aidsubsidy.com Open in urlscan Pro
172.67.187.229 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://dotyruntchan.com/4/6118780?var=7349251&btz=Europe/Madrid&bto=-120&bar=x
Effective URL:
https://aidsubsidy.com/lp5/?clickid=67180304d6ca1734094360a1&cmpid=66ec8194d59c6f7a7c34d8f0&adid=22104224&campaign_id=8...
Submission: On October 22 via api (October 22nd 2024, 7:54:47 pm UTC) from DE — Scanned from US

Summary HTTP 38 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 38 HTTP transactions. The main IP is 172.67.187.229, located in United States and belongs to CLOUDFLARENET, US. The main domain is aidsubsidy.com. The Cisco Umbrella rank of the primary domain is 132746.
TLS certificate: Issued by WE1 on August 28th 2024. Valid for: 3 months.

This is the only time aidsubsidy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	104.18.23.222 104.18.23.222	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1 1	2a01:4ff:f0:e... 2a01:4ff:f0:ea7d::1	213230 (HETZNER-C...) (HETZNER-CLOUD2-AS)
18	172.67.187.229 172.67.187.229	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:29e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:820::2008	15169 (GOOGLE) (GOOGLE)
4	52.4.230.183 52.4.230.183	14618 (AMAZON-AES) (AMAZON-AES)
1	3.168.96.38 3.168.96.38	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:24f... 2600:9000:24f0:bc00:4:1957:6500:93a1	16509 (AMAZON-02) (AMAZON-02)
2	31.13.71.7 31.13.71.7	32934 (FACEBOOK) (FACEBOOK)
38	10

7 104.18.23.222 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dotyruntchan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4ff:f0:ea7d::1 (Ashburn, United States) 1 redirects

ASN213230 (HETZNER-CLOUD2-AS, DE)

go.aidsubsidy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 172.67.187.229 (United States)

ASN13335 (CLOUDFLARENET, US)

aidsubsidy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:29e5 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.4.230.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-230-183.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.168.96.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-168-96-38.jfk52.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:24f0:bc00:4:1957:6500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-js.ringba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.71.7 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-lga3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	aidsubsidy.com 1 redirects go.aidsubsidy.com — Cisco Umbrella Rank: 137177 aidsubsidy.com — Cisco Umbrella Rank: 132746	910 KB
7	dotyruntchan.com 1 redirects dotyruntchan.com — Cisco Umbrella Rank: 356687	16 KB
4	leadid.com create.leadid.com — Cisco Umbrella Rank: 14045	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	77 KB
1	ringba.com b-js.ringba.com — Cisco Umbrella Rank: 122083 display.ringba.com Failed	18 KB
1	cloudfront.net d2m2wsoho8qq12.cloudfront.net
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	72 KB
1	lidstatic.com create.lidstatic.com — Cisco Umbrella Rank: 22294	39 KB
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 10912	491 B
0	facebook.com Failed www.facebook.com Failed
38	10

	Domain	Requested by
18	aidsubsidy.com	aidsubsidy.com
7	dotyruntchan.com	1 redirects dotyruntchan.com
4	create.leadid.com	create.lidstatic.com
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
1	b-js.ringba.com	aidsubsidy.com
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	www.googletagmanager.com	aidsubsidy.com
1	create.lidstatic.com	aidsubsidy.com
1	go.aidsubsidy.com	1 redirects
1	my.rtmark.net	dotyruntchan.com
0	www.facebook.com Failed	aidsubsidy.com
0	display.ringba.com Failed	b-js.ringba.com
38	12

This site contains links to these domains. Also see Links.

Domain
lowerbillsusa.com

Subject Issuer	Validity	Valid
dotyruntchan.com WE1	`2024-09-25` - `2024-12-24`	3 months	crt.sh
rtmark.net R11	`2024-08-30` - `2024-11-28`	3 months	crt.sh
aidsubsidy.com WE1	`2024-08-28` - `2024-11-26`	3 months	crt.sh
lidstatic.com E6	`2024-09-20` - `2024-12-19`	3 months	crt.sh
*.google-analytics.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
create.leadid.com Amazon RSA 2048 M03	`2024-07-20` - `2025-08-18`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
*.ringba.com Amazon RSA 2048 M03	`2023-11-27` - `2024-12-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-01` - `2024-10-30`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://aidsubsidy.com/lp5/?clickid=67180304d6ca1734094360a1&cmpid=66ec8194d59c6f7a7c34d8f0&adid=22104224&campaign_id=8651757&utm_source=AdMaven&utm_medium=paid&lpkeyua=2e47001ff28a71c3202a44540952ba32.1729627184&amt=5800&s1=PropellerAds&s3=8651757&s4=none&s5=22104224&lp=lp5&pid=bear-6603198fa86e190001136c75
Frame ID: 982340BB8F8A0AAC3D52583184407373
Requests: 37 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=E09B5188-AE44-7758-CCC2-977B86205F33&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.15.1&lck=A57816B4-6C59-F397-7853-7E14E45D3E1B&lac=F252983F-4BD1-0DD8-CD81-F4700AF60B66
Frame ID: 8133E47D8072D5E1785068683467F0B0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://dotyruntchan.com/4/6118780?var=7349251&btz=Europe/Madrid&bto=-120&bar=x HTTP 307
https://dotyruntchan.com/4/6118780?var=7349251&btz=Europe/Madrid&bto=-120&bar=x Page URL
https://dotyruntchan.com/?z=6118780&syncedCookie=true&rhd=false HTTP 302
https://go.aidsubsidy.com/66ec8194d59c6f7a7c34d8f0?sub1=6118780&sub2=8651757&sub3=broadband&sub4=chrom... HTTP 302
https://aidsubsidy.com/lp5/?clickid=67180304d6ca1734094360a1&cmpid=66ec8194d59c6f7a7c34d8f0&adid=22... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

38
Requests

92 %
HTTPS

40 %
IPv6

10
Domains

12
Subdomains

10
IPs

3
Countries

1132 kB
Transfer

1771 kB
Size

15
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://lowerbillsusa.com/marketing.html
Title: Lower Bills USA

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://dotyruntchan.com/4/6118780?var=7349251&btz=Europe/Madrid&bto=-120&bar=x HTTP 307
https://dotyruntchan.com/4/6118780?var=7349251&btz=Europe/Madrid&bto=-120&bar=x Page URL
https://dotyruntchan.com/?z=6118780&syncedCookie=true&rhd=false HTTP 302
https://go.aidsubsidy.com/66ec8194d59c6f7a7c34d8f0?sub1=6118780&sub2=8651757&sub3=broadband&sub4=chrome&sub5=linux&sub6=US&sub7=22104224&sub8=mercury%20broadband&sub9=desktop&amt=5800&ref_id=872681001871217362&cost=0.001260 HTTP 302
https://aidsubsidy.com/lp5/?clickid=67180304d6ca1734094360a1&cmpid=66ec8194d59c6f7a7c34d8f0&adid=22104224&campaign_id=8651757&utm_source=AdMaven&utm_medium=paid&lpkeyua=2e47001ff28a71c3202a44540952ba32.1729627184&amt=5800&s1=PropellerAds&s3=8651757&s4=none&s5=22104224&lp=lp5&pid=bear-6603198fa86e190001136c75 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://dotyruntchan.com/4/6118780?var=7349251&btz=Europe/Madrid&bto=-120&bar=x HTTP 307
https://dotyruntchan.com/4/6118780?var=7349251&btz=Europe/Madrid&bto=-120&bar=x

38 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

6118780 Show response
dotyruntchan.com/4/
Redirect Chain

http://dotyruntchan.com/4/6118780?var=7349251&btz=Europe/Madrid&bto=-120&bar=x
https://dotyruntchan.com/4/6118780?var=7349251&btz=Europe/Madrid&bto=-120&bar=x

29 KB
14 KB

405ms
240ms

Document
text/html

104.18.23.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dotyruntchan.com/4/6118780?var=7349251&btz=Europe/Madrid&bto=-120&bar=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65845d4af002518da19af68b5755e4f302153967eef77b58c3eafc8c3fc542f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8d6c0a6dfbbe2af0-LAX
content-encoding: gzip
content-type: text/html; charset=utf8
date: Tue, 22 Oct 2024 19:54:42 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: a52e60ed9119a041ae98975af4d84725

Redirect headers

Location: https://dotyruntchan.com/4/6118780?var=7349251&btz=Europe/Madrid&bto=-120&bar=x
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 img.gif
my.rtmark.net/ 43 B
491 B 841ms
211ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=0080fd745f124ccbeab3aed96546a6be&z=6118780&p_rid=facf83a1-d5a3-46be-bae6-8afa75b1c6b3&p_src=sf

Requested by

Host: dotyruntchan.com
URL: https://dotyruntchan.com/4/6118780?var=7349251&btz=Europe/Madrid&bto=-120&bar=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://dotyruntchan.com/

Response headers

strict-transport-security: max-age=1
access-control-expose-headers: Authorization
timing-allow-origin: *, *
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
access-control-allow-origin: *
content-length: 43
date: Tue, 22 Oct 2024 19:54:43 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token

