urlscan.io logo urlscan.io
SecurityTrails logo

paidtoclick.xyz Open in urlscan Pro
2606:4700:30::6812:2025  Public Scan

Go To Rescan Add Verdict Report
URL: http://paidtoclick.xyz/
Submission: On February 02 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 5 countries across 10 domains to perform 22 HTTP transactions. The main IP is 2606:4700:30::6812:2025, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is paidtoclick.xyz.
This is the only time paidtoclick.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2606:4700:30:... 13335 (CLOUDFLAR...)
9 2606:4700:30:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 54.192.216.5 16509 (AMAZON-02)
1 2606:2800:134... 15133 (EDGECAST)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 69.16.175.42 20446 (HIGHWINDS3)
1 151.101.120.193 54113 (FASTLY)
1 74.127.62.18 7393 (CYBERCON)
1 104.103.82.125 16625 (AKAMAI-AS)
1 2 88.212.201.197 39134 (UNITEDNET)
22 12
2    2606:4700:30::6812:2025 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
paidtoclick.xyz
9    2606:4700:30::6812:2125 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
paidtoclick.xyz
2    2a00:1450:4001:806::2016 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
i.ytimg.com
1    54.192.216.5 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-192-216-5.mrs50.r.cloudfront.net
images-na.ssl-images-amazon.com
1    2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
pbs.twimg.com
1    2a02:26f0:6c00:2a1::1b58 (European Union)

ASN20940 (AKAMAI-ASN1, US)
imag.malavida.com
2    69.16.175.42 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: hwcdn.net
windows-cdn.softpedia.com
1    151.101.120.193 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
i.imgur.com
1    74.127.62.18 (Saint Louis, United States)

ASN7393 (CYBERCON - CYBERCON, INC., US)
images.cyberimg.com
1    104.103.82.125 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-103-82-125.deploy.static.akamaitechnologies.com
docs.microsoft.com
2    88.212.201.197 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host197.rax.ru
counter.yadro.ru
Domain Requested by
11 paidtoclick.xyz paidtoclick.xyz
2 counter.yadro.ru 1 redirects paidtoclick.xyz
2 windows-cdn.softpedia.com paidtoclick.xyz
2 i.ytimg.com paidtoclick.xyz
1 docs.microsoft.com paidtoclick.xyz
1 images.cyberimg.com paidtoclick.xyz
1 i.imgur.com paidtoclick.xyz
1 imag.malavida.com paidtoclick.xyz
1 pbs.twimg.com paidtoclick.xyz
1 images-na.ssl-images-amazon.com paidtoclick.xyz
22 10

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru
Subject Issuer Validity Valid
edgestatic.com
Google Internet Authority G3		 2019-01-15 -
2019-04-09		 3 months crt.sh
Images-na.ssl-images-amazon.com
DigiCert Global CA G2		 2018-05-30 -
2019-07-19		 a year crt.sh
*.twimg.com
DigiCert SHA2 High Assurance Server CA		 2018-11-19 -
2019-11-27		 a year crt.sh
malavida.com
COMODO RSA Domain Validation Secure Server CA		 2018-06-10 -
2020-06-09		 2 years crt.sh
*.softpedia.com
DigiCert SHA2 Secure Server CA		 2017-11-14 -
2019-03-08		 a year crt.sh
*.imgur.com
DigiCert SHA2 Secure Server CA		 2018-12-14 -
2020-02-12		 a year crt.sh
docs.microsoft.com
Microsoft IT TLS CA 2		 2018-02-10 -
2020-02-10		 2 years crt.sh

This page contains 1 frames:

Primary Page: http://paidtoclick.xyz/
Frame ID: C53194956E47F7C2070E3DBE52ED36F3
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • script /\/wp-includes\//i
  • meta generator /WordPress( [\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • script /\/wp-includes\//i
  • meta generator /WordPress( [\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

22
Requests

41 %
HTTPS

45 %
IPv6

10
Domains

10
Subdomains

12
IPs

5
Countries

579 kB
Transfer

731 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • http://counter.yadro.ru/hit?t26.12;r;s1600*1200*24;uhttp%3A//paidtoclick.xyz/;hFILES%20PORTAL%20-%20paidtoclick.xyz;0.6605126364458966 HTTP 302
  • http://counter.yadro.ru/hit?q;t26.12;r;s1600*1200*24;uhttp%3A//paidtoclick.xyz/;hFILES%20PORTAL%20-%20paidtoclick.xyz;0.6605126364458966

