URL: https://www.ptc1.ptcclick.online/
Submission: On December 28 via api from US — Scanned from US

Summary

This website contacted 30 IPs in 6 countries across 33 domains to perform 118 HTTP transactions. The main IP is 2800:6c0:2::198, located in Buenos Aires, Argentina and belongs to Dattatec.com, AR. The main domain is www.ptc1.ptcclick.online.
TLS certificate: Issued by R3 on November 11th 2023. Valid for: 3 months.
This is the only time www.ptc1.ptcclick.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 2800:6c0:2::198 27823 (Dattatec.com)
1 2606:4700:303... 13335 (CLOUDFLAR...)
4 2a00:f820:425::3 34549 (MEER-AS m...)
1 104.194.8.143 23470 (RELIABLESITE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
4 162.0.235.250 22612 (NAMECHEAP...)
10 2a02:6ea0:e20... 60068 (CDN77 ^_^)
3 83.147.204.12 202492 (SGHL1-AS)
2 2607:f8b0:400... 15169 (GOOGLE)
17 139.45.197.242 9002 (RETN-AS)
6 2607:f8b0:400... 15169 (GOOGLE)
1 172.66.41.37 13335 (CLOUDFLAR...)
4 68.169.106.41 30602 (ISPRIME)
2 139.45.195.8 9002 (RETN-AS)
12 139.45.197.250 9002 (RETN-AS)
1 172.67.133.154 13335 (CLOUDFLAR...)
1 178.253.46.82 202492 (SGHL1-AS)
2 8 2a02:6b8::1:119 13238 (YANDEX)
2 2606:4700:303... 13335 (CLOUDFLAR...)
4 2607:f8b0:400... 15169 (GOOGLE)
4 67.223.118.72 22612 (NAMECHEAP...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 139.45.195.254 9002 (RETN-AS)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
5 139.45.197.151 9002 (RETN-AS)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
118 30
Apex Domain
Subdomains
Transfer
13 ptcclick.online
www.ptc1.ptcclick.online
183 KB
12 ibrapush.com
ibrapush.com — Cisco Umbrella Rank: 221871
60 KB
12 magsrv.com
a.magsrv.com — Cisco Umbrella Rank: 15960
s.magsrv.com — Cisco Umbrella Rank: 15305
78 KB
6 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 8902
5 KB
6 gishejuy.com
gishejuy.com — Cisco Umbrella Rank: 87638
35 KB
6 gstatic.com
fonts.gstatic.com
99 KB
5 interstitial-08.com
interstitial-08.com — Cisco Umbrella Rank: 233690
158 KB
5 cameesse.net
cameesse.net — Cisco Umbrella Rank: 53288
148 KB
4 littlecdn.com
littlecdn.com — Cisco Umbrella Rank: 17736
35 KB
4 rapid-faucet.site
rapid-faucet.site
124 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
294 KB
4 bygliscortor.com
bygliscortor.com
37 KB
4 ayelads.com
ayelads.com
3 KB
4 revolvermaps.com
rf.revolvermaps.com — Cisco Umbrella Rank: 133808
10 KB
3 offerimage.com
offerimage.com — Cisco Umbrella Rank: 36192
49 KB
3 refbanners.com
refbanners.com — Cisco Umbrella Rank: 812280
3 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
41 KB
2 exoclick.com
a.exoclick.com — Cisco Umbrella Rank: 75871
2 neverstoprotation.com
neverstoprotation.com — Cisco Umbrella Rank: 542008
2 KB
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 4182
141 KB
2 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 12331
1 KB
2 veepteero.com
veepteero.com — Cisco Umbrella Rank: 217017
5 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
2 multiwall-ads.shop
multiwall-ads.shop — Cisco Umbrella Rank: 765279
2 KB
1 fleraprt.com
fleraprt.com — Cisco Umbrella Rank: 22840
494 B
1 smartpicrotation.com
smartpicrotation.com — Cisco Umbrella Rank: 293519
77 KB
1 onegamepics.com
onegamepics.com — Cisco Umbrella Rank: 301679
96 KB
1 tzegilo.com
tzegilo.com — Cisco Umbrella Rank: 24468
8 KB
1 refpa4293501.top
refpa4293501.top
310 KB
1 wxhiojortldjyegtkx.bid
wxhiojortldjyegtkx.bid — Cisco Umbrella Rank: 789794
505 B
1 adcdnx.com
cdn1.adcdnx.com — Cisco Umbrella Rank: 975047
34 KB
1 ibb.co
i.ibb.co — Cisco Umbrella Rank: 12045
22 KB
1 alwingulla.com
alwingulla.com — Cisco Umbrella Rank: 223467
23 KB
118 33
Domain Requested by
13 www.ptc1.ptcclick.online www.ptc1.ptcclick.online
12 ibrapush.com alwingulla.com
ibrapush.com
www.ptc1.ptcclick.online
8 a.magsrv.com www.ptc1.ptcclick.online
a.magsrv.com
6 mc.yandex.com 2 redirects multiwall-ads.shop
mc.yandex.ru
6 gishejuy.com alwingulla.com
gishejuy.com
6 fonts.gstatic.com fonts.googleapis.com
5 interstitial-08.com cameesse.net
interstitial-08.com
5 cameesse.net alwingulla.com
cameesse.net
4 littlecdn.com interstitial-08.com
4 rapid-faucet.site ayelads.com
rapid-faucet.site
4 www.googletagmanager.com ayelads.com
www.googletagmanager.com
4 bygliscortor.com alwingulla.com
bygliscortor.com
4 s.magsrv.com a.magsrv.com
4 ayelads.com www.ptc1.ptcclick.online
ayelads.com
4 rf.revolvermaps.com www.ptc1.ptcclick.online
rf.revolvermaps.com
3 offerimage.com www.ptc1.ptcclick.online
3 refbanners.com www.ptc1.ptcclick.online
refbanners.com
2 www.google-analytics.com www.googletagmanager.com
2 a.exoclick.com neverstoprotation.com
2 neverstoprotation.com a.magsrv.com
2 mc.yandex.ru multiwall-ads.shop
2 my.rtmark.net alwingulla.com
www.ptc1.ptcclick.online
2 veepteero.com alwingulla.com
2 fonts.googleapis.com www.ptc1.ptcclick.online
bygliscortor.com
2 multiwall-ads.shop www.ptc1.ptcclick.online
1 fleraprt.com tzegilo.com
1 smartpicrotation.com neverstoprotation.com
1 onegamepics.com neverstoprotation.com
1 tzegilo.com bygliscortor.com
1 refpa4293501.top refbanners.com
1 wxhiojortldjyegtkx.bid cdn1.adcdnx.com
1 cdn1.adcdnx.com www.ptc1.ptcclick.online
1 i.ibb.co www.ptc1.ptcclick.online
1 alwingulla.com www.ptc1.ptcclick.online
118 34

This site contains links to these domains. Also see Links.

Domain
tvonlinegr.mex.tl
Subject Issuer Validity Valid
*.ptcclick.online
R3
2023-11-11 -
2024-02-09
3 months crt.sh
alwingulla.com
GTS CA 1P5
2023-11-15 -
2024-02-13
3 months crt.sh
*.revolvermaps.com
R3
2023-11-24 -
2024-02-22
3 months crt.sh
ibb.co
R3
2023-12-09 -
2024-03-08
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-02-10 -
2024-02-10
a year crt.sh
ayelads.com
Sectigo RSA Domain Validation Secure Server CA
2023-12-12 -
2024-12-23
a year crt.sh
magsrv.com
R3
2023-12-18 -
2024-03-17
3 months crt.sh
refbanners.com
R3
2023-12-18 -
2024-03-17
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
veepteero.com
R3
2023-10-15 -
2024-01-13
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
rtmark.net
R3
2023-10-07 -
2024-01-05
3 months crt.sh
ibrapush.com
R3
2023-11-10 -
2024-02-08
3 months crt.sh
bygliscortor.com
R3
2023-11-30 -
2024-02-28
3 months crt.sh
gishejuy.com
R3
2023-10-25 -
2024-01-23
3 months crt.sh
cameesse.net
R3
2023-10-18 -
2024-01-16
3 months crt.sh
wxhiojortldjyegtkx.bid
E1
2023-11-09 -
2024-02-07
3 months crt.sh
refpa4293501.top
R3
2023-11-07 -
2024-02-05
3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018
2023-12-26 -
2024-06-05
5 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
rapid-faucet.site
Sectigo RSA Domain Validation Secure Server CA
2023-07-31 -
2024-07-31
a year crt.sh
tzegilo.com
GTS CA 1P5
2023-12-03 -
2024-03-02
3 months crt.sh
onegamepics.com
GTS CA 1P5
2023-11-16 -
2024-02-14
3 months crt.sh
exoclick.com
R3
2023-12-18 -
2024-03-17
3 months crt.sh
fleraprt.com
Sectigo RSA Domain Validation Secure Server CA
2023-01-09 -
2024-01-14
a year crt.sh
interstitial-08.com
R3
2023-10-13 -
2024-01-11
3 months crt.sh

This page contains 16 frames:

Primary Page: https://www.ptc1.ptcclick.online/
Frame ID: 3FDCC1F3B558430905EFF4C08005C797
Requests: 52 HTTP requests in this frame

Frame: https://multiwall-ads.shop/vbanner.php?mwbanner=420&size=300
Frame ID: 8C9FB01245F910B85F37EBA67155FE42
Requests: 4 HTTP requests in this frame

Frame: https://ayelads.com/display/items.php?ad=3bhkt8g&s=0&h=300x250
Frame ID: 15F8BC5F27B5633F95C1BF8AA696D48B
Requests: 5 HTTP requests in this frame

Frame: https://a.magsrv.com/iframe.php?idzone=5132206&size=300x250
Frame ID: E89EF9049808B8B46F3145487B314F33
Requests: 6 HTTP requests in this frame

Frame: https://multiwall-ads.shop/vbanner.php?mwbanner=420&size=468
Frame ID: 1C6DD282350C7675438D2ECEFC39391D
Requests: 4 HTTP requests in this frame

Frame: https://ayelads.com/display/items.php?ad=3bhK8Me&s=0&h=468x60
Frame ID: 066D2665E7EEE5788104201602413ECD
Requests: 5 HTTP requests in this frame

Frame: https://a.magsrv.com/iframe.php?idzone=5132206&size=300x250
Frame ID: 787C982C0D87757AC38D5B8B6A558F86
Requests: 6 HTTP requests in this frame

Frame: https://refbanners.com/I?tag=d_2912617m_10423c_&site=2912617&ad=10423
Frame ID: 27B5F900E5173958E8531E607F58D56B
Requests: 4 HTTP requests in this frame

Frame: https://rf.revolvermaps.com/w/1/a/a2.php?i=58sv7glswaw&s=220&m=0&v=true&r=false&b=000000&n=false&c=ff0000
Frame ID: DC8E17D6685A85C928716B4BD1BB2112
Requests: 1 HTTP requests in this frame

Frame: https://neverstoprotation.com/iframe/5dd3cd2543577?iframe&ag_custom_domain=ptc1.ptcclick.online
Frame ID: D34D484C25B6DC6C1BE852F9EA5695D5
Requests: 3 HTTP requests in this frame

Frame: https://neverstoprotation.com/iframe/5dd3cd2543577?iframe&ag_custom_domain=ptc1.ptcclick.online
Frame ID: 22EAB42666C980F320384BB0BCDDAF72
Requests: 3 HTTP requests in this frame

Frame: https://rapid-faucet.site/index1.php?tag=3bhkt8g&size=300x250
Frame ID: 17DE469CD557C54E90277C89D2AE4491
Requests: 2 HTTP requests in this frame

Frame: https://rapid-faucet.site/index1.php?tag=3bhK8Me&size=468x60
Frame ID: 488D493135B78279055DDAB8011713A8
Requests: 2 HTTP requests in this frame

Frame: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D1810638112%26z%3D6800148%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D1IH6RUg7yxcu8sHU_zdVz-8-lN6THmC0NzsUS67zY2JNldvHrSrxqEhKz1Ie7OfQb6UEBbLbNJiSV793Tm7nyX0lCR7K2ZzlM9_7VaaTNz5k7tx3DaiF9Hk1TYUdnE8o3rcdPx0NeID4B-Fw4bfiFdmgRUwfmuVykBahcplDRJ9T1tWqR2OQSwjYcFfZ21-D3Qy28bTyI60khLE49LYbWFacnrg_KvL0RdexjjIRLDxuAH3p0r5Rv7AZE5KdvDgo7uYWW5V3sywnUOmY6hmgu7YTLL3dll-vdMx_x4hm1VIQWuAKCms9DMxyyvW_4n-u%26bag%3DydU9kaAfa6I%3D%26ruid%3Df431203a-a9c2-4ea8-b555-4f4af0a9c492%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fwww.ptc1.ptcclick.online%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D8%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Frame ID: C6C66B29EDB9C17FBA65BE84F82A02B6
Requests: 9 HTTP requests in this frame

Frame: data://truncated
Frame ID: D8971DEE2BDA89B033B4176425E80AA2
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
Frame ID: 8D23C456369F6D5F0E55DECF7178D742
Requests: 4 HTTP requests in this frame

Screenshot

Page Title

Decent Paying Faucet | MyLittleFaucet

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.revolvermaps\.com

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

118
Requests

87 %
HTTPS

55 %
IPv6

33
Domains

34
Subdomains

30
IPs

6
Countries

2082 kB
Transfer

4083 kB
Size

27
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85
  • https://mc.yandex.com/watch/94345894?wmode=7&page-url=https%3A%2F%2Fmultiwall-ads.shop%2Fvbanner.php%3Fmwbanner%3D420%26size%3D468&page-ref=https%3A%2F%2Fwww.ptc1.ptcclick.online%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A972037860618%3Ahid%3A934849979%3Az%3A-600%3Ai%3A20231228062814%3Aet%3A1703780895%3Ac%3A1%3Arn%3A820695529%3Arqn%3A1%3Au%3A1703780895955864220%3Aw%3A468x60%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C737%2C1%2C1%2C0%2C%2C9%2C0%2C%2C%2C%2C821%3Aco%3A0%3Acpf%3A1%3Ans%3A1703780892809%3Arqnl%3A1%3Ast%3A1703780895%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
  • https://mc.yandex.com/watch/94345894/1?wmode=7&page-url=https%3A%2F%2Fmultiwall-ads.shop%2Fvbanner.php%3Fmwbanner%3D420%26size%3D468&page-ref=https%3A%2F%2Fwww.ptc1.ptcclick.online%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A972037860618%3Ahid%3A934849979%3Az%3A-600%3Ai%3A20231228062814%3Aet%3A1703780895%3Ac%3A1%3Arn%3A820695529%3Arqn%3A1%3Au%3A1703780895955864220%3Aw%3A468x60%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C737%2C1%2C1%2C0%2C%2C9%2C0%2C%2C%2C%2C821%3Aco%3A0%3Acpf%3A1%3Ans%3A1703780892809%3Arqnl%3A1%3Ast%3A1703780895%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29&redirnss=1
Request Chain 91
  • https://mc.yandex.com/watch/94345894?wmode=7&page-url=https%3A%2F%2Fmultiwall-ads.shop%2Fvbanner.php%3Fmwbanner%3D420%26size%3D300&page-ref=https%3A%2F%2Fwww.ptc1.ptcclick.online%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A972037860618%3Ahid%3A570934941%3Az%3A-600%3Ai%3A20231228062814%3Aet%3A1703780895%3Ac%3A1%3Arn%3A97024529%3Arqn%3A2%3Au%3A1703780895955864220%3Aw%3A300x250%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C61%2C696%2C1%2C1%2C0%2C%2C9%2C0%2C%2C%2C%2C784%3Aco%3A0%3Acpf%3A1%3Ans%3A1703780892804%3Arqnl%3A1%3Ast%3A1703780895%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
  • https://mc.yandex.com/watch/94345894/1?wmode=7&page-url=https%3A%2F%2Fmultiwall-ads.shop%2Fvbanner.php%3Fmwbanner%3D420%26size%3D300&page-ref=https%3A%2F%2Fwww.ptc1.ptcclick.online%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A972037860618%3Ahid%3A570934941%3Az%3A-600%3Ai%3A20231228062814%3Aet%3A1703780895%3Ac%3A1%3Arn%3A97024529%3Arqn%3A2%3Au%3A1703780895955864220%3Aw%3A300x250%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C61%2C696%2C1%2C1%2C0%2C%2C9%2C0%2C%2C%2C%2C784%3Aco%3A0%3Acpf%3A1%3Ans%3A1703780892804%3Arqnl%3A1%3Ast%3A1703780895%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29&redirnss=1

