saldodana.xyz Open in urlscan Pro
68.65.121.157 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://saldodana.xyz/topup/085781323969
Submission: On March 29 via manual (March 29th 2022, 7:10:37 am UTC) from ID — Scanned from DE

Summary HTTP 61 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 27 IPs in 6 countries across 18 domains to perform 61 HTTP transactions. The main IP is 68.65.121.157, located in United States and belongs to NAMECHEAP-NET, US. The main domain is saldodana.xyz.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 22nd 2022. Valid for: a year.

This is the only time saldodana.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	68.65.121.157 68.65.121.157	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	46.105.199.75 46.105.199.75	16276 (OVH) (OVH)
3	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2.16.107.48 2.16.107.48	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.1.2 151.101.1.2	54113 (FASTLY) (FASTLY)
1	2600:9000:215... 2600:9000:2156:5400:1a:9224:fc80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:294::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	143.204.98.123 143.204.98.123	16509 (AMAZON-02) (AMAZON-02)
1	203.114.224.38 203.114.224.38	45697 (UBAYA-AS-...) (UBAYA-AS-ID Universitas Surabaya)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	143.204.98.59 143.204.98.59	16509 (AMAZON-02) (AMAZON-02)
1	192.243.59.12 192.243.59.12	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
3	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:a7ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:a6ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	162.252.214.5 162.252.214.5	53334 (TUT-AS) (TUT-AS)
1	185.200.118.90 185.200.118.90	9009 (M247) (M247)
1	38.132.109.186 38.132.109.186	9009 (M247) (M247)
1	185.200.116.90 185.200.116.90	9009 (M247) (M247)
3	38.100.129.11 38.100.129.11	174 (COGENT-174) (COGENT-174)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	216.59.63.128 216.59.63.128	53334 (TUT-AS) (TUT-AS)
61	27

18 68.65.121.157 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium93-3.web-hosting.com

saldodana.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.199.75 (France)

ASN16276 (OVH, FR)

richinfo.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.107.48 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-48.deploy.static.akamaitechnologies.com

cdn0-production-images-kly.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.2 (United States)

ASN54113 (FASTLY, US)

qph.fs.quoracdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:5400:1a:9224:fc80:93a1 (United States)

ASN16509 (AMAZON-02, US)

imgx.sonora.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:294::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

i.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-123.fra50.r.cloudfront.net

assets.promediateknologi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 203.114.224.38 (Surabaya, Indonesia)

ASN45697 (UBAYA-AS-ID Universitas Surabaya, ID)
PTR: www.ubaya.ac.id

ubaya.ac.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-59.fra50.r.cloudfront.net

i1.sndcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

b42rracj.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

www.cdn4ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:a7ba (United States)

ASN13335 (CLOUDFLARENET, US)

c.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:a6ba (United States)

ASN13335 (CLOUDFLARENET, US)

6.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 162.252.214.5 (United States)

ASN53334 (TUT-AS, US)

4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.200.118.90 (London, United Kingdom)

ASN9009 (M247, GB)
PTR: adscore.com

jvtfikfsuf7g.l4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.132.109.186 (New York, United States)

ASN9009 (M247, GB)

jvtfikfsuf7g.n4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.200.116.90 (Romania)

ASN9009 (M247, GB)
PTR: no-mans-land.m247.com

jvtfikfsuf7g.s4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 38.100.129.11 (Rockville, United States)

ASN174 (COGENT-174, US)

rtb.pushdom.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.59.63.128 (United States)

ASN53334 (TUT-AS, US)
PTR: 216-59-63-128.customer.totaluptime.net

cdn4ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	saldodana.xyz saldodana.xyz	104 KB
13	adsco.re c.adsco.re — Cisco Umbrella Rank: 10281 6.adsco.re — Cisco Umbrella Rank: 10993 4.adsco.re — Cisco Umbrella Rank: 12017 adsco.re — Cisco Umbrella Rank: 9094 jvtfikfsuf7g.l4.adsco.re jvtfikfsuf7g.n4.adsco.re jvtfikfsuf7g.s4.adsco.re	49 KB
6	gstatic.com encrypted-tbn0.gstatic.com fonts.gstatic.com www.gstatic.com	120 KB
3	pushdom.co rtb.pushdom.co — Cisco Umbrella Rank: 346803	423 B
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 107	2 KB
2	cdn4ads.com www.cdn4ads.com — Cisco Umbrella Rank: 80791 cdn4ads.com — Cisco Umbrella Rank: 65566	10 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 333	33 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2956	83 KB
1	b42rracj.com b42rracj.com — Cisco Umbrella Rank: 735028
1	sndcdn.com i1.sndcdn.com — Cisco Umbrella Rank: 9930	21 KB
1	ubaya.ac.id ubaya.ac.id — Cisco Umbrella Rank: 759163	91 KB
1	promediateknologi.com assets.promediateknologi.com — Cisco Umbrella Rank: 47395	66 KB
1	pinimg.com i.pinimg.com — Cisco Umbrella Rank: 1633	42 KB
1	sonora.id imgx.sonora.id — Cisco Umbrella Rank: 184328	193 KB
1	quoracdn.net qph.fs.quoracdn.net — Cisco Umbrella Rank: 15181	225 KB
1	akamaized.net cdn0-production-images-kly.akamaized.net — Cisco Umbrella Rank: 82528	30 KB
1	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 467	2 KB
1	richinfo.co richinfo.co — Cisco Umbrella Rank: 289874	4 KB
61	18

	Domain	Requested by
18	saldodana.xyz	saldodana.xyz
3	rtb.pushdom.co	richinfo.co saldodana.xyz
3	4.adsco.re	saldodana.xyz c.adsco.re
3	c.adsco.re	www.cdn4ads.com c.adsco.re
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	saldodana.xyz
2	www.gstatic.com	richinfo.co
2	adsco.re	c.adsco.re
2	6.adsco.re	saldodana.xyz c.adsco.re
2	cdnjs.cloudflare.com	saldodana.xyz cdnjs.cloudflare.com
2	stackpath.bootstrapcdn.com	saldodana.xyz stackpath.bootstrapcdn.com
1	cdn4ads.com	www.cdn4ads.com
1	jvtfikfsuf7g.s4.adsco.re	c.adsco.re
1	jvtfikfsuf7g.n4.adsco.re	c.adsco.re
1	jvtfikfsuf7g.l4.adsco.re	c.adsco.re
1	www.cdn4ads.com	saldodana.xyz
1	b42rracj.com	saldodana.xyz
1	i1.sndcdn.com	saldodana.xyz
1	encrypted-tbn0.gstatic.com	saldodana.xyz
1	ubaya.ac.id	saldodana.xyz
1	assets.promediateknologi.com	saldodana.xyz
1	i.pinimg.com	saldodana.xyz
1	imgx.sonora.id	saldodana.xyz
1	qph.fs.quoracdn.net	saldodana.xyz
1	cdn0-production-images-kly.akamaized.net	saldodana.xyz
1	static.xx.fbcdn.net	saldodana.xyz
1	richinfo.co	saldodana.xyz
61	27

This site contains links to these domains. Also see Links.

