www.toysrusnfts.com Open in urlscan Pro
195.35.15.134  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
5 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.toysrusnfts.com/	3 MB 2 MB	953ms 68ms	Document text/html	195.35.15.134 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://www.toysrusnfts.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 195.35.15.134 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 77690998a1fb130aff19b741745d551db9d6a17d74c423f15893bff2d0d8f7ef Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-encoding br content-length 2025686 content-security-policy upgrade-insecure-requests content-type text/html date Mon, 25 Dec 2023 12:08:26 GMT etag "299d22-65893d87-58879a2057f2ce0e;br" last-modified Mon, 25 Dec 2023 08:29:59 GMT platform hostinger server LiteSpeed vary Accept-Encoding
GET H2	200	axios.min.js Show response cdn.jsdelivr.net/npm/axios/dist/	33 KB 13 KB	323ms 3ms	Script application/javascript	151.101.193.229 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/axios/dist/axios.min.js Requested by Host: www.toysrusnfts.com URL: https://www.toysrusnfts.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.229 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 550f26d03776c62d33e90b8028c6b4e2e7d1301c6ff769cff94592a93df71c68 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://www.toysrusnfts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Mon, 25 Dec 2023 12:08:26 GMT x-content-type-options nosniff content-encoding br age 5769 x-jsd-version 1.6.2 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 13134 x-served-by cache-fra-etou8220107-FRA, cache-lga21957-LGA x-jsd-version-type version etag W/"8355-QTyXuMi6C+GMNqZaW+lAI5xZVsI" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H2	200	crypto-js.min.js Show response cdnjs.cloudflare.com/ajax/libs/crypto-js/4.2.0/	59 KB 20 KB	331ms 15ms	Script application/javascript	104.17.24.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.2.0/crypto-js.min.js Requested by Host: www.toysrusnfts.com URL: https://www.toysrusnfts.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 769a555de553babc35a3338f344dd7aa16260c93cea2c7db290707c90484e7cc Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://www.toysrusnfts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 12:08:26 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 3979963 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 19621 last-modified Tue, 24 Oct 2023 23:03:52 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "65384d58-4ca5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qWyVguPndZTUQ4eZQ8zIdeeqFNeGg3eKeHMV5gPhLv9AR8AZrvU5fFgKdbtJ4%2BzdfBUKII1dEGhLRnnkodGklvsfYa0djnCsLoonvkgOuxqeH4HHo46boshK8tak6qA8%2BYvuvsgN"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 83b0f8305a0943d4-EWR expires Sat, 14 Dec 2024 12:08:26 GMT
GET H2	200	solana.js Show response www.toysrusnfts.com/	799 KB 152 KB	155ms 151ms	Script application/x-javascript	195.35.15.134 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://www.toysrusnfts.com/solana.js Requested by Host: www.toysrusnfts.com URL: https://www.toysrusnfts.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 195.35.15.134 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 6b41044c8ed8f9794940019de4d174e298485d530bc315f3e9f433c02d4ba114 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers accept-language en-US,en;q=0.9 Referer https://www.toysrusnfts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 12:08:26 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Mon, 25 Dec 2023 08:14:07 GMT server LiteSpeed etag "c7cbf-658939cf-a5a5b0fb5db17c40;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 155858 expires Mon, 01 Jan 2024 12:08:26 GMT