118 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.ptc1.ptcclick.online/
24 KB
11 KB
Document
General
Full URL
https://www.ptc1.ptcclick.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2800:6c0:2::198 Buenos Aires, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
Software
Apache / PHP/7.4.25
Resource Hash
2fe8ab643970245fe14f891fcfd60819c7f669afe4692a0844d40a8a8a35e4ef

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 28 Dec 2023 16:28:12 GMT
server
Apache
vary
Accept-Encoding
x-powered-by
PHP/7.4.25
font-awesome.min.css
www.ptc1.ptcclick.online/WolvenCore/font-awesome/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://www.ptc1.ptcclick.online/WolvenCore/font-awesome/css/font-awesome.min.css
Requested by
Host: www.ptc1.ptcclick.online
URL: https://www.ptc1.ptcclick.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2800:6c0:2::198 Buenos Aires, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
Software
Apache /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ptc1.ptcclick.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:12 GMT
content-encoding
gzip
last-modified
Sun, 12 Nov 2023 01:46:09 GMT
server
Apache
etag
"7918-609eab7ba874d-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
7053
bootstrap.min.css
www.ptc1.ptcclick.online/WolvenCore/bootstrap/css/
118 KB
19 KB
Stylesheet
General
Full URL
https://www.ptc1.ptcclick.online/WolvenCore/bootstrap/css/bootstrap.min.css
Requested by
Host: www.ptc1.ptcclick.online
URL: https://www.ptc1.ptcclick.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2800:6c0:2::198 Buenos Aires, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
Software
Apache /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ptc1.ptcclick.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:12 GMT
content-encoding
gzip
last-modified
Sun, 12 Nov 2023 01:46:09 GMT
server
Apache
etag
"1d970-609eab7b2da82-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
19744
evelyn-style.css
www.ptc1.ptcclick.online/WolvenCore/css/
10 KB
2 KB
Stylesheet
General
Full URL
https://www.ptc1.ptcclick.online/WolvenCore/css/evelyn-style.css
Requested by
Host: www.ptc1.ptcclick.online
URL: https://www.ptc1.ptcclick.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2800:6c0:2::198 Buenos Aires, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
Software
Apache /
Resource Hash
9f66fb30c2b34e4e0362c14489bb771ceca847feb4b3b6b4f06250a3ee37a1ce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ptc1.ptcclick.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:12 GMT
content-encoding
gzip
last-modified
Sun, 12 Nov 2023 01:46:07 GMT
server
Apache
etag
"267a-609eab79cf918-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
2297
evelyn-lightgreen.css
www.ptc1.ptcclick.online/WolvenCore/css/
2 KB
625 B
Stylesheet
General
Full URL
https://www.ptc1.ptcclick.online/WolvenCore/css/evelyn-lightgreen.css?time=1703780892
Requested by
Host: www.ptc1.ptcclick.online
URL: https://www.ptc1.ptcclick.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2800:6c0:2::198 Buenos Aires, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
Software
Apache /
Resource Hash
9cae4abe29ec83f79704ea488259f13d3e8ad63c15f73fa6364d2ec748977a1f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ptc1.ptcclick.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:12 GMT
content-encoding
gzip
last-modified
Sun, 12 Nov 2023 01:46:07 GMT
server
Apache
etag
"743-609eab79c3d99-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
536
responsive.css
www.ptc1.ptcclick.online/WolvenCore/css/
1 KB
521 B
Stylesheet
General
Full URL
https://www.ptc1.ptcclick.online/WolvenCore/css/responsive.css
Requested by
Host: www.ptc1.ptcclick.online
URL: https://www.ptc1.ptcclick.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2800:6c0:2::198 Buenos Aires, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
Software
Apache /
Resource Hash
10641bed24fdc3f9e665d5f09bbcd29e744d3aab06fe827e29c3bd24afb452bb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ptc1.ptcclick.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:12 GMT
content-encoding
gzip
last-modified
Sun, 12 Nov 2023 01:46:07 GMT
server
Apache
etag
"48f-609eab79d3797-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
467
custom.css
www.ptc1.ptcclick.online/WolvenCore/css/
894 B
451 B
Stylesheet
General
Full URL
https://www.ptc1.ptcclick.online/WolvenCore/css/custom.css?time=1703780892
Requested by
Host: www.ptc1.ptcclick.online
URL: https://www.ptc1.ptcclick.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2800:6c0:2::198 Buenos Aires, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
Software
Apache /
Resource Hash
6196e668759d9c88bf58dbabd03ab4ec2845ccc8ba7bb7bab0f4fd36f21e9e4e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ptc1.ptcclick.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:12 GMT
content-encoding
gzip
last-modified
Sun, 12 Nov 2023 01:46:07 GMT
server
Apache
etag
"37e-609eab79c5509-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
397
hover-min.css
www.ptc1.ptcclick.online/WolvenCore/hover-css/css/
96 KB
7 KB
Stylesheet
General
Full URL
https://www.ptc1.ptcclick.online/WolvenCore/hover-css/css/hover-min.css
Requested by
Host: www.ptc1.ptcclick.online
URL: https://www.ptc1.ptcclick.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2800:6c0:2::198 Buenos Aires, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
Software
Apache /
Resource Hash
fde07d05192895f32d2e15b13f1b6bc4def8bcdc257333f08a96c95c4d96b5a3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ptc1.ptcclick.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:12 GMT
content-encoding
gzip
last-modified
Sun, 12 Nov 2023 01:46:10 GMT
server
Apache
etag
"17f50-609eab7c1c2d0-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
7129
tag.min.js
alwingulla.com/88/
71 KB
23 KB
Script
General
Full URL
https://alwingulla.com/88/tag.min.js
Requested by
Host: www.ptc1.ptcclick.online
URL: https://www.ptc1.ptcclick.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:489b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0ee732bd0c9d2b6f2289a86917af884965c136f437e449d20fec38f75c5f739

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ptc1.ptcclick.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
29124
alt-svc
h3=":443"; ma=86400
x-trace-id
9f50427be80afaf3522a71d7414ccced
pragma
no-cache
last-modified
Sun, 24 Dec 2023 21:43:45 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lSgxv6FODY2BbODiuOxTovI2Ftgab8KFIlg%2B1tAZLkzQmhaSlZxWkBixG61zFna1Xp9quGA3p48981Px1Hxj0Af9GNXRWSkbH5lXO4zfgXy3gUaKrwOkeOxjtJL4HetlA0En4nt0CKwbXuYNiw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400
access-control-allow-credentials
true
vary
Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
83cb2cd49c43335e-MIA
expires
Fri, 29 Dec 2023 08:22:48 GMT
1.js
rf.revolvermaps.com/0/0/
3 KB
2 KB
Script
General
Full URL
https://rf.revolvermaps.com/0/0/1.js?i=58sv7glswaw&s=220&m=0&v=true&r=false&b=000000&n=false&c=ff0000
Requested by
Host: www.ptc1.ptcclick.online
URL: https://www.ptc1.ptcclick.online/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
9400c75dca241ca52b09f0de7d749e3aa2c583cf8d1f3933e00eacb46c5b1a30

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ptc1.ptcclick.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 28 Dec 2023 16:28:13 GMT
Content-Encoding
gzip
Last-Modified
Tue, 27 Jun 2017 13:38:02 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=4, max=100
Content-Length
1310
123839ada9f9.gif
i.ibb.co/Y0syVT7/
21 KB
22 KB
Image
General
Full URL
https://i.ibb.co/Y0syVT7/123839ada9f9.gif
Requested by
Host: www.ptc1.ptcclick.online
URL: https://www.ptc1.ptcclick.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.194.8.143 Los Angeles, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
nginx /
Resource Hash
a3e677b61ab338cf0df1a1b2f29834ca83d26f53e0eaa6395cc80154023ebe01

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ptc1.ptcclick.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:12 GMT
last-modified
Sat, 29 Apr 2023 19:39:32 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
21788
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
www.ptc1.ptcclick.online/WolvenCore/js/
84 KB
30 KB
Script
General
Full URL
https://www.ptc1.ptcclick.online/WolvenCore/js/jquery.min.js
Requested by
Host: www.ptc1.ptcclick.online
URL: https://www.ptc1.ptcclick.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2800:6c0:2::198 Buenos Aires, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
Software
Apache /
Resource Hash
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ptc1.ptcclick.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:12 GMT
content-encoding
gzip
last-modified
Sun, 12 Nov 2023 01:46:08 GMT
server
Apache
etag
"1514f-609eab7a4dc92-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
30029
bootstrap.min.js
www.ptc1.ptcclick.online/WolvenCore/bootstrap/js/
36 KB
10 KB
Script
General
Full URL
https://www.ptc1.ptcclick.online/WolvenCore/bootstrap/js/bootstrap.min.js
Requested by
Host: www.ptc1.ptcclick.online
URL: https://www.ptc1.ptcclick.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2800:6c0:2::198 Buenos Aires, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
Software
Apache /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ptc1.ptcclick.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:13 GMT
content-encoding
gzip
last-modified
Sun, 12 Nov 2023 01:46:09 GMT
server
Apache
etag
"90b5-609eab7b84919-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
9833
evelyn.js
www.ptc1.ptcclick.online/WolvenCore/js/
812 B
473 B
Script
General
Full URL
https://www.ptc1.ptcclick.online/WolvenCore/js/evelyn.js
Requested by
Host: www.ptc1.ptcclick.online
URL: https://www.ptc1.ptcclick.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2800:6c0:2::198 Buenos Aires, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
Software
Apache /
Resource Hash
1dc825c81eb32e4e6f255dcc45685bdd4de23d5dd417ab43342c0fec6f13e6f5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ptc1.ptcclick.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:13 GMT
content-encoding
gzip
last-modified
Sun, 12 Nov 2023 01:46:08 GMT
server
Apache
etag
"32c-609eab7a4a1fb-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
397
vbanner.php
multiwall-ads.shop/ Frame 8C9F
959 B
893 B
Document
General
Full URL
https://multiwall-ads.shop/vbanner.php?mwbanner=420&size=300
Requested by
Host: www.ptc1.ptcclick.online
URL: https://www.ptc1.ptcclick.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81525a290df70202cdcac1f9c5b0e18b45e376f6d6e2a41b6262208b9a45c827

Request headers

Referer
https://www.ptc1.ptcclick.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83cb2cd49f5467e6-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 28 Dec 2023 16:28:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qYNFjYAMnLe5rFJjSS3GZfwBOuVmTSo0L%2BiXElZhu3x7LzZR%2BiCHYBE62ABdVFjA%2FACOWpyprKK8xUsoOMDSfhwnLM5%2Fgri45k4QAC30QgCxbZeZSB06n8SPoj8g9cRWG%2FNmoqYpUZvw4zNpoQ9CJJI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
items.php
ayelads.com/display/ Frame 15F8
1 KB
984 B
Document
General
Full URL
https://ayelads.com/display/items.php?ad=3bhkt8g&s=0&h=300x250
Requested by
Host: www.ptc1.ptcclick.online
URL: https://www.ptc1.ptcclick.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.250 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium161-4.web-hosting.com
Software
LiteSpeed / PHP/7.2.34
Resource Hash
1a4736b65834032264fa6fb8766cd7645d81e995bf5236897ff993ba9ad08f77

Request headers

Referer
https://www.ptc1.ptcclick.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-length
670
content-type
text/html; charset=UTF-8
date
Thu, 28 Dec 2023 16:28:13 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.2.34
x-turbo-charged-by
LiteSpeed
iframe.php
a.magsrv.com/ Frame E89E
275 B
710 B
Document
General
Full URL
https://a.magsrv.com/iframe.php?idzone=5132206&size=300x250
Requested by
Host: www.ptc1.ptcclick.online
URL: https://www.ptc1.ptcclick.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:e200::2 Ashburn, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
9e5497583b14e6bc4062d019cb6ca113c277891c4f15e81a834a2c2b6f11542e

Request headers

Referer
https://www.ptc1.ptcclick.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-origin
*
cache-control
max-age=10800
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 28 Dec 2023 16:28:12 GMT
expires
Thu, 28 Dec 2023 19:28:12 GMT
server
CDN77-Turbo
vary
Accept-Encoding
x-77-age
57664
x-77-cache
MISS
x-77-nzt
EggBJRPOBAFBDAGckjvoAbNA4QAA
x-77-nzt-ray
8e305f1ca7ea8cad1ca28d65634c9b39
x-77-pop
ashburnUSVA
x-accel-date
1703723228
x-accel-expires
@1703791692
x-cache-lb
MISS
x-robots-tag
noindex, follow
vbanner.php
multiwall-ads.shop/ Frame 1C6D
959 B
715 B
Document
General
Full URL
https://multiwall-ads.shop/vbanner.php?mwbanner=420&size=468
Requested by
Host: www.ptc1.ptcclick.online
URL: https://www.ptc1.ptcclick.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81525a290df70202cdcac1f9c5b0e18b45e376f6d6e2a41b6262208b9a45c827

Request headers

Referer
https://www.ptc1.ptcclick.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83cb2cd49f5667e6-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 28 Dec 2023 16:28:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fnMzGppmOGbkgr9N0l4yxdQmZzkS0tfuWS6hA8SK07kvye%2FrOrU6pHMe%2FW%2B8Y2A5NXaLKQRkmYckOpxqbbR%2BWqvvhfgWwbrmtZ11QLgydzSijM%2FXCDxTzGjfBmV8NxnNzUBSz5qeTAak96tfSwdqlH4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
items.php
ayelads.com/display/ Frame 066D
1 KB
987 B
Document
General
Full URL
https://ayelads.com/display/items.php?ad=3bhK8Me&s=0&h=468x60
Requested by
Host: www.ptc1.ptcclick.online
URL: https://www.ptc1.ptcclick.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.250 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium161-4.web-hosting.com
Software
LiteSpeed / PHP/7.2.34
Resource Hash
a1fc64aea7de01b302a823c17750d1a1f3798cc2a2d4e28f98bac5a44aa2b9cc

Request headers

Referer
https://www.ptc1.ptcclick.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-length
674
content-type
text/html; charset=UTF-8
date
Thu, 28 Dec 2023 16:28:13 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.2.34
x-turbo-charged-by
LiteSpeed
iframe.php
a.magsrv.com/ Frame 787C
275 B
698 B
Document
General
Full URL
https://a.magsrv.com/iframe.php?idzone=5132206&size=300x250
Requested by
Host: www.ptc1.ptcclick.online
URL: https://www.ptc1.ptcclick.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:e200::2 Ashburn, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
9e5497583b14e6bc4062d019cb6ca113c277891c4f15e81a834a2c2b6f11542e

