claim.realxtop.com Open in urlscan Pro
2606:4700:3033::ac43:a899 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://claim.realxtop.com/
Submission: On November 28 via automatic, source certstream-suspicious (November 28th 2024, 12:02:24 am UTC) — Scanned from US

Summary HTTP 55 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 10 IPs in 1 countries across 8 domains to perform 55 HTTP transactions. The main IP is 2606:4700:3033::ac43:a899, located in United States and belongs to CLOUDFLARENET, US. The main domain is claim.realxtop.com.
TLS certificate: Issued by WE1 on October 19th 2024. Valid for: 3 months.

This is the only time claim.realxtop.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 29	2606:4700:303... 2606:4700:3033::ac43:a899	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:81e::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
3	2607:f8b0:400... 2607:f8b0:4006:80b::2003	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:822::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81f::2004	15169 (GOOGLE) (GOOGLE)
55	10

29 2606:4700:3033::ac43:a899 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

claim.realxtop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80b::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:81e::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80b::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:809::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::2002 (United States)

ASN15169 (GOOGLE, US)

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:822::2001 (United States)

ASN15169 (GOOGLE, US)

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	realxtop.com 1 redirects claim.realxtop.com	16 MB
8	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	5 KB
4	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110	197 KB
3	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 389 ep2.adtrafficquality.google — Cisco Umbrella Rank: 403	20 KB
3	gstatic.com fonts.gstatic.com	781 KB
1	google.com www.google.com — Cisco Umbrella Rank: 3
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 847	30 KB
55	8

	Domain	Requested by
29	claim.realxtop.com	1 redirects claim.realxtop.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com
5	fonts.googleapis.com	claim.realxtop.com pagead2.googlesyndication.com
4	pagead2.googlesyndication.com	claim.realxtop.com pagead2.googlesyndication.com
3	fonts.gstatic.com	fonts.googleapis.com
2	ep2.adtrafficquality.google	pagead2.googlesyndication.com ep2.adtrafficquality.google
1	www.google.com	ep2.adtrafficquality.google
1	ep1.adtrafficquality.google	pagead2.googlesyndication.com
1	code.jquery.com	claim.realxtop.com
55	9

This site contains links to these domains. Also see Links.

Domain
silkthemes.com

Subject Issuer	Validity	Valid
realxtop.com WE1	`2024-10-19` - `2025-01-17`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
adtrafficquality.google WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://claim.realxtop.com/
Frame ID: 1EDF2E4BB9047673865CC95588292CD5
Requests: 44 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html
Frame ID: 4E36A73395740CAADE9CA3375CC5178B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4043717343592700&output=html&adk=3046330955&adf=2044148826&abgtt=6&lmt=1732752135&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fclaim.realxtop.com%2F&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732752134499&bpp=1122&bdt=97&idt=1248&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=594953398295&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088956%2C95345966%2C95347755%2C95340252%2C95340254&oid=2&pvsid=290082571947748&tmod=264094844&uas=0&nvt=1&fsapi=1&fc=1920&brdim=460%2C460%2C460%2C460%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=1306
Frame ID: C7DCEF9FF1B1D36E505EB912D98E4182
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4043717343592700&output=html&h=280&adk=2546017024&adf=357733869&w=349&abgtt=6&fwrn=4&fwrnh=100&lmt=1732752136&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4152030555&ad_type=text_image&format=349x280&url=https%3A%2F%2Fclaim.realxtop.com%2F&fwr=0&pra=3&rh=291&rw=349&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732752136002&bpp=3&bdt=1599&idt=-M&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=594953398295&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=617&ady=1388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088956%2C95345966%2C95347755%2C95340252%2C95340254&oid=2&pvsid=290082571947748&tmod=264094844&uas=0&nvt=1&fc=1408&brdim=460%2C460%2C460%2C460%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=15
Frame ID: E217911A472961AC2F706E3BC8D6E81F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4043717343592700&output=html&h=280&adk=2546017024&adf=769442599&w=349&abgtt=6&fwrn=4&fwrnh=100&lmt=1732752136&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4152030555&ad_type=text_image&format=349x280&url=https%3A%2F%2Fclaim.realxtop.com%2F&fwr=0&pra=3&rh=291&rw=349&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732752136002&bpp=1&bdt=1600&idt=-M&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C349x280&nras=3&correlator=594953398295&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=206&ady=3018&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088956%2C95345966%2C95347755%2C95340252%2C95340254&oid=2&pvsid=290082571947748&tmod=264094844&uas=0&nvt=1&fc=1408&brdim=460%2C460%2C460%2C460%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=63
Frame ID: 727559E61A6AC68AE71207780229E58E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4043717343592700&output=html&h=280&adk=2546017024&adf=2637655273&w=349&abgtt=6&fwrn=4&fwrnh=100&lmt=1732752136&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4152030555&ad_type=text_image&format=349x280&url=https%3A%2F%2Fclaim.realxtop.com%2F&fwr=0&pra=3&rh=291&rw=349&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732752136002&bpp=2&bdt=1600&idt=2&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C349x280%2C349x280&nras=4&correlator=594953398295&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=206&ady=3987&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088956%2C95345966%2C95347755%2C95340252%2C95340254&oid=2&pvsid=290082571947748&tmod=264094844&uas=0&nvt=1&fc=1408&brdim=460%2C460%2C460%2C460%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=72
Frame ID: 9A64F654FB607D38302F77622E78A089
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4043717343592700&output=html&h=280&adk=2546017024&adf=4053216246&w=349&abgtt=6&fwrn=4&fwrnh=100&lmt=1732752136&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4152030555&ad_type=text_image&format=349x280&url=https%3A%2F%2Fclaim.realxtop.com%2F&fwr=0&pra=3&rh=291&rw=349&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732752136006&bpp=1&bdt=1604&idt=1&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deff0e1caab4be0ba%3AT%3D1732752136%3ART%3D1732752136%3AS%3DALNI_MYL5ErTjHsVMDa3UUWTj6nk6_wTqQ&gpic=UID%3D00000db3ad531772%3AT%3D1732752136%3ART%3D1732752136%3AS%3DALNI_MZw_kkcfdEaipKpxNtt1StRgPD2sA&eo_id_str=ID%3D8542515bcfc2e748%3AT%3D1732752136%3ART%3D1732752136%3AS%3DAA-Afjb4zan_2bS73kd-BqYNMylL&prev_fmts=0x0%2C349x280%2C349x280%2C349x280&nras=5&correlator=594953398295&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=206&ady=4676&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088956%2C95345966%2C95347755%2C95340252%2C95340254&oid=2&pvsid=290082571947748&tmod=264094844&uas=0&nvt=1&fc=1408&brdim=460%2C460%2C460%2C460%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=205
Frame ID: 0944B8C26F5363E94319C8D32D3B1200
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4043717343592700&output=html&h=280&adk=2546017024&adf=1715948754&w=349&abgtt=6&fwrn=4&fwrnh=100&lmt=1732752136&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4152030555&ad_type=text_image&format=349x280&url=https%3A%2F%2Fclaim.realxtop.com%2F&fwr=0&pra=3&rh=291&rw=349&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732752136009&bpp=1&bdt=1606&idt=1&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deff0e1caab4be0ba%3AT%3D1732752136%3ART%3D1732752136%3AS%3DALNI_MYL5ErTjHsVMDa3UUWTj6nk6_wTqQ&gpic=UID%3D00000db3ad531772%3AT%3D1732752136%3ART%3D1732752136%3AS%3DALNI_MZw_kkcfdEaipKpxNtt1StRgPD2sA&eo_id_str=ID%3D8542515bcfc2e748%3AT%3D1732752136%3ART%3D1732752136%3AS%3DAA-Afjb4zan_2bS73kd-BqYNMylL&prev_fmts=0x0%2C349x280%2C349x280%2C349x280%2C349x280&nras=6&correlator=594953398295&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=617&ady=4676&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088956%2C95345966%2C95347755%2C95340252%2C95340254&oid=2&pvsid=290082571947748&tmod=264094844&uas=0&nvt=1&fc=1408&brdim=460%2C460%2C460%2C460%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=6&uci=a!6&btvi=5&fsb=1&dtd=225
Frame ID: 01E769CA7BF6BB9C12D7DBEC416B79F4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4043717343592700&output=html&h=280&adk=1240698031&adf=2486143480&pi=t.aa~a.1990178072~rp.1&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1732752136&rafmt=1&to=qs&pwprc=4152030555&format=1200x280&url=https%3A%2F%2Fclaim.realxtop.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732752136158&bpp=2&bdt=1755&idt=2&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deff0e1caab4be0ba%3AT%3D1732752136%3ART%3D1732752136%3AS%3DALNI_MYL5ErTjHsVMDa3UUWTj6nk6_wTqQ&gpic=UID%3D00000db3ad531772%3AT%3D1732752136%3ART%3D1732752136%3AS%3DALNI_MZw_kkcfdEaipKpxNtt1StRgPD2sA&eo_id_str=ID%3D8542515bcfc2e748%3AT%3D1732752136%3ART%3D1732752136%3AS%3DAA-Afjb4zan_2bS73kd-BqYNMylL&prev_fmts=0x0%2C349x280%2C349x280%2C349x280%2C349x280%2C349x280&nras=7&correlator=594953398295&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088956%2C95345966%2C95347755%2C95340252%2C95340254&oid=2&pvsid=290082571947748&tmod=264094844&uas=0&nvt=1&fc=1920&brdim=460%2C460%2C460%2C460%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=7&uci=a!7&btvi=6&fsb=1&dtd=206
Frame ID: 327D2EDC46743D371DF3E22699E7401E
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 3C18923A222DDB4A06D4F75FDB0032DE
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 35AC26560248405826B6EB89570AD0E1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

claim.realxtop.com

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

55
Requests

95 %
HTTPS

100 %
IPv6

8
Domains

9
Subdomains

10
IPs

1
Countries

17488 kB
Transfer

18545 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://silkthemes.com/
Title: Theme by Silk Themes

