urlscan.io logo urlscan.io
SecurityTrails logo

cryptomine.live Open in urlscan Pro
185.26.98.159  Public Scan

Go To Rescan Add Verdict Report
URL: http://cryptomine.live/
Submission Tags: phish.gg anti.fish automated Search All
Submission: On July 06 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 3 countries across 15 domains to perform 53 HTTP transactions. The main IP is 185.26.98.159, located in Frankfurt am Main, Germany and belongs to DE-FIRSTCOLO www.first-colo.net, DE. The main domain is cryptomine.live.
This is the only time cryptomine.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 185.26.98.159 44066 (DE-FIRSTC...)
6 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 9 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2 15.235.118.190 16276 (OVH)
12 148.251.192.72 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 173.233.137.44 7979 (SERVERS-COM)
1 54.39.128.117 16276 (OVH)
1 5 63.250.38.64 22612 (NAMECHEAP...)
1 69.57.162.10 22612 (NAMECHEAP...)
2 162.0.235.250 22612 (NAMECHEAP...)
1 2a00:1450:400... 15169 (GOOGLE)
53 16
13    185.26.98.159 (Frankfurt am Main, Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: hostde18-1.fornex.host
cryptomine.live
6    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
linkslot.ru
claimtokens.net
9    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
adoto.net
2    15.235.118.190 (Canada)

ASN16276 (OVH, FR)
PTR: ns5019653.ip-15-235-118.net
www.websyndic.com
12    148.251.192.72 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.72.192.251.148.clients.your-server.de
ad.a-ads.com
static.a-ads.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:10::6814:41d (United States)

ASN13335 (CLOUDFLARENET, US)
s10.histats.com
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    173.233.137.44 (United States)

ASN7979 (SERVERS-COM, US)
wednesdaynaked.com
1    54.39.128.117 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns561935.ip-54-39-128.net
s4.histats.com
5    63.250.38.64 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: business60-1.web-hosting.com
ads.coinserom.com
app.coinserom.com
www.coinserom.com
1    69.57.162.10 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium264-2.web-hosting.com
ayelads.click
2    162.0.235.250 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium161-4.web-hosting.com
ayelads.com
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
Apex Domain
Subdomains		 Transfer
13 cryptomine.live
cryptomine.live
412 KB
12 a-ads.com
ad.a-ads.com — Cisco Umbrella Rank: 27374
static.a-ads.com — Cisco Umbrella Rank: 41677
1 MB
9 adoto.net
adoto.net — Cisco Umbrella Rank: 861506
132 KB
5 coinserom.com
ads.coinserom.com — Cisco Umbrella Rank: 976603
app.coinserom.com
www.coinserom.com
160 KB
5 linkslot.ru
linkslot.ru — Cisco Umbrella Rank: 403364
47 KB
2 ayelads.com
ayelads.com
21 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 63
21 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 12114
s4.histats.com — Cisco Umbrella Rank: 11961
5 KB
2 websyndic.com
www.websyndic.com
214 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
82 KB
1 ayelads.click
ayelads.click
2 KB
1 wednesdaynaked.com
wednesdaynaked.com
1 claimtokens.net
claimtokens.net
741 B
1 gstatic.com
fonts.gstatic.com
35 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 88
1 KB
53 15
Domain Requested by
13 cryptomine.live cryptomine.live
9 adoto.net 3 redirects cryptomine.live
adoto.net
6 static.a-ads.com ad.a-ads.com
6 ad.a-ads.com cryptomine.live
ayelads.click
5 linkslot.ru cryptomine.live
linkslot.ru
3 ads.coinserom.com 1 redirects cryptomine.live
ads.coinserom.com
2 ayelads.com ayelads.click
2 www.google-analytics.com adoto.net
www.google-analytics.com
2 www.websyndic.com 1 redirects cryptomine.live
1 www.googletagmanager.com www.coinserom.com
1 www.coinserom.com ads.coinserom.com
1 app.coinserom.com ads.coinserom.com
1 ayelads.click cryptomine.live
1 s4.histats.com s10.histats.com
1 wednesdaynaked.com cryptomine.live
1 s10.histats.com adoto.net
1 claimtokens.net adoto.net
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com cryptomine.live
53 19

This site contains links to these domains. Also see Links.

Domain
whitebit.com
www.binance.com
t.me
linkslot.ru
www.websyndic.com
rollercoin.com
Subject Issuer Validity Valid
*.linkslot.ru
E1		 2023-06-25 -
2023-09-23		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-09-25 -
2023-09-25		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
histats.com
R3		 2023-06-06 -
2023-09-04		 3 months crt.sh
ads.coinserom.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-07 -
2024-04-07		 a year crt.sh
ayelads.click
Sectigo RSA Domain Validation Secure Server CA		 2022-11-16 -
2023-11-16		 a year crt.sh
adoto.net
GTS CA 1P5		 2023-06-11 -
2023-09-09		 3 months crt.sh
ayelads.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-01 -
2023-12-23		 a year crt.sh
*.a-ads.com
Sectigo ECC Domain Validation Secure Server CA		 2022-12-21 -
2024-01-21		 a year crt.sh
app.coinserom.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-29 -
2023-12-30		 a year crt.sh
coinserom.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-29 -
2023-12-30		 a year crt.sh

This page contains 11 frames:

Primary Page: http://cryptomine.live/
Frame ID: BA1A43F31330D42880AF6C9810C10FBE
Requests: 29 HTTP requests in this frame

Frame: http://ad.a-ads.com/2214136?size=468x60
Frame ID: 4D23DECE8BA9D45C1A79A0410C8A85DF
Requests: 3 HTTP requests in this frame

Frame: https://ads.coinserom.com/publisher?adsunit=283
Frame ID: C99E47B48D66F8B3038B2B8DEF904D05
Requests: 3 HTTP requests in this frame

Frame: https://ayelads.click/display/items.php?ad=5bdwwcg&s=1&h=728x90
Frame ID: D881B39D505536CACE97D159F367743E
Requests: 3 HTTP requests in this frame

Frame: https://adoto.net/dashboard/display/index.php?page=query/items/&aduid=5692&pid=1532&width=468&height=60&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=728&page_data=abbb753ed1413273fb0929bec2f58ebc&time=1688664791&deliver=cryptomine.live&search_keywords=&page_referrer=aHR0cDovL2NyeXB0b21pbmUubGl2ZS8=&page_title=CRYPTOMINE&meta_description=
Frame ID: 457DB173CDBF470A004D05EF61D9BBF7
Requests: 4 HTTP requests in this frame

Frame: https://ad.a-ads.com/2126707?size=728x90
Frame ID: 817C22AFEFB81A70B6D98AAECEC05B80
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/2126712?size=300x250
Frame ID: F700203C56586065E9619DF3FFF7B7CC
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/2126713?size=468x60
Frame ID: 2D428DF33BC4B40D4469CD6CFB0E24CB
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/2126714?size=160x600
Frame ID: 80D55F9E528C1B86CF765E478C2F51BD
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/2126715?size=320x50
Frame ID: DF2E4985C3B64CD46D23B378957C173A
Requests: 3 HTTP requests in this frame

Frame: https://www.coinserom.com/?sponsore=hello
Frame ID: 1232BA292BFD3D246D83964880B769C2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CRYPTOMINE

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

53
Requests

62 %
HTTPS

47 %
IPv6

15
Domains

19
Subdomains

16
IPs

3
Countries

2016 kB
Transfer

2632 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • http://adoto.net/dashboard/display/items.php?5692&1532&468&60&4&0&0 HTTP 301
  • https://adoto.net/dashboard/display/items.php?5692&1532&468&60&4&0&0
Request Chain 7
  • http://adoto.net/dashboard/display/serve.js HTTP 301
  • https://adoto.net/dashboard/display/serve.js
Request Chain 11
  • http://www.websyndic.com/banners/autosurf.png HTTP 301
  • https://www.websyndic.com/banners/autosurf.png
Request Chain 29
  • http://ads.coinserom.com/publisher?adsunit=283 HTTP 301
  • https://ads.coinserom.com/publisher?adsunit=283
Request Chain 32
  • http://adoto.net/dashboard/display/index.php?page=query/items/&aduid=5692&pid=1532&width=468&height=60&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=728&page_data=abbb753ed1413273fb0929bec2f58ebc&time=1688664791&deliver=cryptomine.live&search_keywords=&page_referrer=aHR0cDovL2NyeXB0b21pbmUubGl2ZS8=&page_title=CRYPTOMINE&meta_description= HTTP 301
  • https://adoto.net/dashboard/display/index.php?page=query/items/&aduid=5692&pid=1532&width=468&height=60&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=728&page_data=abbb753ed1413273fb0929bec2f58ebc&time=1688664791&deliver=cryptomine.live&search_keywords=&page_referrer=aHR0cDovL2NyeXB0b21pbmUubGl2ZS8=&page_title=CRYPTOMINE&meta_description=

