wavesclaim.com Open in urlscan Pro
2606:4700:3030::6815:3262 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.wavesclaim.com/
Effective URL:
https://wavesclaim.com/
Submission: On March 11 via api (March 11th 2021, 9:10:04 pm UTC) from US

Summary HTTP 114 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 38 IPs in 6 countries across 44 domains to perform 114 HTTP transactions. The main IP is 2606:4700:3030::6815:3262, located in United States and belongs to CLOUDFLARENET, US. The main domain is wavesclaim.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 7th 2020. Valid for: a year.

This is the only time wavesclaim.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 20	2606:4700:303... 2606:4700:3030::6815:3262	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	63.33.19.148 63.33.19.148	16509 (AMAZON-02) (AMAZON-02)
1 28	104.16.168.131 104.16.168.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	104.22.3.144 104.22.3.144	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.226.159.117 13.226.159.117	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3030::ac43:c56e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:47f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3032::ac43:938f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:ab8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.96.51 65.9.96.51	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:20:... 2606:4700:20::ac43:4801	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::6815:2ed2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.96.48 65.9.96.48	16509 (AMAZON-02) (AMAZON-02)
1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	35.190.71.96 35.190.71.96	15169 (GOOGLE) (GOOGLE)
1 3	184.30.212.16 184.30.212.16	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	208.100.17.181 208.100.17.181	32748 (STEADFAST) (STEADFAST)
2 6	104.108.145.8 104.108.145.8	16625 (AKAMAI-AS) (AKAMAI-AS)
1	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
4 4	185.33.221.90 185.33.221.90	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	213.19.147.151 213.19.147.151	3356 (LEVEL3) (LEVEL3)
2 3	34.246.156.173 34.246.156.173	16509 (AMAZON-02) (AMAZON-02)
1 1	213.19.147.150 213.19.147.150	3356 (LEVEL3) (LEVEL3)
1	67.202.110.21 67.202.110.21	32748 (STEADFAST) (STEADFAST)
1 1	70.42.32.95 70.42.32.95	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	52.19.239.39 52.19.239.39	16509 (AMAZON-02) (AMAZON-02)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2 2	18.197.99.6 18.197.99.6	16509 (AMAZON-02) (AMAZON-02)
3 3	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2 2	72.251.249.14 72.251.249.14	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
6 6	185.64.189.216 185.64.189.216	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	88.214.193.83 88.214.193.83	46636 (NATCOWEB) (NATCOWEB)
1 1	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1 2	72.21.206.140 72.21.206.140	16509 (AMAZON-02) (AMAZON-02)
1	51.178.20.140 51.178.20.140	16276 (OVH) (OVH)
1 1	185.183.112.155 185.183.112.155	60350 (VP) (VP)
1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1	35.241.40.233 35.241.40.233	15169 (GOOGLE) (GOOGLE)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
114	38

20 2606:4700:3030::6815:3262 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.wavesclaim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wavesclaim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
revive.wavesclaim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.19.148 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-19-148.eu-west-1.compute.amazonaws.com

www.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 104.16.168.131 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 104.22.3.144 (United States)

ASN13335 (CLOUDFLARENET, US)

resources.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
router.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-117.dus51.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:c56e (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.foxpush.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:47f (United States)

ASN13335 (CLOUDFLARENET, US)

api.coingecko.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::ac43:938f (United States)

ASN13335 (CLOUDFLARENET, US)

acdcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:ab8 (United States)

ASN13335 (CLOUDFLARENET, US)

json.foxpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.96.51 (United States)

ASN16509 (AMAZON-02, US)

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:4801 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.bmcdn1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:2ed2 (United States)

ASN13335 (CLOUDFLARENET, US)

ufpcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.96.48 (United States)

ASN16509 (AMAZON-02, US)

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.71.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.71.190.35.bc.googleusercontent.com

onclickgenius.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.30.212.16 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-30-212-16.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.181 (United States)

ASN32748 (STEADFAST, US)
PTR: ip181.208-100-17.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.108.145.8 (Berlin, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-8.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.90 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.151 (United Kingdom) 2 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.246.156.173 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-156-173.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.150 (United Kingdom) 1 redirects

ASN3356 (LEVEL3, US)

sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.110.21 (United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-110.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.95 (United States) 1 redirects

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.239.39 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-239-39.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.99.6 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-99-6.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.0.31 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.14 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.189.216 (United Kingdom) 6 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.130 (Mountain View, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.80 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.114 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.214.193.83 (United Kingdom) 1 redirects

ASN46636 (NATCOWEB, US)

us.ck-ie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (United States) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.21.206.140 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: 206-140.amazon.com

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.178.20.140 (France)

ASN16276 (OVH, FR)
PTR: proxy0394.eu3.dynfactory.com

gu.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.183.112.155 (Paris, France) 1 redirects

ASN60350 (VP, FR)

sync.adotmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.40.233 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 233.40.241.35.bc.googleusercontent.com

dmp.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	hcaptcha.com 2 redirects www.hcaptcha.com hcaptcha.com assets.hcaptcha.com	437 KB
20	wavesclaim.com 1 redirects www.wavesclaim.com wavesclaim.com revive.wavesclaim.com	269 KB
18	infolinks.com resources.infolinks.com router.infolinks.com	275 KB
10	pubmatic.com 10 redirects image8.pubmatic.com image2.pubmatic.com image4.pubmatic.com	6 KB
9	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	159 KB
6	casalemedia.com 2 redirects ssum-sec.casalemedia.com dsum-sec.casalemedia.com	7 KB
6	doubleclick.net 4 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	7 KB
4	yahoo.com 3 redirects ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	3 KB
4	adnxs.com 4 redirects ib.adnxs.com	4 KB
4	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	11 KB
3	adsrvr.org 2 redirects match.adsrvr.org	1 KB
3	bmcdn1.com cdn.bmcdn1.com	36 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	62 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	928 B
2	spotxchange.com 2 redirects sync.search.spotxchange.com	1 KB
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	advertising.com 2 redirects pixel.advertising.com	675 B
2	1rx.io 2 redirects sync.1rx.io	1 KB
2	acdcdn.com acdcdn.com	20 KB
2	cloudflare.com cdnjs.cloudflare.com	5 KB
1	brand-display.com dmp.brand-display.com	253 B
1	adotmob.com 1 redirects sync.adotmob.com	689 B
1	dyntrk.com gu.dyntrk.com	215 B
1	rfihub.com 1 redirects p.rfihub.com	757 B
1	ck-ie.com 1 redirects us.ck-ie.com	482 B
1	adkernel.com dsp.adkernel.com	233 B
1	cpx.to s.cpx.to	945 B
1	sonobi.com sync.go.sonobi.com	478 B
1	zemanta.com 1 redirects b1sync.zemanta.com	288 B
1	33across.com ssc-cms.33across.com	72 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	591 B
1	onetag-sys.com onetag-sys.com	818 B
1	tynt.com de.tynt.com	289 B
1	onclickgenius.com onclickgenius.com	2 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	google.com adservice.google.com	553 B
1	google.de adservice.google.de	799 B
1	googleadservices.com partner.googleadservices.com	644 B
1	ufpcdn.com ufpcdn.com	2 KB
1	foxpush.com json.foxpush.com	1 KB
1	coingecko.com api.coingecko.com	816 B
1	gstatic.com fonts.gstatic.com	8 KB
1	foxpush.net cdn.foxpush.net	10 KB
1	googleapis.com fonts.googleapis.com	514 B
114	44

	Domain	Requested by
25	assets.hcaptcha.com	wavesclaim.com www.hcaptcha.com assets.hcaptcha.com
15	router.infolinks.com	resources.infolinks.com router.infolinks.com ssum-sec.casalemedia.com
14	wavesclaim.com	wavesclaim.com
7	pagead2.googlesyndication.com	wavesclaim.com pagead2.googlesyndication.com tpc.googlesyndication.com
6	image8.pubmatic.com	6 redirects
5	revive.wavesclaim.com	wavesclaim.com revive.wavesclaim.com
4	cm.g.doubleclick.net	4 redirects
4	ib.adnxs.com	4 redirects
3	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
3	ups.analytics.yahoo.com	3 redirects
3	match.adsrvr.org	2 redirects ssum-sec.casalemedia.com
3	ssum-sec.casalemedia.com	1 redirects router.infolinks.com ssum-sec.casalemedia.com
3	cdn.bmcdn1.com	wavesclaim.com
3	resources.infolinks.com	wavesclaim.com resources.infolinks.com
3	hcaptcha.com	1 redirects assets.hcaptcha.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	sync.search.spotxchange.com	2 redirects
2	image4.pubmatic.com	2 redirects
2	image2.pubmatic.com	2 redirects
2	ap.lijit.com	2 redirects
2	pixel.advertising.com	2 redirects
2	sync.1rx.io	2 redirects
2	eus.rubiconproject.com	router.infolinks.com eus.rubiconproject.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	acdcdn.com	wavesclaim.com
2	cdnjs.cloudflare.com	wavesclaim.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	dmp.brand-display.com	ssum-sec.casalemedia.com
1	pr-bh.ybp.yahoo.com	ssum-sec.casalemedia.com
1	sync.adotmob.com	1 redirects
1	gu.dyntrk.com	ssum-sec.casalemedia.com
1	p.rfihub.com	1 redirects
1	us.ck-ie.com	1 redirects
1	dsp.adkernel.com	router.infolinks.com
1	s.cpx.to	router.infolinks.com
1	sync.go.sonobi.com	router.infolinks.com
1	b1sync.zemanta.com	1 redirects
1	ssc-cms.33across.com	router.infolinks.com
1	sync.targeting.unrulymedia.com	1 redirects
1	onetag-sys.com	router.infolinks.com
1	de.tynt.com	router.infolinks.com
1	secure-assets.rubiconproject.com	1 redirects
1	onclickgenius.com	wavesclaim.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	vars.hotjar.com	static.hotjar.com
1	ufpcdn.com	wavesclaim.com
1	script.hotjar.com	static.hotjar.com
1	json.foxpush.com	cdn.foxpush.net
1	api.coingecko.com	wavesclaim.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.foxpush.net	wavesclaim.com
1	static.hotjar.com	wavesclaim.com
1	www.hcaptcha.com	1 redirects
1	fonts.googleapis.com	wavesclaim.com
1	www.wavesclaim.com	1 redirects
114	59

This site contains links to these domains. Also see Links.

Domain
waves.exchange
shop.spreadshirt.com
t.me
www.addragon.com
www.pyrk.org
crypto-browser.org
zahum.co
bit.ly
btcmaker.io
www.fiverr.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-07` - `2021-08-07`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
foxpush.net Cloudflare Inc ECC CA-3	`2020-07-03` - `2021-07-03`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
coingecko.com Cloudflare Inc ECC CA-3	`2020-09-20` - `2021-09-20`	a year	crt.sh
foxpush.com Cloudflare Inc ECC CA-3	`2020-07-04` - `2021-07-04`	a year	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
onclickgenius.com Sectigo RSA Domain Validation Secure Server CA	`2021-01-22` - `2022-01-22`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-05` - `2022-01-18`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
onetag-sys.com R3	`2021-02-10` - `2021-05-11`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
s.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2021-02-03` - `2022-02-09`	a year	crt.sh
*.adkernel.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-22` - `2022-01-05`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
gu.dyntrk.com R3	`2021-02-09` - `2021-05-10`	3 months	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-10-30` - `2021-04-27`	6 months	crt.sh
*.brand-display.com GeoTrust RSA CA 2018	`2020-06-24` - `2022-06-24`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://wavesclaim.com/
Frame ID: A378013100B3C1778CB53ECE870CFDC0
Requests: 50 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210309/r20190131/zrt_lookup.html
Frame ID: 99255E25CF049AA0DDC9F0FBBA2274B0
Requests: 1 HTTP requests in this frame

Frame: https://ufpcdn.com/script/identify.html?frmt=0
Frame ID: 5AA1DCB5E3E05417B829894C61127CB8
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 680E4BE0457DF46FE5759716D4AA87A1
Requests: 1 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3303235&wsid=0
Frame ID: 81DCB0FD604ECFD05CB947D8042C6142
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9232038510402231&output=html&adk=1812271804&adf=3025194257&lmt=1615496982&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwavesclaim.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1615496982311&bpp=13&bdt=196&idt=145&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=114926450397&frm=20&pv=2&ga_vid=1262479057.1615496982&ga_sid=1615496982&ga_hid=52075505&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737563%2C21066923%2C21068944&oid=3&pvsid=1415811703231043&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=157
Frame ID: DBEFB4D377A4C19961A6B9432DAE5C67
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
Frame ID: 345A11D7FC175574740749548A60BF48
Requests: 3 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Frame ID: A758D55BAFC8AFC379AEC215F2A3CA8F
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Frame ID: 90AB9AB909E6A8A0D3CA87648404C970
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Frame ID: 5C0B830807948CF2126ACD81B47A9EEE
Requests: 1 HTTP requests in this frame

Frame: https://assets.hcaptcha.com/captcha/v1/44bf798/static/hcaptcha-challenge.html
Frame ID: 9009A9C692668680A2E0528B9128C5FA
Requests: 17 HTTP requests in this frame

Frame: https://assets.hcaptcha.com/captcha/v1/44bf798/static/hcaptcha-checkbox.html
Frame ID: D62F5F11A78178F29E54A1978DE19B74
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: EC8E2C7F4861388721BCB8EA5CBB2C78
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.wavesclaim.com/ HTTP 301
https://wavesclaim.com/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

114
Requests

100 %
HTTPS

33 %
IPv6

44
Domains

59
Subdomains

38
IPs

6
Countries

1340 kB
Transfer

3930 kB
Size

0
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://waves.exchange/?ref=3P8udu4KVEAw2Dd1Snif8VVcLSKoji15JTU
Title: Get a Wallet

Search URL Search Domain Scan URL

URL: https://shop.spreadshirt.com/wavesclaim/
Title: Crypto Swag

Search URL Search Domain Scan URL

URL: https://t.me/wavesclaim
Title: Telegram Group

Search URL Search Domain Scan URL

URL: https://t.me/airdropswaves
Title: WAVES Airdrop Channel

Search URL Search Domain Scan URL

URL: https://www.addragon.com/marketplace/wavesclaim
Title: Advertising 📣

Search URL Search Domain Scan URL

URL: https://www.pyrk.org/
Title: Best Masternode Coin

Search URL Search Domain Scan URL

URL: https://crypto-browser.org/?ref=64c723e20702126901f5117e46f7d716bb8d440d2ecfa414d8c19038a9c1f13b
Title: Crypto Browser

Search URL Search Domain Scan URL

URL: https://zahum.co/
Title: https://zahum.co

Search URL Search Domain Scan URL

URL: https://t.me/CryptoVIPGiveawaybot?start=r0400653515
Title: https://t.me/CryptoVIPGiveawaybot?start=r0400653515

Search URL Search Domain Scan URL

URL: https://t.me/DefiqaBot?start=r0400653515
Title: https://t.me/DefiqaBot?start=r0400653515

Search URL Search Domain Scan URL

URL: https://bit.ly/3aEraqB
Title: https://bit.ly/3aEraqB

Search URL Search Domain Scan URL

URL: https://t.me/Dogecoin_click_bot?start=A9f7
Title: Earn Free DogeCoin

Search URL Search Domain Scan URL

URL: https://t.me/BitcoinClick_bot?start=x3R1
Title: Earn Free Bitcoin

Search URL Search Domain Scan URL

URL: https://btcmaker.io/?ref=WavesClaim
Title: Earn More Free Bitcoin

Search URL Search Domain Scan URL

URL: https://www.fiverr.com/darkennx/promote-your-cryptocurrency-link-or-affiliate-link
Title: Promote your Affiliate/Referral URL PERMANENTLY

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.wavesclaim.com/ HTTP 301
https://wavesclaim.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://www.hcaptcha.com/1/api.js HTTP 301
https://hcaptcha.com/1/api.js HTTP 302
https://assets.hcaptcha.com/captcha/v1/44bf798/hcaptcha.js

Request Chain 51

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=infolinks&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east

Request Chain 53

https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1

Request Chain 55

https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID HTTP 302
https://router.infolinks.com/dyn/apn-usync?user_id=2696385732787028927