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
paidtoclick.xyz/ 		26 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://paidtoclick.xyz/
Protocol
HTTP/1.1
Server
2606:4700:30::6812:2025 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
48274ac0a692a5db54d3135df157a668eb053dfc7b746cc85e7381340e7e6df1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
paidtoclick.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 02 Feb 2019 18:18:40 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d1a8e3f362bdacaec7ec0cb6127bb57f51549131519; expires=Sun, 02-Feb-20 18:18:39 GMT; path=/; domain=.paidtoclick.xyz; HttpOnly
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Server
cloudflare
CF-RAY
4a2ea95c06fd97fe-FRA
Content-Encoding
gzip
custom-fonts.css
paidtoclick.xyz/wp-content/themes/maxwell/assets/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://paidtoclick.xyz/wp-content/themes/maxwell/assets/css/custom-fonts.css?ver=20180413
Requested by
Host: paidtoclick.xyz
URL: http://paidtoclick.xyz/
Protocol
HTTP/1.1
Server
2606:4700:30::6812:2025 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f9f72e277fa76d8468cd73a5cb94dea2e98e9c8276614694c0d6c11359d180b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
paidtoclick.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://paidtoclick.xyz/
Cookie
__cfduid=d1a8e3f362bdacaec7ec0cb6127bb57f51549131519
Connection
keep-alive
Cache-Control
no-cache
Referer
http://paidtoclick.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 02 Feb 2019 18:18:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
CF-Cache-Status
REVALIDATED
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 23 Dec 2018 16:03:04 GMT
Server
cloudflare
X-Frame-Options
SAMEORIGIN
ETag
W/"5c1fb1b8-eb6"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=14400
CF-RAY
4a2ea960a10197fe-FRA
Expires
Sat, 02 Feb 2019 22:18:40 GMT
style.css
paidtoclick.xyz/wp-content/themes/maxwell/ 		52 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://paidtoclick.xyz/wp-content/themes/maxwell/style.css?ver=1.7.1
Requested by
Host: paidtoclick.xyz
URL: http://paidtoclick.xyz/
Protocol
HTTP/1.1
Server
2606:4700:30::6812:2125 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd680779b7e1882743308b48c65a3f7475401cf7ebaae8f359a740f8b71ff74a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
paidtoclick.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://paidtoclick.xyz/
Cookie
__cfduid=d1a8e3f362bdacaec7ec0cb6127bb57f51549131519
Connection
keep-alive
Cache-Control
no-cache
Referer
http://paidtoclick.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 02 Feb 2019 18:18:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
CF-Cache-Status
REVALIDATED
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 23 Dec 2018 16:03:06 GMT
Server
cloudflare
X-Frame-Options
SAMEORIGIN
ETag
W/"5c1fb1ba-cee1"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=14400
CF-RAY
4a2ea960b4a297da-FRA
Expires
Sat, 02 Feb 2019 22:18:40 GMT
genericons.css
paidtoclick.xyz/wp-content/themes/maxwell/assets/genericons/ 		28 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://paidtoclick.xyz/wp-content/themes/maxwell/assets/genericons/genericons.css?ver=3.4.1
Requested by
Host: paidtoclick.xyz
URL: http://paidtoclick.xyz/
Protocol
HTTP/1.1
Server
2606:4700:30::6812:2125 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
paidtoclick.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://paidtoclick.xyz/
Cookie
__cfduid=d1a8e3f362bdacaec7ec0cb6127bb57f51549131519
Connection
keep-alive
Cache-Control
no-cache
Referer
http://paidtoclick.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 02 Feb 2019 18:18:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
CF-Cache-Status
REVALIDATED
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 23 Dec 2018 16:03:06 GMT
Server
cloudflare
X-Frame-Options
SAMEORIGIN
ETag
W/"5c1fb1ba-6e6a"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=14400
CF-RAY
4a2ea960a2febead-FRA
Expires
Sat, 02 Feb 2019 22:18:40 GMT
jquery.js
paidtoclick.xyz/wp-includes/js/jquery/ 		95 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://paidtoclick.xyz/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: paidtoclick.xyz