53 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
cryptomine.live/ 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://cryptomine.live/
Protocol
HTTP/1.1
Server
185.26.98.159 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
hostde18-1.fornex.host
Software
nginx /
Resource Hash
837bf6f110a6b498819ab1363efe5e0f2bb1b86390a2d412c2b67a9523bf3741
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 06 Jul 2023 17:33:11 GMT
Last-Modified
Mon, 26 Jun 2023 20:36:31 GMT
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
reset.css
cryptomine.live/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cryptomine.live/css/reset.css
Requested by
Host: cryptomine.live
URL: http://cryptomine.live/
Protocol
HTTP/1.1
Server
185.26.98.159 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
hostde18-1.fornex.host
Software
nginx /
Resource Hash
ed555a279183c054222c873e78d92c40b512498e49359b6abfda36048f141988

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cryptomine.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
public
Date
Thu, 06 Jul 2023 17:33:11 GMT
Last-Modified
Sun, 14 May 2023 16:10:41 GMT
Server
nginx
ETag
"64610801-444"
Content-Type
text/css
Cache-Control
max-age=2592000, public, must-revalidate, proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1092
Expires
Sat, 05 Aug 2023 17:33:11 GMT
normalize.css
cryptomine.live/css/ 		0
372 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cryptomine.live/css/normalize.css
Requested by
Host: cryptomine.live
URL: http://cryptomine.live/
Protocol
HTTP/1.1
Server
185.26.98.159 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
hostde18-1.fornex.host
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cryptomine.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
public
Date
Thu, 06 Jul 2023 17:33:11 GMT
Last-Modified
Sun, 14 May 2023 16:10:41 GMT
Server
nginx
ETag
"64610801-0"
Content-Type
text/css
Cache-Control
max-age=2592000, public, must-revalidate, proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
Expires
Sat, 05 Aug 2023 17:33:11 GMT
styles.css
cryptomine.live/css/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cryptomine.live/css/styles.css
Requested by
Host: cryptomine.live
URL: http://cryptomine.live/
Protocol
HTTP/1.1
Server
185.26.98.159 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
hostde18-1.fornex.host
Software
nginx /
Resource Hash
2a9d21316bbbc12508ea2cba0b08a9307398584a27e860c830ef690a2209deef

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cryptomine.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
public
Date
Thu, 06 Jul 2023 17:33:11 GMT
Content-Encoding
gzip
Last-Modified
Sun, 14 May 2023 16:10:41 GMT
Server
nginx
ETag
W/"64610801-4279"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=2592000, public, must-revalidate, proxy-revalidate
Connection
keep-alive
Expires
Sat, 05 Aug 2023 17:33:11 GMT
logo.svg
cryptomine.live/images/ 		1 KB
874 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cryptomine.live/images/logo.svg
Requested by
Host: cryptomine.live
URL: http://cryptomine.live/
Protocol
HTTP/1.1
Server
185.26.98.159 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
hostde18-1.fornex.host
Software
nginx /
Resource Hash
f385bc5c3204343a2bd87c1d1985713d151433f3ba3b84c05c282c8f3c207219

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cryptomine.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
public
Date
Thu, 06 Jul 2023 17:33:11 GMT
Content-Encoding
gzip
Last-Modified
Sun, 14 May 2023 16:10:41 GMT
Server
nginx
ETag
W/"64610801-462"
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
max-age=2592000, public, must-revalidate, proxy-revalidate
Connection
keep-alive
Expires
Sat, 05 Aug 2023 17:33:11 GMT
chevron-right.svg
cryptomine.live/images/ 		930 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cryptomine.live/images/chevron-right.svg
Requested by
Host: cryptomine.live
URL: http://cryptomine.live/
Protocol
HTTP/1.1
Server
185.26.98.159 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
hostde18-1.fornex.host
Software
nginx /
Resource Hash
edfc368b066e853919934f5617f1f33ad19e059716cdaf1c02a36a125c3f0730

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cryptomine.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
public
Date
Thu, 06 Jul 2023 17:33:11 GMT
Last-Modified
Sun, 14 May 2023 16:10:41 GMT
Server
nginx
ETag
"64610801-3a2"
Content-Type
image/svg+xml
Cache-Control
max-age=2592000, public, must-revalidate, proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
930
Expires
Sat, 05 Aug 2023 17:33:11 GMT
bancode.php
linkslot.ru/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode.php?id=353098
Requested by
Host: cryptomine.live
URL: http://cryptomine.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3ee5b29a345693b9a171609dc62719eb7ecfa9e9d01774c372b94441e113ea7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cryptomine.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 17:33:11 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ylLPAErRtOWVQfMIMhJ9%2FHlMCJu39%2BtdEN2VNfG1mGrdeKPEqpay9Tz5BhcNRt6c05BGwem4XlDS%2Fa4Hh2cCqJg%2BOI%2BgdgLY2TO9NLsqw8LxxrbXf%2B0JaN6aPUHVP0Q4Jt3rEhpbSgpy%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cf-ray
7e2997620c34923e-FRA
alt-svc
h3=":443"; ma=86400
items.php
adoto.net/dashboard/display/
Redirect Chain
  • http://adoto.net/dashboard/display/items.php?5692&1532&468&60&4&0&0
  • https://adoto.net/dashboard/display/items.php?5692&1532&468&60&4&0&0
62 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adoto.net/dashboard/display/items.php?5692&1532&468&60&4&0&0
Requested by
Host: cryptomine.live
URL: http://cryptomine.live/
Protocol
H2
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73072438c9f3fb448fe66c8e8d47f04e49c6a6412d2aa39e422d94af2c387867
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cryptomine.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 17:33:12 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 06 Jul 2023 17:33:11 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2BKeNHOGHrmEWbhP32mCwdxXPI0goTrsizujZN6ekSMJ8w%2B2nKv3I87R1i6ZTn9jusXAtDvjtK%2FEV8QsRad0FQmWQBZKsi6u9D%2BKc6S%2FVihPs6SJ9Knh%2BQQ75m7O3jJAiVlmZAaQ32E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7e2997626c4590f2-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 06 Jul 2023 17:33:11 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2IKRUT9liz5Heugfoa7uxtwBn%2BGXzgqdxGQBj26IJWOAGnWzElewTRqDdks3jQGl5RsGIOpwzsUlKLEb18H6NuMOgNbw%2Fe9d5Gs0qksM%2B4sfAf%2BEsNDdpLTGA73L7rx8erlcefEPNrc%3D"}],"group":"cf-nel","max_age":604800}
Location
https://adoto.net/dashboard/display/items.php?5692&1532&468&60&4&0&0
Cache-Control
max-age=3600
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
7e299761ccbe9b67-FRA
alt-svc
h3=":443"; ma=86400
Expires
Thu, 06 Jul 2023 18:33:11 GMT
serve.js
adoto.net/dashboard/display/
Redirect Chain
  • http://adoto.net/dashboard/display/serve.js
  • https://adoto.net/dashboard/display/serve.js
98 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adoto.net/dashboard/display/serve.js
Requested by
Host: cryptomine.live
URL: http://cryptomine.live/
Protocol
H2
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ba7a15e92ef49d9de9b604e15e556296ca547a5e5c489ff93fe39fbe722c179
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cryptomine.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 17:33:11 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1581091
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
last-modified
Sat, 02 Jul 2022 16:40:17 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qm5ULBY%2FHv7Hnp5N3eROM1jwaNTt0l0D%2F0MnKorlDtTQfpSVsH3TRxOeYzoZnnPTRjf2p7LzuYb8JJHgn%2FBVuJKXbdAoHI0B1jErhEuQpgD6Wih%2BACYrAY1AsAE21PBgYVxjFo8531E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7e2997626c4490f2-FRA
expires
Tue, 18 Jul 2023 10:21:40 GMT

