urlscan.io logo urlscan.io
SecurityTrails logo

trk.contentcraveclub.com Open in urlscan Pro
2606:4700:3034::ac43:c4fa  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://trk.contentcraveclub.com/campaign/f015d63e186e0df5141693e7a86c8f67e5e79f52
Effective URL: http://trk.contentcraveclub.com/loader_only.php?rc=R-CT-P-SC&transaction_id=7B93BDF7-B976-8F91-8D6E-B43C97C747CA&pl=891032761&pc...
Submission: On January 28 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 1 countries across 5 domains to perform 35 HTTP transactions. The main IP is 2606:4700:3034::ac43:c4fa, located in United States and belongs to CLOUDFLARENET, US. The main domain is trk.contentcraveclub.com.
This is the only time trk.contentcraveclub.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

19    2606:4700:3034::ac43:c4fa (United States)

ASN13335 (CLOUDFLARENET, US)
trk.contentcraveclub.com
assets.contentcraveclub.com
1    2607:f8b0:4004:c17::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2607:f8b0:4004:c09::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
4    2607:f8b0:4004:c06::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    151.101.193.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
3    151.101.194.133 (United States)

ASN54113 (FASTLY, US)
www.paypalobjects.com
2    151.101.65.35 (United States)

ASN54113 (FASTLY, US)
t.paypal.com
Apex Domain
Subdomains		 Transfer
19 contentcraveclub.com
trk.contentcraveclub.com
assets.contentcraveclub.com
339 KB
8 paypal.com
www.paypal.com — Cisco Umbrella Rank: 3015
t.paypal.com — Cisco Umbrella Rank: 3523
89 KB
4 gstatic.com
fonts.gstatic.com
34 KB
3 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2611
32 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
ajax.googleapis.com — Cisco Umbrella Rank: 369
31 KB
35 5
Domain Requested by
13 assets.contentcraveclub.com trk.contentcraveclub.com
6 www.paypal.com trk.contentcraveclub.com
www.paypal.com
www.paypalobjects.com
6 trk.contentcraveclub.com 1 redirects trk.contentcraveclub.com
ajax.googleapis.com
assets.contentcraveclub.com
4 fonts.gstatic.com fonts.googleapis.com
3 www.paypalobjects.com www.paypal.com
www.paypalobjects.com
2 t.paypal.com
1 ajax.googleapis.com trk.contentcraveclub.com
1 fonts.googleapis.com trk.contentcraveclub.com
35 8

This site contains links to these domains. Also see Links.

Domain
content-crave.com
www.paypal.com
Subject Issuer Validity Valid
contentcraveclub.com
GTS CA 1P5		 2024-01-26 -
2024-04-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2024-01-24 -
2024-08-21		 7 months crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-09-21 -
2024-10-21		 a year crt.sh

This page contains 2 frames:

Primary Page: http://trk.contentcraveclub.com/loader_only.php?rc=R-CT-P-SC&transaction_id=7B93BDF7-B976-8F91-8D6E-B43C97C747CA&pl=891032761&pc_session_id=ki0ai6fpus3s7bha3c9mopp8i3-25192&sid=ki0ai6fpus3s7bha3c9mopp8i3-25192&pc_synd_id=gc_ccr_us_a1_sh293_pp_sbdeh2&partner=gc_ccr_us_a1_sh293_pp_sbdeh2
Frame ID: 41DD33DF9FC4C71F2A30ACD54C6D7401
Requests: 30 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 7C07A3D4C64623EA169DD9797EB0AA08
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Content Crave

Page URL History Show full URLs

  1. http://trk.contentcraveclub.com/campaign/f015d63e186e0df5141693e7a86c8f67e5e79f52 HTTP 302
    http://trk.contentcraveclub.com/loader_only.php?rc=R-CT-P-SC&transaction_id=7B93BDF7-B976-8F91-8D6E-B43C97C7... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

35
Requests

71 %
HTTPS

57 %
IPv6

5
Domains

8
Subdomains

7
IPs

1
Countries

524 kB
Transfer

914 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://trk.contentcraveclub.com/campaign/f015d63e186e0df5141693e7a86c8f67e5e79f52 HTTP 302
    http://trk.contentcraveclub.com/loader_only.php?rc=R-CT-P-SC&transaction_id=7B93BDF7-B976-8F91-8D6E-B43C97C747CA&pl=891032761&pc_session_id=ki0ai6fpus3s7bha3c9mopp8i3-25192&sid=ki0ai6fpus3s7bha3c9mopp8i3-25192&pc_synd_id=gc_ccr_us_a1_sh293_pp_sbdeh2&partner=gc_ccr_us_a1_sh293_pp_sbdeh2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request loader_only.php
trk.contentcraveclub.com/
Redirect Chain
  • http://trk.contentcraveclub.com/campaign/f015d63e186e0df5141693e7a86c8f67e5e79f52
  • http://trk.contentcraveclub.com/loader_only.php?rc=R-CT-P-SC&transaction_id=7B93BDF7-B976-8F91-8D6E-B43C97C747CA&pl=891032761&pc_session_id=ki0ai6fpus3s7bha3c9mopp8i3-25192&sid=ki0ai6fpus3s7bha3c9m...
49 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://trk.contentcraveclub.com/loader_only.php?rc=R-CT-P-SC&transaction_id=7B93BDF7-B976-8F91-8D6E-B43C97C747CA&pl=891032761&pc_session_id=ki0ai6fpus3s7bha3c9mopp8i3-25192&sid=ki0ai6fpus3s7bha3c9mopp8i3-25192&pc_synd_id=gc_ccr_us_a1_sh293_pp_sbdeh2&partner=gc_ccr_us_a1_sh293_pp_sbdeh2
Protocol
HTTP/1.1
Server
2606:4700:3034::ac43:c4fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
6e46ec4652f5823a027eca6394e0923e862a279a4efa55feb0da8cf3fc824178

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
84c619e71e654bcc-BUF
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sun, 28 Jan 2024 03:20:43 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma
no-cache
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iRuWLZM8WguPsVloSKxUUnl7M3uztZn0OtUq%2FN3AxKLkhw8K4qfSZc2uyAzX%2FxJb0ivIfsUPVkg6pnjKAY%2BZagLDYUgZKodEdjT15TmNSDNPb11mL3nDI1yowLui7pn4t7CB8BlO%2FNSKpPTHipMreKzE5tBJ8hk%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
X-Powered-By
PHP/5.4.16
alt-svc
h3=":443"; ma=86400

