riadbtc.top Open in urlscan Pro
136.243.77.172 Public Scan

URL:
http://riadbtc.top/
Submission: On August 16 via manual (August 16th 2021, 1:33:39 pm UTC) from JM

Summary HTTP 48 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 16 domains to perform 48 HTTP transactions. The main IP is 136.243.77.172, located in Germany and belongs to HETZNER-AS, DE. The main domain is riadbtc.top.

This is the only time riadbtc.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	136.243.77.172 136.243.77.172	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2 11	2606:4700:20:... 2606:4700:20::681a:4a4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	162.0.234.104 162.0.234.104	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	2606:4700:303... 2606:4700:3035::ac43:d116	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3035::ac43:d5f3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
1	2a04:4e42:3::485 2a04:4e42:3::485	54113 (FASTLY) (FASTLY)
1	2606:4700:303... 2606:4700:3035::6815:49ef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.99.8.34 192.99.8.34	16276 (OVH) (OVH)
3	35.190.55.95 35.190.55.95	15169 (GOOGLE) (GOOGLE)
1	195.201.242.31 195.201.242.31	24940 (HETZNER-AS) (HETZNER-AS)
1	162.0.235.241 162.0.235.241	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	144.76.28.254 144.76.28.254	24940 (HETZNER-AS) (HETZNER-AS)
1	213.239.209.209 213.239.209.209	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
2	162.0.235.250 162.0.235.250	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	2606:4700:303... 2606:4700:3038::6815:eb72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
48	20

9 136.243.77.172 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: host.s-1.cyou

riadbtc.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:20::681a:4a4 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

bitcoinad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 162.0.234.104 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server1.adoto.net

adoto.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:d116 (United States)

ASN13335 (CLOUDFLARENET, US)

static.surfe.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3035::ac43:d5f3 (United States)

ASN13335 (CLOUDFLARENET, US)

cryptocoinsad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:49ef (United States)

ASN13335 (CLOUDFLARENET, US)

adpays.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.99.8.34 (Niagara Falls, Canada)

ASN16276 (OVH, FR)
PTR: ns501383.ip-192-99-8.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.55.95 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 95.55.190.35.bc.googleusercontent.com

www.onclickperformance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.242.31 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.31.242.201.195.clients.your-server.de

surfe.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.0.235.241 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium160-1.web-hosting.com

ayelads.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.76.28.254 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.254.28.76.144.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.239.209.209 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 213-239-209-209.clients.your-server.de

static.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.0.235.250 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium161-4.web-hosting.com

ayelads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:eb72 (United States)

ASN13335 (CLOUDFLARENET, US)

crrepo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	bitcoinad.io 2 redirects bitcoinad.io	456 KB
9	riadbtc.top riadbtc.top	123 KB
7	adoto.net adoto.net	91 KB
3	onclickperformance.com www.onclickperformance.com	5 KB
3	gstatic.com fonts.gstatic.com	56 KB
3	cryptocoinsad.com cryptocoinsad.com	13 KB
2	ayelads.com ayelads.com	133 KB
2	a-ads.com ad.a-ads.com static.a-ads.com	278 KB
2	histats.com s10.histats.com s4.histats.com	5 KB
2	surfe.pro static.surfe.pro surfe.pro	4 KB
1	crrepo.com crrepo.com	507 KB
1	googletagmanager.com www.googletagmanager.com	50 KB
1	ayelads.xyz ayelads.xyz	2 KB
1	adpays.net adpays.net	793 B
1	jsdelivr.net cdn.jsdelivr.net	30 KB
1	googleapis.com fonts.googleapis.com	702 B
48	16

	Domain	Requested by
11	bitcoinad.io	2 redirects riadbtc.top bitcoinad.io
9	riadbtc.top	riadbtc.top
7	adoto.net	riadbtc.top adoto.net
3	www.onclickperformance.com	adoto.net www.onclickperformance.com riadbtc.top
3	fonts.gstatic.com	fonts.googleapis.com
3	cryptocoinsad.com	riadbtc.top cryptocoinsad.com
2	ayelads.com	ayelads.xyz
1	crrepo.com	www.onclickperformance.com
1	www.googletagmanager.com	ayelads.xyz
1	static.a-ads.com	ad.a-ads.com
1	ad.a-ads.com	riadbtc.top
1	ayelads.xyz	riadbtc.top
1	surfe.pro	riadbtc.top
1	s4.histats.com	s10.histats.com
1	adpays.net	riadbtc.top
1	cdn.jsdelivr.net	adoto.net
1	s10.histats.com	adoto.net
1	static.surfe.pro	riadbtc.top
1	fonts.googleapis.com	riadbtc.top
48	19

This site contains links to these domains. Also see Links.

Domain
t.me

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
riadbtc.riadcrypto.com R3	`2021-08-02` - `2021-10-31`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-06` - `2022-07-05`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
histats.com R3	`2021-08-02` - `2021-10-31`	3 months	crt.sh
adoto.net cPanel, Inc. Certification Authority	`2021-06-02` - `2021-08-31`	3 months	crt.sh
onclickperformance.com Sectigo RSA Domain Validation Secure Server CA	`2021-01-22` - `2022-01-22`	a year	crt.sh
ayelads.xyz Sectigo RSA Domain Validation Secure Server CA	`2021-03-08` - `2022-03-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
ayelads.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-23` - `2021-12-23`	a year	crt.sh

This page contains 7 frames:

Primary Page: http://riadbtc.top/
Frame ID: EFD5670D0E6002A789C39CD34A10AD22
Requests: 23 HTTP requests in this frame

Frame: https://cryptocoinsad.com/ads/show.php?a=251567&b=392729
Frame ID: BFDACFA5A7CA2CFC4D72EA37AC22A7C3
Requests: 3 HTTP requests in this frame

Frame: http://adoto.net/dashboard/display/index.php?page=query/items/&aduid=581&pid=337&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=1110&page_data=2733b7230e2a4ca179c90065043ca655&time=1629120797&deliver=riadbtc.top&search_keywords=&page_referrer=aHR0cDovL3JpYWRidGMudG9wLw==&page_title=Home%20%7C%20Riad%20Btc&meta_description=
Frame ID: E2EB1C25D91076E7F6F44FCEAE4F24F8
Requests: 6 HTTP requests in this frame

Frame: https://ayelads.xyz/display/items.php?ad=eaUyD0l&s=1
Frame ID: 813DE967DE8E5F1C80F5DEE5A375D27E
Requests: 4 HTTP requests in this frame

Frame: http://ad.a-ads.com/1658428?size=728x90
Frame ID: 428E70A3A417710F8DAC1E4BFC81B654
Requests: 3 HTTP requests in this frame

Frame: https://bitcoinad.io/display/index.php?page=query/items/&aduid=244&pid=81&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=1110&page_data=9712476e8c85fe8a78c605a4186856de&time=1629120797&deliver=riadbtc.top&search_keywords=&page_referrer=aHR0cDovL3JpYWRidGMudG9wLw==&page_title=Home%20%7C%20Riad%20Btc&meta_description=
Frame ID: BAFDD576E9DF1390E174DC49D9C23DF1
Requests: 8 HTTP requests in this frame

Frame: https://www.onclickperformance.com/ad/display.php?stamat=m%7C%2C4Y2and2JqB1dAN0dEdHP3xP.7d3%2CTuo6O6WqAf9d0BILpW7O18RkpUdGhWHdkeNLC-83C030K0gSyiHrDDCP8L5Oil51CW_gsivJMRPVfVbrDf3Wyo2oWDL8eyXzScPIXKDotFs%2C&cbrandom=0.7284783831353117&cbtitle=&cbiframe=1&cbWidth=300&cbHeight=250&cbdescription=&cbkeywords=&cbref=http%3A%2F%2Friadbtc.top%2F
Frame ID: BC5D63A12BF0C25E0F05C67C533BD0A6
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

48
Requests

79 %
HTTPS

47 %
IPv6

16
Domains

19
Subdomains

20
IPs

4
Countries

1752 kB
Transfer

2703 kB
Size

13
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/riadcrypto
Title: Contact Us

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

http://bitcoinad.io/display/items.php?244&81&300&250&1&0&0 HTTP 301
https://bitcoinad.io/display/items.php?244&81&300&250&1&0&0

Request Chain 32

http://bitcoinad.io/display/index.php?page=query/items/&aduid=244&pid=81&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=1110&page_data=9712476e8c85fe8a78c605a4186856de&time=1629120797&deliver=riadbtc.top&search_keywords=&page_referrer=aHR0cDovL3JpYWRidGMudG9wLw==&page_title=Home%20%7C%20Riad%20Btc&meta_description= HTTP 301
https://bitcoinad.io/display/index.php?page=query/items/&aduid=244&pid=81&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=1110&page_data=9712476e8c85fe8a78c605a4186856de&time=1629120797&deliver=riadbtc.top&search_keywords=&page_referrer=aHR0cDovL3JpYWRidGMudG9wLw==&page_title=Home%20%7C%20Riad%20Btc&meta_description=