Redirect headers

Date
Thu, 06 Jul 2023 17:33:11 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=91dXXZlPN4n90%2BEDM9hoyWZR6eeC9RPPYaW64iqNGoJJyi4SsbZURfv3QyoQTPvOVM7LQFxO5ESgQ4cK2ibDVg%2B1XbwYWN0HqH6U5LYrVQkPmC%2BhGenz5wpIY9ZqK4PlwdMSIkAqtcw%3D"}],"group":"cf-nel","max_age":604800}
Location
https://adoto.net/dashboard/display/serve.js
Cache-Control
max-age=3600
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
7e299761c82c04a3-FRA
alt-svc
h3=":443"; ma=86400
Expires
Thu, 06 Jul 2023 18:33:11 GMT
btc-illustration.svg
cryptomine.live/images/ 		56 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cryptomine.live/images/btc-illustration.svg
Requested by
Host: cryptomine.live
URL: http://cryptomine.live/
Protocol
HTTP/1.1
Server
185.26.98.159 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
hostde18-1.fornex.host
Software
nginx /
Resource Hash
df390f61a1f708a7d1c6f387276c56d894be913e510215b4a3628c180ea224b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cryptomine.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
public
Date
Thu, 06 Jul 2023 17:33:11 GMT
Content-Encoding
gzip
Last-Modified
Sun, 14 May 2023 16:10:41 GMT
Server
nginx
ETag
W/"64610801-e08d"
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
max-age=2592000, public, must-revalidate, proxy-revalidate
Connection
keep-alive
Expires
Sat, 05 Aug 2023 17:33:11 GMT
background-item-1.svg
cryptomine.live/images/ 		538 B
919 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cryptomine.live/images/background-item-1.svg
Requested by
Host: cryptomine.live
URL: http://cryptomine.live/
Protocol
HTTP/1.1
Server
185.26.98.159 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
hostde18-1.fornex.host
Software
nginx /
Resource Hash
908a96ddcb8053e6260724be0ff62b68b451e80c8bd73e656714558d70cea93c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cryptomine.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
public
Date
Thu, 06 Jul 2023 17:33:11 GMT
Last-Modified
Sun, 14 May 2023 16:10:41 GMT
Server
nginx
ETag
"64610801-21a"
Content-Type
image/svg+xml
Cache-Control
max-age=2592000, public, must-revalidate, proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
538
Expires
Sat, 05 Aug 2023 17:33:11 GMT
background-item-2.svg
cryptomine.live/images/ 		475 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cryptomine.live/images/background-item-2.svg
Requested by
Host: cryptomine.live
URL: http://cryptomine.live/
Protocol
HTTP/1.1
Server
185.26.98.159 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
hostde18-1.fornex.host
Software
nginx /
Resource Hash
4327cf992003e65d2ab95840ec85118bdf9e5bf879d207b2d8ffd59b13ad9b8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cryptomine.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
public
Date
Thu, 06 Jul 2023 17:33:11 GMT
Last-Modified
Sun, 14 May 2023 16:10:41 GMT
Server
nginx
ETag
"64610801-1db"
Content-Type
image/svg+xml
Cache-Control
max-age=2592000, public, must-revalidate, proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
475
Expires
Sat, 05 Aug 2023 17:33:11 GMT
autosurf.png
www.websyndic.com/banners/
Redirect Chain
  • http://www.websyndic.com/banners/autosurf.png
  • https://www.websyndic.com/banners/autosurf.png
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.websyndic.com/banners/autosurf.png
Requested by
Host: cryptomine.live
URL: http://cryptomine.live/
Protocol
H2
Server
15.235.118.190 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5019653.ip-15-235-118.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cryptomine.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Redirect headers

Location
https://www.websyndic.com/banners/autosurf.png
Date
Thu, 06 Jul 2023 17:33:11 GMT
Server
nginx
Connection
keep-alive
Content-Length
162
Content-Type
text/html
w320h320.gif
cryptomine.live/images/ 		375 KB
375 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cryptomine.live/images/w320h320.gif
Requested by
Host: cryptomine.live
URL: http://cryptomine.live/
Protocol
HTTP/1.1
Server
185.26.98.159 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
hostde18-1.fornex.host
Software
nginx /
Resource Hash
a9a2ff346d6112f249e0eca041e69842b003982fb375c2bb36e5800c78559675

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cryptomine.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
public
Date
Thu, 06 Jul 2023 17:33:11 GMT
Last-Modified
Sun, 14 May 2023 16:10:41 GMT
Server
nginx
ETag
"64610801-5db3c"
Content-Type
image/gif
Cache-Control
max-age=2592000, public, must-revalidate, proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
383804
Expires
Sat, 05 Aug 2023 17:33:11 GMT
background-item-6.svg
cryptomine.live/images/ 		209 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cryptomine.live/images/background-item-6.svg
Requested by
Host: cryptomine.live
URL: http://cryptomine.live/
Protocol
HTTP/1.1
Server
185.26.98.159 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
hostde18-1.fornex.host
Software
nginx /
Resource Hash
ff2b0951c36f28cac3f61f9639de576b63c0928562494dedb235c46e78cc4dc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cryptomine.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
public
Date
Thu, 06 Jul 2023 17:33:11 GMT
Last-Modified
Sun, 14 May 2023 16:10:41 GMT
Server
nginx
ETag
"64610801-d1"
Content-Type
image/svg+xml
Cache-Control
max-age=2592000, public, must-revalidate, proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
209
Expires
Sat, 05 Aug 2023 17:33:11 GMT
background-item-7.svg
cryptomine.live/images/ 		209 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cryptomine.live/images/background-item-7.svg
Requested by
Host: cryptomine.live
URL: http://cryptomine.live/
Protocol
HTTP/1.1
Server
185.26.98.159 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
hostde18-1.fornex.host
Software
nginx /
Resource Hash
9eed9f51c65e7ad5cbbd4490add7891b31be9619c0aec98276819707008ab899

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cryptomine.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
public
Date
Thu, 06 Jul 2023 17:33:11 GMT
Last-Modified
Sun, 14 May 2023 16:10:41 GMT
Server
nginx
ETag
"64610801-d1"
Content-Type
image/svg+xml
Cache-Control
max-age=2592000, public, must-revalidate, proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
209
Expires
Sat, 05 Aug 2023 17:33:11 GMT
2214136
ad.a-ads.com/ Frame 4D23 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ad.a-ads.com/2214136?size=468x60
Requested by
Host: cryptomine.live
URL: http://cryptomine.live/
Protocol
HTTP/1.1
Server
148.251.192.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.72.192.251.148.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
3b75bc47211c7fc31693e7718f6ffbd7f222effc234f88a8a742b98d01302a35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://cryptomine.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Thu, 06 Jul 2023 17:33:11 GMT
Server
nginx
Status
200 OK
Transfer-Encoding
chunked
Vary
Accept-Encoding Accept-Encoding
X-Content-Type-Options
nosniff
X-Original-Referer
http://cryptomine.live/
X-Powered-By
Phusion Passenger(R)
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
X-XSS-Protection
1; mode=block
css2
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Rubik:wght@400;500;700&display=swap
Requested by
Host: cryptomine.live
URL: http://cryptomine.live/css/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
060076783862d7980392dfdf22ced5698d470ce32cb2c69ae0a412d72d090695
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cryptomine.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 06 Jul 2023 17:33:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 06 Jul 2023 17:32:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 06 Jul 2023 17:33:11 GMT
468x60
static.a-ads.com/a-ads-banners/393745/ Frame 4D23 		428 KB
428 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.a-ads.com/a-ads-banners/393745/468x60?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: http://ad.a-ads.com/2214136?size=468x60
Protocol
HTTP/1.1
Server
148.251.192.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.72.192.251.148.clients.your-server.de
Software
nginx /
Resource Hash
7e32e05abc7eb22db05e66009fd5ffb94170b7b6882fe4fa994904668b9a3171