Domain
adsco.re

Subject Issuer	Validity	Valid
saldodana.xyz Sectigo RSA Domain Validation Secure Server CA	`2022-03-22` - `2023-03-22`	a year	crt.sh
cdn.adx1.net R3	`2022-02-17` - `2022-05-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-05` - `2022-04-05`	3 months	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
quora.com R3	`2022-03-27` - `2022-06-25`	3 months	crt.sh
*.sonora.id Amazon	`2021-07-20` - `2022-08-18`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
promediateknologi.com Amazon	`2021-04-19` - `2022-05-18`	a year	crt.sh
*.ubaya.ac.id Sectigo RSA Domain Validation Secure Server CA	`2022-03-28` - `2023-02-25`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.sndcdn.com GlobalSign GCC R3 DV TLS CA 2020	`2022-01-17` - `2023-02-18`	a year	crt.sh
b42rracj.com R3	`2022-02-28` - `2022-05-29`	3 months	crt.sh
1037973644.rsc.cdn77.org R3	`2022-03-20` - `2022-06-18`	3 months	crt.sh
*.adsco.re Sectigo RSA Organization Validation Secure Server CA	`2021-09-06` - `2022-09-28`	a year	crt.sh
*.l4.adsco.re R3	`2022-03-19` - `2022-06-17`	3 months	crt.sh
*.n4.adsco.re R3	`2022-03-19` - `2022-06-17`	3 months	crt.sh
*.s4.adsco.re R3	`2022-03-19` - `2022-06-17`	3 months	crt.sh
rtb.pushdom.co R3	`2022-03-15` - `2022-06-13`	3 months	crt.sh
cdn4ads.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-19` - `2022-07-22`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://saldodana.xyz/topup/085781323969
Frame ID: C8960C0FC8533BF2B40A12A043CC4C1D
Requests: 56 HTTP requests in this frame

Frame: https://c.adsco.re/
Frame ID: 4641FF951A8F2EF2EC5B7B1A9A025ECB
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Top Up Saldo Dana Rp 100.000 Gratis

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

61
Requests

97 %
HTTPS

46 %
IPv6

18
Domains

27
Subdomains

27
IPs

6
Countries

1074 kB
Transfer

1596 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://adsco.re/v

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

61 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 085781323969 Show response
saldodana.xyz/topup/ 33 KB
10 KB 580ms
157ms Document
text/html 68.65.121.157
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://saldodana.xyz/topup/085781323969
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.65.121.157 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium93-3.web-hosting.com
Software: LiteSpeed / PHP/7.2.34
Resource Hash: ddb945190e4734f2ce7a18b6983ea984446aabc6c30ba8532aee68b227ee4979

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Mar 2022 07:10:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed

GET
H2 200 rp-cl-ob.js Show response
richinfo.co/richpartners/push/js/ 10 KB
4 KB 38ms
9ms Script
application/javascript 46.105.199.75
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://richinfo.co/richpartners/push/js/rp-cl-ob.js?pubid=794556&siteid=309450&niche=33
Requested by: Host: saldodana.xyz
URL: https://saldodana.xyz/topup/085781323969
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.199.75 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 0584f032260564bf1d68de7fef6bd3b6507cd30ab150c1a93eb5fc2af750fba7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saldodana.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 09:10:04 GMT
content-encoding: br
last-modified: Fri, 28 Jan 2022 13:25:39 GMT
x-cdn-pop-ip: 137.74.120.0/27
etag: W/"61f3eed3-29bc"
x-cacheable: Matched cache
content-type: application/javascript
cache-control: max-age=1209600
x-cdn-pop: sbg
accept-ranges: bytes
content-length: 3662
x-request-id: 821494993
expires: Wed, 30 Mar 2022 09:10:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 672 B
434 B 138ms
51ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:900

Requested by

Host: saldodana.xyz
URL: https://saldodana.xyz/topup/085781323969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

97b78ad799f6a38c07afa4857123ec6fde0ed179e4bbb8ab82a31341fe0fbf28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saldodana.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 29 Mar 2022 06:00:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 29 Mar 2022 07:10:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 29 Mar 2022 07:10:31 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 135ms
48ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: saldodana.xyz
URL: https://saldodana.xyz/topup/085781323969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fa3bcc93d1be83ac7d82cd6182d25741cdef5d016e40436266df12a50abbebc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saldodana.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 29 Mar 2022 07:06:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 29 Mar 2022 07:10:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 29 Mar 2022 07:10:31 GMT

GET
H2 200 css
fonts.googleapis.com/ 379 B
379 B 137ms
51ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Sans:700

Requested by

Host: saldodana.xyz
URL: https://saldodana.xyz/topup/085781323969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e949916b4daec62229078df7e732c1a6eeb88c3ec6936931ee4c35882d479c1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saldodana.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 29 Mar 2022 07:10:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 29 Mar 2022 07:10:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 29 Mar 2022 07:10:31 GMT

GET
H2 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 54ms
23ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: saldodana.xyz
URL: https://saldodana.xyz/topup/085781323969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://saldodana.xyz/
Origin: https://saldodana.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:10:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723
age: 226642
cdn-cachedat: 03/12/2022 14:32:07
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: W/"269550530cc127b6aa5a35925a7de6ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 05e89f2cdab9c60a6abc7477f07f1f23
cf-ray: 6f36c9493d6a994e-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 bootstrap.css
saldodana.xyz/css/ 130 KB
25 KB 261ms
260ms Stylesheet
text/css 68.65.121.157
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://saldodana.xyz/css/bootstrap.css
Requested by: Host: saldodana.xyz
URL: https://saldodana.xyz/topup/085781323969
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.65.121.157 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium93-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: af1e4b36d4b6d529e76c526bb1f7b883f95e618d4d4dfa42874ddd9b4003ce8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saldodana.xyz/topup/085781323969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 06:25:02 GMT
content-encoding: gzip
last-modified: Sun, 06 Feb 2022 00:23:22 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 25171
expires: Tue, 05 Apr 2022 06:25:02 GMT

GET
H2 200 bootstrap-responsive.css
saldodana.xyz/css/ 23 KB
4 KB 414ms
413ms Stylesheet
text/css 68.65.121.157
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://saldodana.xyz/css/bootstrap-responsive.css
Requested by: Host: saldodana.xyz
URL: https://saldodana.xyz/topup/085781323969
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.65.121.157 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium93-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 679d65f86dac6355d0034fe46a5efed0a33e8d1c4481dbeaaf18d44c4f1c138a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saldodana.xyz/topup/085781323969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:02:51 GMT
content-encoding: br
last-modified: Sun, 06 Feb 2022 00:23:58 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 3839
expires: Tue, 05 Apr 2022 07:02:51 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/3.0.2/css/ 15 KB
3 KB 52ms
20ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/3.0.2/css/font-awesome.min.css

