL: https://cjvdfw.com/code/native.js?h=waWQiOjExNTg1MzAsInNpZCI6MTI1NzU0MSwid2lkIjo0NzQ0ODcsInNyYyI6Mn0=eyJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.163.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dff78bf5cf8609ea17852272c321133d5fa248418759a425fcb413777dccf14f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://earnads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 23:48:26 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4Zw+muOzpE+WwlmYsWIcrRJJFGs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1ZLKXwDq%2BrKlrLYDtkmzD%2F48ehDtF7%2FI%2Bj%2Bz9N8hhhgJ2tPGwJu5I%2BC%2FD718ntXQ3%2FMlPTjOqx7pddlBPUyhScKTLvzVUNl%2BixO6F8bQZcOas%2Bl02hYwwoXyrs%2Fx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://earnads.xyz
cache-control: public, max-age=14400
x-zone: eu
cf-ray: 8681d532f8864642-DFW
alt-svc: h3=":443"; ma=86400

GET
H2 200 abs
ptxhzp.com/ 0
0 1129ms
155ms Fetch 185.162.85.1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ptxhzp.com/abs?f=8&wid=474489&di=mcizas.com&dl=tdmrfw.com&d=earnads.xyz&lok=1&abf=0
Requested by: Host: mcizas.com
URL: https://mcizas.com/pw/waWQiOjExNTg1MzAsInNpZCI6MTI1NzU0MSwid2lkIjo0NzQ0ODksInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.162.85.1 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://earnads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 21 Mar 2024 23:48:27 GMT
access-control-allow-credentials: true
server: nginx/1.18.0
accept-ch: Sec-CH-UA-Platform-Version
content-length: 0

GET
H2 200 abs
ptxhzp.com/ 0
0 1127ms
156ms Fetch 185.162.85.1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ptxhzp.com/abs?f=8&wid=474489&di=mcizas.com&dl=tdmrfw.com&d=earnads.xyz&lok=1&abf=0
Requested by: Host: mcizas.com
URL: https://mcizas.com/pw/waWQiOjExNTg1MzAsInNpZCI6MTI1NzU0MSwid2lkIjo0NzQ0ODksInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.162.85.1 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://earnads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 21 Mar 2024 23:48:27 GMT
access-control-allow-credentials: true
server: nginx/1.18.0
accept-ch: Sec-CH-UA-Platform-Version
content-length: 0

GET
H2 200 abs
ptxhzp.com/ 0
0 1126ms
155ms Fetch 185.162.85.1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ptxhzp.com/abs?f=8&wid=474489&di=mcizas.com&dl=tdmrfw.com&d=earnads.xyz&lok=1&abf=0
Requested by: Host: mcizas.com
URL: https://mcizas.com/pw/waWQiOjExNTg1MzAsInNpZCI6MTI1NzU0MSwid2lkIjo0NzQ0ODksInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.162.85.1 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://earnads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 21 Mar 2024 23:48:27 GMT
access-control-allow-credentials: true
server: nginx/1.18.0
accept-ch: Sec-CH-UA-Platform-Version
content-length: 0

GET
H2 200 CjQ69BSIcaVIGpg1YjaCZ-F9v9raYB_P.png
i.wmgtr.com/cic/ Frame A0E8 2 KB
2 KB 919ms
49ms Image
image/png 45.133.44.33
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.wmgtr.com/cic/CjQ69BSIcaVIGpg1YjaCZ-F9v9raYB_P.png

Requested by

Host: earnads.xyz
URL: https://earnads.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.133.44.33 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

5f28726d161960dda8cf699c8cd0b34799d74dfc6062ed95713d28fd4c163dfb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Fri, 22 Mar 2024 22:48:27 GMT
date: Thu, 21 Mar 2024 23:48:27 GMT
content-encoding: gzip
server: nginx/1.19.0
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=82800
x-content-type-option: nosniff
x-xss-protection: 1; mode=block
x-proxy-cache: HIT

GET
H2 200 _-w0H72OxbOhSFyKFx4F9_DbABKQMzlx.png
i.wmgtr.com/cic/ Frame 4A61 10 KB
10 KB 938ms
92ms Image
image/png 45.133.44.33
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.wmgtr.com/cic/_-w0H72OxbOhSFyKFx4F9_DbABKQMzlx.png

Requested by

Host: earnads.xyz
URL: https://earnads.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.133.44.33 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

4e37b6dea2503484dc475a619ce903c19cbc30721a0d63f2b00287b00f7c0cf1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Fri, 22 Mar 2024 22:48:27 GMT
date: Thu, 21 Mar 2024 23:48:27 GMT
content-encoding: gzip
server: nginx/1.19.0
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=82800
x-content-type-option: nosniff
x-xss-protection: 1; mode=block
x-proxy-cache: HIT

GET
H2 200 wnrw
tdmrfw.com/ 0
0 159ms
159ms Fetch 185.162.85.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tdmrfw.com/wnrw?aid=4740409987182184321&a=1
Requested by: Host: mcizas.com
URL: https://mcizas.com/pw/waWQiOjExNTg1MzAsInNpZCI6MTI1NzU0MSwid2lkIjo0NzQ0ODksInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.162.85.20 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://earnads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin: https://earnads.xyz
date: Thu, 21 Mar 2024 23:48:26 GMT
server: nginx/1.18.0
content-length: 0