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://claim.realxtop.com/favicon.ico HTTP 302
https://claim.realxtop.com/wp-includes/images/w-logo-blue-white-bg.png

55 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
claim.realxtop.com/ 90 KB
13 KB 757ms
723ms Document
text/html 2606:4700:3033::ac43:a899
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://claim.realxtop.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a899 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76a0c5a866353d25c4369a141e248c7b695d60fe334ae7f149ea454a4588bdcc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8e961683793743bc-EWR
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Thu, 28 Nov 2024 00:02:14 GMT
link: <https://claim.realxtop.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S0iwYdQ%2Bir6hfxeFCgRRy4tNdMX0m40LIo1kd%2FPHenV1ZoV4oxg5RTPznEDBjFo7brzavJsxsejH2MXS9Vu1Xw1MORxgigmZY1B3B31eMEOiOkOTaSmd0JjI3tflP1fy%2FLGKjdHCaMIs0Jro4A429R8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=2061&min_rtt=1986&rtt_var=366&sent=8&recv=13&lost=0&retrans=0&sent_bytes=4012&recv_bytes=2322&delivery_rate=1897142&cwnd=254&unsent_bytes=0&cid=952c2f8ce6af8522&ts=732&x=0"
vary: Accept-Encoding
x-litespeed-cache: hit

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 160 KB
53 KB 51ms
27ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4043717343592700

Requested by

Host: claim.realxtop.com
URL: https://claim.realxtop.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03f212488dc66cdb0e665645471413c39fd4b0cac528fc436e28377cfed7c7d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://claim.realxtop.com
Referer: https://claim.realxtop.com/

Response headers

content-encoding: br
etag: 16092505017548771690
x-content-type-options: nosniff
expires: Thu, 28 Nov 2024 00:02:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 28 Nov 2024 00:02:14 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53732
x-xss-protection: 0
server: cafe

GET
H2 200 style.min.css
claim.realxtop.com/wp-includes/css/dist/block-library/ 112 KB
17 KB 729ms
711ms Stylesheet
text/css 2606:4700:3033::ac43:a899
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://claim.realxtop.com/wp-includes/css/dist/block-library/style.min.css?ver=6.7.1
Requested by: Host: claim.realxtop.com
URL: https://claim.realxtop.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a899 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://claim.realxtop.com/

Response headers

cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"1c012-673ea8bc-5f7765;br"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fumnZd7P4ECCTlCESa6EZQuQ2p%2BxNL6XHnEi9DBcu7y%2FOuHqmFDJNTlrAuZc9r5S3EtshWSB5L%2BTP411mp9TANFVe6YHb7x8ipHokNHw%2BYC4WWEaIjEdDFpJYmmDxb%2Ffb86hb28l9oDDF%2F5bXokBIwM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e9616882a4343bc-EWR
expires: Thu, 05 Dec 2024 00:02:14 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2303&min_rtt=1986&rtt_var=156&sent=43&recv=57&lost=0&retrans=0&sent_bytes=31063&recv_bytes=3495&delivery_rate=7842519&cwnd=257&unsent_bytes=0&cid=952c2f8ce6af8522&ts=1474&x=0"
date: Thu, 28 Nov 2024 00:02:15 GMT
content-type: text/css
last-modified: Thu, 21 Nov 2024 03:27:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 newspaperss.min.css
claim.realxtop.com/wp-content/themes/newspaperss/css/ 149 KB
24 KB 947ms
931ms Stylesheet
text/css 2606:4700:3033::ac43:a899
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://claim.realxtop.com/wp-content/themes/newspaperss/css/newspaperss.min.css?ver=1.0
Requested by: Host: claim.realxtop.com
URL: https://claim.realxtop.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a899 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 077dfd9a39946d218e3052428a9281909f7ae77142e35f2b3e9eeb60a0bf4b2c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://claim.realxtop.com/

Response headers

cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"25208-673f0270-5fb82d;br"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AtXzqcI4FJWam3e7ykKUcMSbZDGowoRnaVabKP8kvShQimg8UMSaEn8%2Fz8Y8Q4YvjS2AciAOBHu%2BlwtUWFYHOZjDb9DMvbEdVW1gtthtwibxsNC0uuPrsQ4VSxI%2BRc%2FkxSNWc2CHdzaGVFxEKNLMSEU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e9616882a4443bc-EWR
expires: Thu, 05 Dec 2024 00:02:14 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2286&min_rtt=1986&rtt_var=167&sent=82&recv=66&lost=0&retrans=0&sent_bytes=70075&recv_bytes=3495&delivery_rate=11434194&cwnd=257&unsent_bytes=0&cid=952c2f8ce6af8522&ts=1695&x=0"
date: Thu, 28 Nov 2024 00:02:15 GMT
content-type: text/css
last-modified: Thu, 21 Nov 2024 09:50:40 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 font-awesome.min.css
claim.realxtop.com/wp-content/themes/newspaperss/fonts/awesome/css/ 30 KB
8 KB 700ms
685ms Stylesheet
text/css 2606:4700:3033::ac43:a899
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://claim.realxtop.com/wp-content/themes/newspaperss/fonts/awesome/css/font-awesome.min.css?ver=1
Requested by: Host: claim.realxtop.com
URL: https://claim.realxtop.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a899 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://claim.realxtop.com/

Response headers

cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"791c-673f0270-5fb831;br"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dPIcSoYnrYBNscBRv%2FmTuE4wBuxl3VZozgp1gc7ef7dR0DChVH%2B5lR30sJs1g30GM2DcGQAWIPiIyi2qnBZww9kUXyKNwiApmrF29xOBBEc49PCMr74kZVutdYubBjNwnzoVUOqelgNCjG%2FSJmjfqm4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e9616882a4543bc-EWR
expires: Thu, 05 Dec 2024 00:02:14 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2281&min_rtt=1986&rtt_var=77&sent=29&recv=39&lost=0&retrans=0&sent_bytes=20065&recv_bytes=3495&delivery_rate=7842519&cwnd=257&unsent_bytes=0&cid=952c2f8ce6af8522&ts=1448&x=0"
date: Thu, 28 Nov 2024 00:02:15 GMT
content-type: text/css
last-modified: Thu, 21 Nov 2024 09:50:40 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 26 KB
3 KB 52ms
23ms Stylesheet
text/css 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu%3A400%2C500%2C700%7CLato%3A400%2C700%2C400italic%2C700italic%7COpen+Sans%3A400%2C400italic%2C700&subset=latin%2Clatin-ext

Requested by

Host: claim.realxtop.com
URL: https://claim.realxtop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0bda9bbe55ab1abe41931337ee8b95e4b955b7807e3c2ab994c14384b8155681

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://claim.realxtop.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 28 Nov 2024 00:02:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 00:02:14 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 28 Nov 2024 00:02:14 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 style.css
claim.realxtop.com/wp-content/themes/advance-news/ 7 KB
3 KB 711ms
697ms Stylesheet
text/css 2606:4700:3033::ac43:a899
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://claim.realxtop.com/wp-content/themes/advance-news/style.css?ver=1.1.0
Requested by: Host: claim.realxtop.com
URL: https://claim.realxtop.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a899 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86bd2fe14ff59779cb9809ee881ed32a64a35ecc228a2760f239e9acd31131e3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://claim.realxtop.com/

Response headers

cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"1c94-673f026e-5fb742;br"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tqWMKsOp%2Bd2id54AZA9ANbL311incbfJBKWN7GFfxtl%2BfoYJhDRM0DqUwGTIRoWOsGOUcUTklVdrngVR7bkvk4pvm2u2dKXk5fuF2Z0iDv0uUWfE8RN0wxf9mlGPJopQOnLDu0ctN7rD5Ey8m06Pdck%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e9616882a4943bc-EWR
expires: Thu, 05 Dec 2024 00:02:14 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2470&min_rtt=1986&rtt_var=133&sent=39&recv=53&lost=0&retrans=0&sent_bytes=28074&recv_bytes=3495&delivery_rate=7842519&cwnd=257&unsent_bytes=0&cid=952c2f8ce6af8522&ts=1460&x=0"
date: Thu, 28 Nov 2024 00:02:15 GMT
content-type: text/css
last-modified: Thu, 21 Nov 2024 09:50:38 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 style.css
claim.realxtop.com/wp-content/themes/newspaperss/ 87 KB
18 KB 725ms
713ms Stylesheet
text/css 2606:4700:3033::ac43:a899
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://claim.realxtop.com/wp-content/themes/newspaperss/style.css?ver=6.7.1
Requested by: Host: claim.realxtop.com
URL: https://claim.realxtop.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a899 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5124f252f01c95561fd1f626f128b69136476124cf64648c3bddddb15701492

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://claim.realxtop.com/

Response headers

cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"15b69-673f0270-5fba13;br"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uo%2BrgE4OVDDvtmSkUp%2FVOlkVGuHDKbtmN%2B88pQYlKBdchHCI8l41Lln66r7JOaFVU67%2F76X6e2fRsmTKhNLyv%2Bia0H23BnQcsXWvCvYVwXw1xWAj0udYXeECo8AXhFRBuLdiDyQwnP%2FMe9TXrba%2FHBs%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e9616882a4b43bc-EWR
expires: Thu, 05 Dec 2024 00:02:14 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2303&min_rtt=1986&rtt_var=156&sent=61&recv=57&lost=0&retrans=0&sent_bytes=48663&recv_bytes=3495&delivery_rate=7842519&cwnd=257&unsent_bytes=0&cid=952c2f8ce6af8522&ts=1476&x=0"
date: Thu, 28 Nov 2024 00:02:15 GMT
content-type: text/css
last-modified: Thu, 21 Nov 2024 09:50:40 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 style.css
claim.realxtop.com/wp-content/themes/advance-news/ 7 KB
3 KB 763ms
750ms Stylesheet
text/css 2606:4700:3033::ac43:a899
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://claim.realxtop.com/wp-content/themes/advance-news/style.css?ver=1.0.0
Requested by: Host: claim.realxtop.com
URL: https://claim.realxtop.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a899 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86bd2fe14ff59779cb9809ee881ed32a64a35ecc228a2760f239e9acd31131e3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://claim.realxtop.com/