Requested by

Host: saldodana.xyz
URL: https://saldodana.xyz/topup/085781323969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2efc10159eecb1280a015ef3334cd4afa8f987b4cff95c31120a5aa78d1192d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saldodana.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:10:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3489209
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2782
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-3d6d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UNtbwE%2FAaIj%2BqpK6kFtJnUXFvIhcd36HBZDvQgpUWfq7adSOm9sOcRQ6OaLXmSDjUgTXWo0nV5iZ2SjEf94G9Cqdh8zAcaKU2mYs5J8dgvz9Gny9cWrPbQLpIuseq%2Bmr0EiNFRpijFKh4h%2FZ2l%2BFNcTt"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f36c9493edd9be0-FRA
expires: Sun, 19 Mar 2023 07:10:31 GMT

GET
H2 200 main.css
saldodana.xyz/css/ 13 KB
3 KB 412ms
411ms Stylesheet
text/css 68.65.121.157
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://saldodana.xyz/css/main.css
Requested by: Host: saldodana.xyz
URL: https://saldodana.xyz/topup/085781323969
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.65.121.157 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium93-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: bca24f93c3e597f883856fd3e0a99dcd8229a293aa7657206c543f0bc0b3d4b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saldodana.xyz/topup/085781323969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:02:51 GMT
content-encoding: br
last-modified: Sun, 06 Feb 2022 00:24:22 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2801
expires: Tue, 05 Apr 2022 07:02:51 GMT

GET
H2 200 fake-notification-min.css
saldodana.xyz/fake/css/ 978 B
589 B 412ms
412ms Stylesheet
text/css 68.65.121.157
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://saldodana.xyz/fake/css/fake-notification-min.css
Requested by: Host: saldodana.xyz
URL: https://saldodana.xyz/topup/085781323969
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.65.121.157 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium93-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 27ef53faac17a2fcf938097d718cbf926cc54f9b35d79815c26ea0e219156d6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saldodana.xyz/topup/085781323969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:02:51 GMT
content-encoding: br
last-modified: Sun, 06 Feb 2022 00:25:04 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 369
expires: Tue, 05 Apr 2022 07:02:51 GMT

GET
H2 200 animate.min.css
saldodana.xyz/fake/css/ 17 KB
3 KB 413ms
413ms Stylesheet
text/css 68.65.121.157
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://saldodana.xyz/fake/css/animate.min.css
Requested by: Host: saldodana.xyz
URL: https://saldodana.xyz/topup/085781323969
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.65.121.157 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium93-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: eaf5aea140f3e48516c27cd9c4a1b49b1cac780055ca2eaed084fcd75eb07e58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saldodana.xyz/topup/085781323969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:02:51 GMT
content-encoding: br
last-modified: Sun, 06 Feb 2022 00:26:13 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2502
expires: Tue, 05 Apr 2022 07:02:51 GMT

GET
H2 200 logo.png
saldodana.xyz/images/ 4 KB
4 KB 299ms
297ms Image
image/png 68.65.121.157
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saldodana.xyz/images/logo.png
Requested by: Host: saldodana.xyz
URL: https://saldodana.xyz/topup/085781323969
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.65.121.157 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium93-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 0cef1e0909340e42a229fadadceb74291387c3af532d3c6778345ab70dce577c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saldodana.xyz/topup/085781323969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:10:32 GMT
last-modified: Sun, 06 Feb 2022 00:26:58 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 3630
expires: Tue, 05 Apr 2022 07:10:32 GMT

GET
H2 200 odA9sNLrE86.jpg
static.xx.fbcdn.net/rsrc.php/v1/yi/r/ 1 KB
2 KB 24ms
7ms Image
image/jpeg 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v1/yi/r/odA9sNLrE86.jpg

Requested by

Host: saldodana.xyz
URL: https://saldodana.xyz/topup/085781323969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saldodana.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:10:32 GMT
x-content-type-options: nosniff
content-md5: 8E8V7SJfv5OQxsrCIaL7hQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1131
x-fb-rlafr: 0
x-fb-debug: XR3xYrPuh63B+EQHzUVxpj80rgoAao7rXWEK4raH6xhMpnm+nOhXzhxUjyz5K4ElAYLyN7GLyyPeWomVbs2TAQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 28 Mar 2023 14:47:50 GMT

GET
H2 200 025427400_1537845600-cosplay_0.jpg
cdn0-production-images-kly.akamaized.net/bJ6pIbUudffD_A1kRsSR1XeEETQ=/640x360/smart/filters:quality(75):strip_icc():format(jpeg)/kly-media-production/medias/2366637/original/ 30 KB
30 KB 64ms
10ms Image
image/jpeg 2.16.107.48
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0-production-images-kly.akamaized.net/bJ6pIbUudffD_A1kRsSR1XeEETQ=/640x360/smart/filters:quality(75):strip_icc():format(jpeg)/kly-media-production/medias/2366637/original/025427400_1537845600-cosplay_0.jpg
Requested by: Host: saldodana.xyz
URL: https://saldodana.xyz/topup/085781323969
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.107.48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-48.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 3f88e5739fc5159c9d5beee977db4efb1e9d2c34c4681584e851d8f3caf1ace4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saldodana.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Tue, 29 Mar 2022 07:10:32 GMT
x-ttl: 300.000
etag: "80362d251ca7997b73e0a1542651506e12d5c808"
x-varnish: 6360232
server-node: production-thumbor-web-ig-dqll
cache-control: public, max-age=28910657
accept-ranges: bytes
content-type: image/jpeg
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 30510
server: nginx
expires: Sun, 26 Feb 2023 21:54:49 GMT

GET
H2 200 main-qimg-74dbcfef6056d4661956294a1d55698b
qph.fs.quoracdn.net/ 225 KB
225 KB 41ms
8ms Image
image/jpeg 151.101.1.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qph.fs.quoracdn.net/main-qimg-74dbcfef6056d4661956294a1d55698b
Requested by: Host: saldodana.xyz
URL: https://saldodana.xyz/topup/085781323969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1abb718c01b01f9355c64bef6bb9059639bf39bb30870dd9ce68843c829fee3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saldodana.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

x-amz-version-id: lIgZXLMKXI3Vj9Ae1e0AK6fImyGPWSRf
via: 1.1 varnish, 1.1 varnish
etag: "74dbcfef6056d4661956294a1d55698b"
age: 1124178
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
content-length: 230253
x-amz-id-2: QaQ3vSGp9tpOiTPnDBG3y33hSUTLT4C2uqrtCje3SeZfkgcX4WtV3EsSllH5unBrBkKY6fVjgME=
x-served-by: cache-iad-kjyo7100118-IAD, cache-hhn4055-HHN
timing-allow-origin: *
last-modified: Thu, 23 Apr 2020 01:00:49 GMT
server: AmazonS3
x-timer: S1648537832.308504,VS0,VE2
date: Tue, 29 Mar 2022 07:10:32 GMT
x-amz-request-id: 31V1AY43HPWEG2JP
access-control-allow-origin: *
expires: Sun, 17 Jan 2038 19:14:07 GMT
cache-control: public,max-age=315360000,immutable
accept-ranges: bytes
content-type: image/jpeg
x-cache-hits: 1, 1