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
84c619e45cba4bcc-BUF
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
text/html
Date
Sun, 28 Jan 2024 03:20:43 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma
no-cache
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zjqjiwp3EbGr5%2BjzZ3QSb20G0Pt1%2FLp9fzUEx%2Fq7hdrdhP3h%2F5WGoR2fQ4V1ZzMoG1eBahMKyOYMbWZPDONvacopx30YN6GyLgXFFmvTTKp6mkgf6bbbCxg4FsIOjbBTjcAmzmRaH1NxhCYjKB3OnYluVcbKQ8A%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
X-Powered-By
PHP/5.4.16
alt-svc
h3=":443"; ma=86400
location
http://trk.contentcraveclub.com/loader_only.php?rc=R-CT-P-SC&transaction_id=7B93BDF7-B976-8F91-8D6E-B43C97C747CA&pl=891032761&pc_session_id=ki0ai6fpus3s7bha3c9mopp8i3-25192&sid=ki0ai6fpus3s7bha3c9mopp8i3-25192&pc_synd_id=gc_ccr_us_a1_sh293_pp_sbdeh2&partner=gc_ccr_us_a1_sh293_pp_sbdeh2
css2
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;0,600;0,700;0,800;1,800&display=swap
Requested by
Host: trk.contentcraveclub.com
URL: http://trk.contentcraveclub.com/loader_only.php?rc=R-CT-P-SC&transaction_id=7B93BDF7-B976-8F91-8D6E-B43C97C747CA&pl=891032761&pc_session_id=ki0ai6fpus3s7bha3c9mopp8i3-25192&sid=ki0ai6fpus3s7bha3c9mopp8i3-25192&pc_synd_id=gc_ccr_us_a1_sh293_pp_sbdeh2&partner=gc_ccr_us_a1_sh293_pp_sbdeh2
Protocol
HTTP/1.1
Server
2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f6014c729a0dd2b19d654e1fd7b29baf903cb15b12203af22481e53aba8e8fff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://trk.contentcraveclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 28 Jan 2024 03:20:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Sun, 28 Jan 2024 03:20:43 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Sun, 28 Jan 2024 03:20:43 GMT
banner.png
assets.contentcraveclub.com/assets/US/ContentCrave/safe_page/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.contentcraveclub.com/assets/US/ContentCrave/safe_page/img/banner.png
Requested by
Host: trk.contentcraveclub.com
URL: http://trk.contentcraveclub.com/loader_only.php?rc=R-CT-P-SC&transaction_id=7B93BDF7-B976-8F91-8D6E-B43C97C747CA&pl=891032761&pc_session_id=ki0ai6fpus3s7bha3c9mopp8i3-25192&sid=ki0ai6fpus3s7bha3c9mopp8i3-25192&pc_synd_id=gc_ccr_us_a1_sh293_pp_sbdeh2&partner=gc_ccr_us_a1_sh293_pp_sbdeh2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c4fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17abf5f73ccacef2b578dc7096f821ebb68e2801e2dcfd9b58fd8ecac61547bf

Request headers

accept-language
en-US,en;q=0.9
Referer
http://trk.contentcraveclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 03:20:43 GMT
cf-cache-status
MISS
last-modified
Tue, 27 Apr 2021 11:08:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"d46-5c0f24819b44f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aL1xKTwuOi2b4GGHY19lg%2B1NyzBLe1sWjkKh6kKsjX4wGillq1%2B1OoOVQ9NPvoGvXvrx2DxIxIVdEGTR9qxcPix%2B4W4qV8gC6hvRIJGgmtrJfGpsLpZe9idZw47KR4iAWcVd40Wy8%2FbdfgMbZW0YSEtEnikLFI2NOsI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84c619e97ab54bc9-BUF
alt-svc
h3=":443"; ma=86400
content-length
3398
extra-img.png
assets.contentcraveclub.com/assets/US/ContentCrave/safe_page/img/ 		95 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.contentcraveclub.com/assets/US/ContentCrave/safe_page/img/extra-img.png
Requested by
Host: trk.contentcraveclub.com
URL: http://trk.contentcraveclub.com/loader_only.php?rc=R-CT-P-SC&transaction_id=7B93BDF7-B976-8F91-8D6E-B43C97C747CA&pl=891032761&pc_session_id=ki0ai6fpus3s7bha3c9mopp8i3-25192&sid=ki0ai6fpus3s7bha3c9mopp8i3-25192&pc_synd_id=gc_ccr_us_a1_sh293_pp_sbdeh2&partner=gc_ccr_us_a1_sh293_pp_sbdeh2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c4fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
http://trk.contentcraveclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 03:20:43 GMT
cf-cache-status
MISS
last-modified
Tue, 27 Apr 2021 11:08:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5f-5c0f24819bc1f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YasoSWImLQ%2Fn9DQpgXqaooVkcSB9kzL3pGZtWIBzTImnS8Zt83jDgCOOTy%2BstZnmw8avNAZwrX3dXoS5yduLd%2FvDg7v%2BlVlfhlDWmcMN6aZ%2F1p5e6P4cFWDPzF9ZqhN17jQX6Xa8xAoHuejo6%2Fi8mIxWedMy%2Be2qGBo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84c619e97abb4bc9-BUF
alt-svc
h3=":443"; ma=86400
content-length
95
loader_opt.gif
assets.contentcraveclub.com/assets/global/loading/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.contentcraveclub.com/assets/global/loading/loader_opt.gif
Requested by
Host: trk.contentcraveclub.com
URL: http://trk.contentcraveclub.com/loader_only.php?rc=R-CT-P-SC&transaction_id=7B93BDF7-B976-8F91-8D6E-B43C97C747CA&pl=891032761&pc_session_id=ki0ai6fpus3s7bha3c9mopp8i3-25192&sid=ki0ai6fpus3s7bha3c9mopp8i3-25192&pc_synd_id=gc_ccr_us_a1_sh293_pp_sbdeh2&partner=gc_ccr_us_a1_sh293_pp_sbdeh2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c4fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a06c226f4422b3e67bfc1c90c2703681c7e06c4848aaf9d315f2832465c3cd9f

Request headers

accept-language
en-US,en;q=0.9
Referer
http://trk.contentcraveclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 03:20:44 GMT
cf-cache-status
MISS
last-modified
Thu, 02 Apr 2020 11:09:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1c0c-5a24cd74b1c09"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5eB2MtDe0LTnsd%2BAq%2BsoJ4w%2BMhQKqptcCMlJOSJ2bs6wS3ij7cSPMNrjX4fdmQHAwzVmrmf4bijuobjkiTpb%2B07uxAN5BKE8Td0d%2Byd8fKV6uUr4tJbxXlqmfsE1QXvaXwHmADreO5j1daD2omSm1hYZgs6rR7BSs2k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84c619e97ab94bc9-BUF
alt-svc
h3=":443"; ma=86400
content-length
7180
transparent-v1.png
assets.contentcraveclub.com/assets/global/buttons/paypal/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.contentcraveclub.com/assets/global/buttons/paypal/transparent-v1.png
Requested by
Host: trk.contentcraveclub.com
URL: http://trk.contentcraveclub.com/loader_only.php?rc=R-CT-P-SC&transaction_id=7B93BDF7-B976-8F91-8D6E-B43C97C747CA&pl=891032761&pc_session_id=ki0ai6fpus3s7bha3c9mopp8i3-25192&sid=ki0ai6fpus3s7bha3c9mopp8i3-25192&pc_synd_id=gc_ccr_us_a1_sh293_pp_sbdeh2&partner=gc_ccr_us_a1_sh293_pp_sbdeh2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c4fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5d772f4fe68a4b80d66af20549fb2e1d1058cbf17f8fb12c8c9e1be19595bb8

