urlscan.io logo urlscan.io
SecurityTrails logo

techusman.shop Open in urlscan Pro
162.0.209.24  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://techusman.shop/
Effective URL: https://techusman.shop/
Submission: On May 16 via manual from SE — Scanned from SE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 5 countries across 18 domains to perform 25 HTTP transactions. The main IP is 162.0.209.24, located in United States and belongs to NAMECHEAP-NET, US. The main domain is techusman.shop.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 22nd 2021. Valid for: a year.
This is the only time techusman.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 162.0.209.24 22612 (NAMECHEAP...)
1 185.66.200.222 201702 (SKHOSTING-EU)
1 216.104.36.155 32475 (SINGLEHOP...)
1 104.21.86.3 13335 (CLOUDFLAR...)
5 172.67.151.56 13335 (CLOUDFLAR...)
1 192.243.59.20 39572 (ADVANCEDH...)
1 1 67.199.248.10 396982 (GOOGLE-CL...)
2 2 67.202.94.86 32748 (STEADFAST)
2 172.67.8.141 13335 (CLOUDFLAR...)
1 46.105.201.240 16276 (OVH)
2 35.190.41.116 15169 (GOOGLE)
1 192.99.8.34 16276 (OVH)
1 172.67.182.131 13335 (CLOUDFLAR...)
1 104.16.89.20 13335 (CLOUDFLAR...)
2 104.21.55.40 13335 (CLOUDFLAR...)
1 142.250.184.232 15169 (GOOGLE)
1 142.250.185.74 15169 (GOOGLE)
2 142.250.185.195 15169 (GOOGLE)
1 142.250.185.238 15169 (GOOGLE)
25 17
2    162.0.209.24 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium164-2.web-hosting.com
techusman.shop
1    185.66.200.222 (Nitra, Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.222.skhosting.eu
cdn-server.top
1    216.104.36.155 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
p1.w-q-f-a.com
1    104.21.86.3 (None, )

ASN13335 (CLOUDFLARENET, US)
macron.xyz
5    172.67.151.56 (United States)

ASN13335 (CLOUDFLARENET, US)
achcdn.com
ragnarp.net
1    192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
indebtedatrocious.com
1    67.199.248.10 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
2    67.202.94.86 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: amung.us
whos.amung.us
2    172.67.8.141 (United States)

ASN13335 (CLOUDFLARENET, US)
widgets.amung.us
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
2    35.190.41.116 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 116.41.190.35.bc.googleusercontent.com
youradexchange.com
1    192.99.8.34 (Canada)

ASN16276 (OVH, FR)
PTR: ns501383.ip-192-99-8.net
s4.histats.com
1    172.67.182.131 (United States)

ASN13335 (CLOUDFLARENET, US)
swarm.video
1    104.16.89.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    104.21.55.40 (None, )

ASN13335 (CLOUDFLARENET, US)
uptimecdn.com
1    142.250.184.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f8.1e100.net
www.googletagmanager.com
1    142.250.185.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f10.1e100.net
fonts.googleapis.com
2    142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net
fonts.gstatic.com
1    142.250.185.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f14.1e100.net
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
4 amung.us
whos.amung.us — Cisco Umbrella Rank: 12351
widgets.amung.us — Cisco Umbrella Rank: 13639
4 KB
3 ragnarp.net
ragnarp.net — Cisco Umbrella Rank: 383945
37 KB
2 gstatic.com
fonts.gstatic.com
46 KB
2 uptimecdn.com
uptimecdn.com — Cisco Umbrella Rank: 106094
50 KB
2 youradexchange.com
youradexchange.com — Cisco Umbrella Rank: 30909
2 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 14816
s4.histats.com — Cisco Umbrella Rank: 12295
5 KB
2 achcdn.com
achcdn.com — Cisco Umbrella Rank: 95765
50 KB
2 techusman.shop
techusman.shop
657 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
898 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
39 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 432
139 KB
1 swarm.video
swarm.video — Cisco Umbrella Rank: 113559
128 KB
1 bit.ly
bit.ly — Cisco Umbrella Rank: 4032
304 B
1 indebtedatrocious.com
indebtedatrocious.com — Cisco Umbrella Rank: 328907
1 macron.xyz
macron.xyz — Cisco Umbrella Rank: 276807
2 KB
1 w-q-f-a.com
p1.w-q-f-a.com
2 KB
1 cdn-server.top
cdn-server.top — Cisco Umbrella Rank: 799458
707 B
25 18
Domain Requested by
3 ragnarp.net macron.xyz
ragnarp.net
2 fonts.gstatic.com fonts.googleapis.com
2 uptimecdn.com ragnarp.net
uptimecdn.com
2 youradexchange.com achcdn.com
uptimecdn.com
2 widgets.amung.us macron.xyz
ragnarp.net
2 whos.amung.us 2 redirects
2 achcdn.com macron.xyz
achcdn.com
2 techusman.shop 1 redirects
1 www.google-analytics.com www.googletagmanager.com
1 fonts.googleapis.com ragnarp.net
1 www.googletagmanager.com ragnarp.net
1 cdn.jsdelivr.net ragnarp.net
1 swarm.video ragnarp.net
1 s4.histats.com s10.histats.com
1 s10.histats.com macron.xyz
1 bit.ly 1 redirects
1 indebtedatrocious.com macron.xyz
1 macron.xyz techusman.shop
1 p1.w-q-f-a.com cdn-server.top
1 cdn-server.top techusman.shop
25 20

