urlscan.io logo urlscan.io
SecurityTrails logo

pennyit.online Open in urlscan Pro
185.84.161.70  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://pennyit.online/
Effective URL: https://pennyit.online/rustun/
Submission: On September 12 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 10 domains to perform 28 HTTP transactions. The main IP is 185.84.161.70, located in Bangkok, Thailand and belongs to YUT-AS-AP Y.U.T Corporate Company Limited, TH. The main domain is pennyit.online.
TLS certificate: Issued by localhost on November 10th 2009. Valid for: 10 years.
This is the only time pennyit.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 185.84.161.70 149766 (YUT-AS-AP...)
8 172.217.16.194 15169 (GOOGLE)
1 172.67.213.123 13335 (CLOUDFLAR...)
1 184.24.77.162 20940 (AKAMAI-ASN1)
4 172.67.157.8 13335 (CLOUDFLAR...)
2 104.17.24.14 13335 (CLOUDFLAR...)
1 184.30.20.74 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
28 9
4    185.84.161.70 (Bangkok, Thailand)

ASN149766 (YUT-AS-AP Y.U.T Corporate Company Limited, TH)
pennyit.online
8    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net
pagead2.googlesyndication.com
1    172.67.213.123 (United States)

ASN13335 (CLOUDFLARENET, US)
www.tmtopup.com
1    184.24.77.162 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-24-77-162.deploy.static.akamaitechnologies.com
steamcdn-a.akamaihd.net
4    172.67.157.8 (United States)

ASN13335 (CLOUDFLARENET, US)
static.tmpay.net
2    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    184.30.20.74 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-74.deploy.static.akamaitechnologies.com
store.steampowered.com
1    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
tpc.googlesyndication.com — Cisco Umbrella Rank: 203
210 KB
4 tmpay.net
static.tmpay.net
42 KB
4 pennyit.online
pennyit.online
145 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
63 KB
1 steampowered.com
store.steampowered.com — Cisco Umbrella Rank: 4799
38 KB
1 akamaihd.net
steamcdn-a.akamaihd.net — Cisco Umbrella Rank: 29785
278 KB
1 tmtopup.com
www.tmtopup.com
7 KB
0 steamcommunity.com Failed
steamcommunity.com Failed
0 Failed
function sub() { [native code] }. Failed
0 duckdns.org Failed
unzone.duckdns.org Failed
28 10
Domain Requested by
8 pagead2.googlesyndication.com pennyit.online
pagead2.googlesyndication.com
4 static.tmpay.net www.tmtopup.com
4 pennyit.online 1 redirects pennyit.online
2 cdnjs.cloudflare.com www.tmtopup.com
1 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
1 store.steampowered.com
1 steamcdn-a.akamaihd.net pennyit.online
1 www.tmtopup.com pennyit.online
0 steamcommunity.com Failed
0 185.84.161.70 Failed
0 unzone.duckdns.org Failed pennyit.online
28 11

This site contains links to these domains. Also see Links.

Domain
unturned-servers.net
unturnedsl.com
www.facebook.com
Subject Issuer Validity Valid
localhost
localhost		 2009-11-10 -
2019-11-08		 10 years crt.sh
*.g.doubleclick.net
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
tmtopup.com
WE1		 2024-08-26 -
2024-11-24		 3 months crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-04-18 -
2025-04-19		 a year crt.sh
tmpay.net
WE1		 2024-08-28 -
2024-11-26		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
store.steampowered.com
DigiCert SHA2 Extended Validation Server CA		 2024-09-10 -
2025-09-11		 a year crt.sh
tpc.googlesyndication.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh

This page contains 5 frames:

Frame: https://185.84.161.70/
Frame ID: 0C557D5CF1ABD8E39F6783DF68AE58C4
Requests: 24 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240905/r20110914/zrt_lookup_fy2021.html
Frame ID: D3B7B54C00B7C01D778140A8F97D3682
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-7013134315824848&output=html&adk=1812271804&adf=3025194257&abgtt=1&lmt=1726162011&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpennyit.online%2Frustun%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=32_24~29_18~30_19&aiixl=32_9~29_5~30_6&aslmct=0.7&asamct=0.7&itsi=-1&aiepr=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1726162010410&bpp=607&bdt=403&idt=1112&shv=r20240905&mjsv=m202409050101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=3639202799206&frm=20&pv=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31086863%2C31086866%2C44798934%2C95338226%2C95341663%2C95342032%2C95342458%2C31086925%2C95341670&oid=2&pvsid=4445575935169669&tmod=1356378121&uas=0&nvt=1&fsapi=1&fc=1920&brdim=230%2C230%2C230%2C230%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=1159
Frame ID: 66D4AFB0348FEE11F643521D641D2F82
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-7013134315824848&output=html&h=280&slotname=7662621920&adk=1233886324&adf=3398966998&pi=t.ma~as.7662621920&w=490&abgtt=1&fwrn=4&fwrnh=100&lmt=1726162015&rafmt=1&format=490x280&url=https%3A%2F%2Fpennyit.online%2Frustun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1726162015126&bpp=23&bdt=5119&idt=23&shv=r20240905&mjsv=m202409050101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=3639202799206&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=499&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31086863%2C31086866%2C44798934%2C95338226%2C95341663%2C95342032%2C95342458%2C31086925%2C95341670&oid=2&pvsid=4445575935169669&tmod=1356378121&uas=0&nvt=1&fc=1920&brdim=230%2C230%2C230%2C230%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=a!2&fsb=1&dtd=27
Frame ID: F744EE7B5F617E53D19CAE3B9EF719D3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8914FD6AB5A740C644432F12C865A7A2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

UnZone

Page URL History Show full URLs

  1. https://pennyit.online/ HTTP 302
    https://pennyit.online/rustun/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

28
Requests

64 %
HTTPS

13 %
IPv6

10
Domains

11
Subdomains

9
IPs

4
Countries

783 kB
Transfer

1626 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://pennyit.online/ HTTP 302
    https://pennyit.online/rustun/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • http://185.84.161.70/ HTTP 307
  • https://185.84.161.70/

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
pennyit.online/rustun/
Redirect Chain
  • https://pennyit.online/
  • https://pennyit.online/rustun/
119 KB
120 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pennyit.online/rustun/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.84.161.70 Bangkok, Thailand, ASN149766 (YUT-AS-AP Y.U.T Corporate Company Limited, TH),
Reverse DNS
Software
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30 / PHP/8.0.30
Resource Hash
2568c5ad012e0d04ef13b93df6a30bedf3d32ad0e74094ff2c659f218f8678b8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 12 Sep 2024 17:26:48 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=99
Pragma
no-cache
Server
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30
Transfer-Encoding
chunked
X-Powered-By
PHP/8.0.30

Redirect headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Thu, 12 Sep 2024 17:26:48 GMT
Keep-Alive
timeout=5, max=100
Location
https://pennyit.online/rustun/
Server
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30
X-Powered-By
PHP/8.0.30
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		152 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pennyit.online
URL: https://pennyit.online/rustun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
73dc6a2bf4e63c367c741b00ad90519229214f0fc0077710bd79255a38d2c0d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pennyit.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 12 Sep 2024 17:26:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52035
x-xss-protection
0
server
cafe
etag
326567865186811724
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Thu, 12 Sep 2024 17:26:50 GMT
3rdTopup.php
www.tmtopup.com/topup/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tmtopup.com/topup/3rdTopup.php?uid=171187
Requested by
Host: pennyit.online
URL: https://pennyit.online/rustun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.123 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
556e476db5bc2620d82ac64617d929fd531b7d833e146d79b7fdced1ed3a46c7

Request headers

Referer
https://pennyit.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Sep 2024 17:26:50 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 12 Sep 2024 17:26:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SAriL44c7CCGi3UhTu%2FjzlHou7rJDn6wRnm%2Btk2oVkQMCdRzmfUz%2FvuftbEjoit5wLERDDPdqAu3K8%2BdlMP%2Bsx7yM0Gq9y30YFZ2XxQhk1tJhKn5l0AAKPalZcrPWIETVdU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store, no-cache, must-revalidate
cf-ray
8c219ad3dabed2bb-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
icon_server.png
pennyit.online/rustun/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pennyit.online/rustun/icon_server.png
Requested by
Host: pennyit.online
URL: https://pennyit.online/rustun/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.84.161.70 Bangkok, Thailand, ASN149766 (YUT-AS-AP Y.U.T Corporate Company Limited, TH),
Reverse DNS
Software
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30 /
Resource Hash
662ce941e367b686fb8c3d517ccf0d72ebe6465b728f30414981a93f4de31de6