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 06 Jul 2023 17:33:11 GMT
x-amz-version-id
OCdZGo21C0eofzydi4BulScJFjE6rXPN
Last-Modified
Tue, 31 May 2022 13:28:27 GMT
Server
nginx
x-amz-request-id
6JME798VAGH5K5PM
ETag
"9ecf8ce917854a0c481254a2d97e2ac6"
Content-Type
image/gif
Cache-Control
max-age=315360000
x-amz-replication-status
COMPLETED
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
438215
x-amz-id-2
p2lVWZB6RBJNsvfnI+nN5Yi+f1CkDyfgWabGcijMAQxhgg8oYNXtqZj1vf0Olm458GpU7SJS0+I=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ Frame 4D23 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v28/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Rubik:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://cryptomine.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 19:02:02 GMT
x-content-type-options
nosniff
age
599469
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35448
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 16:14:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Jun 2024 19:02:02 GMT
terra.js
claimtokens.net/ 		595 B
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://claimtokens.net/terra.js
Requested by
Host: adoto.net
URL: http://adoto.net/dashboard/display/serve.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
442b02460bc1b98204c22de2c3311b88fa06928e18b4c1b60bd76ca1d00050e9

Request headers

Referer
http://cryptomine.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 06 Jul 2023 17:33:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 03 Sep 2022 08:31:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7109
etag
W/"253-5e7c1ab61320c-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rk3yijI1WuU90Z6oCj0y3CTvkMnBL7Cdg0nJPRASPFEAN8WSFCDgRPae%2FcmAaBhzco0sjND9uySfciME0btrXP4nEErHFDidwUu8IpvvFuqi0KVLDN3NsgrlNG6EIxHyXNkzQe67lP01%2Bu995Mo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7e2997634b6e2bb8-FRA
alt-svc
h3=":443"; ma=86400
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s10.histats.com/js15_as.js
Requested by
Host: adoto.net
URL: http://adoto.net/dashboard/display/serve.js
Protocol
HTTP/1.1
Server
2606:4700:10::6814:41d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cryptomine.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 06 Jul 2023 17:33:11 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Thu, 16 Apr 2020 10:44:16 GMT
Server
cloudflare
Age
7267
ETag
"-375139978"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=28800
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
7e29976369f73830-FRA
Content-Length
4547
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: adoto.net
URL: http://adoto.net/dashboard/display/serve.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cryptomine.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 06 Jul 2023 17:04:37 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1714
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 06 Jul 2023 19:04:37 GMT
gate.php
linkslot.ru/ 		2 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=c6dddedae6d6d6e3cfd796d3d1d9d0889da79a99b39995999d98938e969ca2978ce7d0ecd1d3d4c49a9a98a28791f1cae0ccd6dfd68bd3de929899a891ad88ded1d1a199a592df9fae8a92c9d7d8cfd0dccfd4d2d2ee90a79b9e9696a18592ddcfdde7cd9e88d3d1ced085d1d7cad4e98a92cbcfdad2d8ca99a3989da891a09d9e9b989996a3aa87dcdbc7d3dad097989e9c98a59d8caf94d6d1d7dfcce595e2d59799aa91a2989798939b959aa29799aa91a2989798869b888da39da1b297a89c9ea194a096a3
Requested by
Host: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=353098
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cryptomine.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 17:33:11 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h3xi19q7mBGgoaXxr0fkayanQB8agl4TIQai1e5DleVGciSPeZpDCiRaBswPynSXd6puhDRDupCvEHUIPdThi9lnqD7sXkI%2B%2FrQ93lCMpRu25wi1Dy8ENtMpmrhsq15ovIKZd0QhUJeplw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=utf-8
access-control-allow-origin
*
cf-ray
7e2997634dbe0394-FRA
alt-svc
h3=":443"; ma=86400
02818fa60aa372d028b12df83bf78989.png
linkslot.ru/uploads/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://linkslot.ru/uploads/02818fa60aa372d028b12df83bf78989.png
Requested by
Host: cryptomine.live
URL: http://cryptomine.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5091cec986f0d01f643a5f68354637bc6aee7bf886e9b8bbc42c6ebfbe15da8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cryptomine.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 17:33:11 GMT
strict-transport-security
max-age=31536000;
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
519649
alt-svc
h3=":443"; ma=86400
content-length
39779
last-modified
Fri, 30 Jun 2023 16:56:53 GMT
server
cloudflare
etag
"649f0955-9b63"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U5ow57e7oiXFS9wSHuXj16Yc8%2Bi4r1c5DpJq0icIS6M5i8B6QXDhK4o6V0DqdkAX7e3S9caQzUtrDMZ%2BScf0CX80JK9roJYn5zt1oWDAzC3U45T357yvfNh42xCTX9uagzdeaa%2B%2Fm6EFUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7e2997630d37923e-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
buyb.png
linkslot.ru/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://linkslot.ru/img/buyb.png
Requested by
Host: cryptomine.live
URL: http://cryptomine.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e9b14e8db47eb55c01f3982d1e63061c9ac23ecae71d5313e08169e9cfcce29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cryptomine.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 17:33:11 GMT
strict-transport-security
max-age=31536000;
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
706827
alt-svc
h3=":443"; ma=86400
content-length
2585
last-modified
Mon, 05 Jun 2023 11:22:27 GMT
server
cloudflare
etag
"647dc573-a19"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f2Zr9CjtWMIjaMAEPCEtn8dQoFCEzjtUG30lD41pTBXaqyw3Pvi2PsC7M2honb0URUm42gP5G2F9wi%2BvdsN4%2BlZU6cUGzD%2BSmpI2Z7DZrzBWy1z%2FERQAd0KAI76xEgTFq8P6I3QyoPJ3wA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7e2997630d3a923e-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
invoke.js
wednesdaynaked.com/7e2d4fe168a1e398773143463900f16f/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://wednesdaynaked.com/7e2d4fe168a1e398773143463900f16f/invoke.js
Requested by
Host: cryptomine.live
URL: http://cryptomine.live/
Protocol
HTTP/1.1
Server
173.233.137.44 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

Referer
http://cryptomine.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Thu, 06 Jul 2023 17:33:11 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
collect
www.google-analytics.com/j/ 		3 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1781933066&t=pageview&_s=1&dl=http%3A%2F%2Fcryptomine.live%2F&ul=en-us&de=UTF-8&dt=CRYPTOMINE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1150159320&gjid=812392765&cid=562029300.1688664792&tid=UA-70132428-1&_gid=1321392023.1688664792&_r=1&_slc=1&gtm=2ou9m0&z=605315714
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://cryptomine.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 06 Jul 2023 17:33:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://cryptomine.live
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
0.php
s4.histats.com/stats/ 		53 B
187 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4531111&@f16&@g1&@h1&@i1&@j1688664791616&@k0&@l1&@mCRYPTOMINE&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:70860035&@b3:1688664792&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fcryptomine.live%2F&@w
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns561935.ip-54-39-128.net
Software
/
Resource Hash
008798a3203a3aca2a9e7b3e1c6a25744dde65ba069cc665d030a943b6c698aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cryptomine.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 06 Jul 2023 17:33:09 GMT
Connection
close
Content-Length
53
Content-Type
text/html;charset=UTF-8
publisher
ads.coinserom.com/ Frame C99E
Redirect Chain
  • http://ads.coinserom.com/publisher?adsunit=283
  • https://ads.coinserom.com/publisher?adsunit=283
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.coinserom.com/publisher?adsunit=283
Requested by
Host: cryptomine.live
URL: http://cryptomine.live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.64 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business60-1.web-hosting.com
Software
LiteSpeed / PHP/8.0.29
Resource Hash
c234b53168eb4526b188442f0091d24d034056ac5c22acb61d2db6194e4bc38d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM URL
X-Xss-Protection 1; mode=block