Response headers

cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"1c94-673f026e-5fb742;br"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hmx1lcWz29p1zaHkRbFSUbbpZdwHYJqHFI%2FWnymt3ng30LNVKZhY7d9eimjAL0kUi1jEzyRHMHLNJT0jfX04nnkCetoPnDczVZFj4NiTHVA%2Fbcss0yLarS8BofQATfjlY5kw1pQI%2FT%2F64CoOgjn%2BTiY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e9616882a4e43bc-EWR
expires: Thu, 05 Dec 2024 00:02:14 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2410&min_rtt=1986&rtt_var=156&sent=78&recv=62&lost=0&retrans=0&sent_bytes=67124&recv_bytes=3495&delivery_rate=11434194&cwnd=257&unsent_bytes=0&cid=952c2f8ce6af8522&ts=1513&x=0"
date: Thu, 28 Nov 2024 00:02:15 GMT
content-type: text/css
last-modified: Thu, 21 Nov 2024 09:50:38 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 24ms
3ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: claim.realxtop.com
URL: https://claim.realxtop.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://claim.realxtop.com/

Response headers

content-encoding: gzip
etag: W/"28feccc0-15d9d"
age: 1275425
x-cache: HIT
date: Thu, 28 Nov 2024 00:02:14 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits: 180521
x-served-by: cache-lga21972-LGA
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1732752134.436284,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30875
server: nginx

GET
H2 200 newspaperss.min.js Show response
claim.realxtop.com/wp-content/themes/newspaperss/js/ 3 KB
2 KB 693ms
682ms Script
text/javascript 2606:4700:3033::ac43:a899
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://claim.realxtop.com/wp-content/themes/newspaperss/js/newspaperss.min.js?ver=1
Requested by: Host: claim.realxtop.com
URL: https://claim.realxtop.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a899 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b4f9d14c07fcb7e61e1aaee43c746bc88dfc1e16eca20a9f4f0724721e30913

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://claim.realxtop.com/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"cdf-673f0270-5fb9ff;br"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oqcvZLHzFs4HcHEpLbzBHfqc%2FK%2FED6I%2BqrKMja7VW5ZrA4a5nCB87%2B3AYlY6IjpGAgFCDJThMLI64c2DiN%2B48Hb1myu8EvN9070FZpa0%2BLNXjlnNDC7fTUGJi08SKehAMUaykvmtEi7QEIyftMh51d4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e9616882a5143bc-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2281&min_rtt=1986&rtt_var=77&sent=25&recv=39&lost=0&retrans=0&sent_bytes=18074&recv_bytes=3495&delivery_rate=7842519&cwnd=257&unsent_bytes=0&cid=952c2f8ce6af8522&ts=1446&x=0"
date: Thu, 28 Nov 2024 00:02:15 GMT
content-type: text/javascript
last-modified: Thu, 21 Nov 2024 09:50:40 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 newspaperss_other.min.js Show response
claim.realxtop.com/wp-content/themes/newspaperss/js/ 220 KB
59 KB 1156ms
1146ms Script
text/javascript 2606:4700:3033::ac43:a899
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://claim.realxtop.com/wp-content/themes/newspaperss/js/newspaperss_other.min.js?ver=1
Requested by: Host: claim.realxtop.com
URL: https://claim.realxtop.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a899 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 663e5684a7acd3bbe38304a9420b104f3ea052acd60564c40b86185ff1779885

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://claim.realxtop.com/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"3714c-673f0270-5fba01;br"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KVBApq08FwACMP09GtAaTfcybAu8zppDZiazR3RzdMjEI7LK2FskaWqac7r0pB59ww90BavM3QJh85jj8T%2F9tDfF3N%2FzgIlCB7IB%2Fa8cmMcwJcAFCgxga4L9lVX3Aq4jcC8jEj%2FZrpjbedL3LQZoNnY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e9616882a5443bc-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=3111&min_rtt=1986&rtt_var=247&sent=104&recv=88&lost=0&retrans=0&sent_bytes=95193&recv_bytes=3495&delivery_rate=11434194&cwnd=257&unsent_bytes=0&cid=952c2f8ce6af8522&ts=1909&x=0"
date: Thu, 28 Nov 2024 00:02:15 GMT
content-type: text/javascript
last-modified: Thu, 21 Nov 2024 09:50:40 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 featured-image-1732182552-1-768x768.png
claim.realxtop.com/wp-content/uploads/2024/11/ 708 KB
710 KB 1326ms
1316ms Image
image/png 2606:4700:3033::ac43:a899
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claim.realxtop.com/wp-content/uploads/2024/11/featured-image-1732182552-1-768x768.png
Requested by: Host: claim.realxtop.com
URL: https://claim.realxtop.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a899 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64a1b1cac5de46ff257f3864fd0e2f7e679a7ba29920fb8d534710e391285b77

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://claim.realxtop.com/

Response headers

cf-cache-status: MISS
etag: "b10bf-673f0219-5fb6fb;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=32JvBeBjvxdXwkXiMDPZBv9e%2BxTmEsKe8jF7dTl%2F61MAMH26nghVaOTenPhiDfcU7YVYdObavB%2FQ%2BtqTvPOPeQRw1kxlWkaZfwzoB8%2BvfDmcRc9o2pigRobWU7x9AD%2BXp8DSA%2FEtCNQQ18Vr3W3REiU%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 05 Dec 2024 00:02:14 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2928&min_rtt=1986&rtt_var=55&sent=183&recv=167&lost=0&retrans=0&sent_bytes=186715&recv_bytes=3495&delivery_rate=14667799&cwnd=257&unsent_bytes=0&cid=952c2f8ce6af8522&ts=2079&x=0"
date: Thu, 28 Nov 2024 00:02:15 GMT
content-type: image/png
last-modified: Thu, 21 Nov 2024 09:49:13 GMT
vary: Accept-Encoding
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e9616882a5743bc-EWR
accept-ranges: bytes
content-length: 725183
server: cloudflare

GET
H2 200 featured-image-1732182525-1-768x768.png
claim.realxtop.com/wp-content/uploads/2024/11/ 691 KB
692 KB 1298ms
1289ms Image
image/png 2606:4700:3033::ac43:a899
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claim.realxtop.com/wp-content/uploads/2024/11/featured-image-1732182525-1-768x768.png
Requested by: Host: claim.realxtop.com
URL: https://claim.realxtop.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a899 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c95729d4b2559b2aa5da16fecac8807258737e3f8e9132e537302934610be652

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://claim.realxtop.com/

Response headers

cf-cache-status: MISS
etag: "aca8f-673f01ff-5fb6e4;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eFv%2BwHKN%2BhEPK8B2F27yjJrqbxk7UTs9mWHO40Gi8U6uUpvIGOUDjNnxmM5pQDSfThrYdVneXxpUAGb1IC49xYHI8F%2BIlVP7jb9EZLmSzs3C%2FyUYjSOUIhc4Jwz3vPIXPiLMJSlkf%2FXLj%2B81Vqf7C5U%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 05 Dec 2024 00:02:14 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=4283&min_rtt=1986&rtt_var=90&sent=156&recv=140&lost=0&retrans=0&sent_bytes=155527&recv_bytes=3495&delivery_rate=14667799&cwnd=257&unsent_bytes=0&cid=952c2f8ce6af8522&ts=2053&x=0"
date: Thu, 28 Nov 2024 00:02:15 GMT
content-type: image/png
last-modified: Thu, 21 Nov 2024 09:48:47 GMT
vary: Accept-Encoding
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e9616882a5a43bc-EWR
accept-ranges: bytes
content-length: 707215
server: cloudflare

GET
H2 200 featured-image-1732182552-1.png
claim.realxtop.com/wp-content/uploads/2024/11/ 1 MB
1 MB 1370ms
1363ms Image
image/png 2606:4700:3033::ac43:a899
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claim.realxtop.com/wp-content/uploads/2024/11/featured-image-1732182552-1.png
Requested by: Host: claim.realxtop.com
URL: https://claim.realxtop.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a899 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fbf23785d861faaaefb67b2a53376c0550b53ff3cb1c52aa28533ae250fb300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://claim.realxtop.com/

Response headers

cf-cache-status: MISS
etag: "16435a-673f0217-5fb6f9;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XqazPFMYBZsCrmwjMN3XP9qrc1HWq45AmvvTJst9iJ4EIEKLXKNY6m2F11jD9M5%2B%2B77uuRAL%2Fm9Hd%2FiPMA7jw6jHF2sBiLu2VixEmAioC6AklodRCQabVqs9LjqfuILihVMrpTHeyusTcMKl6ftsGV8%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 05 Dec 2024 00:02:14 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=3026&min_rtt=1986&rtt_var=168&sent=208&recv=192&lost=0&retrans=0&sent_bytes=217899&recv_bytes=3495&delivery_rate=14667799&cwnd=257&unsent_bytes=0&cid=952c2f8ce6af8522&ts=2125&x=0"
date: Thu, 28 Nov 2024 00:02:15 GMT
content-type: image/png
last-modified: Thu, 21 Nov 2024 09:49:11 GMT
vary: Accept-Encoding
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e9616882a5c43bc-EWR
accept-ranges: bytes
content-length: 1459034
server: cloudflare