GET H2	200	spl.js Show response www.toysrusnfts.com/	434 KB 106 KB	154ms 150ms	Script application/x-javascript	195.35.15.134 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://www.toysrusnfts.com/spl.js Requested by Host: www.toysrusnfts.com URL: https://www.toysrusnfts.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 195.35.15.134 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash f3a0120670fe2200a0605c73cf2bbb1c93c159c2abea70ca7f209237e5092c41 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers accept-language en-US,en;q=0.9 Referer https://www.toysrusnfts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 12:08:26 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Mon, 25 Dec 2023 08:14:07 GMT server LiteSpeed etag "6c887-658939cf-781944f309863885;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 108654 expires Mon, 01 Jan 2024 12:08:26 GMT
GET H2	200	axios.js Show response www.toysrusnfts.com/	160 KB 29 KB	155ms 151ms	Script application/x-javascript	195.35.15.134 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://www.toysrusnfts.com/axios.js Requested by Host: www.toysrusnfts.com URL: https://www.toysrusnfts.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 195.35.15.134 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 45998948bccbb1f66d44b6a3f991bea37092ce399b430eede1d262fc5855cc33 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers accept-language en-US,en;q=0.9 Referer https://www.toysrusnfts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 12:08:26 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Mon, 25 Dec 2023 11:03:35 GMT server LiteSpeed etag "281de-65896187-5dee48c0186f6af8;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 29838 expires Mon, 01 Jan 2024 12:08:26 GMT
GET DATA	200 OK	truncated /	2 MB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7953e4983f8c2a53d5d4a323a2bb0ef867c6aea5ca6fc5fe3b451ef1b90a1327 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	128 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a3bd0d3966350197e1ae88341b5e24df028a7a965366497f8d128f6c82b61157 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 001dea5a185fdd0a57fc9516022a3fadd9d5814af229a72646397dd3c704ca21 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 84c2b02799c8e71f079d9793561c7f4b79fb1954af8e9e1c674f223a50f66465 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	17 KB 17 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3877b522181765adf66ba89bd68d288ecb9f2483b441baab3424646b0c7aaa0a Request headers Referer Origin https://www.toysrusnfts.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type font/woff2
POST H2	200	nigger Show response ontoptherest.xyz/	642 B 834 B	87ms 86ms	XHR application/json	104.21.33.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ontoptherest.xyz/nigger Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/axios/dist/axios.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.33.3 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c8c94e43c5ac78d2c1311601106e95dd35ec81a1beddff2e9ec7f6b5d6c920ae Request headers Accept application/json, text/plain, */* Referer accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type application/json Response headers date Mon, 25 Dec 2023 12:08:27 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"282-7i8Ri4N8zW4KHSQe1B6SVt2EmAM" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a7Jun4bvXvp1fn7XcmqlAomnvcugYaPDwujK2Sjl2Dqdmixj4sE51RWv949GHyIMWmwtN39pePSozXDXwmttNWIIW8F1UeHJ3yVaHW8kvLMKuC8HcF2biP%2FRPlqSPcj2LPWK"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * cf-ray 83b0f8364aef8cdc-EWR alt-svc h3=":443"; ma=86400
OPTIONS H2	204	nigger ontoptherest.xyz/	0 0	506ms 147ms	Preflight	104.21.33.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ontoptherest.xyz/nigger Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.33.3 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://www.toysrusnfts.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 83b0f8355a768cdc-EWR content-length 0 date Mon, 25 Dec 2023 12:08:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vh2QVryNOs1eWNaEnqBQp2gPfXhaq403U%2B%2FAwUyHg6zWKTm95fwj5TFNJ46vR4iQAGrLM%2BTjE2hwT1oIyDEAl7%2F6cJaorf5lE%2FrqDqvF4JsFbR80moHne0JxSDYpRd%2BDO31t"}],"group":"cf-nel","max_age":604800} server cloudflare vary Access-Control-Request-Headers