Request headers

Referer
https://pennyit.online/rustun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Thu, 12 Sep 2024 17:26:49 GMT
Last-Modified
Mon, 02 Nov 2020 13:55:14 GMT
Server
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30
ETag
"3bfc-5b3201871f480"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
15356
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409050101/ 		417 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7013134315824848&plah=pennyit.online&bust=31086925
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
64e9edbe19b8991eff80d62fa49911a41b05858b87473ac6188a5dad8cc010e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pennyit.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 12 Sep 2024 17:26:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
143427
x-xss-protection
0
server
cafe
etag
6310439989650624373
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 12 Sep 2024 17:26:51 GMT
ss_b1cf12ba306180da433dcf199f6f4a2fa74e48bd.1920x1080.jpg
steamcdn-a.akamaihd.net/steam/apps/304930/ 		277 KB
278 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://steamcdn-a.akamaihd.net/steam/apps/304930/ss_b1cf12ba306180da433dcf199f6f4a2fa74e48bd.1920x1080.jpg?t=1590451726
Requested by
Host: pennyit.online
URL: https://pennyit.online/rustun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-162.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7c359d07ce85ee74336a7bfa7ec9e5e1ac87547224c70afa6f9a1f98d93d037b

Request headers

Referer
https://pennyit.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 12 Sep 2024 17:26:51 GMT
last-modified
Mon, 03 Jul 2017 23:44:05 GMT
server
nginx
etag
"595ad6c5-454c0"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=449445
accept-ranges
bytes
content-length
283840
expires
Tue, 17 Sep 2024 22:17:36 GMT
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240905/r20110914/ Frame D3B7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20240905/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7013134315824848&plah=pennyit.online&bust=31086925
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pennyit.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age
19384
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4111
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 12 Sep 2024 12:03:47 GMT
etag
5947459844715414650
expires
Thu, 26 Sep 2024 12:03:47 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=TABLE&id=polina&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: pennyit.online
URL: https://pennyit.online/rustun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pennyit.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Sep 2024 17:26:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/pagead/ Frame 66D4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-7013134315824848&output=html&adk=1812271804&adf=3025194257&abgtt=1&lmt=1726162011&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpennyit.online%2Frustun%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=32_24~29_18~30_19&aiixl=32_9~29_5~30_6&aslmct=0.7&asamct=0.7&itsi=-1&aiepr=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1726162010410&bpp=607&bdt=403&idt=1112&shv=r20240905&mjsv=m202409050101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=3639202799206&frm=20&pv=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31086863%2C31086866%2C44798934%2C95338226%2C95341663%2C95342032%2C95342458%2C31086925%2C95341670&oid=2&pvsid=4445575935169669&tmod=1356378121&uas=0&nvt=1&fsapi=1&fc=1920&brdim=230%2C230%2C230%2C230%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=1159
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7013134315824848&plah=pennyit.online&bust=31086925
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pennyit.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 12 Sep 2024 17:26:51 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
font-awesome.min.css
unzone.duckdns.org/rustun/css/ 		0
0
jquery.min.js
unzone.duckdns.org/rustun/js/ 		0
0
bootstrap.min.js
unzone.duckdns.org/rustun/js/ 		0
0
clipboard.min.js
pennyit.online/rustun/js/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pennyit.online/rustun/js/clipboard.min.js
Requested by
Host: pennyit.online
URL: https://pennyit.online/rustun/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.84.161.70 Bangkok, Thailand, ASN149766 (YUT-AS-AP Y.U.T Corporate Company Limited, TH),
Reverse DNS
Software
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30 /
Resource Hash
ca19a08d150ab3e0255c198f9b3035d1b1e93ece6146f4088ada02e3cee808cf