48 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
riadbtc.top/ 27 KB
12 KB 3026ms
3002ms Document
text/html 136.243.77.172
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://riadbtc.top/
Protocol: HTTP/1.1
Server: 136.243.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: host.s-1.cyou
Software: LiteSpeed / PHP/7.2.34
Resource Hash: f0031085953a8e1a28dd0e31010fbf32da09b4aae08829432e7982bd166dc679

Request headers

Host: riadbtc.top
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: Keep-Alive
X-Powered-By: PHP/7.2.34
Set-Cookie: csrf_cookie_name=0b9408fcad7f6b5de868dc686d2cad17; expires=Mon, 16-Aug-2021 15:33:16 GMT; Max-Age=7200; path=/ ci_session=3dce8ae7bb7cba18de7241f9e30e5ff8a1cdec29; expires=Mon, 16-Aug-2021 15:33:16 GMT; Max-Age=7200; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Mon, 16 Aug 2021 13:33:16 GMT
Server: LiteSpeed

GET
H2 200 css
fonts.googleapis.com/ 5 KB
702 B 16ms
13ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:400,600,700

Requested by

Host: riadbtc.top
URL: http://riadbtc.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d42f042ed608b6961fa3d30ecbf836e83c9f107e6aebe828e7fb8cafaa98b16e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://riadbtc.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 12:07:49 GMT
server: ESF
date: Mon, 16 Aug 2021 13:33:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 Aug 2021 13:33:17 GMT

GET
H2 200 bootstrap.min.css
riadbtc.top/public/bootstrap/css/ 157 KB
21 KB 76ms
24ms Stylesheet
text/css 136.243.77.172
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://riadbtc.top/public/bootstrap/css/bootstrap.min.css
Requested by: Host: riadbtc.top
URL: http://riadbtc.top/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: host.s-1.cyou
Software: LiteSpeed /
Resource Hash: 680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c

Request headers

Referer: http://riadbtc.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 13:33:17 GMT
content-encoding: br
last-modified: Tue, 12 May 2020 05:14:42 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 21469
expires: Mon, 23 Aug 2021 13:33:17 GMT

GET
H2 200 main.css
riadbtc.top/public/assets/css/ 52 KB
8 KB 93ms
42ms Stylesheet
text/css 136.243.77.172
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://riadbtc.top/public/assets/css/main.css
Requested by: Host: riadbtc.top
URL: http://riadbtc.top/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: host.s-1.cyou
Software: LiteSpeed /
Resource Hash: 0ae5a8e9180ea6e9166251167be540174bead8322ce883aa071949d86d277bb1

Request headers

Referer: http://riadbtc.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 13:33:17 GMT
content-encoding: br
last-modified: Mon, 06 Jul 2020 09:48:00 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 8043
expires: Mon, 23 Aug 2021 13:33:17 GMT

GET
H2 200 styles.css
riadbtc.top/public/css/ 10 KB
2 KB 93ms
42ms Stylesheet
text/css 136.243.77.172
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://riadbtc.top/public/css/styles.css
Requested by: Host: riadbtc.top
URL: http://riadbtc.top/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: host.s-1.cyou
Software: LiteSpeed /
Resource Hash: ffc5e59f0019eb6398f1220edee38683c3ef102aa7e7536a4e8d8c12b7e71269

Request headers

Referer: http://riadbtc.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 13:33:17 GMT
content-encoding: br
last-modified: Wed, 21 Oct 2020 10:19:30 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 2297
expires: Mon, 23 Aug 2021 13:33:17 GMT

GET
H2 200 helpdesk.css
riadbtc.top/public/assets/css/pages/ 9 KB
2 KB 93ms
43ms Stylesheet
text/css 136.243.77.172
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://riadbtc.top/public/assets/css/pages/helpdesk.css
Requested by: Host: riadbtc.top
URL: http://riadbtc.top/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: host.s-1.cyou
Software: LiteSpeed /
Resource Hash: 826d0c086f522c68317aec1b39946ea16141f16308781861344d80154759fa22

Request headers

Referer: http://riadbtc.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 13:33:17 GMT
content-encoding: br
last-modified: Mon, 13 Jul 2020 13:50:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 1939
expires: Mon, 23 Aug 2021 13:33:17 GMT

GET
H3-Q050 200 home_logo.png
riadbtc.top/public/img/ 28 KB
28 KB 55ms
27ms Image
image/png 136.243.77.172
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://riadbtc.top/public/img/home_logo.png
Requested by: Host: riadbtc.top
URL: http://riadbtc.top/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 136.243.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: host.s-1.cyou
Software: LiteSpeed /
Resource Hash: 74e486211d46fe3f07f230ae40a0c6891239a8fb7666290496913542a2dfe29c

Request headers

Referer: http://riadbtc.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 13:33:17 GMT
last-modified: Fri, 05 Jun 2020 08:51:52 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 28548
expires: Mon, 23 Aug 2021 13:33:17 GMT

GET
H2

200

items.php Show response
bitcoinad.io/display/
Redirect Chain

http://bitcoinad.io/display/items.php?244&81&300&250&1&0&0
https://bitcoinad.io/display/items.php?244&81&300&250&1&0&0

62 KB
12 KB

631ms
615ms

Script
application/javascript

2606:4700:20::681a:4a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bitcoinad.io/display/items.php?244&81&300&250&1&0&0
Requested by: Host: riadbtc.top
URL: http://riadbtc.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cc817f1d838aff9f5014b6da31e2563317d5439ac3ed7073ae014a95e8bee84

Request headers

Referer: http://riadbtc.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 13:33:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
pragma: no-cache
last-modified: Mon, 16 Aug 2021 13:33:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=poYv4GPDt%2Bfi%2FFg1g9rJh2LyRPR%2B2oqLQTYIMGTR%2F%2FK5kl3PALHdH58%2FX22RTV2KT2ea9eXdxKts4IE2bysiacYjCP0VVpWoWX1m9lI1Xp0TrHd3ctYVTXvjcar8GiI9Mo0AWn3Q%2FX28Uw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 67fb0895a88d05c4-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Mon, 16 Aug 2021 13:33:17 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LICxQVs01rboaO%2BuRH4RP8HiSqX5n59kbeoqmBtpKlfoarB8p%2BAFPscZESV1Fdp2t%2BMkAW8Oyc89jx1Dz2JCmC4x8XWmx5jTeSFw7EHnHEF3Dy9WdMGXvMFLJUk1RAUUVTdhYsUYe1%2BipA%3D%3D"}],"group":"cf-nel","max_age":604800}
Location: https://bitcoinad.io/display/items.php?244&81&300&250&1&0&0
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 67fb0895585d42f1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Expires: Mon, 16 Aug 2021 14:33:17 GMT

GET
H/1.1 200
OK items.php Show response
adoto.net/dashboard/display/ 62 KB
12 KB 369ms
350ms Script
application/javascript 162.0.234.104
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://adoto.net/dashboard/display/items.php?581&337&300&250&4&0&0

Requested by

Host: riadbtc.top
URL: http://riadbtc.top/

Protocol

HTTP/1.1

Server

162.0.234.104 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

server1.adoto.net

Software

nginx /

Resource Hash

5613fbea2e0d57b29b9fe5a39c67aa90e163b8820012221a96577e651383fc9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://riadbtc.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Aug 2021 13:33:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 16 Aug 2021 13:33:17 GMT
Server: nginx
Vary: Accept-Encoding, Accept-Encoding,User-Agent
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
X-Server-Powered-By: Engintron
Connection: keep-alive
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK serve.js Show response
adoto.net/dashboard/display/ 4 KB
2 KB 370ms
350ms Script
application/javascript 162.0.234.104
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://adoto.net/dashboard/display/serve.js

Requested by

Host: riadbtc.top
URL: http://riadbtc.top/

Protocol

HTTP/1.1

Server

162.0.234.104 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

server1.adoto.net

Software

nginx /

Resource Hash

5c95091c7760ec9cc5b58e31a7a23088a3bcae574c67034ae62df0d1bc804960

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://riadbtc.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 13:33:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sat, 17 Jul 2021 17:12:02 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Expires: Wed, 15 Sep 2021 13:33:17 GMT
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
X-Server-Powered-By: Engintron
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Nginx-Upstream-Cache-Status: HIT