Request headers

Referer
http://cryptomine.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
br
content-length
1515
content-type
text/html; charset=UTF-8
date
Thu, 06 Jul 2023 17:33:13 GMT
referrer-policy
no-referrer-when-downgrade
server
LiteSpeed
strict-transport-security
max-age=31536000; includeSubDomains; preload;
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
ALLOW-FROM URL
x-powered-by
PHP/8.0.29
x-turbo-charged-by
LiteSpeed
x-xss-protection
1; mode=block

Redirect headers

content-length
707
content-type
text/html
date
Thu, 06 Jul 2023 17:33:12 GMT
keep-alive
timeout=5, max=100
location
https://ads.coinserom.com/publisher?adsunit=283
referrer-policy
no-referrer-when-downgrade
server
LiteSpeed
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-turbo-charged-by
LiteSpeed
x-xss-protection
1; mode=block
items.php
ayelads.click/display/ Frame D881 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ayelads.click/display/items.php?ad=5bdwwcg&s=1&h=728x90
Requested by
Host: cryptomine.live
URL: http://cryptomine.live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.57.162.10 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium264-2.web-hosting.com
Software
LiteSpeed / PHP/7.2.34
Resource Hash
6a4abd20703e3369d51cb784aae1145be9b73294fcb28589c78591483137ad67

Request headers

Referer
http://cryptomine.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-length
595
content-type
text/html; charset=UTF-8
date
Thu, 06 Jul 2023 17:33:12 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.2.34
x-turbo-charged-by
LiteSpeed
media-icons-sprite.svg
cryptomine.live/images/ 		3 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
http://cryptomine.live/images/media-icons-sprite.svg
Requested by
Host: cryptomine.live
URL: http://cryptomine.live/
Protocol
HTTP/1.1
Server
185.26.98.159 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
hostde18-1.fornex.host
Software
nginx /
Resource Hash
3561e0babd1ff5aa1fbc1d1bde366e1a19a3c4e5b34118e1f37e01c41f44c7d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cryptomine.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
public
Date
Thu, 06 Jul 2023 17:33:11 GMT
Content-Encoding
gzip
Last-Modified
Sun, 14 May 2023 16:10:41 GMT
Server
nginx
ETag
W/"64610801-d49"
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
max-age=2592000, public, must-revalidate, proxy-revalidate
Connection
keep-alive
Expires
Sat, 05 Aug 2023 17:33:11 GMT
index.php
adoto.net/dashboard/display/ Frame 457D
Redirect Chain
  • http://adoto.net/dashboard/display/index.php?page=query/items/&aduid=5692&pid=1532&width=468&height=60&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&ad...
  • https://adoto.net/dashboard/display/index.php?page=query/items/&aduid=5692&pid=1532&width=468&height=60&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&a...
11 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adoto.net/dashboard/display/index.php?page=query/items/&aduid=5692&pid=1532&width=468&height=60&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=728&page_data=abbb753ed1413273fb0929bec2f58ebc&time=1688664791&deliver=cryptomine.live&search_keywords=&page_referrer=aHR0cDovL2NyeXB0b21pbmUubGl2ZS8=&page_title=CRYPTOMINE&meta_description=
Requested by
Host: adoto.net
URL: http://adoto.net/dashboard/display/items.php?5692&1532&468&60&4&0&0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82492a405d633574997eb941f3b96dafd5a88d9eca34c74b9a9e7fe0f0068c5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://cryptomine.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7e299766a97590f2-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 06 Jul 2023 17:33:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6hdOMwsjYIOYr9evDMvrRajH9v%2FJge8S5gvxXh5o4H6bodQDeL5EpOLEmu%2FIHS%2B1xdFE7M0aqhGNVtyWvMzywC5LR0ZAn4oIboPE7v8KqS5CAcrhpqAO4ssDGsxEd5cPRiWEYGfwVh8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-server-powered-by
Engintron
x-xss-protection
1; mode=block

Redirect headers

CF-RAY
7e2997664aa89b67-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Thu, 06 Jul 2023 17:33:12 GMT
Expires
Thu, 06 Jul 2023 18:33:12 GMT
Location
https://adoto.net/dashboard/display/index.php?page=query/items/&aduid=5692&pid=1532&width=468&height=60&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=728&page_data=abbb753ed1413273fb0929bec2f58ebc&time=1688664791&deliver=cryptomine.live&search_keywords=&page_referrer=aHR0cDovL2NyeXB0b21pbmUubGl2ZS8=&page_title=CRYPTOMINE&meta_description=
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jha8M%2FGPRYWjjaU4owFIXXOo65cu73upqtBpTYs8rgdQbjMZhEg6SUp4w3EibiZ%2B0X2oWvZYFOpxIT4Trxf5QjcjfNwHkLphY1artzUuubwA%2FMz1bIlxuVQogeqRvZzyLeZWy2HUBtY%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
jquery.min.js
adoto.net/dashboard/display/js/ Frame 457D 		243 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adoto.net/dashboard/display/js/jquery.min.js
Requested by
Host: adoto.net
URL: https://adoto.net/dashboard/display/index.php?page=query/items/&aduid=5692&pid=1532&width=468&height=60&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=728&page_data=abbb753ed1413273fb0929bec2f58ebc&time=1688664791&deliver=cryptomine.live&search_keywords=&page_referrer=aHR0cDovL2NyeXB0b21pbmUubGl2ZS8=&page_title=CRYPTOMINE&meta_description=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3caed62a1e0d87142db5c8c39d43a61cf0679700fdf6dffc6598f35242da762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adoto.net/dashboard/display/index.php?page=query/items/&aduid=5692&pid=1532&width=468&height=60&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=728&page_data=abbb753ed1413273fb0929bec2f58ebc&time=1688664791&deliver=cryptomine.live&search_keywords=&page_referrer=aHR0cDovL2NyeXB0b21pbmUubGl2ZS8=&page_title=CRYPTOMINE&meta_description=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 17:33:12 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
509593
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
last-modified
Sun, 11 Apr 2021 22:28:47 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yefxt0wfvpcEr5nfgBzbzd1A3ZSq4rwUrHWBVJeaDPKVtHWks7%2FekB3N9EZcCKKjg%2BX2wouJR%2BlqNaooYQaUjJonwhoBM0lHuDGvUmCDl3eGziZf3GyfubrZ%2FXiZEunMQS%2F1OiRb6xk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7e29976aba7b904e-FRA
expires
Sun, 30 Jul 2023 19:59:59 GMT
1-icon-1616283432.jpg
adoto.net/dashboard/upload/credit/ Frame 457D 		510 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adoto.net/dashboard/upload/credit/1-icon-1616283432.jpg
Requested by
Host: adoto.net
URL: https://adoto.net/dashboard/display/index.php?page=query/items/&aduid=5692&pid=1532&width=468&height=60&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=728&page_data=abbb753ed1413273fb0929bec2f58ebc&time=1688664791&deliver=cryptomine.live&search_keywords=&page_referrer=aHR0cDovL2NyeXB0b21pbmUubGl2ZS8=&page_title=CRYPTOMINE&meta_description=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bafece3ffa322300ff62bc835e4283963fcacdc0702b4ef98589d8351d1a568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adoto.net/dashboard/display/index.php?page=query/items/&aduid=5692&pid=1532&width=468&height=60&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=728&page_data=abbb753ed1413273fb0929bec2f58ebc&time=1688664791&deliver=cryptomine.live&search_keywords=&page_referrer=aHR0cDovL2NyeXB0b21pbmUubGl2ZS8=&page_title=CRYPTOMINE&meta_description=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 17:33:12 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1844354
alt-svc
h3=":443"; ma=86400
content-length
510
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
HIT
last-modified
Mon, 20 Sep 2021 21:50:03 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oiTKmmXiAIwH4fgX8e9eKWSxAc7n8pHFEB1nGR3btkvI6stDM25q%2F%2BL6z%2FphQ63bCjWBw9QkAjUnHQc%2BuXZVm5Tl3NYQOKYeHoZVnDCdztfzKFClPAszHHByLlLAAsF0hnZxW7ztvrY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
7e29976aba7e904e-FRA
expires
Mon, 14 Aug 2023 09:13:58 GMT
logo_ad1.png
ayelads.com/page/image/ Frame D881 		503 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ayelads.com/page/image/logo_ad1.png
Requested by
Host: ayelads.click
URL: https://ayelads.click/display/items.php?ad=5bdwwcg&s=1&h=728x90
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.250 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium161-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
997d968621d97121b423e07a7188084805214b3d2a874d576cc5b795686dac7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ayelads.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 17:33:13 GMT
last-modified
Fri, 27 Nov 2020 10:25:31 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
503
expires
Thu, 13 Jul 2023 17:33:13 GMT
png-728.gif
ayelads.com/res/files/images/ Frame D881 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ayelads.com/res/files/images/png-728.gif
Requested by
Host: ayelads.click
URL: https://ayelads.click/display/items.php?ad=5bdwwcg&s=1&h=728x90
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.250 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium161-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
9d8117ceb1e07982fc36aacf2c519093d1bc08c1f305d2e25d5e81d3a4bab831