GET
H2 200 sftouch
dotyruntchan.com/ 43 B
145 B 225ms
223ms Image
image/gif 104.18.23.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dotyruntchan.com/sftouch?userId=0080fd745f124ccbeab3aed96546a6be&z=6118780&p_rid=facf83a1-d5a3-46be-bae6-8afa75b1c6b3&p_src=sf&branchId=0&rb=NvyQtx-19CIt3xCRCSX5dSyBJG1WlWyAteeGyTnXgcdxkEmMKba73PaBh2ABNaexSVb8Es_TYvJjB5-tmzGBk2SsVj20mgg-AW4XyKZ8aeat7kNsDUYP0Gz9yDnrb3YadTezg3XfEXIzxp6u4uG543Z594G7XJPzELn9bXA4bRqKKUZB0N7gtfUUoAf_oeUypiuvauVCq9qi6ShS-h6hVGaTlokCiVc6IGqLT_JFT92f1hFVP8Thc75tyYxUmgRe0v6-Sz_F2vPRbAhs3bx0ZGJS43qkX3jpChKXo_U7kyMv4Szo2fQtWmV8lK8=&w_img=1

Requested by

Host: dotyruntchan.com
URL: https://dotyruntchan.com/4/6118780?var=7349251&btz=Europe/Madrid&bto=-120&bar=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://dotyruntchan.com/4/6118780?var=7349251&btz=Europe/Madrid&bto=-120&bar=x

Response headers

access-control-max-age: 86400
cf-cache-status: DYNAMIC
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
expires: Tue, 11 Jan 1994 10:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 19:54:42 GMT
content-type: image/gif
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security: max-age=1
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *, *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma: no-cache
access-control-allow-credentials: true
x-trace-id: 175b3e2d396dac99bb62b37ad9f8256e
cf-ray: 8d6c0a6fbdfd2af0-LAX
access-control-allow-origin: *
content-length: 43
server: cloudflare

POST
H2 200 add Show response
dotyruntchan.com/log/ 12 B
97 B 235ms
233ms XHR
application/json 104.18.23.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dotyruntchan.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=facf83a1-d5a3-46be-bae6-8afa75b1c6b3

Requested by

Host: dotyruntchan.com
URL: https://dotyruntchan.com/4/6118780?var=7349251&btz=Europe/Madrid&bto=-120&bar=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://dotyruntchan.com/4/6118780?var=7349251&btz=Europe/Madrid&bto=-120&bar=x

Response headers

strict-transport-security: max-age=1
timing-allow-origin: *
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
cf-ray: 8d6c0a700e9c2af0-LAX
access-control-allow-origin: https://dotyruntchan.com
alt-svc: h3=":443"; ma=86400
content-length: 12
date: Tue, 22 Oct 2024 19:54:42 GMT
content-type: application/json; charset=utf-8
server: cloudflare
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match

POST
H2 200 add Show response
dotyruntchan.com/async_log/ 0
178 B 223ms
221ms XHR
text/plain 104.18.23.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dotyruntchan.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=facf83a1-d5a3-46be-bae6-8afa75b1c6b3

Requested by

Host: dotyruntchan.com
URL: https://dotyruntchan.com/4/6118780?var=7349251&btz=Europe/Madrid&bto=-120&bar=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://dotyruntchan.com/4/6118780?var=7349251&btz=Europe/Madrid&bto=-120&bar=x

Response headers

strict-transport-security: max-age=1
timing-allow-origin: *
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
cf-ray: 8d6c0a700eb12af0-LAX
access-control-allow-origin: https://dotyruntchan.com
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 22 Oct 2024 19:54:42 GMT
server: cloudflare
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match

GET
H3 204 favicon.ico
dotyruntchan.com/ 0
217 B 95ms
95ms Other
text/plain 104.18.23.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dotyruntchan.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://dotyruntchan.com/4/6118780?var=7349251&btz=Europe/Madrid&bto=-120&bar=x

Response headers

cache-control: public, max-age=315360000
cf-cache-status: HIT
pragma: public
age: 2189530
cf-ray: 8d6c0a74fc705257-LAX
expires: Fri, 20 Oct 2034 19:54:43 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 19:54:43 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3

200

Primary Request / Show response
aidsubsidy.com/lp5/
Redirect Chain

https://dotyruntchan.com/?z=6118780&syncedCookie=true&rhd=false
https://go.aidsubsidy.com/66ec8194d59c6f7a7c34d8f0?sub1=6118780&sub2=8651757&sub3=broadband&sub4=chrome&sub5=linux&sub6=US&sub7=22104224&sub8=mercury%20broadband&sub9=desktop&amt=5800&ref_id=872681...
https://aidsubsidy.com/lp5/?clickid=67180304d6ca1734094360a1&cmpid=66ec8194d59c6f7a7c34d8f0&adid=22104224&campaign_id=8651757&utm_source=AdMaven&utm_medium=paid&lpkeyua=2e47001ff28a71c3202a44540952...

22 KB
7 KB

239ms
147ms

Document
text/html

172.67.187.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aidsubsidy.com/lp5/?clickid=67180304d6ca1734094360a1&cmpid=66ec8194d59c6f7a7c34d8f0&adid=22104224&campaign_id=8651757&utm_source=AdMaven&utm_medium=paid&lpkeyua=2e47001ff28a71c3202a44540952ba32.1729627184&amt=5800&s1=PropellerAds&s3=8651757&s4=none&s5=22104224&lp=lp5&pid=bear-6603198fa86e190001136c75
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.187.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a640fff77c7cfc52bda67742a8bd8673903d3df4ea189c4f845d7e9075230468

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://dotyruntchan.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8d6c0a7aefec7bc8-LAX
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Tue, 22 Oct 2024 19:54:44 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qgNkWGsJzQDz56Pln56iwoBIYFf7Xm6CjWkuBWDC48Ce8xsn8H8zoNVe7jUa26NNZsR%2FOWfoCZ1uq9xK3vqO4kkg9Iictrw%2B%2BTkfE5U4EcWJclctDzfO58FrCqUhUSe5IA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=71793&sent=10&recv=9&lost=0&retrans=0&sent_bytes=4097&recv_bytes=4641&delivery_rate=8010&cwnd=12000&unsent_bytes=0&cid=57b85cab90687253&ts=153&x=1" cfExtPri cfHdrFlush;dur=0
vary: accept-encoding

Redirect headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Content-Length: 384
Content-Type: text/html; charset=utf-8
Date: Tue, 22 Oct 2024 19:54:44 GMT
Location: https://aidsubsidy.com/lp5/?clickid=67180304d6ca1734094360a1&cmpid=66ec8194d59c6f7a7c34d8f0&adid=22104224&campaign_id=8651757&utm_source=AdMaven&utm_medium=paid&lpkeyua=2e47001ff28a71c3202a44540952ba32.1729627184&amt=5800&s1=PropellerAds&s3=8651757&s4=none&s5=22104224&lp=lp5&pid=bear-6603198fa86e190001136c75
X-Kong-Proxy-Latency: 1
X-Kong-Request-Id: 79ac995f4841f1654f1c3b6f4777cb6a
X-Kong-Upstream-Latency: 6

GET
H3 204 favicon.ico
dotyruntchan.com/ 0
0 65ms
65ms Other
text/plain 104.18.23.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dotyruntchan.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://dotyruntchan.com/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

cache-control: public, max-age=315360000
cf-cache-status: HIT
pragma: public
age: 2189530
cf-ray: 8d6c0a74fc705257-LAX
expires: Fri, 20 Oct 2034 19:54:43 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 19:54:43 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 swiper-bundle.min.css
aidsubsidy.com/lp5/ 18 KB
6 KB 85ms
84ms Stylesheet
text/css 172.67.187.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aidsubsidy.com/lp5/swiper-bundle.min.css
Requested by: Host: aidsubsidy.com
URL: https://aidsubsidy.com/lp5/?clickid=67180304d6ca1734094360a1&cmpid=66ec8194d59c6f7a7c34d8f0&adid=22104224&campaign_id=8651757&utm_source=AdMaven&utm_medium=paid&lpkeyua=2e47001ff28a71c3202a44540952ba32.1729627184&amt=5800&s1=PropellerAds&s3=8651757&s4=none&s5=22104224&lp=lp5&pid=bear-6603198fa86e190001136c75
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.187.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c94a0dc6cbd7f95a3c4eb8f7959fd8e5905ff0794116c07a5f09bbac7ef9ffd1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aidsubsidy.com/lp5/?clickid=67180304d6ca1734094360a1&cmpid=66ec8194d59c6f7a7c34d8f0&adid=22104224&campaign_id=8651757&utm_source=AdMaven&utm_medium=paid&lpkeyua=2e47001ff28a71c3202a44540952ba32.1729627184&amt=5800&s1=PropellerAds&s3=8651757&s4=none&s5=22104224&lp=lp5&pid=bear-6603198fa86e190001136c75