Request headers

Referer
https://pennyit.online/rustun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Thu, 12 Sep 2024 17:26:53 GMT
Last-Modified
Wed, 26 Jun 2019 15:14:38 GMT
Server
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30
ETag
"2355-58c3b80f43380"
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
9045
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		152 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pennyit.online
URL: https://pennyit.online/rustun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
73dc6a2bf4e63c367c741b00ad90519229214f0fc0077710bd79255a38d2c0d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pennyit.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 12 Sep 2024 17:26:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52035
x-xss-protection
0
server
cafe
etag
326567865186811724
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Thu, 12 Sep 2024 17:26:50 GMT
ads
pagead2.googlesyndication.com/pagead/ Frame F744 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-7013134315824848&output=html&h=280&slotname=7662621920&adk=1233886324&adf=3398966998&pi=t.ma~as.7662621920&w=490&abgtt=1&fwrn=4&fwrnh=100&lmt=1726162015&rafmt=1&format=490x280&url=https%3A%2F%2Fpennyit.online%2Frustun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1726162015126&bpp=23&bdt=5119&idt=23&shv=r20240905&mjsv=m202409050101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=3639202799206&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=499&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31086863%2C31086866%2C44798934%2C95338226%2C95341663%2C95342032%2C95342458%2C31086925%2C95341670&oid=2&pvsid=4445575935169669&tmod=1356378121&uas=0&nvt=1&fc=1920&brdim=230%2C230%2C230%2C230%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=a!2&fsb=1&dtd=27
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7013134315824848&plah=pennyit.online&bust=31086925
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pennyit.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 12 Sep 2024 17:26:55 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
jquery-1.11.0.min.js
static.tmpay.net/tmtopup/assets/js/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tmpay.net/tmtopup/assets/js/jquery-1.11.0.min.js
Requested by
Host: www.tmtopup.com
URL: https://www.tmtopup.com/topup/3rdTopup.php?uid=171187
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.157.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

Referer
https://pennyit.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 12 Sep 2024 17:26:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 24 Mar 2014 14:58:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"53304827-1787d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xfdlI9JcI0aJNZg0fa6h3bICdTG1FTpx2RTIdacpN06Y3v0wH1FO4c8wNk84vRXB4dy9qmWDzs3q%2BpAUikhVnCXBFeSRj4bbTsPMpxdX5UyhESI%2Fnk%2B4ss9uiH6gwf5I%2B9J2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8c219af34fd43a84-FRA
alt-svc
h3=":443"; ma=86400
jquery-ui.min.css
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/ 		31 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/jquery-ui.min.css
Requested by
Host: www.tmtopup.com
URL: https://www.tmtopup.com/topup/3rdTopup.php?uid=171187
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be92933b839bd4ce1b67c440bd9bd832d8a7333d578c7d1061d00edbceb557d3
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://pennyit.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 12 Sep 2024 17:26:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
562561
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6516
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-7a36"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xpfUIJJndmG7cGYKDIUoMmmlumNx46qKvl%2BxXfDHPw30RIDhWUNl9MQiUS%2FTwiVNFtv92kyBEZ5eyTGXkDfjLWM%2FIAZmO6EgeYvwRzc9%2BD3lEhiQpG%2BqDDIne4soFlwLqgKEhbe%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8c219afe0d79d3a9-FRA
expires
Tue, 02 Sep 2025 17:26:56 GMT
jquery-ui.min.js
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/ 		248 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
Requested by
Host: www.tmtopup.com
URL: https://www.tmtopup.com/topup/3rdTopup.php?uid=171187
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://pennyit.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 12 Sep 2024 17:26:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
163202
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57137
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-3dee5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m5B5yzmLarPjVPbfRRkGZ9U0PTa7p2MwJiPVp%2B7dpsh%2BXDgmvuAMFo%2FTMJZq2WO3pBbzCHuVeBg1qsOsu4kgjgN7h2hretkiJSrOJXs3yDUm%2ByENgvFYz%2F83VOhmbY3JtBmR%2BxKK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8c219afe0d7cd3a9-FRA
expires
Tue, 02 Sep 2025 17:26:56 GMT
jquery.xdomainrequest.min.js
static.tmpay.net/tmtopup/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tmpay.net/tmtopup/assets/js/jquery.xdomainrequest.min.js
Requested by
Host: www.tmtopup.com
URL: https://www.tmtopup.com/topup/3rdTopup.php?uid=171187
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.157.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
460a785c00f7ed4feaeb64bb649525a40d95ae555bf71c9ad02c9245d103b6b7