GET
H/1.1 200
OK net.js Show response
static.surfe.pro/js/ 4 KB
3 KB 38ms
23ms Script
application/javascript 2606:4700:3035::ac43:d116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://static.surfe.pro/js/net.js
Requested by: Host: riadbtc.top
URL: http://riadbtc.top/
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:d116 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 726f449314a21b2062a33e5141b25d8969751d9a3126a27c7ca3d472b4ac9fb1

Request headers

Referer: http://riadbtc.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 13:33:17 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
last-modified: Sun, 15 Aug 2021 09:51:06 GMT
Server: cloudflare
Age: 4243
etag: W/"6118e38a-ec5"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0wXHIbsZFALG%2BrrP4nu6Xit15DxVQsd4IMU8KBOz961wYY3BJPGEwLSi0T0nmaoX8ospsgI95QWgQrsU6SNnKmYigSPww1DVvYOA4eK2Zb%2FM6MRx5fnFhXxYRsN1LvdMJvuzhT%2BErpaRAlWyTU6G"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 67fb08955c374a68-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H2 200 jquery-3.1.1.min.js Show response
riadbtc.top/public/assets/js/libs/ 85 KB
29 KB 98ms
48ms Script
application/javascript 136.243.77.172
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://riadbtc.top/public/assets/js/libs/jquery-3.1.1.min.js
Requested by: Host: riadbtc.top
URL: http://riadbtc.top/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: host.s-1.cyou
Software: LiteSpeed /
Resource Hash: 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

Referer: http://riadbtc.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 13:33:17 GMT
content-encoding: br
last-modified: Sat, 07 Jan 2017 20:15:10 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 29460
expires: Mon, 23 Aug 2021 13:33:17 GMT

GET
H2 200 popper.min.js Show response
riadbtc.top/public/bootstrap/js/ 19 KB
6 KB 101ms
52ms Script
application/javascript 136.243.77.172
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://riadbtc.top/public/bootstrap/js/popper.min.js
Requested by: Host: riadbtc.top
URL: http://riadbtc.top/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: host.s-1.cyou
Software: LiteSpeed /
Resource Hash: 3675f226f985b64eea6ae8544d5496a32d19993aae1ac4a3fa101263ef3206f7

Request headers

Referer: http://riadbtc.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 13:33:17 GMT
content-encoding: br
last-modified: Thu, 10 Aug 2017 15:26:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 6545
expires: Mon, 23 Aug 2021 13:33:17 GMT

GET
H3-Q050 200 bootstrap.min.js Show response
riadbtc.top/public/bootstrap/js/ 59 KB
14 KB 54ms
26ms Script
application/javascript 136.243.77.172
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://riadbtc.top/public/bootstrap/js/bootstrap.min.js
Requested by: Host: riadbtc.top
URL: http://riadbtc.top/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 136.243.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: host.s-1.cyou
Software: LiteSpeed /
Resource Hash: 38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff

Request headers

Referer: http://riadbtc.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 13:33:17 GMT
content-encoding: br
last-modified: Tue, 12 May 2020 05:14:42 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 14242
expires: Mon, 23 Aug 2021 13:33:17 GMT

GET
H2 200 show.php Show response
cryptocoinsad.com/ads/ Frame BFDA 2 KB
2 KB 200ms
178ms Document
text/html 2606:4700:3035::ac43:d5f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptocoinsad.com/ads/show.php?a=251567&b=392729
Requested by: Host: riadbtc.top
URL: http://riadbtc.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d5f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.27
Resource Hash: dd543ef6ce24d59d604e0c9a7161353469d47d3d06fab9dbb4dea788e2c8df69

Request headers

:method: GET
:authority: cryptocoinsad.com
:scheme: https
:path: /ads/show.php?a=251567&b=392729
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://riadbtc.top/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://riadbtc.top/

Response headers

date: Mon, 16 Aug 2021 13:33:17 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/5.6.27
set-cookie: i_273319392729=1; expires=Mon, 16-Aug-2021 13:22:12 GMT; Max-Age=600 __cf_bm=3cb743c8a517ba7291c14bba2582edcd4fdd65c5-1629120797-1800-Ae2qSdodVmUeS8uLHV6bRCjLIv3wQjP0sDbdjJSirenSVLQNTXnGB4QmYaEbRLtn3JKNzi7sDv0+L6LlPhmoNiA=; path=/; expires=Mon, 16-Aug-21 14:03:17 GMT; domain=.cryptocoinsad.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LRJFSGWgfiz8ect3g%2FvOQjsKH13YPTQ19FiHgmBO40svE3ZlMut2tA35CPQeTy90e9hUQ1NhTmlucJEo2CXxPPWRnp%2FXKgo9X7fB6Prxunp6vqCoxDzmp3Cq7V0gpd4ahdEx7Mqxseu0amhjn0Jpng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 67fb08956e641e47-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ea328f56987375536c2e37e70eb662c6ad1547543e2865aca2f978db1ca1091

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 XRXW3I6Li01BKofAjsOUYevI.woff2
fonts.gstatic.com/s/nunito/v16/ 19 KB
19 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofAjsOUYevI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

622b2acb1b2c8d4eba45b028583b297a195b839f4684fc02d6906c84779f763d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://riadbtc.top
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 18:37:46 GMT
x-content-type-options: nosniff
age: 586531
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19088
x-xss-protection: 0
last-modified: Wed, 25 Nov 2020 02:44:23 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 18:37:46 GMT

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v16/ 19 KB
19 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v16/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06f3af3fe52542d40ad9bc14ec03e04deaabd09ec369221cc8f536db1c72bf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://riadbtc.top
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 09:19:08 GMT
x-content-type-options: nosniff
age: 533649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18972
x-xss-protection: 0
last-modified: Wed, 25 Nov 2020 02:44:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 09:19:08 GMT

GET
H2 200 XRXW3I6Li01BKofA6sKUYevI.woff2
fonts.gstatic.com/s/nunito/v16/ 19 KB
19 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofA6sKUYevI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8a2fc19b3c25b470b6b7a2cb69be14e22328bc0bf9adfe709f0b1477fc61525

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://riadbtc.top
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:04:43 GMT
x-content-type-options: nosniff
age: 556114
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19248
x-xss-protection: 0
last-modified: Wed, 25 Nov 2020 02:44:29 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 03:04:43 GMT

GET
H3-29 200 19785.jpg
cryptocoinsad.com/banner/ads_banner/ Frame BFDA 7 KB
7 KB 48ms
27ms Image
image/jpeg 2606:4700:3035::ac43:d5f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptocoinsad.com/banner/ads_banner/19785.jpg
Requested by: Host: cryptocoinsad.com
URL: https://cryptocoinsad.com/ads/show.php?a=251567&b=392729
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d5f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 986d57e1d370ad2037020cc84ba00458a3a1f264f0866eb9355ab5c4acfd98cd

Request headers

Referer: https://cryptocoinsad.com/ads/show.php?a=251567&b=392729
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 13:33:17 GMT
cf-cache-status: HIT
last-modified: Wed, 11 Aug 2021 00:14:50 GMT
server: cloudflare
age: 3202
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6HcWNVCqdWk1HXIrp0YW1L4v2xVz%2FsJa1rGnhpRxd2aSLLq3B%2BxFtL0qVJpcBCdtwNRoIeWP7QTk7ZtlgnOYRS8PjTBnuFqur4JaNewptr7aCRg2DuGo0ZE3R%2BRSkxzqRILMBrM3STDEw8cN85bwSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=10800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 67fb0896bf614ec1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 7081

GET
H3-29 200 icon.png
cryptocoinsad.com/ads/show/img/ Frame BFDA 3 KB
4 KB 38ms
18ms Image
image/png 2606:4700:3035::ac43:d5f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptocoinsad.com/ads/show/img/icon.png
Requested by: Host: cryptocoinsad.com
URL: https://cryptocoinsad.com/ads/show.php?a=251567&b=392729
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d5f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b14ef09e5d084f7cb785998d54d37e486619c9b9527e72776a7c9d2b7e85c828

Request headers

Referer: https://cryptocoinsad.com/ads/show.php?a=251567&b=392729
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 13:33:17 GMT
cf-cache-status: HIT
last-modified: Thu, 18 Apr 2019 13:34:47 GMT
server: cloudflare
age: 4236
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rex7Vas%2Bnc4EpHH%2BRXBtnzaXS7hlkDP9lKSNttIaZz1r%2FZI6T7ZgXU9fMfAqlHICGilz8WrRD%2BSxOFpIA5knBkadBch%2BB%2BHbFhyQznKmRrWovW%2BAEV0LLR%2BJXMMGPKbowgu5iC03Q2YlUMr7mIvd3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=10800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 67fb0896bf5e4ec1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3309