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"6691a1d5-4804"
age: 5565
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tbT4uI%2B2LCGCb228QETNECGbcCad80YG1%2BenmUFOOwxCNXny8jJYs4cynF2V4yYkrWHzH0edVhnWhFBusChymhBiMvTe287Qq0A63nTX84iJA2LvjC5Unb0356li7sJxYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=71886&sent=18&recv=18&lost=0&retrans=0&sent_bytes=11287&recv_bytes=8123&delivery_rate=99140&cwnd=12000&unsent_bytes=0&cid=57b85cab90687253&ts=254&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 22 Oct 2024 19:54:44 GMT
content-type: text/css
last-modified: Fri, 12 Jul 2024 21:36:21 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d6c0a7bf9577bc8-LAX
server: cloudflare

GET
H3 200 swiper-bundle.min.js Show response
aidsubsidy.com/lp5/ 145 KB
43 KB 157ms
156ms Script
application/javascript 172.67.187.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aidsubsidy.com/lp5/swiper-bundle.min.js
Requested by: Host: aidsubsidy.com
URL: https://aidsubsidy.com/lp5/?clickid=67180304d6ca1734094360a1&cmpid=66ec8194d59c6f7a7c34d8f0&adid=22104224&campaign_id=8651757&utm_source=AdMaven&utm_medium=paid&lpkeyua=2e47001ff28a71c3202a44540952ba32.1729627184&amt=5800&s1=PropellerAds&s3=8651757&s4=none&s5=22104224&lp=lp5&pid=bear-6603198fa86e190001136c75
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.187.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6942f0873b6a7108e18a983b4192ad469011a8131317f88161d6f0917058da22

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aidsubsidy.com/lp5/?clickid=67180304d6ca1734094360a1&cmpid=66ec8194d59c6f7a7c34d8f0&adid=22104224&campaign_id=8651757&utm_source=AdMaven&utm_medium=paid&lpkeyua=2e47001ff28a71c3202a44540952ba32.1729627184&amt=5800&s1=PropellerAds&s3=8651757&s4=none&s5=22104224&lp=lp5&pid=bear-6603198fa86e190001136c75

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"6691a1d5-243f7"
age: 5566
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KVyhWcF2coXfDkTJpJw%2Fywz4RWELPIDo0bDGGBEzR0FHN9urrNDQJa4bgN721sO5lnN6bUPpZLqNpkzjn4TcMq%2FUyXQxWjg9ix8x2enT%2Bz%2FrK5vS%2FxGLGI2sSQNq3hEcjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=71886&sent=29&recv=18&lost=0&retrans=0&sent_bytes=23287&recv_bytes=8123&delivery_rate=99140&cwnd=12000&unsent_bytes=0&cid=57b85cab90687253&ts=257&x=1", cfExtPri, cfHdrFlush;dur=69
date: Tue, 22 Oct 2024 19:54:44 GMT
content-type: application/javascript
last-modified: Fri, 12 Jul 2024 21:36:21 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d6c0a7bf95a7bc8-LAX
server: cloudflare

GET
H3 200 style.css
aidsubsidy.com/lp5/ 6 KB
2 KB 156ms
155ms Stylesheet
text/css 172.67.187.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aidsubsidy.com/lp5/style.css
Requested by: Host: aidsubsidy.com
URL: https://aidsubsidy.com/lp5/?clickid=67180304d6ca1734094360a1&cmpid=66ec8194d59c6f7a7c34d8f0&adid=22104224&campaign_id=8651757&utm_source=AdMaven&utm_medium=paid&lpkeyua=2e47001ff28a71c3202a44540952ba32.1729627184&amt=5800&s1=PropellerAds&s3=8651757&s4=none&s5=22104224&lp=lp5&pid=bear-6603198fa86e190001136c75
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.187.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8692b3e5caaf92c5f7540b8e0c97ac42fd80274c26df34e838f9438ada92a523

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aidsubsidy.com/lp5/?clickid=67180304d6ca1734094360a1&cmpid=66ec8194d59c6f7a7c34d8f0&adid=22104224&campaign_id=8651757&utm_source=AdMaven&utm_medium=paid&lpkeyua=2e47001ff28a71c3202a44540952ba32.1729627184&amt=5800&s1=PropellerAds&s3=8651757&s4=none&s5=22104224&lp=lp5&pid=bear-6603198fa86e190001136c75

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"6691a1da-163a"
age: 5565
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HIRK%2FLYyld6aajDDtr06OOiFNUP7uNzo87yyoOm4m65swxx5whXtPy4oeGJVyeazRSiBGuA0%2FVTHPlcwy2cBh1rK2Q3GfwDXPhE4ld3CCSMC50SAQaVIDhV2t7ZcvKnTOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=71886&sent=29&recv=18&lost=0&retrans=0&sent_bytes=23287&recv_bytes=8123&delivery_rate=99140&cwnd=12000&unsent_bytes=0&cid=57b85cab90687253&ts=260&x=1", cfExtPri, cfHdrFlush;dur=66
date: Tue, 22 Oct 2024 19:54:44 GMT
content-type: text/css
last-modified: Fri, 12 Jul 2024 21:36:26 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d6c0a7bf95b7bc8-LAX
server: cloudflare

GET
H3 200 timerclk_v1.3.js Show response
aidsubsidy.com/js/ 2 KB
1 KB 228ms
227ms Script
application/javascript 172.67.187.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aidsubsidy.com/js/timerclk_v1.3.js
Requested by: Host: aidsubsidy.com
URL: https://aidsubsidy.com/lp5/?clickid=67180304d6ca1734094360a1&cmpid=66ec8194d59c6f7a7c34d8f0&adid=22104224&campaign_id=8651757&utm_source=AdMaven&utm_medium=paid&lpkeyua=2e47001ff28a71c3202a44540952ba32.1729627184&amt=5800&s1=PropellerAds&s3=8651757&s4=none&s5=22104224&lp=lp5&pid=bear-6603198fa86e190001136c75
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.187.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68c50ce36d6a706c212607165c0fcb4ad4d91c1fc8d66db7367a29d29a1704dc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aidsubsidy.com/lp5/?clickid=67180304d6ca1734094360a1&cmpid=66ec8194d59c6f7a7c34d8f0&adid=22104224&campaign_id=8651757&utm_source=AdMaven&utm_medium=paid&lpkeyua=2e47001ff28a71c3202a44540952ba32.1729627184&amt=5800&s1=PropellerAds&s3=8651757&s4=none&s5=22104224&lp=lp5&pid=bear-6603198fa86e190001136c75

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"66aa9054-65e"
age: 2257
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L9kld9RPDS%2FcRigrARfk5X2tWQEfVIUQbUDZod8nq2f38gu2Oi5cY9sy1xjh1cjQcAnhc5drqVJyhIksd%2FGe%2BYD%2BgwJPvETfOOW%2B7hR%2FBpNdXlYFXOgWzdosT1slkSbfrA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=71886&sent=24&recv=18&lost=0&retrans=0&sent_bytes=17328&recv_bytes=8123&delivery_rate=99140&cwnd=12000&unsent_bytes=0&cid=57b85cab90687253&ts=256&x=1", cfExtPri, cfHdrFlush;dur=70
date: Tue, 22 Oct 2024 19:54:44 GMT
content-type: application/javascript
last-modified: Wed, 31 Jul 2024 19:28:20 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d6c0a7bf95d7bc8-LAX
server: cloudflare

GET
H3 200 breaking-news.png
aidsubsidy.com/lp5/ 6 KB
7 KB 85ms
84ms Image
image/png 172.67.187.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aidsubsidy.com/lp5/breaking-news.png
Requested by: Host: aidsubsidy.com
URL: https://aidsubsidy.com/lp5/?clickid=67180304d6ca1734094360a1&cmpid=66ec8194d59c6f7a7c34d8f0&adid=22104224&campaign_id=8651757&utm_source=AdMaven&utm_medium=paid&lpkeyua=2e47001ff28a71c3202a44540952ba32.1729627184&amt=5800&s1=PropellerAds&s3=8651757&s4=none&s5=22104224&lp=lp5&pid=bear-6603198fa86e190001136c75
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.187.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce48ba0b3b2d3b1dfc8ae1158b0133035823963b717175a03c2e0d7b1a0419a5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aidsubsidy.com/lp5/?clickid=67180304d6ca1734094360a1&cmpid=66ec8194d59c6f7a7c34d8f0&adid=22104224&campaign_id=8651757&utm_source=AdMaven&utm_medium=paid&lpkeyua=2e47001ff28a71c3202a44540952ba32.1729627184&amt=5800&s1=PropellerAds&s3=8651757&s4=none&s5=22104224&lp=lp5&pid=bear-6603198fa86e190001136c75

Response headers

cf-cache-status: HIT
etag: "6691a1d9-185d"
age: 5565
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x1G0Qa37LQVRbmBgBrIfH61NDcoSvJ90bTyZfCFIlTMQNM5RQoYGf9UnxG1uEKOZ6xS9Tati9zowvCNTo145rBN%2FdLtegBtekP%2BFjehTYmi6%2BD6ZQRwwRrknr3An7xi3Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=71886&sent=24&recv=18&lost=0&retrans=0&sent_bytes=17328&recv_bytes=8123&delivery_rate=99140&cwnd=12000&unsent_bytes=0&cid=57b85cab90687253&ts=256&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 22 Oct 2024 19:54:44 GMT
content-type: image/png
last-modified: Fri, 12 Jul 2024 21:36:25 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d6c0a7bf95e7bc8-LAX
accept-ranges: bytes
content-length: 6237
server: cloudflare