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ayelads.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 17:33:13 GMT
last-modified
Fri, 03 Sep 2021 09:37:21 GMT
server
LiteSpeed
content-type
image/gif
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
20578
expires
Thu, 13 Jul 2023 17:33:13 GMT
2126707
ad.a-ads.com/ Frame 817C 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/2126707?size=728x90
Requested by
Host: ayelads.click
URL: https://ayelads.click/display/items.php?ad=5bdwwcg&s=1&h=728x90
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.251.192.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.72.192.251.148.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
7f1c14cc183a9d0fe3109bbe2e21e34dc48b3761b40559eeed3d54ab3287321e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ayelads.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Thu, 06 Jul 2023 17:33:12 GMT
server
nginx
status
200 OK
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-original-referer
https://ayelads.click/
x-powered-by
Phusion Passenger(R)
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-xss-protection
1; mode=block
2126712
ad.a-ads.com/ Frame F700 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/2126712?size=300x250
Requested by
Host: ayelads.click
URL: https://ayelads.click/display/items.php?ad=5bdwwcg&s=1&h=728x90
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.251.192.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.72.192.251.148.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
f489877863d9c9ac4fea227f50e888e99b557c5d70209a57ed9c74fcb2da5d3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ayelads.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Thu, 06 Jul 2023 17:33:12 GMT
server
nginx
status
200 OK
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-original-referer
https://ayelads.click/
x-powered-by
Phusion Passenger(R)
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-xss-protection
1; mode=block
2126713
ad.a-ads.com/ Frame 2D42 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/2126713?size=468x60
Requested by
Host: ayelads.click
URL: https://ayelads.click/display/items.php?ad=5bdwwcg&s=1&h=728x90
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.251.192.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.72.192.251.148.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
fe955ccaa8c39a332e77ea9bb1b7dfee87230830d07bbff8e390502f0a4db703
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ayelads.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Thu, 06 Jul 2023 17:33:12 GMT
server
nginx
status
200 OK
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-original-referer
https://ayelads.click/
x-powered-by
Phusion Passenger(R)
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-xss-protection
1; mode=block
2126714
ad.a-ads.com/ Frame 80D5 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/2126714?size=160x600
Requested by
Host: ayelads.click
URL: https://ayelads.click/display/items.php?ad=5bdwwcg&s=1&h=728x90
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.251.192.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.72.192.251.148.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
64498966a44af8b7c81b63f62e7c09bbba1072c0dd933173e5671535497c5954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ayelads.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Thu, 06 Jul 2023 17:33:12 GMT
server
nginx
status
200 OK
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-original-referer
https://ayelads.click/
x-powered-by
Phusion Passenger(R)
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-xss-protection
1; mode=block
2126715
ad.a-ads.com/ Frame DF2E 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/2126715?size=320x50
Requested by
Host: ayelads.click
URL: https://ayelads.click/display/items.php?ad=5bdwwcg&s=1&h=728x90
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.251.192.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.72.192.251.148.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
034cc81177c9153fe7419ce10d2388774a5e88cec2677f891fff25d7464e4b78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ayelads.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Thu, 06 Jul 2023 17:33:12 GMT
server
nginx
status
200 OK
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-original-referer
https://ayelads.click/
x-powered-by
Phusion Passenger(R)
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-xss-protection
1; mode=block
728x90
static.a-ads.com/a-ads-banners/117619/ Frame 817C 		122 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/117619/728x90?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/2126707?size=728x90
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.251.192.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.72.192.251.148.clients.your-server.de
Software
nginx /
Resource Hash
e4503a46dd63eb6398899345e1cf979d0aeb0dedfe051fc6cd213a69d67ddcc9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 17:33:12 GMT
x-amz-version-id
0fATWmKYpJSZr5TJ6jtiSoqDotlI3uSs
last-modified
Sun, 19 Apr 2020 16:08:09 GMT
server
nginx
x-amz-request-id
YYCSPCWBW2HNCA4Q
etag
"8df22bfbf1b66e4d461cc595236e19c5"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
content-length
125388
x-amz-id-2
qF1cMiESZLPzLfFOet+Vl6KsswtsOxBEvdRSRO93WnwseBz8knUINz/OhLflJ3gaoSlYMWplKX0=
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ Frame 817C 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
300x250
static.a-ads.com/a-ads-banners/117617/ Frame F700 		187 KB
188 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/117617/300x250?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/2126712?size=300x250
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.251.192.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.72.192.251.148.clients.your-server.de
Software
nginx /
Resource Hash
2e31c9bab999580b0a194dccb45a2f79378237ef53082e01ea3f539976c8780f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 17:33:12 GMT
x-amz-version-id
9rF0H2vdVY_HJMQUZBdQKii0bOEwqr9J
last-modified
Sun, 19 Apr 2020 16:08:09 GMT
server
nginx
x-amz-request-id
H009V2AFYD8K58K0
etag
"5896f969c3c0d5de143c2f56c20489d9"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
content-length
191448
x-amz-id-2
TJRgsQQo1P0xxngDNECUG4ZktDVazLR8m4asbFbTO82j0lMqjFG7+OMCS+KEcQDByF0Ex+nBG6A=
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ Frame F700 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
160x600
static.a-ads.com/a-ads-banners/117616/ Frame 80D5 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/117616/160x600?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/2126714?size=160x600
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.251.192.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.72.192.251.148.clients.your-server.de
Software
nginx /
Resource Hash
20f3a387fbcb1f55acf43b88e0628d8caae1cce02fd5c09bbf573de755fd8ce6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 17:33:12 GMT
x-amz-version-id
Vly2RmS64q4VblC2nRqz_g1rs.jq2Fic
last-modified
Sun, 19 Apr 2020 16:08:09 GMT
server
nginx
x-amz-request-id
4YG6C78D5K74628B
etag
"c848631aa56eb03b8cf56723624828e8"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
content-length
70430
x-amz-id-2
dAaaHnoPzFVhvIxNl7gjmb4o810esPvnsbB18frrph+mMU/5s6cP43GJBXh0lnKN85mWuc7V8Ew=
expires
Thu, 31 Dec 2037 23:55:55 GMT
468x60
static.a-ads.com/a-ads-banners/117620/ Frame 2D42 		156 KB
157 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/117620/468x60?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/2126713?size=468x60
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.251.192.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.72.192.251.148.clients.your-server.de
Software
nginx /
Resource Hash
d8b5a182bc67221d6aca1ae17ae45734e487e51959af519203bbc0b088b94062