Request Chain 56

https://sync.1rx.io/usersync2/infolinks HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5011851174 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5011851174 HTTP 302
https://sync.1rx.io/usersync/tradedesk/dcfc9b51-7111-4df9-a9c9-cbd67418492a HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-3ad86c52-f8ce-409f-a17c-bb964a1993a7-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-3ad86c52-f8ce-409f-a17c-bb964a1993a7-003 HTTP 302
https://router.infolinks.com/dyn/r1-usync?uid=RX-3ad86c52-f8ce-409f-a17c-bb964a1993a7-003

Request Chain 58

https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ HTTP 302
https://router.infolinks.com/dyn/zmn-usync?uid=

Request Chain 60

https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fwavesclaim.com%252F&pid=12306&adnxs_uid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fwavesclaim.com%25252F%26pid%3D12306%26adnxs_uid%3D%24UID HTTP 302
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwavesclaim.com%2F&pid=12306&adnxs_uid=2591616954258718546

Request Chain 62

https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP19852a7c-82ae-11eb-bd98-02d6f46eda30 HTTP 302
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP19852a7c-82ae-11eb-bd98-02d6f46eda30&verify=true HTTP 302
https://router.infolinks.com/dyn/outh-usync?uid=y-PCDcVUdE2uHS5md5Ze_nJhyer2xK3dwg~A~UP19852a7c-82ae-11eb-bd98-02d6f46eda30

Request Chain 63

https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true HTTP 307
https://router.infolinks.com/dyn/sovrn-usync?uid=e2e2da9fec8b656ce94dd397

Request Chain 64

https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDdCQzlCQTEtMTI2Ri00NzkyLUIwN0YtM0E5NTQzNDAxRTkx&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D7FCC20AA-8EF1-47A7-B965-256F37A1FA14 HTTP 302
https://router.infolinks.com/dyn/pbm-usync?uid=7FCC20AA-8EF1-47A7-B965-256F37A1FA14

Request Chain 65

https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0ZDQzIwQUEtOEVGMS00N0E3LUI5NjUtMjU2RjM3QTFGQTE0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D7FCC20AA-8EF1-47A7-B965-256F37A1FA14 HTTP 302
https://router.infolinks.com/dyn/pbm-usync?uid=7FCC20AA-8EF1-47A7-B965-256F37A1FA14

Request Chain 66

https://us.ck-ie.com/nfol263.gif?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fbizzc-usync%3Fuid%3D%7B%24PARTNER_UID%7D HTTP 302
https://router.infolinks.com/dyn/bizzc-usync?uid=4e42123fce38789612b4874d31f3ab695fa4315da8390bf163a6d8a9c24cd49a

Request Chain 68

https://p.rfihub.com/cm?pub=43153&in=1 HTTP 302
https://router.infolinks.com/dyn/zeta-usync?uid=1875819618033690770

Request Chain 69

https://sync.search.spotxchange.com/partner?adv_id=8851&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsx-usync%3Fuid%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8851&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsx-usync%3Fuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=19dc4a98-82ae-11eb-b1db-173c25ca0c06 HTTP 302
https://router.infolinks.com/dyn/sx-usync?uid=19dc4a4e-82ae-11eb-b1db-173c25ca0c06

Request Chain 70

https://ups.analytics.yahoo.com/ups/58422/occ HTTP 302
https://router.infolinks.com/dyn/VR-usync?uid=y-n9hMm6BE2uHYt_v73SDC3SyZcnnjbktLzLbWKyY-~A

Request Chain 78

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YEqHFstrs89GsHQ2d8c4_AAABLcAAAIB HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEDzFxn4GS5DvK91OHfZgkLE&google_cver=1

Request Chain 79

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YEqHFstrs89GsHQ2d8c4-AAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHxCpaKO9VMxGEVsh2HBOME&google_cver=1

Request Chain 80

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YEqHFstrs89GsHQ2d8c4_AAABLcAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YEqHFstrs89GsHQ2d8c4_AAABLcAAAIB&dcc=t

Request Chain 82

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=05fa2204004b570efec48890&expiration=[EXPIRATION]&gdpr=1

114 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
wavesclaim.com/
Redirect Chain

https://www.wavesclaim.com/
https://wavesclaim.com/

67 KB
15 KB

506ms
496ms

Document
text/html

2606:4700:3030::6815:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad615095c852cec24cec585fe3a88af86761c3d2c426c713c40a5499e3a449d2

Request headers

:method: GET
:authority: wavesclaim.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:42 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d572859afedb2d675e5840e1aa15b28591615496981; expires=Sat, 10-Apr-21 21:09:41 GMT; path=/; domain=.wavesclaim.com; HttpOnly; SameSite=Lax; Secure
x-mod-pagespeed: 1.13.35.2-0
vary: Accept-Encoding
cache-control: max-age=0, no-cache, s-maxage=10
cf-cache-status: DYNAMIC
cf-request-id: 08c4b8c46f00004ed303093000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Dd24IF8sFEazeW9PD52%2Fvw4BGdNWKGtVYnZ2L92jK%2BUfMRvwj3mBeHhAafncfaYBA4DWsyfKceL%2BB8ptIDRtmm0vDX%2Bjj3O%2BhiTPP2I3bi70aLUA4o4EjfQYRw%3D%3D"}]}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 62e7c3e71e704ed3-FRA
content-encoding: br

Redirect headers

date: Thu, 11 Mar 2021 21:09:41 GMT
cache-control: max-age=3600
expires: Thu, 11 Mar 2021 22:09:41 GMT
location: https://wavesclaim.com/
cf-request-id: 08c4b8c45a00004ed3e62e2000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=t3geA7vbEIOg%2FHoe9f3rz2oH9D%2B6QlxsteECkrnNT7LALE09HvEIGRVMHGqgSJQKiNLF62QErkR2ALTLOaQbZ6cDb8v%2FO%2BaPtKjmX50QVapB%2BjCP1BQjjFs8iSFRCmE%3D"}]}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 62e7c3e6fe2b4ed3-FRA

GET
H2 200 nucleo-icons.woff2
wavesclaim.com/assets/vendor/nucleo/fonts/ 8 KB
9 KB 11ms
11ms Font
application/octet-stream 2606:4700:3030::6815:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wavesclaim.com/assets/vendor/nucleo/fonts/nucleo-icons.woff2
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3180896cdbb6e4503702f23f81a4663a12bbe7b9c77b8f20a074211d997bc35f

Request headers

Origin: https://wavesclaim.com
Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:42 GMT
cf-cache-status: HIT
last-modified: Tue, 27 Oct 2020 07:25:34 GMT
server: cloudflare
age: 4297
etag: "2184-5b2a1f3d842f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WMvDDVxyNyR25IRYLDhmKQ5Pbl%2BHxQcNzLAanc09uAwmxPqUehy8ynkINYGufc%2BBgVaWMRC63dkA9BmgdTWWuDvtshicOnXvNRncpDYLhhp1XX9H7zn%2FQn9iYA%3D%3D"}]}
cache-control: max-age=14400, s-maxage=10
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 62e7c3ea3b9a4ed3-FRA
content-length: 8580
cf-request-id: 08c4b8c66600004ed3b9bf7000000001

GET
H2 200 css
fonts.googleapis.com/ 1003 B
514 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins

Requested by

Host: wavesclaim.com
URL: https://wavesclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

83b2db06e4e840f5c818b986001e24ed7added38a25e036e6e12607025d14f0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 20:01:44 GMT
server: ESF
date: Thu, 11 Mar 2021 21:09:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Mar 2021 21:09:42 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 48ms
24ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: wavesclaim.com
URL: https://wavesclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a1088330e7e3f920ad6aacb74d21355d223a195bbf72dee3ed3bddc1a7f8708

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49988
x-xss-protection: 0
server: cafe
etag: 3674309925980533368
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 11 Mar 2021 21:09:42 GMT

GET
H2 200 A.vendor,,_nucleo,,_css,,_nucleo.css+vendor,,_,,40fortawesome,,_fontawesome-free,,_css,,_all.min.css+css,,_argon.css,,qv==1.2.0,Mcc.zCC1pF74_d.css.pagespeed.cf.qfQG3BcSZn.css
wavesclaim.com/assets/ 412 KB
59 KB 24ms
23ms Stylesheet
text/css 2606:4700:3030::6815:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wavesclaim.com/assets/A.vendor,,_nucleo,,_css,,_nucleo.css+vendor,,_,,40fortawesome,,_fontawesome-free,,_css,,_all.min.css+css,,_argon.css,,qv==1.2.0,Mcc.zCC1pF74_d.css.pagespeed.cf.qfQG3BcSZn.css
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6ea5a7569122397a2eb5731ddf74a962b8114d3a9d1684ddd3046d919f4615a

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:42 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
x-original-content-length: 423618
age: 8771531
cf-request-id: 08c4b8c66900004ed311238000000001
last-modified: Mon, 30 Nov 2020 08:36:50 GMT
server: cloudflare
etag: W/"0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0xSsvz1th9urGbJ%2BZbcIU8izx1lH8xHBxrOWOu3I9GVYppUqSVdGMg7LOHVpZA7bul%2BzLu2ZTW%2FRCn4DNXpLf86udik1704o5IRYLYa%2Fki1yMcUH4j0XtnOCyw%3D%3D"}]}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 62e7c3ea4b9f4ed3-FRA
expires: Tue, 30 Nov 2021 08:36:50 GMT

GET
H2 200 asyncjs.php Show response
revive.wavesclaim.com/www/delivery/ 10 KB
4 KB 40ms
23ms Script
text/javascript 2606:4700:3030::6815:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://revive.wavesclaim.com/www/delivery/asyncjs.php
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd62c826eddd50a901fa65873318c2be563137ba6a467160d0e72a433b6f4179

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expire: Thu, 11 Mar 2021 22:09:42 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ggoCmIUw%2FjGteLGovs7jwsNLnZFXgMJubEYytJ7P%2BT4O7%2FqDfCSnpUBe4g0PTXYKm7Umb0K8oq4qx8pAjUsUkymOzIOP786WRmdeE%2FYRow57CtlX4hDw4DkxE3gE46AEF70%3D"}]}
p3p: CP="CUR ADM OUR NOR STA NID"
content-type: text/javascript;charset=UTF-8
cache-control: private, max-age=3600
cf-ray: 62e7c3eaac5d4ed3-FRA
cf-request-id: 08c4b8c6a700004ed39d85c000000001

GET
H2 200 toastr.min.css
cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/css/ 7 KB
3 KB 14ms
13ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/css/toastr.min.css

Requested by

Host: wavesclaim.com
URL: https://wavesclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10d159adb573ca535b8275f1d27dc8d60fffd9678ee3b5f1a0f7b4be4a77342f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://wavesclaim.com
Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2490937
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2672
cf-request-id: 08c4b8c66900004ec1bd3bb000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ffe-1a55"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DpG7i9io7J8e75cLgYapkd7csoZdjSdWA1r4CWIxjobE1ilJl5%2BbwMf7ug52AhzE8o6iqD0XEYItJ%2BL0tdyKVqwQXQR8GpHuzsrZzMIFV%2BmO5Fk24j7TLFb7utLrWMk1zw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 62e7c3ea4d5f4ec1-FRA
expires: Tue, 01 Mar 2022 21:09:42 GMT

GET
H2 200 adsbygoogle.js+progressbar.min.js.pagespeed.jc.g7lrTSPcwv.js Show response
wavesclaim.com/assets/js/ 21 KB
7 KB 14ms
14ms Script
application/javascript 2606:4700:3030::6815:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wavesclaim.com/assets/js/adsbygoogle.js+progressbar.min.js.pagespeed.jc.g7lrTSPcwv.js
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bce201dde4214dd5e4c889b4f35a4221fe47d90c16d55c5d8be25c882fcb218a

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:42 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
x-original-content-length: 21714
age: 49894
cf-request-id: 08c4b8c66900004ed3aa37b000000001
last-modified: Thu, 11 Mar 2021 07:17:32 GMT
server: cloudflare
etag: W/"0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eVEQv%2F7fF4CscBSqVlGJn%2FQWqvmGshbejj1aGvUedHjQhkbBfWixEpGUhcNuMdiEXNUzHXn4q4klmQb%2FVKHt1%2F7QlOGGTlL%2BfhDDXjEpydLgfH%2F8LSUN4N7WNA%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 62e7c3ea4ba24ed3-FRA
expires: Fri, 11 Mar 2022 07:17:32 GMT

GET
H2 200 xblue4.png.pagespeed.ic.kZu8whVEAn.webp
wavesclaim.com/assets/img/brand/ 12 KB
13 KB 14ms
13ms Image
image/webp 2606:4700:3030::6815:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wavesclaim.com/assets/img/brand/xblue4.png.pagespeed.ic.kZu8whVEAn.webp
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1563242650b171ec2891fd663277b9e83aad237cfbbe9576680771451849df64

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:42 GMT
cf-cache-status: HIT
x-original-content-length: 21870
age: 6001527
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 12380
cf-request-id: 08c4b8c69700004ed3a40d0000000001
last-modified: Fri, 01 Jan 2021 02:02:21 GMT
server: cloudflare
etag: W/"0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EqEaRK04wYdWJnzlmLJXO7DavAKCmVxv6DOBLWf75IXI82KTPNUObA2h8YiSjkBwPK9yf7hqey%2F0h1n7Voms9h8n3KTHb3jjVfQ%2FxH7vlZnvyWh6MwjTQhv98g%3D%3D"}]}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 62e7c3ea8c284ed3-FRA
link: <http://wavesclaim.com/assets/img/brand/blue4.png>; rel="canonical"
expires: Sat, 01 Jan 2022 02:02:21 GMT

GET
H2 200 32x32xgrosh.png.pagespeed.ic.xZPpk3jSWP.webp
wavesclaim.com/assets/img/tokens/ 562 B
967 B 14ms
12ms Image
image/webp 2606:4700:3030::6815:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wavesclaim.com/assets/img/tokens/32x32xgrosh.png.pagespeed.ic.xZPpk3jSWP.webp
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 959794683352038d0ac46a1a0b4702b4f0755c881d8554f1d2bf78bcb8130c0a

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:42 GMT
cf-cache-status: HIT
x-original-content-length: 5902
age: 1843195
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 562
cf-request-id: 08c4b8c69700004ed31123b000000001
last-modified: Thu, 18 Feb 2021 11:05:44 GMT
server: cloudflare
etag: W/"0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=F7axku9uW5tCunuGGvxIWH7EIEGSq2tHUyx6QvTJ%2B6mub1jkdP7L%2BBO2BmT0C3FRF9A%2BKkSipvmg8%2FW2wXnHg5TxpHCaOfsae8CAlKGCOE4yrrT%2B9ttwfjeySQ%3D%3D"}]}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 62e7c3ea8c294ed3-FRA
link: <http://wavesclaim.com/assets/img/tokens/grosh.png>; rel="canonical"
expires: Fri, 18 Feb 2022 11:05:44 GMT

GET
H2 200 xaxai.png.pagespeed.ic.rO2jLWF50Y.webp
wavesclaim.com/assets/img/tokens/ 3 KB
4 KB 12ms
10ms Image
image/webp 2606:4700:3030::6815:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wavesclaim.com/assets/img/tokens/xaxai.png.pagespeed.ic.rO2jLWF50Y.webp
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0df6484dbf70ebd75322399c565acbd86bb65a5cd6f2ea4b7278a5ba5abb45dc

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:42 GMT
cf-cache-status: HIT
x-original-content-length: 21932
age: 1962769
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 3330
cf-request-id: 08c4b8c69700004ed3b9bfc000000001
last-modified: Wed, 17 Feb 2021 01:58:55 GMT
server: cloudflare
etag: W/"0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aNCZ1tewgU4HCJuc1MwtU%2BQMwV6ifyisWgGvBjoeEkMyqdaE4wNn81NvrYeHdRwgOUa1kwaj%2FSjXNYAhfAMFKRS6ChIT4GQSn2V4Eh%2FcyEqcEqUENXWnadAsRA%3D%3D"}]}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 62e7c3ea8c2b4ed3-FRA
link: <http://wavesclaim.com/assets/img/tokens/axai.png>; rel="canonical"
expires: Thu, 17 Feb 2022 01:58:55 GMT

GET
H2 200 jquery.min.js.pagespeed.jm.tJmcu2pzqb.js Show response
wavesclaim.com/assets/vendor/jquery/dist/ 86 KB
30 KB 16ms
16ms Script
application/javascript 2606:4700:3030::6815:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wavesclaim.com/assets/vendor/jquery/dist/jquery.min.js.pagespeed.jm.tJmcu2pzqb.js
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 736173659d4431b8a53a08aacc1bec3ad3a2f44df5209c09d76c265374698302