GET
H3 200 live.gif
aidsubsidy.com/lp5/ 78 KB
79 KB 228ms
228ms Image
image/gif 172.67.187.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aidsubsidy.com/lp5/live.gif
Requested by: Host: aidsubsidy.com
URL: https://aidsubsidy.com/lp5/?clickid=67180304d6ca1734094360a1&cmpid=66ec8194d59c6f7a7c34d8f0&adid=22104224&campaign_id=8651757&utm_source=AdMaven&utm_medium=paid&lpkeyua=2e47001ff28a71c3202a44540952ba32.1729627184&amt=5800&s1=PropellerAds&s3=8651757&s4=none&s5=22104224&lp=lp5&pid=bear-6603198fa86e190001136c75
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.187.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5753af534566bc6711ac61389e1ab7870faaebfe8c612881e3f8c81e836963d5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aidsubsidy.com/lp5/?clickid=67180304d6ca1734094360a1&cmpid=66ec8194d59c6f7a7c34d8f0&adid=22104224&campaign_id=8651757&utm_source=AdMaven&utm_medium=paid&lpkeyua=2e47001ff28a71c3202a44540952ba32.1729627184&amt=5800&s1=PropellerAds&s3=8651757&s4=none&s5=22104224&lp=lp5&pid=bear-6603198fa86e190001136c75

Response headers

cf-cache-status: HIT
etag: "6691a1d5-138b5"
age: 5565
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C6DK0rzN1Tf0Zzvx9a0B2QnrIuUkRpRAojNdzGFlKmuqPWdXsRitrT66db4XraxhiVtXyRInymoInJHXZVkkPrlRwHiwJB786Wop0nLi38asd%2F6j1L%2FGuuQ88r2oY97LSw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=71886&sent=24&recv=18&lost=0&retrans=0&sent_bytes=17328&recv_bytes=8123&delivery_rate=99140&cwnd=12000&unsent_bytes=0&cid=57b85cab90687253&ts=256&x=1", cfExtPri, cfHdrFlush;dur=70
date: Tue, 22 Oct 2024 19:54:44 GMT
content-type: image/gif
last-modified: Fri, 12 Jul 2024 21:36:21 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d6c0a7bf95f7bc8-LAX
accept-ranges: bytes
content-length: 80053
server: cloudflare

GET
H3 200 tap.gif
aidsubsidy.com/lp5/ 114 KB
114 KB 89ms
88ms Image
image/gif 172.67.187.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aidsubsidy.com/lp5/tap.gif
Requested by: Host: aidsubsidy.com
URL: https://aidsubsidy.com/lp5/?clickid=67180304d6ca1734094360a1&cmpid=66ec8194d59c6f7a7c34d8f0&adid=22104224&campaign_id=8651757&utm_source=AdMaven&utm_medium=paid&lpkeyua=2e47001ff28a71c3202a44540952ba32.1729627184&amt=5800&s1=PropellerAds&s3=8651757&s4=none&s5=22104224&lp=lp5&pid=bear-6603198fa86e190001136c75
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.187.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed1a6ff802c3e71b1c3e732bb37deef071e0ff76f6e75a21c3b1dea2bf28908b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aidsubsidy.com/lp5/?clickid=67180304d6ca1734094360a1&cmpid=66ec8194d59c6f7a7c34d8f0&adid=22104224&campaign_id=8651757&utm_source=AdMaven&utm_medium=paid&lpkeyua=2e47001ff28a71c3202a44540952ba32.1729627184&amt=5800&s1=PropellerAds&s3=8651757&s4=none&s5=22104224&lp=lp5&pid=bear-6603198fa86e190001136c75

Response headers

cf-cache-status: HIT
etag: "6691a1da-1c614"
age: 5556
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NN%2FYKwYWco3D3h4JOmzOa%2Fb59CXM46EyaOBlo%2BCxj2JjiX3TnVgkQ18l79EOv4aJgnaInhjCwNTaZbuJc80IzWoS5Nvst2T010g6s6dszfURdcqGn9IrppGCFrWHevEarA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=72902&sent=146&recv=60&lost=0&retrans=0&sent_bytes=155988&recv_bytes=13482&delivery_rate=616087&cwnd=84000&unsent_bytes=0&cid=57b85cab90687253&ts=490&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 22 Oct 2024 19:54:44 GMT
content-type: image/gif
last-modified: Fri, 12 Jul 2024 21:36:26 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d6c0a7d6b407bc8-LAX
accept-ranges: bytes
content-length: 116244
server: cloudflare

GET
H3 200 parliment.png
aidsubsidy.com/lp5/ 50 KB
51 KB 109ms
107ms Image
image/png 172.67.187.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aidsubsidy.com/lp5/parliment.png
Requested by: Host: aidsubsidy.com
URL: https://aidsubsidy.com/lp5/?clickid=67180304d6ca1734094360a1&cmpid=66ec8194d59c6f7a7c34d8f0&adid=22104224&campaign_id=8651757&utm_source=AdMaven&utm_medium=paid&lpkeyua=2e47001ff28a71c3202a44540952ba32.1729627184&amt=5800&s1=PropellerAds&s3=8651757&s4=none&s5=22104224&lp=lp5&pid=bear-6603198fa86e190001136c75
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.187.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d31e6f203499c1efa94e5859582715c6fc68ac81ca8a67e5db83bdab78ec7111

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aidsubsidy.com/lp5/?clickid=67180304d6ca1734094360a1&cmpid=66ec8194d59c6f7a7c34d8f0&adid=22104224&campaign_id=8651757&utm_source=AdMaven&utm_medium=paid&lpkeyua=2e47001ff28a71c3202a44540952ba32.1729627184&amt=5800&s1=PropellerAds&s3=8651757&s4=none&s5=22104224&lp=lp5&pid=bear-6603198fa86e190001136c75

Response headers

cf-cache-status: HIT
etag: "6691a1da-c8ce"
age: 5554
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bDI2th9oPHYx6ZTeRidmKrsePVRttFIO091tX3qHLxwehrnWb9ES2MoX2uH44EkKyFdgw%2F1ViyWdtRjivFs6ETyYJ1bjrttelx2ydFGCuGobYyLZRccbfw94F2sm%2FwTeGg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=72534&sent=168&recv=62&lost=0&retrans=0&sent_bytes=181799&recv_bytes=13572&delivery_rate=473248&cwnd=88800&unsent_bytes=0&cid=57b85cab90687253&ts=498&x=1", cfExtPri, cfHdrFlush;dur=24
date: Tue, 22 Oct 2024 19:54:44 GMT
content-type: image/png
last-modified: Fri, 12 Jul 2024 21:36:26 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d6c0a7d7b5c7bc8-LAX
accept-ranges: bytes
content-length: 51406
server: cloudflare

GET
H3 200 congrats.png
aidsubsidy.com/lp5/ 48 KB
49 KB 130ms
128ms Image
image/png 172.67.187.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aidsubsidy.com/lp5/congrats.png
Requested by: Host: aidsubsidy.com
URL: https://aidsubsidy.com/lp5/?clickid=67180304d6ca1734094360a1&cmpid=66ec8194d59c6f7a7c34d8f0&adid=22104224&campaign_id=8651757&utm_source=AdMaven&utm_medium=paid&lpkeyua=2e47001ff28a71c3202a44540952ba32.1729627184&amt=5800&s1=PropellerAds&s3=8651757&s4=none&s5=22104224&lp=lp5&pid=bear-6603198fa86e190001136c75
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.187.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e0adfc2dcb07244bc15bafbb6a55284968c2802324856d3183421a17266035d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aidsubsidy.com/lp5/?clickid=67180304d6ca1734094360a1&cmpid=66ec8194d59c6f7a7c34d8f0&adid=22104224&campaign_id=8651757&utm_source=AdMaven&utm_medium=paid&lpkeyua=2e47001ff28a71c3202a44540952ba32.1729627184&amt=5800&s1=PropellerAds&s3=8651757&s4=none&s5=22104224&lp=lp5&pid=bear-6603198fa86e190001136c75

Response headers

cf-cache-status: HIT
etag: "6691a1d9-c005"
age: 5554
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D7f%2BnyupCAjKc%2BPgvjsoSlnoqEV27z3Lx5V8eQAT93EIM57hjoOOkp5w5mi1XwOZ5FfmFhC080QZrmZBuMzXg9djWZFpl7QGPLEeWYr9Bt5UY%2FCzORfbv0fObbBCJYJX8w%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=72534&sent=168&recv=62&lost=0&retrans=0&sent_bytes=181799&recv_bytes=13572&delivery_rate=473248&cwnd=88800&unsent_bytes=0&cid=57b85cab90687253&ts=497&x=1", cfExtPri, cfHdrFlush;dur=45
date: Tue, 22 Oct 2024 19:54:44 GMT
content-type: image/png
last-modified: Fri, 12 Jul 2024 21:36:25 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d6c0a7d7b5d7bc8-LAX
accept-ranges: bytes
content-length: 49157
server: cloudflare