URL: http://paidtoclick.xyz/
Protocol
HTTP/1.1
Server
2606:4700:30::6812:2125 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
paidtoclick.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://paidtoclick.xyz/
Cookie
__cfduid=d1a8e3f362bdacaec7ec0cb6127bb57f51549131519
Connection
keep-alive
Cache-Control
no-cache
Referer
http://paidtoclick.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 02 Feb 2019 18:18:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
CF-Cache-Status
REVALIDATED
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 23 Dec 2018 16:03:06 GMT
Server
cloudflare
X-Frame-Options
SAMEORIGIN
ETag
W/"5c1fb1ba-17ba0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=14400
CF-RAY
4a2ea960b3ac97e0-FRA
Expires
Sat, 02 Feb 2019 22:18:40 GMT
jquery-migrate.min.js
paidtoclick.xyz/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://paidtoclick.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: paidtoclick.xyz
URL: http://paidtoclick.xyz/
Protocol
HTTP/1.1
Server
2606:4700:30::6812:2125 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
paidtoclick.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://paidtoclick.xyz/
Cookie
__cfduid=d1a8e3f362bdacaec7ec0cb6127bb57f51549131519
Connection
keep-alive
Cache-Control
no-cache
Referer
http://paidtoclick.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 02 Feb 2019 18:18:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
CF-Cache-Status
REVALIDATED
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 23 Dec 2018 16:03:06 GMT
Server
cloudflare
X-Frame-Options
SAMEORIGIN
ETag
W/"5c1fb1ba-2748"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=14400
CF-RAY
4a2ea960b60697e6-FRA
Expires
Sat, 02 Feb 2019 22:18:40 GMT
navigation.js
paidtoclick.xyz/wp-content/themes/maxwell/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://paidtoclick.xyz/wp-content/themes/maxwell/assets/js/navigation.js?ver=20160719
Requested by
Host: paidtoclick.xyz
URL: http://paidtoclick.xyz/
Protocol
HTTP/1.1
Server
2606:4700:30::6812:2125 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a92e6cd6b69b197a79a53014fc58ce8a2102273cc9754889abbe23604ec5686
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
paidtoclick.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://paidtoclick.xyz/
Cookie
__cfduid=d1a8e3f362bdacaec7ec0cb6127bb57f51549131519
Connection
keep-alive
Cache-Control
no-cache
Referer
http://paidtoclick.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 02 Feb 2019 18:18:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
CF-Cache-Status
REVALIDATED
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 23 Dec 2018 16:03:06 GMT
Server
cloudflare
X-Frame-Options
SAMEORIGIN
ETag
W/"5c1fb1ba-1493"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=14400
CF-RAY
4a2ea960a7dfbeb7-FRA
Expires
Sat, 02 Feb 2019 22:18:40 GMT
maxresdefault.jpg
i.ytimg.com/vi/0XVweyoy42Y/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/0XVweyoy42Y/maxresdefault.jpg
Requested by
Host: paidtoclick.xyz
URL: http://paidtoclick.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:806::2016 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
d07a65e57d0851be9cdb05389255337beb13d670f8eab260b478b7c39d6c0dde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://paidtoclick.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 18:18:40 GMT
x-content-type-options
nosniff
server
sffe
etag
"0"
content-type
image/jpeg
status
200
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
https://imasdk.googleapis.com
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
50371
x-xss-protection
1; mode=block
expires
Sat, 02 Feb 2019 20:18:40 GMT
91LAkXrOFCL._SX355_.jpg
images-na.ssl-images-amazon.com/images/I/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-na.ssl-images-amazon.com/images/I/91LAkXrOFCL._SX355_.jpg
Requested by
Host: paidtoclick.xyz
URL: http://paidtoclick.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.192.216.5 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-216-5.mrs50.r.cloudfront.net
Software
Server /
Resource Hash
1e51c7822efe5bee4ed55405fa1cc9917e71a376d82d009d9eeb9f871c11c531

