urlscan.io logo urlscan.io
SecurityTrails logo

todaysfreemembership.com Open in urlscan Pro
104.28.8.99  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cutt.us/sophiavote0067
Effective URL: https://todaysfreemembership.com/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c91...
Submission: On June 24 via manual from KR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 2 countries across 15 domains to perform 33 HTTP transactions. The main IP is 104.28.8.99, located in United States and belongs to CLOUDFLARENET, US. The main domain is todaysfreemembership.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on January 31st 2020. Valid for: 8 months.
This is the only time todaysfreemembership.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    69.61.26.122 (Atlanta, United States)

ASN22653 (GLOBALCOMPASS, US)
cutt.us
3    2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
adservice.google.de
pagead2.googlesyndication.com
1    2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    172.217.22.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s16-in-f2.1e100.net
securepubads.g.doubleclick.net
4    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:817::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
0eaa1a272027c34cb29083b935dd810c.safeframe.googlesyndication.com
3    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    18.194.231.23 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-231-23.eu-central-1.compute.amazonaws.com
go.clix-trak.com
9    104.28.8.99 (United States)

ASN13335 (CLOUDFLARENET, US)
todaysfreemembership.com
1    2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    104.31.74.224 (United States)

ASN13335 (CLOUDFLARENET, US)
geoip.joinsafelyonline.com
joinsafelyonline.com
2    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    172.67.146.235 (United States)

ASN13335 (CLOUDFLARENET, US)
rhsfty.com
2    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
9 todaysfreemembership.com 1 redirects go.clix-trak.com
todaysfreemembership.com
4 www.google-analytics.com www.googletagmanager.com
cutt.us
todaysfreemembership.com
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 fonts.gstatic.com todaysfreemembership.com
2 fonts.googleapis.com todaysfreemembership.com
2 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
1 rhsfty.com todaysfreemembership.com
1 joinsafelyonline.com 1 redirects
1 geoip.joinsafelyonline.com todaysfreemembership.com
1 cdnjs.cloudflare.com todaysfreemembership.com
1 pagead2.googlesyndication.com securepubads.g.doubleclick.net
1 go.clix-trak.com cutt.us
1 0eaa1a272027c34cb29083b935dd810c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com www.googletagservices.com
1 adservice.google.de www.googletagservices.com
1 www.googletagmanager.com cutt.us
1 www.googletagservices.com cutt.us
1 cutt.us
33 18

This site contains no links.

Subject Issuer Validity Valid
www.cutt.us
Let's Encrypt Authority X3		 2020-05-01 -
2020-07-30		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
*.google.de
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
go.clix-trak.com
Amazon		 2019-10-08 -
2020-11-08		 a year crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-01-31 -
2020-10-09		 8 months crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2		 2020-01-07 -
2020-10-09		 9 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://todaysfreemembership.com/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171
Frame ID: 605174BEA3E98BFC6E0B4D1D62215408
Requests: 33 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 543BB2F7D6646F0B2A3E66F0F9329CE3
Requests: 1 HTTP requests in this frame

Frame: https://rhsfty.com/newuser/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171&a_sid=1897&sitekey=2ac3d37350e83b7e&ts=1592958376&tsc=aabd0b29a2b721f61e38b8c8886c4425&rtr=1
Frame ID: A3DF7237FBF71F00E0C7B778A530A83D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://cutt.us/sophiavote0067 Page URL
  2. https://go.clix-trak.com/click?offer_id=171&affiliate_id=1897&sub_id1= Page URL
  3. http://todaysfreemembership.com/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a... HTTP 301
    https://todaysfreemembership.com/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

33
Requests

97 %
HTTPS

60 %
IPv6

15
Domains

18
Subdomains

16
IPs

2
Countries

6794 kB
Transfer

7334 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cutt.us/sophiavote0067 Page URL
  2. https://go.clix-trak.com/click?offer_id=171&affiliate_id=1897&sub_id1= Page URL
  3. http://todaysfreemembership.com/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171 HTTP 301
    https://todaysfreemembership.com/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://joinsafelyonline.com/routes/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171&a_sid=1897&autoun=1&autopw=1 HTTP 302
  • https://rhsfty.com/newuser/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171&a_sid=1897&sitekey=2ac3d37350e83b7e&ts=1592958376&tsc=aabd0b29a2b721f61e38b8c8886c4425&rtr=1