GET
H3 200 phone.png
aidsubsidy.com/lp5/ 5 KB
5 KB 201ms
199ms Image
image/png 172.67.187.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aidsubsidy.com/lp5/phone.png
Requested by: Host: aidsubsidy.com
URL: https://aidsubsidy.com/lp5/?clickid=67180304d6ca1734094360a1&cmpid=66ec8194d59c6f7a7c34d8f0&adid=22104224&campaign_id=8651757&utm_source=AdMaven&utm_medium=paid&lpkeyua=2e47001ff28a71c3202a44540952ba32.1729627184&amt=5800&s1=PropellerAds&s3=8651757&s4=none&s5=22104224&lp=lp5&pid=bear-6603198fa86e190001136c75
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.187.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38e660c86fa1c9eeb2405516532fbdc3624eac12bf137f49d8a16864265f6166

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aidsubsidy.com/lp5/?clickid=67180304d6ca1734094360a1&cmpid=66ec8194d59c6f7a7c34d8f0&adid=22104224&campaign_id=8651757&utm_source=AdMaven&utm_medium=paid&lpkeyua=2e47001ff28a71c3202a44540952ba32.1729627184&amt=5800&s1=PropellerAds&s3=8651757&s4=none&s5=22104224&lp=lp5&pid=bear-6603198fa86e190001136c75

Response headers

cf-cache-status: HIT
etag: "6691a1da-1276"
age: 5554
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xrwkmDcVuhU6tbvnoEZCK%2FjMsdzVdo5cqA7YrWA1fXEPL%2FFkSc%2FRj1rr8gBi4%2BGst1zzuyuWL6LeYh1llSq9LXBkqDPzSiX0vjNF0l%2Bi5Z7c2ETMs%2BhzK4bmocEdUVUqKA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=72534&sent=168&recv=62&lost=0&retrans=0&sent_bytes=181799&recv_bytes=13572&delivery_rate=473248&cwnd=88800&unsent_bytes=0&cid=57b85cab90687253&ts=498&x=1", cfExtPri, cfHdrFlush;dur=44
date: Tue, 22 Oct 2024 19:54:44 GMT
content-type: image/png
last-modified: Fri, 12 Jul 2024 21:36:26 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d6c0a7d7b5f7bc8-LAX
accept-ranges: bytes
content-length: 4726
server: cloudflare

GET
H3 200 whitehouse.png
aidsubsidy.com/lp5/ 139 KB
140 KB 202ms
199ms Image
image/png 172.67.187.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aidsubsidy.com/lp5/whitehouse.png
Requested by: Host: aidsubsidy.com
URL: https://aidsubsidy.com/lp5/?clickid=67180304d6ca1734094360a1&cmpid=66ec8194d59c6f7a7c34d8f0&adid=22104224&campaign_id=8651757&utm_source=AdMaven&utm_medium=paid&lpkeyua=2e47001ff28a71c3202a44540952ba32.1729627184&amt=5800&s1=PropellerAds&s3=8651757&s4=none&s5=22104224&lp=lp5&pid=bear-6603198fa86e190001136c75
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.187.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db1c5f1903a12837cbfe76d478cda1612a0ff9bda9e502c33954c334d2ed5697

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aidsubsidy.com/lp5/?clickid=67180304d6ca1734094360a1&cmpid=66ec8194d59c6f7a7c34d8f0&adid=22104224&campaign_id=8651757&utm_source=AdMaven&utm_medium=paid&lpkeyua=2e47001ff28a71c3202a44540952ba32.1729627184&amt=5800&s1=PropellerAds&s3=8651757&s4=none&s5=22104224&lp=lp5&pid=bear-6603198fa86e190001136c75

Response headers

cf-cache-status: HIT
etag: "6691a1d9-22bc0"
age: 5554
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=scg9M%2FukfXzf35TcCppmm77mJmWdIKOGn0KjAyW9L1upJ47YmI3XN8TJJomNT7iMdNJ2pBAKzVe08XK0hY4luUOE0fGQ2cb4jlwtovEt1owS8PvRsj0Nq%2B7V82c4%2Fwt5eA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=72534&sent=168&recv=62&lost=0&retrans=0&sent_bytes=181799&recv_bytes=13572&delivery_rate=473248&cwnd=88800&unsent_bytes=0&cid=57b85cab90687253&ts=498&x=1", cfExtPri, cfHdrFlush;dur=44
date: Tue, 22 Oct 2024 19:54:44 GMT
content-type: image/png
last-modified: Fri, 12 Jul 2024 21:36:25 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d6c0a7d7b617bc8-LAX
accept-ranges: bytes
content-length: 142272
server: cloudflare

GET
H3 200 jquery.min.js Show response
aidsubsidy.com/lp5/ 85 KB
32 KB 130ms
127ms Script
application/javascript 172.67.187.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aidsubsidy.com/lp5/jquery.min.js
Requested by: Host: aidsubsidy.com
URL: https://aidsubsidy.com/lp5/?clickid=67180304d6ca1734094360a1&cmpid=66ec8194d59c6f7a7c34d8f0&adid=22104224&campaign_id=8651757&utm_source=AdMaven&utm_medium=paid&lpkeyua=2e47001ff28a71c3202a44540952ba32.1729627184&amt=5800&s1=PropellerAds&s3=8651757&s4=none&s5=22104224&lp=lp5&pid=bear-6603198fa86e190001136c75
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.187.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aidsubsidy.com/lp5/?clickid=67180304d6ca1734094360a1&cmpid=66ec8194d59c6f7a7c34d8f0&adid=22104224&campaign_id=8651757&utm_source=AdMaven&utm_medium=paid&lpkeyua=2e47001ff28a71c3202a44540952ba32.1729627184&amt=5800&s1=PropellerAds&s3=8651757&s4=none&s5=22104224&lp=lp5&pid=bear-6603198fa86e190001136c75

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"6691a1d5-155a6"
age: 5562
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4%2FYeaN%2FbCYEMKY4rYrmy3ShQI8XfLyrZ6HfNrzH9ANA0d2rZ4JEkILYotl9QddHksSuvooDwQq%2FEgbKj%2B39LwNQoUxVM3N0KQV50SPvyhc%2BgBmJkD152g794N1ViSHR1LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=72534&sent=168&recv=62&lost=0&retrans=0&sent_bytes=181799&recv_bytes=13572&delivery_rate=473248&cwnd=88800&unsent_bytes=0&cid=57b85cab90687253&ts=499&x=1", cfExtPri, cfHdrFlush;dur=43
date: Tue, 22 Oct 2024 19:54:44 GMT
content-type: application/javascript
last-modified: Fri, 12 Jul 2024 21:36:21 GMT
vary: Accept-Encoding
priority: u=2,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d6c0a7d7b5e7bc8-LAX
server: cloudflare

GET
H2 200 a57816b4-6c59-f397-7853-7e14e45d3e1b.js Show response
create.lidstatic.com/campaign/ 121 KB
39 KB 268ms
93ms Script
text/javascript 2606:4700:10::ac43:29e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/a57816b4-6c59-f397-7853-7e14e45d3e1b.js?snippet_version=2&callback=addToQueryString
Requested by: Host: aidsubsidy.com
URL: https://aidsubsidy.com/lp5/?clickid=67180304d6ca1734094360a1&cmpid=66ec8194d59c6f7a7c34d8f0&adid=22104224&campaign_id=8651757&utm_source=AdMaven&utm_medium=paid&lpkeyua=2e47001ff28a71c3202a44540952ba32.1729627184&amt=5800&s1=PropellerAds&s3=8651757&s4=none&s5=22104224&lp=lp5&pid=bear-6603198fa86e190001136c75
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:29e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f93e14fd5c9e6b37ef75366cc7da674216303da0df21377ac275abb45f46642f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aidsubsidy.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"e2798b352a3c606d3011de9a0d41e6bb"
x-amz-version-id: LOxb9_S9sT_OxE1gKVR12awM5PgUUTpm
age: 301
date: Tue, 22 Oct 2024 19:54:44 GMT
content-type: text/javascript
last-modified: Thu, 10 Oct 2024 22:58:35 GMT
vary: Accept-Encoding
x-amz-id-2: 1oZljyHzPmrDaXCeEK2QmEO9QGLErnhFghC2DQT8SfIE60QveyAqUEkuZ4pRcBMhsf0E1f67DvQ=
x-amz-replication-status: COMPLETED
cache-control: max-age=1800
x-amz-request-id: 3YSR272AWNYJVVWA
cf-ray: 8d6c0a7e9cca7d2b-LAX
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 202 KB
72 KB 487ms
177ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KBD8WP6