GET
H/1.1 200
OK js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 55ms
41ms Script
application/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://s10.histats.com/js15_as.js
Requested by: Host: adoto.net
URL: http://adoto.net/dashboard/display/serve.js
Protocol: HTTP/1.1
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Referer: http://riadbtc.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 13:31:55 GMT
content-encoding: gzip
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip: 137.74.120.0/27
etag: W/"-375139978"
x-cacheable: Matched cache
vary: Accept-Encoding
x-iplb-instance: 40746
content-type: application/javascript; charset=UTF-8
x-cdn-pop: sbg
accept-ranges: bytes
x-iplb-request-id: B9D82263:3692_2E69C9F0:0050_611A691D_54E994:35F8
content-length: 4547
x-request-id: 420382096

GET
H2 200 jquery.min.js Show response
cdn.jsdelivr.net/jquery/3.0.0-rc1/ 84 KB
30 KB 20ms
6ms Script
application/javascript 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/jquery/3.0.0-rc1/jquery.min.js

Requested by

Host: adoto.net
URL: http://adoto.net/dashboard/display/serve.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

df68e90250b9a60fc184ef194d1769d3af8aa67396cc064281cb77e2ef6bf876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://riadbtc.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 4815535
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 30035
etag: W/"1511e-iX3qQTkE9uH1SwOLGxDGVnnk1pk"
x-served-by: cache-fra19161-FRA
date: Mon, 16 Aug 2021 13:33:17 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK index.php Show response
adoto.net/dashboard/display/ Frame E2EB 7 KB
3 KB 229ms
229ms Document
text/html 162.0.234.104
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://adoto.net/dashboard/display/index.php?page=query/items/&aduid=581&pid=337&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=1110&page_data=2733b7230e2a4ca179c90065043ca655&time=1629120797&deliver=riadbtc.top&search_keywords=&page_referrer=aHR0cDovL3JpYWRidGMudG9wLw==&page_title=Home%20%7C%20Riad%20Btc&meta_description=

Requested by

Host: adoto.net
URL: http://adoto.net/dashboard/display/items.php?581&337&300&250&4&0&0

Protocol

HTTP/1.1

Server

162.0.234.104 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

server1.adoto.net

Software

nginx /

Resource Hash

82982ae2028dec1cc91108778da7a22c0ade495f080b29437d5ec6f11ace63e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: adoto.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://riadbtc.top/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://riadbtc.top/

Response headers

Server: nginx
Date: Mon, 16 Aug 2021 13:33:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding,User-Agent
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Server-Powered-By: Engintron
Content-Encoding: gzip

GET
H2 200 ads.php Show response
adpays.net/serve/ 0
793 B 230ms
208ms Script
text/html 2606:4700:3035::6815:49ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adpays.net/serve/ads.php?a=20788&b=1x1&random=22943407&referr=
Requested by: Host: riadbtc.top
URL: http://riadbtc.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:49ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.31
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://riadbtc.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 16 Aug 2021 13:33:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.6.31
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qOGuJtCr4nLJXaGmdMvj2Mq7CSXcSAKkjSrvK9fOkr0JzFIQL72JJhaqcyMU4dCwU%2BMe5fI%2B3%2FQ7NQd6GbEGcUL0qCzhZ1EslCzFDDgNVmqNK1vA4S3ARlMEACVSRsTOfe4IQoerAnoD"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 67fb0897ffb64e92-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 53 B
187 B 361ms
120ms Script
text/html 192.99.8.34
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4531111&@f16&@g1&@h1&@i1&@j1629120797437&@k0&@l1&@mHome%20%7C%20Riad%20Btc&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:134303541&@b3:1629120797&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttp%3A%2F%2Friadbtc.top%2F&@w
Requested by: Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.8.34 Niagara Falls, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns501383.ip-192-99-8.net
Software: /
Resource Hash: dd6541e35adb01764721580d7fa2d5911b8e0cb46d0902596f50b7d784d615ae

Request headers

Referer: http://riadbtc.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 13:33:17 GMT
Connection: close
Content-Length: 53
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK jquery.min.js Show response
adoto.net/dashboard/display/js/ Frame E2EB 243 KB
73 KB 183ms
183ms Script
application/javascript 162.0.234.104
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://adoto.net/dashboard/display/js/jquery.min.js

Requested by

Host: adoto.net
URL: http://adoto.net/dashboard/display/index.php?page=query/items/&aduid=581&pid=337&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=1110&page_data=2733b7230e2a4ca179c90065043ca655&time=1629120797&deliver=riadbtc.top&search_keywords=&page_referrer=aHR0cDovL3JpYWRidGMudG9wLw==&page_title=Home%20%7C%20Riad%20Btc&meta_description=

Protocol

HTTP/1.1

Server

162.0.234.104 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

server1.adoto.net

Software

nginx /

Resource Hash

a3caed62a1e0d87142db5c8c39d43a61cf0679700fdf6dffc6598f35242da762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://adoto.net/dashboard/display/index.php?page=query/items/&aduid=581&pid=337&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=1110&page_data=2733b7230e2a4ca179c90065043ca655&time=1629120797&deliver=riadbtc.top&search_keywords=&page_referrer=aHR0cDovL3JpYWRidGMudG9wLw==&page_title=Home%20%7C%20Riad%20Btc&meta_description=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 13:33:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sun, 11 Apr 2021 22:28:47 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Expires: Wed, 15 Sep 2021 13:33:17 GMT
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
X-Server-Powered-By: Engintron
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Nginx-Upstream-Cache-Status: HIT

GET
H2 200 data.png
adoto.net/dashboard/images/ Frame E2EB 931 B
1 KB 538ms
179ms Image
image/png 162.0.234.104
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adoto.net/dashboard/images/data.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

162.0.234.104 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

server1.adoto.net

Software

nginx /

Resource Hash

f65dd0ed5ab0097e2cb276b346ccfaddb2a9134c9278af39c6a24cd821fce06f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://adoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 13:33:18 GMT
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 12:48:50 GMT
server: nginx
content-type: image/png
expires: Fri, 15 Oct 2021 13:33:18 GMT
cache-control: max-age=5184000
x-server-powered-by: Engintron
accept-ranges: bytes
content-length: 931
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT

GET
H2 200 1-icon-1616283432.jpg
adoto.net/dashboard/upload/credit/ Frame E2EB 798 B
1 KB 179ms
179ms Image
image/jpeg 162.0.234.104
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adoto.net/dashboard/upload/credit/1-icon-1616283432.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

162.0.234.104 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

server1.adoto.net

Software

nginx /

Resource Hash

585144583c00175d5db3c803aad596264d87ab802994c6fa72ed17d37527f041

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://adoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 13:33:18 GMT
x-content-type-options: nosniff
last-modified: Sat, 20 Mar 2021 23:37:12 GMT
server: nginx
content-type: image/jpeg
expires: Fri, 15 Oct 2021 13:33:18 GMT
cache-control: max-age=5184000
x-server-powered-by: Engintron
accept-ranges: bytes
content-length: 798
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT

GET
H2 200 display.php Show response
www.onclickperformance.com/a/ Frame E2EB 6 KB
2 KB 233ms
151ms Script
application/javascript 35.190.55.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onclickperformance.com/a/display.php?r=4936879&sub1=464
Requested by: Host: adoto.net
URL: http://adoto.net/dashboard/display/index.php?page=query/items/&aduid=581&pid=337&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=1110&page_data=2733b7230e2a4ca179c90065043ca655&time=1629120797&deliver=riadbtc.top&search_keywords=&page_referrer=aHR0cDovL3JpYWRidGMudG9wLw==&page_title=Home%20%7C%20Riad%20Btc&meta_description=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.55.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 95.55.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 45601a8b83b666c47c14d3535bfba2fae9c85f13e0e47342e5e60b27a930daab

Request headers

Referer: http://adoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 16 Aug 2021 13:33:18 GMT
content-encoding: gzip
server: openresty
alt-svc: clear
via: 1.1 google
content-type: application/javascript; charset=utf-8

POST
H/1.1 200
OK id Show response
surfe.pro/net/ 17 B
600 B 50ms
38ms XHR
text/html 195.201.242.31
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://surfe.pro/net/id
Requested by: Host: riadbtc.top
URL: http://riadbtc.top/
Protocol: HTTP/1.1
Server: 195.201.242.31 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.31.242.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 491533b86250be4876b8d829bbb5bdad909bf9386fe02c2879d9be91fe844f1c

Request headers

Referer: http://riadbtc.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Mon, 16 Aug 2021 13:33:17 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS, DELETE, PUT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: http://riadbtc.top
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type