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:42 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
x-original-content-length: 88145
age: 2030661
cf-request-id: 08c4b8c67a00004ed3e81d4000000001
last-modified: Tue, 16 Feb 2021 09:04:34 GMT
server: cloudflare
etag: W/"0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=d1o1cSchpP6BNo3YCnuqtTJsrEFdwP%2FBdd9arvUSDtdXLquYvVnpBl2cOqSCtFzrgGcvORvYWuiBfhczulqzwL8ULp09CDE%2FqoR%2FcypiUD8Ms4D8aCYNeGAOqQ%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 62e7c3ea5bd24ed3-FRA
expires: Wed, 16 Feb 2022 09:04:34 GMT

GET
H2 200 bootstrap,_dist,_js,_bootstrap.bundle.min.js+js-cookie,_js.cookie.js.pagespeed.jc.5UPzRhoPd3.js Show response
wavesclaim.com/assets/vendor/ 83 KB
23 KB 25ms
24ms Script
application/javascript 2606:4700:3030::6815:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wavesclaim.com/assets/vendor/bootstrap,_dist,_js,_bootstrap.bundle.min.js+js-cookie,_js.cookie.js.pagespeed.jc.5UPzRhoPd3.js
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74b736df75c95c1ecb8a6f7b6bdf0de8cc4a3a2670405e0c046ea93f9e7198f3

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:42 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
x-original-content-length: 84584
age: 3054895
cf-request-id: 08c4b8c68300004ed39d859000000001
last-modified: Thu, 04 Feb 2021 12:27:07 GMT
server: cloudflare
etag: W/"0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QeL1dhgSMBNUn05ReRc865NBNG3bqAUKqVxoeie2AOJZQptTaW79t3TMKtSia7R2Bu4AiI1cmoiPOF1GsfaE5GjYhteYImb4ejJu51YBRBsJreHOosikGjS20A%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 62e7c3ea6bef4ed3-FRA
expires: Fri, 04 Feb 2022 12:27:07 GMT

GET
H2 200 jquery.scrollbar,_jquery.scrollbar.min.js+jquery-scroll-lock,_dist,_jquery-scrollLock.min.js.pagespeed.jc.33nlMR-54P.js Show response
wavesclaim.com/assets/vendor/ 17 KB
5 KB 17ms
15ms Script
application/javascript 2606:4700:3030::6815:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wavesclaim.com/assets/vendor/jquery.scrollbar,_jquery.scrollbar.min.js+jquery-scroll-lock,_dist,_jquery-scrollLock.min.js.pagespeed.jc.33nlMR-54P.js
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8709fa3a78dfdbe6172a5d2f4ac6aa627f871c68fbc5f3eee4c2442b58a0f123

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:42 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
x-original-content-length: 17677
age: 7303707
cf-request-id: 08c4b8c69800004ed3030bc000000001
last-modified: Thu, 17 Dec 2020 08:21:09 GMT
server: cloudflare
etag: W/"0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5TtM6ossPsn78ax9yw5fwoP9EWzzIsOGOjQnN4KOqprbeIb7CuWHhr7WcQUGmCZKySI%2FsFg4gZ3JAvkY2H8OIYZwLqmfb4YEWdo%2BSf24wS4dXiG%2B2grW7XEzKA%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 62e7c3ea8c254ed3-FRA
expires: Fri, 17 Dec 2021 08:21:09 GMT

GET
H2 200 argon.js,qv=1.2.0.pagespeed.jm.u3WULcIKpD.js Show response
wavesclaim.com/assets/js/ 14 KB
4 KB 14ms
12ms Script
application/javascript 2606:4700:3030::6815:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wavesclaim.com/assets/js/argon.js,qv=1.2.0.pagespeed.jm.u3WULcIKpD.js
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad9b49c142be2f82711d8244a060e39f96536a664fe5ffd062de8c78020707a7

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:42 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
x-original-content-length: 21706
age: 7303707
cf-request-id: 08c4b8c69700004ed3e3a09000000001
last-modified: Thu, 17 Dec 2020 08:21:09 GMT
server: cloudflare
etag: W/"0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uYDPiPwQDXrAGdKTczc6R8OlUAuEToni%2Fhf4R9pnO72IPOyyjcfrLytRukG0M0TrX%2F9k7H0%2F6k%2Fim03MvVK60%2B41k87Q71WshlaujtbqZom%2F1GQsLnC%2FzLNkaw%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 62e7c3ea8c264ed3-FRA
expires: Fri, 17 Dec 2021 08:21:09 GMT

GET
H2

200

hcaptcha.js Show response
assets.hcaptcha.com/captcha/v1/44bf798/
Redirect Chain

https://www.hcaptcha.com/1/api.js
https://hcaptcha.com/1/api.js
https://assets.hcaptcha.com/captcha/v1/44bf798/hcaptcha.js

67 KB
21 KB

74ms
71ms

Script
application/javascript

104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.hcaptcha.com/captcha/v1/44bf798/hcaptcha.js

Requested by

Host: wavesclaim.com
URL: https://wavesclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca09b8b34bafc0664fed71cd849c6ae94f85ebaf1474ae92af4fbb6f32e6ae82

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 89072
cf-polished: origSize=68374
last-modified: Wed, 10 Mar 2021 20:24:30 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 8TNY8NQM9PEY07SH
x-amz-id-2: 8TBUaZuVL+GgSu27cT7REls6HNg6Lm1O0aSBtld9aLDb46MERovv9yO0/2rcH/8KcL9h4gwppzc=
cf-bgj: minify
server: cloudflare
etag: W/"e3b2d9b59e2cd1e344c9de03f9c2d4e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1382400
cf-request-id: 08c4b8c7e000009d24f83b8000000001
cf-ray: 62e7c3ec9fd29d24-AMS
expires: Sat, 27 Mar 2021 21:09:42 GMT

Redirect headers

date: Thu, 11 Mar 2021 21:09:42 GMT
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://assets.hcaptcha.com/captcha/v1/44bf798/hcaptcha.js
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=2592000; includeSubDomains; preload
cf-ray: 62e7c3ec5fbe9d24-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08c4b8c7b300009d24f231c000000001
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 toastr.min.js Show response
cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/ 5 KB
2 KB 13ms
11ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/toastr.min.js

Requested by

Host: wavesclaim.com
URL: https://wavesclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://wavesclaim.com
Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1294869
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1885
cf-request-id: 08c4b8c69600004ec1b88dd000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ffe-15a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hwhoSBPYObVZbe2vjJNxICDZ6PHdODMIBKIGMMiykbymSCJnV8MbjBJ8WFfgqcIcKM%2Fy83k2dWMTvMducTJMHeVlQz%2BK6E3NEsQ9RU43cCrBMF105OD7Ne8jpPGKSlQnJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 62e7c3ea8dd84ec1-FRA
expires: Tue, 01 Mar 2022 21:09:42 GMT

GET
H2 200 infolinks_main.js Show response
resources.infolinks.com/js/ 3 KB
2 KB 81ms
41ms Script
application/javascript 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/infolinks_main.js
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcb9a281c6fe094fb17a7ec2c3a5bc274de05f115579a326d3cad001f48289ea

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 62e7c3eadec9c78d-AMS
date: Thu, 11 Mar 2021 21:09:42 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 11 Mar 2021 11:58:35 GMT
server: cloudflare
age: 4260
etag: W/"b55-5bd4180cecece"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
content-encoding: gzip
cf-request-id: 08c4b8c6c40000c78d4dbbc000000001
expires: Thu, 11 Mar 2021 20:58:42 GMT

GET
H2 200 matomo.js Show response
wavesclaim.com/analytics/ 60 KB
19 KB 23ms
19ms Script
application/javascript 2606:4700:3030::6815:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wavesclaim.com/analytics/matomo.js

Requested by

Host: wavesclaim.com
URL: https://wavesclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:3262 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad7b421b4c1477d981b7111990baba84060079a595d7a0b92e2616aa0cbacc0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-original-content-length: 61980
vary: Accept-Encoding
cf-request-id: 08c4b8c6a700004ed3aa381000000001
server: cloudflare
etag: W/"PSA-aj-BWKnDdxLSp"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Su3UoljkTYPhA9vddRXIsuFKnqyvz8px%2BGpSc4wCM9TyfqSNXb7cwwuiCEYfxhPa5Y1ZYi4klweq8cKMhzE6hsg4XmI9dCllGcVOGvSTKvulYds5hWsKxa%2F%2FYg%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 62e7c3eaac604ed3-FRA
expires: Thu, 11 Mar 2021 21:13:02 GMT

GET
H2 200 hotjar-2096837.js Show response
static.hotjar.com/c/ 5 KB
3 KB 61ms
59ms Script
application/javascript 13.226.159.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2096837.js?sv=6

Requested by

Host: wavesclaim.com
URL: https://wavesclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.159.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-159-117.dus51.r.cloudfront.net

Software

Resource Hash

d2ccfee9154c96b57990b774ee049797c6da6ac0958015c2a6e6d9bf326f9b03

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:42 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: DUS51-C1
etag: W/87a05f11f783d50a9c1d09a2621a8a10
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-id: UPxzNePaJQiYJI1pSzoIXSWAZ4CFjFM9l2riIkaW-QVfS-PzYMTHcQ==
via: 1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront)

GET
H2 200 foxpush_SDK_min.js Show response
cdn.foxpush.net/sdk/ 39 KB
10 KB 49ms
28ms Script
application/javascript 2606:4700:3030::ac43:c56e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.foxpush.net/sdk/foxpush_SDK_min.js
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:c56e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad2faba0979be29c89b8d08ef63c816e10a6a144e28099bec603f516c795ea29

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:42 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08c4b8c6ba0000c2c29323a000000001
last-modified: Wed, 20 Jan 2021 19:30:29 GMT
server: cloudflare
etag: W/"9d36-1772146e39a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oy91aaSunkQd%2BdxkK6iH78ldHNHR%2BRxtdH5WQ68Cx8tScfmCAbpfsAmVO2n%2BSN9H4IrpmMRBfljTPKnS8eis%2FAGt5hB1RbsrICX96hgRgLDiAots1UY%2BmaxVXDc%3D"}],"max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 62e7c3eacb68c2c2-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://wavesclaim.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 18:41:16 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 22:02:01 GMT
server: sffe
age: 268106
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7900
x-xss-protection: 0
expires: Tue, 08 Mar 2022 18:41:16 GMT

GET
H2 200 fa-solid-900.woff2
wavesclaim.com/assets/vendor/@fortawesome/fontawesome-free/webfonts/ 74 KB
75 KB 14ms
14ms Font
application/octet-stream 2606:4700:3030::6815:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wavesclaim.com/assets/vendor/@fortawesome/fontawesome-free/webfonts/fa-solid-900.woff2
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/assets/A.vendor,,_nucleo,,_css,,_nucleo.css+vendor,,_,,40fortawesome,,_fontawesome-free,,_css,,_all.min.css+css,,_argon.css,,qv==1.2.0,Mcc.zCC1pF74_d.css.pagespeed.cf.qfQG3BcSZn.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4

Request headers

Origin: https://wavesclaim.com
Referer: https://wavesclaim.com/assets/A.vendor,,_nucleo,,_css,,_nucleo.css+vendor,,_,,40fortawesome,,_fontawesome-free,,_css,,_all.min.css+css,,_argon.css,,qv==1.2.0,Mcc.zCC1pF74_d.css.pagespeed.cf.qfQG3BcSZn.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:42 GMT
cf-cache-status: HIT
last-modified: Tue, 27 Oct 2020 07:25:34 GMT
server: cloudflare
age: 4295
etag: "12934-5b2a1f3da5634"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LBYMt%2BkGaDjWU3aVrBNmfQLQ79R8%2FF4Y%2B7uank0PDL7W6MYH4mgd3deD%2BAiTKXTxINFabwADO2XQwe3gU1YULkwGVuj3o%2BQeJoNaE2WQfIyI2rearFt1A4QY1g%3D%3D"}]}
cache-control: max-age=14400, s-maxage=10
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 62e7c3ea9c424ed3-FRA
content-length: 76084
cf-request-id: 08c4b8c69e00004ed3a28c9000000001

GET
H2 200 price Show response
api.coingecko.com/api/v3/simple/ 23 B
816 B 496ms
477ms XHR
application/json 2606:4700::6812:47f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.coingecko.com/api/v3/simple/price?ids=waves&vs_currencies=usd
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/assets/vendor/jquery/dist/jquery.min.js.pagespeed.jm.tJmcu2pzqb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:47f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce9b0b987dac8a9a46892ef7466f1423b2157632395f2c7714921a3732e709ca

Request headers

Accept: */*
Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:42 GMT
access-control-request-method: *
vary: Accept-Encoding, Origin
cf-cache-status: EXPIRED
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
alternate-protocol: 443:npn-spdy/2
cf-request-id: 08c4b8c70f0000074a76adb000000001
x-request-id: 94e8b219-8ce7-4d84-bf3b-77959bd5ea11
x-runtime: 0.004079
server: cloudflare
etag: W/"082ef70f05f95dd509b5903cb0411662"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
access-control-allow-methods: POST, PUT, DELETE, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: link, per-page, total
cache-control: public, max-age=30
cf-ray: 62e7c3eb4b90074a-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Thu, 11 Mar 2021 21:10:12 GMT

HEAD
H3-Q050 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 44ms
31ms Fetch
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: wavesclaim.com
URL: https://wavesclaim.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49988
x-xss-protection: 0
server: cafe
etag: 3674309925980533368
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 11 Mar 2021 21:09:42 GMT

POST
H2 204 matomo.php
wavesclaim.com/analytics/ 0
264 B 103ms
102ms Other
text/plain 2606:4700:3030::6815:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wavesclaim.com/analytics/matomo.php?action_name=WavesClaim%20-%20WAVES%20and%20WAVES%20token%20cryptocurrency%20faucet&idsite=1&rec=1&r=040685&h=22&m=9&s=42&url=https%3A%2F%2Fwavesclaim.com%2F&_id=0cccf83d63a46632&_idn=1&_refts=0&send_image=0&cookie=1&res=1600x1200&pv_id=Ly0o6W&pf_net=0&pf_srv=496&pf_tfr=2
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/analytics/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

date: Thu, 11 Mar 2021 21:09:42 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0bOSRDMPyAcc1HTopP5xZg1H3dFR2%2FxFGyN8KvsIZMbzlKklMNZjS89ff%2B6WfTG%2BwbCmxy2FAILhAJVqEaAGvRK950n%2BLSlGEpI9oMK3og47Zd08eyl8VPUQDw%3D%3D"}]}
access-control-allow-origin: https://wavesclaim.com
access-control-allow-credentials: true
cf-ray: 62e7c3eb5da24ed3-FRA
cf-request-id: 08c4b8c71700004ed3aa38b000000001

GET
H2 200 ice.js Show response
resources.infolinks.com/js/1735.003-3.012/ 586 KB
188 KB 42ms
41ms Script
application/javascript 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1735.003-3.012/ice.js
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 565cffaf69bb41b260a8140c31d39bc6e68327e68e9f75ba4f3786dc5a7d374b

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 62e7c3eb6828c78d-AMS
date: Thu, 11 Mar 2021 21:09:42 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Mon, 01 Mar 2021 11:44:57 GMT
server: cloudflare
age: 4525
etag: W/"92906-5bc7825a32595"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
cf-request-id: 08c4b8c7210000c78d4f969000000001
expires: Sat, 10 Apr 2021 19:54:17 GMT

GET
H2 200 compatibility.js Show response
acdcdn.com/script/ 20 KB
8 KB 38ms
15ms Script
application/javascript 2606:4700:3032::ac43:938f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acdcdn.com/script/compatibility.js
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:938f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03241a470052a86e3d0bc4c77894ae3f87a1452092fff62ff01d499ead7decac

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=6TBdZQ==, md5=wrvB4lRAScsDXDIZGb7yvA==
date: Thu, 11 Mar 2021 21:09:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2399
x-guploader-uploadid: ABg5-UwzV4UPX2dxkIneQW96wZMTo0hclYCZ43yYycTzn7H3K77QD-3o6uzwZCae8swY6ErSwU6ePTT08eHaAJM1DYRcq63MCA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08c4b8c7320000d6d541940000000001
last-modified: Tue, 15 Sep 2020 12:10:32 GMT
server: cloudflare
etag: W/"c2bbc1e2544049cb035c321919bef2bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=E35ffiCbO1IJpse6x58jft88cx6zo%2BXZKkMKLds7PZDGcyN%2Bxo87gS%2BQZcabuB5kWyLieISIXYrz0OYNWFvD80Ke961mlWrVPk7mURhzLOXxWKd1qd9F"}]}
x-goog-generation: 1600171832181211
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=14400
x-goog-stored-content-length: 20647
cf-ray: 62e7c3eb89b2d6d5-FRA
expires: Thu, 11 Mar 2021 20:42:32 GMT