Requested by

Host: aidsubsidy.com
URL: https://aidsubsidy.com/lp5/?clickid=67180304d6ca1734094360a1&cmpid=66ec8194d59c6f7a7c34d8f0&adid=22104224&campaign_id=8651757&utm_source=AdMaven&utm_medium=paid&lpkeyua=2e47001ff28a71c3202a44540952ba32.1729627184&amt=5800&s1=PropellerAds&s3=8651757&s4=none&s5=22104224&lp=lp5&pid=bear-6603198fa86e190001136c75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9d2c4333339e8399e965594bfa48f1634ed1e6cfc28f3bae5360152e4ec54b6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aidsubsidy.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Tue, 22 Oct 2024 19:54:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 19:54:45 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 22 Oct 2024 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 73285
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 bg.jpg
aidsubsidy.com/lp5/ 54 KB
55 KB 201ms
200ms Image
image/jpeg 172.67.187.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aidsubsidy.com/lp5/bg.jpg
Requested by: Host: aidsubsidy.com
URL: https://aidsubsidy.com/lp5/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.187.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cecaaf9bddf7acf44fe8802bda00b0755b2c2cfa464d1b2e00e975ea1743643d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aidsubsidy.com/lp5/style.css

Response headers

cf-cache-status: HIT
etag: "6691a1db-d815"
age: 5554
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TdHP9SuR4JZoky078%2FzTqL6VZsQQwHh4JRMbLADunzjJP7LIpypm1R07rlK5cLMBFkxTdyzfdhG94q9dwaImJWGQq5dot%2BfbXnI7sQYBG7gYDYHBT2RfFJ4yU%2BeHB62q%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=72534&sent=168&recv=62&lost=0&retrans=0&sent_bytes=181799&recv_bytes=13572&delivery_rate=473248&cwnd=88800&unsent_bytes=0&cid=57b85cab90687253&ts=502&x=1", cfExtPri, cfHdrFlush;dur=40
date: Tue, 22 Oct 2024 19:54:44 GMT
content-type: image/jpeg
last-modified: Fri, 12 Jul 2024 21:36:27 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d6c0a7d7b637bc8-LAX
accept-ranges: bytes
content-length: 55317
server: cloudflare

GET
H3 206 audio-1.mp3
aidsubsidy.com/lp5/ 35 KB
35 KB 83ms
82ms Media
audio/mpeg 172.67.187.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aidsubsidy.com/lp5/audio-1.mp3
Requested by: Host: aidsubsidy.com
URL: https://aidsubsidy.com/lp5/?clickid=67180304d6ca1734094360a1&cmpid=66ec8194d59c6f7a7c34d8f0&adid=22104224&campaign_id=8651757&utm_source=AdMaven&utm_medium=paid&lpkeyua=2e47001ff28a71c3202a44540952ba32.1729627184&amt=5800&s1=PropellerAds&s3=8651757&s4=none&s5=22104224&lp=lp5&pid=bear-6603198fa86e190001136c75
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.187.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1eaf38961b3f7bf0044b766d855bf9ebeb5702f5d7f19c195216ee544c5f6ce5

Request headers

Referer: https://aidsubsidy.com/lp5/?clickid=67180304d6ca1734094360a1&cmpid=66ec8194d59c6f7a7c34d8f0&adid=22104224&campaign_id=8651757&utm_source=AdMaven&utm_medium=paid&lpkeyua=2e47001ff28a71c3202a44540952ba32.1729627184&amt=5800&s1=PropellerAds&s3=8651757&s4=none&s5=22104224&lp=lp5&pid=bear-6603198fa86e190001136c75
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

cf-cache-status: HIT
etag: "6691a1d8-8a03"
age: 5556
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DvoGIaN79%2Fg%2BvkpTsLZA%2Bk69T66LdMnvGKI9kygNedIZ0%2BOpak2rRkZIfDUQXDkvzMJLxoIyd0g%2B40nMc0FSJHHdViH4PPzG6YAeSNXX%2FC3dupcLSYUhKuFOQMkVirXwJg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=72465&sent=541&recv=96&lost=0&retrans=0&sent_bytes=622140&recv_bytes=16557&delivery_rate=1971962&cwnd=301200&unsent_bytes=0&cid=57b85cab90687253&ts=667&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 22 Oct 2024 19:54:44 GMT
content-type: audio/mpeg
last-modified: Fri, 12 Jul 2024 21:36:24 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range: bytes 0-35330/35331
cf-ray: 8d6c0a7e8cae7bc8-LAX
Content-Length: 35331
server: cloudflare

GET
H3 206 audio-2.mp3
aidsubsidy.com/lp5/ 43 KB
44 KB 83ms
83ms Media
audio/mpeg 172.67.187.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aidsubsidy.com/lp5/audio-2.mp3
Requested by: Host: aidsubsidy.com
URL: https://aidsubsidy.com/lp5/?clickid=67180304d6ca1734094360a1&cmpid=66ec8194d59c6f7a7c34d8f0&adid=22104224&campaign_id=8651757&utm_source=AdMaven&utm_medium=paid&lpkeyua=2e47001ff28a71c3202a44540952ba32.1729627184&amt=5800&s1=PropellerAds&s3=8651757&s4=none&s5=22104224&lp=lp5&pid=bear-6603198fa86e190001136c75
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.187.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd71b0b1888eafff2a810f605530236ff2de3c0dc52d0ee44ac0cbe97cae53a5

Request headers

Referer: https://aidsubsidy.com/lp5/?clickid=67180304d6ca1734094360a1&cmpid=66ec8194d59c6f7a7c34d8f0&adid=22104224&campaign_id=8651757&utm_source=AdMaven&utm_medium=paid&lpkeyua=2e47001ff28a71c3202a44540952ba32.1729627184&amt=5800&s1=PropellerAds&s3=8651757&s4=none&s5=22104224&lp=lp5&pid=bear-6603198fa86e190001136c75
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

cf-cache-status: HIT
etag: "6691a1da-ab6d"
age: 5556
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LEsDaX4VOFDGa6sPhO%2F5rTO2QwavFB8inhJK%2FjVAQjaW9D1hKCOJxXS6d2O7m1p13vkLY%2B%2BTjTqL5%2FWrS%2Fkc%2Bta6uZ4Z4FinX6234Pg17Q3qZwTGNykjjlpRmnPG02DBpw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=72465&sent=572&recv=96&lost=0&retrans=0&sent_bytes=658955&recv_bytes=16557&delivery_rate=1971962&cwnd=301200&unsent_bytes=0&cid=57b85cab90687253&ts=669&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 22 Oct 2024 19:54:44 GMT
content-type: audio/mpeg
last-modified: Fri, 12 Jul 2024 21:36:26 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range: bytes 0-43884/43885
cf-ray: 8d6c0a7e8caf7bc8-LAX
Content-Length: 43885
server: cloudflare

GET
H3 206 audio-4-5800.mp3
aidsubsidy.com/lp5/ 239 KB
239 KB 101ms
100ms Media
audio/mpeg 172.67.187.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aidsubsidy.com/lp5/audio-4-5800.mp3
Requested by: Host: aidsubsidy.com
URL: https://aidsubsidy.com/lp5/?clickid=67180304d6ca1734094360a1&cmpid=66ec8194d59c6f7a7c34d8f0&adid=22104224&campaign_id=8651757&utm_source=AdMaven&utm_medium=paid&lpkeyua=2e47001ff28a71c3202a44540952ba32.1729627184&amt=5800&s1=PropellerAds&s3=8651757&s4=none&s5=22104224&lp=lp5&pid=bear-6603198fa86e190001136c75
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.187.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 557953f818c6b4e6b51e6b8e3ffe1db191546f016fd9742401f6082cd38b3c6b

Request headers

Referer: https://aidsubsidy.com/lp5/?clickid=67180304d6ca1734094360a1&cmpid=66ec8194d59c6f7a7c34d8f0&adid=22104224&campaign_id=8651757&utm_source=AdMaven&utm_medium=paid&lpkeyua=2e47001ff28a71c3202a44540952ba32.1729627184&amt=5800&s1=PropellerAds&s3=8651757&s4=none&s5=22104224&lp=lp5&pid=bear-6603198fa86e190001136c75
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

cf-cache-status: HIT
etag: "6691a1d5-3ba48"
age: 5556
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5b2Qwn0AOhtnZ%2BoSwQ5VOltaiR8buKBeHpv%2FIqRis6vFeU3kXj8JDiVtOuv8FaTfg7Ghyh456vga2AFDyz57lC0Oq1rsOf98e83qaWwwzQOME4EVAdjy0swuK0yqGEQ58Q%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=72465&sent=574&recv=96&lost=0&retrans=0&sent_bytes=660623&recv_bytes=16557&delivery_rate=1971962&cwnd=301200&unsent_bytes=0&cid=57b85cab90687253&ts=670&x=1", cfExtPri, cfHdrFlush;dur=15
date: Tue, 22 Oct 2024 19:54:44 GMT
content-type: audio/mpeg
last-modified: Fri, 12 Jul 2024 21:36:21 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range: bytes 0-244295/244296
cf-ray: 8d6c0a7e8cb07bc8-LAX
Content-Length: 244296
server: cloudflare