GET
H2 200 items.php Show response
ayelads.xyz/display/ Frame 813D 1 KB
2 KB 597ms
229ms Document
text/html 162.0.235.241
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ayelads.xyz/display/items.php?ad=eaUyD0l&s=1
Requested by: Host: riadbtc.top
URL: http://riadbtc.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.235.241 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium160-1.web-hosting.com
Software: LiteSpeed / PHP/7.2.34
Resource Hash: 505771d35db47c504102a0238021bafd4446f91013b9eaa671b3df29ed2175e7

Request headers

:method: GET
:authority: ayelads.xyz
:scheme: https
:path: /display/items.php?ad=eaUyD0l&s=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://riadbtc.top/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://riadbtc.top/

Response headers

x-powered-by: PHP/7.2.34
set-cookie: PHPSESSID=ea2702e7d4e755fe8ff2032855965960; path=/; secure AYID=%7B%22sec_to_refresh%22%3A5%2C%22time_ads%22%3A1629120798%2C%22ads_viewed%22%3A%5B%5D%7D; expires=Mon, 16-Aug-2021 14:33:18 GMT; Max-Age=3600; path=/; SameSite=None; Secure eaUyD0l=%7B%22dataTag%22%3A%7B%22username%22%3A%22riad1234%22%2C%22site%22%3A%223454%22%2C%22domain%22%3A%22riadbtc.top%22%2C%22startG%22%3A%220%22%2C%22tag%22%3A%22eaUyD0l%22%2C%22status%22%3A%22Active%22%2C%22country%22%3A%22ZZ%22%2C%22device%22%3A%22Desktop%22%2C%22category%22%3A%2234%22%2C%22size%22%3A%22728x90%22%2C%22banners%22%3A%7B%22rt%22%3A%5B3%2C4%2C5%2C6%5D%2C%22id%22%3A%5B%222084%22%2C%222192%22%2C%222198%22%2C%222237%22%5D%7D%2C%22tRotate%22%3A6%2C%22referral%22%3A%5Bnull%2Cnull%5D%7D%7D; expires=Mon, 16-Aug-2021 14:33:18 GMT; Max-Age=3600; path=/; SameSite=None; Secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 563
content-encoding: br
vary: Accept-Encoding
date: Mon, 16 Aug 2021 13:33:18 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed

GET
H/1.1 200
OK 1658428 Show response
ad.a-ads.com/ Frame 428E 6 KB
2 KB 65ms
52ms Document
text/html 144.76.28.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ad.a-ads.com/1658428?size=728x90

Requested by

Host: riadbtc.top
URL: http://riadbtc.top/

Protocol

HTTP/1.1

Server

144.76.28.254 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.254.28.76.144.clients.your-server.de

Software

nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)

Resource Hash

528e33419e29c8be2102547be315ee49c1dc8ddfc14bdcbf0113552ad46f4182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://riadbtc.top/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://riadbtc.top/

Response headers

Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 16 Aug 2021 13:33:17 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Original-Referer: http://riadbtc.top/
Content-Encoding: gzip

GET
H3-29

200

index.php Show response
bitcoinad.io/display/ Frame BAFD
Redirect Chain

http://bitcoinad.io/display/index.php?page=query/items/&aduid=244&pid=81&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWi...
https://bitcoinad.io/display/index.php?page=query/items/&aduid=244&pid=81&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionW...

8 KB
4 KB

659ms
639ms

Document
text/html

2606:4700:20::681a:4a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bitcoinad.io/display/index.php?page=query/items/&aduid=244&pid=81&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=1110&page_data=9712476e8c85fe8a78c605a4186856de&time=1629120797&deliver=riadbtc.top&search_keywords=&page_referrer=aHR0cDovL3JpYWRidGMudG9wLw==&page_title=Home%20%7C%20Riad%20Btc&meta_description=
Requested by: Host: bitcoinad.io
URL: http://bitcoinad.io/display/items.php?244&81&300&250&1&0&0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:4a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51a6d9c0cc3fe2f68e49c45f536d6a2581eddd13862021139a780ef2e24b8183

Request headers

:method: GET
:authority: bitcoinad.io
:scheme: https
:path: /display/index.php?page=query/items/&aduid=244&pid=81&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=1110&page_data=9712476e8c85fe8a78c605a4186856de&time=1629120797&deliver=riadbtc.top&search_keywords=&page_referrer=aHR0cDovL3JpYWRidGMudG9wLw==&page_title=Home%20%7C%20Riad%20Btc&meta_description=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://riadbtc.top/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://riadbtc.top/

Response headers

date: Mon, 16 Aug 2021 13:33:18 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GpcX2nmvs98FSMI2fHiMI4q9U3dSuURmBWBKOvECbiTcRCeNZn265c0bL7T5XfH0mrZl86C%2F9ViV0Y6f6j1HPvK1Q%2BeFakXp2INky16TNaPtUPP1RRMZCdoIGm2re83hChBgJugTeupqxA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 67fb0899bb454ed3-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

Date: Mon, 16 Aug 2021 13:33:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 16 Aug 2021 14:33:17 GMT
Location: https://bitcoinad.io/display/index.php?page=query/items/&aduid=244&pid=81&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=1110&page_data=9712476e8c85fe8a78c605a4186856de&time=1629120797&deliver=riadbtc.top&search_keywords=&page_referrer=aHR0cDovL3JpYWRidGMudG9wLw==&page_title=Home%20%7C%20Riad%20Btc&meta_description=
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8AaFKssyj6fhTX4DbsuGq53NOZlWVaRqI8yT3VnLM6bvN3t5EI76uX6MyLU2XfzDfOkM%2Fy3XtOIsI7iWPv6g6dBJ%2FMRqLQvZmXXvHAl63jSWdDoPB2NlQkBMQEtftWPm7D8QCjYsWarcbA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 67fb08998cbc42f1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H/1.1 200
OK 728x90
static.a-ads.com/a-ads-banners/245374/ Frame 428E 275 KB
275 KB 50ms
37ms Image
image/gif 213.239.209.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.a-ads.com/a-ads-banners/245374/728x90?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: http://ad.a-ads.com/1658428?size=728x90
Protocol: HTTP/1.1
Server: 213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 213-239-209-209.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 73f4147afb0d04922c2cc34678466ff76f6ec16d36ed8d62dd6cb13d5090b9f4

Request headers

Referer: http://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 13:33:17 GMT
Last-Modified: Thu, 12 Aug 2021 16:49:53 GMT
Server: nginx/1.18.0 (Ubuntu)
x-amz-request-id: FPCJ821W5ZJ2TSKZ
ETag: "04339f913bb6ea8ad9724acc0f6c0d7c"
Content-Type: image/gif
Cache-Control: max-age=315360000
x-amz-replication-status: COMPLETED
Content-Length: 281458
Connection: keep-alive
Accept-Ranges: bytes
x-amz-version-id: Lpv5NFpkcuRUvOivSv72DzupPs13ZlcF
x-amz-id-2: EFVoTzmM6Nv3VQ14ir1FwhteR7oz6LL4szljCaEZdJhSXvEo7qG+0hBWh4iVbsicySSwRF/VsRo=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 428E 305 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Referer: http://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 display.php Show response
www.onclickperformance.com/ad/ Frame BC5D 4 KB
2 KB 169ms
168ms Document
text/html 35.190.55.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onclickperformance.com/ad/display.php?stamat=m%7C%2C4Y2and2JqB1dAN0dEdHP3xP.7d3%2CTuo6O6WqAf9d0BILpW7O18RkpUdGhWHdkeNLC-83C030K0gSyiHrDDCP8L5Oil51CW_gsivJMRPVfVbrDf3Wyo2oWDL8eyXzScPIXKDotFs%2C&cbrandom=0.7284783831353117&cbtitle=&cbiframe=1&cbWidth=300&cbHeight=250&cbdescription=&cbkeywords=&cbref=http%3A%2F%2Friadbtc.top%2F
Requested by: Host: www.onclickperformance.com
URL: https://www.onclickperformance.com/a/display.php?r=4936879&sub1=464
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.55.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 95.55.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 6948bf50e6bfbf40397d2c59549bc27974145fe696228ed533e1b71d7265bddc

Request headers

:method: GET
:authority: www.onclickperformance.com
:scheme: https
:path: /ad/display.php?stamat=m%7C%2C4Y2and2JqB1dAN0dEdHP3xP.7d3%2CTuo6O6WqAf9d0BILpW7O18RkpUdGhWHdkeNLC-83C030K0gSyiHrDDCP8L5Oil51CW_gsivJMRPVfVbrDf3Wyo2oWDL8eyXzScPIXKDotFs%2C&cbrandom=0.7284783831353117&cbtitle=&cbiframe=1&cbWidth=300&cbHeight=250&cbdescription=&cbkeywords=&cbref=http%3A%2F%2Friadbtc.top%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://adoto.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://adoto.net/