Request headers

Referer
https://www.ptc1.ptcclick.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-origin
*
cache-control
max-age=10800
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 28 Dec 2023 16:28:12 GMT
expires
Thu, 28 Dec 2023 19:28:12 GMT
server
CDN77-Turbo
vary
Accept-Encoding
x-77-age
0
x-77-cache
HIT
x-77-nzt
EggBJRPOBAFBDAGckjvoAfcAAAAA
x-77-nzt-ray
8e305f1ca7ea8cad1ca28d65a17c9e39
x-77-pop
ashburnUSVA
x-accel-date
1703780892
x-accel-expires
@1703791692
x-cache-lb
MISS
x-robots-tag
noindex, follow
I
refbanners.com/ Frame 27B5
644 B
642 B
Document
General
Full URL
https://refbanners.com/I?tag=d_2912617m_10423c_&site=2912617&ad=10423
Requested by
Host: www.ptc1.ptcclick.online
URL: https://www.ptc1.ptcclick.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
83.147.204.12 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),
Reverse DNS
Software
nginx /
Resource Hash
73c8bec1c5557e5ab1a6bde3fac2538d2e49c30cbe3624a26b1ec6ee56f958ec
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.ptc1.ptcclick.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private
content-encoding
gzip
content-length
418
content-type
text/html; charset=utf-8
date
Thu, 28 Dec 2023 16:28:13 GMT
server
nginx
server-timing
wf-uht;dur=0.015
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-aspnetmvc-version
5.0
css
fonts.googleapis.com/
5 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Paytone+One|Roboto+Slab|Titillium+Web|Questrial
Requested by
Host: www.ptc1.ptcclick.online
URL: https://www.ptc1.ptcclick.online/WolvenCore/css/evelyn-style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a7b578bc15c11b17a3a88061f71f439c299aa092a52be7ac919743ae415b6852
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ptc1.ptcclick.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 28 Dec 2023 16:28:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 28 Dec 2023 16:28:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 28 Dec 2023 16:28:13 GMT
29354
veepteero.com/88/
3 KB
2 KB
Fetch
General
Full URL
https://veepteero.com/88/29354
Requested by
Host: alwingulla.com
URL: https://alwingulla.com/88/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
28721a13f217bde7c789c50b7576e1ba465e3b74564a6e0b65080a57f53dca7b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ptc1.ptcclick.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Thu, 28 Dec 2023 16:28:13 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.ptc1.ptcclick.online
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
build-iframe-js-url.js
a.magsrv.com/ Frame E89E
759 B
1002 B
Script
General
Full URL
https://a.magsrv.com/build-iframe-js-url.js?idzone=5132206
Requested by
Host: a.magsrv.com
URL: https://a.magsrv.com/iframe.php?idzone=5132206&size=300x250
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:e200::2 Ashburn, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
001c773a760e6b4598ba0d7c39b3d34e3a66b148982927b6170b2ebf5df3e9f9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://a.magsrv.com/iframe.php?idzone=5132206&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-pop
ashburnUSVA
date
Thu, 28 Dec 2023 16:28:13 GMT
content-encoding
gzip
x-77-cache
MISS
x-accel-date
1703723236
x-77-nzt
EggBJRPOBAFBDAGckjviAbM54QAA
x-accel-expires
@1703791693
x-77-age
57657
x-cache-lb
MISS
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
server
CDN77-Turbo
etag
W/"84407e05e19cd4e7e34e4684125"
x-77-nzt-ray
8e305f1ca7ea8cad1da28d6580e44e02
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=10800
x-robots-tag
noindex, follow
expires
Thu, 28 Dec 2023 19:28:13 GMT
ad-provider.js
a.magsrv.com/ Frame E89E
121 KB
33 KB
Script
General
Full URL
https://a.magsrv.com/ad-provider.js
Requested by
Host: a.magsrv.com
URL: https://a.magsrv.com/iframe.php?idzone=5132206&size=300x250
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:e200::2 Ashburn, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
435c66905e1d49dede5e9cc5af6ff756f709cced95152bbba018ab1e5eb966b3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://a.magsrv.com/iframe.php?idzone=5132206&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-pop
ashburnUSVA
date
Thu, 28 Dec 2023 16:28:13 GMT
content-encoding
gzip
x-age-lb
8382
x-77-cache
HIT
x-accel-date
1703772511
x-77-nzt
EgwBJRPOBAH3viAAAAwBnJI76AH3BAAAAA
x-accel-expires
@1703783311
x-77-age
8386
x-cache-lb
HIT
accept-ch
server
CDN77-Turbo
etag
W/"d7956270db30df603312b2c647c"
x-77-nzt-ray
8e305f1ca7ea8cad1da28d6547885202
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=10800
x-robots-tag
noindex, follow
expires
Tue, 19 Dec 2023 17:07:19 GMT
build-iframe-js-url.js
a.magsrv.com/ Frame 787C
759 B
995 B
Script
General
Full URL
https://a.magsrv.com/build-iframe-js-url.js?idzone=5132206
Requested by
Host: a.magsrv.com
URL: https://a.magsrv.com/iframe.php?idzone=5132206&size=300x250
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:e200::2 Ashburn, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
001c773a760e6b4598ba0d7c39b3d34e3a66b148982927b6170b2ebf5df3e9f9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://a.magsrv.com/iframe.php?idzone=5132206&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-pop
ashburnUSVA
date
Thu, 28 Dec 2023 16:28:13 GMT
content-encoding
gzip
x-77-cache
HIT
x-accel-date
1703723236
x-77-nzt
EggBJRPOBAFBDAGckjviAfU54QAA
x-accel-expires
@1703734036
x-77-age
57657
x-cache-lb
MISS
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
server
CDN77-Turbo
etag
W/"84407e05e19cd4e7e34e4684125"
x-77-nzt-ray
8e305f1ca7ea8cad1da28d6599be6902
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=10800
x-robots-tag
noindex, follow
expires
Thu, 28 Dec 2023 03:27:16 GMT
ad-provider.js
a.magsrv.com/ Frame 787C
121 KB
33 KB
Script
General
Full URL
https://a.magsrv.com/ad-provider.js
Requested by
Host: a.magsrv.com
URL: https://a.magsrv.com/iframe.php?idzone=5132206&size=300x250
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:e200::2 Ashburn, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
435c66905e1d49dede5e9cc5af6ff756f709cced95152bbba018ab1e5eb966b3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://a.magsrv.com/iframe.php?idzone=5132206&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-pop
ashburnUSVA
date
Thu, 28 Dec 2023 16:28:13 GMT
content-encoding
gzip
x-age-lb
8382
x-77-cache
HIT
x-accel-date
1703772511
x-77-nzt
EgwBJRPOBAH3viAAAAwBnJI76AH3BAAAAA
x-accel-expires
@1703783311
x-77-age
8386
x-cache-lb
HIT
accept-ch
server
CDN77-Turbo
etag
W/"d7956270db30df603312b2c647c"
x-77-nzt-ray
8e305f1ca7ea8cad1da28d65fae56c02
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=10800
x-robots-tag
noindex, follow
expires
Tue, 19 Dec 2023 17:07:19 GMT
fontawesome-webfont.woff2
www.ptc1.ptcclick.online/WolvenCore/font-awesome/fonts/
75 KB
76 KB
Font
General
Full URL
https://www.ptc1.ptcclick.online/WolvenCore/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.ptc1.ptcclick.online
URL: https://www.ptc1.ptcclick.online/WolvenCore/font-awesome/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2800:6c0:2::198 Buenos Aires, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
Software
Apache /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://www.ptc1.ptcclick.online/WolvenCore/font-awesome/css/font-awesome.min.css
Origin
https://www.ptc1.ptcclick.online
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:13 GMT
last-modified
Sun, 12 Nov 2023 01:46:10 GMT
server
Apache
accept-ranges
bytes
etag
"12d68-609eab7bf22f5"
content-length
77160
BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2
fonts.gstatic.com/s/robotoslab/v34/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotoslab/v34/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Paytone+One|Roboto+Slab|Titillium+Web|Questrial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
438099da1cf057f5b48133f7a74b2d506751fb1b2e888d22ca397fa1983a8f9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.ptc1.ptcclick.online
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 23:07:17 GMT
x-content-type-options
nosniff
age
62456
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13992
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 01:50:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Dec 2024 23:07:17 GMT
0nksC9P7MfYHj2oFtYm2ChTtgPs.woff2
fonts.gstatic.com/s/paytoneone/v23/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/paytoneone/v23/0nksC9P7MfYHj2oFtYm2ChTtgPs.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Paytone+One|Roboto+Slab|Titillium+Web|Questrial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
168c5fc9446db472cbf9e25c0af43e551f18568b20828973eb2068b9d42401c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.ptc1.ptcclick.online
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 23:07:18 GMT
x-content-type-options
nosniff
age
62455
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23064
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 22:01:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Dec 2024 23:07:18 GMT
NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
fonts.gstatic.com/s/titilliumweb/v17/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/titilliumweb/v17/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Paytone+One|Roboto+Slab|Titillium+Web|Questrial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.ptc1.ptcclick.online
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 23:07:11 GMT
x-content-type-options
nosniff
age
62462
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12372
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:30:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Dec 2024 23:07:11 GMT
QdVUSTchPBm7nuUeVf70viFl.woff2
fonts.gstatic.com/s/questrial/v18/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Paytone+One|Roboto+Slab|Titillium+Web|Questrial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.ptc1.ptcclick.online
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 00:18:07 GMT
x-content-type-options
nosniff
age
576606
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19292
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:12:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Dec 2024 00:18:07 GMT
iframe.js
a.magsrv.com/ Frame E89E
2 KB
2 KB
Script
General
Full URL
https://a.magsrv.com/iframe.js?idzone=5132206&size=300x250
Requested by
Host: a.magsrv.com
URL: https://a.magsrv.com/build-iframe-js-url.js?idzone=5132206
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:e200::2 Ashburn, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
96412220dc63c35c08c6ff9f09c4a93bcf81e8fe6f44e380e0ffae728ddbb918

Request headers

accept-language
en-US,en;q=0.9
Referer
https://a.magsrv.com/iframe.php?idzone=5132206&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-pop
ashburnUSVA
date
Thu, 28 Dec 2023 16:28:13 GMT
content-encoding
gzip
x-77-cache
HIT
x-accel-date
1703723241
x-77-nzt
EggBJRPOBAFBDAGckjviAfU04QAA
x-accel-expires
@1703734041
x-77-age
57652
x-cache-lb
MISS
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
server
CDN77-Turbo
etag
W/"b8b72d92060f4759f965913054f"
x-77-nzt-ray
8e305f1ca7ea8cad1da28d65c3d13b0c
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=10800
x-robots-tag
noindex, follow
expires
Thu, 28 Dec 2023 03:27:21 GMT
iframe.js
a.magsrv.com/ Frame 787C
2 KB
2 KB
Script
General
Full URL
https://a.magsrv.com/iframe.js?idzone=5132206&size=300x250
Requested by
Host: a.magsrv.com
URL: https://a.magsrv.com/build-iframe-js-url.js?idzone=5132206
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:e200::2 Ashburn, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
96412220dc63c35c08c6ff9f09c4a93bcf81e8fe6f44e380e0ffae728ddbb918

Request headers

accept-language
en-US,en;q=0.9
Referer
https://a.magsrv.com/iframe.php?idzone=5132206&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-pop
ashburnUSVA
date
Thu, 28 Dec 2023 16:28:13 GMT
content-encoding
gzip
x-77-cache
MISS
x-accel-date
1703723241
x-77-nzt
EggBJRPOBAFBDAGckjviAbM04QAA
x-accel-expires
@1703791693
x-77-age
57652
x-cache-lb
MISS
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
server
CDN77-Turbo
etag
W/"b8b72d92060f4759f965913054f"
x-77-nzt-ray
8e305f1ca7ea8cad1da28d654b333f0c
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=10800
x-robots-tag
noindex, follow
expires
Thu, 28 Dec 2023 19:28:13 GMT
adp1v3.js
cdn1.adcdnx.com/s/
89 KB
34 KB
Script
General
Full URL
https://cdn1.adcdnx.com/s/adp1v3.js
Requested by
Host: www.ptc1.ptcclick.online
URL: https://www.ptc1.ptcclick.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.41.37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f297f66639ccdc5c12cacb42a929143ed1dfcd39cce01ed6ca5e4cc2b21b9b12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ptc1.ptcclick.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:13 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 28 Dec 2023 14:01:43 GMT
server
cloudflare
age
4443
vary
Accept-Encoding
content-type
text/html;charset=UTF-8
cache-control
max-age=7200
cf-ray
83cb2cd75c4e2878-MIA
x-served-by
cloudw2
c.php
rf.revolvermaps.com/js/
43 B
289 B
Image
General
Full URL
https://rf.revolvermaps.com/js/c.php?i=58sv7glswaw
Requested by
Host: www.ptc1.ptcclick.online
URL: https://www.ptc1.ptcclick.online/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ptc1.ptcclick.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 28 Dec 2023 16:28:13 GMT
Last-Modified
Thu, 28 Dec 2023 16:28:13 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
max-age=900
Connection
Keep-Alive
Keep-Alive
timeout=4, max=99
Content-Length
43
r.php
rf.revolvermaps.com/js/
43 B
215 B
Image
General
Full URL
https://rf.revolvermaps.com/js/r.php?i=58sv7glswaw&l=https%3A%2F%2Fwww.ptc1.ptcclick.online%2F&r=1703780893262
Requested by
Host: www.ptc1.ptcclick.online
URL: https://www.ptc1.ptcclick.online/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ptc1.ptcclick.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 28 Dec 2023 16:28:13 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=4, max=98
Content-Length
43
Content-Type
image/gif
api.php
s.magsrv.com/v1/ Frame E89E
1 KB
2 KB
XHR
General
Full URL
https://s.magsrv.com/v1/api.php
Requested by
Host: a.magsrv.com
URL: https://a.magsrv.com/ad-provider.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.169.106.41 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software
nginx /
Resource Hash
7f8e13873493cb8498e22edd5ce588311012abdef50369cc84fcf73fb2aafebc

Request headers

Referer
https://a.magsrv.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 28 Dec 2023 16:28:13 GMT
Access-Control-Request-Method
POST
Content-Encoding
gzip
Server
nginx
Accept-CH
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://a.magsrv.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Robots-Tag
noindex, follow
Access-Control-Allow-Headers
Authorization, Content-Type
api.php
s.magsrv.com/v1/ Frame 787C
1 KB
2 KB
XHR
General
Full URL
https://s.magsrv.com/v1/api.php
Requested by
Host: a.magsrv.com
URL: https://a.magsrv.com/ad-provider.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.169.106.41 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software
nginx /
Resource Hash
2f6aa33f274d07d4760282a9489864a778005205b5392ac67557802e917d2192

Request headers

Referer
https://a.magsrv.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 28 Dec 2023 16:28:13 GMT
Access-Control-Request-Method
POST
Content-Encoding
gzip
Server
nginx
Accept-CH
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://a.magsrv.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Robots-Tag
noindex, follow
Access-Control-Allow-Headers
Authorization, Content-Type
gid.js
my.rtmark.net/
65 B
550 B
XHR
General
Full URL
https://my.rtmark.net/gid.js?userId=456e4dcac40b42a2a2fbb2374deaaa98
Requested by
Host: alwingulla.com
URL: https://alwingulla.com/88/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4ffe4136c553a40ec6677716f0a2cea4e61a2d3a4c120d7af511fe5ab20edbac
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ptc1.ptcclick.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:13 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ptc1.ptcclick.online
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
tag.min.js
ibrapush.com/pfe/current/
13 KB
6 KB
Script
General
Full URL
https://ibrapush.com/pfe/current/tag.min.js?z=6800150
Requested by
Host: alwingulla.com
URL: https://alwingulla.com/88/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
1f945c9c46c47a2b0e867b0d09c3e4559cd768a2d3747abf28d1d65667733b75