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
sophiavote0067
cutt.us/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cutt.us/sophiavote0067
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.61.26.122 Atlanta, United States, ASN22653 (GLOBALCOMPASS, US),
Reverse DNS
Software
Hotcores.com /
Resource Hash
2623afeb361b483a8a4d17cb5da5afe4b0cbba1c3bcf13e5073e7b2f70e784b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Host
cutt.us
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
Hotcores.com
Date
Wed, 24 Jun 2020 00:25:23 GMT
Content-Type
text/html; Charset=UTF-8;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
no-cache, must-revalidate, max-age=0
Pragma
no-cache
X-Robots-Tag
noindex, nofollow
I-AM
Beta
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Encoding
gzip
gpt.js
www.googletagservices.com/tag/js/ 		46 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: cutt.us
URL: https://cutt.us/sophiavote0067
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7b18bea47dc4dfc9318cb54aa2860d86b6d858c94c581009ccab77193c88d69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cutt.us/sophiavote0067
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Jun 2020 00:26:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"552 / 176 of 1000 / last-modified: 1592945903"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
15663
x-xss-protection
0
expires
Wed, 24 Jun 2020 00:26:12 GMT
js
www.googletagmanager.com/gtag/ 		83 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-31510493-1
Requested by
Host: cutt.us
URL: https://cutt.us/sophiavote0067
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
481244f0f150fce5cdd3ddd4c2f9725a103162d0bc2a5bb11d3309a048dc9ebd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://cutt.us/sophiavote0067
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Jun 2020 00:26:12 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33339
x-xss-protection
0
last-modified
Wed, 24 Jun 2020 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 24 Jun 2020 00:26:12 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
829 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=cutt.us
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cutt.us/sophiavote0067
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 24 Jun 2020 00:26:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
1009 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cutt.us
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cutt.us/sophiavote0067
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 24 Jun 2020 00:26:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
pubads_impl_2020061611.js
securepubads.g.doubleclick.net/gpt/ 		247 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js?21066498
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s16-in-f2.1e100.net
Software
sffe /
Resource Hash
fa85dcb00a408381b7639601205d10c5482f850365cee1632fba0ec4bdc55875
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cutt.us/sophiavote0067
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Jun 2020 00:26:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Jun 2020 21:48:10 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89804
x-xss-protection
0
expires
Wed, 24 Jun 2020 00:26:12 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-31510493-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cutt.us/sophiavote0067
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
5393
date
Tue, 23 Jun 2020 22:56:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Wed, 24 Jun 2020 00:56:19 GMT
collect
www.google-analytics.com/r/ 		35 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j83&a=2017733879&t=pageview&_s=1&dl=https%3A%2F%2Fcutt.us%2Fsophiavote0067&ul=en-us&de=UTF-8&dt=sophiavote0067&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=377463319&gjid=22551263&cid=1870601674.1592958373&tid=UA-31510493-1&_gid=1799026498.1592958373&_r=1&gtm=2ou6a0&z=698872275
Requested by
Host: cutt.us
URL: https://cutt.us/sophiavote0067
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cutt.us/sophiavote0067
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Jun 2020 00:26:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		397 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=142958988334463&correlator=4275743140041842&output=ldjh&impl=fif&adsid=NT&eid=21066498%2C21063048%2C21064367%2C21066340%2C21066460&vrg=2020061611&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200624&iu_parts=5837603%2CCutt_360&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x360&cookie_enabled=1&bc=31&abxe=1&lmt=1592958372&dt=1592958372936&dlt=1592958372743&idt=176&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1933368604&ucis=1&ifi=1&u_tz=120&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcutt.us%2Fsophiavote0067&dssz=10&icsg=680&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x423&msz=0x0&ga_vid=1870601674.1592958373&ga_sid=1592958373&ga_hid=2017733879&fws=128&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js?21066498
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s16-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cutt.us/sophiavote0067
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Jun 2020 00:26:12 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
210
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cutt.us
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
0eaa1a272027c34cb29083b935dd810c.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://0eaa1a272027c34cb29083b935dd810c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js?21066498
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://cutt.us/sophiavote0067
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js?21066498
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://cutt.us/sophiavote0067
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
click
go.clix-trak.com/ 		9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.clix-trak.com/click?offer_id=171&affiliate_id=1897&sub_id1=
Requested by
Host: cutt.us
URL: https://cutt.us/sophiavote0067
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.231.23 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-231-23.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips PHP/7.3.11 / PHP/7.3.11
Resource Hash
e05b20dec07fd82d59a6647b8c1ecbd359728c5d70aa852077fd64e95a0387bf