Request headers

Referer
https://pennyit.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 12 Sep 2024 17:26:57 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 13 Jan 2014 18:17:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"52d42dc2-6d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iLZqWtJr%2FDCr4gvfRnfKgyls3pagE6dDXLuDBv1MEAbUSmh8ufJkkzQXf%2BWmrMBBksVI8XdVQgDooZmfsx2%2Feucdi3ssgGT8vjuiUorc6%2B6jCqQcdmt%2FuD9Cjd8OdcuNp1f0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8c219afeeeca3a84-FRA
alt-svc
h3=":443"; ma=86400
colorbox.css
static.tmpay.net/tmtopup/colorbox/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.tmpay.net/tmtopup/colorbox/colorbox.css
Requested by
Host: www.tmtopup.com
URL: https://www.tmtopup.com/topup/3rdTopup.php?uid=171187
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.157.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77f64c999735f8c556cd3d9003768ea18007865326f5db647ca693529cd9123d

Request headers

Referer
https://pennyit.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 12 Sep 2024 17:26:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 02 Apr 2014 18:30:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"533c5744-114c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uSpHtYGCmAzHtl0ztecTYlpseGbTQF3fBDvjgpTebJvxs70HTyC5a4c3V83%2FMa2Ro1828iGvUgbE0xRohcYRqgh0VtzTydJg%2BQxv8f0YASs1gXcHMbCpOwFcngHmUdxx0zEv"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8c219b046d5c3a84-FRA
alt-svc
h3=":443"; ma=86400
jquery.colorbox-min.js
static.tmpay.net/tmtopup/colorbox/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tmpay.net/tmtopup/colorbox/jquery.colorbox-min.js
Requested by
Host: www.tmtopup.com
URL: https://www.tmtopup.com/topup/3rdTopup.php?uid=171187
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.157.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77e0fadb078e1c9ac4797d40d618e49e8b22333796b6ceae6251ad548bf887b8

Request headers

Referer
https://pennyit.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 12 Sep 2024 17:26:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 24 Mar 2014 14:57:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"533047f5-2dd5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zctvyb1lEc%2FFKYKWztDogpIMYVM3KYnkCGWBnk2xr%2BHqc3gFWbUXaR28bxwI6KHvt2gwbphH2q65JwS2V3kYF8MyJfES7zbmYMmAffKD3XJfaDGwdANnJ5KvaduESkv8Rdcy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8c219b046d5f3a84-FRA
alt-svc
h3=":443"; ma=86400
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240905&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7013134315824848&plah=pennyit.online&bust=31086925
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
f0f467a70cf17a78bd056dcb309fff6cbf502f4ffdc4ca8768e69b1493ddd589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pennyit.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 12 Sep 2024 17:26:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12920
x-xss-protection
0
topup_loading.gif
static.tmpay.net/tmtopup/assets/img/ 		0
0
/
185.84.161.70/
Redirect Chain
  • http://185.84.161.70/
  • https://185.84.161.70/
0
0
favicon.ico
steamcommunity.com/ 		0
0
favicon.ico
store.steampowered.com/ 		38 KB
38 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://store.steampowered.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.74 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-74.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9f890a9debcdfccc339149a7943be9aff9e4c9203c2fa37d5671a5b2c88503ad
Security Headers
Name Value
Strict-Transport-Security max-age=10368000