GET
H2 200 221272564_499340824701708_691368-20210726010229.jpg
imgx.sonora.id/crop/0x0:0x0/x/photo/2021/07/26/ 193 KB
193 KB 83ms
15ms Image
image/jpeg 2600:9000:2156:5400:1a:9224:fc80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/crop/0x0:0x0/x/photo/2021/07/26/221272564_499340824701708_691368-20210726010229.jpg
Requested by: Host: saldodana.xyz
URL: https://saldodana.xyz/topup/085781323969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5400:1a:9224:fc80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 27324184f295954c110c25dba7d01ebfffbe327a519df26072ddc924b2811db8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saldodana.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:18:51 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
server: nginx
age: 2634701
etag: "72cb3d8508fb1a171275cd4cf453251eb3991832"
x-cache-status: MISS
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
content-length: 197394
x-amz-cf-id: toJmS_PMo-1JU2K1aplee2mOWg26sQN5ZEY8HQ2-Lo8lnhKisfeH2Q==
expires: Sun, 26 Feb 2023 19:18:51 GMT

GET
H2 200 c146748a06d08e1dd9f433ad307bf77a.jpg
i.pinimg.com/originals/c1/46/74/ 41 KB
42 KB 258ms
189ms Image
image/jpeg 2a02:26f0:6c00:294::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/c1/46/74/c146748a06d08e1dd9f433ad307bf77a.jpg
Requested by: Host: saldodana.xyz
URL: https://saldodana.xyz/topup/085781323969
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:294::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 84c838fdbabd1d359e9b4b58901d40a859ff15132ec953c73857b11f11eff73c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saldodana.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 36
x-cdn: akamai
akamai-grn: 0.84ba1002.1648537832.229a5340
x-edgeconnect-midmile-rtt: 68
etag: "6f42562a3cf1dc5bd0fe28b01566b922"
vary: Origin
content-type: image/jpeg
cache-control: immutable, max-age=31536000
accept-ranges: bytes
content-length: 42304

GET
H2 200 1-137.jpg
assets.promediateknologi.com/crop/0x0:0x0/750x500/photo/hops/2020/10/ 65 KB
66 KB 1012ms
984ms Image
image/jpeg 143.204.98.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/750x500/photo/hops/2020/10/1-137.jpg
Requested by: Host: saldodana.xyz
URL: https://saldodana.xyz/topup/085781323969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-123.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 073bf1b5f805462c865c4700b430fd1083a38da47af684c2da915bf8072d1dbd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saldodana.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:10:33 GMT
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA50-C1
etag: "872466b81e07f3fee61f04456590e0b23a06fe49"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Miss from cloudfront
content-length: 67008
x-amz-cf-id: nTlT3wAWAjX-DRO3yVhGtPbutCH1Hus4M6Ef8Ah8N5Z9Tl9_r7GLoQ==
expires: Wed, 29 Mar 2023 07:10:33 GMT

GET
H/1.1 200
OK 668_20110319165517.jpg
ubaya.ac.id/2018/up/berita/ 91 KB
91 KB 1350ms
206ms Image
image/jpeg 203.114.224.38
UBAYA-AS-ID Unive...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ubaya.ac.id/2018/up/berita/668_20110319165517.jpg
Requested by: Host: saldodana.xyz
URL: https://saldodana.xyz/topup/085781323969
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.114.224.38 Surabaya, Indonesia, ASN45697 (UBAYA-AS-ID Universitas Surabaya, ID),
Reverse DNS: www.ubaya.ac.id
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: e920a163c06fbecc57e8a328b58c479fbb05bc81f8cc39086e4ad408a82f53aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saldodana.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Tue, 29 Mar 2022 07:10:33 GMT
Last-Modified: Sat, 19 Mar 2011 09:58:27 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "6412f8-16a5c-49ed2ef99d6c0"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 92764

GET
H2 200 images
encrypted-tbn0.gstatic.com/ 8 KB
9 KB 150ms
51ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcThtEl-P_dYINQqRNRrSO6Ec2-pBFl55qkS5tLKSn16mkcIhDhORlTXTj_vv-5ChAnuJhY&usqp=CAU

Requested by

Host: saldodana.xyz
URL: https://saldodana.xyz/topup/085781323969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7b393de5b89dcec71d4b72d021c57e69e37587381badbb3492a241e924626f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saldodana.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:10:32 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8470
x-xss-protection: 0
last-modified: Tue, 05 Jan 2016 13:35:02 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 29 Mar 2023 07:10:32 GMT

GET
H2 200 avatars-000437123724-66l6sf-t240x240.jpg
i1.sndcdn.com/ 20 KB
21 KB 63ms
13ms Image
image/jpeg 143.204.98.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.sndcdn.com/avatars-000437123724-66l6sf-t240x240.jpg
Requested by: Host: saldodana.xyz
URL: https://saldodana.xyz/topup/085781323969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-59.fra50.r.cloudfront.net
Software: /
Resource Hash: fc9e9386c3a1fa4461dcfc4da269cb4a078368406159acbbe094757fc8ccdb94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saldodana.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 17:14:47 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
age: 2814945
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=3628800
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
content-length: 20951
x-amz-cf-id: DJRa1ejfH2pS-aFgK60A0VF0lwVOraPQawtx4rBmro4RVGMEtxNdgA==

GET
H2 200 jquery.min.js Show response
saldodana.xyz/vendor/jquery/ 86 KB
30 KB 154ms
154ms Script
application/javascript 68.65.121.157
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://saldodana.xyz/vendor/jquery/jquery.min.js
Requested by: Host: saldodana.xyz
URL: https://saldodana.xyz/topup/085781323969
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.65.121.157 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium93-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saldodana.xyz/topup/085781323969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:10:32 GMT
content-encoding: br
last-modified: Sun, 06 Feb 2022 00:28:51 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 30041
expires: Tue, 05 Apr 2022 07:10:32 GMT

GET
H2 200 bootstrap.min.js Show response
saldodana.xyz/js/vendor/ 28 KB
7 KB 304ms
304ms Script
application/javascript 68.65.121.157
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://saldodana.xyz/js/vendor/bootstrap.min.js?v=1
Requested by: Host: saldodana.xyz
URL: https://saldodana.xyz/topup/085781323969
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.65.121.157 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium93-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 6b0717c2c89c54e5d75f6e3adc789640c15c6b1e3076935a438bdc64f93bd748

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saldodana.xyz/topup/085781323969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:10:32 GMT
content-encoding: br
last-modified: Sun, 06 Feb 2022 00:29:59 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 7126
expires: Tue, 05 Apr 2022 07:10:32 GMT

GET
H2 200 jquery.placeholder.min.js Show response
saldodana.xyz/js/vendor/ 2 KB
1 KB 297ms
294ms Script
application/javascript 68.65.121.157
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://saldodana.xyz/js/vendor/jquery.placeholder.min.js?v=1
Requested by: Host: saldodana.xyz
URL: https://saldodana.xyz/topup/085781323969
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.65.121.157 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium93-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 7fddbd240d76059918bb40198fde916921ab6c516be78c62c3df21f604d04cbf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saldodana.xyz/topup/085781323969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:10:32 GMT
content-encoding: br
last-modified: Sun, 06 Feb 2022 00:30:46 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 794
expires: Tue, 05 Apr 2022 07:10:32 GMT

