claim.ourcoincash.xyz Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response claim.ourcoincash.xyz/	4 KB 2 KB	445ms 368ms	Document text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://claim.ourcoincash.xyz/?r=2695 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash 7cfd809db3fa1163d425f11106f455ac009fe88fb856e7580ad941f967aa026c Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 7c2e5bfe8f5f0bbc-AMS content-encoding br content-type text/html; charset=UTF-8 date Sat, 06 May 2023 04:07:58 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vOuyDWpkSiEWZoANK3vPk4zVMXdq6XhVJAPFWqmN4l5B%2B0TCWqr2zpxqcjYaydcHg1rr7OU9VBlSN4s4OkyZNu%2Fc6Ans6kNx%2FD0llK5ZEC4OrY4JqHSPI%2FtAPXudoy%2BH5T6aYkCoF5M%2BWb5cIM8EXuqU384%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/7.2.34 x-turbo-charged-by LiteSpeed
GET H2	200	all.min.css claim.ourcoincash.xyz/BSassets/vendor/fontawesome-free/css/	58 KB 13 KB	35ms 33ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://claim.ourcoincash.xyz/BSassets/vendor/fontawesome-free/css/all.min.css Requested by Host: claim.ourcoincash.xyz URL: https://claim.ourcoincash.xyz/?r=2695 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386 Request headers accept-language nl-NL,nl;q=0.9 Referer https://claim.ourcoincash.xyz/?r=2695 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Sat, 06 May 2023 04:07:58 GMT content-encoding br cf-cache-status HIT last-modified Wed, 19 Oct 2022 12:41:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 261202 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vP%2BwjaJTCqMl7FHWpxoIFiAkPwo2MQzQzV1Nyvo0Rv9Tab6syKJSYpkO7%2FkZOZ9ZxV9hYIF%2FN7wCdDS11pful%2BV8KytNnyye94DKaSORiP416c609fAL09G8muGXI3iCzzHUNuIXrHOBoLdIj4bDoBNSK5Q%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 7c2e5c00e8bc0bbc-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Wed, 10 May 2023 03:34:36 GMT
GET H2	200	css fonts.googleapis.com/	23 KB 1 KB	141ms 68ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i Requested by Host: claim.ourcoincash.xyz URL: https://claim.ourcoincash.xyz/?r=2695 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash efd15ebba9106e78e5786de7ee546178b97d963a2fc21ea0a65c04fb75fb2b9a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://claim.ourcoincash.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 06 May 2023 04:07:58 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 06 May 2023 03:16:34 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 06 May 2023 04:07:58 GMT
GET H2	200	sb-admin-2.min.css claim.ourcoincash.xyz/BSassets/css/	167 KB 28 KB	44ms 41ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://claim.ourcoincash.xyz/BSassets/css/sb-admin-2.min.css Requested by Host: claim.ourcoincash.xyz URL: https://claim.ourcoincash.xyz/?r=2695 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0832dfb004cac2772613a5a72a537060557ff5d21857b0d6ece8cc6e8c824157 Request headers accept-language nl-NL,nl;q=0.9 Referer https://claim.ourcoincash.xyz/?r=2695 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Sat, 06 May 2023 04:07:58 GMT content-encoding br cf-cache-status HIT last-modified Wed, 19 Oct 2022 12:41:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 101322 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cI9V3qwb2LmtON6qH7f5xOmNLtK9AuZj41IXBZH6MxtzGqfJ%2Fofx5%2F0YX3bCrdaO4izAFMMTO98W06iPFHswnVh2DLCNR4TUHWYh28bU3Qm68Ue16jl7rF7BNJ0K2Sbhj6osWTKNg1bC2gUJJz%2Bfg%2BapXrk%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 7c2e5c00e8be0bbc-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 11 May 2023 23:59:16 GMT