GET H2	200	script.js Show response userstatics.com/get/	133 B 584 B	217ms 177ms	Script text/html	104.21.53.38 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://userstatics.com/get/script.js?referrer=https://www.toysrusnfts.com/ Requested by Host: www.toysrusnfts.com URL: https://www.toysrusnfts.com/spl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.53.38 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.2.1 Resource Hash df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 12:08:28 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/8.2.1 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WNb%2BS6HQcy%2Ft16AB879Ik2ZfCleJ%2BK%2FcTZKMBBhQfFOnTT5IWAp7KuObz9lg5JIMNvpPhr9vSi82K%2F5sqqirBArHvbndeaI1%2Bla4CK7SOcHNtYwhL9q5GvSDaneKGwM%2BQis%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 cf-ray 83b0f8377eaa4337-EWR alt-svc h3=":443"; ma=86400

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| axios object| CryptoJS object| regeneratorRuntime object| solanaWeb3 object| splToken object| kishoaz$mq9ua8 object| kishoaz$j9ajlh number| kishoaz$1817ya object| kishoaz$g610ym function| kishoaz$58t8w object| kishoaz$gwzonj function| kishoaz$ph40b function| kishoaz$fkqey undefined| kishoaz$jcsgcy function| kishoaz$9kqett function| kishoaz$sh96c function| kishoaz$lrwkye function| kishoaz$g8wng6 string| kishoaz$qlthuj string| kishoaz$sgfwod string| kishoaz$k0f67 string| kishoaz$mplfrm string| kishoaz$7srfjg string| kishoaz$kcxjof string| kishoaz$muatf7 object| kishoaz$9jpv7g string| kishoaz$0uq2ld string| kishoaz$8qyg9 object| kishoaz$ygly8 string| kishoaz$gw44x string| kishoaz$mqqg6e object| kishoaz$74s51 object| kishoaz$hbbxbc object| kishoaz$wflrlcs object| kishoaz$dbmusoe function| kishoaz$eisy8m function| kishoaz$3j5rcl number| kishoaz$wa73m9 object| kishoaz$dyecg5 object| kishoaz$uuie7h function| kishoaz$yqjkun function| kishoaz$1qriuf function| kishoaz$6cmt8 function| kishoaz$e624hm function| kishoaz$jis816 function| kishoaz$hhhy1o string| kishoaz$9dv93 function| kishoaz$wi7vg object| kishoaz$1jr1lm boolean| kishoaz$xxz4q4i boolean| kishoaz$nzu1di object| kishoaz$fiqsru object| kishoaz$j30mjd boolean| kishoaz$d2yy5 object| kishoaz$z4djf function| kishoaz$tpoxgf function| kishoaz$v3kikr function| kishoaz$sjir6 function| kishoaz$msawd function| kishoaz$y602q function| kishoaz$37ft9w function| kishoaz$h0ju7l function| kishoaz$jqjyho function| kishoaz$958ced function| kishoaz$8iwuo function| kishoaz$85ywk function| kishoaz$79bmuz string| connectText

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.toysrusnfts.com/	1970-01-20 17:12:25	Name: PHPREFS Value: full

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
ontoptherest.xyz
userstatics.com
www.toysrusnfts.com
104.17.24.14
104.21.33.3
104.21.53.38
151.101.193.229
195.35.15.134
001dea5a185fdd0a57fc9516022a3fadd9d5814af229a72646397dd3c704ca21
3877b522181765adf66ba89bd68d288ecb9f2483b441baab3424646b0c7aaa0a
45998948bccbb1f66d44b6a3f991bea37092ce399b430eede1d262fc5855cc33
550f26d03776c62d33e90b8028c6b4e2e7d1301c6ff769cff94592a93df71c68
6b41044c8ed8f9794940019de4d174e298485d530bc315f3e9f433c02d4ba114
769a555de553babc35a3338f344dd7aa16260c93cea2c7db290707c90484e7cc
77690998a1fb130aff19b741745d551db9d6a17d74c423f15893bff2d0d8f7ef
7953e4983f8c2a53d5d4a323a2bb0ef867c6aea5ca6fc5fe3b451ef1b90a1327
84c2b02799c8e71f079d9793561c7f4b79fb1954af8e9e1c674f223a50f66465
a3bd0d3966350197e1ae88341b5e24df028a7a965366497f8d128f6c82b61157
c8c94e43c5ac78d2c1311601106e95dd35ec81a1beddff2e9ec7f6b5d6c920ae
df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26
f3a0120670fe2200a0605c73cf2bbb1c93c159c2abea70ca7f209237e5092c41