GET
H2 200 jquery.cookie.js Show response
saldodana.xyz/js/vendor/ 2 KB
1 KB 298ms
294ms Script
application/javascript 68.65.121.157
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://saldodana.xyz/js/vendor/jquery.cookie.js?v=1
Requested by: Host: saldodana.xyz
URL: https://saldodana.xyz/topup/085781323969
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.65.121.157 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium93-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: d0a1cda648e31b01f6810fb8ef45e0b399f8a4fd4349746af9821e47baef5aa9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saldodana.xyz/topup/085781323969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:10:32 GMT
content-encoding: br
last-modified: Sun, 06 Feb 2022 00:31:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 959
expires: Tue, 05 Apr 2022 07:10:32 GMT

GET
H2 200 plugins.js Show response
saldodana.xyz/js/ 755 B
565 B 298ms
294ms Script
application/javascript 68.65.121.157
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://saldodana.xyz/js/plugins.js?v=1
Requested by: Host: saldodana.xyz
URL: https://saldodana.xyz/topup/085781323969
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.65.121.157 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium93-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: b7b52c451538f3dc87b93d27505b75f8619bdf0c2358680a229f1d0bc7eaf4a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saldodana.xyz/topup/085781323969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:10:32 GMT
content-encoding: br
last-modified: Sun, 06 Feb 2022 00:31:53 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 331
expires: Tue, 05 Apr 2022 07:10:32 GMT

GET
H2 200 main.js Show response
saldodana.xyz/js/ 1 KB
768 B 298ms
295ms Script
application/javascript 68.65.121.157
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://saldodana.xyz/js/main.js?v=10
Requested by: Host: saldodana.xyz
URL: https://saldodana.xyz/topup/085781323969
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.65.121.157 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium93-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 42d29af4720b6398fad197eff930c7a9325d84fba465bdd6bcdeaede3fd19ae7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saldodana.xyz/topup/085781323969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:10:32 GMT
content-encoding: br
last-modified: Sun, 06 Feb 2022 00:32:19 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 534
expires: Tue, 05 Apr 2022 07:10:32 GMT

GET
H2 200 jquery.fake-notification.min.js Show response
saldodana.xyz/fake/js/ 3 KB
1 KB 298ms
295ms Script
application/javascript 68.65.121.157
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://saldodana.xyz/fake/js/jquery.fake-notification.min.js
Requested by: Host: saldodana.xyz
URL: https://saldodana.xyz/topup/085781323969
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.65.121.157 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium93-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 4f6e4b88a7e598a9940b6e555a9014cf118a4ea2e064d7408e3e47feb808b4e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saldodana.xyz/topup/085781323969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:10:32 GMT
content-encoding: br
last-modified: Sun, 06 Feb 2022 00:33:01 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1151
expires: Tue, 05 Apr 2022 07:10:32 GMT

GET
H2 200 jquery.form.min.js Show response
saldodana.xyz/vendor/ 15 KB
6 KB 298ms
295ms Script
application/javascript 68.65.121.157
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://saldodana.xyz/vendor/jquery.form.min.js
Requested by: Host: saldodana.xyz
URL: https://saldodana.xyz/topup/085781323969
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.65.121.157 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium93-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 27e9042e0cd29ac1e29332d3a88a1aa1bc84fb912ac5b14ced66d8f5e6890938

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saldodana.xyz/topup/085781323969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:10:32 GMT
content-encoding: br
last-modified: Sun, 06 Feb 2022 00:33:51 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 5542
expires: Tue, 05 Apr 2022 07:10:32 GMT

GET
H2 200 cd.min.js Show response
saldodana.xyz/vendor/ 10 KB
3 KB 299ms
296ms Script
application/javascript 68.65.121.157
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://saldodana.xyz/vendor/cd.min.js
Requested by: Host: saldodana.xyz
URL: https://saldodana.xyz/topup/085781323969
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.65.121.157 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium93-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: feb681031acbccdcf9f2c60de8217595921fd0f0f3a06dd580c5793b001a51b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saldodana.xyz/topup/085781323969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:10:32 GMT
content-encoding: br
last-modified: Sun, 06 Feb 2022 00:34:16 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 3208
expires: Tue, 05 Apr 2022 07:10:32 GMT

GET
H2 200 clipboard.min.js Show response
saldodana.xyz/vendor/ 11 KB
3 KB 299ms
296ms Script
application/javascript 68.65.121.157
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://saldodana.xyz/vendor/clipboard.min.js
Requested by: Host: saldodana.xyz
URL: https://saldodana.xyz/topup/085781323969
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.65.121.157 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium93-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 720791930030e05a53c54a6cf2282eca793580b228ff658eff7ca557ecb7bc0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saldodana.xyz/topup/085781323969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:10:32 GMT
content-encoding: br
last-modified: Sun, 06 Feb 2022 00:34:44 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 3208
expires: Tue, 05 Apr 2022 07:10:32 GMT

GET
H2 200 tooltips.js Show response
saldodana.xyz/vendor/ 632 B
528 B 299ms
296ms Script
application/javascript 68.65.121.157
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://saldodana.xyz/vendor/tooltips.js
Requested by: Host: saldodana.xyz
URL: https://saldodana.xyz/topup/085781323969
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.65.121.157 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium93-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: dd00fa843d52b4ceb9762ebf3a8655eb799849bf94e5557e52d4e5d03ccbf209

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saldodana.xyz/topup/085781323969
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:10:32 GMT
content-encoding: br
last-modified: Sun, 06 Feb 2022 00:35:13 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 294
expires: Tue, 05 Apr 2022 07:10:32 GMT

GET
H/1.1 403
Forbidden b247b2add3b2e9f00cb2b3079ad9f61f.js
b42rracj.com/b2/47/b2/ 0
0 308ms
108ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://b42rracj.com/b2/47/b2/b247b2add3b2e9f00cb2b3079ad9f61f.js
Requested by: Host: saldodana.xyz
URL: https://saldodana.xyz/topup/085781323969
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saldodana.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 29 Mar 2022 07:10:32 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 Vibrant.min.js Show response
www.cdn4ads.com/ 31 KB
10 KB 49ms
13ms Script
application/x-javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cdn4ads.com/Vibrant.min.js
Requested by: Host: saldodana.xyz
URL: https://saldodana.xyz/topup/085781323969
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 078429be0f135852863f31f02ae0fdd2be21a650562eae656a3655aed53305d8

Request headers

Referer: https://saldodana.xyz/
Origin: https://saldodana.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 29 Mar 2022 07:10:32 GMT
content-encoding: br
x-77-cache: HIT
x-cache: HIT
x-age: 200223
alt-svc: quic="195.181.174.5:443"; ma=2592000; v="44,43,39"
x-77-nzt: AcO1rgVHn2z/Hw4DAA
x-accel-expires: @1648942409
server: CDN77-Turbo
x-77-nzt-ray: ZMSNDg0DMmA
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
link: <https://cdn4ads.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
expires: Sat, 02 Apr 2022 23:33:29 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 22 KB
22 KB 161ms
77ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://saldodana.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 01:20:27 GMT
x-content-type-options: nosniff
age: 366605
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22504
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:12:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Mar 2023 01:20:27 GMT