GET H2	200	custom.css claim.ourcoincash.xyz/BSassets/css/	264 B 496 B	64ms 62ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://claim.ourcoincash.xyz/BSassets/css/custom.css Requested by Host: claim.ourcoincash.xyz URL: https://claim.ourcoincash.xyz/?r=2695 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 48266ba243dc1b74c20cfae7f8e1f83c2b2fabbcc0d95a87d8f15152b29a5c99 Request headers accept-language nl-NL,nl;q=0.9 Referer https://claim.ourcoincash.xyz/?r=2695 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Sat, 06 May 2023 04:07:58 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 261202 cf-polished origSize=311 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-bgj minify last-modified Wed, 19 Oct 2022 12:41:08 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rDSGQFJlc%2FPq8wr7kqxbyDzq%2B1251AsDSrJ9QOwJEguKilNUdGmNCNUnmGAufkC6Ez6BE1szV%2FNj8WifLvRy7pwM5NnFnLydd6yo4S20xAhDp%2BrfWR8plZ%2BamiGC13QVnYQiR1PGRO0%2Bob4Wt1Zv41CVHHI%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 7c2e5c00e8bf0bbc-AMS expires Wed, 10 May 2023 03:34:36 GMT
GET H/1.1	200 OK	popunder1000.js Show response a.exdynsrv.com/	94 KB 40 KB	124ms 28ms	Script application/javascript	2001:4de0:ac19::1:b:1b STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://a.exdynsrv.com/popunder1000.js Requested by Host: claim.ourcoincash.xyz URL: https://claim.ourcoincash.xyz/?r=2695 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash 94630b6037cbc3f251fbaec48bc37d4c426f743722c0ff1056d81c2194323d23 Request headers accept-language nl-NL,nl;q=0.9 Referer https://claim.ourcoincash.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers Date Sat, 06 May 2023 04:07:58 GMT Content-Encoding gzip Server nginx etag W/"66957c7ae29ae1293747b96a3ca" X-HW 1683346078.dop125.am5.t,1683346078.cds291.am5.shn,1683346078.dop125.am5.t,1683346078.cds134.am5.c Content-Type application/javascript Access-Control-Allow-Origin *, * Cache-Control max-age=10800 Connection Keep-Alive Accept-Ranges bytes Content-Length 40944
GET H/1.1	200 OK	ad-provider.js Show response a.exdynsrv.com/	86 KB 29 KB	125ms 28ms	Script application/javascript	2001:4de0:ac19::1:b:1b STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://a.exdynsrv.com/ad-provider.js Requested by Host: claim.ourcoincash.xyz URL: https://claim.ourcoincash.xyz/?r=2695 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash f2e8e0e40ecf4ae40484258a63f79356229e5e6b2a901f469a506115c112bfc8 Request headers accept-language nl-NL,nl;q=0.9 Referer https://claim.ourcoincash.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers Date Sat, 06 May 2023 04:07:58 GMT Content-Encoding gzip Server nginx etag W/"5edd88b11d181710b873d5701fc" X-HW 1683346078.dop247.am5.t,1683346078.cds279.am5.shn,1683346078.dop247.am5.t,1683346078.cds218.am5.c Content-Type application/javascript Access-Control-Allow-Origin *, * Cache-Control max-age=10800 Connection Keep-Alive Accept-Ranges bytes Content-Length 28967
GET H2	200	script.js Show response appsha-pnd.ctengine.io/js/	6 KB 3 KB	115ms 35ms	Script application/javascript	2a0d:da00:a:401c:: LAYERSHIFT
General Check archive.org Show headers Download Go to Full URL https://appsha-pnd.ctengine.io/js/script.js?wkey=zBkzEwe6Xx Requested by Host: claim.ourcoincash.xyz URL: https://claim.ourcoincash.xyz/?r=2695 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB), Reverse DNS Software nginx / Resource Hash 12fd1e9db6286283729eb4db9ac13a08b683646dfaf54a01be19bea92a7f76e8 Request headers accept-language nl-NL,nl;q=0.9 Referer https://claim.ourcoincash.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers content-type application/javascript pragma no-cache date Sat, 06 May 2023 04:07:58 GMT cache-control no-cache, no-store, must-revalidate content-encoding gzip server nginx expires 0