Request headers

accept-language
en-US,en;q=0.9
Referer
http://trk.contentcraveclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 03:20:43 GMT
cf-cache-status
MISS
last-modified
Mon, 28 Sep 2020 12:39:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"fe8-5b05ef4425b7c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ka31hu5oZUZ9AZPBqZR7saL7%2F2QeeMkovIaWF1moKSMWjkoNY9k3ex9uEQPRqbxFWE1s1RDfAvYGiRUmCvIFY4oxZXaa7Zd174iFQUHRhKCY%2F6ZQPdsv7IhCwwK9Z%2BCOrNsAbicJmRUhGGkaYyRy5brBRRQjDqlxcYE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84c619e97aba4bc9-BUF
alt-svc
h3=":443"; ma=86400
content-length
4072
info.png
assets.contentcraveclub.com/assets/US/ContentCrave/safe_page/img/ 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.contentcraveclub.com/assets/US/ContentCrave/safe_page/img/info.png
Requested by
Host: trk.contentcraveclub.com
URL: http://trk.contentcraveclub.com/loader_only.php?rc=R-CT-P-SC&transaction_id=7B93BDF7-B976-8F91-8D6E-B43C97C747CA&pl=891032761&pc_session_id=ki0ai6fpus3s7bha3c9mopp8i3-25192&sid=ki0ai6fpus3s7bha3c9mopp8i3-25192&pc_synd_id=gc_ccr_us_a1_sh293_pp_sbdeh2&partner=gc_ccr_us_a1_sh293_pp_sbdeh2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c4fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7e3b689b4fad4bdc165bafc6668da22c0e2152a2730aa41f47b48b29d5efb8a

Request headers

accept-language
en-US,en;q=0.9
Referer
http://trk.contentcraveclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 03:20:44 GMT
cf-cache-status
MISS
last-modified
Tue, 27 Apr 2021 11:08:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"13600-5c0f24819bc1f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ZI5oCj%2FAE33bdrFiDBXtN07EMud6GUWW002bcDwnW42HLGwC0mJyvnHwvNj2PEFk3C3HgVghF7SglCH10kgFtbIXR6FE5VKHsafWFAW0IAzGP1bIwAUhN%2BaZmpQ6OMB6He9NNgKny5AWv6GkVaiwKzXBEbCVRKVyhE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84c619e97ab74bc9-BUF
alt-svc
h3=":443"; ma=86400
content-length
79360
email-decode.min.js
trk.contentcraveclub.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://trk.contentcraveclub.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: trk.contentcraveclub.com
URL: http://trk.contentcraveclub.com/loader_only.php?rc=R-CT-P-SC&transaction_id=7B93BDF7-B976-8F91-8D6E-B43C97C747CA&pl=891032761&pc_session_id=ki0ai6fpus3s7bha3c9mopp8i3-25192&sid=ki0ai6fpus3s7bha3c9mopp8i3-25192&pc_synd_id=gc_ccr_us_a1_sh293_pp_sbdeh2&partner=gc_ccr_us_a1_sh293_pp_sbdeh2
Protocol
HTTP/1.1
Server
2606:4700:3034::ac43:c4fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
http://trk.contentcraveclub.com/loader_only.php?rc=R-CT-P-SC&transaction_id=7B93BDF7-B976-8F91-8D6E-B43C97C747CA&pl=891032761&pc_session_id=ki0ai6fpus3s7bha3c9mopp8i3-25192&sid=ki0ai6fpus3s7bha3c9mopp8i3-25192&pc_synd_id=gc_ccr_us_a1_sh293_pp_sbdeh2&partner=gc_ccr_us_a1_sh293_pp_sbdeh2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 28 Jan 2024 03:20:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Fri, 26 Jan 2024 10:32:07 GMT
Server
cloudflare
ETag
W/"65b38a27-4d7"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TEH%2FHENMzUux8733eat5LIU6JMnp9sawfxBcVegf8twmyvKHf880telgZcECI9DAYuPoKcmV0zLFwWtrjBWiSXyBACZO5NkwAe4cCru0LUnjLaAL5SiwDP6f2ouYAd5y7Go1FnURrrcXwdFt85H7HhnpFPbxlv0%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
X-Frame-Options
DENY
Cache-Control
max-age=172800, public
CF-RAY
84c619e908934bd8-BUF
Expires
Tue, 30 Jan 2024 03:20:43 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: trk.contentcraveclub.com
URL: http://trk.contentcraveclub.com/loader_only.php?rc=R-CT-P-SC&transaction_id=7B93BDF7-B976-8F91-8D6E-B43C97C747CA&pl=891032761&pc_session_id=ki0ai6fpus3s7bha3c9mopp8i3-25192&sid=ki0ai6fpus3s7bha3c9mopp8i3-25192&pc_synd_id=gc_ccr_us_a1_sh293_pp_sbdeh2&partner=gc_ccr_us_a1_sh293_pp_sbdeh2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://trk.contentcraveclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 17:36:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
207879
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Jan 2025 17:36:04 GMT
elephant.js
assets.contentcraveclub.com/global-scripts/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.contentcraveclub.com/global-scripts/js/elephant.js
Requested by
Host: trk.contentcraveclub.com
URL: http://trk.contentcraveclub.com/loader_only.php?rc=R-CT-P-SC&transaction_id=7B93BDF7-B976-8F91-8D6E-B43C97C747CA&pl=891032761&pc_session_id=ki0ai6fpus3s7bha3c9mopp8i3-25192&sid=ki0ai6fpus3s7bha3c9mopp8i3-25192&pc_synd_id=gc_ccr_us_a1_sh293_pp_sbdeh2&partner=gc_ccr_us_a1_sh293_pp_sbdeh2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c4fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
7edecdbd869f64ec3ec3b09ad60f1735d37b04664bbad566dda002f2b5a02fea