GET
H3 200 fontawesome-webfont.woff
cdnjs.cloudflare.com/ajax/libs/font-awesome/3.0.2/font/ 29 KB
29 KB 24ms
14ms Font
application/octet-stream 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/3.0.2/font/fontawesome-webfont.woff?v=3.0.1

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/3.0.2/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5137e0df4f2934d3087df9baab0d492b0f856ee4760b07e2abf4ab951869983e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/3.0.2/css/font-awesome.min.css
Origin: https://saldodana.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:10:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6522745
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29273
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-72c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k9G1ou4s1NVDqSbPPGgDs0OvxLMBjU4TO4QuWI7yuqUHYljWJhORNt4sdcjs%2FgPP0s5IQz1WZVH5GXq%2B9ZdepCdqjE7CfvZfPTwBfukjeTeQTM6ujMSfK%2B2K3AVoxAaAMrvHVjVj7JuFcAesyRVhOvdg"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f36c94bde779a41-FRA
expires: Sun, 19 Mar 2023 07:10:32 GMT

GET
H2 200 SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
fonts.gstatic.com/s/droidsans/v12/ 22 KB
22 KB 124ms
41ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v12/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06c572e99c878362d40d1f358efdfe400ae1310f35cf22174dcdd5db022dd810

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://saldodana.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 21:36:57 GMT
x-content-type-options: nosniff
age: 34415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22340
x-xss-protection: 0
last-modified: Thu, 20 Feb 2020 02:52:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 28 Mar 2023 21:36:57 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 176ms
93ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://saldodana.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 22:45:07 GMT
x-content-type-options: nosniff
age: 548725
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Mar 2023 22:45:07 GMT

GET
H3 200 fontawesome-webfont.woff2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 87ms
65ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: stackpath.bootstrapcdn.com
URL: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://saldodana.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:10:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 718
age: 30351
cdn-cachedat: 2021-08-02 20:43:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 8eb496bc11fc86aebaafc43b4d88a950
accept-ranges: bytes
cf-ray: 6f36c94c6de890a6-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 / Show response
c.adsco.re/ 62 KB
22 KB 55ms
24ms Script
text/html 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: www.cdn4ads.com
URL: https://www.cdn4ads.com/Vibrant.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saldodana.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:10:32 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 6095848
etag: W/"2Ma3006J78KgzL0RD+7gUg=="
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
cache-control: public, max-age=2678400
cf-ray: 6f36c94d1feb9950-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 29 Apr 2022 07:10:32 GMT

GET
H2 200 /
6.adsco.re/ 0
413 B 63ms
22ms Other
text/plain 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6.adsco.re/
Requested by: Host: saldodana.xyz
URL: https://saldodana.xyz/topup/085781323969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://saldodana.xyz/
Origin: https://saldodana.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:10:32 GMT
content-encoding: br
server: cloudflare
access-control-allow-headers: Content-Type
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://saldodana.xyz
access-control-max-age: 2592000
cache-control: private, max-age=10
cf-ray: 6f36c94d7f31917a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK /
4.adsco.re/ 0
461 B 84ms
23ms Other
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4.adsco.re/
Requested by: Host: saldodana.xyz
URL: https://saldodana.xyz/topup/085781323969
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://saldodana.xyz/
Origin: https://saldodana.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Tue, 29 Mar 2022 07:10:32 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://saldodana.xyz
Cache-Control: private, max-age=5
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

POST
H/1.1 200
OK p Show response
adsco.re/ 0
422 B 77ms
24ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adsco.re/p
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://saldodana.xyz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 29 Mar 2022 07:10:32 GMT
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
AS-P-4: OK
Transfer-Encoding: chunked
AS-P-1: OK lon123
Access-Control-Allow-Origin: https://saldodana.xyz
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
AS-E: ND
AS-P-2: OK
AS-P-3: OK

GET
H/1.1 200
OK / Show response
4.adsco.re/ 48 B
461 B 69ms
23ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: 034b961556477ead4e27d98ad251e80587e4fd4572bacf2c536f21076760bcf9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saldodana.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Tue, 29 Mar 2022 07:10:32 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://saldodana.xyz
Cache-Control: private, max-age=5
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H2 200 / Show response
6.adsco.re/ 53 B
103 B 53ms
27ms XHR
text/plain 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7317eda63178a1ffb5050d37e1fcc7eec43b696260d73a92a955d9ba6e6cba2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saldodana.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:10:32 GMT
content-encoding: br
server: cloudflare
access-control-allow-headers: Content-Type
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://saldodana.xyz
access-control-max-age: 2592000
cache-control: private, max-age=10
cf-ray: 6f36c94d7f2d917a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H/1.1 200
OK /
jvtfikfsuf7g.l4.adsco.re/ 0
464 B 100ms
23ms Ping
text/html 185.200.118.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://jvtfikfsuf7g.l4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.200.118.90 London, United Kingdom, ASN9009 (M247, GB),
Reverse DNS: adscore.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://saldodana.xyz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 29 Mar 2022 07:10:32 GMT
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
ETag: "5b60dfaf-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

POST
H/1.1 200
OK /
jvtfikfsuf7g.n4.adsco.re/ 0
464 B 357ms
87ms Ping
text/html 38.132.109.186
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://jvtfikfsuf7g.n4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 38.132.109.186 New York, United States, ASN9009 (M247, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://saldodana.xyz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 29 Mar 2022 07:10:32 GMT
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
ETag: "5b5f2f9a-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

POST
H/1.1 200
OK /
jvtfikfsuf7g.s4.adsco.re/ 0
464 B 1405ms
165ms Ping
text/html 185.200.116.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://jvtfikfsuf7g.s4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.200.116.90 , Romania, ASN9009 (M247, GB),
Reverse DNS: no-mans-land.m247.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://saldodana.xyz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 29 Mar 2022 07:10:33 GMT
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
ETag: "5b5f30d9-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

GET
H3 200 / Show response
c.adsco.re/ Frame 4641 62 KB
22 KB 66ms
27ms Document
text/html 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://saldodana.xyz/

Response headers

date: Tue, 29 Mar 2022 07:10:32 GMT
content-type: text/html
cache-control: public, max-age=2678400
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
expires: Fri, 29 Apr 2022 07:10:32 GMT
etag: W/"2Ma3006J78KgzL0RD+7gUg=="
cf-cache-status: HIT
age: 2472935
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6f36c94d99719b63-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET /
6.adsco.re/ Frame 4641 0
0