GET
H2 200 RgFm8mwS5oONnU7W-hVUPW_UrcuHHXzI.png
i.wmgtr.com/cic/ Frame 794F 1 KB
1 KB 913ms
94ms Image
image/png 45.133.44.33
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.wmgtr.com/cic/RgFm8mwS5oONnU7W-hVUPW_UrcuHHXzI.png

Requested by

Host: earnads.xyz
URL: https://earnads.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.133.44.33 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

d2b1a08482ad087823f8a93dfcdb15f0b016f10d22a1fd471f4a82a5425478cc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Fri, 22 Mar 2024 22:48:27 GMT
date: Thu, 21 Mar 2024 23:48:27 GMT
content-encoding: gzip
server: nginx/1.19.0
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=82800
x-content-type-option: nosniff
x-xss-protection: 1; mode=block
x-proxy-cache: HIT

GET
H2 200 mNNTBiVlMWgDQW_92myAiSZTMO9noDpw.png
i.wmgtr.com/cic/ Frame 765A 6 KB
6 KB 899ms
102ms Image
image/png 45.133.44.33
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.wmgtr.com/cic/mNNTBiVlMWgDQW_92myAiSZTMO9noDpw.png

Requested by

Host: earnads.xyz
URL: https://earnads.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.133.44.33 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

83e002a842eee8edee23f10b14cda875bbee6ddc1311113d06c4db344c5285a3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Fri, 22 Mar 2024 22:48:27 GMT
date: Thu, 21 Mar 2024 23:48:27 GMT
content-encoding: gzip
server: nginx/1.19.0
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=82800
x-content-type-option: nosniff
x-xss-protection: 1; mode=block
x-proxy-cache: HIT

GET
H2 200 _-w0H72OxbOhSFyKFx4F9_DbABKQMzlx.png
i.wmgtr.com/cic/ Frame B086 10 KB
10 KB 833ms
48ms Image
image/png 45.133.44.33
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.wmgtr.com/cic/_-w0H72OxbOhSFyKFx4F9_DbABKQMzlx.png

Requested by

Host: mcizas.com
URL: https://mcizas.com/pw/waWQiOjExNTg1MzAsInNpZCI6MTI1NzU0MSwid2lkIjo0NzQ0ODksInNyYyI6Mn0=eyJ.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.133.44.33 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

4e37b6dea2503484dc475a619ce903c19cbc30721a0d63f2b00287b00f7c0cf1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Fri, 22 Mar 2024 22:48:27 GMT
date: Thu, 21 Mar 2024 23:48:27 GMT
content-encoding: gzip
server: nginx/1.19.0
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=82800
x-content-type-option: nosniff
x-xss-protection: 1; mode=block
x-proxy-cache: HIT

GET
H2 200 WM6guxzkP2G8CbJkrceNJYOYZYBVx3EU.png
i.wmgtr.com/cic/ Frame BA3B 1 KB
1 KB 866ms
95ms Image
image/png 45.133.44.33
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.wmgtr.com/cic/WM6guxzkP2G8CbJkrceNJYOYZYBVx3EU.png

Requested by

Host: earnads.xyz
URL: https://earnads.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.133.44.33 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

d2b1a08482ad087823f8a93dfcdb15f0b016f10d22a1fd471f4a82a5425478cc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Fri, 22 Mar 2024 22:48:27 GMT
date: Thu, 21 Mar 2024 23:48:27 GMT
content-encoding: gzip
server: nginx/1.19.0
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=82800
x-content-type-option: nosniff
x-xss-protection: 1; mode=block
x-proxy-cache: HIT

GET
H2 200 wnrw
tdmrfw.com/ 0
0 162ms
158ms Fetch 185.162.85.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tdmrfw.com/wnrw?aid=14922077559363291470&a=1
Requested by: Host: mcizas.com
URL: https://mcizas.com/pw/waWQiOjExNTg1MzAsInNpZCI6MTI1NzU0MSwid2lkIjo0NzQ0ODksInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.162.85.20 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://earnads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin: https://earnads.xyz
date: Thu, 21 Mar 2024 23:48:27 GMT
server: nginx/1.18.0
content-length: 0

GET
H2 200 wnrw
tdmrfw.com/ 0
0 162ms
158ms Fetch 185.162.85.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tdmrfw.com/wnrw?aid=18173085954572110465&a=1
Requested by: Host: mcizas.com
URL: https://mcizas.com/pw/waWQiOjExNTg1MzAsInNpZCI6MTI1NzU0MSwid2lkIjo0NzQ0ODksInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.162.85.20 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://earnads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin: https://earnads.xyz
date: Thu, 21 Mar 2024 23:48:27 GMT
server: nginx/1.18.0
content-length: 0