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ptc1.ptcclick.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 16:28:13 GMT
content-encoding
gzip
last-modified
Mon, 27 Nov 2023 17:44:23 GMT
server
nginx
etag
W/"6564d577-33f4"
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
link
<https://my.rtmark.net>; rel=dns-prefetch;, <https://my.rtmark.net>; rel=preconnect
6800149
bygliscortor.com/401/
87 KB
34 KB
Script
General
Full URL
https://bygliscortor.com/401/6800149
Requested by
Host: alwingulla.com
URL: https://alwingulla.com/88/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
393a4717bf7da6ed7550a484f78f073fcd9a9d8b415e04d8c3e9c7c56ff52d26
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ptc1.ptcclick.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:13 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
72bf45e71f4f5b9ff492f72803dff1ae
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary
Origin
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
6800147
gishejuy.com/400/
80 KB
31 KB
Script
General
Full URL
https://gishejuy.com/400/6800147
Requested by
Host: alwingulla.com
URL: https://alwingulla.com/88/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ec5d7b7703e3c122bd39b9bdcd819f9a9e724bbaa0ecfe4f6960eec2b48628de
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ptc1.ptcclick.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:13 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
4aaaa77f99d2b5d76877b1204f1640ea
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary
Origin
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
1
cameesse.net/
42 KB
16 KB
Script
General
Full URL
https://cameesse.net/1?z=6800148
Requested by
Host: alwingulla.com
URL: https://alwingulla.com/88/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
dd1f02fbd137edbf22902282ea691d2e20403195d8091dcd7d9777c35f84ee3c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ptc1.ptcclick.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-trace-id
95ec473cdbad05ac5d8e4cc1218071fe
pragma
no-cache
date
Thu, 28 Dec 2023 16:28:13 GMT
content-encoding
gzip
x-sc
EyV0-egBQHQeaTtK7N3mBrguqr1ek8Y9knd5wDK9HK61q2H2NKJJ1Vu6u7hmolI3wp-SdW8LSYWc3rQfQ8eTBf7tR8o=
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/javascript
access-control-allow-origin
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires
Mon, 26 Jul 1997 05:00:00 GMT
rci
wxhiojortldjyegtkx.bid/
1 B
505 B
XHR
General
Full URL
https://wxhiojortldjyegtkx.bid/rci
Requested by
Host: cdn1.adcdnx.com
URL: https://cdn1.adcdnx.com/s/adp1v3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.133.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ptc1.ptcclick.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 16:28:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-methods
GET
content-type
text/html;charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kKNO7urfxn9hVTLCU4dgc8p28XvErT2UG4cemelbCv0xgvu8RCrLYd7ToDx24sTHO1gytzo8meHXTnFDNObumvC462Vh1Ddcri8zVzMSx%2BW1jlo5IvmSJgbtelXJcKCGfsYTHiZR%2Fdsc"}],"group":"cf-nel","max_age":604800}
cache-control
no-transform,no-cache
cf-ray
83cb2cd85ac65c78-MIA
alt-svc
h3=":443"; ma=86400
content-length
1
x-served-by
cloudw1
106836b1-0e0a-4919-9a52-61c290aae21d.gif
refpa4293501.top/img/AdAgent_1/ Frame 27B5
309 KB
310 KB
Image
General
Full URL
https://refpa4293501.top/img/AdAgent_1/106836b1-0e0a-4919-9a52-61c290aae21d.gif
Requested by
Host: refbanners.com
URL: https://refbanners.com/I?tag=d_2912617m_10423c_&site=2912617&ad=10423
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.253.46.82 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),
Reverse DNS
Software
nginx /
Resource Hash
3bb9957735f0465cdced477150a5d3f8e43dbf450521e595317834c456635ba2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://refbanners.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:13 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Wed, 27 Jun 2018 11:55:48 GMT
server
nginx
etag
"0fa95c9ded41:0"
content-type
image/gif
cache-control
max-age=86400
server-timing
wf-uht;dur=0.023
accept-ranges
bytes
content-length
316381
checker.js
refbanners.com/checker/ Frame 27B5
6 KB
2 KB
Script
General
Full URL
https://refbanners.com/checker/checker.js
Requested by
Host: refbanners.com
URL: https://refbanners.com/I?tag=d_2912617m_10423c_&site=2912617&ad=10423
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
83.147.204.12 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),
Reverse DNS
Software
nginx /
Resource Hash
198a55310d4d5b786ff571ff4f16a66505bb17545c557818c8de810851616955
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://refbanners.com/I?tag=d_2912617m_10423c_&site=2912617&ad=10423
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:13 GMT
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Wed, 25 Oct 2023 07:42:18 GMT
server
nginx
etag
W/"6538c6da-1843"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=3600
server-timing
wf-uht;dur=
expires
Thu, 28 Dec 2023 17:28:13 GMT
a2.php
rf.revolvermaps.com/w/1/a/ Frame DC8E
22 KB
8 KB
Document
General
Full URL
https://rf.revolvermaps.com/w/1/a/a2.php?i=58sv7glswaw&s=220&m=0&v=true&r=false&b=000000&n=false&c=ff0000
Requested by
Host: rf.revolvermaps.com
URL: https://rf.revolvermaps.com/0/0/1.js?i=58sv7glswaw&s=220&m=0&v=true&r=false&b=000000&n=false&c=ff0000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
92e73d2cb9952afecf4d66ea9c10e08567a07ce4422ccd16e2f7ff41fcc8b2fa

Request headers

Referer
https://www.ptc1.ptcclick.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
public, max-age=2592000
Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 28 Dec 2023 16:28:13 GMT
Keep-Alive
timeout=4, max=100
Server
Apache
Transfer-Encoding
chunked
Vary
Accept-Encoding
tag.js
mc.yandex.ru/metrika/ Frame 8C9F
202 KB
70 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: multiwall-ads.shop
URL: https://multiwall-ads.shop/vbanner.php?mwbanner=420&size=300
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
f4d52b2f18ee8dd9761051674cb84dd5202b61ba4e8d7056b41a205791c7a61c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://multiwall-ads.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Wed, 27 Dec 2023 07:32:12 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"658bd2fc-11627"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
71207
expires
Thu, 28 Dec 2023 17:28:14 GMT
tag.js
mc.yandex.ru/metrika/ Frame 1C6D
202 KB
70 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: multiwall-ads.shop
URL: https://multiwall-ads.shop/vbanner.php?mwbanner=420&size=468
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
f4d52b2f18ee8dd9761051674cb84dd5202b61ba4e8d7056b41a205791c7a61c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://multiwall-ads.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Wed, 27 Dec 2023 07:32:12 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"658bd2fc-11627"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
71207
expires
Thu, 28 Dec 2023 17:28:14 GMT
5dd3cd2543577
neverstoprotation.com/iframe/ Frame D34D
987 B
1 KB
Document
General
Full URL
https://neverstoprotation.com/iframe/5dd3cd2543577?iframe&ag_custom_domain=ptc1.ptcclick.online
Requested by
Host: a.magsrv.com
URL: https://a.magsrv.com/ad-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:274d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
137fd3e1fec5008094e99ffc86fcf20348e6cf04d502e6723952c81dc1bca143

Request headers

Referer
https://a.magsrv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83cb2cda2ff8db29-MIA
content-encoding
br
content-type
text/html
date
Thu, 28 Dec 2023 16:28:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Zx9967S5CP%2FKto5B1iq5YQDMdFduDe8J668qDYZ3U5hr3xwOXYC7rS1XEryYPZb3ZHilS05ZQaR71nNMyV9dFnaY1KdWlqmqWGlB8BiyhkB%2FZgTiStLsgqS6uFQyH5I%2FKMO0cimTC5Xk4xhgi0dGATO7Ps%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
cimp.php
s.magsrv.com/ Frame 787C
0
705 B
XHR
General
Full URL
https://s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1PW27DMAy7yi4QQw8/5P4N2A2GHSBx4i5YkwxtMfRDh5/sDQUhE5RF0SYgHpAGkhfEE8kJWVkcMjlEcYn14/1VPer3vaCzo1zW8uWO/bLui2JmQlL0hAEUATF70GBugmiMyhGjN7ugxBBjVLsnBUMQaewAWDNYzFsvNJAywIPayh5vm0m9CXg058Qp+CoZqiBNVGKkQOSzYRlpTm1QR7eN59v1x5Vj63k9i1LuCf8N+1gIKaAO2EX0yKKfx+2+7mdV6/WptV7HbVF92v6Qnosaa3uh901oiLnAAjwvvPipSh0tmGsunorQLL+XHRSldgEAAA==
Requested by
Host: a.magsrv.com
URL: https://a.magsrv.com/ad-provider.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.169.106.41 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://a.magsrv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 28 Dec 2023 16:28:13 GMT
Content-Encoding
gzip
Server
nginx
Accept-CH
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://a.magsrv.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Robots-Tag
noindex, follow
5dd3cd2543577
neverstoprotation.com/iframe/ Frame 22EA
982 B
1 KB
Document
General
Full URL
https://neverstoprotation.com/iframe/5dd3cd2543577?iframe&ag_custom_domain=ptc1.ptcclick.online
Requested by
Host: a.magsrv.com
URL: https://a.magsrv.com/ad-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:274d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8550b517a4660e2306cc419af0e83de3ed4fa0eb0827c74f17a82267070d6191

Request headers

Referer
https://a.magsrv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83cb2cda2ffadb29-MIA
content-encoding
br
content-type
text/html
date
Thu, 28 Dec 2023 16:28:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=59ERS20Htctv7F%2BJIpwX%2BPJxW%2BuJXmFbio0MGI8bcLzmkUAy5goPq7HNLkxc6eJ9I%2FSdmnnTGtywldR6%2Bet7Xr6G%2FCQbH%2FDZ53a7ADPIrBZW6IzDhTT83nlJiVAnpVWsMFE3o5fEF4tqdJfzeagIV%2Fjr5zg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
cimp.php
s.magsrv.com/ Frame E89E
0
705 B
XHR
General
Full URL
https://s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1QW2oDMQy8Si8Qo5Fsr5y/Qm9QeoB9eNOleZQklHzo8JXdEgZ5kKzRyGZi2YF3rC/AnnUPMdEA4QBoGMQ+3l8twr7vM4If83Gbv8LlfNzO1VCEwYbISGQgoESy5Gqm7AyTjBxdrtCccs7m92zkSKqNAxEXTlbInd56wMEmRA9uU/sGPpwtekKPJp5kSHHVQquCJ55z5sQci6OOvAyt0cZwGg+360+YL6du2e1EpDv8F/xtKQ0JtkNPcoSofV5u9+18MPNa79rW63iqZk/ZH4bnoMbWNoyxJSYLZPJ/qaRa51rWuqxxlcpaahmm5RdHjs4veQEAAA==
Requested by
Host: a.magsrv.com
URL: https://a.magsrv.com/ad-provider.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.169.106.41 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://a.magsrv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 28 Dec 2023 16:28:13 GMT
Content-Encoding
gzip
Server
nginx
Accept-CH
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://a.magsrv.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Robots-Tag
noindex, follow
js
www.googletagmanager.com/gtag/ Frame 15F8
186 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-173236730-1
Requested by
Host: ayelads.com
URL: https://ayelads.com/display/items.php?ad=3bhkt8g&s=0&h=300x250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
47b206114591b6334e70341707eb1abd4c0db4dacee2fe0f47db4a1a04f08757
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ayelads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68913
x-xss-protection
0
last-modified
Thu, 28 Dec 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 28 Dec 2023 16:28:13 GMT
logo_ad1.png
ayelads.com/page/image/ Frame 15F8
503 B
703 B
Image
General
Full URL
https://ayelads.com/page/image/logo_ad1.png
Requested by
Host: ayelads.com
URL: https://ayelads.com/display/items.php?ad=3bhkt8g&s=0&h=300x250
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.250 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium161-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
997d968621d97121b423e07a7188084805214b3d2a874d576cc5b795686dac7d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ayelads.com/display/items.php?ad=3bhkt8g&s=0&h=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:13 GMT
last-modified
Fri, 27 Nov 2020 10:25:31 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
503
expires
Thu, 04 Jan 2024 16:28:13 GMT
index1.php
rapid-faucet.site/ Frame 17DE
568 B
468 B
Document
General
Full URL
https://rapid-faucet.site/index1.php?tag=3bhkt8g&size=300x250
Requested by
Host: ayelads.com
URL: https://ayelads.com/display/items.php?ad=3bhkt8g&s=0&h=300x250
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.223.118.72 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium261-1.web-hosting.com
Software
LiteSpeed / PHP/8.1.26
Resource Hash
39933ce958079ddc0911718082ac299f45c34c16ce1cac4f5bb607d7c34c1684

Request headers

Referer
https://ayelads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
br
content-length
299
content-type
text/html; charset=UTF-8
date
Thu, 28 Dec 2023 16:28:14 GMT
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/8.1.26
x-turbo-charged-by
LiteSpeed
js
www.googletagmanager.com/gtag/ Frame 066D
186 KB
67 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-173236730-1
Requested by
Host: ayelads.com
URL: https://ayelads.com/display/items.php?ad=3bhK8Me&s=0&h=468x60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bbe041afc720654f8559d291faaa74b9af4ac642c36816d666fe865d59a69487
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ayelads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68916
x-xss-protection
0
last-modified
Thu, 28 Dec 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 28 Dec 2023 16:28:13 GMT
logo_ad1.png
ayelads.com/page/image/ Frame 066D
503 B
703 B
Image
General
Full URL
https://ayelads.com/page/image/logo_ad1.png
Requested by
Host: ayelads.com
URL: https://ayelads.com/display/items.php?ad=3bhK8Me&s=0&h=468x60
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.250 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium161-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
997d968621d97121b423e07a7188084805214b3d2a874d576cc5b795686dac7d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ayelads.com/display/items.php?ad=3bhK8Me&s=0&h=468x60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:13 GMT
last-modified
Fri, 27 Nov 2020 10:25:31 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
503
expires
Thu, 04 Jan 2024 16:28:13 GMT
index1.php
rapid-faucet.site/ Frame 488D
567 B
468 B
Document
General
Full URL
https://rapid-faucet.site/index1.php?tag=3bhK8Me&size=468x60
Requested by
Host: ayelads.com
URL: https://ayelads.com/display/items.php?ad=3bhK8Me&s=0&h=468x60
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.223.118.72 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium261-1.web-hosting.com
Software
LiteSpeed / PHP/8.1.26
Resource Hash
cde8a7b4fee08a31473b416581be22b4584c9091ae68b212eeff066278d8e190

Request headers

Referer
https://ayelads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
br
content-length
300
content-type
text/html; charset=UTF-8
date
Thu, 28 Dec 2023 16:28:14 GMT
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/8.1.26
x-turbo-charged-by
LiteSpeed
/
veepteero.com/
2 KB
3 KB
Fetch
General
Full URL
https://veepteero.com/?rb=qMJtLSoIjQRKy2OswiRt3oFgbiTWb_Y37rccu72-yI9h-pquABtFAhzxDlGZbPI_MNnmciISDygNaANqsFlyQCE7TfXDkgo5jOUR3HoBi8Opgs7GcKiMkUwy1SRAqcjIGJ_k7ghB_GdJjiBElwfbNq_v3DPY1oJQm_x4hZ8IokvXOBJ9ZtbN6m-o1R_-5s0c_vcNA8sbaIhwv9NthExlhRtSVdSKL4vk9feb1eqhXf6xH06ZpEHDGMQHtYSypg1okMkDY5aOYSMtgjWKlBj9nPirtzdoeROCKmdgXt0MLPw%3D&request_ab2=0&zoneid=6800146&js_build=iclick-v1.650.4-auto&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=7&pl=https%3A%2F%2Fwww.ptc1.ptcclick.online%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&btz=Pacific%2FHonolulu&bto=600&wgl=Intel%20Iris%20OpenGL%20Engine&js_build=iclick-v1.650.4-auto&bs=4f5e5235-b317-4b12-80c2-aff799ca6386&userId=456e4dcac40b42a2a2fbb2374deaaa98&m=link
Requested by
Host: alwingulla.com
URL: https://alwingulla.com/88/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
5b243e8e66d413f2ab62cfee07531a5598eff1ac033f8092fbca226fcef29942
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ptc1.ptcclick.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:14 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
348cffd6cbee6fe46a28c6025f80df31
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.ptc1.ptcclick.online
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT
zone
ibrapush.com/
881 B
1 KB
Fetch
General
Full URL
https://ibrapush.com/zone?pub=0&zone_id=6800150&is_mobile=false&domain=www.ptc1.ptcclick.online&var=&ymid=&var_3=&tg=0&sw=3.1.471
Requested by
Host: ibrapush.com
URL: https://ibrapush.com/pfe/current/tag.min.js?z=6800150
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
318f8fbf98fc2651656cefaff1338c3348c48a260815b4bc489c0d23ccf51f1b
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ptc1.ptcclick.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-trace-id
26c0a16adc2ed5ccac6197191a53ab2e
date
Thu, 28 Dec 2023 16:28:13 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ptc1.ptcclick.online
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
881
universal.min.js
ibrapush.com/pfe/current/
86 KB
33 KB
Fetch
General
Full URL
https://ibrapush.com/pfe/current/universal.min.js?v=3.1.471
Requested by
Host: ibrapush.com
URL: https://ibrapush.com/pfe/current/tag.min.js?z=6800150
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
09e8ce2dfeac0ad09cd24788931b38ea7e7592f2c28eecc324b2dd1cd69d1b42