GET H2	200	jquery.min.js Show response claim.ourcoincash.xyz/BSassets/vendor/jquery/	87 KB 32 KB	63ms 61ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://claim.ourcoincash.xyz/BSassets/vendor/jquery/jquery.min.js Requested by Host: claim.ourcoincash.xyz URL: https://claim.ourcoincash.xyz/?r=2695 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Request headers accept-language nl-NL,nl;q=0.9 Referer https://claim.ourcoincash.xyz/?r=2695 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Sat, 06 May 2023 04:07:58 GMT content-encoding br cf-cache-status HIT last-modified Wed, 19 Oct 2022 12:41:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 387131 vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2BV4PhBFONUekN%2FAwA72s1ZRdFzeBYLTEqV8jkdktRp%2FV3ja3BCBKHmeHsexMLIbY2QJJ4NZdQxWjkKjpH73pORL%2FspcSwimvIGXaRvDAeWuibewMqzIzGZD8StEV4IWJr5RcwzbrlUPrDZJcEH84kbtbHs%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 7c2e5c00e8c00bbc-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Mon, 08 May 2023 16:35:46 GMT
GET H2	200	bootstrap.bundle.min.js Show response claim.ourcoincash.xyz/BSassets/vendor/bootstrap/js/	82 KB 22 KB	38ms 36ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://claim.ourcoincash.xyz/BSassets/vendor/bootstrap/js/bootstrap.bundle.min.js Requested by Host: claim.ourcoincash.xyz URL: https://claim.ourcoincash.xyz/?r=2695 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b Request headers accept-language nl-NL,nl;q=0.9 Referer https://claim.ourcoincash.xyz/?r=2695 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Sat, 06 May 2023 04:07:58 GMT content-encoding br cf-cache-status HIT last-modified Wed, 19 Oct 2022 12:41:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 276073 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J5kimIobwr6wIznTtjo24VBOdYYfXEdLT1AE4UeTE8jZuQaHqsVqEfp1DSwHPIIQfRityJd%2B0aOLTE7wnJwtPe1sbW4Spj3npJC7St546RjGFnHaZ7ymS6dV4SOfpGW%2BBasNiCNYL%2F8TqoSLIyrwzSWYb%2Bg%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 7c2e5c00e8c10bbc-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Tue, 09 May 2023 23:26:45 GMT
GET H2	200	jquery.easing.min.js Show response claim.ourcoincash.xyz/BSassets/vendor/jquery-easing/	2 KB 1 KB	37ms 35ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://claim.ourcoincash.xyz/BSassets/vendor/jquery-easing/jquery.easing.min.js Requested by Host: claim.ourcoincash.xyz URL: https://claim.ourcoincash.xyz/?r=2695 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349 Request headers accept-language nl-NL,nl;q=0.9 Referer https://claim.ourcoincash.xyz/?r=2695 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Sat, 06 May 2023 04:07:58 GMT content-encoding br cf-cache-status HIT last-modified Wed, 19 Oct 2022 12:41:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 75626 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fyk8TepBtCwzGej%2BZwFKUY3pspaczYRnRsf01%2B72k6kL9nZvcNMM900iwVub0Yx30ts0b5Pn2zN%2FqdGUs9Y%2Fi6h0cYkQhTd%2BddpfQsrorJmunmuXJWbViqZjl8FUHiv7maFMMpm3%2FJ6o86vevtklYqr1j4o%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 7c2e5c00e8c20bbc-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 12 May 2023 07:07:32 GMT
GET H2	200	sb-admin-2.min.js Show response claim.ourcoincash.xyz/BSassets/js/	1 KB 1 KB	63ms 62ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://claim.ourcoincash.xyz/BSassets/js/sb-admin-2.min.js Requested by Host: claim.ourcoincash.xyz URL: https://claim.ourcoincash.xyz/?r=2695 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3dbd135d6f876957fb80b8871b4084bfe81e449c8387bbdaf07b8b2451732787 Request headers accept-language nl-NL,nl;q=0.9 Referer https://claim.ourcoincash.xyz/?r=2695 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Sat, 06 May 2023 04:07:58 GMT content-encoding br cf-cache-status HIT last-modified Wed, 19 Oct 2022 12:41:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 230813 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pR6CUrVvYfCPW0JT3EBAIkKKJfyFkcG9ReNchkAc3BVjaqBsBlD3tRbRPpvde8K18czdTUX00dmAUxzxBlDEChtTaU%2B2KSgp9n4HVqs0DixxXzHNXI2vyP2TmO%2BIxeXUqle3SapKueNLBgJFdwBX17mTCBo%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 7c2e5c00e8c30bbc-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Wed, 10 May 2023 12:01:04 GMT