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 17:33:12 GMT
x-amz-version-id
LKnGuoVSDoJ.bbTuKu8XrVLG1BNZQuT4
last-modified
Sun, 19 Apr 2020 16:08:09 GMT
server
nginx
x-amz-request-id
0KNMB80PCPK2BZBW
etag
"d89cd17d5e22adfb5532615d116d84b8"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
content-length
160195
x-amz-id-2
Dl7L7zIhkLLHjWlO3gEltNjb41VkCbhrQRk9xl1E1FR5ep37OcfYwH9s976lk69OReKpyufPY1Q=
expires
Thu, 31 Dec 2037 23:55:55 GMT
320x50
static.a-ads.com/a-ads-banners/117618/ Frame DF2E 		106 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/117618/320x50?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/2126715?size=320x50
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.251.192.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.72.192.251.148.clients.your-server.de
Software
nginx /
Resource Hash
0cab8671024e27265f5d37739d64ccfd8417d3a1326cd85e578a2ca7280ecf0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 17:33:12 GMT
x-amz-version-id
w4CWsbKlEWz_x7_SpmcYfVfQEmXT2wOu
last-modified
Sun, 19 Apr 2020 16:08:09 GMT
server
nginx
x-amz-request-id
ZDHPDCHYQ3H2W9SV
etag
"964435510a885dc83118d9345a439c3d"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
content-length
108594
x-amz-id-2
DhYVgCj9xXesbMKyNpmMNTcQSsv0YZ+8KwbWvUashy3kwXWiE0BSLSBmDBmfQKMUSo4z5d+cMio=
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ Frame 80D5 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 2D42 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame DF2E 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
23dd9a34e892bfbc7c1eebcadb9dd7ff.gif
app.coinserom.com/inside/banner/ Frame C99E 		155 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.coinserom.com/inside/banner/23dd9a34e892bfbc7c1eebcadb9dd7ff.gif
Requested by
Host: ads.coinserom.com
URL: https://ads.coinserom.com/publisher?adsunit=283
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.64 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business60-1.web-hosting.com
Software
LiteSpeed /
Resource Hash
30809c62b0aa2b48356cc0c7aea45871f715e8e1cf6665248a6e5a96ce49c2fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM URL
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.coinserom.com/publisher?adsunit=283
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 17:33:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 07 Jun 2023 17:31:53 GMT
server
LiteSpeed
x-frame-options
ALLOW-FROM URL
content-type
image/gif
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
159174
x-xss-protection
1; mode=block
expires
Thu, 13 Jul 2023 17:33:12 GMT
/
www.coinserom.com/ Frame 1232 		951 B
985 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.coinserom.com/?sponsore=hello
Requested by
Host: ads.coinserom.com
URL: https://ads.coinserom.com/publisher?adsunit=283
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.64 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business60-1.web-hosting.com
Software
LiteSpeed / PHP/7.4.33
Resource Hash
34151e48e397941d4934ed995d9afed508f335d770f073533163151fe0997167
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM URL
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.coinserom.com/publisher?adsunit=283
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-length
484
content-type
text/html; charset=UTF-8
date
Thu, 06 Jul 2023 17:33:14 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
LiteSpeed
strict-transport-security
max-age=31536000; includeSubDomains; preload;
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
ALLOW-FROM URL
x-powered-by
PHP/7.4.33
x-turbo-charged-by
LiteSpeed
x-xss-protection
1; mode=block
12px.png
ads.coinserom.com/images/ Frame C99E 		351 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.coinserom.com/images/12px.png
Requested by
Host: ads.coinserom.com
URL: https://ads.coinserom.com/publisher?adsunit=283
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.64 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business60-1.web-hosting.com
Software
LiteSpeed /
Resource Hash
6eab3907a4b74df6beac63df58704f3270e08f5504cfc864b947770148ff4faa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM URL
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.coinserom.com/publisher?adsunit=283
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 17:33:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 08 Apr 2023 02:36:00 GMT
server
LiteSpeed
x-frame-options
ALLOW-FROM URL
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
351
x-xss-protection
1; mode=block
expires
Thu, 13 Jul 2023 17:33:13 GMT
index.php
adoto.net/dashboard/track/ Frame 457D 		133 B
566 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adoto.net/dashboard/track/index.php?page=click/data/1|77|0|1532|5692|1|3599|0|0/11743a2b6e7aa61f507a8187f4432660/1688664803/DE/
Requested by
Host: adoto.net
URL: https://adoto.net/dashboard/display/index.php?page=query/items/&aduid=5692&pid=1532&width=468&height=60&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=728&page_data=abbb753ed1413273fb0929bec2f58ebc&time=1688664791&deliver=cryptomine.live&search_keywords=&page_referrer=aHR0cDovL2NyeXB0b21pbmUubGl2ZS8=&page_title=CRYPTOMINE&meta_description=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd7506d241572a04a846c509342e84d94370a110291114a7f3c37da5b6a7f6dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adoto.net/dashboard/display/index.php?page=query/items/&aduid=5692&pid=1532&width=468&height=60&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=728&page_data=abbb753ed1413273fb0929bec2f58ebc&time=1688664791&deliver=cryptomine.live&search_keywords=&page_referrer=aHR0cDovL2NyeXB0b21pbmUubGl2ZS8=&page_title=CRYPTOMINE&meta_description=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 17:33:14 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
Accept-Encoding, Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FdPTn5JBRKnWqAes2tQ7P990NZ9DtOPBOnJHKgBWwePyiOlNGpoGXvMelqDXWKoLwq%2BUaTjpx4IzLscgW9%2Fa%2FSK0nIkwwdFITgSUvm6VCPtTOGlYPdNb3EviKAFYnEX0y2fEiBOrRzU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
7e299771cbf7904e-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ Frame 1232 		232 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MNTEQ5X50H
Requested by
Host: www.coinserom.com
URL: https://www.coinserom.com/?sponsore=hello
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7b8cda20fd931c44180116019f4bee457c5a7bf3e386ba2cead24c8bc98c5623
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coinserom.com/?sponsore=hello
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 17:33:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83471
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 06 Jul 2023 17:33:14 GMT
gate.php
linkslot.ru/ 		2 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d2=c6dddedae6d6d6e3cfd796d3d1d9d0889da79a99b39995988a98869b889ba89fa1b097a69fa099989c9e
Requested by
Host: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=353098
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cryptomine.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 17:33:16 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2FnSp7x%2BGxPfEYQ3YAPaTBkRS80dLQVIM%2BdKgB%2FZSCviYErnFjklT1odaWEvVgpt5SsyD7%2F%2BX18qjdScN9OGPRtOJLwRM%2B8IJhNyi8T9ymb8ChXyzJHngkvg35zi%2Fts912szUy8MTVeY1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=utf-8
access-control-allow-origin
*
cf-ray
7e2997824abf0394-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 boolean| credentialless object| onbeforetoggle object| onscrollend object| _Hasync function| gtag object| google_tag_manager object| dataLayer object| google_tag_data string| GoogleAnalyticsObject function| ga object| ls_code function| lsOrder function| lsStHex function| LiNKsloT string| welcome string| lsGT number| lsSY number| lsPZ number| lsMX number| lsMY string| lsPR function| lsRT object| lsHT object| lsDS object| lsDv string| lsLN string| lsID string| lsPD string| x string| lsRX number| lsT0 boolean| lsIFram string| hash string| lsNA number| fl function| lsSF function| lsMF object| atOptions object| gaplugins object| gaGlobal object| gaData function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues number| adcode_count function| post_sticky_handler function| post_noads_handler function| post_trackdata_handler function| post_skin_handler function| post_expandable_handler function| post_pop_handler function| post_interstitial_handler function| post_native_handler function| native_resize_handler function| post_iframe_handler object| ItemDataScript_parameter string| ItemDataScript_parameter_new object| ItemDataScript_parameter_seperate string| aduid string| pid string| width string| height string| displaytype number| responsive number| block_id number| adSectionWidth object| page_meta_data string| page_title string| page_referrer string| meta_description string| meta_keywords string| search_keywords number| currently_rendered number| currently_rendered_flag string| currently_rendered_adunit object| cpc_impression object| cpm_impression object| cpa_impression string| cpd_impression string| cpv_impression object| html_impression string| ret string| iframe_src string| urlorigin object| responsedata string| cookie_content_value object| cookie_content_data