GET
H3 206 audio-4-5800.mp3
aidsubsidy.com/lp5/ 1 KB
0 189ms
85ms Media
audio/mpeg 172.67.187.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aidsubsidy.com/lp5/audio-4-5800.mp3
Requested by: Host: aidsubsidy.com
URL: https://aidsubsidy.com/lp5/?clickid=67180304d6ca1734094360a1&cmpid=66ec8194d59c6f7a7c34d8f0&adid=22104224&campaign_id=8651757&utm_source=AdMaven&utm_medium=paid&lpkeyua=2e47001ff28a71c3202a44540952ba32.1729627184&amt=5800&s1=PropellerAds&s3=8651757&s4=none&s5=22104224&lp=lp5&pid=bear-6603198fa86e190001136c75
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.187.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://aidsubsidy.com/lp5/?clickid=67180304d6ca1734094360a1&cmpid=66ec8194d59c6f7a7c34d8f0&adid=22104224&campaign_id=8651757&utm_source=AdMaven&utm_medium=paid&lpkeyua=2e47001ff28a71c3202a44540952ba32.1729627184&amt=5800&s1=PropellerAds&s3=8651757&s4=none&s5=22104224&lp=lp5&pid=bear-6603198fa86e190001136c75
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

cf-cache-status: HIT
etag: "6691a1d5-3ba48"
age: 5557
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XSSWMB2cZ39lRHd8q0Y1uD6J9%2BSqHG6JtveR4FkNKNDAAYwOvQZQ9ra2xEHFVN3%2Feo7Iei4BY3CK0x88Wkx3b55I6si9JrzWW9S11TTBvWJtV9Z02vJzWUkYMPg4Fp%2Fgdg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=74047&sent=824&recv=145&lost=0&retrans=0&sent_bytes=955509&recv_bytes=19267&delivery_rate=5446822&cwnd=454800&unsent_bytes=0&cid=57b85cab90687253&ts=773&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 22 Oct 2024 19:54:45 GMT
content-type: audio/mpeg
last-modified: Fri, 12 Jul 2024 21:36:21 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range: bytes 0-244295/244296
cf-ray: 8d6c0a7f3d7d7bc8-LAX
Content-Length: 244296
server: cloudflare

POST
H2 200 GenerateToken Show response
create.leadid.com/2.15.1/ 36 B
661 B 458ms
188ms XHR
text/plain 52.4.230.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.15.1/GenerateToken?msn=1&pid=27ec8ada-2029-417b-b77a-16bde13a8cb7&_=194653374

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/a57816b4-6c59-f397-7853-7e14e45d3e1b.js?snippet_version=2&callback=addToQueryString

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.4.230.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-230-183.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e792251b3816c91800e0640f5e741c89a06b4b74678d66db2edff3513b38124f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://aidsubsidy.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-max-age: 1728000
cache-control: no-cache, must-revalidate
content-encoding: gzip
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
date: Tue, 22 Oct 2024 19:54:45 GMT
content-type: text/plain;charset=UTF-8
server: nginx
access-control-allow-headers: X-Requested-With, Content-Type

GET
H/1.1 200
OK iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 8133 0
0 463ms
132ms Document
text/html 3.168.96.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=E09B5188-AE44-7758-CCC2-977B86205F33&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.15.1&lck=A57816B4-6C59-F397-7853-7E14E45D3E1B&lac=F252983F-4BD1-0DD8-CD81-F4700AF60B66

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/a57816b4-6c59-f397-7853-7e14e45d3e1b.js?snippet_version=2&callback=addToQueryString

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

3.168.96.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-168-96-38.jfk52.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://aidsubsidy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Age: 49515
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 22 Oct 2024 06:09:30 GMT
Etag: W/"6707fed3-dbb"
Last-Modified: Thu, 10 Oct 2024 16:20:35 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Via: 1.1 4c71f51c48fb1aec28bdb43b72260ca2.cloudfront.net (CloudFront)
X-Amz-Cf-Id: WlE_nppLN9VM7LPXgh-a8o1gt0m8plbBxhhRil4Wl7WrDyORKbz4XA==
X-Amz-Cf-Pop: JFK52-P6
X-Cache: Hit from cloudfront

POST
H2 200 SaveDom Show response
create.leadid.com/2.15.1/ 0
624 B 136ms
134ms XHR
text/plain 52.4.230.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.15.1/SaveDom?msn=2&pid=27ec8ada-2029-417b-b77a-16bde13a8cb7&token=E09B5188-AE44-7758-CCC2-977B86205F33&_=194653375

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/a57816b4-6c59-f397-7853-7e14e45d3e1b.js?snippet_version=2&callback=addToQueryString

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.4.230.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-230-183.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://aidsubsidy.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-max-age: 1728000
cache-control: no-cache, must-revalidate
content-encoding: gzip
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
date: Tue, 22 Oct 2024 19:54:45 GMT
content-type: text/plain;charset=UTF-8
server: nginx
access-control-allow-headers: X-Requested-With, Content-Type

POST
H2 200 InitFormData Show response
create.leadid.com/2.15.1/ 0
625 B 135ms
133ms XHR
text/plain 52.4.230.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.15.1/InitFormData?msn=3&pid=27ec8ada-2029-417b-b77a-16bde13a8cb7&token=E09B5188-AE44-7758-CCC2-977B86205F33&_=194653376

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/a57816b4-6c59-f397-7853-7e14e45d3e1b.js?snippet_version=2&callback=addToQueryString

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.4.230.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-230-183.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://aidsubsidy.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-max-age: 1728000
cache-control: no-cache, must-revalidate
content-encoding: gzip
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
date: Tue, 22 Oct 2024 19:54:45 GMT
content-type: text/plain;charset=UTF-8
server: nginx
access-control-allow-headers: X-Requested-With, Content-Type

GET
H2 200 CA701edcfda750434cbdf14b7ceddcabf1 Show response
b-js.ringba.com/ 17 KB
18 KB 467ms
152ms Script
text/html 2600:9000:24f0:bc00:4:1957:6500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-js.ringba.com/CA701edcfda750434cbdf14b7ceddcabf1
Requested by: Host: aidsubsidy.com
URL: https://aidsubsidy.com/lp5/?clickid=67180304d6ca1734094360a1&cmpid=66ec8194d59c6f7a7c34d8f0&adid=22104224&campaign_id=8651757&utm_source=AdMaven&utm_medium=paid&lpkeyua=2e47001ff28a71c3202a44540952ba32.1729627184&amt=5800&s1=PropellerAds&s3=8651757&s4=none&s5=22104224&lp=lp5&pid=bear-6603198fa86e190001136c75
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:bc00:4:1957:6500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 425cf80a0a00bd5355f80e9a9accf7061ff89ce0c164fb44bc9608244f45a849

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aidsubsidy.com/

Response headers

access-control-max-age: 300
age: 108
expires: Tue, 22 Oct 2024 19:56:30 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: fOE20rkWLw0mRYucdlCWmGIasa8ruZ4fUPTpaAWTA_c0GPWbSjRs1A==
date: Tue, 22 Oct 2024 19:52:56 GMT
content-type: text/html; charset=utf-8
x-runtime: 0.0000
cache-control: public
x-aspnet-version: 4.0.30319
via: 1.1 87fe250b32fc87699b1f30c0c5ab6004.cloudfront.net (CloudFront)
access-control-allow-origin: *
content-length: 17720
x-amz-cf-pop: JFK50-P3
x-powered-by: ASP.NET
server: Microsoft-IIS/10.0

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 228 KB
58 KB 298ms
137ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBD8WP6

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Resource Hash

b3cad51ca0cfdbeac9d38f7aad54e6564408f0da56a6fd56350e0d03d4f0aef9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aidsubsidy.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 19:54:45 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=133, rtx=0, c=24, mss=1232, tbw=8179, tp=13, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: i0PutQLQeU63ISYrMy/ZK+M01soVSV7CwuZyW/U8DSCrRSsb+6EGcc3RikcRRam+xRtlmJV7KDFZGDjnUPdoDg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59508
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 200 Snap Show response
create.leadid.com/2.15.1/ 0
625 B 518ms
340ms XHR
text/plain 52.4.230.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.15.1/Snap?msn=4&pid=27ec8ada-2029-417b-b77a-16bde13a8cb7&token=E09B5188-AE44-7758-CCC2-977B86205F33&_=194653377

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/a57816b4-6c59-f397-7853-7e14e45d3e1b.js?snippet_version=2&callback=addToQueryString

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.4.230.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-230-183.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://aidsubsidy.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-max-age: 1728000
cache-control: no-cache, must-revalidate
content-encoding: gzip
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
date: Tue, 22 Oct 2024 19:54:46 GMT
content-type: text/plain;charset=UTF-8
server: nginx
access-control-allow-headers: X-Requested-With, Content-Type

GET
H3 200 780623153726433 Show response
connect.facebook.net/signals/config/ 86 KB
18 KB 289ms
287ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/780623153726433?v=2.9.173&r=stable&domain=aidsubsidy.com&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Resource Hash

9107e6362f41272070ee5fd293f6412be9deb7bc9a9c64c717b9a7dd45fc197d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://aidsubsidy.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 19:54:46 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=136, rtx=0, c=77, mss=1232, tbw=71463, tp=69, tpl=0, uplat=152, ullat=0
pragma: public
x-fb-debug: B2wIIf8ZGAyDP7Z71Sh0Q2GRimQC01mwNKmdr3YAOU24c8IV6rjN3cFAkwk8o//V61Jq451YhFgDf4ENCrrheg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST gnbulk
display.ringba.com/v2/nis/ 0
0