GET H2	200	2065539 Show response ad.a-ads.com/ Frame F1EE	12 KB 5 KB	172ms 58ms	Document text/html	144.76.38.164 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ad.a-ads.com/2065539?size=300x250 Requested by Host: claim.ourcoincash.xyz URL: https://claim.ourcoincash.xyz/?r=2695 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 144.76.38.164 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.164.38.76.144.clients.your-server.de Software nginx / Phusion Passenger(R) Resource Hash c7922e16366a7c9eba5b931093c7677d607666b6fdbef67d9f1f5250836cbad0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://claim.ourcoincash.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers content-encoding gzip content-type text/html;charset=utf-8 date Sat, 06 May 2023 04:07:58 GMT server nginx status 200 OK vary Accept-Encoding Accept-Encoding x-content-type-options nosniff x-original-referer https://claim.ourcoincash.xyz/ x-powered-by Phusion Passenger(R) x-robots-tag noindex, nofollow, nosnippet, noarchive x-xss-protection 1; mode=block
GET H2	200	5516376 Show response oaphoace.net/401/	0 0	118ms 48ms	Script text/plain	139.45.197.239 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://oaphoace.net/401/5516376 Requested by Host: claim.ourcoincash.xyz URL: https://claim.ourcoincash.xyz/?r=2695 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://claim.ourcoincash.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers
GET H2	200	XRXV3I6Li01BKofINeaB.woff2 fonts.gstatic.com/s/nunito/v25/	35 KB 36 KB	132ms 59ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://claim.ourcoincash.xyz accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Sat, 29 Apr 2023 06:01:25 GMT x-content-type-options nosniff age 597994 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35904 x-xss-protection 0 last-modified Mon, 18 Jul 2022 19:34:47 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 28 Apr 2024 06:01:25 GMT
GET H2	200	tag.min.js Show response inklinkor.com/	71 KB 25 KB	106ms 38ms	Script text/javascript	2606:4700:3037::6815:5b3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://inklinkor.com/tag.min.js Requested by Host: claim.ourcoincash.xyz URL: https://claim.ourcoincash.xyz/?r=2695 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:5b3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ee9a8810feb2906d0473961b57de2096cb6ff7d3efc111522d654018bec96470 Request headers accept-language nl-NL,nl;q=0.9 Referer https://claim.ourcoincash.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Sat, 06 May 2023 04:07:59 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 25 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-trace-id 779eb514e748749aca82f6db110af95c pragma no-cache last-modified Fri, 05 May 2023 11:48:22 GMT server cloudflare access-control-max-age 86400 access-control-allow-methods GET, POST, OPTIONS content-type text/javascript; charset=utf-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4UQ%2FY6FMbREyMd7PNW50Y%2F3hhpfMXYK9l2sk07JGc%2F9k8UybFHub20R%2BSuzjOkzFXGue%2BS4ikOxIS7JKGYmzF1LwjqksRvI45H0C9CmROvW58nkUn9LVyx1IarDGkhOfbvQXiJteMw8UCBoI"}],"group":"cf-nel","max_age":604800} cache-control max-age=86400 access-control-allow-credentials true vary Accept-Encoding timing-allow-origin * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace cf-ray 7c2e5c025fed1b06-AMS expires Sun, 07 May 2023 04:07:34 GMT