GET
H2 200 asyncspc.php Show response
revive.wavesclaim.com/www/delivery/ 3 KB
1 KB 40ms
40ms XHR
application/json 2606:4700:3030::6815:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://revive.wavesclaim.com/www/delivery/asyncspc.php?zones=17%7C16%7C6&prefix=revive-0-&loc=https%3A%2F%2Fwavesclaim.com%2F
Requested by: Host: revive.wavesclaim.com
URL: https://revive.wavesclaim.com/www/delivery/asyncjs.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23be383d77455510c24afd46b41da42092615b90c61ad30a663e2fcefa579302

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
p3p: CP="CUR ADM OUR NOR STA NID"
cf-request-id: 08c4b8c71e00004ed3b9809000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=b5bINZDdN47z4cy76zCc1u4SbWztdOJWlSERTZHYAqdGvMR4dhfY7DIHJznGqwk4YyZtr6HUnAoz5z1P2zc%2B4NcPKCCDANercVFJ8QW6hbguIr7tntPV5xbr4CBTp1jcMuo%3D"}]}
content-type: application/json
access-control-allow-origin: https://wavesclaim.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 62e7c3eb6db24ed3-FRA
expires: 0

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/ 225 KB
85 KB 67ms
54ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9232038510402231&plah=wavesclaim.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3763a8975fcfa164fadcbc035780a147f75434ecaf79f33c1f3d0221477458cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86491
x-xss-protection: 0
server: cafe
etag: 16470564300944896599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 11 Mar 2021 21:09:42 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210309/r20190131/ Frame 9925 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210309/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210309/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wavesclaim.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://wavesclaim.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 10 Mar 2021 23:47:12 GMT
expires: Wed, 24 Mar 2021 23:47:12 GMT
content-type: text/html; charset=UTF-8
etag: 14488317231655078900
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4661
x-xss-protection: 0
age: 76950
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 wavesclaimcom.json Show response
json.foxpush.com/ 1 KB
1 KB 47ms
31ms XHR
application/json 2606:4700:20::681a:ab8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://json.foxpush.com/wavesclaimcom.json?v=0.8628304373622595
Requested by: Host: cdn.foxpush.net
URL: https://cdn.foxpush.net/sdk/foxpush_SDK_min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ab8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6b435be5c63ebc3f94e7546078ce5e4e8e144bc4562f152484e5f34f25ceb92

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:42 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-request-id: 08c4b8c7480000d6cdf837a000000001
last-modified: Mon, 15 Feb 2021 07:14:25 GMT
server: cloudflare
etag: W/"444-177a48a563f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rtnOhkkqGjUDY%2BnCu%2FXsaQlCAJ3Uf14DSW%2BPfTYvbsPOJJ%2F2GZSLrsgHbcEWN%2B5wfHe6JOtuVz2nmpGK8mpTWEue2h76s%2FQlgPpv8NkuqHnFjHmUSgKlRXtOXWfw"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1800
cf-ray: 62e7c3eba964d6cd-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 modules.33a772c48beaa5222edf.js Show response
script.hotjar.com/ 217 KB
58 KB 46ms
46ms Script
application/javascript 65.9.96.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.33a772c48beaa5222edf.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2096837.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

9bd71240933790c0dc85d69741a3b0bcfef32a44b46ce8893d2541ecaee2db72

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 16:20:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 535774
x-cache: Hit from cloudfront
content-length: 58652
access-control-allow-origin: *
last-modified: Fri, 05 Mar 2021 16:19:37 GMT
etag: "a93d27db17b2296071120e76a2ccbea0"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 f18b0bd4a5b62e5fb49428cc4789689f.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: s1QAtvrZl0PrtJu7jWop1QqbVk7K-2ApZjKEVxpMjvSvzpkdYrZaww==

GET
H2 200 5fbcf556f3830618fedbdae9.js Show response
cdn.bmcdn1.com/js/ 59 KB
18 KB 114ms
98ms Script
application/javascript 2606:4700:20::ac43:4801
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bmcdn1.com/js/5fbcf556f3830618fedbdae9.js
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4801 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc7dcedc1b5419516b6c42d143e0cafbdc46154c0aed5a58d93409851c95c271

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hpUkkVgH4iW0aeQGbtnJ5KGgSJxh%2FFPgZ6eSq7KywMR4Mdw%2Bd6TaTDesjJUmLFdM1QzHMvw07I9%2FGr5l9JrhRuPp2ox0KTdRoKZHFkLl7VprDY9SHSc6diE4lw%3D%3D"}],"max_age":604800}
cache-control: max-age=1800, public
cf-ray: 62e7c3ebcad24e0e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
cf-request-id: 08c4b8c75a00004e0e342bc000000001
expires: Thu, 11 Mar 2021 21:39:42 GMT

GET
H2 200 5fbcf50ff383064e65dbdae6.js Show response
cdn.bmcdn1.com/js/ 59 KB
18 KB 124ms
109ms Script
application/javascript 2606:4700:20::ac43:4801
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bmcdn1.com/js/5fbcf50ff383064e65dbdae6.js
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4801 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12caf0f26ad2317f4cc853e40f91ea3ca84baebfd5501df2a2e3c39f47b4e308

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cz4HuWxxAiLrbKxnbZCzHxP8d3sM3tT7ytI3uLaAU0goVmxbmqO60RgINt9LCSiKtxGRUATwo6aI0d1jhwq9g8IxxkyKPgO%2BDKzfN9zWWR8CYkrJqz5yAyu5qQ%3D%3D"}],"max_age":604800}
cache-control: max-age=1800, public
cf-ray: 62e7c3ebcad54e0e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
cf-request-id: 08c4b8c75e00004e0eeea06000000001
expires: Thu, 11 Mar 2021 21:39:42 GMT

GET
H2 200 lg.php
revive.wavesclaim.com/www/delivery/ 43 B
337 B 26ms
24ms Image
image/gif 2606:4700:3030::6815:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://revive.wavesclaim.com/www/delivery/lg.php?bannerid=8&campaignid=1&zoneid=17&loc=https%3A%2F%2Fwavesclaim.com%2F&cb=833e2b9e45
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 21:09:42 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Fh9A1rhkKGS9xT%2FkOS9iZa8T6PHZkoKlAp2GAIdlPu6%2FfHbGJdCuJow1wcV776XcAGD0GWVDN9iZ%2BwFa0Ynqu94wbN%2F%2F6JxQjP8OPkTpuJ93dO1OdKq62NenxYrN5L7fv3Q%3D"}]}
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 62e7c3ebae114ed3-FRA
content-type: image/gif
content-length: 43
cf-request-id: 08c4b8c74c00004ed3d5ac9000000001
expires: 0

GET
H2 200 lg.php
revive.wavesclaim.com/www/delivery/ 43 B
334 B 29ms
28ms Image
image/gif 2606:4700:3030::6815:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://revive.wavesclaim.com/www/delivery/lg.php?bannerid=8&campaignid=1&zoneid=16&loc=https%3A%2F%2Fwavesclaim.com%2F&cb=021266c2fb
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 21:09:42 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ejU4NtHR%2BbfFE60ShRoz41d0iBP4%2BdOnNEbkfOQw3C8bafLQ8MMLgmiuSb44viv2MrGgd2Ys%2B%2FIv23hKBSsF8X8%2BgBxf8zpEA7fgOe6u7m9Yhd68e51JTjL51laqQiAkw7E%3D"}]}
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 62e7c3ebae134ed3-FRA
content-type: image/gif
content-length: 43
cf-request-id: 08c4b8c74c00004ed3c4be5000000001
expires: 0

GET
H2 200 lg.php
revive.wavesclaim.com/www/delivery/ 43 B
372 B 18ms
17ms Image
image/gif 2606:4700:3030::6815:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://revive.wavesclaim.com/www/delivery/lg.php?bannerid=3&campaignid=1&zoneid=6&loc=https%3A%2F%2Fwavesclaim.com%2F&cb=786ceb08e3
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 21:09:42 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BENbUtULpnn5rHR%2Flt0jpW5M4tVowPmFwI1PZwhmRjlKIre%2Fnif3np0Fmg49DliKgWRwJ4JIVBsAc4VtHeOLmT%2FbY0KTnYpXJMGcAaITKqe9E%2FbXk2AAgJe0nkH%2FPVdvkc0%3D"}]}
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 62e7c3ebae144ed3-FRA
content-type: image/gif
content-length: 43
cf-request-id: 08c4b8c74d00004ed300312000000001
expires: 0

GET
H2 200 identify.html Show response
ufpcdn.com/script/ Frame 5AA1 2 KB
2 KB 209ms
194ms Document
text/html 2606:4700:3030::6815:2ed2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ufpcdn.com/script/identify.html?frmt=0
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2ed2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a

Request headers

:method: GET
:authority: ufpcdn.com
:scheme: https
:path: /script/identify.html?frmt=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wavesclaim.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://wavesclaim.com/

Response headers

date: Thu, 11 Mar 2021 21:09:42 GMT
content-type: text/html
set-cookie: __cfduid=d17b27f073b58774f0f818d754cb1cf671615496982; expires=Sat, 10-Apr-21 21:09:42 GMT; path=/; domain=.ufpcdn.com; HttpOnly; SameSite=Lax __cf_bm=50869c4546134634f3f5de1678fb06e7fcc39c05-1615496982-1800-AbE/FGY5fsf35gG2IIkDidwijfLLbfvTl/e+myW+HD5zj6ew7IeUb/MXXocaRzw+ZTRZ8NvGCqDaQa5JZw6/bHE=; path=/; expires=Thu, 11-Mar-21 21:39:42 GMT; domain=.ufpcdn.com; HttpOnly; Secure; SameSite=None
last-modified: Tue, 15 May 2018 06:39:25 GMT
cf-cache-status: DYNAMIC
cf-request-id: 08c4b8c75d00004eeb87b25000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zW6FG98H7tfLI4nE7Ocr6xBOtLe4fyzw0VaMHMJYt7M6UZcbMyP%2FrGtBv9Y0v7HxOc%2FIwKjhko%2F7lx4jyOXEMqXA4sVtkQ%2BKfC%2BzQdr%2FJIceuBqwZwQj"}],"group":"cf-nel"}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 62e7c3ebcfdf4eeb-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html Show response
vars.hotjar.com/ Frame 680E 2 KB
1 KB 44ms
44ms Document
text/html 65.9.96.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2096837.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 66f396314193bfe4809457b6c8004d026e3c503befe550e29ea068667f84ce39

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wavesclaim.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://wavesclaim.com/

Response headers

content-type: text/html
content-length: 851
date: Mon, 23 Nov 2020 17:01:03 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified: Mon, 23 Nov 2020 15:41:01 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 77d19519a1c9ed821ab469548b9d17f5.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: 947_C-yIc1q9FDuw8-R0nw65j0csO8GW9p9tRX4-acmGhDCSTOcQqg==
age: 9346119

GET
H2 200 pbice.js Show response
resources.infolinks.com/js/pbice/3.012/ 253 KB
80 KB 44ms
44ms Script
application/javascript 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/pbice/3.012/pbice.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1735.003-3.012/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef22755bc9501f967f1cb92530ea9a24c98432e12dfa2b35a71482b3e5579b21

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 62e7c3ec39fec78d-AMS
date: Thu, 11 Mar 2021 21:09:42 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 25 Feb 2021 13:31:34 GMT
server: cloudflare
age: 4645
etag: W/"3f394-5bc292b988e82"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
cf-request-id: 08c4b8c7a60000c78d6db00000000001
expires: Sat, 10 Apr 2021 19:52:17 GMT

GET
H2 200 manage Show response
router.infolinks.com/usync/ Frame 81DC 9 KB
2 KB 133ms
131ms Document
text/html 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/manage?pid=3303235&wsid=0
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1735.003-3.012/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d29db2e9e337a79391993f880a0f035623e1d29bbe8886474e924a2e25791c49

Request headers

:method: GET
:authority: router.infolinks.com
:scheme: https
:path: /usync/manage?pid=3303235&wsid=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wavesclaim.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://wavesclaim.com/

Response headers

date: Thu, 11 Mar 2021 21:09:42 GMT
content-type: text/html;charset=UTF-8
set-cookie: __cfduid=d3a6f76fe8cc9246e76c23c3a7137b5451615496982; expires=Sat, 10-Apr-21 21:09:42 GMT; path=/; domain=.infolinks.com; HttpOnly; SameSite=Lax
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 08c4b8c7b80000c78d3a808000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 62e7c3ec5a2ac78d-AMS
content-encoding: gzip

GET
H2 200 lcmanage Show response
router.infolinks.com/usync/ 0
63 B 251ms
251ms Script
text/plain 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/lcmanage?pid=3303235&wsid=0
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1735.003-3.012/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:42 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control: no-store
cf-ray: 62e7c3ec5a39c78d-AMS
content-length: 0
cf-request-id: 08c4b8c7bc0000c78d6583a000000001

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 204 B
644 B 113ms
57ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=wavesclaim.com&callback=_gfp_s_&client=ca-pub-9232038510402231

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9232038510402231&plah=wavesclaim.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

8c34f9ba1921b6aa933d3e917d35723df6703a75081a87e51592595b4bafe917

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 38ms
16ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=wavesclaim.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Mar 2021 21:09:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 37ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=wavesclaim.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Mar 2021 21:09:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
88 B 39ms
39ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwavesclaim.com%2F&tn=NAV&id=sidenav-main&cls=sidenav%20navbar%20navbar-vertical%20%20fixed-left%20%20navbar-expand-xs%20navbar-light%20bg-white&ign=false

Requested by

Host: wavesclaim.com
URL: https://wavesclaim.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 21:09:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DBEF 603 B
608 B 46ms
31ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9232038510402231&output=html&adk=1812271804&adf=3025194257&lmt=1615496982&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwavesclaim.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1615496982311&bpp=13&bdt=196&idt=145&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=114926450397&frm=20&pv=2&ga_vid=1262479057.1615496982&ga_sid=1615496982&ga_hid=52075505&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737563%2C21066923%2C21068944&oid=3&pvsid=1415811703231043&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=157

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9232038510402231&output=html&adk=1812271804&adf=3025194257&lmt=1615496982&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwavesclaim.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1615496982311&bpp=13&bdt=196&idt=145&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=114926450397&frm=20&pv=2&ga_vid=1262479057.1615496982&ga_sid=1615496982&ga_hid=52075505&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737563%2C21066923%2C21068944&oid=3&pvsid=1415811703231043&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=157
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wavesclaim.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://wavesclaim.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 11 Mar 2021 21:09:42 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 11-Mar-2021 21:24:42 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 11 Mar 2021 21:09:42 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495b316cdda6e7b6ce663bb9eeeee0cf6f7f6e5969d0a6c1fe39307cbdb9d686

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615378846156468"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28222
x-xss-protection: 0
expires: Thu, 11 Mar 2021 21:09:42 GMT

GET
H2 200 suurl.php Show response
onclickgenius.com/script/ 6 KB
2 KB 215ms
180ms Script
application/javascript 35.190.71.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://onclickgenius.com/script/suurl.php?r=3990295&cbrandom=0.5922308284608682&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=WavesClaim%20-%20WAVES%20and%20WAVES%20token%20cryptocurrency%20faucet&cbref=&cbdescription=Start%20your%20own%20cryptocurrency%20faucet%20or%20get%20free%20WAVES%20or%20WAVES%20tokens%20here.%20CoffeeCoin%2C%20WAVES%20Coin%20and%20more%20is%20available%20to%20claim%20here&cbkeywords=&cbcdn=acdcdn.com
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.71.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.71.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: c15d0542bfed06d4e67418f4b0ef7006077d2b98bf7a3f978b0bda465c5ea8c7

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 11 Mar 2021 21:09:42 GMT
content-encoding: gzip
server: openresty
alt-svc: clear
via: 1.1 google
content-type: application/javascript; charset=utf-8

GET
H2 200 chrome.js Show response
acdcdn.com/script/ 36 KB
11 KB 15ms
14ms Script
application/javascript 2606:4700:3032::ac43:938f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acdcdn.com/script/chrome.js
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:938f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59f4d7efe6da31323c45da80772acec8cd177a21530c2de576f86ee3fcefd946