Request headers

accept-language
en-US,en;q=0.9
Referer
http://trk.contentcraveclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 03:20:43 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Sat, 27 Jan 2024 22:40:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.4.16
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wBibwk1TGAltN26lPgLR3jQZ5Hjq1bZN0hN1zaTgG%2FRkppCWx2kNxWL505SGclWGxrQW43QYuSVoCLaUXGEytPdmmWETle%2FkiZFsxHaIOLDE2n8mNmEQzlqZiw6OFZkNuxV6uWeXW3xTf65teYNYIm%2F8qeuLJBIYfjw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=14400
cf-ray
84c619e97abc4bc9-BUF
alt-svc
h3=":443"; ma=86400
manageCookies.js
assets.contentcraveclub.com/global-scripts/js/ 		741 B
705 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.contentcraveclub.com/global-scripts/js/manageCookies.js
Requested by
Host: trk.contentcraveclub.com
URL: http://trk.contentcraveclub.com/loader_only.php?rc=R-CT-P-SC&transaction_id=7B93BDF7-B976-8F91-8D6E-B43C97C747CA&pl=891032761&pc_session_id=ki0ai6fpus3s7bha3c9mopp8i3-25192&sid=ki0ai6fpus3s7bha3c9mopp8i3-25192&pc_synd_id=gc_ccr_us_a1_sh293_pp_sbdeh2&partner=gc_ccr_us_a1_sh293_pp_sbdeh2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c4fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
290b1a4f50d2b5d32b9d8bcb6f8369e9bca2372da8604d320903ec8a9cdc058a

Request headers

accept-language
en-US,en;q=0.9
Referer
http://trk.contentcraveclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 03:20:44 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 03 Oct 2022 10:03:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2e5-5ea1e75272a48"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2FKYzCgbqA0YJVcFpKn1rsX440jpDL%2FuvLn2lphXaYjztE5yQ4%2FFkvPCbN4SOySkSN4EoTUx5fTqSXU%2FhaqEFUpR7f7W9jGM6wBpvLDRICHQq4je5u85IlmKFDUT5HUHs3X1XVyPmfSLHvqRtZpdyGbLrDr7P1pAyBk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
84c619e99acd4bc9-BUF
alt-svc
h3=":443"; ma=86400
lazy_loader.js
assets.contentcraveclub.com/global-scripts/js/function/ 		770 B
699 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.contentcraveclub.com/global-scripts/js/function/lazy_loader.js
Requested by
Host: trk.contentcraveclub.com
URL: http://trk.contentcraveclub.com/loader_only.php?rc=R-CT-P-SC&transaction_id=7B93BDF7-B976-8F91-8D6E-B43C97C747CA&pl=891032761&pc_session_id=ki0ai6fpus3s7bha3c9mopp8i3-25192&sid=ki0ai6fpus3s7bha3c9mopp8i3-25192&pc_synd_id=gc_ccr_us_a1_sh293_pp_sbdeh2&partner=gc_ccr_us_a1_sh293_pp_sbdeh2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c4fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75fda61b6fe4483c08c1f1d8f05876d6a2d96788104900b50fed574c37cf3652

Request headers

accept-language
en-US,en;q=0.9
Referer
http://trk.contentcraveclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 03:20:46 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 23 Mar 2020 12:12:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"302-5a1848c071609"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SnnMeRRavVe6JdgzUx1lEjGeeK6Tdx%2F5L2RkkdRHewjByp3gXSrD5T%2FZBQRl0hiZIoUQ8VS5U8b5uTRHS7OsiTk4cHFdfV2XUFkAE9UqtW8tSTZLJ4w65S9Vkx8qZduAduKwmmPbwuU76cVbn1%2Fci2ofT9IXy9ek%2FN4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
84c619e99ad14bc9-BUF
alt-svc
h3=":443"; ma=86400
stattag_v2.js
assets.contentcraveclub.com/global-scripts/js/function/ 		957 B
804 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.contentcraveclub.com/global-scripts/js/function/stattag_v2.js
Requested by
Host: trk.contentcraveclub.com
URL: http://trk.contentcraveclub.com/loader_only.php?rc=R-CT-P-SC&transaction_id=7B93BDF7-B976-8F91-8D6E-B43C97C747CA&pl=891032761&pc_session_id=ki0ai6fpus3s7bha3c9mopp8i3-25192&sid=ki0ai6fpus3s7bha3c9mopp8i3-25192&pc_synd_id=gc_ccr_us_a1_sh293_pp_sbdeh2&partner=gc_ccr_us_a1_sh293_pp_sbdeh2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c4fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77bdc7fd849a25672e3c844617cd1a64e9141db0b884fab0291b27af3934973c

Request headers

accept-language
en-US,en;q=0.9
Referer
http://trk.contentcraveclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 03:20:44 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 06 Apr 2023 08:12:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3bd-5f8a67881b0b7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vPffD4lGLMuPpINWH4TRW1VZU0vXunw8Exm95B8ezP6D6gu%2B31NwVBN3B7uZ4%2BHxFRsWeHBccgol9txeT6WoPNG81oLmqLqAG6mtJLmpi3NCqT2VAHYTR%2BXH2RODskrt7lnBWjXcGv2vFWO7vXdWXc2qvFcaNSiBuzI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
84c619e99ad34bc9-BUF
alt-svc
h3=":443"; ma=86400
background.jpg
assets.contentcraveclub.com/assets/US/ContentCrave/safe_page/img/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.contentcraveclub.com/assets/US/ContentCrave/safe_page/img/background.jpg
Requested by
Host: trk.contentcraveclub.com
URL: http://trk.contentcraveclub.com/loader_only.php?rc=R-CT-P-SC&transaction_id=7B93BDF7-B976-8F91-8D6E-B43C97C747CA&pl=891032761&pc_session_id=ki0ai6fpus3s7bha3c9mopp8i3-25192&sid=ki0ai6fpus3s7bha3c9mopp8i3-25192&pc_synd_id=gc_ccr_us_a1_sh293_pp_sbdeh2&partner=gc_ccr_us_a1_sh293_pp_sbdeh2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c4fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f236496b894ce450a0f4b51fd4d37da6a43af0bbaf87251f8d63b5347233eeee

Request headers

accept-language
en-US,en;q=0.9
Referer
http://trk.contentcraveclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 03:20:44 GMT
cf-cache-status
MISS
last-modified
Tue, 27 Apr 2021 11:08:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"393f-5c0f24819b44f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KI2pUecDJT4M6sfiOmXm7IjDiNpnJPZ1XRuwdTR8m6rEbm7i%2BQsaOlQ0DEnb54%2BE9JPado6pAcD9DipKvYD2YhvQgKVNtUGLd0%2BqPLx6NVOEyH127LqNB%2Fcpe9EhK0lbNxDbljBa0xfkZY0Wz8N%2Bj1qHbHgMs7dqKDQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84c619e97abd4bc9-BUF
alt-svc
h3=":443"; ma=86400
content-length
14655
placeholder.png
assets.contentcraveclub.com/assets/global/elements/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.contentcraveclub.com/assets/global/elements/placeholder.png
Requested by
Host: trk.contentcraveclub.com
URL: http://trk.contentcraveclub.com/loader_only.php?rc=R-CT-P-SC&transaction_id=7B93BDF7-B976-8F91-8D6E-B43C97C747CA&pl=891032761&pc_session_id=ki0ai6fpus3s7bha3c9mopp8i3-25192&sid=ki0ai6fpus3s7bha3c9mopp8i3-25192&pc_synd_id=gc_ccr_us_a1_sh293_pp_sbdeh2&partner=gc_ccr_us_a1_sh293_pp_sbdeh2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c4fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0e5ffc7a359a7722e862c83fad9f327f5fe0def1e883f9ad130c4b8d6e616ce