Request headers

:method
GET
:authority
go.clix-trak.com
:scheme
https
:path
/click?offer_id=171&affiliate_id=1897&sub_id1=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://cutt.us/sophiavote0067
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://cutt.us/sophiavote0067

Response headers

status
200
date
Wed, 24 Jun 2020 00:26:13 GMT
content-type
text/html; charset=UTF-8
set-cookie
AWSALB=9XXlRP6CKLTc0wqdlDSy6tGtLRXEiUdPIRFMPG9KbJMWYTKgsWFRM4sEJUK+N5cs9KX9Ud0y9z8Ppj07MRfbafGF33j4Ek17/35R47lhgRpB600WcZGT27OnisUG; Expires=Wed, 01 Jul 2020 00:26:13 GMT; Path=/ AWSALBCORS=9XXlRP6CKLTc0wqdlDSy6tGtLRXEiUdPIRFMPG9KbJMWYTKgsWFRM4sEJUK+N5cs9KX9Ud0y9z8Ppj07MRfbafGF33j4Ek17/35R47lhgRpB600WcZGT27OnisUG; Expires=Wed, 01 Jul 2020 00:26:13 GMT; Path=/; SameSite=None; Secure o_a4a042cf4fd6bfb47701cbc8a1653ada=2219748; expires=Wed, 01-Jul-2020 00:26:13 GMT; Max-Age=604800; path=/ PHPSESSID=uti3g58tlhlkaaarcm4n1e1mnf; path=/; HttpOnly _csrf=f0d1eae3065e330698f56f411675c7041fc049c1cfcfa720ca7ecce77d378a5ea%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22sRSAviMsHhXQ7kGcfYfUneqZjQc91Nfu%22%3B%7D; path=/; HttpOnly
server
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips PHP/7.3.11
x-powered-by
PHP/7.3.11
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
sodar
pagead2.googlesyndication.com/getconfig/ 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020061611&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js?21066498
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cutt.us/sophiavote0067
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 24 Jun 2020 00:26:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
5569
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js?21066498
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cutt.us/sophiavote0067
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Jun 2020 00:26:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1591403518460474"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5540
x-xss-protection
0
expires
Wed, 24 Jun 2020 00:26:13 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 543B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/210/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cutt.us/sophiavote0067
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://cutt.us/sophiavote0067

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4590
date
Tue, 23 Jun 2020 23:22:06 GMT
expires
Wed, 23 Jun 2021 23:22:06 GMT
last-modified
Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3847
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0
Primary Request /
todaysfreemembership.com/
Redirect Chain
  • http://todaysfreemembership.com/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171
  • https://todaysfreemembership.com/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171
6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://todaysfreemembership.com/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171
Requested by
Host: go.clix-trak.com
URL: https://go.clix-trak.com/click?offer_id=171&affiliate_id=1897&sub_id1=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.8.99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1b02005050278da974b23093295d0d413a80ee9af3d7a4ba2032ad4fb882cfe

Request headers

:method
GET
:authority
todaysfreemembership.com
:scheme
https
:path
/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://go.clix-trak.com/click?offer_id=171&affiliate_id=1897&sub_id1=