GET
H3 200 featured-image-1732182525-1.png
claim.realxtop.com/wp-content/uploads/2024/11/ 1 MB
1 MB 1258ms
1257ms Image
image/png 2606:4700:3033::ac43:a899
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claim.realxtop.com/wp-content/uploads/2024/11/featured-image-1732182525-1.png
Requested by: Host: claim.realxtop.com
URL: https://claim.realxtop.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a899 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cb6545eef4a52b5ef3c826d117ceae6cfae5885525950e1dfbfce6afc5979c2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://claim.realxtop.com/

Response headers

cf-cache-status: MISS
etag: "17d23f-673f01fd-5fb6e2;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c0voTJxi%2FybkUeqO5W2oV%2FygcatE2MvFbDsuWxCicLBlQR8RQkbBpzgBCiDH3NYOjYaU9zePa4oh7zOJO6qXaNEmYVNYXZuJsRVwmXh07l3ufvjUCONlCOnmsVjLPktiaSZMsC6AaR2sOocP9EmZoPU%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 05 Dec 2024 00:02:16 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2883&min_rtt=2313&rtt_var=312&sent=231&recv=81&lost=0&retrans=0&sent_bytes=254389&recv_bytes=12135&delivery_rate=12378682&cwnd=88800&unsent_bytes=0&cid=35ac6433127d7c1c&ts=2439&x=1", cfHdrFlush;dur=0
date: Thu, 28 Nov 2024 00:02:16 GMT
content-type: image/png
last-modified: Thu, 21 Nov 2024 09:48:45 GMT
vary: Accept-Encoding
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e96168f7dcac475-EWR
accept-ranges: bytes
content-length: 1561151
server: cloudflare

GET
H3 200 featured-image-1732182498-1.png
claim.realxtop.com/wp-content/uploads/2024/11/ 2 MB
2 MB 1256ms
1252ms Image
image/png 2606:4700:3033::ac43:a899
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claim.realxtop.com/wp-content/uploads/2024/11/featured-image-1732182498-1.png
Requested by: Host: claim.realxtop.com
URL: https://claim.realxtop.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a899 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d0fe2f19fa22a2fab11d033b43d9c6aa6bfb6e7b2682824a662cbf036f660fa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://claim.realxtop.com/

Response headers

cf-cache-status: MISS
etag: "1b020c-673f01e2-5fb6ca;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ckBxkdEuMpYbrrVessKr%2F1dm4Yb%2FoipIxHBv1435s%2FRBgIpFqCn58CAziLLpyP5G1tqoZBq3MCrFPsI72p5TA73tj3ksPzEnAG2UNhdIlrA%2BpElRPlgksh5%2FrMS5v%2FKD64%2FB7mckPH4GaZDCK7v6QbE%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 05 Dec 2024 00:02:16 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2904&min_rtt=2313&rtt_var=359&sent=204&recv=80&lost=0&retrans=0&sent_bytes=222506&recv_bytes=12089&delivery_rate=9318665&cwnd=88800&unsent_bytes=0&cid=35ac6433127d7c1c&ts=2438&x=1", cfHdrFlush;dur=0
date: Thu, 28 Nov 2024 00:02:16 GMT
content-type: image/png
last-modified: Thu, 21 Nov 2024 09:48:18 GMT
vary: Accept-Encoding
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e96168f8dd2c475-EWR
accept-ranges: bytes
content-length: 1769996
server: cloudflare

GET
H3 200 featured-image-1732182475-1.png
claim.realxtop.com/wp-content/uploads/2024/11/ 3 KB
4 KB 699ms
696ms Image
image/png 2606:4700:3033::ac43:a899
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claim.realxtop.com/wp-content/uploads/2024/11/featured-image-1732182475-1.png
Requested by: Host: claim.realxtop.com
URL: https://claim.realxtop.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a899 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79238174f0b3e2441720c46339b8cce2c8be2c19a1507831e726b51b8bbe3b82

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://claim.realxtop.com/

Response headers

cf-cache-status: MISS
etag: "c39-673f01cb-5fb6bb;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c5a%2F6dhZ%2FnA8Sa2JyqPHxFIzsHq7Lb2x71wK56N%2FQzr05tXdwKyeWf0ELEomMbLTGqtRWHLU5FceVJyZ4gZQ6A3nF6gsHngO2XEhJ2f7NfquZWWL9XFxz5jlQ1k3sc6KpgmfGxHk%2BKdlNy24nbGNSoA%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 05 Dec 2024 00:02:16 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4957&min_rtt=2313&rtt_var=1860&sent=16&recv=25&lost=0&retrans=0&sent_bytes=4361&recv_bytes=9678&delivery_rate=899&cwnd=12000&unsent_bytes=0&cid=35ac6433127d7c1c&ts=1881&x=1", cfHdrFlush;dur=0
date: Thu, 28 Nov 2024 00:02:16 GMT
content-type: image/png
last-modified: Thu, 21 Nov 2024 09:47:55 GMT
vary: Accept-Encoding
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e96168f8dd5c475-EWR
accept-ranges: bytes
content-length: 3129
server: cloudflare

GET
H3 200 featured-image-1732182451-1.png
claim.realxtop.com/wp-content/uploads/2024/11/ 2 MB
2 MB 1245ms
1242ms Image
image/png 2606:4700:3033::ac43:a899
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claim.realxtop.com/wp-content/uploads/2024/11/featured-image-1732182451-1.png
Requested by: Host: claim.realxtop.com
URL: https://claim.realxtop.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a899 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e64445dd6ed566d970e826dc1561e4314ac66f8bf10aa75f8c3417a1713eda88

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://claim.realxtop.com/

Response headers

cf-cache-status: MISS
etag: "18bdac-673f01b3-5fb6a5;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9JIKhPGj7Tu3vjuAKL2TjKpCwGhomsL7ztaeuvT%2BQMabtz8qYXm6PlX%2FajThANegBeWMNbc8gPlFnPzJj1ikmfZo0XzwLF2n%2FvNw8OVFGp5Cx6mE7Gek0KdQn1%2FtsuJTdk4JGsnzYrO%2BwUCkPKJLQPM%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 05 Dec 2024 00:02:16 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4266&min_rtt=2313&rtt_var=742&sent=97&recv=46&lost=0&retrans=0&sent_bytes=97590&recv_bytes=10587&delivery_rate=5494136&cwnd=46800&unsent_bytes=0&cid=35ac6433127d7c1c&ts=2425&x=1", cfHdrFlush;dur=0
date: Thu, 28 Nov 2024 00:02:16 GMT
content-type: image/png
last-modified: Thu, 21 Nov 2024 09:47:31 GMT
vary: Accept-Encoding
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e96168f8ddbc475-EWR
accept-ranges: bytes
content-length: 1621420
server: cloudflare

GET
H3 200 featured-image-1732182423-1.png
claim.realxtop.com/wp-content/uploads/2024/11/ 979 KB
980 KB 1317ms
1314ms Image
image/png 2606:4700:3033::ac43:a899
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claim.realxtop.com/wp-content/uploads/2024/11/featured-image-1732182423-1.png
Requested by: Host: claim.realxtop.com
URL: https://claim.realxtop.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a899 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35cd43aa0d09417246ca3058aacc64d6c86ca8df33f5f6dbe6b4b08ac2fae381

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://claim.realxtop.com/

Response headers

cf-cache-status: MISS
etag: "f4bcf-673f0197-5fb68d;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uxi%2Ffi%2FVA8%2FaBygZooplbJBLrEa9DtsiAaZSEyqe01vaoHkqZcQlotGtsy5mC66wC3KKBW7GFiWBq%2B0eNI0TPtC%2FCHBsi3fRI4sfKHDBQ%2B%2FxO2OKew8sjO0NsWfX0ORe6W%2BRyNblheNEfgKu%2Fr42Ct4%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 05 Dec 2024 00:02:16 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3206&min_rtt=2313&rtt_var=1000&sent=286&recv=90&lost=0&retrans=0&sent_bytes=318173&recv_bytes=12544&delivery_rate=11693489&cwnd=88800&unsent_bytes=0&cid=35ac6433127d7c1c&ts=2499&x=1", cfHdrFlush;dur=0
date: Thu, 28 Nov 2024 00:02:16 GMT
content-type: image/png
last-modified: Thu, 21 Nov 2024 09:47:03 GMT
vary: Accept-Encoding
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e96168f8ddec475-EWR
accept-ranges: bytes
content-length: 1002447
server: cloudflare

GET
H3 200 featured-image-1732182396-1.png
claim.realxtop.com/wp-content/uploads/2024/11/ 1 MB
1 MB 1242ms
1239ms Image
image/png 2606:4700:3033::ac43:a899
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claim.realxtop.com/wp-content/uploads/2024/11/featured-image-1732182396-1.png
Requested by: Host: claim.realxtop.com
URL: https://claim.realxtop.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a899 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ebf6ee2b0580074967f4a03968b9b023dda97dd9dda2e2cb2a875690010b148

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://claim.realxtop.com/

Response headers

cf-cache-status: MISS
etag: "1338b9-673f017c-5fb677;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Td%2FBF3sN5V%2FZmL7f8omUHTrBzhJl00TMtvAybE40wgrzCbzU5VOtKhwDDrX94G%2FpTZNooic899AHlU0H%2BkNtp7sRjykDsg7hQyV16Z1EbVN9JFfdszb8SwnaofvpIrASvs9l39DXCvYFaSGiraxSDbw%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 05 Dec 2024 00:02:16 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4266&min_rtt=2313&rtt_var=742&sent=68&recv=46&lost=0&retrans=0&sent_bytes=63315&recv_bytes=10587&delivery_rate=5494136&cwnd=46800&unsent_bytes=0&cid=35ac6433127d7c1c&ts=2425&x=1", cfHdrFlush;dur=0
date: Thu, 28 Nov 2024 00:02:16 GMT
content-type: image/png
last-modified: Thu, 21 Nov 2024 09:46:36 GMT
vary: Accept-Encoding
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e96168f8de2c475-EWR
accept-ranges: bytes
content-length: 1259705
server: cloudflare