Request headers

Referer
https://pennyit.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security
max-age=10368000
Date
Thu, 12 Sep 2024 17:26:58 GMT
Last-Modified
Wed, 28 Jun 2023 04:07:18 GMT
Server
nginx
Content-Type
image/x-icon
Cache-Control
public,max-age=86400
Connection
keep-alive
Content-Length
38554
Expires
Fri, 02 Aug 2024 17:07:05 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7013134315824848&plah=pennyit.online&bust=31086925
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pennyit.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 12 Sep 2024 17:26:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 12 Sep 2024 17:26:59 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8914 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
unzone.duckdns.org
URL
http://unzone.duckdns.org/rustun/css/font-awesome.min.css
Domain
unzone.duckdns.org
URL
http://unzone.duckdns.org/rustun/js/jquery.min.js
Domain
unzone.duckdns.org
URL
http://unzone.duckdns.org/rustun/js/bootstrap.min.js
Domain
static.tmpay.net
URL
https://static.tmpay.net/tmtopup/assets/img/topup_loading.gif
Domain
185.84.161.70
URL
https://185.84.161.70/
Domain
steamcommunity.com
URL
http://steamcommunity.com/favicon.ico
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue object| google_ad_modifications object| ggeac object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots number| google_rum_task_id_counter string| google_user_agent_client_hint object| LazyLoad number| jquery_ui_state number| colorbox_ui_state function| compareVersions function| load_lazy function| lazyReady function| jqReady function| jquiReady function| xdomainReady function| colorboxReady function| JAlert function| encode_tmnc function| urldecode function| submit_payment function| submit_tmnc function| tmtopup_new function| google_spfd number| google_unique_id object| google_sv_map function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| startRefresh object| clipboard function| $ function| jQuery object| GoogleGcLKhOms

1 Cookies

Domain/Path Name / Value
pennyit.online/ Name: PHPSESSID
Value: 6vs0giq411te9vccvsanrmr1b6

4 Console Messages

Source Level URL
Text
security error URL: https://pennyit.online/rustun/(Line 349)
Message:
Mixed Content: The page at 'https://pennyit.online/rustun/' was loaded over HTTPS, but requested an insecure stylesheet 'http://unzone.duckdns.org/rustun/css/font-awesome.min.css'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://pennyit.online/rustun/
Message:
Mixed Content: The page at 'https://pennyit.online/rustun/' was loaded over HTTPS, but requested an insecure script 'http://unzone.duckdns.org/rustun/js/jquery.min.js'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://pennyit.online/rustun/
Message:
Mixed Content: The page at 'https://pennyit.online/rustun/' was loaded over HTTPS, but requested an insecure script 'http://unzone.duckdns.org/rustun/js/bootstrap.min.js'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://pennyit.online/rustun/
Message:
Mixed Content: The page at 'https://pennyit.online/rustun/' was loaded over HTTPS, but requested an insecure favicon 'http://steamcommunity.com/favicon.ico'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

185.84.161.70
cdnjs.cloudflare.com
pagead2.googlesyndication.com
pennyit.online
static.tmpay.net
steamcdn-a.akamaihd.net
steamcommunity.com
store.steampowered.com
tpc.googlesyndication.com
unzone.duckdns.org
www.tmtopup.com
185.84.161.70
static.tmpay.net
steamcommunity.com
tpc.googlesyndication.com
unzone.duckdns.org
104.17.24.14
172.217.16.194
172.67.157.8
172.67.213.123
184.24.77.162
184.30.20.74
185.84.161.70
2a00:1450:4001:800::2001
2568c5ad012e0d04ef13b93df6a30bedf3d32ad0e74094ff2c659f218f8678b8
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
460a785c00f7ed4feaeb64bb649525a40d95ae555bf71c9ad02c9245d103b6b7
556e476db5bc2620d82ac64617d929fd531b7d833e146d79b7fdced1ed3a46c7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64e9edbe19b8991eff80d62fa49911a41b05858b87473ac6188a5dad8cc010e3
662ce941e367b686fb8c3d517ccf0d72ebe6465b728f30414981a93f4de31de6
73dc6a2bf4e63c367c741b00ad90519229214f0fc0077710bd79255a38d2c0d2
77e0fadb078e1c9ac4797d40d618e49e8b22333796b6ceae6251ad548bf887b8
77f64c999735f8c556cd3d9003768ea18007865326f5db647ca693529cd9123d
7c359d07ce85ee74336a7bfa7ec9e5e1ac87547224c70afa6f9a1f98d93d037b
9f890a9debcdfccc339149a7943be9aff9e4c9203c2fa37d5671a5b2c88503ad
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
be92933b839bd4ce1b67c440bd9bd832d8a7333d578c7d1061d00edbceb557d3
ca19a08d150ab3e0255c198f9b3035d1b1e93ece6146f4088ada02e3cee808cf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0f467a70cf17a78bd056dcb309fff6cbf502f4ffdc4ca8768e69b1493ddd589