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ptc1.ptcclick.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 16:28:14 GMT
content-encoding
gzip
last-modified
Mon, 27 Nov 2023 13:38:02 GMT
server
nginx
etag
W/"65649bba-1572c"
content-type
application/javascript
access-control-allow-origin
https://www.ptc1.ptcclick.online
cache-control
no-cache
access-control-allow-credentials
true
stattag.js
tzegilo.com/
19 KB
8 KB
Script
General
Full URL
https://tzegilo.com/stattag.js
Requested by
Host: bygliscortor.com
URL: https://bygliscortor.com/401/6800149
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:c134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86da38693fcea056d36588a4146e85392f784c457511de416fec32034aafa4f9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ptc1.ptcclick.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Sep 2023 08:19:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3030
etag
W/"64f987a8-4a4b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zMyw9yJmP6YSsuSAgU6Cm0jivZ2cIB2PZ8uAusvrwNzHie8tg57yQdQH1qhjOrGvlH1ICTAUM0Cw49V7D8qC80fG%2BSWX0rZIf%2B4JZhGv%2BVLXwzNatRMeExK7cZJB%2FiTFy2MfHCa3%2BvZUFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83cb2cdbac53098e-MIA
link
<https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
alt-svc
h3=":443"; ma=86400
76f9b75b6ac9e4655335a4d4faa658d4.jpg
onegamepics.com/bnr/4/76f/9b75b6/ Frame 22EA
96 KB
96 KB
Image
General
Full URL
https://onegamepics.com/bnr/4/76f/9b75b6/76f9b75b6ac9e4655335a4d4faa658d4.jpg
Requested by
Host: neverstoprotation.com
URL: https://neverstoprotation.com/iframe/5dd3cd2543577?iframe&ag_custom_domain=ptc1.ptcclick.online
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:2cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea084d0f7333b6c29fffe8b7dbae3866ffe25954766f39263669401ba961a95c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://neverstoprotation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 10 Dec 2023 16:13:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1556070
x-cache-status
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AqBXYx3ol6wuLOZc0c%2BXwRVjRpS7AMoykRqNvK6S%2Bhr%2BhvNX0IvBJSYwdjKEjzWphMIH8G%2B7zmBOCAs5YNhJjTmzUesQmYMm5p%2BRvb807wHfwqxk95f9GCj8Oh0i0pLhBSb093Wjm13P98RxEao%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
cache-control
max-age=31536000
cf-ray
83cb2cdbbfc80971-MIA
alt-svc
h3=":443"; ma=86400
tag.php
a.exoclick.com/ Frame 22EA
0
0
Image
General
Full URL
https://a.exoclick.com/tag.php?goal=eea564a66f809bfecfdddb23eba6c846
Requested by
Host: neverstoprotation.com
URL: https://neverstoprotation.com/iframe/5dd3cd2543577?iframe&ag_custom_domain=ptc1.ptcclick.online
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:e200::2 Ashburn, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://neverstoprotation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

b7af9eee900df9a8aa2af9ad8ee46174
cameesse.net/27/
403 KB
128 KB
Script
General
Full URL
https://cameesse.net/27/b7af9eee900df9a8aa2af9ad8ee46174
Requested by
Host: cameesse.net
URL: https://cameesse.net/1?z=6800148
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
1a3f7f2cfe5fba958e9df1a38c0980aab5bb21225601ea849f9e6df4afe09f2e
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ptc1.ptcclick.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-trace-id
e618604a3ae17487b69cc610e251409c
date
Thu, 28 Dec 2023 16:28:14 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
last-modified
Fri, 24 Nov 2023 06:46:08 GMT
server
nginx
content-encoding
gzip
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
access-control-expose-headers
X-Sc
cache-control
max-age:290304000, public
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires
Fri, 24 Dec 2083 06:46:08 GMT
js
www.googletagmanager.com/gtag/ Frame 15F8
224 KB
79 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZEXPE0N80E&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-173236730-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0d2d11d944a5d6772c81399ed230f1d0be25953a4b5e81f7acbc724ab1c84473
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ayelads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81214
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 28 Dec 2023 16:28:14 GMT
analytics.js
www.google-analytics.com/ Frame 15F8
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-173236730-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ayelads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 28 Dec 2023 15:30:19 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3475
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 28 Dec 2023 17:30:19 GMT
7f037599d109c7de48ccdadd184f0a8a.jpg
smartpicrotation.com/bnr/4/7f0/37599d/ Frame D34D
76 KB
77 KB
Image
General
Full URL
https://smartpicrotation.com/bnr/4/7f0/37599d/7f037599d109c7de48ccdadd184f0a8a.jpg
Requested by
Host: neverstoprotation.com
URL: https://neverstoprotation.com/iframe/5dd3cd2543577?iframe&ag_custom_domain=ptc1.ptcclick.online
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:dee6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7098f94299a8ec7ba3b3158acba039974500fcdb132e0697f8617b95895e2dac

Request headers

accept-language
en-US,en;q=0.9
Referer
https://neverstoprotation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 04 Dec 2023 21:48:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2054234
x-cache-status
EXPIRED
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DVjidEkLYjGVF6dE7mnyqsvX%2FvBpDnJf2qZnmjpSikvZ0GWGgDaoL3zcHx9893meI2if7ubYytQ4Oz7swyItshJyqrbRC0VjgaC5qrO%2FB858Dwh76uIdJwjTc1fgKaUXLw5Xpv8IK5wKe7qsAbRSTw4Wkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
cache-control
max-age=31536000
cf-ray
83cb2cdc8a6774be-MIA
alt-svc
h3=":443"; ma=86400
tag.php
a.exoclick.com/ Frame D34D
0
0
Image
General
Full URL
https://a.exoclick.com/tag.php?goal=eea564a66f809bfecfdddb23eba6c846
Requested by
Host: neverstoprotation.com
URL: https://neverstoprotation.com/iframe/5dd3cd2543577?iframe&ag_custom_domain=ptc1.ptcclick.online
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:e200::2 Ashburn, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://neverstoprotation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

add
fleraprt.com/log/
12 B
494 B
XHR
General
Full URL
https://fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
Requested by
Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Request headers

Referer
https://www.ptc1.ptcclick.online/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 28 Dec 2023 16:29:19 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.ptc1.ptcclick.online
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
300x250.jpg
rapid-faucet.site/banners/1002/ Frame 17DE
76 KB
77 KB
Image
General
Full URL
https://rapid-faucet.site/banners/1002/300x250.jpg
Requested by
Host: rapid-faucet.site
URL: https://rapid-faucet.site/index1.php?tag=3bhkt8g&size=300x250
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.223.118.72 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium261-1.web-hosting.com
Software
LiteSpeed /
Resource Hash
1df997f7b41258955cda1b86e1db65b1a3733c27aa4ba3fc17991263171f4278

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rapid-faucet.site/index1.php?tag=3bhkt8g&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:14 GMT
last-modified
Tue, 26 Dec 2023 11:11:34 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
78180
expires
Thu, 04 Jan 2024 16:28:14 GMT
468x60.jpg
rapid-faucet.site/banners/1004/ Frame 488D
46 KB
46 KB
Image
General
Full URL
https://rapid-faucet.site/banners/1004/468x60.jpg
Requested by
Host: rapid-faucet.site
URL: https://rapid-faucet.site/index1.php?tag=3bhK8Me&size=468x60
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.223.118.72 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium261-1.web-hosting.com
Software
LiteSpeed /
Resource Hash
1f0dec12f187afaf174cf928725d4cf4a7970b6eaf715719e7c6a65d17ce05aa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rapid-faucet.site/index1.php?tag=3bhK8Me&size=468x60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:14 GMT
last-modified
Tue, 26 Dec 2023 11:21:32 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
46915
expires
Thu, 04 Jan 2024 16:28:14 GMT
js
www.googletagmanager.com/gtag/ Frame 066D
224 KB
79 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZEXPE0N80E&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-173236730-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
55e34aece8e2962878bad9137b44111b6fabbdeda427f55268eca3276d9edc55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ayelads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81214
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 28 Dec 2023 16:28:14 GMT
analytics.js
www.google-analytics.com/ Frame 066D
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-173236730-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ayelads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 28 Dec 2023 15:30:19 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3475
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 28 Dec 2023 17:30:19 GMT
6800149
bygliscortor.com/500/
2 KB
2 KB
XHR
General
Full URL
https://bygliscortor.com/500/6800149?excludes=&oaid=456e4dcac40b42a2a2fbb2374deaaa98&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=8&pl=https%3A%2F%2Fwww.ptc1.ptcclick.online%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=-600&js_build=8&sw_version=v1.312.0
Requested by
Host: bygliscortor.com
URL: https://bygliscortor.com/401/6800149
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
86b086fbcaceb44826623d8cde3216dc904443bde11b51540e750f8bbf97c1eb
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ptc1.ptcclick.online/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 28 Dec 2023 16:28:14 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
c0d792f161fa0a9112432d2e0f46c1ac
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://www.ptc1.ptcclick.online
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
6800149
bygliscortor.com/500/ Frame
0
0
Preflight
General
Full URL
https://bygliscortor.com/500/6800149?excludes=&oaid=456e4dcac40b42a2a2fbb2374deaaa98&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=8&pl=https%3A%2F%2Fwww.ptc1.ptcclick.online%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=-600&js_build=8&sw_version=v1.312.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.ptc1.ptcclick.online
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.ptc1.ptcclick.online
access-control-max-age
600
allow
GET, OPTIONS
content-length
0
date
Thu, 28 Dec 2023 16:28:14 GMT
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
*
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
6800147
gishejuy.com/500/
2 KB
2 KB
XHR
General
Full URL
https://gishejuy.com/500/6800147?excludes=&oaid=456e4dcac40b42a2a2fbb2374deaaa98&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=8&pl=https%3A%2F%2Fwww.ptc1.ptcclick.online%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=-600&js_build=8&sw_version=v1.312.0
Requested by
Host: gishejuy.com
URL: https://gishejuy.com/400/6800147
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3bfa0a9e52ac8b6f40d17c89e353370e3f986277109cad611138fecc92cf0d4
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ptc1.ptcclick.online/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 28 Dec 2023 16:28:14 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
481ba11577c505fe973af39f55224179
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://www.ptc1.ptcclick.online
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
6800147
gishejuy.com/500/ Frame
0
0
Preflight
General
Full URL
https://gishejuy.com/500/6800147?excludes=&oaid=456e4dcac40b42a2a2fbb2374deaaa98&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=8&pl=https%3A%2F%2Fwww.ptc1.ptcclick.online%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=-600&js_build=8&sw_version=v1.312.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.ptc1.ptcclick.online
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.ptc1.ptcclick.online
access-control-max-age
600
allow
GET, OPTIONS
content-length
0
date
Thu, 28 Dec 2023 16:28:14 GMT
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
*
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
custom
ibrapush.com/ Frame
0
0
Preflight
General
Full URL
https://ibrapush.com/custom
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ptc1.ptcclick.online
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.ptc1.ptcclick.online
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Thu, 28 Dec 2023 16:28:14 GMT
server
nginx
custom
ibrapush.com/
39 B
337 B
Fetch
General
Full URL
https://ibrapush.com/custom
Requested by
Host: www.ptc1.ptcclick.online
URL: https://www.ptc1.ptcclick.online/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ptc1.ptcclick.online/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
b09e42291e169b5b389a2233fb55d197
date
Thu, 28 Dec 2023 16:28:14 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ptc1.ptcclick.online
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
39
sw.js
www.ptc1.ptcclick.online/
18 KB
19 KB
Fetch
General
Full URL
https://www.ptc1.ptcclick.online/sw.js
Requested by
Host: www.ptc1.ptcclick.online
URL: https://www.ptc1.ptcclick.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2800:6c0:2::198 Buenos Aires, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
Software
Apache / PHP/7.4.25
Resource Hash
5aadd092cb6a23622cfb0e59591c9c80a6a772df11ca1c935b221e2a611704e2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ptc1.ptcclick.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:14 GMT
server
Apache
x-powered-by
PHP/7.4.25
content-type
text/html; charset=UTF-8
9
cameesse.net/ Frame
0
0
Preflight
General
Full URL
https://cameesse.net/9?z=6800148&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fwww.ptc1.ptcclick.online%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=8&sah=1200&drf=&hil=1&ist=0&oaid=456e4dcac40b42a2a2fbb2374deaaa98
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ptc1.ptcclick.online
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://www.ptc1.ptcclick.online
cache-control
no-store, no-cache, must-revalidate, max-age=0
date
Thu, 28 Dec 2023 16:28:14 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
pragma
no-cache
server
nginx
9
cameesse.net/
6 KB
3 KB
XHR
General
Full URL
https://cameesse.net/9?z=6800148&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fwww.ptc1.ptcclick.online%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=8&sah=1200&drf=&hil=1&ist=0&oaid=456e4dcac40b42a2a2fbb2374deaaa98
Requested by
Host: cameesse.net
URL: https://cameesse.net/27/b7af9eee900df9a8aa2af9ad8ee46174
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
61fc1450549e5445ad569d4754c2cd6b408d8b981cb9be9e3dedebdd2e0e7703

Request headers

Referer
https://www.ptc1.ptcclick.online/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
19cbb8533f55dcadeae9bdec99b1aa90
pragma
no-cache
date
Thu, 28 Dec 2023 16:28:14 GMT
content-encoding
gzip
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
https://www.ptc1.ptcclick.online
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires
Mon, 26 Jul 1997 05:00:00 GMT
advert.gif
mc.yandex.com/metrika/ Frame 1C6D
43 B
845 B
Image
General
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: multiwall-ads.shop
URL: https://multiwall-ads.shop/vbanner.php?mwbanner=420&size=468
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://multiwall-ads.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:14 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 25 Dec 2023 13:57:02 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"65898a2e-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Thu, 28 Dec 2023 17:28:14 GMT
1
mc.yandex.com/watch/94345894/ Frame 1C6D
Redirect Chain
  • https://mc.yandex.com/watch/94345894?wmode=7&page-url=https%3A%2F%2Fmultiwall-ads.shop%2Fvbanner.php%3Fmwbanner%3D420%26size%3D468&page-ref=https%3A%2F%2Fwww.ptc1.ptcclick.online%2F&charset=utf-8&u...
  • https://mc.yandex.com/watch/94345894/1?wmode=7&page-url=https%3A%2F%2Fmultiwall-ads.shop%2Fvbanner.php%3Fmwbanner%3D420%26size%3D468&page-ref=https%3A%2F%2Fwww.ptc1.ptcclick.online%2F&charset=utf-8...
435 B
539 B
Fetch
General
Full URL
https://mc.yandex.com/watch/94345894/1?wmode=7&page-url=https%3A%2F%2Fmultiwall-ads.shop%2Fvbanner.php%3Fmwbanner%3D420%26size%3D468&page-ref=https%3A%2F%2Fwww.ptc1.ptcclick.online%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A972037860618%3Ahid%3A934849979%3Az%3A-600%3Ai%3A20231228062814%3Aet%3A1703780895%3Ac%3A1%3Arn%3A820695529%3Arqn%3A1%3Au%3A1703780895955864220%3Aw%3A468x60%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C737%2C1%2C1%2C0%2C%2C9%2C0%2C%2C%2C%2C821%3Aco%3A0%3Acpf%3A1%3Ans%3A1703780892809%3Arqnl%3A1%3Ast%3A1703780895%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29&redirnss=1
Requested by
Host: multiwall-ads.shop
URL: https://multiwall-ads.shop/vbanner.php?mwbanner=420&size=468
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
3ff1114ae26821a996f70ffa7cdfe58e8232baf20f4e6ce90e23b5dfffd98c0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://multiwall-ads.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 16:28:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Thu, 28-Dec-2023 16:28:14 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://multiwall-ads.shop
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
435
x-xss-protection
1; mode=block
expires
Thu, 28-Dec-2023 16:28:14 GMT