This site contains no links.

Subject Issuer Validity Valid
techusman.shop
Sectigo RSA Domain Validation Secure Server CA		 2021-12-22 -
2022-12-22		 a year crt.sh
cdn-server.top
R3		 2022-05-15 -
2022-08-13		 3 months crt.sh
p1.w-q-f-a.com
R3		 2022-04-11 -
2022-07-10		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-11-03 -
2022-11-02		 a year crt.sh
indebtedatrocious.com
R3		 2022-04-21 -
2022-07-20		 3 months crt.sh
*.ragnarp.net
E1		 2022-04-04 -
2022-07-03		 3 months crt.sh
histats.com
R3		 2022-04-19 -
2022-07-18		 3 months crt.sh
youradexchange.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-16 -
2022-07-01		 2 years crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://techusman.shop/
Frame ID: 37D23C6ED4E860A08712B5815AF73148
Requests: 3 HTTP requests in this frame

Frame: https://macron.xyz/player/1/1
Frame ID: 8C6262A4BA193B2EF0998CB55ED46098
Requests: 8 HTTP requests in this frame

Frame: https://ragnarp.net/embed/8ih71v
Frame ID: 5B73E897227E5086B8E5F6C1826D95DC
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://techusman.shop/ HTTP 301
    https://techusman.shop/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

25
Requests

92 %
HTTPS

0 %
IPv6

18
Domains

20
Subdomains

17
IPs

5
Countries

524 kB
Transfer

1607 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://techusman.shop/ HTTP 301
    https://techusman.shop/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://bit.ly/3pZAMSk HTTP 301
  • https://whos.amung.us/cwidget/castmxxtv/000000ffffff.png HTTP 307
  • https://widgets.amung.us/draw/?w=colored&n=444&c=000000ffffff&p=
Request Chain 17
  • https://whos.amung.us/cwidget/y7opzyrraw/000000ffffff.png HTTP 307
  • https://widgets.amung.us/draw/?w=colored&n=3658&c=000000ffffff&p=

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
techusman.shop/
Redirect Chain
  • http://techusman.shop/
  • https://techusman.shop/
278 B
423 B 		Document
General
Check archive.org
Download Go to
Full URL
https://techusman.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.209.24 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium164-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
bbfa938dd7bffc551b938b0159b1031c1e9c8fbedef2627da9fb1f0d384f3a12

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

accept-ranges
bytes
content-length
278
content-type
text/html
date
Mon, 16 May 2022 07:38:10 GMT
last-modified
Tue, 01 Mar 2022 14:49:02 GMT
server
LiteSpeed
x-turbo-charged-by
LiteSpeed

Redirect headers

content-length
707
content-type
text/html
date
Mon, 16 May 2022 07:38:09 GMT
keep-alive
timeout=5, max=100
location
https://techusman.shop/
server
LiteSpeed
x-turbo-charged-by
LiteSpeed
mms.js
cdn-server.top/p/ 		410 B
707 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-server.top/p/mms.js?pub=982735&ga=g
Requested by
Host: techusman.shop
URL: https://techusman.shop/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.222 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.200.222.skhosting.eu
Software
nginx /
Resource Hash
773b96986696e4b895bf0d7aa9bcc0ddcca1bc8790b114e3cc0a6c16e117815b