GET
H2 200 fp.js Show response
himgta.com/ 1 KB
876 B 200ms
193ms Script
application/javascript 172.67.163.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://himgta.com/fp.js?d=earnads.xyz
Requested by: Host: himgta.com
URL: https://himgta.com/v1/sdk.js?h=waWQiOjExNTg1MzAsInNpZCI6MTI1NzU0MSwid2lkIjo0NzQ0ODcsInNyYyI6Mn0=eyJ&d=earnads.xyz&sw=evasw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.163.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 427ac43e4af699e849b14ba89ca741520633f9b53cc92115490a77cd92587dc9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://earnads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 23:48:27 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 21 Mar 2024 23:48:27 GMT
max-age: 0
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zTn7l04plDiuMAKoXZe4PL1MqWkgjGLxm7ERF%2BpBX%2Fb6UuMaLOvfnlpuh1%2B3FS3Uf2ZtVfwzK40Opy4MNe3CSDF8tw7M8kRUlIKfDb3ku8K7Cz08aNXSl3X5%2BLdu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://earnads.xyz
cache-control: max-age=14400
x-zone: eu
cf-ray: 8681d5348aab4642-DFW
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.earnads.xyz/	1970-01-20 19:27:49	Name: ufp2 Value: 6b0579ebdca04040eb7b658eced2519a3d715b50

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://earnads.xyz/wp-includes/js/dist/interactivity.min.js?ver=6.4.3 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://earnads.xyz/wp-includes/blocks/navigation/view.min.js?ver=e3d6f3216904b5b42831 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://earnads.xyz/wp-content/themes/twentytwentyfour/assets/fonts/cardo/cardo_normal_400.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://earnads.xyz/wp-content/themes/twentytwentyfour/assets/images/windows.webp Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://earnads.xyz/wp-content/themes/twentytwentyfour/assets/fonts/inter/Inter-VariableFont_slnt,wght.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://earnads.xyz/wp-content/themes/twentytwentyfour/assets/fonts/cardo/cardo_italic_400.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://earnads.xyz/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajfnee.com
cjvdfw.com
earnads.xyz
himgta.com
i.wmgtr.com
mcizas.com
pagead2.googlesyndication.com
ptxhzp.com
tdmrfw.com
wivyiz.com
104.21.95.52
142.251.40.130
172.67.161.233
172.67.163.55
172.67.207.240
185.162.85.1
185.162.85.14
185.162.85.20
31.220.27.98
45.133.44.33
0fc42e518e17733d6c766ceec3a2154896e332571f130fae27e4f20480e0980c
1867d52a46e92ada66aeb4a276561ce757ef663b7e7ce84b46ef7c3bd6309932
2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384
38b1136cf93f9cb1dc433fd40347fed72ebce9522a55393f95feae15a8268233
3beb0ddef7f01b314403ea0d2b2ad1277fccbba2a84d5429315755bded8e69d6
3e958b6f27999f46e6e2a4ca53734193277bd5aa1efb93aa609b82838dfc0d6d
3efa3c6425365194636fb000719357c63e1dfed613742166e3f7a102cdf4f811
427ac43e4af699e849b14ba89ca741520633f9b53cc92115490a77cd92587dc9
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4e37b6dea2503484dc475a619ce903c19cbc30721a0d63f2b00287b00f7c0cf1
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5f28726d161960dda8cf699c8cd0b34799d74dfc6062ed95713d28fd4c163dfb
718d3c3a2fb7749bcc3e582497affa8235ef0b5dcff8247766eedad118089c79
71b43afa599e1045d172c1502f75a11f4130927f06e7a4be12ac71a0317b366a
7ab1e25df9f0e9825e577187a3c73ebda9c0a068d9b35d2a235b8e924b9c58e5
8069f7d1e6b8a2d641dc76a20035a55e132d5dde949089a74ab119d0095ee4a8
811896b153311b98ac3a0c4674ac679e6551716b27b728dd3813157a08d6137e
83e002a842eee8edee23f10b14cda875bbee6ddc1311113d06c4db344c5285a3
9538f2ce0a7ba2fee49aea13164eb80a2be3ca9b2b34b1cf3ede90d4c01db49f
d2b1a08482ad087823f8a93dfcdb15f0b016f10d22a1fd471f4a82a5425478cc
decd71a6384e1685ba650e326265dfc968b2a554d77acb234e6ddd7f4f61b468
dff78bf5cf8609ea17852272c321133d5fa248418759a425fcb413777dccf14f
e87eb4e12fc90b4ff647824cb065012ca28bd18a584dc0ff9d8160b57de2d520
eb02101065748a42ce2f94b93c470f6ad6caebc6a28af050b41d4b900fe36062

earnads.xyz Open in urlscan Pro 104.21.95.52 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

54 Requests

87 %HTTPS

0 %IPv6

10 Domains

10 Subdomains

11 IPs

3 Countries

355 kBTransfer

501 kBSize

1 Cookies

1 Outgoing links

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

earnads.xyz Open in urlscan Pro
104.21.95.52 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

87 %
HTTPS

0 %
IPv6

10
Domains

10
Subdomains

11
IPs

3
Countries

355 kB
Transfer

501 kB
Size

1
Cookies

54 HTTP transactions
0 data transactions