Request headers

accept-language
en-US,en;q=0.9
Referer
http://trk.contentcraveclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 03:20:44 GMT
cf-cache-status
MISS
last-modified
Tue, 07 Jul 2020 09:24:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"625-5a9d68f75d6ee"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BDgSwKt%2BSTvv%2FWUJ4yD3XBXShKzpaO0yGGp%2FboRGYDZZHpjZWj2n4Xv%2B3pKHe%2F7IIxJ0p339%2ByweXigSaWLrw%2F6%2F%2Fay5C0CzTsy15A4G5vbUcNXUxQYDTZNFuNoiM2Y5pvC2vSkeC3hnmzPjxBLNbrXJUO398blKNW4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84c619e97abe4bc9-BUF
alt-svc
h3=":443"; ma=86400
content-length
1573
pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;0,600;0,700;0,800;1,800&display=swap
Protocol
HTTP/1.1
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://trk.contentcraveclub.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 28 Jan 2024 03:18:10 GMT
X-Content-Type-Options
nosniff
Age
153
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
7824
X-XSS-Protection
0
Last-Modified
Wed, 27 Apr 2022 16:52:02 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Mon, 27 Jan 2025 03:18:10 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;0,600;0,700;0,800;1,800&display=swap
Protocol
HTTP/1.1
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://trk.contentcraveclub.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 17:37:40 GMT
X-Content-Type-Options
nosniff
Age
207783
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
7884
X-XSS-Protection
0
Last-Modified
Wed, 27 Apr 2022 17:03:52 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Fri, 24 Jan 2025 17:37:40 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;0,600;0,700;0,800;1,800&display=swap
Protocol
HTTP/1.1
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://trk.contentcraveclub.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 23:36:40 GMT
X-Content-Type-Options
nosniff
Age
13443
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
7816
X-XSS-Protection
0
Last-Modified
Wed, 27 Apr 2022 16:11:40 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Sun, 26 Jan 2025 23:36:40 GMT
paysmart
trk.contentcraveclub.com/api/utils/paypal/ 		258 B
895 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://trk.contentcraveclub.com/api/utils/paypal/paysmart?transaction_id=7B93BDF7-B976-8F91-8D6E-B43C97C747CA&pl=891032761&sid=ki0ai6fpus3s7bha3c9mopp8i3-25192&partner=gc_ccr_us_a1_sh293_pp_sbdeh2&timestamp=1706412046068&action=getDetails&visits=%7B%221706412046068%22%3A%7B%22pl%22%3A%22891032761%22%7D%7D
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol
HTTP/1.1
Server
2606:4700:3034::ac43:c4fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
f22a214e615231371ab3dc9671a368b2eb11fa290f92a3e37cef0ff8667a9157

Request headers

Accept
*/*
Referer
http://trk.contentcraveclub.com/loader_only.php?rc=R-CT-P-SC&transaction_id=7B93BDF7-B976-8F91-8D6E-B43C97C747CA&pl=891032761&pc_session_id=ki0ai6fpus3s7bha3c9mopp8i3-25192&sid=ki0ai6fpus3s7bha3c9mopp8i3-25192&pc_synd_id=gc_ccr_us_a1_sh293_pp_sbdeh2&partner=gc_ccr_us_a1_sh293_pp_sbdeh2
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 28 Jan 2024 03:20:47 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UyKap6i0lGjC68fHIx%2B6XwItlhJotT0m1bpfnKeSbB5e5kXFcBvyWLmndzhAUMz7kp34tHxQiuzsNWMck8hB5eAmyxBLBlbMocQgKEa2IGUoBZKbNGJOw27nRqR08ERbW2y71nJ6iOLKlZ6gLKOGd8kmXGTEX08%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Connection
keep-alive
CF-RAY
84c619f80e504bcc-BUF
alt-svc
h3=":443"; ma=86400
/
trk.contentcraveclub.com/api/logger/post_interaction/ 		60 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://trk.contentcraveclub.com/api/logger/post_interaction/
Requested by
Host: assets.contentcraveclub.com
URL: https://assets.contentcraveclub.com/global-scripts/js/elephant.js
Protocol
HTTP/1.1
Server
2606:4700:3034::ac43:c4fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
8c31d47d6b534d498ac371db845daa54f6df262a64ed66ae54b980fc74b4acf2

Request headers

Referer
http://trk.contentcraveclub.com/loader_only.php?rc=R-CT-P-SC&transaction_id=7B93BDF7-B976-8F91-8D6E-B43C97C747CA&pl=891032761&pc_session_id=ki0ai6fpus3s7bha3c9mopp8i3-25192&sid=ki0ai6fpus3s7bha3c9mopp8i3-25192&pc_synd_id=gc_ccr_us_a1_sh293_pp_sbdeh2&partner=gc_ccr_us_a1_sh293_pp_sbdeh2
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/json

Response headers

Date
Sun, 28 Jan 2024 03:20:47 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Pragma
no-cache
Server
cloudflare
Access-Control-Max-Age
86400
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1tLbNGoHZAz1L6uGv%2FDBk2%2BRR0ZS7uLdXEKp4DVNd1YmdttnAJ7A6EiIgNdKfFRhifzQgAF1r5rWW9WSLgaNnCr4n%2FZdRquSX%2FEF7UbT4deburFVGtzfTHeN7TxtqvB2XqgMiMOJuHxY22KOXgkRGwDsGErkQs0%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
CF-RAY
84c619f80de44bd8-BUF
Expires
Thu, 19 Nov 1981 08:52:00 GMT
/
trk.contentcraveclub.com/api/logger/post_interaction/ 		60 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://trk.contentcraveclub.com/api/logger/post_interaction/
Requested by
Host: assets.contentcraveclub.com
URL: https://assets.contentcraveclub.com/global-scripts/js/elephant.js
Protocol
HTTP/1.1
Server
2606:4700:3034::ac43:c4fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
15f7a1c57aec093cce12823425b4f416846fe9bb0d2480fe2c52e4af78158913

Request headers

Referer
http://trk.contentcraveclub.com/loader_only.php?rc=R-CT-P-SC&transaction_id=7B93BDF7-B976-8F91-8D6E-B43C97C747CA&pl=891032761&pc_session_id=ki0ai6fpus3s7bha3c9mopp8i3-25192&sid=ki0ai6fpus3s7bha3c9mopp8i3-25192&pc_synd_id=gc_ccr_us_a1_sh293_pp_sbdeh2&partner=gc_ccr_us_a1_sh293_pp_sbdeh2
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/json