GET
H3 200 featured-image-1732182372-1.png
claim.realxtop.com/wp-content/uploads/2024/11/ 1 MB
1 MB 1233ms
1231ms Image
image/png 2606:4700:3033::ac43:a899
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claim.realxtop.com/wp-content/uploads/2024/11/featured-image-1732182372-1.png
Requested by: Host: claim.realxtop.com
URL: https://claim.realxtop.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a899 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6619c0796783e421599140d7e762be2063acc6aaab8babd35060f891fbbae460

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://claim.realxtop.com/

Response headers

cf-cache-status: MISS
etag: "17a319-673f0164-5fb662;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GjBgRpqcbiwyP9JRraFNpopJK5v2uU3mEjePM7BQNXQoBUQJOSG0nfLDUM9gUaLV0E3uBt8bBoiuBkU62KvXCRYCFiK6YfLzpCluhfsFjlogCjzRM0CWEMFp1KdAmigxmrmcOcjQZFjFt9uchaovpYs%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 05 Dec 2024 00:02:16 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3707&min_rtt=2313&rtt_var=1546&sent=27&recv=31&lost=0&retrans=0&sent_bytes=15315&recv_bytes=9937&delivery_rate=31340&cwnd=12000&unsent_bytes=0&cid=35ac6433127d7c1c&ts=2417&x=1", cfHdrFlush;dur=0
date: Thu, 28 Nov 2024 00:02:16 GMT
content-type: image/png
last-modified: Thu, 21 Nov 2024 09:46:12 GMT
vary: Accept-Encoding
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e96168f8de4c475-EWR
accept-ranges: bytes
content-length: 1549081
server: cloudflare

GET
H3 200 featured-image-1732182346-1.png
claim.realxtop.com/wp-content/uploads/2024/11/ 1 MB
1 MB 1251ms
1248ms Image
image/png 2606:4700:3033::ac43:a899
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claim.realxtop.com/wp-content/uploads/2024/11/featured-image-1732182346-1.png
Requested by: Host: claim.realxtop.com
URL: https://claim.realxtop.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a899 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac85ebccf241132615644a09a740cec8c11c69098838a0c2cdea2ee44f9bbaa8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://claim.realxtop.com/

Response headers

cf-cache-status: MISS
etag: "173244-673f014a-5fb64d;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jZg4pkcOPcIZspau66MDikoXjQCUWnImWMECBC0rKNvlODxxyoRb6rkaJwrCngfxKxc%2BtzocBa5D1wNtxhloHF4bt7RyQ4OUx3kw2yxoLOqTu%2FwnfLV1lnXwWBkcB3EHTS1nRcylq4qYx7w%2Bj6kk9sY%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 05 Dec 2024 00:02:16 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2999&min_rtt=2313&rtt_var=350&sent=177&recv=78&lost=0&retrans=0&sent_bytes=190625&recv_bytes=11999&delivery_rate=31440898&cwnd=88800&unsent_bytes=0&cid=35ac6433127d7c1c&ts=2435&x=1", cfHdrFlush;dur=0
date: Thu, 28 Nov 2024 00:02:16 GMT
content-type: image/png
last-modified: Thu, 21 Nov 2024 09:45:46 GMT
vary: Accept-Encoding
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e96168f8de5c475-EWR
accept-ranges: bytes
content-length: 1520196
server: cloudflare

GET
H3 200 featured-image-1732182320-1.png
claim.realxtop.com/wp-content/uploads/2024/11/ 1 MB
1 MB 1291ms
1289ms Image
image/png 2606:4700:3033::ac43:a899
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claim.realxtop.com/wp-content/uploads/2024/11/featured-image-1732182320-1.png
Requested by: Host: claim.realxtop.com
URL: https://claim.realxtop.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a899 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cd47aba855019168f43059f64238d77fe4385dd56d1eff989d26f058b189ae8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://claim.realxtop.com/

Response headers

cf-cache-status: MISS
etag: "142028-673f0130-5fb638;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ujPbFDC1SBTPULL6M7lLmHRhYQv60nqDZYv5Dbp8lUg6OoNHoBQH5O7g2f536PmSFO6tAMvz62pm0nUdmOj%2FTNWZ8nw0ZMZRfgFY9%2FjEXmHj%2Fxy8RuofN5zewixGz7HHQ817ofTWZ6s3hUPNB7NcYWU%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 05 Dec 2024 00:02:16 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2751&min_rtt=2313&rtt_var=196&sent=259&recv=87&lost=0&retrans=0&sent_bytes=286292&recv_bytes=12411&delivery_rate=13892008&cwnd=88800&unsent_bytes=0&cid=35ac6433127d7c1c&ts=2474&x=1", cfHdrFlush;dur=0
date: Thu, 28 Nov 2024 00:02:16 GMT
content-type: image/png
last-modified: Thu, 21 Nov 2024 09:45:20 GMT
vary: Accept-Encoding
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e96168f8de6c475-EWR
accept-ranges: bytes
content-length: 1318952
server: cloudflare

GET eeb6416a-d11f-4613-a1a2-da91ca00a8eb
https://claim.realxtop.com/ Frame 0
0

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/ 434 KB
144 KB 53ms
51ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4043717343592700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4bf167774e13c97ed87fac15142657c51e15371a12ed4880922fb58cbe3aeaa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://claim.realxtop.com/

Response headers

content-encoding: br
etag: 1457345766710809803
x-content-type-options: nosniff
expires: Thu, 28 Nov 2024 00:02:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 28 Nov 2024 00:02:15 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 147621
x-xss-protection: 0
server: cafe

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 60ms
18ms Font
font/woff2 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu%3A400%2C500%2C700%7CLato%3A400%2C700%2C400italic%2C700italic%7COpen+Sans%3A400%2C400italic%2C700&subset=latin%2Clatin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://claim.realxtop.com
Referer: https://fonts.googleapis.com/

Response headers

age: 533876
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 21 Nov 2025 19:44:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 19:44:19 GMT
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23580
x-xss-protection: 0
server: sffe

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 57ms
16ms Font
font/woff2 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://claim.realxtop.com
Referer: https://fonts.googleapis.com/

Response headers

age: 532155
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 21 Nov 2025 20:13:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 20:13:00 GMT
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23040
x-xss-protection: 0
server: sffe

GET
H3 200 fontawesome-webfont.woff2
claim.realxtop.com/wp-content/themes/newspaperss/fonts/awesome/fonts/ 75 KB
76 KB 1211ms
1210ms Font
font/woff2 2606:4700:3033::ac43:a899
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://claim.realxtop.com/wp-content/themes/newspaperss/fonts/awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: claim.realxtop.com
URL: https://claim.realxtop.com/wp-content/themes/newspaperss/fonts/awesome/css/font-awesome.min.css?ver=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a899 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://claim.realxtop.com
Referer: https://claim.realxtop.com/wp-content/themes/newspaperss/fonts/awesome/css/font-awesome.min.css?ver=1

Response headers

cf-cache-status: MISS
etag: "12d68-673f0270-5fb839;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0LKyjBCt0t3LnlPgcH5yN4PV%2BDNt3yhYWNqhhBkh4jiqIabUf9TqgWH865IylZxuXaRmAhImRH4PVG8jSNosU9s4wRHyoSvkJzkY%2Fe653gEq9daytpiOG8jUAHmyhWOyj%2ByAQM0MgraYeHJk0tNw7t4%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 05 Dec 2024 00:02:16 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3707&min_rtt=2313&rtt_var=1546&sent=37&recv=31&lost=0&retrans=0&sent_bytes=27315&recv_bytes=9937&delivery_rate=31340&cwnd=12000&unsent_bytes=0&cid=35ac6433127d7c1c&ts=2419&x=1", cfHdrFlush;dur=1
date: Thu, 28 Nov 2024 00:02:16 GMT
content-type: font/woff2
last-modified: Thu, 21 Nov 2024 09:50:40 GMT
vary: Accept-Encoding
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e96168fae0ac475-EWR
accept-ranges: bytes
content-length: 77160
server: cloudflare

GET
H3 200 featured-image-1732182498-1-768x768.png
claim.realxtop.com/wp-content/uploads/2024/11/ 816 KB
817 KB 1297ms
1294ms Image
image/png 2606:4700:3033::ac43:a899
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claim.realxtop.com/wp-content/uploads/2024/11/featured-image-1732182498-1-768x768.png
Requested by: Host: claim.realxtop.com
URL: https://claim.realxtop.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a899 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca90ffd90b8bd7f8edc20c1e3b0f9e0750cb8bef61323a23d80382358a8ad70b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://claim.realxtop.com/

Response headers

cf-cache-status: MISS
etag: "cbefe-673f01e5-5fb6cc;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3zhd%2BHW3IFq334ALlcp8UscS8Ad0eNIogTMoTUbU%2FS5UOz4fUh9UkSda%2Br893rsG8EgC6yUhzw2%2Bd6RbMElQ1tsata27fw0CQE%2FtDJ%2Fuer9JlJWeGKbit2MmOR6K47seteJVuBPUD%2F7hRN2urX99Ujw%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 05 Dec 2024 00:02:16 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2760&min_rtt=2313&rtt_var=301&sent=453&recv=104&lost=0&retrans=0&sent_bytes=517569&recv_bytes=13174&delivery_rate=9274337&cwnd=88800&unsent_bytes=0&cid=35ac6433127d7c1c&ts=2555&x=1", cfHdrFlush;dur=0
date: Thu, 28 Nov 2024 00:02:16 GMT
content-type: image/png
last-modified: Thu, 21 Nov 2024 09:48:21 GMT
vary: Accept-Encoding
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e96168ffe69c475-EWR
accept-ranges: bytes
content-length: 835326
server: cloudflare