GET H2	200	300x250 static.a-ads.com/a-ads-banners/118549/ Frame F1EE	642 KB 643 KB	54ms 45ms	Image image/gif	144.76.38.164 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static.a-ads.com/a-ads-banners/118549/300x250?region=eu-central-1 Requested by Host: ad.a-ads.com URL: https://ad.a-ads.com/2065539?size=300x250 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 144.76.38.164 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.164.38.76.144.clients.your-server.de Software nginx / Resource Hash 68123309f71657db35cb8221cbd7b58896bc59e82f3e2aefc959641b22bd6497 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ad.a-ads.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Sat, 06 May 2023 04:07:59 GMT x-amz-version-id A05Ct9.hzqUI_QD8ilv2LtWUhyLbAwTz last-modified Tue, 28 Apr 2020 12:49:30 GMT server nginx x-amz-request-id CC4XWGDVDADGG336 etag "37e9c50b0415f297d727047e73596382" content-type image/gif cache-control max-age=315360000 accept-ranges bytes content-length 657870 x-amz-id-2 tACfXiONcvN0/tb7OL4U9xA6aAIybUc9d9lmbvItRZJ98g8cflE1OdT8RBUpdoJhcLTlOlyhiQg= expires Thu, 31 Dec 2037 23:55:55 GMT
POST H/1.1	200 OK	api.php Show response syndication.exdynsrv.com/v1/	984 B 1 KB	264ms 201ms	XHR application/json	95.211.229.248 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://syndication.exdynsrv.com/v1/api.php Requested by Host: a.exdynsrv.com URL: https://a.exdynsrv.com/ad-provider.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.211.229.248 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS ds03.evo.0x3e.net Software nginx / Resource Hash a3ab30ac5f5ce7744d25bbe85d0e2b04786d61909c142542d1d5bea20470c976 Request headers Referer https://claim.ourcoincash.xyz/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Content-Type text/plain Response headers Date Sat, 06 May 2023 04:07:59 GMT Access-Control-Request-Method POST Content-Encoding gzip Server nginx Transfer-Encoding chunked Content-Type application/json Access-Control-Allow-Origin https://claim.ourcoincash.xyz Access-Control-Allow-Credentials true Connection keep-alive X-Robots-Tag noindex, follow Access-Control-Allow-Headers Authorization, Content-Type
GET H2	200	slide.js Show response appsha-pnd.ctengine.io/static/	9 KB 2 KB	106ms 35ms	XHR text/javascript	2a0d:da00:a:401c:: LAYERSHIFT
General Check archive.org Show headers Download Go to Full URL https://appsha-pnd.ctengine.io/static/slide.js?v=1683225136877 Requested by Host: appsha-pnd.ctengine.io URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=zBkzEwe6Xx Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB), Reverse DNS Software nginx / Resource Hash e85e88e3c5147dc3710c5f8213be4449a8be2b937c573539332db3d72cc80b8a Request headers accept-language nl-NL,nl;q=0.9 Referer https://claim.ourcoincash.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Sat, 06 May 2023 04:07:59 GMT content-encoding gzip server nginx access-control-allow-methods GET, OPTIONS content-type text/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
GET H2	200	inpage.js Show response appsha-pnd.ctengine.io/static/	13 KB 3 KB	105ms 35ms	XHR text/javascript	2a0d:da00:a:401c:: LAYERSHIFT
General Check archive.org Show headers Download Go to Full URL https://appsha-pnd.ctengine.io/static/inpage.js?v=1683225136877 Requested by Host: appsha-pnd.ctengine.io URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=zBkzEwe6Xx Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB), Reverse DNS Software nginx / Resource Hash f3981e1ca4ca62702b29f47cd5bee89b912f138526ab26ca14d4ff7adbc3bee7 Request headers accept-language nl-NL,nl;q=0.9 Referer https://claim.ourcoincash.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Sat, 06 May 2023 04:07:59 GMT content-encoding gzip server nginx access-control-allow-methods GET, OPTIONS content-type text/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