GET
H/1.1 200
OK /
4.adsco.re/ Frame 4641 0
458 B 23ms
23ms Other
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4.adsco.re/
Requested by: Host: saldodana.xyz
URL: https://saldodana.xyz/topup/085781323969
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c.adsco.re/
Origin: https://c.adsco.re
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Tue, 29 Mar 2022 07:10:32 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://c.adsco.re
Cache-Control: private, max-age=5
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H2 200 info Show response
rtb.pushdom.co/users/ 193 B
281 B 397ms
94ms Script
application/json 38.100.129.11
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.pushdom.co/users/info?callback=userinfo_rp
Requested by: Host: richinfo.co
URL: https://richinfo.co/richpartners/push/js/rp-cl-ob.js?pubid=794556&siteid=309450&niche=33
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 38.100.129.11 Rockville, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 04f21ad01bd07f944cba0d233b02582f7c07bf1bf9934c599efcfdd224f76f1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saldodana.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:10:33 GMT
server: openresty/1.15.8.3
content-length: 193
content-type: application/json;charset=UTF-8

GET
H2 200 pixel.gif
rtb.pushdom.co/pixels/storage/custom/ 0
71 B 398ms
95ms Image
text/html 38.100.129.11
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.pushdom.co/pixels/storage/custom/pixel.gif?datasource=adx_reports&publisher_id=794556&site_id=309450&hits=1&ssp_id=1447&traffic_channel=XML_PUSH&script_type=content-locker&custom_1=https&custom_2=1&custom_3=https%3A%2F%2Fsaldodana.xyz%2Ftopup%2F085781323969
Requested by: Host: saldodana.xyz
URL: https://saldodana.xyz/topup/085781323969
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 38.100.129.11 Rockville, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saldodana.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:10:33 GMT
server: openresty/1.15.8.3
content-length: 0
content-type: text/html;charset=UTF-8

GET
H3 200 /
c.adsco.re/ Frame 4641 61 KB
0 24ms
24ms XHR
text/html 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.adsco.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:10:32 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 2472935
etag: W/"2Ma3006J78KgzL0RD+7gUg=="
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
cache-control: public, max-age=2678400
cf-ray: 6f36c94e6b3a9b63-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 29 Apr 2022 07:10:32 GMT

GET /
4.adsco.re/ Frame 4641 0
0

POST
H/1.1 200
OK p Show response
adsco.re/ 364 B
864 B 44ms
43ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adsco.re/p
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: 4c81f690879fddbec4539ee417cfc7df2e7e28162753d5fdcabd11a3df0a2919

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saldodana.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

AS-P-G: OK
Date: Tue, 29 Mar 2022 07:10:33 GMT
AS-P-7: OK
AS-P-9: OK
AS-P-C: OK
Transfer-Encoding: chunked
AS-P-5: OK
AS-P-F: OK
Connection: keep-alive
Content-Encoding: gzip
AS-P-2: OK
AS-P-D: OK
AS-P-6: OK
AS-P-B: OK
AS-P-H: OK
AS-P-4: OK
AS-P-A: OK
Access-Control-Max-Age: 2592000
AS-P-1: OK lon123
Access-Control-Allow-Origin: https://saldodana.xyz
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
AS-P-8: OK
Content-Type: text/html; charset=UTF-8
AS-P-E: OK
AS-P-3: OK

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/5.5.3/ 34 KB
13 KB 126ms
40ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/5.5.3/firebase-app.js

Requested by

Host: richinfo.co
URL: https://richinfo.co/richpartners/push/js/rp-cl-ob.js?pubid=794556&siteid=309450&niche=33

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81dff483fdac22b45e404c729c8cf593a995840478f4101cd8e97e09b47ae96e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saldodana.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 19:00:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 562221
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12419
x-xss-protection: 0
last-modified: Thu, 04 Oct 2018 21:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Mar 2023 19:00:12 GMT

GET
H2 200 AhFw.aspx Show response
cdn4ads.com/ 44 B
140 B 262ms
216ms Script
text/javascript 216.59.63.128
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4ads.com/AhFw.aspx?_=BAoAYkKw6AFiQrDpgAGBAsAAIGEilsBatuQmP9SW2HXAM_EaAxFxTxk1QA_4nHfk5LauwQBHMEUCIQDpNb0oMRuGipNvdmOs0lGc6XuATy7B9UOiOfY3spOA4AIgOp1WLAOCz8HiowCOaLWNaqslG5NN0yOMQMB8xy-Wf_vCACCgZ58nNQcSA827l9237mvKzsjN4LaOLps8LI6u_3GLMMQAECoDGyAABvARAAAAAAAAAH7FABCsoWwW2pCNizp4bBJciB40wwBIMEYCIQC1V-iPP7A7yyPYgJXbb7_SZuIoftUWHa_mYx-D_E1izwIhAIf6W0E5-cWXpV_SP_3S6fCLsbP3iQkYqftPYxbt82Av&v=4&yAXQgPum=4491293&azWPeKyp=&wXflyKnP=0,0&FItcCSqN=&YIbuTSrw=&s=1600,1200,1,1600,1200,0
Requested by: Host: www.cdn4ads.com
URL: https://www.cdn4ads.com/Vibrant.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.63.128 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: 216-59-63-128.customer.totaluptime.net
Software: /
Resource Hash: 9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saldodana.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 29 Mar 2022 07:10:33 GMT
popads-ec: ASB
asf: 9
content-length: 44
content-type: text/javascript;charset=UTF-8

GET
H3 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/5.5.3/ 35 KB
10 KB 88ms
40ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/5.5.3/firebase-messaging.js

Requested by

Host: richinfo.co
URL: https://richinfo.co/richpartners/push/js/rp-cl-ob.js?pubid=794556&siteid=309450&niche=33

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e87c14a38296bdf92c4f9a1cd41ad9077a3cbe2d33d51eb4fb54f4706c9ebe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saldodana.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 01:00:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 540585
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10045
x-xss-protection: 0
last-modified: Thu, 04 Oct 2018 21:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Mar 2023 01:00:48 GMT

GET
H2 200 pixel.gif
rtb.pushdom.co/pixels/storage/custom/ 0
71 B 96ms
95ms Image
text/html 38.100.129.11
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.pushdom.co/pixels/storage/custom/pixel.gif?datasource=adx_reports&publisher_id=794556&site_id=309450&initialized_uniques=1&ssp_id=1447&traffic_channel=XML_PUSH&script_type=content-locker&custom_1=https&custom_2=1&custom_3=https%3A%2F%2Fsaldodana.xyz%2Ftopup%2F085781323969
Requested by: Host: saldodana.xyz
URL: https://saldodana.xyz/topup/085781323969
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 38.100.129.11 Rockville, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saldodana.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:10:33 GMT
server: openresty/1.15.8.3
content-length: 0
content-type: text/html;charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 6.adsco.re
URL: https://6.adsco.re/