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://techusman.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
cache
date
Mon, 16 May 2022 07:38:10 GMT
cache-control
max-age=3600
expires
Mon, 16 May 2022 08:38:10 GMT
server
nginx
x-robots-tag
noindex, nofollow, noarchive, nosnippet
content-type
application/javascript
pub.min.js
p1.w-q-f-a.com/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p1.w-q-f-a.com/js/pub.min.js
Requested by
Host: cdn-server.top
URL: https://cdn-server.top/p/mms.js?pub=982735&ga=g
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.104.36.155 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
2207fcd49173cc015e51613f5e57b0adac1621a5b0aaa026b297da18be7ef1a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://techusman.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 07:38:11 GMT
content-encoding
gzip
last-modified
Wed, 22 Sep 2021 12:11:29 GMT
server
nginx
etag
"614b1d71-60b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
strict-transport-security
max-age=31536000; includeSubdomains;
content-length
1547
expires
Tue, 17 May 2022 07:38:11 GMT
1
macron.xyz/player/1/ Frame 8C62 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://macron.xyz/player/1/1
Requested by
Host: techusman.shop
URL: https://techusman.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.86.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3858ff6808c8383441424638e5cf09fef5fca35334954e99799b7b55d2a73b69

Request headers

Referer
https://techusman.shop/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
70c273ca091510c5-CPH
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 16 May 2022 07:38:11 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K3Aho2mceU4hqGUR1gCFyxr1TlGTfeHibl03h1URZvgXSqjmp2yhwInYhBk8YMucaPqq5uRgoE0EhHDljS3%2Bu2O1s3kS3FqqKRRl6EXaCDIW0pozVlV0Tu0TRXQN"}],"group":"cf-nel","max_age":604800}
server
cloudflare
suv4.js
achcdn.com/script/ Frame 8C62 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://achcdn.com/script/suv4.js
Requested by
Host: macron.xyz
URL: https://macron.xyz/player/1/1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.151.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30b96cbd79ea8b8c3f364d6f19ca3b08f6ac761e272e99d828c2862f99ea2be0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://macron.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash
crc32c=x7BeEA==, md5=kSba/RfBMpElRygfFUmk1g==
date
Mon, 16 May 2022 07:38:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1550
x-guploader-uploadid
ADPycduRkK18EA7ncpWQ5K4v_DS8tzal1Hc-ynjOUWuqCCJgI3-Maa9Bv-0-yP8cbTs0Al8LBuRKIY3D4wNwhfnZH2kbJr4h11k1
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 12 May 2022 08:12:27 GMT
server
cloudflare
etag
W/"9126dafd17c132912547281f1549a4d6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hJgX%2FadDAfI%2FAcByH%2BeAcQoQBkTcbH8KT2N4%2Fv9THnI8c4Cl8ZU4EVw89a%2FTFx5Y2jdSkiqnI83HibVCKZgrOjd0UjOUK%2Fz%2FWHgLXan5nelRzqhIyfMalMoLxUFZ"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1652343147228413
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=14400
x-goog-stored-content-length
88825
cf-ray
70c273cc08a2abda-CPH
expires
Mon, 16 May 2022 08:09:51 GMT
f4e6b95f4bf12f82da5c594c670bb23d.js
indebtedatrocious.com/f4/e6/b9/ Frame 8C62 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://indebtedatrocious.com/f4/e6/b9/f4e6b95f4bf12f82da5c594c670bb23d.js
Requested by
Host: macron.xyz
URL: https://macron.xyz/player/1/1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://macron.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Mon, 16 May 2022 07:38:12 GMT
Server
nginx/1.17.9
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA,x-Device-User-Agent
Content-Type
application/javascript
Content-Length
0
/
widgets.amung.us/draw/ Frame 8C62
Redirect Chain
  • https://bit.ly/3pZAMSk
  • https://whos.amung.us/cwidget/castmxxtv/000000ffffff.png
  • https://widgets.amung.us/draw/?w=colored&n=444&c=000000ffffff&p=
1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/draw/?w=colored&n=444&c=000000ffffff&p=
Requested by
Host: macron.xyz
URL: https://macron.xyz/player/1/1
Protocol
H2
Server
172.67.8.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d131687d06a69d28e4a9ad2d89f90f2cbe1d1d8c75c3c550ace04b41d29bec1