13 Cookies

Domain/Path Name / Value
.cryptomine.live/ Name: _ga
Value: GA1.2.562029300.1688664792
.cryptomine.live/ Name: _gid
Value: GA1.2.1321392023.1688664792
.cryptomine.live/ Name: _gat_gtag_UA_70132428_1
Value: 1
cryptomine.live/ Name: HstCfa4531111
Value: 1688664791616
cryptomine.live/ Name: HstCla4531111
Value: 1688664791616
cryptomine.live/ Name: HstCmu4531111
Value: 1688664791616
cryptomine.live/ Name: HstPn4531111
Value: 1
cryptomine.live/ Name: HstPt4531111
Value: 1
cryptomine.live/ Name: HstCnv4531111
Value: 1
cryptomine.live/ Name: HstCns4531111
Value: 1
ayelads.click/ Name: AYID
Value: %7B%22sec_to_refresh%22%3A7%2C%22time_ads%22%3A1688664792%2C%22ads_viewed%22%3A%5B%5D%7D
ayelads.click/ Name: 5bdwwcg
Value: %7B%22dataTag%22%3A%7B%22username%22%3A%22groovik%22%2C%22site%22%3A%2210229%22%2C%22domain%22%3A%22cryptomine.live%22%2C%22startG%22%3A%221%22%2C%22tag%22%3A%225bdwwcg%22%2C%22status%22%3A%22Active%22%2C%22country%22%3A%22ZZ%22%2C%22device%22%3A%22Desktop%22%2C%22category%22%3A%2235%22%2C%22size%22%3A%22728x90%22%2C%22banners%22%3A%7B%22rt%22%3A%5B1%2C2%2C3%2C4%2C7%2C10%2C11%2C12%2C13%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C31%5D%2C%22id%22%3A%5B%226732%22%2C%226621%22%2C%226634%22%2C%226722%22%2C%226514%22%2C%226431%22%2C%223395%22%2C%226616%22%2C%226628%22%2C%226671%22%2C%226487%22%2C%226358%22%2C%226366%22%2C%226475%22%2C%226700%22%2C%226043%22%2C%226646%22%2C%226450%22%5D%7D%2C%22tRotate%22%3A31%7D%7D
cryptomine.live/ Name: _data_cpc
Value: 77-1

8 Console Messages

Source Level URL
Text
javascript warning URL: http://adoto.net/dashboard/display/serve.js(Line 27)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://claimtokens.net/terra.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://adoto.net/dashboard/display/serve.js(Line 27)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://claimtokens.net/terra.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://wednesdaynaked.com/7e2d4fe168a1e398773143463900f16f/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://wednesdaynaked.com/7e2d4fe168a1e398773143463900f16f/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: http://wednesdaynaked.com/7e2d4fe168a1e398773143463900f16f/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://www.websyndic.com/banners/autosurf.png
Message:
Failed to load resource: the server responded with a status of 404 ()
other error URL: https://ads.coinserom.com/publisher?adsunit=283
Message:
Invalid 'X-Frame-Options' header encountered when loading 'https://ads.coinserom.com/': 'ALLOW-FROM URL' is not a recognized directive. The header will be ignored.
other error URL: https://www.coinserom.com/?sponsore=hello
Message:
Invalid 'X-Frame-Options' header encountered when loading 'https://www.coinserom.com/': 'ALLOW-FROM URL' is not a recognized directive. The header will be ignored.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.a-ads.com
adoto.net
ads.coinserom.com
app.coinserom.com
ayelads.click
ayelads.com
claimtokens.net
cryptomine.live
fonts.googleapis.com
fonts.gstatic.com
linkslot.ru
s10.histats.com
s4.histats.com
static.a-ads.com
wednesdaynaked.com
www.coinserom.com
www.google-analytics.com
www.googletagmanager.com
www.websyndic.com
148.251.192.72
15.235.118.190
162.0.235.250
173.233.137.44
185.26.98.159
2606:4700:10::6814:41d
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2003
2a06:98c1:3120::3
2a06:98c1:3121::3
54.39.128.117
63.250.38.64
69.57.162.10
008798a3203a3aca2a9e7b3e1c6a25744dde65ba069cc665d030a943b6c698aa
034cc81177c9153fe7419ce10d2388774a5e88cec2677f891fff25d7464e4b78
060076783862d7980392dfdf22ced5698d470ce32cb2c69ae0a412d72d090695
0cab8671024e27265f5d37739d64ccfd8417d3a1326cd85e578a2ca7280ecf0d
1bafece3ffa322300ff62bc835e4283963fcacdc0702b4ef98589d8351d1a568
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
20f3a387fbcb1f55acf43b88e0628d8caae1cce02fd5c09bbf573de755fd8ce6
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2a9d21316bbbc12508ea2cba0b08a9307398584a27e860c830ef690a2209deef
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2e31c9bab999580b0a194dccb45a2f79378237ef53082e01ea3f539976c8780f
30809c62b0aa2b48356cc0c7aea45871f715e8e1cf6665248a6e5a96ce49c2fb
34151e48e397941d4934ed995d9afed508f335d770f073533163151fe0997167
3561e0babd1ff5aa1fbc1d1bde366e1a19a3c4e5b34118e1f37e01c41f44c7d2
3b75bc47211c7fc31693e7718f6ffbd7f222effc234f88a8a742b98d01302a35
4327cf992003e65d2ab95840ec85118bdf9e5bf879d207b2d8ffd59b13ad9b8e
442b02460bc1b98204c22de2c3311b88fa06928e18b4c1b60bd76ca1d00050e9
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
5091cec986f0d01f643a5f68354637bc6aee7bf886e9b8bbc42c6ebfbe15da8b
5e9b14e8db47eb55c01f3982d1e63061c9ac23ecae71d5313e08169e9cfcce29
64498966a44af8b7c81b63f62e7c09bbba1072c0dd933173e5671535497c5954
6a4abd20703e3369d51cb784aae1145be9b73294fcb28589c78591483137ad67
6eab3907a4b74df6beac63df58704f3270e08f5504cfc864b947770148ff4faa
73072438c9f3fb448fe66c8e8d47f04e49c6a6412d2aa39e422d94af2c387867
7b8cda20fd931c44180116019f4bee457c5a7bf3e386ba2cead24c8bc98c5623
7e32e05abc7eb22db05e66009fd5ffb94170b7b6882fe4fa994904668b9a3171
7f1c14cc183a9d0fe3109bbe2e21e34dc48b3761b40559eeed3d54ab3287321e
82492a405d633574997eb941f3b96dafd5a88d9eca34c74b9a9e7fe0f0068c5b
837bf6f110a6b498819ab1363efe5e0f2bb1b86390a2d412c2b67a9523bf3741
908a96ddcb8053e6260724be0ff62b68b451e80c8bd73e656714558d70cea93c
997d968621d97121b423e07a7188084805214b3d2a874d576cc5b795686dac7d
9ba7a15e92ef49d9de9b604e15e556296ca547a5e5c489ff93fe39fbe722c179
9d8117ceb1e07982fc36aacf2c519093d1bc08c1f305d2e25d5e81d3a4bab831
9eed9f51c65e7ad5cbbd4490add7891b31be9619c0aec98276819707008ab899
a3caed62a1e0d87142db5c8c39d43a61cf0679700fdf6dffc6598f35242da762
a9a2ff346d6112f249e0eca041e69842b003982fb375c2bb36e5800c78559675
c234b53168eb4526b188442f0091d24d034056ac5c22acb61d2db6194e4bc38d
c3ee5b29a345693b9a171609dc62719eb7ecfa9e9d01774c372b94441e113ea7
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da
d8b5a182bc67221d6aca1ae17ae45734e487e51959af519203bbc0b088b94062
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df390f61a1f708a7d1c6f387276c56d894be913e510215b4a3628c180ea224b1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4503a46dd63eb6398899345e1cf979d0aeb0dedfe051fc6cd213a69d67ddcc9
ed555a279183c054222c873e78d92c40b512498e49359b6abfda36048f141988
edfc368b066e853919934f5617f1f33ad19e059716cdaf1c02a36a125c3f0730
f385bc5c3204343a2bd87c1d1985713d151433f3ba3b84c05c282c8f3c207219
f489877863d9c9ac4fea227f50e888e99b557c5d70209a57ed9c74fcb2da5d3e
fd7506d241572a04a846c509342e84d94370a110291114a7f3c37da5b6a7f6dc
fe955ccaa8c39a332e77ea9bb1b7dfee87230830d07bbff8e390502f0a4db703
ff2b0951c36f28cac3f61f9639de576b63c0928562494dedb235c46e78cc4dc2