GET
H3 200 featured-image-1732182475-1-768x768.png
claim.realxtop.com/wp-content/uploads/2024/11/ 152 B
852 B 702ms
700ms Image
image/png 2606:4700:3033::ac43:a899
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claim.realxtop.com/wp-content/uploads/2024/11/featured-image-1732182475-1-768x768.png
Requested by: Host: claim.realxtop.com
URL: https://claim.realxtop.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a899 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d4f1fb248f13f8ccbece76ecb115bd702045e98e25ccc7c9e869b0042649aa9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://claim.realxtop.com/

Response headers

cf-cache-status: MISS
etag: "98-673f01cb-5fb6bd;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M67Di6SbzK8sGhksoVd5XmOXriTfq6h%2Bt1BhxUb7CQc%2B9oeW8b4zFsmn8Juz6Upc%2B%2BecXmhp87wS%2FWsE95c9j9h7rrhPUWeB2fD3J%2BzZwqJprJk2Rlm3hGT2D2yTfIsq7O0%2F6CNMHe1jEXaniWi9gUk%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 05 Dec 2024 00:02:16 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3820&min_rtt=2313&rtt_var=1761&sent=26&recv=30&lost=0&retrans=0&sent_bytes=14440&recv_bytes=9893&delivery_rate=2447659&cwnd=12000&unsent_bytes=0&cid=35ac6433127d7c1c&ts=1961&x=1", cfHdrFlush;dur=0
date: Thu, 28 Nov 2024 00:02:16 GMT
content-type: image/png
last-modified: Thu, 21 Nov 2024 09:47:55 GMT
vary: Accept-Encoding
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e96168ffe6ac475-EWR
accept-ranges: bytes
content-length: 152
server: cloudflare

GET
H3 200 featured-image-1732182451-1-768x768.png
claim.realxtop.com/wp-content/uploads/2024/11/ 776 KB
777 KB 1366ms
1364ms Image
image/png 2606:4700:3033::ac43:a899
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claim.realxtop.com/wp-content/uploads/2024/11/featured-image-1732182451-1-768x768.png
Requested by: Host: claim.realxtop.com
URL: https://claim.realxtop.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a899 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e24d45cbf0053d23c21f83e69e66567e43f1b40e838f7a8735d876f3d755f0f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://claim.realxtop.com/

Response headers

cf-cache-status: MISS
etag: "c2183-673f01b4-5fb6a7;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F2umBKTPGqjQmJ38HSlD2AKYGBqeSq3a3RxKv90h4rDl%2BPf%2FWxv1SnEizNnad2mSibMq9oo8ocju5LxQtB5IzkZgV1rqEaJJRuHzL7qpx9zJuXlkVKk5naCPn3c9yj12uL7JkM8LOFY2uzuaaC4DyPo%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 05 Dec 2024 00:02:16 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2915&min_rtt=2313&rtt_var=217&sent=635&recv=122&lost=0&retrans=0&sent_bytes=732155&recv_bytes=13990&delivery_rate=21569498&cwnd=136800&unsent_bytes=0&cid=35ac6433127d7c1c&ts=2625&x=1", cfHdrFlush;dur=0
date: Thu, 28 Nov 2024 00:02:17 GMT
content-type: image/png
last-modified: Thu, 21 Nov 2024 09:47:32 GMT
vary: Accept-Encoding
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e96168ffe6bc475-EWR
accept-ranges: bytes
content-length: 795011
server: cloudflare

GET
H3 200 featured-image-1732182423-1-768x768.png
claim.realxtop.com/wp-content/uploads/2024/11/ 456 KB
457 KB 1308ms
1306ms Image
image/png 2606:4700:3033::ac43:a899
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claim.realxtop.com/wp-content/uploads/2024/11/featured-image-1732182423-1-768x768.png
Requested by: Host: claim.realxtop.com
URL: https://claim.realxtop.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a899 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfb9ed376cda6e56fb8a53ac8ab227ca5b26e117e21c6b99c2ee892968385fa5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://claim.realxtop.com/

Response headers

cf-cache-status: MISS
etag: "71fe7-673f0199-5fb68f;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y4SGs7uiJm8jKBZM6zpq5e5lVpAMRoFVe6khMvy3gVzyLIIfB%2BHCnoUep%2Bswjur0dhRvM5SpHTrR0Dba9YXzlNspx%2BEliAQu49bnZGvswSmMrKZJA0oiVZgpSubcI48DXQFF7cajx%2B7oN%2BkZTvqR200%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 05 Dec 2024 00:02:16 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2761&min_rtt=2313&rtt_var=303&sent=523&recv=111&lost=0&retrans=0&sent_bytes=599733&recv_bytes=13495&delivery_rate=10772999&cwnd=88800&unsent_bytes=0&cid=35ac6433127d7c1c&ts=2568&x=1", cfHdrFlush;dur=0
date: Thu, 28 Nov 2024 00:02:16 GMT
content-type: image/png
last-modified: Thu, 21 Nov 2024 09:47:05 GMT
vary: Accept-Encoding
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e96168ffe6ec475-EWR
accept-ranges: bytes
content-length: 466919
server: cloudflare

GET
H3 200 wp-emoji-release.min.js Show response
claim.realxtop.com/wp-includes/js/ 18 KB
6 KB 684ms
683ms Script
text/javascript 2606:4700:3033::ac43:a899
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://claim.realxtop.com/wp-includes/js/wp-emoji-release.min.js?ver=6.7.1
Requested by: Host: claim.realxtop.com
URL: https://claim.realxtop.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a899 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://claim.realxtop.com/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"4926-673ea8bc-5f7061;br"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E8XnSW%2FuDwq6%2FH04c1HGx2pbJPikNcuy4Sl0pl7ppTDI7mpimklqW5aoTCBbk1Lnw4QQAJYDPKKqqnnLfbEiaNajgPwakF7p97Us8VEj3m3U39gvVaheJ4q7GkRY5ilTBuK3rjG1bXhq6b%2Fh4gqD2CU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e96168ffe70c475-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4461&min_rtt=2313&rtt_var=1895&sent=20&recv=27&lost=0&retrans=0&sent_bytes=8318&recv_bytes=9764&delivery_rate=5684&cwnd=12000&unsent_bytes=0&cid=35ac6433127d7c1c&ts=1945&x=1", cfHdrFlush;dur=0
date: Thu, 28 Nov 2024 00:02:16 GMT
content-type: text/javascript
last-modified: Thu, 21 Nov 2024 03:27:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/ Frame 4E36 0
0 22ms
6ms Document
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://claim.realxtop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4128
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Nov 2024 00:01:53 GMT
etag: 17661348622971093804
expires: Thu, 12 Dec 2024 00:01:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame C7DC 0
0 100ms
99ms Document
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4043717343592700&output=html&adk=3046330955&adf=2044148826&abgtt=6&lmt=1732752135&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fclaim.realxtop.com%2F&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732752134499&bpp=1122&bdt=97&idt=1248&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=594953398295&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088956%2C95345966%2C95347755%2C95340252%2C95340254&oid=2&pvsid=290082571947748&tmod=264094844&uas=0&nvt=1&fsapi=1&fc=1920&brdim=460%2C460%2C460%2C460%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=1306

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://claim.realxtop.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 6139
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Nov 2024 00:02:15 GMT
expires: Thu, 28 Nov 2024 00:02:15 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ 1 KB
528 B 28ms
26ms Stylesheet
text/css 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Symbols%3Aopsz%2Cwght%2CFILL%2CGRAD%4020..48%2C100..700%2C0..1%2C-50..200

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

70094fd2d218364b8a860669b04698eef9a5b92d66e7785031995be948df9622

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://claim.realxtop.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 28 Nov 2024 00:02:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 00:02:15 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 28 Nov 2024 00:02:15 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 6 KB
778 B 33ms
31ms Stylesheet
text/css 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Text%3A400%2C500%2C700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e1b5a501fc26eb56e0b99cd686a022bfad51b34e3942e51170473cbe4fdecaf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://claim.realxtop.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 28 Nov 2024 00:02:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 00:02:15 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 27 Nov 2024 23:37:38 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 656 B
510 B 25ms
24ms Stylesheet
text/css 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Google+Symbols:opsz,wght,FILL,GRAD@20..48,100..700,0..1,-50..200

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dbe2c130b9f2e157e42a20f6b5877254c24afb93d4cb25ca0df74750b8428b64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://claim.realxtop.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 28 Nov 2024 00:02:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 00:02:15 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 28 Nov 2024 00:02:15 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 6 KB
778 B 44ms
43ms Stylesheet
text/css 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google+Sans+Text_old:400,500,700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e1b5a501fc26eb56e0b99cd686a022bfad51b34e3942e51170473cbe4fdecaf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://claim.realxtop.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 28 Nov 2024 00:02:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 00:02:15 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 27 Nov 2024 23:43:48 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame E217 0
0 100ms
100ms Document
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4043717343592700&output=html&h=280&adk=2546017024&adf=357733869&w=349&abgtt=6&fwrn=4&fwrnh=100&lmt=1732752136&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4152030555&ad_type=text_image&format=349x280&url=https%3A%2F%2Fclaim.realxtop.com%2F&fwr=0&pra=3&rh=291&rw=349&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732752136002&bpp=3&bdt=1599&idt=-M&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=594953398295&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=617&ady=1388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088956%2C95345966%2C95347755%2C95340252%2C95340254&oid=2&pvsid=290082571947748&tmod=264094844&uas=0&nvt=1&fc=1408&brdim=460%2C460%2C460%2C460%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=15