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=KoLUvQ==, md5=72VlqyWdr7wIRotNC7RnYg==
date: Thu, 11 Mar 2021 21:09:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 143
x-guploader-uploadid: ABg5-Uw0uJhPxTzBlkRe1cmScBzJtlqcLSv_bSEEDVUa4vmjH3FWG3hvCMkkeMZ_YM4bVsSuercwYSpEFqsv7QPugfp6jVbDQg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08c4b8c8d00000d6d5688f2000000001
last-modified: Mon, 14 Sep 2020 09:15:29 GMT
server: cloudflare
etag: W/"ef6565ab259dafbc08468b4d0bb46762"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=A26RBwUteMuptWW%2FnIArDqorrmg37PC0q0%2BH2uBJ7rxbE%2FIFSdJ0AEhWSAkJaZvOMq35dXTaV5WwF0tf0HrCEEYScUwisXjp94l7nWJ38YDXg4txV7bS"}]}
x-goog-generation: 1600074929755781
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=14400
x-goog-stored-content-length: 37300
cf-ray: 62e7c3ee1c6bd6d5-FRA
expires: Thu, 11 Mar 2021 21:56:46 GMT

GET
H2 200 /
cdn.bmcdn1.com/pv/5fbc07d5b8d66f0012447024/ 35 B
326 B 102ms
101ms Image
image/gif 2606:4700:20::ac43:4801
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bmcdn1.com/pv/5fbc07d5b8d66f0012447024/?source=https%3A%2F%2Fwavesclaim.com%2F&ref=&ent=&we=0&fid=244c4b31f5cc5aee5d33f6abfbf9a6d2&fidnoua=af67c605692619636aa5a8b3bdb98dfe&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&sig=0x00000&blocksubid=0&impid=ee36a763a884eea766767123725ace3c
Requested by: Host: wavesclaim.com
URL: https://wavesclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4801 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:42 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WaqJpKTLK%2FQqx8Y4WXngm6Bz8jt7nws7wB8QD6rza6Gj9FJnCEgDMBn3mQ%2BhrF1DRWF9sgW2AmteEEahISJvD3PmFTEmUMbCmARxrly0tCxZboEzQMADyLgc2g%3D%3D"}],"max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cf-ray: 62e7c3ee3ee04e0e-FRA
content-length: 35
cf-request-id: 08c4b8c8e700004e0e2e9b3000000001

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 345A
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=infolinks&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east

291 B
559 B

79ms
26ms

Document
text/html

184.30.212.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3303235&wsid=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.212.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-30-212-16.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://router.infolinks.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://router.infolinks.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "4000c-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Thu, 11 Mar 2021 21:09:42 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
Date: Thu, 11 Mar 2021 21:09:42 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 / Show response
de.tynt.com/deb/ Frame A758 75 B
289 B 337ms
112ms Document
text/html 208.100.17.181
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3303235&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.181 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip181.208-100-17.static.steadfastdns.net
Software: /
Resource Hash: e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

:method: GET
:authority: de.tynt.com
:scheme: https
:path: /deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://router.infolinks.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://router.infolinks.com/

Response headers

cache-control: max-age=86400
expires: Fri, 12 Mar 2021 21:09:43 GMT
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Thu, 11 Mar 2021 21:09:42 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 90AB
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1

2 KB
3 KB

69ms
68ms

Document
text/html

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3303235&wsid=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 912cf539c52a2310ece0419a7e0af284a33c711373d2d40542888c99bbe3af3c

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://router.infolinks.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YEqHFstrs89GsHQ2d8c4-AAA; CMPS=3164
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://router.infolinks.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 39|230|45|241|196|13|73|191
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1760
Expires: Thu, 11 Mar 2021 21:09:42 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 11 Mar 2021 21:09:42 GMT
Connection: keep-alive
Set-Cookie: CMID=YEqHFstrs89GsHQ2d8c4-AAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 11 Mar 2022 21:09:42 GMT CMPS=3164;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 09 Jun 2021 21:09:42 GMT CMPRO=1207;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 09 Jun 2021 21:09:42 GMT CMST=YEqHFmBKhxYA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 12 Mar 2021 21:09:42 GMT CMRUM3=c4604a871605a0&f1604a871605a00&27604a87160b40&49604a871605a00&e6604a871627600&2d604a871605a0&0d604a871605a0&bf604a871605a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 11 Mar 2022 21:09:42 GMT

Redirect headers

Server: Apache
Content-Length: 311
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Thu, 11 Mar 2021 21:09:42 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 11 Mar 2021 21:09:42 GMT
Connection: keep-alive
Set-Cookie: CMID=YEqHFstrs89GsHQ2d8c4-AAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 11 Mar 2022 21:09:42 GMT CMPS=3164;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 09 Jun 2021 21:09:42 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 5C0B 2 KB
818 B 78ms
24ms Document
text/html 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3303235&wsid=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=598ce3ddaee8c90
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://router.infolinks.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://router.infolinks.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H2

200

apn-usync
router.infolinks.com/dyn/ Frame 81DC
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
https://router.infolinks.com/dyn/apn-usync?user_id=2696385732787028927

35 B
412 B

138ms
138ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/apn-usync?user_id=2696385732787028927
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3303235&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 21:09:43 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 62e7c3ef68a0c78d-AMS
content-length: 35
cf-request-id: 08c4b8c99c0000c78d83a72000000001
expires: Wed, 11 Mar 2020 20:09:43 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 21:09:42 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.186:80
AN-X-Request-Uuid: 7638745b-65bc-4e4f-b28f-e89b1c45775b
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://router.infolinks.com/dyn/apn-usync?user_id=2696385732787028927
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

r1-usync
router.infolinks.com/dyn/ Frame 81DC
Redirect Chain

https://sync.1rx.io/usersync2/infolinks
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5011851174
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5011851174
https://sync.1rx.io/usersync/tradedesk/dcfc9b51-7111-4df9-a9c9-cbd67418492a
https://sync.targeting.unrulymedia.com/csync/RX-3ad86c52-f8ce-409f-a17c-bb964a1993a7-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-3ad86c52-f8ce-409f-a17c-bb964a1993a7-003
https://router.infolinks.com/dyn/r1-usync?uid=RX-3ad86c52-f8ce-409f-a17c-bb964a1993a7-003

35 B
230 B

130ms
130ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/r1-usync?uid=RX-3ad86c52-f8ce-409f-a17c-bb964a1993a7-003
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3303235&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 21:09:43 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 62e7c3f25e84c78d-AMS
content-length: 35
cf-request-id: 08c4b8cb730000c78d0717d000000001
expires: Wed, 11 Mar 2020 20:09:43 GMT

Redirect headers

Date: Thu, 11 Mar 2021 21:09:43 GMT
Server: Tengine
ETag: RX3ad86c52f8ce409fa17cbb964a1993a7003
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location: https://router.infolinks.com/dyn/r1-usync?uid=RX-3ad86c52-f8ce-409f-a17c-bb964a1993a7-003
Connection: keep-alive
Content-Type: text/html

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 81DC 0
72 B 352ms
114ms Image
text/plain 67.202.110.21
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3303235&wsid=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip21.67-202-110.static.steadfastdns.net
Software: 33XP001 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-33x-status: 2000208
date: Thu, 11 Mar 2021 21:09:42 GMT
server: 33XP001

GET
H2

200

zmn-usync
router.infolinks.com/dyn/ Frame 81DC
Redirect Chain

https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
https://router.infolinks.com/dyn/zmn-usync?uid=

35 B
204 B

128ms
128ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/zmn-usync?uid=
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3303235&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 21:09:43 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 62e7c3f10be6c78d-AMS
content-length: 35
cf-request-id: 08c4b8caa70000c78d02b93000000001
expires: Wed, 11 Mar 2020 20:09:43 GMT

Redirect headers

Location: https://router.infolinks.com/dyn/zmn-usync?uid=
Pragma: no-cache
Date: Thu, 11 Mar 2021 21:09:43 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 70
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 81DC 0
478 B 74ms
17ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3303235&wsid=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 21:09:42 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ca.png
s.cpx.to/ Frame 81DC
Redirect Chain

https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fwavesclaim.com%252F&pid=12306&adnxs_uid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fwavesclaim.com%25252F%26pid%3D12306%26adnxs_uid%3D%24UID
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwavesclaim.com%2F&pid=12306&adnxs_uid=2591616954258718546

95 B
945 B

134ms
33ms

Image
image/png

52.19.239.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwavesclaim.com%2F&pid=12306&adnxs_uid=2591616954258718546

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3303235&wsid=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.19.239.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-239-39.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache, no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Thu, 11 Mar 2021 21:09:43 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0, no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Thu, 11 Mar 2021 21:09:43 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 21:09:42 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.241:80
AN-X-Request-Uuid: 8347bb4e-9302-49d3-9235-e3132a700354
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwavesclaim.com%2F&pid=12306&adnxs_uid=2591616954258718546
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 81DC 42 B
233 B 300ms
98ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=202&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fearn-usync%3Fuid%3D%7BUID%7D
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3303235&wsid=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 21:09:43 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2

200

outh-usync
router.infolinks.com/dyn/ Frame 81DC
Redirect Chain

https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP19852a7c-82ae-11eb-bd98-02d6f46eda30
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP19852a7c-82ae-11eb-bd98-02d6f46eda30&verify=true
https://router.infolinks.com/dyn/outh-usync?uid=y-PCDcVUdE2uHS5md5Ze_nJhyer2xK3dwg~A~UP19852a7c-82ae-11eb-bd98-02d6f46eda30

35 B
366 B

129ms
129ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/outh-usync?uid=y-PCDcVUdE2uHS5md5Ze_nJhyer2xK3dwg~A~UP19852a7c-82ae-11eb-bd98-02d6f46eda30
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3303235&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 21:09:43 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 62e7c3f02a1dc78d-AMS
content-length: 35
cf-request-id: 08c4b8ca150000c78d363d9000000001
expires: Wed, 11 Mar 2020 20:09:43 GMT

Redirect headers

Date: Thu, 11 Mar 2021 21:09:43 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://router.infolinks.com/dyn/outh-usync?uid=y-PCDcVUdE2uHS5md5Ze_nJhyer2xK3dwg~A~UP19852a7c-82ae-11eb-bd98-02d6f46eda30
Connection: keep-alive
Content-Length: 0

GET
H2

200

sovrn-usync
router.infolinks.com/dyn/ Frame 81DC
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true
https://router.infolinks.com/dyn/sovrn-usync?uid=e2e2da9fec8b656ce94dd397

35 B
219 B

191ms
191ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/sovrn-usync?uid=e2e2da9fec8b656ce94dd397
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3303235&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 21:09:43 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 62e7c3ef3846c78d-AMS
content-length: 35
cf-request-id: 08c4b8c9880000c78d68be6000000001
expires: Wed, 11 Mar 2020 20:09:43 GMT

Redirect headers

Date: Thu, 11 Mar 2021 21:09:42 GMT
Server: nginx
Location: https://router.infolinks.com/dyn/sovrn-usync?uid=e2e2da9fec8b656ce94dd397
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

pbm-usync
router.infolinks.com/dyn/ Frame 81DC
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDdCQzlCQTEtMTI2Ri00NzkyLUIwN0YtM0E5NTQzNDAxRTkx&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D7FCC20AA-8EF1-47A7-B965-256F37A1FA14
https://router.infolinks.com/dyn/pbm-usync?uid=7FCC20AA-8EF1-47A7-B965-256F37A1FA14

0
256 B

126ms
126ms

Image
text/html

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/pbm-usync?uid=7FCC20AA-8EF1-47A7-B965-256F37A1FA14
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3303235&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 21:09:43 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, private
cf-ray: 62e7c3f14c4ec78d-AMS
content-length: 0
cf-request-id: 08c4b8cacc0000c78d0219d000000001
expires: Wed, 11 Mar 2020 20:09:43 GMT

Redirect headers

Location: https://router.infolinks.com/dyn/pbm-usync?uid=7FCC20AA-8EF1-47A7-B965-256F37A1FA14
Date: Thu, 11 Mar 2021 21:09:42 GMT
X-Cnection: close
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Content-Length: 403
Content-Type: text/html; charset=iso-8859-1

GET
H2

200

pbm-usync
router.infolinks.com/dyn/ Frame 81DC
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0ZDQzIwQUEtOEVGMS00N0E3LUI5NjUtMjU2RjM3QTFGQTE0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D7FCC20AA-8EF1-47A7-B965-256F37A1FA14
https://router.infolinks.com/dyn/pbm-usync?uid=7FCC20AA-8EF1-47A7-B965-256F37A1FA14

0
91 B

132ms
132ms

Image
text/html

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/pbm-usync?uid=7FCC20AA-8EF1-47A7-B965-256F37A1FA14
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3303235&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 21:09:43 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, private
cf-ray: 62e7c3f16c8cc78d-AMS
content-length: 0
cf-request-id: 08c4b8cade0000c78d4d817000000001
expires: Wed, 11 Mar 2020 20:09:43 GMT

Redirect headers

Location: https://router.infolinks.com/dyn/pbm-usync?uid=7FCC20AA-8EF1-47A7-B965-256F37A1FA14
Date: Thu, 11 Mar 2021 21:09:42 GMT
Cache-Control: no-store, no-cache, private
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

bizzc-usync
router.infolinks.com/dyn/ Frame 81DC
Redirect Chain

https://us.ck-ie.com/nfol263.gif?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fbizzc-usync%3Fuid%3D%7B%24PARTNER_UID%7D
https://router.infolinks.com/dyn/bizzc-usync?uid=4e42123fce38789612b4874d31f3ab695fa4315da8390bf163a6d8a9c24cd49a

35 B
317 B

125ms
124ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/bizzc-usync?uid=4e42123fce38789612b4874d31f3ab695fa4315da8390bf163a6d8a9c24cd49a
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3303235&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 21:09:43 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 62e7c3f21df8c78d-AMS
content-length: 35
cf-request-id: 08c4b8cb4d0000c78d3a853000000001
expires: Wed, 11 Mar 2020 20:09:43 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 21:09:43 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://router.infolinks.com/dyn/bizzc-usync?uid=4e42123fce38789612b4874d31f3ab695fa4315da8390bf163a6d8a9c24cd49a
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 200 iq-usync
router.infolinks.com/dyn/ Frame 81DC 0
256 B 131ms
130ms Image
text/plain 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/iq-usync
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3303235&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://router.infolinks.com/usync/manage?pid=3303235&wsid=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:43 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control: no-store
cf-ray: 62e7c3f03a5dc78d-AMS
content-length: 0
cf-request-id: 08c4b8ca290000c78d6db37000000001

GET
H2

200

zeta-usync
router.infolinks.com/dyn/ Frame 81DC
Redirect Chain

https://p.rfihub.com/cm?pub=43153&in=1
https://router.infolinks.com/dyn/zeta-usync?uid=1875819618033690770

35 B
213 B

142ms
142ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/zeta-usync?uid=1875819618033690770
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3303235&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 21:09:43 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 62e7c3f0fbb0c78d-AMS
content-length: 35
cf-request-id: 08c4b8ca9e0000c78d0b912000000001
expires: Wed, 11 Mar 2020 20:09:43 GMT

Redirect headers

Location: https://router.infolinks.com/dyn/zeta-usync?uid=1875819618033690770
Date: Thu, 11 Mar 2021 21:09:43 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

sx-usync
router.infolinks.com/dyn/ Frame 81DC
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=8851&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsx-usync%3Fuid%3D%24SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=8851&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsx-usync%3Fuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=19dc4a98-82ae-11eb-b1db-173c25ca0c06
https://router.infolinks.com/dyn/sx-usync?uid=19dc4a4e-82ae-11eb-b1db-173c25ca0c06

35 B
225 B

128ms
127ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/sx-usync?uid=19dc4a4e-82ae-11eb-b1db-173c25ca0c06
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3303235&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 21:09:43 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 62e7c3f2ffbcc78d-AMS
content-length: 35
cf-request-id: 08c4b8cbda0000c78d68815000000001
expires: Wed, 11 Mar 2020 20:09:43 GMT

Redirect headers

Date: Thu, 11 Mar 2021 21:09:43 GMT
Server: nginx
Location: https://router.infolinks.com/dyn/sx-usync?uid=19dc4a4e-82ae-11eb-b1db-173c25ca0c06
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 140
Connection: keep-alive
Content-Length: 0