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://macron.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 07:38:12 GMT
cf-cache-status
HIT
last-modified
Fri, 13 May 2022 09:30:09 GMT
server
cloudflare
age
252483
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
content-disposition
filename=wau-widget.png
cf-ray
70c273d1aeef9933-ARN
expires
Sat, 14 May 2022 09:30:09 GMT

Redirect headers

location
https://widgets.amung.us/draw/?w=colored&n=444&c=000000ffffff&p=
date
Mon, 16 May 2022 07:38:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
8ih71v
ragnarp.net/embed/ Frame 5B73 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ragnarp.net/embed/8ih71v
Requested by
Host: macron.xyz
URL: https://macron.xyz/player/1/1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.151.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e5b265650d72f4fed1ed14e88f618175c77badb1a6a73fe7716fe3b4ef42313

Request headers

Referer
https://macron.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
70c273d28f7810b5-CPH
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 16 May 2022 07:38:12 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B9lBfPQ9PcPhUZlUsy2oiiUAeMuFi2Lkto6NW7b6ZDt7hUOLSnLlV7XVl3m1tWqNqSZJ4t4AM%2F8dQ1V4m76QNee0JHh%2Bl7YCXYnLgDJ8mleRfObNHQFj4435y3Qndg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
js15_as.js
s10.histats.com/ Frame 8C62 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: macron.xyz
URL: https://macron.xyz/player/1/1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://macron.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 07:37:42 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip
51.254.41.128/25
etag
"-375139978"
x-cacheable
Matched cache
content-type
text/javascript
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
4364
x-request-id
100899847
ut.js
achcdn.com/script/ Frame 8C62 		52 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://achcdn.com/script/ut.js?cb=1652686691260
Requested by
Host: achcdn.com
URL: https://achcdn.com/script/suv4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.151.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce085c69909224b56a34cb0c6eb20f6cbe8c88234a0b541c7636dbe45b800407

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://macron.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash
crc32c=1G6REg==, md5=gDLdkp92ciRk5WyuPfN0SA==
date
Mon, 16 May 2022 07:38:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1556
x-guploader-uploadid
ADPycdu-ACROat5gimYAW2O0wYC4yJmByTvZ3DZS2jnKFc-O6CUPUrGbJwcBu5sxcsHGveW2xhcT8f58ds0gW-vWqBqsC3QNUYOV
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 28 Apr 2022 07:18:18 GMT
server
cloudflare
etag
W/"8032dd929f76722464e56cae3df37448"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uCjYUKQ7RYIuNzgV722qCMsZz%2FCD6GzmYOVQudvg46eiSIGYmjFPDouAwbb9osYVkiu5yidTDkbwfHJ37Vc85uPxKXS8l3J%2FhwwzUsgQpr9upKCWAZJnL8EYwdeq"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1651130297941385
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=14400
x-goog-stored-content-length
52866
cf-ray
70c273d22b59abda-CPH
expires
Mon, 16 May 2022 07:19:29 GMT
suurl4.php
youradexchange.com/script/ Frame 8C62 		1 KB
959 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/suurl4.php?r=5712174&cbur=0.9903433735111673&cbiframe=1&cbWidth=700&cbHeight=480&cbtitle=&cbpage=https%3A%2F%2Ftechusman.shop%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=achcdn.com&aggr=0&chmob=%3F0&chmob=%3F0&chmob=%3F0&chmob=%3F0&chmob=%3F0&chmob=%3F0&chmob=%3F0&chmob=%3F0&chmob=%3F0&chmob=%3F0
Requested by
Host: achcdn.com
URL: https://achcdn.com/script/suv4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.41.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
e5c2972aa0bde02daa99dd48f2e6e9a5ec9956db0103d35494a5449417189987