Response headers

server: openresty
date: Mon, 16 Aug 2021 13:33:18 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
link: <//www.onclickperformance.com>; rel=dns-prefetch,<//www.onclickperformance.com>; rel=preconnect,<//enlisted.net>; rel=dns-prefetch,<//enlisted.net>; rel=preconnect
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 813D 127 KB
50 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-16QSGVS5Y8

Requested by

Host: ayelads.xyz
URL: https://ayelads.xyz/display/items.php?ad=eaUyD0l&s=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b0eae03d73f7d836021034da79be04bd475cbea80a4fa11e0fb2e3152788dab8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://ayelads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 13:33:18 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51288
x-xss-protection: 0
expires: Mon, 16 Aug 2021 13:33:18 GMT

GET
H2 200 logo_ad1.png
ayelads.com/page/image/ Frame 813D 503 B
712 B 2432ms
2070ms Image
image/png 162.0.235.250
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ayelads.com/page/image/logo_ad1.png
Requested by: Host: ayelads.xyz
URL: https://ayelads.xyz/display/items.php?ad=eaUyD0l&s=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.235.250 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium161-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 997d968621d97121b423e07a7188084805214b3d2a874d576cc5b795686dac7d

Request headers

Referer: https://ayelads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 13:33:18 GMT
last-modified: Fri, 27 Nov 2020 10:25:31 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 503
expires: Mon, 23 Aug 2021 13:33:18 GMT

GET
H2 200 ad1.gif
ayelads.com/res/files/images/ Frame 813D 132 KB
132 KB 2394ms
2034ms Image
image/gif 162.0.235.250
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ayelads.com/res/files/images/ad1.gif
Requested by: Host: ayelads.xyz
URL: https://ayelads.xyz/display/items.php?ad=eaUyD0l&s=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.235.250 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium161-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 657bdbb09a4fed3eac02a1f12fb45d9d1b49017864a8db5d6faf4b34239393c0

Request headers

Referer: https://ayelads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 13:33:18 GMT
last-modified: Wed, 06 Jan 2021 17:50:48 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 135367
expires: Mon, 23 Aug 2021 13:33:18 GMT

GET
H3-29 200 jquery.min.js Show response
bitcoinad.io/display/js/ Frame BAFD 243 KB
74 KB 25ms
25ms Script
application/javascript 2606:4700:20::681a:4a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bitcoinad.io/display/js/jquery.min.js
Requested by: Host: bitcoinad.io
URL: https://bitcoinad.io/display/index.php?page=query/items/&aduid=244&pid=81&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=1110&page_data=9712476e8c85fe8a78c605a4186856de&time=1629120797&deliver=riadbtc.top&search_keywords=&page_referrer=aHR0cDovL3JpYWRidGMudG9wLw==&page_title=Home%20%7C%20Riad%20Btc&meta_description=
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:4a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0047f2b4e58d50cd286045db5a9a694d843c551e96e92f7bcd10bf2e111149f2

Request headers

Referer: https://bitcoinad.io/display/index.php?page=query/items/&aduid=244&pid=81&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=1110&page_data=9712476e8c85fe8a78c605a4186856de&time=1629120797&deliver=riadbtc.top&search_keywords=&page_referrer=aHR0cDovL3JpYWRidGMudG9wLw==&page_title=Home%20%7C%20Riad%20Btc&meta_description=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 13:33:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 17 Apr 2021 10:55:55 GMT
server: cloudflare
age: 4239
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ILjSfZmiAu%2Brt4tFbGcfzr1K1iO4H0NyzF8AJg6dYVXK966VzIjyVPCn4PLiJjFYeVQdRNwsmih1WZpor0EIcPKje7n%2FOi%2BK8jx7Xz%2BPmIWUNI8qvcAKh7ObTiPwbrnj7ynqOwuCsjXD4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 67fb089dcc7e4ed3-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 api.js Show response
bitcoinad.io/cdn-cgi/bm/cv/669835187/ Frame BAFD 35 KB
9 KB 10ms
9ms Script
text/javascript 2606:4700:20::681a:4a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bitcoinad.io/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: bitcoinad.io
URL: https://bitcoinad.io/display/index.php?page=query/items/&aduid=244&pid=81&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=1110&page_data=9712476e8c85fe8a78c605a4186856de&time=1629120797&deliver=riadbtc.top&search_keywords=&page_referrer=aHR0cDovL3JpYWRidGMudG9wLw==&page_title=Home%20%7C%20Riad%20Btc&meta_description=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:4a4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bitcoinad.io/display/index.php?page=query/items/&aduid=244&pid=81&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=1110&page_data=9712476e8c85fe8a78c605a4186856de&time=1629120797&deliver=riadbtc.top&search_keywords=&page_referrer=aHR0cDovL3JpYWRidGMudG9wLw==&page_title=Home%20%7C%20Riad%20Btc&meta_description=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 13:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ktjc2p2qWSaHRLQC4S6RNEgbbeCG8sLS38uaR5FsVKT2wlod%2FrStk6EF1WsP1W%2F2H9K32TlDWuijKxBOpRRoac%2FtpzOiUpo2kZgRx2SRLOshHp39nlmyKDVRVvOMqxGDaKk07906XqDsQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 67fb089dcc804ed3-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 data.png
bitcoinad.io/images/ Frame BAFD 34 B
679 B 30ms
30ms Image
image/webp 2606:4700:20::681a:4a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bitcoinad.io/images/data.png
Requested by: Host: bitcoinad.io
URL: https://bitcoinad.io/display/index.php?page=query/items/&aduid=244&pid=81&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=1110&page_data=9712476e8c85fe8a78c605a4186856de&time=1629120797&deliver=riadbtc.top&search_keywords=&page_referrer=aHR0cDovL3JpYWRidGMudG9wLw==&page_title=Home%20%7C%20Riad%20Btc&meta_description=
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:4a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ebfb232be8f0669147ffd79ac8aebb42bc8f5b178f283d3bd6dc306e316a28e

Request headers

Referer: https://bitcoinad.io/display/index.php?page=query/items/&aduid=244&pid=81&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=1110&page_data=9712476e8c85fe8a78c605a4186856de&time=1629120797&deliver=riadbtc.top&search_keywords=&page_referrer=aHR0cDovL3JpYWRidGMudG9wLw==&page_title=Home%20%7C%20Riad%20Btc&meta_description=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 13:33:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4872
cf-polished: origFmt=png, origSize=931
content-disposition: inline; filename="data.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 34
last-modified: Sat, 17 Apr 2021 10:55:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SMX3xt6q5T8PW7eCI%2BQzkMlAkDpn4%2FNevEFA7GgXbM9vCvM3wnIYt5CpINib255eNGLKePM9eJP83qQiZ%2Flu15FUT4GplOqSql4K0rqmydiQffv6WNPUovKRg3%2BgALE0YE1ry8UCq3Bm6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 67fb089ddc9f4ed3-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 55_1628640624.gif
bitcoinad.io/upload/ Frame BAFD 350 KB
350 KB 25ms
25ms Image
image/gif 2606:4700:20::681a:4a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bitcoinad.io/upload/55_1628640624.gif
Requested by: Host: bitcoinad.io
URL: https://bitcoinad.io/display/index.php?page=query/items/&aduid=244&pid=81&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=1110&page_data=9712476e8c85fe8a78c605a4186856de&time=1629120797&deliver=riadbtc.top&search_keywords=&page_referrer=aHR0cDovL3JpYWRidGMudG9wLw==&page_title=Home%20%7C%20Riad%20Btc&meta_description=
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:4a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d9abf8e4e4c59724c8890d13b23732f3eb51d78eda1716050cc5d71e69bd4cd