Request headers

Referer
http://paidtoclick.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 18:18:40 GMT
via
1.1 f3a7bdb1bd729575da1aaed21137b31e.cloudfront.net (CloudFront)
last-modified
Wed, 26 Jun 2013 10:25:38 GMT
server
Server
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=630720000,public
x-amz-ir-id
e58f6733-de59-4f50-ade7-c2b544d0943c
timing-allow-origin
https://www.amazon.com
content-length
16041
x-amz-cf-id
7xWu2ZB_IasXwQI2pfzgzuMvtTRQaqmWz1OTD-fmu9hv3YTfS4mYoA==
expires
Fri, 28 Jan 2039 18:18:40 GMT
CnEYF5EXgAAw-7g.jpg
pbs.twimg.com/media/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/CnEYF5EXgAAw-7g.jpg
Requested by
Host: paidtoclick.xyz
URL: http://paidtoclick.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/419A) /
Resource Hash
0ebd86b8b4d7ca7e0508754fd5d3eb388430c4f061efd84c683b8908b462d35b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://paidtoclick.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time
124
date
Sat, 02 Feb 2019 18:18:40 GMT
x-content-type-options
nosniff
surrogate-key
media media/bucket/3 media/752409102245134336
last-modified
Mon, 11 Jul 2016 07:46:03 GMT
server
ECS (fcn/419A)
access-control-allow-origin
*
x-cache
MISS
content-type
image/jpeg
status
200
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
b747da6defcfb19237b7e21ef3cc6442
accept-ranges
bytes
content-length
31207
xvi32-8720-1.jpg
imag.malavida.com/mvimgbig/download-fs/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imag.malavida.com/mvimgbig/download-fs/xvi32-8720-1.jpg
Requested by
Host: paidtoclick.xyz
URL: http://paidtoclick.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2a1::1b58 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
b99199085c06995ed623d5262d18b93965b29f5b3f128f17cde635241d476ac0
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

Referer
http://paidtoclick.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 18:18:40 GMT
last-modified
Wed, 11 Apr 2018 11:22:51 GMT
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/jpeg
status
200
cache-control
max-age=7689483
accept-ranges
bytes
content-length
64432
expires
Thu, 02 May 2019 18:16:43 GMT
OllyDbg_4.png
windows-cdn.softpedia.com/screenshots/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windows-cdn.softpedia.com/screenshots/OllyDbg_4.png
Requested by
Host: paidtoclick.xyz
URL: http://paidtoclick.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
e9b3eb4148242c844d29d29bd4227350511f6ae8a2c1e55d5b9e6737343cc0c4

Request headers

Referer
http://paidtoclick.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 02 Feb 2019 18:18:40 GMT
Last-Modified
Tue, 01 Oct 2013 09:55:59 GMT
ETag
"1380621359"
X-HW
1549131520.dop006.pa1.t,1549131520.cds021.pa1.shn,1549131520.dop006.pa1.t,1549131520.cds021.pa1.p
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
66422
winbubble_13.png
windows-cdn.softpedia.com/screenshots/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windows-cdn.softpedia.com/screenshots/winbubble_13.png
Requested by
Host: paidtoclick.xyz
URL: http://paidtoclick.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
42a7ecbc3729f857258e3bed4ae9bc377a4ab6ec6e4aad38f53e69a72c68f7ce

Request headers

Referer
http://paidtoclick.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 02 Feb 2019 18:18:41 GMT
Last-Modified
Wed, 21 Dec 2016 16:14:30 GMT
ETag
"1482336870"
X-HW
1549131520.dop006.pa1.t,1549131520.cds008.pa1.shn,1549131520.dop006.pa1.t,1549131521.cds035.pa1.p
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
72275
Tsw3e93.png
i.imgur.com/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/Tsw3e93.png
Requested by
Host: paidtoclick.xyz
URL: http://paidtoclick.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
8a28c7b12c545d7c3a75a6d899992e6d366c173ec473e07277294a92751f33e4

Request headers

Referer
http://paidtoclick.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 18:18:40 GMT
age
0
x-cache
MISS, MISS
status
200
content-length
58697
x-served-by
cache-bwi5129-BWI, cache-cdg20728-CDG
last-modified
Mon, 09 Mar 2015 22:14:09 GMT
server
cat factory 1.0
x-timer
S1549131520.282924,VS0,VE124
etag
"276b08ccd74a4fbf801768e5a167532c"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
0, 0
ini_G1XxxG.jpg
images.cyberimg.com/iphone/2013/09/21/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://images.cyberimg.com/iphone/2013/09/21/ini_G1XxxG.jpg
Requested by
Host: paidtoclick.xyz
URL: http://paidtoclick.xyz/
Protocol
HTTP/1.1
Server
74.127.62.18 Saint Louis, United States, ASN7393 (CYBERCON - CYBERCON, INC., US),
Reverse DNS
Software
nginx /
Resource Hash
6399ea3c1e579b5735e357e158b663df436eb3dd00596c6055eaa1b4fc5552f3