Redirect headers

pragma
no-cache
date
Thu, 28 Dec 2023 16:28:14 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 28-Dec-2023 16:28:14 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/94345894/1?wmode=7&page-url=https%3A%2F%2Fmultiwall-ads.shop%2Fvbanner.php%3Fmwbanner%3D420%26size%3D468&page-ref=https%3A%2F%2Fwww.ptc1.ptcclick.online%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A972037860618%3Ahid%3A934849979%3Az%3A-600%3Ai%3A20231228062814%3Aet%3A1703780895%3Ac%3A1%3Arn%3A820695529%3Arqn%3A1%3Au%3A1703780895955864220%3Aw%3A468x60%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C737%2C1%2C1%2C0%2C%2C9%2C0%2C%2C%2C%2C821%3Aco%3A0%3Acpf%3A1%3Ans%3A1703780892809%3Arqnl%3A1%3Ast%3A1703780895%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29&redirnss=1
access-control-allow-origin
https://multiwall-ads.shop
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 28-Dec-2023 16:28:14 GMT
/
refbanners.com/redirect/stat/run/ Frame 27B5
14 B
157 B
XHR
General
Full URL
https://refbanners.com/redirect/stat/run/
Requested by
Host: refbanners.com
URL: https://refbanners.com/checker/checker.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
83.147.204.12 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),
Reverse DNS
Software
nginx /
Resource Hash
9682f312f23e078bb135f23ea5a178b178e75c02d33672f20044d18c6d258928
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://refbanners.com/I?tag=d_2912617m_10423c_&site=2912617&ad=10423
x-requested-with
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:14 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
nginx
server-timing
wf-uht;dur=0.028
content-length
14
content-type
application/json
event
ibrapush.com/
94 B
359 B
Fetch
General
Full URL
https://ibrapush.com/event
Requested by
Host: www.ptc1.ptcclick.online
URL: https://www.ptc1.ptcclick.online/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
383a4b3a275b2171545229f15a80554b6780bef8a488dcbf326583d8d7376205
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ptc1.ptcclick.online/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 28 Dec 2023 16:28:14 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ptc1.ptcclick.online
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
94
event
ibrapush.com/ Frame
0
0
Preflight
General
Full URL
https://ibrapush.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ptc1.ptcclick.online
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.ptc1.ptcclick.online
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Thu, 28 Dec 2023 16:28:14 GMT
server
nginx
0ccfc43f960ff2dee552363629b769b8.png
offerimage.com/www/images/
8 KB
8 KB
Image
General
Full URL
https://offerimage.com/www/images/0ccfc43f960ff2dee552363629b769b8.png
Requested by
Host: www.ptc1.ptcclick.online
URL: https://www.ptc1.ptcclick.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:16d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
278d4648a09e18f980cef2025706ff54b9bad840ae57c79009bc17e0bd017c5d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ptc1.ptcclick.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:14 GMT
cf-cache-status
HIT
last-modified
Sat, 08 Apr 2023 13:11:16 GMT
server
cloudflare
age
82100
etag
"643167f4-1e61"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83cb2ce06da32269-MIA
content-length
7777
expires
Thu, 28 Dec 2023 17:39:54 GMT
advert.gif
mc.yandex.com/metrika/ Frame 8C9F
43 B
430 B
Image
General
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://multiwall-ads.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:14 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 25 Dec 2023 13:57:02 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"65898a2e-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Thu, 28 Dec 2023 17:28:14 GMT
1
mc.yandex.com/watch/94345894/ Frame 8C9F
Redirect Chain
  • https://mc.yandex.com/watch/94345894?wmode=7&page-url=https%3A%2F%2Fmultiwall-ads.shop%2Fvbanner.php%3Fmwbanner%3D420%26size%3D300&page-ref=https%3A%2F%2Fwww.ptc1.ptcclick.online%2F&charset=utf-8&u...
  • https://mc.yandex.com/watch/94345894/1?wmode=7&page-url=https%3A%2F%2Fmultiwall-ads.shop%2Fvbanner.php%3Fmwbanner%3D420%26size%3D300&page-ref=https%3A%2F%2Fwww.ptc1.ptcclick.online%2F&charset=utf-8...
435 B
621 B
Fetch
General
Full URL
https://mc.yandex.com/watch/94345894/1?wmode=7&page-url=https%3A%2F%2Fmultiwall-ads.shop%2Fvbanner.php%3Fmwbanner%3D420%26size%3D300&page-ref=https%3A%2F%2Fwww.ptc1.ptcclick.online%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A972037860618%3Ahid%3A570934941%3Az%3A-600%3Ai%3A20231228062814%3Aet%3A1703780895%3Ac%3A1%3Arn%3A97024529%3Arqn%3A2%3Au%3A1703780895955864220%3Aw%3A300x250%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C61%2C696%2C1%2C1%2C0%2C%2C9%2C0%2C%2C%2C%2C784%3Aco%3A0%3Acpf%3A1%3Ans%3A1703780892804%3Arqnl%3A1%3Ast%3A1703780895%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29&redirnss=1
Requested by
Host: multiwall-ads.shop
URL: https://multiwall-ads.shop/vbanner.php?mwbanner=420&size=300
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
0416a8dcc9576d311c19e448254dab5fafc0695097c6d80855b3ded46fd773d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://multiwall-ads.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 16:28:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Thu, 28-Dec-2023 16:28:14 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://multiwall-ads.shop
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
435
x-xss-protection
1; mode=block
expires
Thu, 28-Dec-2023 16:28:14 GMT

Redirect headers

pragma
no-cache
date
Thu, 28 Dec 2023 16:28:14 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 28-Dec-2023 16:28:14 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/94345894/1?wmode=7&page-url=https%3A%2F%2Fmultiwall-ads.shop%2Fvbanner.php%3Fmwbanner%3D420%26size%3D300&page-ref=https%3A%2F%2Fwww.ptc1.ptcclick.online%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A972037860618%3Ahid%3A570934941%3Az%3A-600%3Ai%3A20231228062814%3Aet%3A1703780895%3Ac%3A1%3Arn%3A97024529%3Arqn%3A2%3Au%3A1703780895955864220%3Aw%3A300x250%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C61%2C696%2C1%2C1%2C0%2C%2C9%2C0%2C%2C%2C%2C784%3Aco%3A0%3Acpf%3A1%3Ans%3A1703780892804%3Arqnl%3A1%3Ast%3A1703780895%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29&redirnss=1
access-control-allow-origin
https://multiwall-ads.shop
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 28-Dec-2023 16:28:14 GMT
gid.js
my.rtmark.net/
65 B
549 B
Fetch
General
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=5e6177a942a64fb4b1a0b32cdfa4f598&zoneId=6800150&checkDuplicate=true&ymid=&var=
Requested by
Host: www.ptc1.ptcclick.online
URL: https://www.ptc1.ptcclick.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4ffe4136c553a40ec6677716f0a2cea4e61a2d3a4c120d7af511fe5ab20edbac
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ptc1.ptcclick.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:14 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ptc1.ptcclick.online
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
custom
ibrapush.com/
39 B
337 B
Fetch
General
Full URL
https://ibrapush.com/custom
Requested by
Host: www.ptc1.ptcclick.online
URL: https://www.ptc1.ptcclick.online/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ptc1.ptcclick.online/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
8dc63b42101a889ddc53f51909f1c2dc
date
Thu, 28 Dec 2023 16:28:15 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ptc1.ptcclick.online
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
39
custom
ibrapush.com/ Frame
0
0
Preflight
General
Full URL
https://ibrapush.com/custom
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ptc1.ptcclick.online
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.ptc1.ptcclick.online
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Thu, 28 Dec 2023 16:28:14 GMT
server
nginx
11
cameesse.net/
0
600 B
XHR
General
Full URL
https://cameesse.net/11?rnd=3206078187&z=6800148&b=5362695&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=1IH6RUg7yxcu8sHU_zdVz-8-lN6THmC0NzsUS67zY2JNldvHrSrxqEhKz1Ie7OfQb6UEBbLbNJiSV793Tm7nyX0lCR7K2ZzlM9_7VaaTNz5k7tx3DaiF9Hk1TYUdnE8o3rcdPx0NeID4B-Fw4bfiFdmgRUwfmuVykBahcplDRJ9T1tWqR2OQSwjYcFfZ21-D3Qy28bTyI60khLE49LYbWFacnrg_KvL0RdexjjIRLDxuAH3p0r5Rv7AZE5KdvDgo7uYWW5V3sywnUOmY6hmgu7YTLL3dll-vdMx_x4hm1VIQWuAKCms9DMxyyvW_4n-u&ruid=f431203a-a9c2-4ea8-b555-4f4af0a9c492&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fwww.ptc1.ptcclick.online%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=8&sah=1200&drf=&hil=1&ist=0&ot=572
Requested by
Host: cameesse.net
URL: https://cameesse.net/27/b7af9eee900df9a8aa2af9ad8ee46174
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ptc1.ptcclick.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-trace-id
41604226c648e72aa4f8532931522d3b
pragma
no-cache
date
Thu, 28 Dec 2023 16:28:15 GMT
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/jpeg
access-control-allow-origin
https://www.ptc1.ptcclick.online
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
content-length
0
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
interstitial-08.com/ Frame C6C6
21 KB
5 KB
Document
General
Full URL
https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D1810638112%26z%3D6800148%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D1IH6RUg7yxcu8sHU_zdVz-8-lN6THmC0NzsUS67zY2JNldvHrSrxqEhKz1Ie7OfQb6UEBbLbNJiSV793Tm7nyX0lCR7K2ZzlM9_7VaaTNz5k7tx3DaiF9Hk1TYUdnE8o3rcdPx0NeID4B-Fw4bfiFdmgRUwfmuVykBahcplDRJ9T1tWqR2OQSwjYcFfZ21-D3Qy28bTyI60khLE49LYbWFacnrg_KvL0RdexjjIRLDxuAH3p0r5Rv7AZE5KdvDgo7uYWW5V3sywnUOmY6hmgu7YTLL3dll-vdMx_x4hm1VIQWuAKCms9DMxyyvW_4n-u%26bag%3DydU9kaAfa6I%3D%26ruid%3Df431203a-a9c2-4ea8-b555-4f4af0a9c492%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fwww.ptc1.ptcclick.online%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D8%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Requested by
Host: cameesse.net
URL: https://cameesse.net/27/b7af9eee900df9a8aa2af9ad8ee46174
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx / PHP/7.4.33
Resource Hash
8eecc4e038d54b2c20d1b9697559d056900df0066145bfaf1309dde46acfc0a7

Request headers

Referer
https://www.ptc1.ptcclick.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 28 Dec 2023 16:28:15 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
defaultSkin.min.js
ibrapush.com/pfe/current/
56 KB
19 KB
Fetch
General
Full URL
https://ibrapush.com/pfe/current/defaultSkin.min.js
Requested by
Host: www.ptc1.ptcclick.online
URL: https://www.ptc1.ptcclick.online/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
7b23e3a7155161323573e58616ff1bfdaffd0560483db31315d181f6b394ddd5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ptc1.ptcclick.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 16:28:15 GMT
content-encoding
gzip
last-modified
Mon, 27 Nov 2023 13:38:02 GMT
server
nginx
etag
W/"65649bba-df63"
content-type
application/javascript
access-control-allow-origin
https://www.ptc1.ptcclick.online
cache-control
no-cache
access-control-allow-credentials
true
truncated
/ Frame D897
255 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
custom
ibrapush.com/
39 B
337 B
Fetch
General
Full URL
https://ibrapush.com/custom
Requested by
Host: www.ptc1.ptcclick.online
URL: https://www.ptc1.ptcclick.online/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ptc1.ptcclick.online/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
ceac044efb4c69f8064b1bfde4c75761
date
Thu, 28 Dec 2023 16:28:15 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ptc1.ptcclick.online
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
39
custom
ibrapush.com/ Frame
0
0
Preflight
General
Full URL
https://ibrapush.com/custom
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ptc1.ptcclick.online
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.ptc1.ptcclick.online
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Thu, 28 Dec 2023 16:28:15 GMT
server
nginx
style.css
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/css/ Frame C6C6
12 KB
3 KB
Stylesheet
General
Full URL
https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/css/style.css?v=1518177503492
Requested by
Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D1810638112%26z%3D6800148%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D1IH6RUg7yxcu8sHU_zdVz-8-lN6THmC0NzsUS67zY2JNldvHrSrxqEhKz1Ie7OfQb6UEBbLbNJiSV793Tm7nyX0lCR7K2ZzlM9_7VaaTNz5k7tx3DaiF9Hk1TYUdnE8o3rcdPx0NeID4B-Fw4bfiFdmgRUwfmuVykBahcplDRJ9T1tWqR2OQSwjYcFfZ21-D3Qy28bTyI60khLE49LYbWFacnrg_KvL0RdexjjIRLDxuAH3p0r5Rv7AZE5KdvDgo7uYWW5V3sywnUOmY6hmgu7YTLL3dll-vdMx_x4hm1VIQWuAKCms9DMxyyvW_4n-u%26bag%3DydU9kaAfa6I%3D%26ruid%3Df431203a-a9c2-4ea8-b555-4f4af0a9c492%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fwww.ptc1.ptcclick.online%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D8%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12ec824a66b6ad652e1cf0952853b6ba3053dd76a84bbcf4bdb3c055e411c78

Request headers

accept-language
en-US,en;q=0.9
Referer
https://interstitial-08.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 05 Dec 2023 12:54:54 GMT
server
cloudflare
age
1559
etag
W/"656f1d9e-30c9"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
max-age=3600
cf-ray
83cb2ce5fcfd5c6c-MIA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
audible.png
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/ Frame C6C6
3 KB
3 KB
Image
General
Full URL
https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/audible.png
Requested by
Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D1810638112%26z%3D6800148%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D1IH6RUg7yxcu8sHU_zdVz-8-lN6THmC0NzsUS67zY2JNldvHrSrxqEhKz1Ie7OfQb6UEBbLbNJiSV793Tm7nyX0lCR7K2ZzlM9_7VaaTNz5k7tx3DaiF9Hk1TYUdnE8o3rcdPx0NeID4B-Fw4bfiFdmgRUwfmuVykBahcplDRJ9T1tWqR2OQSwjYcFfZ21-D3Qy28bTyI60khLE49LYbWFacnrg_KvL0RdexjjIRLDxuAH3p0r5Rv7AZE5KdvDgo7uYWW5V3sywnUOmY6hmgu7YTLL3dll-vdMx_x4hm1VIQWuAKCms9DMxyyvW_4n-u%26bag%3DydU9kaAfa6I%3D%26ruid%3Df431203a-a9c2-4ea8-b555-4f4af0a9c492%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fwww.ptc1.ptcclick.online%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D8%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
871975b8040629c7b43de81b1a0878f40991ec2f49caddd6441b5d1f8322aeed

Request headers

accept-language
en-US,en;q=0.9
Referer
https://interstitial-08.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:15 GMT
cf-cache-status
HIT
age
6821
content-length
3429
last-modified
Tue, 05 Dec 2023 12:54:54 GMT
server
cloudflare
etag
"656f1d9e-d65"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
83cb2ce5fd025c6c-MIA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
0100657458245.jpeg
interstitial-08.com/contents/s/2d/3f/7f/35d1f144fa688a67ba834d0931/ Frame C6C6
52 KB
53 KB
Image
General
Full URL
https://interstitial-08.com/contents/s/2d/3f/7f/35d1f144fa688a67ba834d0931/0100657458245.jpeg
Requested by
Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D1810638112%26z%3D6800148%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D1IH6RUg7yxcu8sHU_zdVz-8-lN6THmC0NzsUS67zY2JNldvHrSrxqEhKz1Ie7OfQb6UEBbLbNJiSV793Tm7nyX0lCR7K2ZzlM9_7VaaTNz5k7tx3DaiF9Hk1TYUdnE8o3rcdPx0NeID4B-Fw4bfiFdmgRUwfmuVykBahcplDRJ9T1tWqR2OQSwjYcFfZ21-D3Qy28bTyI60khLE49LYbWFacnrg_KvL0RdexjjIRLDxuAH3p0r5Rv7AZE5KdvDgo7uYWW5V3sywnUOmY6hmgu7YTLL3dll-vdMx_x4hm1VIQWuAKCms9DMxyyvW_4n-u%26bag%3DydU9kaAfa6I%3D%26ruid%3Df431203a-a9c2-4ea8-b555-4f4af0a9c492%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fwww.ptc1.ptcclick.online%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D8%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
be88718a0eb175ebc4385600fe4168853a2ba705d814d2f9887ca7aa8cbd9238