GET H2	200	popunder.js Show response appsha-pnd.ctengine.io/static/	697 B 1 KB	104ms 34ms	XHR text/javascript	2a0d:da00:a:401c:: LAYERSHIFT
General Check archive.org Show headers Download Go to Full URL https://appsha-pnd.ctengine.io/static/popunder.js?v=1683225136877 Requested by Host: appsha-pnd.ctengine.io URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=zBkzEwe6Xx Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB), Reverse DNS Software nginx / Resource Hash 87306b8d67ce995cb0676a6b4ad86f7bd0a541a28f076d85261df8e6d760fa20 Request headers accept-language nl-NL,nl;q=0.9 Referer https://claim.ourcoincash.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Sat, 06 May 2023 04:07:59 GMT server nginx access-control-allow-methods GET, OPTIONS content-type text/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range accept-ranges bytes access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range content-length 697
GET DATA	200 OK	truncated / Frame F1EE	7 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	/ Show response bedrapiona.com/5/5361513/	0 481 B	94ms 26ms	XHR text/plain	139.45.197.234 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://bedrapiona.com/5/5361513/?oo=1&js_build=iclick-v1.535 Requested by Host: inklinkor.com URL: https://inklinkor.com/tag.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.234 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://claim.ourcoincash.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers pragma no-cache, no-cache date Sat, 06 May 2023 04:07:59 GMT server nginx access-control-max-age 86400 access-control-allow-methods GET, POST, OPTIONS content-type text/plain; charset=utf-8 access-control-allow-origin https://claim.ourcoincash.xyz cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace content-length 0 expires Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
OPTIONS H2	204	tmp apps-pnd.ctengine.io/ Frame	0 0	122ms 34ms	Preflight	2a0d:da00:a:4018:: LAYERSHIFT
General Check archive.org Show headers Download Go to Full URL https://apps-pnd.ctengine.io/tmp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a0d:da00:a:4018:: , United Kingdom, ASN205072 (LAYERSHIFT, GB), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://claim.ourcoincash.xyz Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://claim.ourcoincash.xyz access-control-expose-headers Content-Length,Content-Range access-control-max-age 1728000 date Sat, 06 May 2023 04:07:59 GMT server nginx
POST H2	200	tmp Show response apps-pnd.ctengine.io/	176 B 633 B	177ms 107ms	XHR text/javascript	2a0d:da00:a:4018:: LAYERSHIFT
General Check archive.org Show headers Download Go to Full URL https://apps-pnd.ctengine.io/tmp Requested by Host: appsha-pnd.ctengine.io URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=zBkzEwe6Xx Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a0d:da00:a:4018:: , United Kingdom, ASN205072 (LAYERSHIFT, GB), Reverse DNS Software nginx / Resource Hash df8354189211ae66bc672d7916b27d7ee0c1860b20d3fe99bd1e48a3d2763a76 Request headers Referer https://claim.ourcoincash.xyz/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Content-Type application/json Response headers pragma no-cache date Sat, 06 May 2023 04:07:59 GMT server nginx access-control-allow-methods GET, POST, OPTIONS content-type text/javascript;charset=UTF-8 access-control-allow-origin https://claim.ourcoincash.xyz access-control-expose-headers Content-Length,Content-Range cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range expires 0