Request headers

Referer
http://paidtoclick.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 02 Feb 2019 18:18:41 GMT
Last-Modified
Sun, 22 Sep 2013 05:44:27 GMT
Server
nginx
X-Cache
MISS from ImageGroup_UTT_61.com
Content-Type
image/jpeg
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
44485
Expires
Sun, 03 Feb 2019 18:18:41 GMT
hqdefault.jpg
i.ytimg.com/vi/Cv8tDtgdJGg/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/Cv8tDtgdJGg/hqdefault.jpg
Requested by
Host: paidtoclick.xyz
URL: http://paidtoclick.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:806::2016 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ed6dce66e7e71a46cab8006bdee80dbdc65323d598146e0b75d69dda0aedf665
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://paidtoclick.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 18:18:40 GMT
x-content-type-options
nosniff
server
sffe
etag
"1417342853"
content-type
image/jpeg
status
200
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
https://imasdk.googleapis.com
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
14692
x-xss-protection
1; mode=block
expires
Sat, 02 Feb 2019 20:18:40 GMT
20130618_Zoomit_v4.5.jpg
docs.microsoft.com/en-us/media/landing/sysinternals/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://docs.microsoft.com/en-us/media/landing/sysinternals/20130618_Zoomit_v4.5.jpg
Requested by
Host: paidtoclick.xyz
URL: http://paidtoclick.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.103.82.125 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-103-82-125.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
597cb03aa81d488b36f1aab9853889864e10e14372fd32a27a79be862130b0d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://paidtoclick.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
status
200
content-length
31933
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
x-rendering-stack
Static
last-modified
Mon, 30 Jul 2018 22:45:27 GMT
x-datacenter
wus
date
Sat, 02 Feb 2019 18:18:40 GMT
x-frame-options
DENY
content-type
image/jpeg
x-cache-hit
true
cache-control
public, max-age=600
etag
"0x8D5F66E24FEC3D0"
request-context
appId=cid-v1:21aee9e4-1cf5-4750-b2bd-78b2747f4211
expires
Sat, 02 Feb 2019 18:28:40 GMT
wp-embed.min.js
paidtoclick.xyz/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://paidtoclick.xyz/wp-includes/js/wp-embed.min.js?ver=4.8
Requested by
Host: paidtoclick.xyz
URL: http://paidtoclick.xyz/
Protocol
HTTP/1.1
Server
2606:4700:30::6812:2125 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
paidtoclick.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://paidtoclick.xyz/
Cookie
__cfduid=d1a8e3f362bdacaec7ec0cb6127bb57f51549131519
Connection
keep-alive
Cache-Control
no-cache
Referer
http://paidtoclick.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 02 Feb 2019 18:18:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
CF-Cache-Status
REVALIDATED
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 23 Dec 2018 16:03:06 GMT
Server
cloudflare
X-Frame-Options
SAMEORIGIN
ETag
W/"5c1fb1ba-576"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=14400
CF-RAY
4a2ea96103df97e0-FRA
Expires
Sat, 02 Feb 2019 22:18:40 GMT
titillium-web-v6-latin-ext_latin-regular.woff2
paidtoclick.xyz/wp-content/themes/maxwell/assets/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://paidtoclick.xyz/wp-content/themes/maxwell/assets/fonts/titillium-web-v6-latin-ext_latin-regular.woff2
Requested by
Host: paidtoclick.xyz
URL: http://paidtoclick.xyz/
Protocol
HTTP/1.1
Server
2606:4700:30::6812:2125 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
10a0b293d1d46ce9853549ea0dbecb22208e19c9a78ac6a024e7b2642a657e82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Origin
http://paidtoclick.xyz
Accept-Encoding
gzip, deflate
Host
paidtoclick.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://paidtoclick.xyz/wp-content/themes/maxwell/assets/css/custom-fonts.css?ver=20180413
Cookie
__cfduid=d1a8e3f362bdacaec7ec0cb6127bb57f51549131519
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://paidtoclick.xyz/wp-content/themes/maxwell/assets/css/custom-fonts.css?ver=20180413
Origin
http://paidtoclick.xyz