Response headers

Date
Sun, 28 Jan 2024 03:20:46 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Pragma
no-cache
Server
cloudflare
Access-Control-Max-Age
86400
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BW5EsL7waAqTYTVAt5PLNzWWtBu9XO5DuZIsuHWZhp75vvKy0T54jbaVmGxeDhbswTicQ%2Bns5nxN%2F7899%2Fmf9jVJpg5hgdWuHLv5XFpXz55M%2FDsTSD5pPD5PLG7XndgrilBO%2Bn4OLZmoMB5zcli2LUQMwty1oZc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
CF-RAY
84c619f8390d4bc6-BUF
Expires
Thu, 19 Nov 1981 08:52:00 GMT
purple-tick.png
assets.contentcraveclub.com/assets/global/elements/ 		460 B
826 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.contentcraveclub.com/assets/global/elements/purple-tick.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c4fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35f9c971d054b6edfbcfdc1737a25c13f805301aeac818b66a85f03dd2b587dc

Request headers

accept-language
en-US,en;q=0.9
Referer
http://trk.contentcraveclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 03:20:46 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Mar 2021 12:32:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1cc-5bd41fab34402"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F5%2B%2F1GFrRK5ZRwISkDKi5zmMvu%2B04MxtJFjxevSb7%2BML8Q9SO0oGbXWNza%2FIN7Vv4Y2Qt7JtWfFjdFsEz6qCEt%2BjdOCK4BCqE4OAydZH1BLiO%2BU2ZcLN8JiOY3N1RJG8hLAgKM8QHBZpALRDu2P2eShnKuQvcpmriwU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84c619f80af44bc9-BUF
alt-svc
h3=":443"; ma=86400
content-length
460
pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;0,600;0,700;0,800;1,800&display=swap
Protocol
HTTP/1.1
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://trk.contentcraveclub.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 17:30:04 GMT
X-Content-Type-Options
nosniff
Age
208242
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
7840
X-XSS-Protection
0
Last-Modified
Wed, 27 Apr 2022 16:51:55 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Fri, 24 Jan 2025 17:30:04 GMT
desktop-img.png
assets.contentcraveclub.com/assets/US/ContentCrave/safe_page/img/ 		203 KB
204 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.contentcraveclub.com/assets/US/ContentCrave/safe_page/img/desktop-img.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c4fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
097dd93f18c03a77a9d17a84f5c0fbdb4939a1ad042488eb9145cec08aa08bb1

Request headers

accept-language
en-US,en;q=0.9
Referer
http://trk.contentcraveclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 03:20:46 GMT
cf-cache-status
MISS
last-modified
Tue, 27 Apr 2021 11:08:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"32c45-5c0f24819bc1f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NlvRnU5DnlfoLNVQsHokYH69P6o7Z4Na7w9EQq4rBatCM%2FibAnoBGYF%2BhBSpNxXifP6t%2BRyDmHj5Fla6mtrWd0EFuZVvOYUT9BmchtFKspOtm7EISajnCWDpv99LZNS5ZJm9XXSjeuvLvNM%2B3t99sRklI1OqpvlPuiI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84c619f81af74bc9-BUF
alt-svc
h3=":443"; ma=86400
content-length
207941
js
www.paypal.com/sdk/ 		294 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?intent=subscription&vault=true&client-id=AYFt9zBsIRkIB7FTd471nJxxSiqy4R_MN5ePtiPFgkTlFUczXVX_5vqnXgj_sIxnuL-WLSr2erOc70nL&disable-funding=credit,card
Requested by
Host: trk.contentcraveclub.com
URL: http://trk.contentcraveclub.com/loader_only.php?rc=R-CT-P-SC&transaction_id=7B93BDF7-B976-8F91-8D6E-B43C97C747CA&pl=891032761&pc_session_id=ki0ai6fpus3s7bha3c9mopp8i3-25192&sid=ki0ai6fpus3s7bha3c9mopp8i3-25192&pc_synd_id=gc_ccr_us_a1_sh293_pp_sbdeh2&partner=gc_ccr_us_a1_sh293_pp_sbdeh2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d3ca1a0ab914bc37f6ad9988cfe3485fd53ceee4def137407f25945b6fe336fe
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-X0ZPwE6iPBfeXvB2FWrPYsdtnOrQIEvsllB/DoGMYNv0e6z1' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-X0ZPwE6iPBfeXvB2FWrPYsdtnOrQIEvsllB/DoGMYNv0e6z1' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://trk.contentcraveclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-X0ZPwE6iPBfeXvB2FWrPYsdtnOrQIEvsllB/DoGMYNv0e6z1' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-X0ZPwE6iPBfeXvB2FWrPYsdtnOrQIEvsllB/DoGMYNv0e6z1' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
disable-set-cookie
true
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Sun, 28 Jan 2024 03:20:47 GMT
age
0
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS, MISS
p3p
true
paypal-debug-id
f29185420142a
server-timing
"traceparent;desc="00-0000000000000000000f29185420142a-f918d332c6d566a8-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
80125
x-xss-protection
1; mode=block
x-served-by
cache-bur-kbur8200110-BUR, cache-yyz4565-YYZ, cache-yyz4565-YYZ
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f29185420142a-259d193028154eed-01
x-timer
S1706412047.353525,VS0,VE535
etag
W/"138fd-jL2gtZ78iVGnGi7VMTEtuz5w9e4"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0, 0
pptm.js
www.paypal.com/tagmanager/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=trk.contentcraveclub.com&t=xo&v=5.0.421&source=payments_sdk&client_id=AYFt9zBsIRkIB7FTd471nJxxSiqy4R_MN5ePtiPFgkTlFUczXVX_5vqnXgj_sIxnuL-WLSr2erOc70nL&disableSetCookie=true&vault=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?intent=subscription&vault=true&client-id=AYFt9zBsIRkIB7FTd471nJxxSiqy4R_MN5ePtiPFgkTlFUczXVX_5vqnXgj_sIxnuL-WLSr2erOc70nL&disable-funding=credit,card
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1e225c2742bfadc91078ecc40c27d52ffd20be7309856ee4187311d993c18100
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-MWpV6jn3RlHFhzReY35PLgRsXtGhjZRXOR5aJg1k7JqU534T' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://trk.contentcraveclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-MWpV6jn3RlHFhzReY35PLgRsXtGhjZRXOR5aJg1k7JqU534T' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 28 Jan 2024 03:20:48 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
28931
x-cache
HIT, MISS, MISS
paypal-debug-id
f143360cba623
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4783
x-xss-protection
1; mode=block
x-served-by
cache-bur-kbur8200052-BUR, cache-yyz4565-YYZ, cache-yyz4565-YYZ
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f143360cba623-58877f26b2d98aa6-01
x-timer
S1706412048.975767,VS0,VE76
etag
W/"3680-eKb/g8LPGKsdo+RvgN43PNRgLUM"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=3600
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
4, 0, 0
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://trk.contentcraveclub.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
http://trk.contentcraveclub.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-length
0
date
Sun, 28 Jan 2024 03:20:48 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f92361628071a
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f92361628071a-d2dd6f9c24d787a6-01
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
MISS, MISS, MISS
x-cache-hits
0, 0, 0
x-content-type-options
nosniff
x-served-by
cache-bur-kbur8200077-BUR, cache-yyz4525-YYZ, cache-yyz4525-YYZ
x-timer
S1706412048.086883,VS0,VE115
logger
www.paypal.com/xoplatform/logger/api/ 		1019 B
927 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?intent=subscription&vault=true&client-id=AYFt9zBsIRkIB7FTd471nJxxSiqy4R_MN5ePtiPFgkTlFUczXVX_5vqnXgj_sIxnuL-WLSr2erOc70nL&disable-funding=credit,card
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ae80c285fcdf4ff323e2df0d39cadbfb142a4dafe5ed57b845d451f26458a1c0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
http://trk.contentcraveclub.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