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://macron.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 16 May 2022 07:38:12 GMT
content-encoding
gzip
server
openresty
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
content-type
application/json; charset=utf-8
0.php
s4.histats.com/stats/ Frame 8C62 		53 B
187 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4525989&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Ftechusman.shop%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:7427333&@b3:1652686692&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fmacron.xyz%2Fplayer%2F1%2F1&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.8.34 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns501383.ip-192-99-8.net
Software
/
Resource Hash
1af68a720ca49a79f5b430d26d5b43db235e7a28c3c90461e1e66e406ff43197

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://macron.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Mon, 16 May 2022 07:38:12 GMT
Connection
close
Content-Length
53
Content-Type
text/html;charset=UTF-8
embed.min.css
ragnarp.net/css/ Frame 5B73 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ragnarp.net/css/embed.min.css?v=0.3
Requested by
Host: ragnarp.net
URL: https://ragnarp.net/embed/8ih71v
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d2556e6fe39f0adea7f7b90515e482645f702c89ff7206bae2514daed52b397

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ragnarp.net/embed/8ih71v
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 07:38:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 09 Nov 2020 18:05:02 GMT
server
cloudflare
age
5863
etag
W/"5fa984ce-484"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2FXVSQC%2FRYxLcZc7GmS355tEYhpOPRo67Pk9W1oDGPFpxmmWoh9L2ARgHzpCxldytnvFsf%2FV5%2FVUQ%2BDsaggFfLZZIo6DXqezv3iPUs5%2BudP2KIheD43YlI2c4ZlXEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
70c273d42a377373-CPH
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.min.js
ragnarp.net/js/ Frame 5B73 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ragnarp.net/js/jquery.min.js
Requested by
Host: ragnarp.net
URL: https://ragnarp.net/embed/8ih71v
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ragnarp.net/embed/8ih71v
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 07:38:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 09 Nov 2020 18:05:02 GMT
server
cloudflare
age
5863
etag
W/"5fa984ce-15283"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ssgxI8O%2Bqv5CKXUGrL%2F%2Fe8%2B7dYXx%2FTUrhgBsxGr2OyOxJnGSRLQhpZnueaXJjHZbsc1TVtcpBygKeTV8rC98aiaB%2FrBPJdQ%2BVLjwTc9GcsdkQwwlj3OJBUPvdEjJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
70c273d42a397373-CPH
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wigistream.js
swarm.video/ Frame 5B73 		506 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://swarm.video/wigistream.js?version=0.0.80
Requested by
Host: ragnarp.net
URL: https://ragnarp.net/embed/8ih71v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.182.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
0e8714e1c7ce6159f6bff5085163212294c59e411ed4b10ad956ae0b2800d03d