Request headers

accept-language
en-US,en;q=0.9
Referer
https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D1810638112%26z%3D6800148%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D1IH6RUg7yxcu8sHU_zdVz-8-lN6THmC0NzsUS67zY2JNldvHrSrxqEhKz1Ie7OfQb6UEBbLbNJiSV793Tm7nyX0lCR7K2ZzlM9_7VaaTNz5k7tx3DaiF9Hk1TYUdnE8o3rcdPx0NeID4B-Fw4bfiFdmgRUwfmuVykBahcplDRJ9T1tWqR2OQSwjYcFfZ21-D3Qy28bTyI60khLE49LYbWFacnrg_KvL0RdexjjIRLDxuAH3p0r5Rv7AZE5KdvDgo7uYWW5V3sywnUOmY6hmgu7YTLL3dll-vdMx_x4hm1VIQWuAKCms9DMxyyvW_4n-u%26bag%3DydU9kaAfa6I%3D%26ruid%3Df431203a-a9c2-4ea8-b555-4f4af0a9c492%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fwww.ptc1.ptcclick.online%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D8%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:15 GMT
last-modified
Thu, 31 Jan 2019 11:14:34 GMT
server
nginx
etag
"5c52d89a-d0e0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length
53472
0933414948049.jpeg
interstitial-08.com/contents/s/54/58/11/b0a815692a6ca16dd9a46924ab/ Frame C6C6
14 KB
15 KB
Image
General
Full URL
https://interstitial-08.com/contents/s/54/58/11/b0a815692a6ca16dd9a46924ab/0933414948049.jpeg
Requested by
Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D1810638112%26z%3D6800148%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D1IH6RUg7yxcu8sHU_zdVz-8-lN6THmC0NzsUS67zY2JNldvHrSrxqEhKz1Ie7OfQb6UEBbLbNJiSV793Tm7nyX0lCR7K2ZzlM9_7VaaTNz5k7tx3DaiF9Hk1TYUdnE8o3rcdPx0NeID4B-Fw4bfiFdmgRUwfmuVykBahcplDRJ9T1tWqR2OQSwjYcFfZ21-D3Qy28bTyI60khLE49LYbWFacnrg_KvL0RdexjjIRLDxuAH3p0r5Rv7AZE5KdvDgo7uYWW5V3sywnUOmY6hmgu7YTLL3dll-vdMx_x4hm1VIQWuAKCms9DMxyyvW_4n-u%26bag%3DydU9kaAfa6I%3D%26ruid%3Df431203a-a9c2-4ea8-b555-4f4af0a9c492%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fwww.ptc1.ptcclick.online%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D8%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
f710c2b11df9cadcb3a6d25a9dc8306172c04ff1d2fa8d96d4019d70833f695d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D1810638112%26z%3D6800148%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D1IH6RUg7yxcu8sHU_zdVz-8-lN6THmC0NzsUS67zY2JNldvHrSrxqEhKz1Ie7OfQb6UEBbLbNJiSV793Tm7nyX0lCR7K2ZzlM9_7VaaTNz5k7tx3DaiF9Hk1TYUdnE8o3rcdPx0NeID4B-Fw4bfiFdmgRUwfmuVykBahcplDRJ9T1tWqR2OQSwjYcFfZ21-D3Qy28bTyI60khLE49LYbWFacnrg_KvL0RdexjjIRLDxuAH3p0r5Rv7AZE5KdvDgo7uYWW5V3sywnUOmY6hmgu7YTLL3dll-vdMx_x4hm1VIQWuAKCms9DMxyyvW_4n-u%26bag%3DydU9kaAfa6I%3D%26ruid%3Df431203a-a9c2-4ea8-b555-4f4af0a9c492%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fwww.ptc1.ptcclick.online%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D8%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:15 GMT
last-modified
Wed, 15 Aug 2018 10:56:50 GMT
server
nginx
etag
"5b7406f2-393b"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length
14651
0350025199145.jpeg
interstitial-08.com/contents/s/4e/61/84/4a7532ee6d30450abd6bb2a1da/ Frame C6C6
35 KB
35 KB
Image
General
Full URL
https://interstitial-08.com/contents/s/4e/61/84/4a7532ee6d30450abd6bb2a1da/0350025199145.jpeg
Requested by
Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D1810638112%26z%3D6800148%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D1IH6RUg7yxcu8sHU_zdVz-8-lN6THmC0NzsUS67zY2JNldvHrSrxqEhKz1Ie7OfQb6UEBbLbNJiSV793Tm7nyX0lCR7K2ZzlM9_7VaaTNz5k7tx3DaiF9Hk1TYUdnE8o3rcdPx0NeID4B-Fw4bfiFdmgRUwfmuVykBahcplDRJ9T1tWqR2OQSwjYcFfZ21-D3Qy28bTyI60khLE49LYbWFacnrg_KvL0RdexjjIRLDxuAH3p0r5Rv7AZE5KdvDgo7uYWW5V3sywnUOmY6hmgu7YTLL3dll-vdMx_x4hm1VIQWuAKCms9DMxyyvW_4n-u%26bag%3DydU9kaAfa6I%3D%26ruid%3Df431203a-a9c2-4ea8-b555-4f4af0a9c492%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fwww.ptc1.ptcclick.online%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D8%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
01a91cef52f9849703fb84a945f9fb51b9debf7ac36730043d097c3865550e8c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D1810638112%26z%3D6800148%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D1IH6RUg7yxcu8sHU_zdVz-8-lN6THmC0NzsUS67zY2JNldvHrSrxqEhKz1Ie7OfQb6UEBbLbNJiSV793Tm7nyX0lCR7K2ZzlM9_7VaaTNz5k7tx3DaiF9Hk1TYUdnE8o3rcdPx0NeID4B-Fw4bfiFdmgRUwfmuVykBahcplDRJ9T1tWqR2OQSwjYcFfZ21-D3Qy28bTyI60khLE49LYbWFacnrg_KvL0RdexjjIRLDxuAH3p0r5Rv7AZE5KdvDgo7uYWW5V3sywnUOmY6hmgu7YTLL3dll-vdMx_x4hm1VIQWuAKCms9DMxyyvW_4n-u%26bag%3DydU9kaAfa6I%3D%26ruid%3Df431203a-a9c2-4ea8-b555-4f4af0a9c492%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fwww.ptc1.ptcclick.online%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D8%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:15 GMT
last-modified
Tue, 17 Jul 2018 10:46:08 GMT
server
nginx
etag
"5b4dc8f0-8b17"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length
35607
01289039865190.jpeg
interstitial-08.com/contents/s/aa/5b/71/730bd1c1e09e51bf17160def9a/ Frame C6C6
49 KB
50 KB
Image
General
Full URL
https://interstitial-08.com/contents/s/aa/5b/71/730bd1c1e09e51bf17160def9a/01289039865190.jpeg
Requested by
Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D1810638112%26z%3D6800148%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D1IH6RUg7yxcu8sHU_zdVz-8-lN6THmC0NzsUS67zY2JNldvHrSrxqEhKz1Ie7OfQb6UEBbLbNJiSV793Tm7nyX0lCR7K2ZzlM9_7VaaTNz5k7tx3DaiF9Hk1TYUdnE8o3rcdPx0NeID4B-Fw4bfiFdmgRUwfmuVykBahcplDRJ9T1tWqR2OQSwjYcFfZ21-D3Qy28bTyI60khLE49LYbWFacnrg_KvL0RdexjjIRLDxuAH3p0r5Rv7AZE5KdvDgo7uYWW5V3sywnUOmY6hmgu7YTLL3dll-vdMx_x4hm1VIQWuAKCms9DMxyyvW_4n-u%26bag%3DydU9kaAfa6I%3D%26ruid%3Df431203a-a9c2-4ea8-b555-4f4af0a9c492%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fwww.ptc1.ptcclick.online%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D8%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
89d93e12a15f6a5d57b5f8aca8bd1e6984dc4c8c5dec7840a8c8e8c8274c1568

Request headers

accept-language
en-US,en;q=0.9
Referer
https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D1810638112%26z%3D6800148%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D1IH6RUg7yxcu8sHU_zdVz-8-lN6THmC0NzsUS67zY2JNldvHrSrxqEhKz1Ie7OfQb6UEBbLbNJiSV793Tm7nyX0lCR7K2ZzlM9_7VaaTNz5k7tx3DaiF9Hk1TYUdnE8o3rcdPx0NeID4B-Fw4bfiFdmgRUwfmuVykBahcplDRJ9T1tWqR2OQSwjYcFfZ21-D3Qy28bTyI60khLE49LYbWFacnrg_KvL0RdexjjIRLDxuAH3p0r5Rv7AZE5KdvDgo7uYWW5V3sywnUOmY6hmgu7YTLL3dll-vdMx_x4hm1VIQWuAKCms9DMxyyvW_4n-u%26bag%3DydU9kaAfa6I%3D%26ruid%3Df431203a-a9c2-4ea8-b555-4f4af0a9c492%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fwww.ptc1.ptcclick.online%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D8%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:15 GMT
last-modified
Thu, 31 Jan 2019 11:14:34 GMT
server
nginx
etag
"5c52d89a-c502"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length
50434
player.png
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/ Frame C6C6
28 KB
28 KB
Image
General
Full URL
https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/player.png
Requested by
Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D1810638112%26z%3D6800148%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D1IH6RUg7yxcu8sHU_zdVz-8-lN6THmC0NzsUS67zY2JNldvHrSrxqEhKz1Ie7OfQb6UEBbLbNJiSV793Tm7nyX0lCR7K2ZzlM9_7VaaTNz5k7tx3DaiF9Hk1TYUdnE8o3rcdPx0NeID4B-Fw4bfiFdmgRUwfmuVykBahcplDRJ9T1tWqR2OQSwjYcFfZ21-D3Qy28bTyI60khLE49LYbWFacnrg_KvL0RdexjjIRLDxuAH3p0r5Rv7AZE5KdvDgo7uYWW5V3sywnUOmY6hmgu7YTLL3dll-vdMx_x4hm1VIQWuAKCms9DMxyyvW_4n-u%26bag%3DydU9kaAfa6I%3D%26ruid%3Df431203a-a9c2-4ea8-b555-4f4af0a9c492%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fwww.ptc1.ptcclick.online%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D8%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1eb8cf889202f439bb6bd1a03049b2e71953c7c0a5aadddde498cbea9bcadac

Request headers

accept-language
en-US,en;q=0.9
Referer
https://interstitial-08.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:15 GMT
cf-cache-status
HIT
age
3083
content-length
28527
last-modified
Tue, 05 Dec 2023 12:54:54 GMT
server
cloudflare
etag
"656f1d9e-6f6f"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
83cb2ce5fd035c6c-MIA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
script.js
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/js/ Frame C6C6
1 KB
561 B
Script
General
Full URL
https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/js/script.js?v=1518177503494
Requested by
Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D1810638112%26z%3D6800148%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D1IH6RUg7yxcu8sHU_zdVz-8-lN6THmC0NzsUS67zY2JNldvHrSrxqEhKz1Ie7OfQb6UEBbLbNJiSV793Tm7nyX0lCR7K2ZzlM9_7VaaTNz5k7tx3DaiF9Hk1TYUdnE8o3rcdPx0NeID4B-Fw4bfiFdmgRUwfmuVykBahcplDRJ9T1tWqR2OQSwjYcFfZ21-D3Qy28bTyI60khLE49LYbWFacnrg_KvL0RdexjjIRLDxuAH3p0r5Rv7AZE5KdvDgo7uYWW5V3sywnUOmY6hmgu7YTLL3dll-vdMx_x4hm1VIQWuAKCms9DMxyyvW_4n-u%26bag%3DydU9kaAfa6I%3D%26ruid%3Df431203a-a9c2-4ea8-b555-4f4af0a9c492%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fwww.ptc1.ptcclick.online%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D8%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55c72f42fc6ee2c502a5f86fe215690719ce746f383ec8551af1f1fb66252b2e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://interstitial-08.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 05 Dec 2023 12:54:54 GMT
server
cloudflare
age
6821
etag
W/"656f1d9e-58b"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
max-age=3600
cf-ray
83cb2ce5fcff5c6c-MIA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
rVjzXp93NdwDoM8WPd04LMy8eOjyh5v5vg7n_WG75Q6TE3Hz7_aNpuOKE8GsRbHxKeTahernssdhYYLjABGWT6oT_5V9G9pYCD_liOHImQ7hCdL3o4e3FRpUCQKkzPJPv1oJSe7kZ-2DmFIAyUQoTxBh_Gt4AIXIIFGDW_anTpm_jR1LMDiql__46-0rw0f8srJX3...
bygliscortor.com/impression/
43 B
543 B
Image
General
Full URL
https://bygliscortor.com/impression/rVjzXp93NdwDoM8WPd04LMy8eOjyh5v5vg7n_WG75Q6TE3Hz7_aNpuOKE8GsRbHxKeTahernssdhYYLjABGWT6oT_5V9G9pYCD_liOHImQ7hCdL3o4e3FRpUCQKkzPJPv1oJSe7kZ-2DmFIAyUQoTxBh_Gt4AIXIIFGDW_anTpm_jR1LMDiql__46-0rw0f8srJX3pgOgbcXXBI612uxjZihFvZMIai2Ql1laZKN1E61UHGRQBMpNbjmv6Q1S7RSpT9_yyPtHt-DHFHUCKHlopo3xvZ5IsJkbol7RzpyYEPJpzuZQwI_63nFLPG68efHY4FCZRJXDrPItnoUWPRKZ_YPivFgNSRFeOyoUmjU7oHI4vbhYabUZ-uBWwd1JnCImQTZtACs0C3rdfME4DM4x1rCb0jhYlptnJjuPtH5AWVuaKo0_VXlyS2kcdIKuaLMc3zghqV3zrA8vRWvhIkYrx6-blGUfqkTa8qasc0_rOwRjOlxYSS0M7-XmPtx3VqBLJNK-BZKXqYw4uyrknJ_myYHuj-hD7TESf2EGKFa42XpY7NLt--tCW63tfgicOG1r35c2pMX-20Le3e6_dz5S0prqkATydKDxhRI0zEtFfUZOY4HvyYKaaAZ2Lmp2ytozkcXgwx3imMaWqEutn6Or1uRmBoXlOXRDnqoSWgQK7Z1UOwM5sy1EOfTIywdExoKJf6O0EdbtZrzqIuF8VadZC4_o0cF3hzx8jXEblJ-f2Q=?_z=6800149&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=10&pl=https%3A%2F%2Fwww.ptc1.ptcclick.online%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=-600&js_build=8&sw_version=v1.312.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ptc1.ptcclick.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:19 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-length
43
x-trace-id
d7640d357b6187c3ea58bce440f91b88
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
css2
fonts.googleapis.com/ Frame 8D23
10 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
Requested by
Host: bygliscortor.com
URL: https://bygliscortor.com/401/6800149
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
91b113cbf5aedc9b93ceebe313863344b1ead775a618a7e9f31f9e98dbbdf227
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 28 Dec 2023 16:28:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 28 Dec 2023 16:21:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 28 Dec 2023 16:28:18 GMT
0ccfc43f960ff2dee552363629b769b8.png
offerimage.com/www/images/ Frame 8D23
8 KB
8 KB
Image
General
Full URL
https://offerimage.com/www/images/0ccfc43f960ff2dee552363629b769b8.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:16d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
278d4648a09e18f980cef2025706ff54b9bad840ae57c79009bc17e0bd017c5d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:18 GMT
cf-cache-status
HIT
last-modified
Sat, 08 Apr 2023 13:11:16 GMT
server
cloudflare
age
82104
etag
"643167f4-1e61"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83cb2cfaabf42269-MIA
content-length
7777
expires
Thu, 28 Dec 2023 17:39:54 GMT
lVBO1CtgYQYvLYSTYfrauGzb-9EzUX9-JVYOtOgJkUyhHpBA5dle4-qRM_s1kk9-KFINwXA3_TxWHGYQaBuEyZFVJbI5YB-bIbTC4jnTTO20T4QNOt5fOX_CdY2rZNAs4rEM5oFNZcvIcUsOCeBn2KVfJc89NueTCXuYkt14x6xy5ztCQ0igVci8XRbFgmEobY_gF...
gishejuy.com/impression/
43 B
543 B
Image
General
Full URL
https://gishejuy.com/impression/lVBO1CtgYQYvLYSTYfrauGzb-9EzUX9-JVYOtOgJkUyhHpBA5dle4-qRM_s1kk9-KFINwXA3_TxWHGYQaBuEyZFVJbI5YB-bIbTC4jnTTO20T4QNOt5fOX_CdY2rZNAs4rEM5oFNZcvIcUsOCeBn2KVfJc89NueTCXuYkt14x6xy5ztCQ0igVci8XRbFgmEobY_gFgh1nZXlzTowmYmyY8aioYrTtt1XDi48RdFI9gaxOT6usjzmXSpg-dOXyT63zy7M5hNl7bwSmNgW63pEADyRnO6cxgQjDhgcJB--vud9W8SicA5gWVkpEvTwGcnXhmN4JzUwxGG-0s-GpXdmUv4vkYZlEqkmy0oK8TOcau8AnCOggTTjWqX5L4zYTLciopw-5cb4fK4J--a6fk6p1BetC1tasZYvUdfFQZ5vOrWrTe8olYegk17O1qUi4Lt8Bw9QzvJOZ4lXAqo0tWpz49YiXuG4fCzKVWXYiMqgeTkWblNDOd4xCa-bvnqGYdsbLAu3iW9MqeOJe3UUVQFL-vGOULtYvNLtZ4wG6b28zpR6NnbEGkO267hJfCP13bmeP6NOyVxQTAktwDvBLvdzGKk6kEujigIlYSoKrEemCcdInioToloMwMh_y_Tow5jcCAo7odaMC82P0NTgVIURTteGUqOghvplsmjdhZvO2uAoIfsbuIx2cTQ3841HmnAA1VB7uhnpFpM-c1_IhoHwcCAucjvtHiRKU4nVQZjbm-s=?_z=6800147&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=11&pl=https%3A%2F%2Fwww.ptc1.ptcclick.online%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=-600&js_build=8&sw_version=v1.312.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ptc1.ptcclick.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:19 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-length
43
x-trace-id
69fcb4a3c0be25a476c52c3df105b85d
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8D23
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.ptc1.ptcclick.online
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 03:05:19 GMT
x-content-type-options
nosniff
age
48180
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Dec 2024 03:05:19 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8D23
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.ptc1.ptcclick.online
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 00:59:12 GMT
x-content-type-options
nosniff
age
574147
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Dec 2024 00:59:12 GMT
6800147
gishejuy.com/500/
1 KB
2 KB
XHR
General
Full URL
https://gishejuy.com/500/6800147?excludes=19172758&oaid=456e4dcac40b42a2a2fbb2374deaaa98&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=11&pl=https%3A%2F%2Fwww.ptc1.ptcclick.online%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=-600&js_build=8&sw_version=v1.312.0
Requested by
Host: gishejuy.com
URL: https://gishejuy.com/400/6800147
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e94c81a75cf55543e888de10d13a95a40f5816db629cc84bae0404049b3d2f22
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ptc1.ptcclick.online/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 28 Dec 2023 16:28:19 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
b32b001fed23c87ee1708351ac330d79
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://www.ptc1.ptcclick.online
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
6800147
gishejuy.com/500/ Frame
0
0
Preflight
General
Full URL
https://gishejuy.com/500/6800147?excludes=19172758&oaid=456e4dcac40b42a2a2fbb2374deaaa98&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=11&pl=https%3A%2F%2Fwww.ptc1.ptcclick.online%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=-600&js_build=8&sw_version=v1.312.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.ptc1.ptcclick.online
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.ptc1.ptcclick.online
access-control-max-age
600
allow
GET, OPTIONS
content-length
0
date
Thu, 28 Dec 2023 16:28:19 GMT
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
*
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
17ebb869da9235f06a74f528304b0892.png
offerimage.com/www/images/
33 KB
33 KB
Image
General
Full URL
https://offerimage.com/www/images/17ebb869da9235f06a74f528304b0892.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:16d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ptc1.ptcclick.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:28:19 GMT
cf-cache-status
HIT
last-modified
Thu, 08 Jun 2023 01:30:06 GMT
server
cloudflare
age
16742
etag
"64812f1e-84c1"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83cb2cfdb8892269-MIA
content-length
33985
expires
Fri, 29 Dec 2023 11:49:17 GMT