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://claim.realxtop.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 404
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Nov 2024 00:02:16 GMT
expires: Thu, 28 Nov 2024 00:02:16 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 7275 0
0 106ms
105ms Document
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4043717343592700&output=html&h=280&adk=2546017024&adf=769442599&w=349&abgtt=6&fwrn=4&fwrnh=100&lmt=1732752136&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4152030555&ad_type=text_image&format=349x280&url=https%3A%2F%2Fclaim.realxtop.com%2F&fwr=0&pra=3&rh=291&rw=349&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732752136002&bpp=1&bdt=1600&idt=-M&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C349x280&nras=3&correlator=594953398295&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=206&ady=3018&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088956%2C95345966%2C95347755%2C95340252%2C95340254&oid=2&pvsid=290082571947748&tmod=264094844&uas=0&nvt=1&fc=1408&brdim=460%2C460%2C460%2C460%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=63

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://claim.realxtop.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 404
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Nov 2024 00:02:16 GMT
expires: Thu, 28 Nov 2024 00:02:16 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 9A64 0
0 101ms
100ms Document
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4043717343592700&output=html&h=280&adk=2546017024&adf=2637655273&w=349&abgtt=6&fwrn=4&fwrnh=100&lmt=1732752136&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4152030555&ad_type=text_image&format=349x280&url=https%3A%2F%2Fclaim.realxtop.com%2F&fwr=0&pra=3&rh=291&rw=349&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732752136002&bpp=2&bdt=1600&idt=2&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C349x280%2C349x280&nras=4&correlator=594953398295&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=206&ady=3987&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088956%2C95345966%2C95347755%2C95340252%2C95340254&oid=2&pvsid=290082571947748&tmod=264094844&uas=0&nvt=1&fc=1408&brdim=460%2C460%2C460%2C460%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=72

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://claim.realxtop.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 402
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Nov 2024 00:02:16 GMT
expires: Thu, 28 Nov 2024 00:02:16 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 HhzZU5Ak9u-oMExPeInvcuEmPosC9zyteYEFU68cPrjdKM1XLPTxlGmzczpgWvF1d8Yp7AudBnt3CPar1JFWjoLAUv3G-tSXmA.woff2
fonts.gstatic.com/s/googlesymbols/v307/ 736 KB
736 KB 8ms
7ms Font
font/woff2 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesymbols/v307/HhzZU5Ak9u-oMExPeInvcuEmPosC9zyteYEFU68cPrjdKM1XLPTxlGmzczpgWvF1d8Yp7AudBnt3CPar1JFWjoLAUv3G-tSXmA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Symbols%3Aopsz%2Cwght%2CFILL%2CGRAD%4020..48%2C100..700%2C0..1%2C-50..200

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7cd9621446b31bf5bb83846d1bd5bcfc36480e8c7523ed434d6ce3681c02718e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://claim.realxtop.com
Referer: https://fonts.googleapis.com/

Response headers

age: 498617
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 22 Nov 2025 05:31:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 05:31:59 GMT
last-modified: Wed, 20 Nov 2024 00:00:12 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 753268
x-xss-protection: 0
server: sffe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 30ms
30ms Image
image/gif 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfno&evt=place&vh=1200&eid=31088956%2C95345966%2C95347755%2C95340252%2C95340254&hl=en&pvc=290082571947748

Requested by

Host: claim.realxtop.com
URL: https://claim.realxtop.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://claim.realxtop.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Thu, 28 Nov 2024 00:02:16 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 32ms
31ms Fetch
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://claim.realxtop.com/

Response headers

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 0944 0
0 73ms
73ms Document
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4043717343592700&output=html&h=280&adk=2546017024&adf=4053216246&w=349&abgtt=6&fwrn=4&fwrnh=100&lmt=1732752136&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4152030555&ad_type=text_image&format=349x280&url=https%3A%2F%2Fclaim.realxtop.com%2F&fwr=0&pra=3&rh=291&rw=349&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732752136006&bpp=1&bdt=1604&idt=1&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deff0e1caab4be0ba%3AT%3D1732752136%3ART%3D1732752136%3AS%3DALNI_MYL5ErTjHsVMDa3UUWTj6nk6_wTqQ&gpic=UID%3D00000db3ad531772%3AT%3D1732752136%3ART%3D1732752136%3AS%3DALNI_MZw_kkcfdEaipKpxNtt1StRgPD2sA&eo_id_str=ID%3D8542515bcfc2e748%3AT%3D1732752136%3ART%3D1732752136%3AS%3DAA-Afjb4zan_2bS73kd-BqYNMylL&prev_fmts=0x0%2C349x280%2C349x280%2C349x280&nras=5&correlator=594953398295&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=206&ady=4676&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088956%2C95345966%2C95347755%2C95340252%2C95340254&oid=2&pvsid=290082571947748&tmod=264094844&uas=0&nvt=1&fc=1408&brdim=460%2C460%2C460%2C460%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=205

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://claim.realxtop.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 206
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Nov 2024 00:02:16 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 01E7 0
0 77ms
76ms Document
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4043717343592700&output=html&h=280&adk=2546017024&adf=1715948754&w=349&abgtt=6&fwrn=4&fwrnh=100&lmt=1732752136&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4152030555&ad_type=text_image&format=349x280&url=https%3A%2F%2Fclaim.realxtop.com%2F&fwr=0&pra=3&rh=291&rw=349&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732752136009&bpp=1&bdt=1606&idt=1&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deff0e1caab4be0ba%3AT%3D1732752136%3ART%3D1732752136%3AS%3DALNI_MYL5ErTjHsVMDa3UUWTj6nk6_wTqQ&gpic=UID%3D00000db3ad531772%3AT%3D1732752136%3ART%3D1732752136%3AS%3DALNI_MZw_kkcfdEaipKpxNtt1StRgPD2sA&eo_id_str=ID%3D8542515bcfc2e748%3AT%3D1732752136%3ART%3D1732752136%3AS%3DAA-Afjb4zan_2bS73kd-BqYNMylL&prev_fmts=0x0%2C349x280%2C349x280%2C349x280%2C349x280&nras=6&correlator=594953398295&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=617&ady=4676&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088956%2C95345966%2C95347755%2C95340252%2C95340254&oid=2&pvsid=290082571947748&tmod=264094844&uas=0&nvt=1&fc=1408&brdim=460%2C460%2C460%2C460%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=6&uci=a!6&btvi=5&fsb=1&dtd=225

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://claim.realxtop.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Nov 2024 00:02:16 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 327D 0
0 75ms
74ms Document
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4043717343592700&output=html&h=280&adk=1240698031&adf=2486143480&pi=t.aa~a.1990178072~rp.1&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1732752136&rafmt=1&to=qs&pwprc=4152030555&format=1200x280&url=https%3A%2F%2Fclaim.realxtop.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732752136158&bpp=2&bdt=1755&idt=2&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deff0e1caab4be0ba%3AT%3D1732752136%3ART%3D1732752136%3AS%3DALNI_MYL5ErTjHsVMDa3UUWTj6nk6_wTqQ&gpic=UID%3D00000db3ad531772%3AT%3D1732752136%3ART%3D1732752136%3AS%3DALNI_MZw_kkcfdEaipKpxNtt1StRgPD2sA&eo_id_str=ID%3D8542515bcfc2e748%3AT%3D1732752136%3ART%3D1732752136%3AS%3DAA-Afjb4zan_2bS73kd-BqYNMylL&prev_fmts=0x0%2C349x280%2C349x280%2C349x280%2C349x280%2C349x280&nras=7&correlator=594953398295&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088956%2C95345966%2C95347755%2C95340252%2C95340254&oid=2&pvsid=290082571947748&tmod=264094844&uas=0&nvt=1&fc=1920&brdim=460%2C460%2C460%2C460%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=7&uci=a!7&btvi=6&fsb=1&dtd=206

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://claim.realxtop.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 206
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Nov 2024 00:02:16 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 451ms
31ms XHR
application/json 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241120&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2590b87b52f62bb6e6bc0dca70ef08b62d723c6aace0d56f50d72888668e8627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://claim.realxtop.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13093
date: Thu, 28 Nov 2024 00:02:18 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3

200

w-logo-blue-white-bg.png
claim.realxtop.com/wp-includes/images/
Redirect Chain

https://claim.realxtop.com/favicon.ico
https://claim.realxtop.com/wp-includes/images/w-logo-blue-white-bg.png

4 KB
5 KB

715ms
715ms

Other
image/png

2606:4700:3033::ac43:a899
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://claim.realxtop.com/wp-includes/images/w-logo-blue-white-bg.png
Protocol: H3
Server: 2606:4700:3033::ac43:a899 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://claim.realxtop.com/

Response headers

cf-cache-status: MISS
etag: "1017-673ea8bc-5f7213;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BBY2k%2BtRRIpLdBhk9iDvgUW0Kowo%2F6rS%2BNP9uQXltq%2FkW55KK%2B05%2Bn%2BeVL0ZrpiMFMiK3dV42pqWD3Sv%2FgXBz9QcDLV3U6xqKYUNouWQ5zwnGhQ%2FM3yO5As9DkZDPOyn35fXw0mD9gn5wnO0E05UTUc%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 05 Dec 2024 00:02:20 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2801&min_rtt=2129&rtt_var=278&sent=11877&recv=1315&lost=0&retrans=0&sent_bytes=14112012&recv_bytes=68976&delivery_rate=1049&cwnd=292800&unsent_bytes=0&cid=35ac6433127d7c1c&ts=6092&x=1", cfHdrFlush;dur=0
date: Thu, 28 Nov 2024 00:02:20 GMT
content-type: image/png
last-modified: Thu, 21 Nov 2024 03:27:56 GMT
vary: Accept-Encoding
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e9616a9be93c475-EWR
accept-ranges: bytes
content-length: 4119
server: cloudflare