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 07:38:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4848696
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 14 Mar 2022 16:15:47 GMT
server
cloudflare
etag
W/"7ee26-17f8936dae0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TLlE3xvcjzM2aM%2FoS8ZPdLpoofudH7Q5BnkIPOOC3h8JkBlMGyZI1lRGBCE3NilCK7SWVclfu1L7pGjutTTVOp6SEFzK%2FayRRlX2SLx%2F1s1EEi%2FVbnTyWekgdQ4NUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-polished
origSize=519718
cf-ray
70c273d478b87357-CPH
cf-bgj
minify
clappr.min.js
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame 5B73 		513 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Requested by
Host: ragnarp.net
URL: https://ragnarp.net/embed/8ih71v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 07:38:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
35782
x-jsd-version
0.3.13
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19162-FRA, cache-bma1682-BMA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YV%2B9LBZgFhp5586sjokIFpFmA82inhpuT53WeSbXd8U9ANWk5QM6t1XDeuQk1tw9w94WHqzt4l1m73QvvyNsN9au2Ww1E3pXddhcq%2FlDiDfTFqY%2By0qJkexbUOHZfIHCtpI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
70c273d43ceaf13a-ARN
ncsu.js
uptimecdn.com/script/ Frame 5B73 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uptimecdn.com/script/ncsu.js
Requested by
Host: ragnarp.net
URL: https://ragnarp.net/embed/8ih71v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.55.40 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30b96cbd79ea8b8c3f364d6f19ca3b08f6ac761e272e99d828c2862f99ea2be0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash
crc32c=x7BeEA==, md5=kSba/RfBMpElRygfFUmk1g==
date
Mon, 16 May 2022 07:38:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3111
x-guploader-uploadid
ADPycdtJ0OS9p0QToOw5xiIbQKvWAcZjjGSMIpyq1cq_xyKnzwccuxGbOdA_iR1A1FvWq9YJNx-PVvDUw6l7ta2zipqJU0YCPaq2
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 12 May 2022 08:11:50 GMT
server
cloudflare
etag
W/"9126dafd17c132912547281f1549a4d6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ifoSPxmPla511JzoB8chvhiUfeWpRYHu%2B9Jg5L%2BZqZFqTnMzafAS9ZURFfNZkEonEp%2FoDeyTncW9cmw4sDxeEDPFbTzVNTE%2BtSxVH3wQgnW6x%2BmN40mHqtm5qWhwAjde"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1652343110590612
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=14400
x-goog-stored-content-length
88825
cf-ray
70c273d47f9dabce-CPH
expires
Mon, 16 May 2022 06:56:20 GMT
js
www.googletagmanager.com/gtag/ Frame 5B73 		99 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-184968220-1
Requested by
Host: ragnarp.net
URL: https://ragnarp.net/embed/8ih71v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
125773f68b8448060cc438ef21f53c4753ac5744df5dbef3942d7418e0ff998b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 07:38:12 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39200
x-xss-protection
0
last-modified
Mon, 16 May 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 16 May 2022 07:38:12 GMT
/
widgets.amung.us/draw/ Frame 5B73
Redirect Chain
  • https://whos.amung.us/cwidget/y7opzyrraw/000000ffffff.png
  • https://widgets.amung.us/draw/?w=colored&n=3658&c=000000ffffff&p=
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/draw/?w=colored&n=3658&c=000000ffffff&p=
Requested by
Host: ragnarp.net
URL: https://ragnarp.net/embed/8ih71v
Protocol
H2
Server
172.67.8.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23287cc8a7c0acf2245c7565082a4fdb3e010eca7777f7ccdbceb70bda7db829

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 07:38:12 GMT
cf-cache-status
HIT
last-modified
Sun, 15 May 2022 15:23:53 GMT
server
cloudflare
age
58459
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
content-disposition
filename=wau-widget.png
cf-ray
70c273d4edc99933-ARN
expires
Mon, 16 May 2022 15:23:53 GMT

Redirect headers

location
https://widgets.amung.us/draw/?w=colored&n=3658&c=000000ffffff&p=
date
Mon, 16 May 2022 07:38:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
css
fonts.googleapis.com/ Frame 5B73 		1 KB
898 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700
Requested by
Host: ragnarp.net
URL: https://ragnarp.net/css/embed.min.css?v=0.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
ESF /
Resource Hash
b4820095dbb33dffee5026491f08575d5adcb7e3cab956061f0cffb5052d78c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 16 May 2022 05:45:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 16 May 2022 07:38:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 16 May 2022 07:38:12 GMT
ut.js
uptimecdn.com/script/ Frame 5B73 		52 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uptimecdn.com/script/ut.js?cb=1652686692764
Requested by
Host: uptimecdn.com
URL: https://uptimecdn.com/script/ncsu.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.55.40 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce085c69909224b56a34cb0c6eb20f6cbe8c88234a0b541c7636dbe45b800407

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash
crc32c=1G6REg==, md5=gDLdkp92ciRk5WyuPfN0SA==
date
Mon, 16 May 2022 07:38:12 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycdtlYM7_6QkcQ-ufKvdp3tOK3OeQn27Jkub1zJUwG8aYqNBucqORVRP8HJqZd8cPMVTHvl2dMCKwjirVOaktpyc22A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 28 Apr 2022 07:18:18 GMT
server
cloudflare
etag
W/"8032dd929f76722464e56cae3df37448"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TtaWJfoS8pPHGSafPe4%2FgkFl310Nz0irUFUMbD9Yu1KKoWltZnAsJo7VN23oBcyqk80VKIImKWrqcKCqn6gXFgwzoGnpgEnFdRt2yj6GOeuefBXzAwtucANIXdiw9Lmx"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1651130297941385
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=14400
x-goog-stored-content-length
52866
cf-ray
70c273d62e4eabc8-CPH
expires
Mon, 16 May 2022 08:19:30 GMT
suurl4.php
youradexchange.com/script/ Frame 5B73 		1010 B
801 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/suurl4.php?r=3939411&cbur=0.9631654774661675&cbiframe=1&cbWidth=700&cbHeight=480&cbtitle=&cbpage=https%3A%2F%2Fmacron.xyz%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=uptimecdn.com&aggr=0&chmob=%3F0
Requested by
Host: uptimecdn.com
URL: https://uptimecdn.com/script/ncsu.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.41.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
8d65affe38e434366cb1aefb9de874ef7c43e80b36ac5fd12c6921916bafb819