Domain: 4.adsco.re
URL: https://4.adsco.re/

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
saldodana.xyz/	1970-01-20 01:56:03	Name: a Value: VaoL2voXvTVd0wsZ0AZPiDQGpT687Ecr
saldodana.xyz/	1970-01-20 01:55:59	Name: token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c Value: BAoAYkKw6AFiQrDpgAGBAsAAIGEilsBatuQmP9SW2HXAM_EaAxFxTxk1QA_4nHfk5LauwQBHMEUCIQDpNb0oMRuGipNvdmOs0lGc6XuATy7B9UOiOfY3spOA4AIgOp1WLAOCz8HiowCOaLWNaqslG5NN0yOMQMB8xy-Wf_vCACCgZ58nNQcSA827l9237mvKzsjN4LaOLps8LI6u_3GLMMQAECoDGyAABvARAAAAAAAAAH7FABCsoWwW2pCNizp4bBJciB40wwBIMEYCIQC1V-iPP7A7yyPYgJXbb7_SZuIoftUWHa_mYx-D_E1izwIhAIf6W0E5-cWXpV_SP_3S6fCLsbP3iQkYqftPYxbt82Av
saldodana.xyz/	1970-01-20 01:55:59	Name: _popprepop Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://b42rracj.com/b2/47/b2/b247b2add3b2e9f00cb2b3079ad9f61f.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.adsco.re
6.adsco.re
adsco.re
assets.promediateknologi.com
b42rracj.com
c.adsco.re
cdn0-production-images-kly.akamaized.net
cdn4ads.com
cdnjs.cloudflare.com
encrypted-tbn0.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
i.pinimg.com
i1.sndcdn.com
imgx.sonora.id
jvtfikfsuf7g.l4.adsco.re
jvtfikfsuf7g.n4.adsco.re
jvtfikfsuf7g.s4.adsco.re
qph.fs.quoracdn.net
richinfo.co
rtb.pushdom.co
saldodana.xyz
stackpath.bootstrapcdn.com
static.xx.fbcdn.net
ubaya.ac.id
www.cdn4ads.com
www.gstatic.com
4.adsco.re
6.adsco.re
143.204.98.123
143.204.98.59
151.101.1.2
162.252.214.5
185.200.116.90
185.200.118.90
192.243.59.12
2.16.107.48
203.114.224.38
216.59.63.128
2600:9000:2156:5400:1a:9224:fc80:93a1
2606:4700::6810:125e
2606:4700::6811:a6ba
2606:4700::6811:a7ba
2606:4700::6812:acf
2a00:1450:4001:803::2003
2a00:1450:4001:809::200a
2a00:1450:4001:811::2003
2a00:1450:4001:82b::200e
2a02:26f0:6c00:294::1931
2a02:6ea0:c700::11
2a03:2880:f01c:8012:face:b00c:0:3
38.100.129.11
38.132.109.186
46.105.199.75
68.65.121.157
034b961556477ead4e27d98ad251e80587e4fd4572bacf2c536f21076760bcf9
04f21ad01bd07f944cba0d233b02582f7c07bf1bf9934c599efcfdd224f76f1f
0584f032260564bf1d68de7fef6bd3b6507cd30ab150c1a93eb5fc2af750fba7
06c572e99c878362d40d1f358efdfe400ae1310f35cf22174dcdd5db022dd810
073bf1b5f805462c865c4700b430fd1083a38da47af684c2da915bf8072d1dbd
078429be0f135852863f31f02ae0fdd2be21a650562eae656a3655aed53305d8
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
0cef1e0909340e42a229fadadceb74291387c3af532d3c6778345ab70dce577c
1abb718c01b01f9355c64bef6bb9059639bf39bb30870dd9ce68843c829fee3a
27324184f295954c110c25dba7d01ebfffbe327a519df26072ddc924b2811db8
27e9042e0cd29ac1e29332d3a88a1aa1bc84fb912ac5b14ced66d8f5e6890938
27ef53faac17a2fcf938097d718cbf926cc54f9b35d79815c26ea0e219156d6b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a
3f88e5739fc5159c9d5beee977db4efb1e9d2c34c4681584e851d8f3caf1ace4
42d29af4720b6398fad197eff930c7a9325d84fba465bdd6bcdeaede3fd19ae7
4c81f690879fddbec4539ee417cfc7df2e7e28162753d5fdcabd11a3df0a2919
4f6e4b88a7e598a9940b6e555a9014cf118a4ea2e064d7408e3e47feb808b4e4
5137e0df4f2934d3087df9baab0d492b0f856ee4760b07e2abf4ab951869983e
679d65f86dac6355d0034fe46a5efed0a33e8d1c4481dbeaaf18d44c4f1c138a
6b0717c2c89c54e5d75f6e3adc789640c15c6b1e3076935a438bdc64f93bd748
720791930030e05a53c54a6cf2282eca793580b228ff658eff7ca557ecb7bc0e
7317eda63178a1ffb5050d37e1fcc7eec43b696260d73a92a955d9ba6e6cba2e
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7fddbd240d76059918bb40198fde916921ab6c516be78c62c3df21f604d04cbf
81dff483fdac22b45e404c729c8cf593a995840478f4101cd8e97e09b47ae96e
84c838fdbabd1d359e9b4b58901d40a859ff15132ec953c73857b11f11eff73c
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
97b78ad799f6a38c07afa4857123ec6fde0ed179e4bbb8ab82a31341fe0fbf28
9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
9e87c14a38296bdf92c4f9a1cd41ad9077a3cbe2d33d51eb4fb54f4706c9ebe2
a2efc10159eecb1280a015ef3334cd4afa8f987b4cff95c31120a5aa78d1192d
af1e4b36d4b6d529e76c526bb1f7b883f95e618d4d4dfa42874ddd9b4003ce8f
b7b52c451538f3dc87b93d27505b75f8619bdf0c2358680a229f1d0bc7eaf4a7
bca24f93c3e597f883856fd3e0a99dcd8229a293aa7657206c543f0bc0b3d4b5
d0a1cda648e31b01f6810fb8ef45e0b399f8a4fd4349746af9821e47baef5aa9
d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b
d7b393de5b89dcec71d4b72d021c57e69e37587381badbb3492a241e924626f2
dd00fa843d52b4ceb9762ebf3a8655eb799849bf94e5557e52d4e5d03ccbf209
ddb945190e4734f2ce7a18b6983ea984446aabc6c30ba8532aee68b227ee4979
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e920a163c06fbecc57e8a328b58c479fbb05bc81f8cc39086e4ad408a82f53aa
e949916b4daec62229078df7e732c1a6eeb88c3ec6936931ee4c35882d479c1b
eaf5aea140f3e48516c27cd9c4a1b49b1cac780055ca2eaed084fcd75eb07e58
fa3bcc93d1be83ac7d82cd6182d25741cdef5d016e40436266df12a50abbebc3
fc9e9386c3a1fa4461dcfc4da269cb4a078368406159acbbe094757fc8ccdb94
feb681031acbccdcf9f2c60de8217595921fd0f0f3a06dd580c5793b001a51b7

saldodana.xyz Open in urlscan Pro 68.65.121.157 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

61 Requests

97 %HTTPS

46 %IPv6

18 Domains

27 Subdomains

27 IPs

6 Countries

1074 kBTransfer

1596 kBSize

3 Cookies

1 Outgoing links

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

saldodana.xyz Open in urlscan Pro
68.65.121.157 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

97 %
HTTPS

46 %
IPv6

18
Domains

27
Subdomains

27
IPs

6
Countries

1074 kB
Transfer

1596 kB
Size

3
Cookies

61 HTTP transactions
0 data transactions