Request headers

Referer: https://bitcoinad.io/display/index.php?page=query/items/&aduid=244&pid=81&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=1110&page_data=9712476e8c85fe8a78c605a4186856de&time=1629120797&deliver=riadbtc.top&search_keywords=&page_referrer=aHR0cDovL3JpYWRidGMudG9wLw==&page_title=Home%20%7C%20Riad%20Btc&meta_description=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 13:33:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4630
cf-polished: origSize=376848, status=webp_bigger
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 357911
last-modified: Wed, 11 Aug 2021 00:10:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=64gr0W6Ji%2FzzvvsSOYlkD0wZp%2BECh0iIS%2BoxdWS%2FZz7xOGuHverxRQi9hH7OD4KFyZbWi%2FuLcb8u6txqZ7DDRUJiMZFge3to8vzbAQDAKNzM6rwnk0RlN5VkQvb9djqRcWLb8g4WzhUk6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 67fb089e0d0e4ed3-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 rocket-loader.min.js Show response
bitcoinad.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame BAFD 12 KB
4 KB 10ms
10ms Script
application/javascript 2606:4700:20::681a:4a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bitcoinad.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:4a4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://bitcoinad.io/display/index.php?page=query/items/&aduid=244&pid=81&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=1110&page_data=9712476e8c85fe8a78c605a4186856de&time=1629120797&deliver=riadbtc.top&search_keywords=&page_referrer=aHR0cDovL3JpYWRidGMudG9wLw==&page_title=Home%20%7C%20Riad%20Btc&meta_description=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 13:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 10:09:00 GMT
server: cloudflare
etag: W/"6114f33c-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IcxR02Mx4uq04%2Fl%2BzxANH%2FOI5I%2Fw3KJvVo6U9o6XQd6NlQa1Jh17HzdvbY7XriatLuN1Drh%2B9IHXweNjzQClJeUG9%2BsRLRDWVxPzacQtfbtvbwaRE1nv3o%2Fx8GvttlHvo7oRTt4S8L7pLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 67fb089e0d124ed3-FRA
vary: Accept-Encoding
expires: Wed, 18 Aug 2021 13:33:18 GMT

GET
H2 200 b60e965678f0a6f031a5cb655b5fc806_6956.jpg
crrepo.com/extban/267649620/creatives/23312688/ Frame BC5D 506 KB
507 KB 45ms
19ms Image
image/jpeg 2606:4700:3038::6815:eb72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crrepo.com/extban/267649620/creatives/23312688/b60e965678f0a6f031a5cb655b5fc806_6956.jpg
Requested by: Host: www.onclickperformance.com
URL: https://www.onclickperformance.com/ad/display.php?stamat=m%7C%2C4Y2and2JqB1dAN0dEdHP3xP.7d3%2CTuo6O6WqAf9d0BILpW7O18RkpUdGhWHdkeNLC-83C030K0gSyiHrDDCP8L5Oil51CW_gsivJMRPVfVbrDf3Wyo2oWDL8eyXzScPIXKDotFs%2C&cbrandom=0.7284783831353117&cbtitle=&cbiframe=1&cbWidth=300&cbHeight=250&cbdescription=&cbkeywords=&cbref=http%3A%2F%2Friadbtc.top%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e12fd6ea255c22b12877d9bb3e9b36458ec129d59f366cd902973e3a4bd21afd

Request headers

Referer: https://www.onclickperformance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 13:33:18 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Mon, 19 Jul 2021 15:45:03 GMT
server: cloudflare
age: 2991
etag: W/"60f59dff-7e634"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LuThw3dqFrxd%2BV4R8RZFFhfhR9xu%2FuagrFZ4jiZ2kPpAe1hU7tVuoBDzNXpbFsY%2B0oLIuB4GtwnZdQNIk%2BwR2lcv9lTo17SQxtYHO8UyNg7cMecpWAtoVvAJofFsEOYXBcIbpkFFZm5o"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 67fb089e2b7b4ebc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

POST
H3-29 204 result Show response
bitcoinad.io/cdn-cgi/bm/cv/ Frame BAFD 0
749 B 9ms
9ms XHR
text/plain 2606:4700:20::681a:4a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bitcoinad.io/cdn-cgi/bm/cv/result?req_id=67fb0899bb454ed3
Requested by: Host: bitcoinad.io
URL: https://bitcoinad.io/cdn-cgi/bm/cv/669835187/api.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:4a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bitcoinad.io/display/index.php?page=query/items/&aduid=244&pid=81&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=1110&page_data=9712476e8c85fe8a78c605a4186856de&time=1629120797&deliver=riadbtc.top&search_keywords=&page_referrer=aHR0cDovL3JpYWRidGMudG9wLw==&page_title=Home%20%7C%20Riad%20Btc&meta_description=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 16 Aug 2021 13:33:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hg2c7EPY69oLGaUxSDa71DiifNioVRTJWcVY4fL%2FpJbh0%2BOBph%2F5sg168Czloqgk8BFczOeJlSv%2BSXEZ0mOS22uZgCJz9wMWIwvfEnJ8HMbQltj4bfLPptZq8jPPpz5sFG0M5UsWCJD1ng%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 67fb089e9e554ed3-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 index.php Show response
adoto.net/dashboard/track/ Frame E2EB 133 B
332 B 1617ms
1617ms Script
application/javascript 162.0.234.104
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://adoto.net/dashboard/track/index.php?page=click/data/0|47|0|337|581|1|464|2|0|47|2.0E-5|4.0E-5|0|0/09fae561d22351b658cb83f9d4212b63/1629120808/AT/

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

162.0.234.104 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

server1.adoto.net

Software

nginx /

Resource Hash

f9723c1acdd98a87deafb47078e18b296c5e341b27ce3d5735398ee8a33626eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://adoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 13:33:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding, Accept-Encoding,User-Agent
content-type: application/javascript
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block

GET
H3-29 403 index.php
bitcoinad.io/track/ Frame BAFD 0
0 12ms
12ms Script
text/html 2606:4700:20::681a:4a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bitcoinad.io/track/index.php?page=click/data/1|55|0|81|244|1|194|1|0|55|0.0001|0.0002|0|0/f398018588346c4867d54174c5c27755/1629120809/DE/

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:4a4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bitcoinad.io/display/index.php?page=query/items/&aduid=244&pid=81&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=1110&page_data=9712476e8c85fe8a78c605a4186856de&time=1629120797&deliver=riadbtc.top&search_keywords=&page_referrer=aHR0cDovL3JpYWRidGMudG9wLw==&page_title=Home%20%7C%20Riad%20Btc&meta_description=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 13:33:19 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eY0ZNS6HWP9pQwXIsiQIaa9cn4tXOA8LKgO6HPJsDektZbW8LEDxTr2vfVJlRhhMq%2Fm1aVjQjLfPowiJ77%2F00FK%2F9SdjudzgJaFuLdl0PKVGdAfBsFZyKPih54t8Flitxb9LB%2B9m%2BoWUDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 67fb08a45c184ed3-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 204 i.php
www.onclickperformance.com/script/ Frame BC5D 0
61 B 401ms
401ms Image
text/plain 35.190.55.95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onclickperformance.com/script/i.php?stamat=m%7C%2C%2Cg2Y_NjE6oGU3BU9GH0dEdHP3xP.024%2CpwTiIbKSSaYkGm41KS9JHa_l2ifeuTcSLE450CmjSuNtI_IclLXVzKLXu2IdnxUy6O4dRUEvsv0jrqRHGDnoQsSXaKIqTFkTJGj_L-VUJNZzBTj2odn2h5p7SVB4bA-7C583xOmuqx031cFctz42kki_XImZcNCbi0Q-JaCb62hHOCzJoIB9QTpUCEQp8s56XUwPruqJBgcJpq13RCdZlRaQa7pn1XixbrdOtGgY0OGGv8M0uAjNfEzjb5gcnbvN7vhU2L4SjGfVU21k6XyHoRVyJ1rMyl1V-4y-mBwYr9XQuVnpEumER6QkG7oiJ1Jv52wMoesMKfZupr5s_fLfVBe3VtVNd6eEUowOebbbZQNMKWrj6eL9klzLNDz8MuOx-NTr-4NPI2PhkqDfOErPIMDwVSc1gk5gmfD6g6Qe-rO7QzFT2AQbOHAJLECQfUVlbjqHuBvMTdK5tiSr9FgmhHEFmDO4lwLHalDmWK3mqpU%2C
Requested by: Host: riadbtc.top
URL: http://riadbtc.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.55.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 95.55.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.onclickperformance.com/ad/display.php?stamat=m%7C%2C4Y2and2JqB1dAN0dEdHP3xP.7d3%2CTuo6O6WqAf9d0BILpW7O18RkpUdGhWHdkeNLC-83C030K0gSyiHrDDCP8L5Oil51CW_gsivJMRPVfVbrDf3Wyo2oWDL8eyXzScPIXKDotFs%2C&cbrandom=0.7284783831353117&cbtitle=&cbiframe=1&cbWidth=300&cbHeight=250&cbdescription=&cbkeywords=&cbref=http%3A%2F%2Friadbtc.top%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 16 Aug 2021 13:33:20 GMT
via: 1.1 google
referrer-policy: no-referrer
server: openresty
alt-svc: clear