GET H/1.1	200 OK	cimp.php Show response syndication.exdynsrv.com/	0 551 B	28ms 28ms	XHR text/html	95.211.229.248 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://syndication.exdynsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA3VPQU7DQAz8Ch/oauxdO7s994i4IB6QbBMaCVqJgtSieTybBHFDI8sey2OPFRp3sB38Adij21thlKBIQUyDRuHT44FJWN/6+T1cvj7qZT7X/noKt/s3pUQVZectOUsuEjNTcYeDJsLo4qnJs2Q3d2cClWiIlgs0LyUCAGEHvjwf1pAGZQRuauBmggJlagS3ReSTFME4mJeIcdLc18nLoOmoZtUXFf5xjQ1BPOt66LdB7VL0krmTjXTtIZ4u18/5/Eq23jrVX+/nSv6pNti6p/lLablNlGMPG2Iah0HMcjdG8zz2XuAW6/gD3hV3G3sBAAA= Requested by Host: a.exdynsrv.com URL: https://a.exdynsrv.com/ad-provider.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.211.229.248 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS ds03.evo.0x3e.net Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://claim.ourcoincash.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers Date Sat, 06 May 2023 04:07:59 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin https://claim.ourcoincash.xyz Access-Control-Allow-Credentials true Connection keep-alive X-Robots-Tag noindex, follow
GET H2	200	5dd3cd2543577 Show response neverstoprotation.com/iframe/ Frame 753C	884 B 1 KB	211ms 138ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://neverstoprotation.com/iframe/5dd3cd2543577?iframe&ag_custom_domain=claim.ourcoincash.xyz Requested by Host: a.exdynsrv.com URL: https://a.exdynsrv.com/ad-provider.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef36bb33df0452fd033827f33d73ea315bf554036cdabbc6ac9915b778c996ed Request headers Referer https://claim.ourcoincash.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7c2e5c047ed7b969-AMS content-encoding br content-type text/html date Sat, 06 May 2023 04:07:59 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wCagJG6cOBY%2Fbeburr6qvQq%2BQg2o6R%2FT1Ejv7FXfrq9o2vT%2FYsYeemWG2u%2BW8KjpMea2eT3uXNYcyYJDH%2Busk8vk%2F9eMAVrWgPgRrqY9gMKS230QQpjv9%2Fb865bSEgbuHnV2bBSX49avFfEp8S5svO%2FtrZs%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	3880d38253d0fdf5bcea7935f3af390a.png smartpicrotation.com/bnr/4/388/0d3825/ Frame 753C	150 KB 151 KB	103ms 32ms	Image image/png	2606:4700:3031::ac43:dee6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://smartpicrotation.com/bnr/4/388/0d3825/3880d38253d0fdf5bcea7935f3af390a.png Requested by Host: neverstoprotation.com URL: https://neverstoprotation.com/iframe/5dd3cd2543577?iframe&ag_custom_domain=claim.ourcoincash.xyz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:dee6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9336fe6f72980c6e5a5717fdaa5803ba6ae7e52f47332f34e6bb5e01d20e9246 Request headers accept-language nl-NL,nl;q=0.9 Referer https://neverstoprotation.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Sat, 06 May 2023 04:07:59 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 39023 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 153981 last-modified Tue, 21 Jun 2022 14:15:48 GMT server cloudflare etag "62b1d294-2597d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0kL8l13U9%2FYxpf03wlN0mwHOi%2Fzvtu4l%2FZmxIQ22Yi3reJYhy0U5x2jjJRGu4AIAOmVCBjne4Xh6FkqJaCZFUyAIhBIi%2F7YagfqZFEz6jEkZjCt8DGQsCdhSyR8WOVXd5CV7MuvDKES7pxfJ8qT71NhUwQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=86400 accept-ranges bytes cf-ray 7c2e5c05c93b0e88-AMS expires Sat, 06 May 2023 17:17:36 GMT
GET H/1.1	404 Not Found	tag.php a.exoclick.com/ Frame 753C	0 0	117ms 28ms	Image text/html	2001:4de0:ac19::1:b:3a STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://a.exoclick.com/tag.php?goal=eea564a66f809bfecfdddb23eba6c846 Requested by Host: neverstoprotation.com URL: https://neverstoprotation.com/iframe/5dd3cd2543577?iframe&ag_custom_domain=claim.ourcoincash.xyz Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://neverstoprotation.