GET /
www.facebook.com/tr/ 0
0

GET /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: display.ringba.com
URL: https://display.ringba.com/v2/nis/gnbulk

Domain: www.facebook.com
URL: https://www.facebook.com/tr/?id=780623153726433&ev=PageView&dl=https%3A%2F%2Faidsubsidy.com&rl=&if=false&ts=1729626886239&sw=1600&sh=1200&v=2.9.173&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12316&fbp=fb.1.1729626886238.34306021528352162&pm=1&hrl=332996&ler=empty&cdl=API_unavailable&it=1729626885918&coo=false&tm=1&cs_cc=1&cas=8972100186139092%2C7869549216427153%2C9010332735648752%2C7937643766320591%2C25918686207775533%2C7879204782163645%2C8135674146462778%2C26578102048455481%2C7428564733928370%2C7430014963758905%2C8130954230252603%2C8156212071163171%2C7770770619624888%2C6848977285184933%2C24392222093756326%2C6846828002076257%2C6832038293576359%2C5511102012347571%2C7026137747439158%2C24066459806336132%2C6794730927249033%2C6736310903126754%2C6461639747223968%2C6887415684631292%2C6655316901227557%2C6824017100992204%2C6470557919697356%2C6871813186196933%2C6406454956103060%2C6488258184622402%2C6389926114418170%2C6974227112589466%2C6690657220955293%2C6379237478818486&rqm=GET

Domain: www.facebook.com
URL: https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=780623153726433&ev=PageView&dl=https%3A%2F%2Faidsubsidy.com&rl=&if=false&ts=1729626886239&sw=1600&sh=1200&v=2.9.173&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12316&fbp=fb.1.1729626886238.34306021528352162&pm=1&hrl=332996&ler=empty&cdl=API_unavailable&it=1729626885918&coo=false&tm=1&cs_cc=1&cas=8972100186139092%2C7869549216427153%2C9010332735648752%2C7937643766320591%2C25918686207775533%2C7879204782163645%2C8135674146462778%2C26578102048455481%2C7428564733928370%2C7430014963758905%2C8130954230252603%2C8156212071163171%2C7770770619624888%2C6848977285184933%2C24392222093756326%2C6846828002076257%2C6832038293576359%2C5511102012347571%2C7026137747439158%2C24066459806336132%2C6794730927249033%2C6736310903126754%2C6461639747223968%2C6887415684631292%2C6655316901227557%2C6824017100992204%2C6470557919697356%2C6871813186196933%2C6406454956103060%2C6488258184622402%2C6389926114418170%2C6974227112589466%2C6690657220955293%2C6379237478818486&rqm=FGET

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
dotyruntchan.com/	1970-01-21 09:12:42	Name: OAID Value: 0080fd745f124ccbeab3aed96546a6be
dotyruntchan.com/	1970-01-21 09:12:42	Name: oaidts Value: 1729626882
dotyruntchan.com/	1970-01-21 00:27:10	Name: captcha Value: player
my.rtmark.net/	1970-01-21 09:12:42	Name: ID Value: 0080fd745f124ccbeab3aed96546a6be
dotyruntchan.com/	1970-01-21 00:37:11	Name: syncedCookie Value: true
.go.aidsubsidy.com/	1970-01-21 00:28:33	Name: redcmps Value: W3siaWQiOiI2NmVjODE5NGQ1OWM2ZjdhN2MzNGQ4ZjAiLCJ0IjoiMjAyNC0xMC0yMlQxOTo1NDo0NC4xMTM0MjgwNDVaIn1d
.go.aidsubsidy.com/	1970-01-21 09:12:42	Name: redhash Value: NjcxODAzMDRkNmNhMTczNDA5NDM2MGExfDB8NjZlYzgxOTRkNTljNmY3YTdjMzRkOGYwfHwyYTZlOWM5My0yNTE3LTQ0OTItODBlMi1jYzg2NzkzYzA4M2N8MTcyOTYyNjg4NA==
aidsubsidy.com/	1970-01-21 00:27:08	Name: PHPSESSID Value: ed7b5chffv5d1ttt2m11itolci
aidsubsidy.com/	1970-01-21 01:10:18	Name: lang Value: en
aidsubsidy.com/	1969-12-31 23:59:59	Name: leadid_token-F252983F-4BD1-0DD8-CD81-F4700AF60B66-A57816B4-6C59-F397-7853-7E14E45D3E1B Value: E09B5188-AE44-7758-CCC2-977B86205F33
.aidsubsidy.com/	1970-01-21 02:36:42	Name: _fbp Value: fb.1.1729626886238.34306021528352162
.trueleadid.com/	1969-12-31 23:59:59	Name: nlbi_3051494 Value: AEcINdYckC4lU9ZXC30iGwAAAAAexY7j9rDRi8j0Q8CO10mN
.trueleadid.com/	1970-01-21 09:12:00	Name: visid_incap_3051494 Value: 0uLrblMsTHaiJCfxyonJGgUDGGcAAAAAQUIPAAAAAABaaizqBhbMZ9Fq9a/scjhF
.trueleadid.com/	1969-12-31 23:59:59	Name: incap_ses_881_3051494 Value: +/9ECIBFNk5JBc/H/PA5DAYDGGcAAAAAUK1UdGmHQChbf55msVxGOQ==
.deviceid.trueleadid.com/	1970-01-21 10:03:06	Name: uuid Value: e4c14c59c0c14519b33829bf83400199

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aidsubsidy.com
b-js.ringba.com
connect.facebook.net
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
display.ringba.com
dotyruntchan.com
go.aidsubsidy.com
my.rtmark.net
www.facebook.com
www.googletagmanager.com
display.ringba.com
www.facebook.com
104.18.23.222
139.45.195.8
172.67.187.229
2600:9000:24f0:bc00:4:1957:6500:93a1
2606:4700:10::ac43:29e5
2607:f8b0:4006:820::2008
2a01:4ff:f0:ea7d::1
3.168.96.38
31.13.71.7
52.4.230.183
1eaf38961b3f7bf0044b766d855bf9ebeb5702f5d7f19c195216ee544c5f6ce5
38e660c86fa1c9eeb2405516532fbdc3624eac12bf137f49d8a16864265f6166
425cf80a0a00bd5355f80e9a9accf7061ff89ce0c164fb44bc9608244f45a849
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
557953f818c6b4e6b51e6b8e3ffe1db191546f016fd9742401f6082cd38b3c6b
5753af534566bc6711ac61389e1ab7870faaebfe8c612881e3f8c81e836963d5
65845d4af002518da19af68b5755e4f302153967eef77b58c3eafc8c3fc542f7
68c50ce36d6a706c212607165c0fcb4ad4d91c1fc8d66db7367a29d29a1704dc
6942f0873b6a7108e18a983b4192ad469011a8131317f88161d6f0917058da22
7e0adfc2dcb07244bc15bafbb6a55284968c2802324856d3183421a17266035d
8692b3e5caaf92c5f7540b8e0c97ac42fd80274c26df34e838f9438ada92a523
9107e6362f41272070ee5fd293f6412be9deb7bc9a9c64c717b9a7dd45fc197d
9d2c4333339e8399e965594bfa48f1634ed1e6cfc28f3bae5360152e4ec54b6d
a640fff77c7cfc52bda67742a8bd8673903d3df4ea189c4f845d7e9075230468
b3cad51ca0cfdbeac9d38f7aad54e6564408f0da56a6fd56350e0d03d4f0aef9
c94a0dc6cbd7f95a3c4eb8f7959fd8e5905ff0794116c07a5f09bbac7ef9ffd1
cd71b0b1888eafff2a810f605530236ff2de3c0dc52d0ee44ac0cbe97cae53a5
ce48ba0b3b2d3b1dfc8ae1158b0133035823963b717175a03c2e0d7b1a0419a5
cecaaf9bddf7acf44fe8802bda00b0755b2c2cfa464d1b2e00e975ea1743643d
d31e6f203499c1efa94e5859582715c6fc68ac81ca8a67e5db83bdab78ec7111
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
db1c5f1903a12837cbfe76d478cda1612a0ff9bda9e502c33954c334d2ed5697
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e792251b3816c91800e0640f5e741c89a06b4b74678d66db2edff3513b38124f
ed1a6ff802c3e71b1c3e732bb37deef071e0ff76f6e75a21c3b1dea2bf28908b
f93e14fd5c9e6b37ef75366cc7da674216303da0df21377ac275abb45f46642f
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

aidsubsidy.com Open in urlscan Pro 172.67.187.229 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

38 Requests

92 %HTTPS

40 %IPv6

10 Domains

12 Subdomains

10 IPs

3 Countries

1132 kBTransfer

1771 kBSize

15 Cookies

1 Outgoing links

Page URL History

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

aidsubsidy.com Open in urlscan Pro
172.67.187.229 Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

92 %
HTTPS

40 %
IPv6

10
Domains

12
Subdomains

10
IPs

3
Countries

1132 kB
Transfer

1771 kB
Size

15
Cookies

38 HTTP transactions
0 data transactions