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 16 May 2022 07:38:12 GMT
content-encoding
gzip
server
openresty
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
content-type
application/json; charset=utf-8
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ Frame 5B73 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ragnarp.net
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 10 May 2022 17:08:09 GMT
x-content-type-options
nosniff
age
484203
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23040
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 May 2023 17:08:09 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ Frame 5B73 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ragnarp.net
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 10 May 2022 17:08:09 GMT
x-content-type-options
nosniff
age
484203
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 May 2023 17:08:09 GMT
analytics.js
www.google-analytics.com/ Frame 5B73 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-184968220-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
202
date
Mon, 16 May 2022 07:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 16 May 2022 09:34:50 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| wdw object| wlp string| pm_token string| pm_tag string| pm_pid

1 Cookies

Domain/Path Name / Value
.cdn-server.top/ Name: yxpi
Value: d41d8cd98f00b204e9800998ecf8427e

2 Console Messages

Source Level URL
Text
network error URL: https://indebtedatrocious.com/f4/e6/b9/f4e6b95f4bf12f82da5c594c670bb23d.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
rendering warning URL: https://ragnarp.net/embed/8ih71v(Line 5)
Message:
Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

achcdn.com
bit.ly
cdn-server.top
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
indebtedatrocious.com
macron.xyz
p1.w-q-f-a.com
ragnarp.net
s10.histats.com
s4.histats.com
swarm.video
techusman.shop
uptimecdn.com
whos.amung.us
widgets.amung.us
www.google-analytics.com
www.googletagmanager.com
youradexchange.com
104.16.89.20
104.21.55.40
104.21.86.3
142.250.184.232
142.250.185.195
142.250.185.238
142.250.185.74
162.0.209.24
172.67.151.56
172.67.182.131
172.67.8.141
185.66.200.222
192.243.59.20
192.99.8.34
216.104.36.155
35.190.41.116
46.105.201.240
67.199.248.10
67.202.94.86
0d2556e6fe39f0adea7f7b90515e482645f702c89ff7206bae2514daed52b397
0e5b265650d72f4fed1ed14e88f618175c77badb1a6a73fe7716fe3b4ef42313
0e8714e1c7ce6159f6bff5085163212294c59e411ed4b10ad956ae0b2800d03d
125773f68b8448060cc438ef21f53c4753ac5744df5dbef3942d7418e0ff998b
1af68a720ca49a79f5b430d26d5b43db235e7a28c3c90461e1e66e406ff43197
2207fcd49173cc015e51613f5e57b0adac1621a5b0aaa026b297da18be7ef1a4
23287cc8a7c0acf2245c7565082a4fdb3e010eca7777f7ccdbceb70bda7db829
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
30b96cbd79ea8b8c3f364d6f19ca3b08f6ac761e272e99d828c2862f99ea2be0
3858ff6808c8383441424638e5cf09fef5fca35334954e99799b7b55d2a73b69
5d131687d06a69d28e4a9ad2d89f90f2cbe1d1d8c75c3c550ace04b41d29bec1
773b96986696e4b895bf0d7aa9bcc0ddcca1bc8790b114e3cc0a6c16e117815b
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8d65affe38e434366cb1aefb9de874ef7c43e80b36ac5fd12c6921916bafb819
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b4820095dbb33dffee5026491f08575d5adcb7e3cab956061f0cffb5052d78c6
bbfa938dd7bffc551b938b0159b1031c1e9c8fbedef2627da9fb1f0d384f3a12
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
ce085c69909224b56a34cb0c6eb20f6cbe8c88234a0b541c7636dbe45b800407
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
e5c2972aa0bde02daa99dd48f2e6e9a5ec9956db0103d35494a5449417189987