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless string| ad_idzone boolean| ad_popup_fallback boolean| ad_popup_force boolean| ad_chrome_enabled boolean| ad_new_tab number| ad_frequency_period number| ad_frequency_count number| ad_trigger_method boolean| ad_t_venor function| D$ipy$ function| C_jGH function| q0z5r number| r5D3vP function| L1nimZ function| z6Ezi function| C0LRV number| A7hnWv string| fe016a0 function| N5mm object| exoJsPop101 string| ad_sub string| ad_sub2 string| ad_sub3 string| ad_cat string| ad_trigger_class string| ad_tags string| ad_el boolean| ad_cookieconsent object| customTargeting object| AdProvider function| $ function| jQuery object| bootstrap object| ExoLoader object| ExoSupport object| resolver object| streaming object| VastSupport function| instantiateViewability function| ExoAdsRefresh object| ctzBkzEwe6Xx object| zfgstorage object| 1we36rsqkgp object| zfgformats function| onClickTrigger boolean| zfgloadedpopup

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			claim.ourcoincash.xyz/	1970-01-20 11:35:53	Name: csrf_cookie_name Value: 5158eb455dee527be01fccf49ffcfcb0
			claim.ourcoincash.xyz/	1970-01-20 11:35:53	Name: ci_session Value: 8cfa2884b9d6f6752dcf61f50963d14fdc8a2d6b
			.exdynsrv.com/	1970-01-20 21:11:46	Name: __uvt Value: a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226455d29f20f481.045820044229732469%22%3B%7D
			.exdynsrv.com/	1970-01-20 21:11:46	Name: __upt Value: %7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22511.0199%22%7D
			.neverstoprotation.com/	1970-01-20 11:37:12	Name: showed_15260_95810 Value: [2496299]
			.neverstoprotation.com/	1970-01-20 11:37:12	Name: c_2e8a82be8bd037e4b4f479116434328f Value: 1
			.neverstoprotation.com/	1970-01-20 11:37:12	Name: z_9c79ae5ef090e871f07695e23d67d72c Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://a.exdynsrv.com/ad-provider.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://a.exoclick.com/tag.php?goal=eea564a66f809bfecfdddb23eba6c846 Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.exdynsrv.com
a.exoclick.com
ad.a-ads.com
apps-pnd.ctengine.io
appsha-pnd.ctengine.io
bedrapiona.com
claim.ourcoincash.xyz
fonts.googleapis.com
fonts.gstatic.com
inklinkor.com
neverstoprotation.com
oaphoace.net
smartpicrotation.com
static.a-ads.com
syndication.exdynsrv.com
139.45.197.234
139.45.197.239
144.76.38.164
2001:4de0:ac19::1:b:1b
2001:4de0:ac19::1:b:3a
2606:4700:3031::ac43:dee6
2606:4700:3037::6815:5b3f
2a00:1450:4001:802::2003
2a00:1450:4001:82f::200a
2a06:98c1:3120::3
2a06:98c1:3121::3
2a0d:da00:a:4018::
2a0d:da00:a:401c::
95.211.229.248
0832dfb004cac2772613a5a72a537060557ff5d21857b0d6ece8cc6e8c824157
12fd1e9db6286283729eb4db9ac13a08b683646dfaf54a01be19bea92a7f76e8
1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349
3dbd135d6f876957fb80b8871b4084bfe81e449c8387bbdaf07b8b2451732787
48266ba243dc1b74c20cfae7f8e1f83c2b2fabbcc0d95a87d8f15152b29a5c99
68123309f71657db35cb8221cbd7b58896bc59e82f3e2aefc959641b22bd6497
7cfd809db3fa1163d425f11106f455ac009fe88fb856e7580ad941f967aa026c
87306b8d67ce995cb0676a6b4ad86f7bd0a541a28f076d85261df8e6d760fa20
9336fe6f72980c6e5a5717fdaa5803ba6ae7e52f47332f34e6bb5e01d20e9246
94630b6037cbc3f251fbaec48bc37d4c426f743722c0ff1056d81c2194323d23
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
a3ab30ac5f5ce7744d25bbe85d0e2b04786d61909c142542d1d5bea20470c976
b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b
c7922e16366a7c9eba5b931093c7677d607666b6fdbef67d9f1f5250836cbad0
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
df8354189211ae66bc672d7916b27d7ee0c1860b20d3fe99bd1e48a3d2763a76
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e85e88e3c5147dc3710c5f8213be4449a8be2b937c573539332db3d72cc80b8a
ee9a8810feb2906d0473961b57de2096cb6ff7d3efc111522d654018bec96470
ef36bb33df0452fd033827f33d73ea315bf554036cdabbc6ac9915b778c996ed
efd15ebba9106e78e5786de7ee546178b97d963a2fc21ea0a65c04fb75fb2b9a
f2e8e0e40ecf4ae40484258a63f79356229e5e6b2a901f469a506115c112bfc8
f3981e1ca4ca62702b29f47cd5bee89b912f138526ab26ca14d4ff7adbc3bee7
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e