GET
H2

200

VR-usync
router.infolinks.com/dyn/ Frame 81DC
Redirect Chain

https://ups.analytics.yahoo.com/ups/58422/occ
https://router.infolinks.com/dyn/VR-usync?uid=y-n9hMm6BE2uHYt_v73SDC3SyZcnnjbktLzLbWKyY-~A

35 B
236 B

132ms
131ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/VR-usync?uid=y-n9hMm6BE2uHYt_v73SDC3SyZcnnjbktLzLbWKyY-~A
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3303235&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 21:09:43 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 62e7c3f11bfbc78d-AMS
content-length: 35
cf-request-id: 08c4b8cab40000c78d77a86000000001
expires: Wed, 11 Mar 2020 20:09:43 GMT

Redirect headers

Date: Thu, 11 Mar 2021 21:09:43 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://router.infolinks.com/dyn/VR-usync?uid=y-n9hMm6BE2uHYt_v73SDC3SyZcnnjbktLzLbWKyY-~A
Connection: keep-alive
Content-Length: 0

GET
H2 200 hcaptcha-challenge.html Show response
assets.hcaptcha.com/captcha/v1/44bf798/static/ Frame 9009 2 KB
1 KB 133ms
132ms Document
text/html 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.hcaptcha.com/captcha/v1/44bf798/static/hcaptcha-challenge.html

Requested by

Host: www.hcaptcha.com
URL: https://www.hcaptcha.com/1/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e8862ddabd512fc6e7e517990f6dd231201eea86497bb4b42ffaf81ef5f2a0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: assets.hcaptcha.com
:scheme: https
:path: /captcha/v1/44bf798/static/hcaptcha-challenge.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wavesclaim.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://wavesclaim.com/

Response headers

date: Thu, 11 Mar 2021 21:09:42 GMT
content-type: text/html
set-cookie: __cfduid=dc25577ea0ee4a2a81851317c2cd4b1a21615496982; expires=Sat, 10-Apr-21 21:09:42 GMT; path=/; domain=.hcaptcha.com; HttpOnly; SameSite=Lax; Secure
x-amz-id-2: EL4RaY2BsURYzO8tFCbluremZeE/z9PZJyBiyRIh6HneTdETf/TtiBvXtEvGLkIlmIJoIOzml+4=
x-amz-request-id: 16XSK9GYZJXCY52F
cache-control: max-age=1209600
last-modified: Thu, 11 Mar 2021 14:26:38 GMT
cf-cache-status: DYNAMIC
cf-request-id: 08c4b8c94000009d24f9059000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 62e7c3eec88d9d24-AMS
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 hcaptcha-checkbox.html Show response
assets.hcaptcha.com/captcha/v1/44bf798/static/ Frame D62F 3 KB
2 KB 157ms
157ms Document
text/html 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.hcaptcha.com/captcha/v1/44bf798/static/hcaptcha-checkbox.html

Requested by

Host: www.hcaptcha.com
URL: https://www.hcaptcha.com/1/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb870739b461fd9a853f138ff8806fd8b588881300422d5643ebc544b842304f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: assets.hcaptcha.com
:scheme: https
:path: /captcha/v1/44bf798/static/hcaptcha-checkbox.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wavesclaim.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://wavesclaim.com/

Response headers

date: Thu, 11 Mar 2021 21:09:42 GMT
content-type: text/html
set-cookie: __cfduid=dc25577ea0ee4a2a81851317c2cd4b1a21615496982; expires=Sat, 10-Apr-21 21:09:42 GMT; path=/; domain=.hcaptcha.com; HttpOnly; SameSite=Lax; Secure
x-amz-id-2: fq9Odm48g80mTbnLvP4crqkwFYrO9AE4OizAmKy12H6TQ1Jy3q16MSLI/XVMTyPo9WXqOijrUfU=
x-amz-request-id: 16XTY3EGQ2B7N269
cache-control: max-age=1209600
last-modified: Thu, 11 Mar 2021 14:26:39 GMT
cf-cache-status: DYNAMIC
cf-request-id: 08c4b8c94400009d2404af5000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 62e7c3eec88f9d24-AMS
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 hcaptcha-challenge.js Show response
assets.hcaptcha.com/captcha/v1/44bf798/ Frame 9009 177 KB
51 KB 33ms
33ms Script
application/javascript 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.hcaptcha.com/captcha/v1/44bf798/hcaptcha-challenge.js

Requested by

Host: assets.hcaptcha.com
URL: https://assets.hcaptcha.com/captcha/v1/44bf798/static/hcaptcha-challenge.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ace1ebd4532d2816d815bdda6662d918b11366fde163cfd93eed6dc6eb5ecd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.hcaptcha.com/captcha/v1/44bf798/static/hcaptcha-challenge.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 89070
cf-polished: origSize=181547
last-modified: Wed, 10 Mar 2021 20:24:30 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: ZY956TJD6W7KBQP1
x-amz-id-2: WJDPjd+A2T+qawjN4HOffqgofzSfHfteDuzdFqqdqxltpD/BRAZC0423dns5oaMs8XA/iMRJBFQ=
cf-bgj: minify
server: cloudflare
etag: W/"4bbe7db9e63e13e0e85e7f5fa21bec4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1382400
cf-request-id: 08c4b8c9cd00009d24e7af6000000001
cf-ray: 62e7c3efa8fe9d24-AMS
expires: Sat, 27 Mar 2021 21:09:42 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 345A 31 KB
10 KB 27ms
27ms Script
text/html 184.30.212.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.212.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-30-212-16.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: ef0d80c9782eb1cfac57024ea1766f0baae2ac31d51874b91991ae355d9009f2

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 21:09:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Jan 2021 20:32:24 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=18979
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9309
Expires: Fri, 12 Mar 2021 02:26:01 GMT

GET
H2 200 hcaptcha-checkbox.js Show response
assets.hcaptcha.com/captcha/v1/44bf798/ Frame D62F 95 KB
32 KB 37ms
37ms Script
application/javascript 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.hcaptcha.com/captcha/v1/44bf798/hcaptcha-checkbox.js

Requested by

Host: assets.hcaptcha.com
URL: https://assets.hcaptcha.com/captcha/v1/44bf798/static/hcaptcha-checkbox.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb20e47a43421e8c77bf20ffc663963c83c54af9aaf6559dd757ebb47e52ca5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.hcaptcha.com/captcha/v1/44bf798/static/hcaptcha-checkbox.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 89071
cf-polished: origSize=97778
last-modified: Wed, 10 Mar 2021 20:24:30 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: ZY9E3K7S0B3YPPEY
x-amz-id-2: 7FhDUjktbalsk0gkcP/Fjgw2sB7vR77auqr78Lz4LAMV+qQ9216aL5gPWj6Sea12IBAmI62djI4=
cf-bgj: minify
server: cloudflare
etag: W/"89b29d52406f85d408e001f9026c1071"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1382400
cf-request-id: 08c4b8c9e600009d24e7af8000000001
cf-ray: 62e7c3efd9139d24-AMS
expires: Sat, 27 Mar 2021 21:09:43 GMT

GET
H2 200 style.css
assets.hcaptcha.com/captcha/v1/44bf798/static/css/ Frame D62F 4 KB
1 KB 25ms
25ms Stylesheet
text/css 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.hcaptcha.com/captcha/v1/44bf798/static/css/style.css

Requested by

Host: assets.hcaptcha.com
URL: https://assets.hcaptcha.com/captcha/v1/44bf798/static/hcaptcha-checkbox.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3431c755eb7be84c7a242b85c3e18a0843d17fa9ca60248ddc9462e41ec70400

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.hcaptcha.com/captcha/v1/44bf798/static/hcaptcha-checkbox.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 89071
cf-polished: origSize=4930
last-modified: Wed, 10 Mar 2021 20:24:31 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: ZY9DF40G4ZHZQ7KK
x-amz-id-2: WQ7F6upg25e87GCiIxLNtgcv3iJk5RqvFv/VueHUNnm0iTZWxPPywNGTyM3xYgZG+A2NVH0Wf9Y=
cf-bgj: minify
server: cloudflare
etag: W/"5649d6d7980e8ff642831e6c8c5a7041"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=1382400
cf-request-id: 08c4b8c9e600009d24f232e000000001
cf-ray: 62e7c3efd9149d24-AMS
expires: Sat, 27 Mar 2021 21:09:43 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 90AB 70 B
264 B 34ms
33ms Image
image/gif 34.246.156.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_dsp_id=39&gdpr=1&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=YEqHFstrs89GsHQ2d8c4-AAA
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.156.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-156-173.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 21:09:43 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 90AB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YEqHFstrs89GsHQ2d8c4_AAABLcAAAIB
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEDzFxn4GS5DvK91OHfZgkLE&google_cver=1

43 B
315 B

46ms
46ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEDzFxn4GS5DvK91OHfZgkLE&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 21:09:43 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 11 Mar 2021 21:09:43 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Mar 2021 21:09:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEDzFxn4GS5DvK91OHfZgkLE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 90AB
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YEqHFstrs89GsHQ2d8c4-AAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHxCpaKO9VMxGEVsh2HBOME&google_cver=1

43 B
1002 B

43ms
42ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHxCpaKO9VMxGEVsh2HBOME&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 21:09:43 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 11 Mar 2021 21:09:43 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Mar 2021 21:09:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHxCpaKO9VMxGEVsh2HBOME&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 90AB
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YEqHFstrs89GsHQ2d8c4_AAABLcAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YEqHFstrs89GsHQ2d8c4_AAABLcAAAIB&dcc=t

43 B
433 B

102ms
102ms

Image
image/gif

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YEqHFstrs89GsHQ2d8c4_AAABLcAAAIB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 21:09:43 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 21:09:43 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YEqHFstrs89GsHQ2d8c4_AAABLcAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK us.php
gu.dyntrk.com/adx/ie/ Frame 90AB 0
215 B 99ms
33ms Image
text/plain 51.178.20.140
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.178.20.140 , France, ASN16276 (OVH, FR),
Reverse DNS: proxy0394.eu3.dynfactory.com
Software: proxy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
cache-control: private, no-cache, no-store, proxy-revalidate, no-transform
x-rc: 10
server: proxy
content-length: 0
content-type: text/plain

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 90AB
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=05fa2204004b570efec48890&expiration=[EXPIRATION]&gdpr=1

43 B
1 KB

42ms
42ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=05fa2204004b570efec48890&expiration=[EXPIRATION]&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 21:09:43 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 11 Mar 2021 21:09:43 GMT

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=05fa2204004b570efec48890&expiration=[EXPIRATION]&gdpr=1
Date: Thu, 11 Mar 2021 21:09:43 GMT
Access-Control-Allow-Credentials: true
X-Powered-By: Express
Content-Length: 0
Vary: Origin

GET
H2 200 YEqHFstrs89GsHQ2d8c4_AAABLcAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 90AB 43 B
838 B 101ms
33ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YEqHFstrs89GsHQ2d8c4_AAABLcAAAIB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:43 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 index
dmp.brand-display.com/cm/api/ Frame 90AB 43 B
253 B 3235ms
3199ms Image
image/gif 35.241.40.233
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.40.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 233.40.241.35.bc.googleusercontent.com
Software: nginx/1.19.8 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 21:09:46 GMT
via: 1.1 google
last-modified: Thu, 11 Mar 2021 21:09:46 GMT
server: nginx/1.19.8
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: clear
content-length: 43
expires: Thu, 11 Mar 2021 21:09:47 GMT

GET
H2 200 ix-usync
router.infolinks.com/dyn/ Frame 90AB 35 B
328 B 164ms
163ms Image
image/gif 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/ix-usync?uid=YEqHFstrs89GsHQ2d8c4-AAA%261207
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 21:09:43 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 62e7c3efd9a4c78d-AMS
content-length: 35
cf-request-id: 08c4b8c9eb0000c78d2385f000000001
expires: Wed, 11 Mar 2020 20:09:43 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 345A 284 B
536 B 98ms
25ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/jpg

GET
H2 200 info-off.svg
assets.hcaptcha.com/captcha/v1/44bf798/static/images/ Frame 9009 259 B
355 B 34ms
32ms Image
image/svg+xml 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.hcaptcha.com/captcha/v1/44bf798/static/images/info-off.svg

Requested by

Host: wavesclaim.com
URL: https://wavesclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee95343fc52afa66c189b2b09e15a83b62326953fac7ada5690e8b300d941e3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.hcaptcha.com/captcha/v1/44bf798/static/hcaptcha-challenge.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 89070
strict-transport-security: max-age=2592000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: APFMPSMTPYXP8NV9
x-amz-id-2: L90lVf1MGVIiiswvFD0/lhLN0T6FvuaCao6tqvWXgPArpmV+NSWNc2o3YKgtfzQTbowqATTlECM=
last-modified: Wed, 10 Mar 2021 20:24:35 GMT
server: cloudflare
etag: W/"f9d20a678492db09477878f9d55be9da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1382400
cf-request-id: 08c4b8ca1a00009d241e87a000000001
cf-ray: 62e7c3f0292f9d24-AMS
expires: Sat, 27 Mar 2021 21:09:43 GMT

GET
H2 200 info-on.svg
assets.hcaptcha.com/captcha/v1/44bf798/static/images/ Frame 9009 259 B
379 B 31ms
30ms Image
image/svg+xml 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.hcaptcha.com/captcha/v1/44bf798/static/images/info-on.svg

Requested by

Host: wavesclaim.com
URL: https://wavesclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e9b006d172c0a1d72efd52b200bb09973c4f9d6445ccb8861876a8e37722da4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.hcaptcha.com/captcha/v1/44bf798/static/hcaptcha-challenge.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 89070
strict-transport-security: max-age=2592000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: APFNQCA2ZMT4BQGF
x-amz-id-2: GCOkLYuM67sycCV4o1jIKyFZPInhThutAYFPwxUgsFZXmhZ4rsPP2YjG/fOXkCwArN9RVyvCBTU=
last-modified: Wed, 10 Mar 2021 20:24:35 GMT
server: cloudflare
etag: W/"ba4aafee1c4437f484e1e287527a843b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1382400
cf-request-id: 08c4b8ca1800009d24e8349000000001
cf-ray: 62e7c3f029329d24-AMS
expires: Sat, 27 Mar 2021 21:09:43 GMT

GET
H2 200 refresh-off.svg
assets.hcaptcha.com/captcha/v1/44bf798/static/images/ Frame 9009 1 KB
1 KB 54ms
53ms Image
image/svg+xml 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.hcaptcha.com/captcha/v1/44bf798/static/images/refresh-off.svg

Requested by

Host: wavesclaim.com
URL: https://wavesclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfdf8f5c8f0a88fd948ddb5f3e75f48f1a5b64c0dbca52aee02758cded0fdd1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.hcaptcha.com/captcha/v1/44bf798/static/hcaptcha-challenge.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 89070
strict-transport-security: max-age=2592000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: APFQJZE2VTC52GEF
x-amz-id-2: Kn3Rg1VvKbVTnsAgW/WF8u4bnzvtSqUh7so9JHULNikhdYAxboOGy8WF3C6BAsZ+iqV2IRyTsBU=
last-modified: Wed, 10 Mar 2021 20:24:37 GMT
server: cloudflare
etag: W/"c603c970232a32a5a3e7c3490bb8570d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1382400
cf-request-id: 08c4b8ca1800009d241db68000000001
cf-ray: 62e7c3f029339d24-AMS
expires: Sat, 27 Mar 2021 21:09:43 GMT

GET
H2 200 refresh-on.svg
assets.hcaptcha.com/captcha/v1/44bf798/static/images/ Frame 9009 1 KB
1 KB 30ms
29ms Image
image/svg+xml 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.hcaptcha.com/captcha/v1/44bf798/static/images/refresh-on.svg

Requested by

Host: wavesclaim.com
URL: https://wavesclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c54c6d08298fc76893fb1e964b4289403e8a33d1a702919246844a30334fc7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.hcaptcha.com/captcha/v1/44bf798/static/hcaptcha-challenge.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 89070
strict-transport-security: max-age=2592000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: APFWXNSAX1BM1N46
x-amz-id-2: AbH39nMeZQPz3d0oUZdmJITcKhlUFWJu8J6Bw+88JElqy+nPzuXip0tI1qclJh1ZIWxHvUNluE4=
last-modified: Wed, 10 Mar 2021 20:24:37 GMT
server: cloudflare
etag: W/"c920ed99ac20863ebfbe765765e18f37"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1382400
cf-request-id: 08c4b8ca1900009d241489b000000001
cf-ray: 62e7c3f029349d24-AMS
expires: Sat, 27 Mar 2021 21:09:43 GMT