Redirect headers

x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: a6b_HTTP.200,a6b_HTTP.302,a6b_default,a6b_URL.b54ff2eddcb0060bcd786ce388d8d4d7,a6b_
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nDwihmjumaN8kFnZ%2FA9ZGSdCe8HlK8ZdrK%2FksEpfaMLh2gTlpgjiHnXFeIeat2AxikJZDSJ7dJxusI7lsnEw%2FC7ziAsVFougiyTxBd%2F1l%2BGHfVk%2Fhs4DOeD4K1QewAHRF3KVd9Zsx%2Fe6NJCuIdMYTMc%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2839&min_rtt=2129&rtt_var=268&sent=11875&recv=1313&lost=0&retrans=0&sent_bytes=14111081&recv_bytes=68352&delivery_rate=10030374&cwnd=292800&unsent_bytes=0&cid=35ac6433127d7c1c&ts=5378&x=1", cfHdrFlush;dur=0
date: Thu, 28 Nov 2024 00:02:19 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-redirect-by: WordPress
link: <https://claim.realxtop.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location: https://claim.realxtop.com/wp-includes/images/w-logo-blue-white-bg.png
cf-ray: 8e9616a44faec475-EWR
x-litespeed-cache: miss
server: cloudflare

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 18 KB
7 KB 84ms
29ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://claim.realxtop.com/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Thu, 28 Nov 2024 00:02:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 00:02:19 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 3C18 0
0 14ms
3ms Document
text/html 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://claim.realxtop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 63
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 28 Nov 2024 00:01:16 GMT
expires: Thu, 28 Nov 2024 00:51:16 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 35AC 0
0 43ms
28ms Document
text/html 2607:f8b0:4006:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mdukHJaT5rfDpzm-1IZW2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://claim.realxtop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-mdukHJaT5rfDpzm-1IZW2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Thu, 28 Nov 2024 00:02:19 GMT
expires: Thu, 28 Nov 2024 00:02:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET sodar
ep1.adtrafficquality.google/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: claim.realxtop.com
URL: blob:https://claim.realxtop.com/eeb6416a-d11f-4613-a1a2-da91ca00a8eb

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241120&jk=290082571947748&bg=!xMelx4jNAAaIaF9IqGg7ADQBe5WfOPsdz7PABzMQ63gyYQGUGvglXgmF_Yx6g_vuZAepmvM3tV4IbZdHdfRuc2hFmGXPAgAAAGlSAAAABmgBB34ANrZT5NcEi4oDmdQ0ueXnHioj0P244qPEqw4JIMpCdS8SvqE2gz7KQrOcbm1i4x8L32gxSDUxn5kCqF8vNE-XI25WIniN1xLrRB6Q3kUS3ZTKl812ckcpvqIkHKCzEYMa8Cln9p83bPGgt0krwRvd8IWu-iiTtauEaCTEm2cO-RJONeyKRZuRG15xA9b2VNZIkOiAXjyFzLPow2_9kLDmvjIRIZGSdYTfJ4qwIfphluCOp_hKv0BJGdM_wQFoxivUKarGRl64n_LUTQ6YKBecxPTVobZjkmtw3c-lkwK8Hax7N118kQhsaJMgvNJ1l5lXNH3piqMQUu5FfbyPApKsYfZi9uh4WGn1EPhTXAvIgHxW0oS7kKE3c_LlfqKjJ2x3yUMHu4cP3hbgtn72Rp4WyFf9sNYCqXx4pOAnW_nU8pl16ehfIBfxF40wgIj2BYEfJpZsjEjzEihXyY20jNvloDBZI4e3oEdmgbJj2dURSUo-Y_sGwMocj8KFUY4Q4zOxKpGnuOcT0xDgIAQQwE0R9Zp1mYfOShJVDKqSQtqmfHA73zqAItnShFcwQTDUMhvv7VWpiePDvg43NIrQFGVJT47dYF16mNrb3yT0coA1xjtp6ZkVUzk7g6r-GfSdG4_CruYIqwEW2P8q3xaaRYn3XyObt9-nanRLcJR6JYZ933mw7DXNcxEzcV8edWJjWx4upjKWNrZO4xVnt4M7Z9i50WEZfENanuaPn-6fYiimXiOin4mOTttylBQmnT4xPcfPhnnCY9JySESmlsy2ZCXyIrD7WkeDbXf6_viNAT0O1OeSPHezUudcb0PrTM0Fr08lhjY67OmZh5PXOA9Y9X2ImaRCBpI-cDbBb4XqCkP6Ik2VhwvpyjKebz4vVjZvikqU_vObuHOcuEqwRHdJwZBfGzp5mbmBaqUNAPkTiJm2XAYYJfaXXzhbCwXKkNPR84SgW8FJMxK2BcFSE0XyaAdilb4-

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-21 10:55:12	Name: IDE Value: AHWqTUmfYnCY5CMDW0LHRZVACFoslTrwROrnSzgGkYIPxPV-e1TbiU1WJFCRjCdx7Ac
.realxtop.com/	1970-01-21 10:40:48	Name: __gads Value: ID=eff0e1caab4be0ba:T=1732752136:RT=1732752136:S=ALNI_MYL5ErTjHsVMDa3UUWTj6nk6_wTqQ
.realxtop.com/	1970-01-21 10:40:48	Name: __gpi Value: UID=00000db3ad531772:T=1732752136:RT=1732752136:S=ALNI_MZw_kkcfdEaipKpxNtt1StRgPD2sA
.realxtop.com/	1970-01-21 05:38:24	Name: __eoi Value: ID=8542515bcfc2e748:T=1732752136:RT=1732752136:S=AA-Afjb4zan_2bS73kd-BqYNMylL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

claim.realxtop.com
code.jquery.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
www.google.com
claim.realxtop.com
ep1.adtrafficquality.google
2606:4700:3033::ac43:a899
2607:f8b0:4006:809::2002
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80b::2003
2607:f8b0:4006:81e::200a
2607:f8b0:4006:81f::2002
2607:f8b0:4006:81f::2004
2607:f8b0:4006:822::2001
2a04:4e42:400::649
03f212488dc66cdb0e665645471413c39fd4b0cac528fc436e28377cfed7c7d0
077dfd9a39946d218e3052428a9281909f7ae77142e35f2b3e9eeb60a0bf4b2c
0bda9bbe55ab1abe41931337ee8b95e4b955b7807e3c2ab994c14384b8155681
2590b87b52f62bb6e6bc0dca70ef08b62d723c6aace0d56f50d72888668e8627
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cb6545eef4a52b5ef3c826d117ceae6cfae5885525950e1dfbfce6afc5979c2
35cd43aa0d09417246ca3058aacc64d6c86ca8df33f5f6dbe6b4b08ac2fae381
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502
3d4f1fb248f13f8ccbece76ecb115bd702045e98e25ccc7c9e869b0042649aa9
4bf167774e13c97ed87fac15142657c51e15371a12ed4880922fb58cbe3aeaa3
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4ebf6ee2b0580074967f4a03968b9b023dda97dd9dda2e2cb2a875690010b148
64a1b1cac5de46ff257f3864fd0e2f7e679a7ba29920fb8d534710e391285b77
6619c0796783e421599140d7e762be2063acc6aaab8babd35060f891fbbae460
663e5684a7acd3bbe38304a9420b104f3ea052acd60564c40b86185ff1779885
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
70094fd2d218364b8a860669b04698eef9a5b92d66e7785031995be948df9622
76a0c5a866353d25c4369a141e248c7b695d60fe334ae7f149ea454a4588bdcc
79238174f0b3e2441720c46339b8cce2c8be2c19a1507831e726b51b8bbe3b82
7b4f9d14c07fcb7e61e1aaee43c746bc88dfc1e16eca20a9f4f0724721e30913
7cd47aba855019168f43059f64238d77fe4385dd56d1eff989d26f058b189ae8
7cd9621446b31bf5bb83846d1bd5bcfc36480e8c7523ed434d6ce3681c02718e
7fbf23785d861faaaefb67b2a53376c0550b53ff3cb1c52aa28533ae250fb300
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
86bd2fe14ff59779cb9809ee881ed32a64a35ecc228a2760f239e9acd31131e3
8d0fe2f19fa22a2fab11d033b43d9c6aa6bfb6e7b2682824a662cbf036f660fa
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
ac85ebccf241132615644a09a740cec8c11c69098838a0c2cdea2ee44f9bbaa8
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c95729d4b2559b2aa5da16fecac8807258737e3f8e9132e537302934610be652
ca90ffd90b8bd7f8edc20c1e3b0f9e0750cb8bef61323a23d80382358a8ad70b
cfb9ed376cda6e56fb8a53ac8ab227ca5b26e117e21c6b99c2ee892968385fa5
dbe2c130b9f2e157e42a20f6b5877254c24afb93d4cb25ca0df74750b8428b64
e1b5a501fc26eb56e0b99cd686a022bfad51b34e3942e51170473cbe4fdecaf1
e24d45cbf0053d23c21f83e69e66567e43f1b40e838f7a8735d876f3d755f0f2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64445dd6ed566d970e826dc1561e4314ac66f8bf10aa75f8c3417a1713eda88
f5124f252f01c95561fd1f626f128b69136476124cf64648c3bddddb15701492
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

claim.realxtop.com Open in urlscan Pro 2606:4700:3033::ac43:a899 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

55 Requests

95 %HTTPS

100 %IPv6

8 Domains

9 Subdomains

10 IPs

1 Countries

17488 kBTransfer

18545 kBSize

4 Cookies

1 Outgoing links

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

claim.realxtop.com Open in urlscan Pro
2606:4700:3033::ac43:a899 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

95 %
HTTPS

100 %
IPv6

8
Domains

9
Subdomains

10
IPs

1
Countries

17488 kB
Transfer

18545 kB
Size

4
Cookies

55 HTTP transactions
0 data transactions