Response headers

Date
Sat, 02 Feb 2019 18:18:40 GMT
X-Content-Type-Options
nosniff
CF-Cache-Status
REVALIDATED
Last-Modified
Sun, 23 Dec 2018 16:03:04 GMT
Server
cloudflare
ETag
"4664-57db29d85de00"
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4a2ea961131fbead-FRA
Vary
Accept-Encoding
Content-Length
18020
X-XSS-Protection
1; mode=block
Expires
Sat, 02 Feb 2019 22:18:40 GMT
amaranth-v8-latin-700.woff2
paidtoclick.xyz/wp-content/themes/maxwell/assets/fonts/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://paidtoclick.xyz/wp-content/themes/maxwell/assets/fonts/amaranth-v8-latin-700.woff2
Requested by
Host: paidtoclick.xyz
URL: http://paidtoclick.xyz/
Protocol
HTTP/1.1
Server
2606:4700:30::6812:2125 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4f909ccf835d88cd11cf1762e54114bc19d4e983c3539d5bde35f4146dc6c49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Origin
http://paidtoclick.xyz
Accept-Encoding
gzip, deflate
Host
paidtoclick.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://paidtoclick.xyz/wp-content/themes/maxwell/assets/css/custom-fonts.css?ver=20180413
Cookie
__cfduid=d1a8e3f362bdacaec7ec0cb6127bb57f51549131519
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://paidtoclick.xyz/wp-content/themes/maxwell/assets/css/custom-fonts.css?ver=20180413
Origin
http://paidtoclick.xyz

Response headers

Date
Sat, 02 Feb 2019 18:18:40 GMT
X-Content-Type-Options
nosniff
CF-Cache-Status
REVALIDATED
Last-Modified
Sun, 23 Dec 2018 16:03:04 GMT
Server
cloudflare
ETag
"59a8-57db29d85de00"
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4a2ea96114ce97da-FRA
Vary
Accept-Encoding
Content-Length
22952
X-XSS-Protection
1; mode=block
Expires
Sat, 02 Feb 2019 22:18:40 GMT
titillium-web-v6-latin-ext_latin-700.woff2
paidtoclick.xyz/wp-content/themes/maxwell/assets/fonts/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://paidtoclick.xyz/wp-content/themes/maxwell/assets/fonts/titillium-web-v6-latin-ext_latin-700.woff2
Requested by
Host: paidtoclick.xyz
URL: http://paidtoclick.xyz/
Protocol
HTTP/1.1
Server
2606:4700:30::6812:2125 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
10e231d670dd23dbbc9e0824e99346477a799a361c755389654ca2ff2aeed499
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Origin
http://paidtoclick.xyz
Accept-Encoding
gzip, deflate
Host
paidtoclick.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://paidtoclick.xyz/wp-content/themes/maxwell/assets/css/custom-fonts.css?ver=20180413
Cookie
__cfduid=d1a8e3f362bdacaec7ec0cb6127bb57f51549131519
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://paidtoclick.xyz/wp-content/themes/maxwell/assets/css/custom-fonts.css?ver=20180413
Origin
http://paidtoclick.xyz

Response headers

Date
Sat, 02 Feb 2019 18:18:40 GMT
X-Content-Type-Options
nosniff
CF-Cache-Status
REVALIDATED
Last-Modified
Sun, 23 Dec 2018 16:03:04 GMT
Server
cloudflare
ETag
"4300-57db29d85de00"
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4a2ea961100fbeb7-FRA
Vary
Accept-Encoding
Content-Length
17152
X-XSS-Protection
1; mode=block
Expires
Sat, 02 Feb 2019 22:18:40 GMT
truncated
/ 		14 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
970a3fa15876d16dcc0fd70eb7c9ab44d733108b3ddca1a449edd0356c1b79a7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://paidtoclick.xyz/wp-content/themes/maxwell/assets/genericons/genericons.css?ver=3.4.1
Origin
http://paidtoclick.xyz