date
Sun, 28 Jan 2024 03:20:48 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS, MISS, MISS
paypal-debug-id
f9236169066bb
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-bur-kbur8200046-BUR, cache-yyz4525-YYZ, cache-yyz4525-YYZ
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f9236169066bb-6b122cd07629cb8a-01
x-timer
S1706412048.223720,VS0,VE132
etag
W/"3fb-c1jF7oKUFDexgghF/23QRECU+ao"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
http://trk.contentcraveclub.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
x-cache-hits
0, 0, 0
muse.js
www.paypalobjects.com/muse/ 		55 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/muse.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=trk.contentcraveclub.com&t=xo&v=5.0.421&source=payments_sdk&client_id=AYFt9zBsIRkIB7FTd471nJxxSiqy4R_MN5ePtiPFgkTlFUczXVX_5vqnXgj_sIxnuL-WLSr2erOc70nL&disableSetCookie=true&vault=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://trk.contentcraveclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 03:20:48 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
log-origin
shield=SJC,src_ip=157.52.96.131,alternate_path=0,ip=157.52.96.81,port=443,name=shield_ssl_cache_sjc10081_SJC,status=200,reason=OK,method=GET,url="/muse/muse.js",host=www.paypalobjects.com
strict-transport-security
max-age=31557600
log-timing
fetch=62318,misspass=106,do_stream=0
x-cache
HIT, HIT
paypal-debug-id
3fd9c4a83a728
dc
ccg11-origin-www-1.paypal.com
content-length
15742
x-served-by
cache-sjc10081-SJC, cache-yyz4548-YYZ
last-modified
Fri, 01 Sep 2023 21:10:59 GMT
traceparent
00-00000000000000000003fd9c4a83a728-6a5561e0f3f2e3ff-01
x-timer
S1706412048.152759,VS0,VE0
etag
W/"64f25363-daa8"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits
21, 14779
ts
t.paypal.com/ 		42 B
541 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AL863VN6AZKU5N-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AL863VN6AZKU5N-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=b54d9d26-1f4e-4e3e-b29f-05c97804089e&fltp=analytics&mrid=L863VN6AZKU5N&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Content%20Crave&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1706412048079&g=600&completeurl=http%3A%2F%2Ftrk.contentcraveclub.com%2Floader_only.php%3Frc%3DR-CT-P-SC%26transaction_id%3D7B93BDF7-B976-8F91-8D6E-B43C97C747CA%26pl%3D891032761%26pc_session_id%3Dki0ai6fpus3s7bha3c9mopp8i3-25192%26sid%3Dki0ai6fpus3s7bha3c9mopp8i3-25192%26pc_synd_id%3Dgc_ccr_us_a1_sh293_pp_sbdeh2%26partner%3Dgc_ccr_us_a1_sh293_pp_sbdeh2&disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
http://trk.contentcraveclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Sun, 28 Jan 2024 03:20:48 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
fecd8ea1b499c
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-bur-kbur8200129-BUR, cache-yyz4522-YYZ
pragma
no-cache
correlation-id
fecd8ea1b499c
traceparent
00-0000000000000000000fecd8ea1b499c-c43040d3dec1189b-01
x-timer
S1706412048.149615,VS0,VE108
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Jan 2024 03:20:48 GMT
index.html
www.paypalobjects.com/muse/analytics/ Frame 7C07 		55 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/analytics/index.html
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
http://trk.contentcraveclub.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
s-maxage=31536000, public,max-age=3600
content-encoding
br
content-length
16039
content-type
text/html
date
Sun, 28 Jan 2024 03:20:48 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/"64f25363-dacc"
last-modified
Fri, 01 Sep 2023 21:10:59 GMT
log-origin
shield=SJC,src_ip=157.52.96.92,alternate_path=0,ip=157.52.96.107,port=443,name=shield_ssl_cache_sjc1000107_SJC,status=200,reason=OK,method=GET,url="/muse/analytics/index.html",host=www.paypalobjects.com
log-timing
fetch=75614,misspass=95,do_stream=0
paypal-debug-id
7d8e18e65f05e
strict-transport-security
max-age=31557600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
traceparent
00-00000000000000000007d8e18e65f05e-bff6b7eca9fa3c2d-01
vary
Accept-Encoding, Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-cache-hits
4, 15095
x-content-type-options
nosniff
x-served-by
cache-sjc1000107-SJC, cache-yyz4548-YYZ
x-timer
S1706412048.185809,VS0,VE0
noop.js
www.paypalobjects.com/muse/ Frame 7C07 		18 B
410 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/noop.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypalobjects.com/muse/analytics/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits
348, 15652
date
Sun, 28 Jan 2024 03:20:48 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
log-origin
shield=SJC,src_ip=157.52.96.145,alternate_path=0,ip=157.52.96.145,port=443,name=shield_ssl_cache_sjc1000145_SJC,status=200,reason=OK,method=GET,url="/muse/noop.js",host=www.paypalobjects.com
log-timing
fetch=61899,misspass=103,do_stream=0
x-cache
HIT, HIT
paypal-debug-id
7f4693eaf4cf1
dc
ccg11-origin-www-1.paypal.com
content-length
18
x-served-by
cache-sjc1000145-SJC, cache-yyz4548-YYZ
last-modified
Sat, 13 Feb 2021 00:26:56 GMT
traceparent
00-00000000000000000007f4693eaf4cf1-0dbd27aaa054f89f-01
x-timer
S1706412048.241154,VS0,VE0
etag
"60271cd0-12"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-client-location
US
ts
t.paypal.com/ 		42 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AL863VN6AZKU5N-1&page=muse%3Aoffer%3A%3A%3AL863VN6AZKU5N-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=b54d9d26-1f4e-4e3e-b29f-05c97804089e&es=visitorInfoFlowStarted&mrid=L863VN6AZKU5N&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Content%20Crave&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1706412048234&g=600&completeurl=http%3A%2F%2Ftrk.contentcraveclub.com%2Floader_only.php%3Frc%3DR-CT-P-SC%26transaction_id%3D7B93BDF7-B976-8F91-8D6E-B43C97C747CA%26pl%3D891032761%26pc_session_id%3Dki0ai6fpus3s7bha3c9mopp8i3-25192%26sid%3Dki0ai6fpus3s7bha3c9mopp8i3-25192%26pc_synd_id%3Dgc_ccr_us_a1_sh293_pp_sbdeh2%26partner%3Dgc_ccr_us_a1_sh293_pp_sbdeh2&disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
http://trk.contentcraveclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Sun, 28 Jan 2024 03:20:48 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
b274176a220ce
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-bur-kbur8200161-BUR, cache-yyz4522-YYZ
pragma
no-cache
correlation-id
b274176a220ce
traceparent
00-0000000000000000000b274176a220ce-72f58111c84db16e-01
x-timer
S1706412048.244097,VS0,VE86
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Jan 2024 03:20:48 GMT
graphql
www.paypal.com/targeting/ Frame 7C07 		435 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql?disableSetCookie=true
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
709c8070dd323d9b08a32356094ef8d0d07a8a77cf7ae74667932ea27afddab2
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-g6AkYoAw9MJ09iD6Ef8XEwZgKC3L0y+E2fIB721g+TjtHRNG' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypalobjects.com/
disable-set-cookie
true
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-g6AkYoAw9MJ09iD6Ef8XEwZgKC3L0y+E2fIB721g+TjtHRNG' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
disable-set-cookie
true
date
Sun, 28 Jan 2024 03:20:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS, MISS
paypal-debug-id
f92361638f1c2
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-bur-kbur8200099-BUR, cache-yyz4565-YYZ, cache-yyz4565-YYZ
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f92361638f1c2-bec03891a6001f18-01
x-timer
S1706412048.413173,VS0,VE188
etag
W/"1b3-ZwLqqqPZRmGmTzS2nLdTxhNvPVE"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0, 0
graphql
www.paypal.com/targeting/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,disable-set-cookie
Access-Control-Request-Method
POST
Origin
https://www.paypalobjects.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type,disable-set-cookie
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Sun, 28 Jan 2024 03:20:48 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f923616142617
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f923616142617-3f79f501ca11e6c4-01
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
MISS, MISS, MISS
x-cache-hits
0, 0, 0
x-served-by
cache-bur-kbur8200036-BUR, cache-yyz4525-YYZ, cache-yyz4525-YYZ
x-timer
S1706412048.268553,VS0,VE123