GET
H2 200 icon.svg
assets.hcaptcha.com/captcha/v1/44bf798/static/images/ Frame 9009 4 KB
1 KB 32ms
31ms Image
image/svg+xml 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.hcaptcha.com/captcha/v1/44bf798/static/images/icon.svg

Requested by

Host: wavesclaim.com
URL: https://wavesclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2103895e30862699c79e11207f422beb8ff0e9e4f4c98f4039c51e7bf415755f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.hcaptcha.com/captcha/v1/44bf798/static/hcaptcha-challenge.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 89070
strict-transport-security: max-age=2592000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: APFNG55VPXA623KF
x-amz-id-2: tiYbvc/EfpyYs4ncIsYNksCoGrBTaBq+QmNA6FtAxI9ueleKCOKsL96RhiVf+E6WL9exq7uI/ow=
last-modified: Wed, 10 Mar 2021 20:24:34 GMT
server: cloudflare
etag: W/"be372e873af6713fc0e5e8a45c6186a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1382400
cf-request-id: 08c4b8ca1a00009d24e9045000000001
cf-ray: 62e7c3f029369d24-AMS
expires: Sat, 27 Mar 2021 21:09:43 GMT

GET
H2 200 close-off.svg
assets.hcaptcha.com/captcha/v1/44bf798/static/images/ Frame 9009 883 B
667 B 30ms
29ms Image
image/svg+xml 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.hcaptcha.com/captcha/v1/44bf798/static/images/close-off.svg

Requested by

Host: wavesclaim.com
URL: https://wavesclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f818610e42523c097d324208b02099181c0387da9e39db35cda95cf4fd99d139

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.hcaptcha.com/captcha/v1/44bf798/static/hcaptcha-challenge.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 89070
strict-transport-security: max-age=2592000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: APFWNN5GNV353HZ4
x-amz-id-2: Nj3Fvr01cjR8gLswdnnqs2QIVB61HCGPpm9hwjjpbfPBxAIUlCXCZywuucdd4ZbCoNjUaENf9/g=
last-modified: Wed, 10 Mar 2021 20:24:32 GMT
server: cloudflare
etag: W/"3d7acdbc7af878528eadd95b356d89a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1382400
cf-request-id: 08c4b8ca1a00009d24f9062000000001
cf-ray: 62e7c3f029379d24-AMS
expires: Sat, 27 Mar 2021 21:09:43 GMT

GET
H2 200 close-on.svg
assets.hcaptcha.com/captcha/v1/44bf798/static/images/ Frame 9009 883 B
696 B 46ms
46ms Image
image/svg+xml 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.hcaptcha.com/captcha/v1/44bf798/static/images/close-on.svg

Requested by

Host: wavesclaim.com
URL: https://wavesclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

057106463a1403212214c0123c9112094b006cce83914ff80ec96bf176ba2764

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.hcaptcha.com/captcha/v1/44bf798/static/hcaptcha-challenge.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 89070
strict-transport-security: max-age=2592000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: APFHX88V7DDYZA1R
x-amz-id-2: Lb2/Dxev+wzsHF9SgKX9TBevT+G6AUKBRCtB1eBuSfmgsyx8IYs7N4p3Ju+vTDWzmmOYoReRxko=
last-modified: Wed, 10 Mar 2021 20:24:32 GMT
server: cloudflare
etag: W/"7d0f11d9038cd805705a9e9bcae67b11"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1382400
cf-request-id: 08c4b8ca3c00009d24f83ce000000001
cf-ray: 62e7c3f059559d24-AMS
expires: Sat, 27 Mar 2021 21:09:43 GMT

GET
H2 200 checksiteconfig Show response
hcaptcha.com/ Frame D62F 280 B
735 B 84ms
84ms XHR
application/json 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/checksiteconfig?host=wavesclaim.com&sitekey=66e5212a-9dcb-4b2a-bc2d-17b88d0a1439&sc=1&swa=1

Requested by

Host: assets.hcaptcha.com
URL: https://assets.hcaptcha.com/captcha/v1/44bf798/hcaptcha-checkbox.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3584fcf918f1da736bc1c9bcc25d7cf468dc9c85cc850317299a145a4dcb892f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://assets.hcaptcha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Thu, 11 Mar 2021 21:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-chl-bypass: 2
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08c4b8ca6900009d24f83d0000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://assets.hcaptcha.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cf-ray: 62e7c3f0a96a9d24-AMS
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path

OPTIONS
H2 200 checksiteconfig
hcaptcha.com/ Frame 0
0 63ms
23ms Preflight 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/checksiteconfig?host=wavesclaim.com&sitekey=66e5212a-9dcb-4b2a-bc2d-17b88d0a1439&sc=1&swa=1

Protocol

Server

104.16.168.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cache-control,content-type
Origin: https://assets.hcaptcha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 11 Mar 2021 21:09:43 GMT
content-length: 0
access-control-allow-origin: https://assets.hcaptcha.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
access-control-allow-methods: GET, HEAD, POST, OPTIONS
cf-request-id: 08c4b8ca470000c785878c3000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 62e7c3f07cbfc785-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 logo-small.png
assets.hcaptcha.com/captcha/v1/44bf798/static/images/ Frame D62F 3 KB
3 KB 42ms
39ms Image
image/png 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.hcaptcha.com/captcha/v1/44bf798/static/images/logo-small.png

Requested by

Host: wavesclaim.com
URL: https://wavesclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd6800c2bc54ee17f1d155da9894da05f9a2b08f4f1a1ab086b4c2239b35a71

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.hcaptcha.com/captcha/v1/44bf798/static/hcaptcha-checkbox.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 89071
cf-ray: 62e7c3f039469d24-AMS
strict-transport-security: max-age=2592000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2650
x-amz-id-2: KNaH9sS3PfxoRO9pcEJ8HnfLc67FBtvAl9CqrJj+nIZxCYC6EeYhXoyavsiYzgyig0bbQ69m150=
last-modified: Wed, 10 Mar 2021 20:24:36 GMT
server: cloudflare
etag: "8e0e60259a7b7f673c5130e69db32488"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: ZY92KQ4JSMG767S0
cache-control: public, max-age=1382400
cf-request-id: 08c4b8ca2700009d24ffa2e000000001
accept-ranges: bytes
content-type: image/png
expires: Sat, 27 Mar 2021 21:09:43 GMT

GET
H2 200 pulse.svg
assets.hcaptcha.com/captcha/v1/44bf798/static/images/ Frame D62F 2 KB
913 B 26ms
23ms Image
image/svg+xml 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.hcaptcha.com/captcha/v1/44bf798/static/images/pulse.svg

Requested by

Host: wavesclaim.com
URL: https://wavesclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e732046b7a6130008f7e2e0552d9925eb8422277fa9f3df4d16d387aeb87cb73

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.hcaptcha.com/captcha/v1/44bf798/static/hcaptcha-checkbox.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 89071
strict-transport-security: max-age=2592000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: ZY91R4E5V8401TJP
x-amz-id-2: k0alqNSGafVgdJPKFDDGkRWutINrd2yxDqjslY/ZQSjICXwy3NpsGTyRdYh9PiQSRfXoDaObyv0=
last-modified: Wed, 10 Mar 2021 20:24:36 GMT
server: cloudflare
etag: W/"1a283b13b1db88f8f2d9208096f21cdc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1382400
cf-request-id: 08c4b8ca2300009d2408a78000000001
cf-ray: 62e7c3f039479d24-AMS
expires: Sat, 27 Mar 2021 21:09:43 GMT

GET
H2 200 check.png
assets.hcaptcha.com/captcha/v1/44bf798/static/images/ Frame D62F 798 B
1 KB 40ms
38ms Image
image/png 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.hcaptcha.com/captcha/v1/44bf798/static/images/check.png

Requested by

Host: wavesclaim.com
URL: https://wavesclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.hcaptcha.com/captcha/v1/44bf798/static/hcaptcha-checkbox.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 89071
cf-ray: 62e7c3f039489d24-AMS
strict-transport-security: max-age=2592000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 798
x-amz-id-2: m1wGLXrH8LNlS+vrdnm70QSon5eNT9k0KydpwVH4EXo4y0XXwkEGn887bA7pQ+uwQeFtrWd2uEQ=
last-modified: Wed, 10 Mar 2021 20:24:31 GMT
server: cloudflare
etag: "3c8b98c43285e3e285f0aae114b253d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: ZY91VVXQ5FAFERA9
cache-control: public, max-age=1382400
cf-request-id: 08c4b8ca2400009d241e87b000000001
accept-ranges: bytes
content-type: image/png
expires: Sat, 27 Mar 2021 21:09:43 GMT

GET
H2 200 logo-small.png
assets.hcaptcha.com/captcha/v1/44bf798/static/images/ Frame D62F 3 KB
3 KB 23ms
23ms Image
image/png 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.hcaptcha.com/captcha/v1/44bf798/static/images/logo-small.png

Requested by

Host: assets.hcaptcha.com
URL: https://assets.hcaptcha.com/captcha/v1/44bf798/static/hcaptcha-checkbox.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd6800c2bc54ee17f1d155da9894da05f9a2b08f4f1a1ab086b4c2239b35a71

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.hcaptcha.com/captcha/v1/44bf798/static/hcaptcha-checkbox.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 89071
cf-ray: 62e7c3f089619d24-AMS
strict-transport-security: max-age=2592000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2650
x-amz-id-2: KNaH9sS3PfxoRO9pcEJ8HnfLc67FBtvAl9CqrJj+nIZxCYC6EeYhXoyavsiYzgyig0bbQ69m150=
last-modified: Wed, 10 Mar 2021 20:24:36 GMT
server: cloudflare
etag: "8e0e60259a7b7f673c5130e69db32488"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: ZY92KQ4JSMG767S0
cache-control: public, max-age=1382400
cf-request-id: 08c4b8ca5500009d24f9064000000001
accept-ranges: bytes
content-type: image/png
expires: Sat, 27 Mar 2021 21:09:43 GMT

GET
H2 200 icon.svg
assets.hcaptcha.com/captcha/v1/44bf798/static/images/ Frame 9009 4 KB
2 KB 34ms
33ms Image
image/svg+xml 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.hcaptcha.com/captcha/v1/44bf798/static/images/icon.svg

Requested by

Host: assets.hcaptcha.com
URL: https://assets.hcaptcha.com/captcha/v1/44bf798/static/hcaptcha-challenge.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2103895e30862699c79e11207f422beb8ff0e9e4f4c98f4039c51e7bf415755f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.hcaptcha.com/captcha/v1/44bf798/static/hcaptcha-challenge.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 89070
strict-transport-security: max-age=2592000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: APFNG55VPXA623KF
x-amz-id-2: tiYbvc/EfpyYs4ncIsYNksCoGrBTaBq+QmNA6FtAxI9ueleKCOKsL96RhiVf+E6WL9exq7uI/ow=
last-modified: Wed, 10 Mar 2021 20:24:34 GMT
server: cloudflare
etag: W/"be372e873af6713fc0e5e8a45c6186a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1382400
cf-request-id: 08c4b8ca9700009d24f83d1000000001
cf-ray: 62e7c3f0f9879d24-AMS
expires: Sat, 27 Mar 2021 21:09:43 GMT

GET
H2 200 info-on.svg
assets.hcaptcha.com/captcha/v1/44bf798/static/images/ Frame 9009 259 B
402 B 33ms
32ms Image
image/svg+xml 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.hcaptcha.com/captcha/v1/44bf798/static/images/info-on.svg

Requested by

Host: assets.hcaptcha.com
URL: https://assets.hcaptcha.com/captcha/v1/44bf798/static/hcaptcha-challenge.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e9b006d172c0a1d72efd52b200bb09973c4f9d6445ccb8861876a8e37722da4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.hcaptcha.com/captcha/v1/44bf798/static/hcaptcha-challenge.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 89070
strict-transport-security: max-age=2592000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: APFNQCA2ZMT4BQGF
x-amz-id-2: GCOkLYuM67sycCV4o1jIKyFZPInhThutAYFPwxUgsFZXmhZ4rsPP2YjG/fOXkCwArN9RVyvCBTU=
last-modified: Wed, 10 Mar 2021 20:24:35 GMT
server: cloudflare
etag: W/"ba4aafee1c4437f484e1e287527a843b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1382400
cf-request-id: 08c4b8ca9800009d24e7aff000000001
cf-ray: 62e7c3f0f9889d24-AMS
expires: Sat, 27 Mar 2021 21:09:43 GMT

GET
H2 200 info-off.svg
assets.hcaptcha.com/captcha/v1/44bf798/static/images/ Frame 9009 259 B
479 B 35ms
33ms Image
image/svg+xml 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.hcaptcha.com/captcha/v1/44bf798/static/images/info-off.svg

Requested by

Host: assets.hcaptcha.com
URL: https://assets.hcaptcha.com/captcha/v1/44bf798/static/hcaptcha-challenge.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee95343fc52afa66c189b2b09e15a83b62326953fac7ada5690e8b300d941e3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.hcaptcha.com/captcha/v1/44bf798/static/hcaptcha-challenge.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 89070
strict-transport-security: max-age=2592000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: APFMPSMTPYXP8NV9
x-amz-id-2: L90lVf1MGVIiiswvFD0/lhLN0T6FvuaCao6tqvWXgPArpmV+NSWNc2o3YKgtfzQTbowqATTlECM=
last-modified: Wed, 10 Mar 2021 20:24:35 GMT
server: cloudflare
etag: W/"f9d20a678492db09477878f9d55be9da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1382400
cf-request-id: 08c4b8ca9c00009d24e7b00000000001
cf-ray: 62e7c3f0f98a9d24-AMS
expires: Sat, 27 Mar 2021 21:09:43 GMT

GET
H2 200 refresh-on.svg
assets.hcaptcha.com/captcha/v1/44bf798/static/images/ Frame 9009 1 KB
935 B 71ms
70ms Image
image/svg+xml 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.hcaptcha.com/captcha/v1/44bf798/static/images/refresh-on.svg

Requested by

Host: assets.hcaptcha.com
URL: https://assets.hcaptcha.com/captcha/v1/44bf798/static/hcaptcha-challenge.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c54c6d08298fc76893fb1e964b4289403e8a33d1a702919246844a30334fc7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.hcaptcha.com/captcha/v1/44bf798/static/hcaptcha-challenge.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 89070
strict-transport-security: max-age=2592000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: APFWXNSAX1BM1N46
x-amz-id-2: AbH39nMeZQPz3d0oUZdmJITcKhlUFWJu8J6Bw+88JElqy+nPzuXip0tI1qclJh1ZIWxHvUNluE4=
last-modified: Wed, 10 Mar 2021 20:24:37 GMT
server: cloudflare
etag: W/"c920ed99ac20863ebfbe765765e18f37"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1382400
cf-request-id: 08c4b8ca9800009d2423375000000001
cf-ray: 62e7c3f0f98b9d24-AMS
expires: Sat, 27 Mar 2021 21:09:43 GMT

GET
H2 200 refresh-off.svg
assets.hcaptcha.com/captcha/v1/44bf798/static/images/ Frame 9009 1 KB
837 B 34ms
33ms Image
image/svg+xml 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.hcaptcha.com/captcha/v1/44bf798/static/images/refresh-off.svg

Requested by

Host: assets.hcaptcha.com
URL: https://assets.hcaptcha.com/captcha/v1/44bf798/static/hcaptcha-challenge.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfdf8f5c8f0a88fd948ddb5f3e75f48f1a5b64c0dbca52aee02758cded0fdd1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.hcaptcha.com/captcha/v1/44bf798/static/hcaptcha-challenge.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 89070
strict-transport-security: max-age=2592000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: APFQJZE2VTC52GEF
x-amz-id-2: Kn3Rg1VvKbVTnsAgW/WF8u4bnzvtSqUh7so9JHULNikhdYAxboOGy8WF3C6BAsZ+iqV2IRyTsBU=
last-modified: Wed, 10 Mar 2021 20:24:37 GMT
server: cloudflare
etag: W/"c603c970232a32a5a3e7c3490bb8570d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1382400
cf-request-id: 08c4b8ca9800009d241e87d000000001
cf-ray: 62e7c3f0f98c9d24-AMS
expires: Sat, 27 Mar 2021 21:09:43 GMT

GET
H2 200 close-on.svg
assets.hcaptcha.com/captcha/v1/44bf798/static/images/ Frame 9009 883 B
540 B 35ms
34ms Image
image/svg+xml 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.hcaptcha.com/captcha/v1/44bf798/static/images/close-on.svg