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| documentPictureInPicture function| $ function| jQuery function| expandWidget function| removePreloader object| preloader string| QGmSHWqOiZis string| RxdHWEWiWf number| qDBCnlwVle number| uKRyAjQBXd number| OQbloYVxdA number| wICuxZnbSJ function| xZkvTNwDyA object| TYxxWKjeEY number| c2 number| c1 object| DDTxH4GpgBkd function| oPeQrrbOnm object| _cpp object| _rm5tat30bj_ function| ping_rm_ki101 object| zfgstorage object| h18w33eh1yk object| zfgformats function| onClickTrigger boolean| zfgonclickfirst object| syncCallbacks boolean| zfgloadedpopup function| k96JIe function| P9qCn number| x7xcxT function| W2H7f function| x5cCLQ function| v7rd_ number| i$2vvT function| e6Jgq function| check object| cpx24 string| popns function| E1vv object| cxpl string| domcp1 boolean| __lwkemfd9q__ object| webpushlogs object| regeneratorRuntime boolean| zfgloadednative object| __ds3dcV__ object| sdk boolean| installOnFly function| _retranber number| __qwe33wweq__ boolean| zfgloadedpush boolean| zfgloadedpushopt boolean| zfgloadedpushcode object| _nps object| onClickExcludes

27 Cookies

Domain/Path Name / Value
www.ptc1.ptcclick.online/ Name: wolven_core_session
Value: d7f9b6f38113e7f61d851d7a793aae12
.magsrv.com/ Name: __uvt
Value: a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22658da21d63d9f3.553085263525182038%22%3B%7D
.magsrv.com/ Name: __upt
Value: %7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22511.0199%22%7D
my.rtmark.net/ Name: ID
Value: 456e4dcac40b42a2a2fbb2374deaaa98
www.ptc1.ptcclick.online/ Name: prefetchAd_6800146
Value: true
.neverstoprotation.com/ Name: c_91aefa39074b6b3fa520c89c7e4561a5
Value: 1
.neverstoprotation.com/ Name: z_134dcc12e16ca8773a36d08c0a8c686c
Value: 1
cameesse.net/ Name: scm
Value: 1
cameesse.net/ Name: oaidts
Value: 1703780893
.neverstoprotation.com/ Name: showed_15437_95810
Value: [2502262]
veepteero.com/ Name: OAID
Value: 456e4dcac40b42a2a2fbb2374deaaa98
veepteero.com/ Name: oaidts
Value: 1703780894
veepteero.com/ Name: syncedCookie
Value: true
.multiwall-ads.shop/ Name: _ym_uid
Value: 1703780895955864220
.multiwall-ads.shop/ Name: _ym_d
Value: 1703780895
.yandex.ru/ Name: i
Value: QinUVS8AqBpixMLEOMUb0y4+uGVTQ1xWHo2brVcnxgK5OAHQSTR9xUDaIh3HytE1LDPX1lDGDrC4MNTv3t8+qKZLqDM=
.yandex.ru/ Name: yandexuid
Value: 3843954411703780894
bygliscortor.com/ Name: OAID
Value: 456e4dcac40b42a2a2fbb2374deaaa98
.yandex.com/ Name: ymex
Value: 1735316894.yrts.1703780894#1735316894.yrtsi.1703780894
.yandex.com/ Name: bh
Value: KgI/MA==
gishejuy.com/ Name: OAID
Value: 456e4dcac40b42a2a2fbb2374deaaa98
.multiwall-ads.shop/ Name: _ym_isad
Value: 2
mc.yandex.com/ Name: yabs-sid
Value: 608903621703780894
.yandex.com/ Name: yuidss
Value: 2468279431703780894
.yandex.com/ Name: i
Value: 7jkhyc+CCaDuxarNsfxOg8iZ8qETg3JgedLl6/z2/v2RD4A+vsDIsYYYGVJn7YhmLMGcs1X93O+6WAxa/tpKs6xaOio=
.yandex.com/ Name: yandexuid
Value: 2982702181703780894
cameesse.net/ Name: OAID
Value: 456e4dcac40b42a2a2fbb2374deaaa98

4 Console Messages

Source Level URL
Text
network error URL: https://a.exoclick.com/tag.php?goal=eea564a66f809bfecfdddb23eba6c846
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://a.exoclick.com/tag.php?goal=eea564a66f809bfecfdddb23eba6c846
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.ptc1.ptcclick.online/sw.js
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.exoclick.com
a.magsrv.com
alwingulla.com
ayelads.com
bygliscortor.com
cameesse.net
cdn1.adcdnx.com
fleraprt.com
fonts.googleapis.com
fonts.gstatic.com
gishejuy.com
i.ibb.co
ibrapush.com
interstitial-08.com
littlecdn.com
mc.yandex.com
mc.yandex.ru
multiwall-ads.shop
my.rtmark.net
neverstoprotation.com
offerimage.com
onegamepics.com
rapid-faucet.site
refbanners.com
refpa4293501.top
rf.revolvermaps.com
s.magsrv.com
smartpicrotation.com
tzegilo.com
veepteero.com
www.google-analytics.com
www.googletagmanager.com
www.ptc1.ptcclick.online
wxhiojortldjyegtkx.bid
104.194.8.143
139.45.195.254
139.45.195.8
139.45.197.151
139.45.197.242
139.45.197.250
162.0.235.250
172.66.41.37
172.67.133.154
178.253.46.82
2606:4700:10::6816:1974
2606:4700:10::ac43:16d8
2606:4700:3030::6815:489b
2606:4700:3031::ac43:dee6
2606:4700:3033::6815:2cd3
2606:4700:3035::6815:5feb
2606:4700:3036::6815:274d
2606:4700:3036::ac43:c134
2607:f8b0:4004:c08::5e
2607:f8b0:4004:c09::61
2607:f8b0:4004:c19::5f
2607:f8b0:4004:c1b::8b
2800:6c0:2::198
2a00:f820:425::3
2a02:6b8::1:119
2a02:6ea0:e200::2
67.223.118.72
68.169.106.41
83.147.204.12
001c773a760e6b4598ba0d7c39b3d34e3a66b148982927b6170b2ebf5df3e9f9
01a91cef52f9849703fb84a945f9fb51b9debf7ac36730043d097c3865550e8c
0416a8dcc9576d311c19e448254dab5fafc0695097c6d80855b3ded46fd773d8
09e8ce2dfeac0ad09cd24788931b38ea7e7592f2c28eecc324b2dd1cd69d1b42
0d2d11d944a5d6772c81399ed230f1d0be25953a4b5e81f7acbc724ab1c84473
10641bed24fdc3f9e665d5f09bbcd29e744d3aab06fe827e29c3bd24afb452bb
137fd3e1fec5008094e99ffc86fcf20348e6cf04d502e6723952c81dc1bca143
168c5fc9446db472cbf9e25c0af43e551f18568b20828973eb2068b9d42401c8
198a55310d4d5b786ff571ff4f16a66505bb17545c557818c8de810851616955
1a3f7f2cfe5fba958e9df1a38c0980aab5bb21225601ea849f9e6df4afe09f2e
1a4736b65834032264fa6fb8766cd7645d81e995bf5236897ff993ba9ad08f77
1dc825c81eb32e4e6f255dcc45685bdd4de23d5dd417ab43342c0fec6f13e6f5
1df997f7b41258955cda1b86e1db65b1a3733c27aa4ba3fc17991263171f4278
1f0dec12f187afaf174cf928725d4cf4a7970b6eaf715719e7c6a65d17ce05aa
1f945c9c46c47a2b0e867b0d09c3e4559cd768a2d3747abf28d1d65667733b75
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
278d4648a09e18f980cef2025706ff54b9bad840ae57c79009bc17e0bd017c5d
28721a13f217bde7c789c50b7576e1ba465e3b74564a6e0b65080a57f53dca7b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f6aa33f274d07d4760282a9489864a778005205b5392ac67557802e917d2192
2fe8ab643970245fe14f891fcfd60819c7f669afe4692a0844d40a8a8a35e4ef
318f8fbf98fc2651656cefaff1338c3348c48a260815b4bc489c0d23ccf51f1b
383a4b3a275b2171545229f15a80554b6780bef8a488dcbf326583d8d7376205
393a4717bf7da6ed7550a484f78f073fcd9a9d8b415e04d8c3e9c7c56ff52d26
39933ce958079ddc0911718082ac299f45c34c16ce1cac4f5bb607d7c34c1684
3bb9957735f0465cdced477150a5d3f8e43dbf450521e595317834c456635ba2
3ff1114ae26821a996f70ffa7cdfe58e8232baf20f4e6ce90e23b5dfffd98c0f
435c66905e1d49dede5e9cc5af6ff756f709cced95152bbba018ab1e5eb966b3
438099da1cf057f5b48133f7a74b2d506751fb1b2e888d22ca397fa1983a8f9a
47b206114591b6334e70341707eb1abd4c0db4dacee2fe0f47db4a1a04f08757
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ffe4136c553a40ec6677716f0a2cea4e61a2d3a4c120d7af511fe5ab20edbac
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532
55c72f42fc6ee2c502a5f86fe215690719ce746f383ec8551af1f1fb66252b2e
55e34aece8e2962878bad9137b44111b6fabbdeda427f55268eca3276d9edc55
5aadd092cb6a23622cfb0e59591c9c80a6a772df11ca1c935b221e2a611704e2
5b243e8e66d413f2ab62cfee07531a5598eff1ac033f8092fbca226fcef29942
6196e668759d9c88bf58dbabd03ab4ec2845ccc8ba7bb7bab0f4fd36f21e9e4e
61fc1450549e5445ad569d4754c2cd6b408d8b981cb9be9e3dedebdd2e0e7703
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
7098f94299a8ec7ba3b3158acba039974500fcdb132e0697f8617b95895e2dac
73c8bec1c5557e5ab1a6bde3fac2538d2e49c30cbe3624a26b1ec6ee56f958ec
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b23e3a7155161323573e58616ff1bfdaffd0560483db31315d181f6b394ddd5
7f8e13873493cb8498e22edd5ce588311012abdef50369cc84fcf73fb2aafebc
81525a290df70202cdcac1f9c5b0e18b45e376f6d6e2a41b6262208b9a45c827
8550b517a4660e2306cc419af0e83de3ed4fa0eb0827c74f17a82267070d6191
86b086fbcaceb44826623d8cde3216dc904443bde11b51540e750f8bbf97c1eb
86da38693fcea056d36588a4146e85392f784c457511de416fec32034aafa4f9
871975b8040629c7b43de81b1a0878f40991ec2f49caddd6441b5d1f8322aeed
89d93e12a15f6a5d57b5f8aca8bd1e6984dc4c8c5dec7840a8c8e8c8274c1568
8eecc4e038d54b2c20d1b9697559d056900df0066145bfaf1309dde46acfc0a7
91b113cbf5aedc9b93ceebe313863344b1ead775a618a7e9f31f9e98dbbdf227
92e73d2cb9952afecf4d66ea9c10e08567a07ce4422ccd16e2f7ff41fcc8b2fa
9400c75dca241ca52b09f0de7d749e3aa2c583cf8d1f3933e00eacb46c5b1a30
96412220dc63c35c08c6ff9f09c4a93bcf81e8fe6f44e380e0ffae728ddbb918
9682f312f23e078bb135f23ea5a178b178e75c02d33672f20044d18c6d258928
997d968621d97121b423e07a7188084805214b3d2a874d576cc5b795686dac7d
9cae4abe29ec83f79704ea488259f13d3e8ad63c15f73fa6364d2ec748977a1f
9e5497583b14e6bc4062d019cb6ca113c277891c4f15e81a834a2c2b6f11542e
9f66fb30c2b34e4e0362c14489bb771ceca847feb4b3b6b4f06250a3ee37a1ce
a0ee732bd0c9d2b6f2289a86917af884965c136f437e449d20fec38f75c5f739
a1fc64aea7de01b302a823c17750d1a1f3798cc2a2d4e28f98bac5a44aa2b9cc
a3e677b61ab338cf0df1a1b2f29834ca83d26f53e0eaa6395cc80154023ebe01
a7b578bc15c11b17a3a88061f71f439c299aa092a52be7ac919743ae415b6852
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
bbe041afc720654f8559d291faaa74b9af4ac642c36816d666fe865d59a69487
be88718a0eb175ebc4385600fe4168853a2ba705d814d2f9887ca7aa8cbd9238
cde8a7b4fee08a31473b416581be22b4584c9091ae68b212eeff066278d8e190
d12ec824a66b6ad652e1cf0952853b6ba3053dd76a84bbcf4bdb3c055e411c78
d1eb8cf889202f439bb6bd1a03049b2e71953c7c0a5aadddde498cbea9bcadac
dd1f02fbd137edbf22902282ea691d2e20403195d8091dcd7d9777c35f84ee3c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bfa0a9e52ac8b6f40d17c89e353370e3f986277109cad611138fecc92cf0d4
e94c81a75cf55543e888de10d13a95a40f5816db629cc84bae0404049b3d2f22
ea084d0f7333b6c29fffe8b7dbae3866ffe25954766f39263669401ba961a95c
ec5d7b7703e3c122bd39b9bdcd819f9a9e724bbaa0ecfe4f6960eec2b48628de
f297f66639ccdc5c12cacb42a929143ed1dfcd39cce01ed6ca5e4cc2b21b9b12
f4d52b2f18ee8dd9761051674cb84dd5202b61ba4e8d7056b41a205791c7a61c
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f710c2b11df9cadcb3a6d25a9dc8306172c04ff1d2fa8d96d4019d70833f695d
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
fde07d05192895f32d2e15b13f1b6bc4def8bcdc257333f08a96c95c4d96b5a3
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881