Response headers

Content-Type
application/x-font-woff;charset=utf-8
hit
counter.yadro.ru/
Redirect Chain
  • http://counter.yadro.ru/hit?t26.12;r;s1600*1200*24;uhttp%3A//paidtoclick.xyz/;hFILES%20PORTAL%20-%20paidtoclick.xyz;0.6605126364458966
  • http://counter.yadro.ru/hit?q;t26.12;r;s1600*1200*24;uhttp%3A//paidtoclick.xyz/;hFILES%20PORTAL%20-%20paidtoclick.xyz;0.6605126364458966
119 B
488 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://counter.yadro.ru/hit?q;t26.12;r;s1600*1200*24;uhttp%3A//paidtoclick.xyz/;hFILES%20PORTAL%20-%20paidtoclick.xyz;0.6605126364458966
Requested by
Host: paidtoclick.xyz
URL: http://paidtoclick.xyz/
Protocol
HTTP/1.1
Server
88.212.201.197 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host197.rax.ru
Software
0W/0.8c /
Resource Hash
2dca6d6b3552d6099a0365353ea789b981430b256b3d77c7b26125981f9c8bc6

Request headers

Referer
http://paidtoclick.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Feb 2019 18:18:40 GMT
Server
0W/0.8c
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
Close
Content-Type
image/gif
Content-Length
119
Expires
Thu, 01 Feb 2018 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 02 Feb 2019 18:18:40 GMT
Server
0W/0.8c
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
http://counter.yadro.ru/hit?q;t26.12;r;s1600*1200*24;uhttp%3A//paidtoclick.xyz/;hFILES%20PORTAL%20-%20paidtoclick.xyz;0.6605126364458966
Cache-control
no-cache
Content-Type
text/html
Content-Length
32
Expires
Thu, 01 Feb 2018 21:00:00 GMT

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask undefined| $ function| jQuery string| maxwell_menu_title object| wp

1 Cookies

Domain/Path Name / Value
.paidtoclick.xyz/ Name: __cfduid
Value: d1a8e3f362bdacaec7ec0cb6127bb57f51549131519

1 Console Messages

Source Level URL
Text
console-api log URL: http://paidtoclick.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

counter.yadro.ru
docs.microsoft.com
i.imgur.com
i.ytimg.com
imag.malavida.com
images-na.ssl-images-amazon.com
images.cyberimg.com
paidtoclick.xyz
pbs.twimg.com
windows-cdn.softpedia.com
104.103.82.125
151.101.120.193
2606:2800:134:fa2:1627:1fe:edb:1665
2606:4700:30::6812:2025
2606:4700:30::6812:2125
2a00:1450:4001:806::2016
2a02:26f0:6c00:2a1::1b58
54.192.216.5
69.16.175.42
74.127.62.18
88.212.201.197
0ebd86b8b4d7ca7e0508754fd5d3eb388430c4f061efd84c683b8908b462d35b
10a0b293d1d46ce9853549ea0dbecb22208e19c9a78ac6a024e7b2642a657e82
10e231d670dd23dbbc9e0824e99346477a799a361c755389654ca2ff2aeed499
1e51c7822efe5bee4ed55405fa1cc9917e71a376d82d009d9eeb9f871c11c531
2dca6d6b3552d6099a0365353ea789b981430b256b3d77c7b26125981f9c8bc6
3a92e6cd6b69b197a79a53014fc58ce8a2102273cc9754889abbe23604ec5686
3f9f72e277fa76d8468cd73a5cb94dea2e98e9c8276614694c0d6c11359d180b
42a7ecbc3729f857258e3bed4ae9bc377a4ab6ec6e4aad38f53e69a72c68f7ce
48274ac0a692a5db54d3135df157a668eb053dfc7b746cc85e7381340e7e6df1
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
597cb03aa81d488b36f1aab9853889864e10e14372fd32a27a79be862130b0d3
6399ea3c1e579b5735e357e158b663df436eb3dd00596c6055eaa1b4fc5552f3
8a28c7b12c545d7c3a75a6d899992e6d366c173ec473e07277294a92751f33e4
970a3fa15876d16dcc0fd70eb7c9ab44d733108b3ddca1a449edd0356c1b79a7
b99199085c06995ed623d5262d18b93965b29f5b3f128f17cde635241d476ac0
cd680779b7e1882743308b48c65a3f7475401cf7ebaae8f359a740f8b71ff74a
d07a65e57d0851be9cdb05389255337beb13d670f8eab260b478b7c39d6c0dde
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
e4f909ccf835d88cd11cf1762e54114bc19d4e983c3539d5bde35f4146dc6c49
e9b3eb4148242c844d29d29bd4227350511f6ae8a2c1e55d5b9e6737343cc0c4
ed6dce66e7e71a46cab8006bdee80dbdc65323d598146e0b75d69dda0aedf665
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e