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| assets_domain string| bckLink string| fbckLink function| $ function| jQuery object| Logger function| warn function| error string| baseUrl object| warn_log function| _warn_log object| error_log function| _erro_log function| setCookie function| getCookie function| eraseCookie function| RespondToVisibility function| stattag function| responsive_image object| settings string| log_cat string| fallback_link object| data function| reshowBtn function| approvedHandler function| answerReject function| checkTerms function| doExit function| _setVisit string| url object| btn_settings string| card boolean| duplicate object| script object| __post_robot_11_0_0___uid_cifdmugioefvwwiisgxhfhvbmwrjhj object| paypal object| __zoid_10_3_3___uid_cifdmugioefvwwiisgxhfhvbmwrjhj object| plans function| callPPbutton object| paypalDDL string| PaypalOffersObject function| ppq object| __post_robot_10_0_44__ object| PAYPAL

2 Cookies

Domain/Path Name / Value
trk.contentcraveclub.com/ Name: PHPSESSID
Value: ki0ai6fpus3s7bha3c9mopp8i3-25192
trk.contentcraveclub.com/ Name: visit
Value: {"1706412046068":{"pl":"891032761"}}

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets.contentcraveclub.com
fonts.googleapis.com
fonts.gstatic.com
t.paypal.com
trk.contentcraveclub.com
www.paypal.com
www.paypalobjects.com
151.101.193.21
151.101.194.133
151.101.65.35
2606:4700:3034::ac43:c4fa
2607:f8b0:4004:c06::5e
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c17::5f
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
097dd93f18c03a77a9d17a84f5c0fbdb4939a1ad042488eb9145cec08aa08bb1
15f7a1c57aec093cce12823425b4f416846fe9bb0d2480fe2c52e4af78158913
17abf5f73ccacef2b578dc7096f821ebb68e2801e2dcfd9b58fd8ecac61547bf
1e225c2742bfadc91078ecc40c27d52ffd20be7309856ee4187311d993c18100
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
290b1a4f50d2b5d32b9d8bcb6f8369e9bca2372da8604d320903ec8a9cdc058a
35f9c971d054b6edfbcfdc1737a25c13f805301aeac818b66a85f03dd2b587dc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6e46ec4652f5823a027eca6394e0923e862a279a4efa55feb0da8cf3fc824178
709c8070dd323d9b08a32356094ef8d0d07a8a77cf7ae74667932ea27afddab2
7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03
75fda61b6fe4483c08c1f1d8f05876d6a2d96788104900b50fed574c37cf3652
77bdc7fd849a25672e3c844617cd1a64e9141db0b884fab0291b27af3934973c
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7edecdbd869f64ec3ec3b09ad60f1735d37b04664bbad566dda002f2b5a02fea
8c31d47d6b534d498ac371db845daa54f6df262a64ed66ae54b980fc74b4acf2
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
a06c226f4422b3e67bfc1c90c2703681c7e06c4848aaf9d315f2832465c3cd9f
ae80c285fcdf4ff323e2df0d39cadbfb142a4dafe5ed57b845d451f26458a1c0
c0e5ffc7a359a7722e862c83fad9f327f5fe0def1e883f9ad130c4b8d6e616ce
d3ca1a0ab914bc37f6ad9988cfe3485fd53ceee4def137407f25945b6fe336fe
e5d772f4fe68a4b80d66af20549fb2e1d1058cbf17f8fb12c8c9e1be19595bb8
e7e3b689b4fad4bdc165bafc6668da22c0e2152a2730aa41f47b48b29d5efb8a
f22a214e615231371ab3dc9671a368b2eb11fa290f92a3e37cef0ff8667a9157
f236496b894ce450a0f4b51fd4d37da6a43af0bbaf87251f8d63b5347233eeee
f6014c729a0dd2b19d654e1fd7b29baf903cb15b12203af22481e53aba8e8fff