Requested by

Host: assets.hcaptcha.com
URL: https://assets.hcaptcha.com/captcha/v1/44bf798/static/hcaptcha-challenge.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

057106463a1403212214c0123c9112094b006cce83914ff80ec96bf176ba2764

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.hcaptcha.com/captcha/v1/44bf798/static/hcaptcha-challenge.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 89070
strict-transport-security: max-age=2592000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: APFHX88V7DDYZA1R
x-amz-id-2: Lb2/Dxev+wzsHF9SgKX9TBevT+G6AUKBRCtB1eBuSfmgsyx8IYs7N4p3Ju+vTDWzmmOYoReRxko=
last-modified: Wed, 10 Mar 2021 20:24:32 GMT
server: cloudflare
etag: W/"7d0f11d9038cd805705a9e9bcae67b11"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1382400
cf-request-id: 08c4b8ca9c00009d241e87e000000001
cf-ray: 62e7c3f0f98d9d24-AMS
expires: Sat, 27 Mar 2021 21:09:43 GMT

GET
H2 200 close-off.svg
assets.hcaptcha.com/captcha/v1/44bf798/static/images/ Frame 9009 883 B
695 B 51ms
50ms Image
image/svg+xml 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.hcaptcha.com/captcha/v1/44bf798/static/images/close-off.svg

Requested by

Host: assets.hcaptcha.com
URL: https://assets.hcaptcha.com/captcha/v1/44bf798/static/hcaptcha-challenge.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f818610e42523c097d324208b02099181c0387da9e39db35cda95cf4fd99d139

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.hcaptcha.com/captcha/v1/44bf798/static/hcaptcha-challenge.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 89070
strict-transport-security: max-age=2592000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: APFWNN5GNV353HZ4
x-amz-id-2: Nj3Fvr01cjR8gLswdnnqs2QIVB61HCGPpm9hwjjpbfPBxAIUlCXCZywuucdd4ZbCoNjUaENf9/g=
last-modified: Wed, 10 Mar 2021 20:24:32 GMT
server: cloudflare
etag: W/"3d7acdbc7af878528eadd95b356d89a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1382400
cf-request-id: 08c4b8ca9900009d24ec8f7000000001
cf-ray: 62e7c3f0f98e9d24-AMS
expires: Sat, 27 Mar 2021 21:09:43 GMT

GET
H2 200 hsw.js Show response
assets.hcaptcha.com/c/69ddda79/ Frame 9009 828 KB
308 KB 49ms
49ms Script
application/javascript 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.hcaptcha.com/c/69ddda79/hsw.js

Requested by

Host: assets.hcaptcha.com
URL: https://assets.hcaptcha.com/captcha/v1/44bf798/hcaptcha-challenge.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e92b2a7f6834a25f35eb72589322e2289c6f58330e111926fd940464a4d66bc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.hcaptcha.com/captcha/v1/44bf798/static/hcaptcha-challenge.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 33346
cf-polished: origSize=847618
strict-transport-security: max-age=2592000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: SWE2BSRAEPWHT72H
x-amz-id-2: j4XJY6tEaxYEX0RY36LzwUsHPAvWiK6etIwTtxPW0BF9VpmdehO8R2meFiiPvVxK43m9wRP2u1w=
last-modified: Thu, 11 Mar 2021 11:53:39 GMT
server: cloudflare
etag: W/"6b792b27dd76e5d3a16f50bb87a3ef6a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600
cf-request-id: 08c4b8cabf00009d24ea943000000001
cf-ray: 62e7c3f139d39d24-AMS
cf-bgj: minify

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 43ms
24ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210309&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

951e635c3384b4f76d259837357f08e2086b97abb160eeeeb54cd31066795804

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Mar 2021 21:09:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6520
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 58ms
38ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:09:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Thu, 11 Mar 2021 21:09:46 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame EC8E 12 KB
5 KB 34ms
20ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wavesclaim.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://wavesclaim.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Thu, 11 Mar 2021 17:44:04 GMT
expires: Fri, 11 Mar 2022 17:44:04 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 12342
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 WX7IimsAo_RF7a_KStWqUkPmmU8kKH6_0S6PX737N0g.js Show response
pagead2.googlesyndication.com/bg/ Frame EC8E 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WX7IimsAo_RF7a_KStWqUkPmmU8kKH6_0S6PX737N0g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

597ec88a6b00a3f445edafca4ad5aa5243e6994f24287ebfd12e8f5fbdfb3748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 17:45:00 GMT
server: sffe
age: 1745
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5688
x-xss-protection: 0
expires: Fri, 11 Mar 2022 20:40:41 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
46 B 41ms
41ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210309&jk=1415811703231043&bg=!REelRwTNAAUO7zDoDjsAKQB2-Dxa_Ftuzzud4GHtUzxQPjRCCfpKvPRepnDF1RVipjUYRAoGhVX0AgAAAEtSAAAACWgBBwoAwEbwmfyDOYMMeBwSx93-PNQWLtGloh2-eY8cXWp61dwGkrYwH8FSBdNPsmycq77Y5umRx-EdGxNbrEXl5hTL1fvSWmrN7DiX6QN9dmRwpz91bcVu62HADPB5Ii8_VvtenQkg3reRKBjcXFtiH6OM4H1sS-0b9giqO80NbcfIBphNP1t3Fh0OQqv83hVGgILmg76N8DPF3PUrU5xFg_hj8OSn892lpiXeBNNvSWdzz6iCUCRDemDSrvpVpNfOuEnCfpkCETcnwxfecbhAPGaBCw3lAfdXPopkqSVgED0IQl_-laM46yX4mXCHsrveEcVjEmAEJ75Zv8ys62pYx689SSmK3QZDusgdZHVf7J3LCeyY7os4XWjpwWzKw2oBnT3QQUVD8ZJx1xw_C9OvBXZEvmWz8021wE0PZSk6WPgnffviUBProOBcH2uRP_oEHksHH0GhuxhzMjJs5KHjj1DP52co1P3kVMH-iHkuUha2xuvWRWuO93DicWF500ChYgigcbu9cc7sS4XKxNydEWP_u48XohJqd4ybBMhnU_m5dqbfuMCgo-3yw8_bB0IYK4WKtQ2po9I_tOIhIHnK0CdivX1Mb28qN4yW6BayhfORj39XVpyJj1KHI7pXmB436wtUi7kE-ukTgNHGnp8-VzX8F3Bfqtux8sBg-OXJZiqOURdHdgFzEIhWeOfqcMORsPleXdJ_IlQjQ-iiKpWxOqqMkPfwzbvebT_kmlpX3MDS191LnqC3ySTUMcEcgZ6XY-AFmFMtuZoSSzpp-WQhkY0_kOlP-NCPcrYLaGTDDpUa7P4JThwCBUa02thbI_-CQ1SAHpFE30wttdfnN9iTCELS4XlhnXlH82gdkgN0uIaborf5wBdLHNoVdlWqHNl0qsvG9w3ctNZoBFt2mkGzvjcg39CXrHEwZ-FibPFtq0N6-AEtFnVaxOY0U-2wRIv_GPcm5Txfcms

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wavesclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 21:09:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

187 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.foxpush.net/sdk/foxpush_SDK_min.js(Line 2) Message: %c Push notifications powered by: FoxPush.com background: #222; color: #bada55;font-size:20px;
console-api	log	URL: https://resources.infolinks.com/js/1735.003-3.012/ice.js(Line 1) Message: [object Object]
console-api	log	URL: https://resources.infolinks.com/js/1735.003-3.012/ice.js(Line 1) Message: Failed to log to loggly because of this exception: SecurityError: Blocked a frame with origin "https://wavesclaim.com" from accessing a cross-origin frame.
console-api	log	URL: https://resources.infolinks.com/js/1735.003-3.012/ice.js(Line 1) Message: Failed log data: [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdcdn.com
adservice.google.com
adservice.google.de
ap.lijit.com
api.coingecko.com
assets.hcaptcha.com
b1sync.zemanta.com
cdn.bmcdn1.com
cdn.foxpush.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
de.tynt.com
dmp.brand-display.com
dsp.adkernel.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gu.dyntrk.com
hcaptcha.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
json.foxpush.com
match.adsrvr.org
onclickgenius.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.advertising.com
pr-bh.ybp.yahoo.com
resources.infolinks.com
revive.wavesclaim.com
router.infolinks.com
s.amazon-adsystem.com
s.cpx.to
script.hotjar.com
secure-assets.rubiconproject.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
static.hotjar.com
sync.1rx.io
sync.adotmob.com
sync.go.sonobi.com
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
token.rubiconproject.com
tpc.googlesyndication.com
ufpcdn.com
ups.analytics.yahoo.com
us.ck-ie.com
vars.hotjar.com
wavesclaim.com
www.googletagservices.com
www.hcaptcha.com
www.wavesclaim.com
104.108.145.8
104.16.168.131
104.22.3.144
13.226.159.117
172.217.18.98
174.137.133.49
178.162.133.149
18.156.0.31
18.197.99.6
184.30.212.16
185.183.112.155
185.33.221.90
185.64.189.114
185.64.189.216
185.64.190.80
185.94.180.126
193.0.160.128
208.100.17.181
213.19.147.150
213.19.147.151
216.58.212.130
2606:4700:20::681a:ab8
2606:4700:20::ac43:4801
2606:4700:3030::6815:2ed2
2606:4700:3030::6815:3262
2606:4700:3030::ac43:c56e
2606:4700:3032::ac43:938f
2606:4700::6810:125e
2606:4700::6812:47f
2a00:1288:110:c305::8000
2a00:1450:4001:800::2001
2a00:1450:4001:801::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200a
34.246.156.173
35.190.71.96
35.241.40.233
51.178.20.140
51.38.120.206
52.19.239.39
63.33.19.148
65.9.96.48
65.9.96.51
67.202.110.21
69.173.144.165
70.42.32.95
72.21.206.140
72.251.249.14
88.214.193.83
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
03241a470052a86e3d0bc4c77894ae3f87a1452092fff62ff01d499ead7decac
057106463a1403212214c0123c9112094b006cce83914ff80ec96bf176ba2764
0df6484dbf70ebd75322399c565acbd86bb65a5cd6f2ea4b7278a5ba5abb45dc
10d159adb573ca535b8275f1d27dc8d60fffd9678ee3b5f1a0f7b4be4a77342f
12caf0f26ad2317f4cc853e40f91ea3ca84baebfd5501df2a2e3c39f47b4e308
1563242650b171ec2891fd663277b9e83aad237cfbbe9576680771451849df64
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
1c54c6d08298fc76893fb1e964b4289403e8a33d1a702919246844a30334fc7c
2103895e30862699c79e11207f422beb8ff0e9e4f4c98f4039c51e7bf415755f
23be383d77455510c24afd46b41da42092615b90c61ad30a663e2fcefa579302
3180896cdbb6e4503702f23f81a4663a12bbe7b9c77b8f20a074211d997bc35f
3431c755eb7be84c7a242b85c3e18a0843d17fa9ca60248ddc9462e41ec70400
3584fcf918f1da736bc1c9bcc25d7cf468dc9c85cc850317299a145a4dcb892f
3763a8975fcfa164fadcbc035780a147f75434ecaf79f33c1f3d0221477458cb
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
495b316cdda6e7b6ce663bb9eeeee0cf6f7f6e5969d0a6c1fe39307cbdb9d686
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4ace1ebd4532d2816d815bdda6662d918b11366fde163cfd93eed6dc6eb5ecd7
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565cffaf69bb41b260a8140c31d39bc6e68327e68e9f75ba4f3786dc5a7d374b
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7
597ec88a6b00a3f445edafca4ad5aa5243e6994f24287ebfd12e8f5fbdfb3748
59f4d7efe6da31323c45da80772acec8cd177a21530c2de576f86ee3fcefd946
66f396314193bfe4809457b6c8004d026e3c503befe550e29ea068667f84ce39
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e9b006d172c0a1d72efd52b200bb09973c4f9d6445ccb8861876a8e37722da4
736173659d4431b8a53a08aacc1bec3ad3a2f44df5209c09d76c265374698302
74b736df75c95c1ecb8a6f7b6bdf0de8cc4a3a2670405e0c046ea93f9e7198f3
787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4
83b2db06e4e840f5c818b986001e24ed7added38a25e036e6e12607025d14f0e
8709fa3a78dfdbe6172a5d2f4ac6aa627f871c68fbc5f3eee4c2442b58a0f123
8c34f9ba1921b6aa933d3e917d35723df6703a75081a87e51592595b4bafe917
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e8862ddabd512fc6e7e517990f6dd231201eea86497bb4b42ffaf81ef5f2a0e
912cf539c52a2310ece0419a7e0af284a33c711373d2d40542888c99bbe3af3c
951e635c3384b4f76d259837357f08e2086b97abb160eeeeb54cd31066795804
959794683352038d0ac46a1a0b4702b4f0755c881d8554f1d2bf78bcb8130c0a
9a1088330e7e3f920ad6aacb74d21355d223a195bbf72dee3ed3bddc1a7f8708
9bd71240933790c0dc85d69741a3b0bcfef32a44b46ce8893d2541ecaee2db72
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ad2faba0979be29c89b8d08ef63c816e10a6a144e28099bec603f516c795ea29
ad615095c852cec24cec585fe3a88af86761c3d2c426c713c40a5499e3a449d2
ad7b421b4c1477d981b7111990baba84060079a595d7a0b92e2616aa0cbacc0e
ad9b49c142be2f82711d8244a060e39f96536a664fe5ffd062de8c78020707a7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb20e47a43421e8c77bf20ffc663963c83c54af9aaf6559dd757ebb47e52ca5f
bcb9a281c6fe094fb17a7ec2c3a5bc274de05f115579a326d3cad001f48289ea
bce201dde4214dd5e4c889b4f35a4221fe47d90c16d55c5d8be25c882fcb218a
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c15d0542bfed06d4e67418f4b0ef7006077d2b98bf7a3f978b0bda465c5ea8c7
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
ca09b8b34bafc0664fed71cd849c6ae94f85ebaf1474ae92af4fbb6f32e6ae82
ce9b0b987dac8a9a46892ef7466f1423b2157632395f2c7714921a3732e709ca
cfdf8f5c8f0a88fd948ddb5f3e75f48f1a5b64c0dbca52aee02758cded0fdd1a
d29db2e9e337a79391993f880a0f035623e1d29bbe8886474e924a2e25791c49
d2ccfee9154c96b57990b774ee049797c6da6ac0958015c2a6e6d9bf326f9b03
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09
ddd6800c2bc54ee17f1d155da9894da05f9a2b08f4f1a1ab086b4c2239b35a71
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b435be5c63ebc3f94e7546078ce5e4e8e144bc4562f152484e5f34f25ceb92
e732046b7a6130008f7e2e0552d9925eb8422277fa9f3df4d16d387aeb87cb73
e92b2a7f6834a25f35eb72589322e2289c6f58330e111926fd940464a4d66bc2
eb870739b461fd9a853f138ff8806fd8b588881300422d5643ebc544b842304f
ee95343fc52afa66c189b2b09e15a83b62326953fac7ada5690e8b300d941e3b
ef0d80c9782eb1cfac57024ea1766f0baae2ac31d51874b91991ae355d9009f2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef22755bc9501f967f1cb92530ea9a24c98432e12dfa2b35a71482b3e5579b21
f6ea5a7569122397a2eb5731ddf74a962b8114d3a9d1684ddd3046d919f4615a
f818610e42523c097d324208b02099181c0387da9e39db35cda95cf4fd99d139
fc7dcedc1b5419516b6c42d143e0cafbdc46154c0aed5a58d93409851c95c271
fd62c826eddd50a901fa65873318c2be563137ba6a467160d0e72a433b6f4179
ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a

wavesclaim.com Open in urlscan Pro 2606:4700:3030::6815:3262 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

114 Requests

100 %HTTPS

33 %IPv6

44 Domains

59 Subdomains

38 IPs

6 Countries

1340 kBTransfer

3930 kBSize

0 Cookies

15 Outgoing links

Page URL History

Redirected requests

114 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

wavesclaim.com Open in urlscan Pro
2606:4700:3030::6815:3262 Public Scan

Screenshot
Live screenshot

Full Image

114
Requests

100 %
HTTPS

33 %
IPv6

44
Domains

59
Subdomains

38
IPs

6
Countries

1340 kB
Transfer

3930 kB
Size

0
Cookies

114 HTTP transactions
0 data transactions