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bitcoinad.io/	1970-01-19 20:32:02	Name: __cf_bm Value: 02d25081270809a457adc04f7c912f4fd013c570-1629120798-1800-AUg/1WTDNKnUd6tzVijgDDqiqkgF+AXG3H8A6kIe1xdn+iTQ7CGzgK9xikNqsfDk27n77FmB/lBr7AHSASOYk49NMQ+ZakmasXN6RiT8ZnWKDmtT0z/WJxisiN7Pzb9b+Z1oFKI2vzgdQjgBe0Z3hio=
ayelads.xyz/	1970-01-19 20:32:04	Name: eaUyD0l Value: %7B%22dataTag%22%3A%7B%22username%22%3A%22riad1234%22%2C%22site%22%3A%223454%22%2C%22domain%22%3A%22riadbtc.top%22%2C%22startG%22%3A%220%22%2C%22tag%22%3A%22eaUyD0l%22%2C%22status%22%3A%22Active%22%2C%22country%22%3A%22ZZ%22%2C%22device%22%3A%22Desktop%22%2C%22category%22%3A%2234%22%2C%22size%22%3A%22728x90%22%2C%22banners%22%3A%7B%22rt%22%3A%5B3%2C4%2C5%2C6%5D%2C%22id%22%3A%5B%222084%22%2C%222192%22%2C%222198%22%2C%222237%22%5D%7D%2C%22tRotate%22%3A6%2C%22referral%22%3A%5Bnull%2Cnull%5D%7D%7D
riadbtc.top/	1970-01-20 05:17:36	Name: HstCnv4531111 Value: 1
riadbtc.top/	1970-01-20 05:17:36	Name: HstCns4531111 Value: 1
riadbtc.top/	1970-01-20 05:17:36	Name: HstPt4531111 Value: 1
ayelads.xyz/	1970-01-19 20:32:04	Name: AYID Value: %7B%22sec_to_refresh%22%3A5%2C%22time_ads%22%3A1629120798%2C%22ads_viewed%22%3A%5B%5D%7D
riadbtc.top/	1970-01-20 05:17:36	Name: HstPn4531111 Value: 1
riadbtc.top/	1970-01-20 05:17:36	Name: HstCla4531111 Value: 1629120797437
riadbtc.top/	1970-01-20 05:17:36	Name: HstCmu4531111 Value: 1629120797437
riadbtc.top/	1970-01-20 05:17:36	Name: HstCfa4531111 Value: 1629120797437
.cryptocoinsad.com/	1970-01-19 20:32:02	Name: __cf_bm Value: 3cb743c8a517ba7291c14bba2582edcd4fdd65c5-1629120797-1800-Ae2qSdodVmUeS8uLHV6bRCjLIv3wQjP0sDbdjJSirenSVLQNTXnGB4QmYaEbRLtn3JKNzi7sDv0+L6LlPhmoNiA=
riadbtc.top/	1970-01-19 20:32:07	Name: ci_session Value: 3dce8ae7bb7cba18de7241f9e30e5ff8a1cdec29
riadbtc.top/	1970-01-19 20:32:07	Name: csrf_cookie_name Value: 0b9408fcad7f6b5de868dc686d2cad17

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.a-ads.com
adoto.net
adpays.net
ayelads.com
ayelads.xyz
bitcoinad.io
cdn.jsdelivr.net
crrepo.com
cryptocoinsad.com
fonts.googleapis.com
fonts.gstatic.com
riadbtc.top
s10.histats.com
s4.histats.com
static.a-ads.com
static.surfe.pro
surfe.pro
www.googletagmanager.com
www.onclickperformance.com
136.243.77.172
144.76.28.254
162.0.234.104
162.0.235.241
162.0.235.250
192.99.8.34
195.201.242.31
213.239.209.209
2606:4700:20::681a:4a4
2606:4700:3035::6815:49ef
2606:4700:3035::ac43:d116
2606:4700:3035::ac43:d5f3
2606:4700:3038::6815:eb72
2a00:1450:4001:803::2008
2a00:1450:4001:810::2003
2a00:1450:4001:830::200a
2a04:4e42:3::485
35.190.55.95
46.105.201.240
0047f2b4e58d50cd286045db5a9a694d843c551e96e92f7bcd10bf2e111149f2
06f3af3fe52542d40ad9bc14ec03e04deaabd09ec369221cc8f536db1c72bf55
0ae5a8e9180ea6e9166251167be540174bead8322ce883aa071949d86d277bb1
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
1ebfb232be8f0669147ffd79ac8aebb42bc8f5b178f283d3bd6dc306e316a28e
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2ea328f56987375536c2e37e70eb662c6ad1547543e2865aca2f978db1ca1091
3675f226f985b64eea6ae8544d5496a32d19993aae1ac4a3fa101263ef3206f7
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff
3d9abf8e4e4c59724c8890d13b23732f3eb51d78eda1716050cc5d71e69bd4cd
45601a8b83b666c47c14d3535bfba2fae9c85f13e0e47342e5e60b27a930daab
491533b86250be4876b8d829bbb5bdad909bf9386fe02c2879d9be91fe844f1c
505771d35db47c504102a0238021bafd4446f91013b9eaa671b3df29ed2175e7
51a6d9c0cc3fe2f68e49c45f536d6a2581eddd13862021139a780ef2e24b8183
528e33419e29c8be2102547be315ee49c1dc8ddfc14bdcbf0113552ad46f4182
5613fbea2e0d57b29b9fe5a39c67aa90e163b8820012221a96577e651383fc9d
585144583c00175d5db3c803aad596264d87ab802994c6fa72ed17d37527f041
5c95091c7760ec9cc5b58e31a7a23088a3bcae574c67034ae62df0d1bc804960
622b2acb1b2c8d4eba45b028583b297a195b839f4684fc02d6906c84779f763d
657bdbb09a4fed3eac02a1f12fb45d9d1b49017864a8db5d6faf4b34239393c0
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
6948bf50e6bfbf40397d2c59549bc27974145fe696228ed533e1b71d7265bddc
6cc817f1d838aff9f5014b6da31e2563317d5439ac3ed7073ae014a95e8bee84
726f449314a21b2062a33e5141b25d8969751d9a3126a27c7ca3d472b4ac9fb1
73f4147afb0d04922c2cc34678466ff76f6ec16d36ed8d62dd6cb13d5090b9f4
74e486211d46fe3f07f230ae40a0c6891239a8fb7666290496913542a2dfe29c
826d0c086f522c68317aec1b39946ea16141f16308781861344d80154759fa22
82982ae2028dec1cc91108778da7a22c0ade495f080b29437d5ec6f11ace63e2
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7
986d57e1d370ad2037020cc84ba00458a3a1f264f0866eb9355ab5c4acfd98cd
997d968621d97121b423e07a7188084805214b3d2a874d576cc5b795686dac7d
a3caed62a1e0d87142db5c8c39d43a61cf0679700fdf6dffc6598f35242da762
b0eae03d73f7d836021034da79be04bd475cbea80a4fa11e0fb2e3152788dab8
b14ef09e5d084f7cb785998d54d37e486619c9b9527e72776a7c9d2b7e85c828
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d42f042ed608b6961fa3d30ecbf836e83c9f107e6aebe828e7fb8cafaa98b16e
d8a2fc19b3c25b470b6b7a2cb69be14e22328bc0bf9adfe709f0b1477fc61525
dd543ef6ce24d59d604e0c9a7161353469d47d3d06fab9dbb4dea788e2c8df69
dd6541e35adb01764721580d7fa2d5911b8e0cb46d0902596f50b7d784d615ae
df68e90250b9a60fc184ef194d1769d3af8aa67396cc064281cb77e2ef6bf876
e12fd6ea255c22b12877d9bb3e9b36458ec129d59f366cd902973e3a4bd21afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0031085953a8e1a28dd0e31010fbf32da09b4aae08829432e7982bd166dc679
f65dd0ed5ab0097e2cb276b346ccfaddb2a9134c9278af39c6a24cd821fce06f
f9723c1acdd98a87deafb47078e18b296c5e341b27ce3d5735398ee8a33626eb
ffc5e59f0019eb6398f1220edee38683c3ef102aa7e7536a4e8d8c12b7e71269

riadbtc.top Open in urlscan Pro 136.243.77.172 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

48 Requests

79 %HTTPS

47 %IPv6

16 Domains

19 Subdomains

20 IPs

4 Countries

1752 kBTransfer

2703 kBSize

13 Cookies

1 Outgoing links

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

riadbtc.top Open in urlscan Pro
136.243.77.172 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

79 %
HTTPS

47 %
IPv6

16
Domains

19
Subdomains

20
IPs

4
Countries

1752 kB
Transfer

2703 kB
Size

13
Cookies

48 HTTP transactions
2 data transactions