Response headers

status
200
date
Wed, 24 Jun 2020 00:26:14 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d9bbfe6405ab52cb0816400a6b38e8dd71592958373; expires=Fri, 24-Jul-20 00:26:13 GMT; path=/; domain=.todaysfreemembership.com; HttpOnly; SameSite=Lax
cf-cache-status
DYNAMIC
cf-request-id
038550e6020000e8ef3115b200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5a8250e99eb1e8ef-MXP
content-encoding
br

Redirect headers

Date
Wed, 24 Jun 2020 00:26:13 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Wed, 24 Jun 2020 01:26:13 GMT
Location
https://todaysfreemembership.com/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171
cf-request-id
038550e59e0000f923ef14c200000001
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
5a8250e8f80bf923-MXP
bootstrap.min.css
todaysfreemembership.com/css/ 		115 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://todaysfreemembership.com/css/bootstrap.min.css
Requested by
Host: todaysfreemembership.com
URL: https://todaysfreemembership.com/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.8.99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5

Request headers

Referer
https://todaysfreemembership.com/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Jun 2020 00:26:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 17 Mar 2017 00:28:49 GMT
server
cloudflare
age
1740
etag
W/"58cb2dc1-1ca39"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
5a8250ee1cc6e8ef-MXP
cf-request-id
038550e8d00000e8ef31172200000001
font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		37 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
Requested by
Host: todaysfreemembership.com
URL: https://todaysfreemembership.com/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://todaysfreemembership.com/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Jun 2020 00:26:14 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
6920314
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
038550e8c80000145a21bf0200000001
served-in-seconds
0.001
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:19:53 GMT
server
cloudflare
etag
W/"5afd4939-9226"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
5a8250ee09d3145a-FRA
expires
Mon, 14 Jun 2021 00:26:14 GMT
/
geoip.joinsafelyonline.com/ 		394 B
550 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geoip.joinsafelyonline.com/
Requested by
Host: todaysfreemembership.com
URL: https://todaysfreemembership.com/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.74.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c2dcc05cb1ef5686e10917a399b1bcdaad3dd11be966c5fcfbd474b83507b6

Request headers

Referer
https://todaysfreemembership.com/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Jun 2020 00:26:14 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
5a8250ee7ec6d614-MXP
cf-request-id
038550e9060000d614d0134200000001
expires
0
main.css
todaysfreemembership.com/css/ 		22 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://todaysfreemembership.com/css/main.css
Requested by
Host: todaysfreemembership.com
URL: https://todaysfreemembership.com/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.8.99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
936655003b417a05ca28b5483be94da72f77d859e868f12723a9275523d39fe5

Request headers

Referer
https://todaysfreemembership.com/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Jun 2020 00:26:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 07 Apr 2017 20:00:50 GMT
server
cloudflare
age
1741
etag
W/"58e7eff2-5737"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
5a8250ee1cc8e8ef-MXP
cf-request-id
038550e8d10000e8ef31173200000001
css
fonts.googleapis.com/ 		2 KB
639 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400
Requested by
Host: todaysfreemembership.com
URL: https://todaysfreemembership.com/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
06818b2c41364e70021d420e1cc98f4bbcc0a082f6dbd02bb5a272c12b7764b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://todaysfreemembership.com/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 23 Jun 2020 23:35:17 GMT
server
ESF
date
Wed, 24 Jun 2020 00:26:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 Jun 2020 00:26:14 GMT
media.gif
todaysfreemembership.com/assets/daily/tuesday/mobile/ 		4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://todaysfreemembership.com/assets/daily/tuesday/mobile/media.gif
Requested by
Host: todaysfreemembership.com
URL: https://todaysfreemembership.com/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.8.99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3cf1bbae93d960427206165a123e1b309b92cea5364175eddaad27d2d49d690

Request headers

Referer
https://todaysfreemembership.com/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Jun 2020 00:26:14 GMT
cf-cache-status
HIT
last-modified
Mon, 03 Apr 2017 14:11:38 GMT
server
cloudflare
age
1739
etag
"58e2581a-4165b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5a8250ef1e43e8ef-MXP
content-length
4285877
cf-request-id
038550e96b0000e8ef31181200000001
jquery.js
todaysfreemembership.com/js/ 		94 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://todaysfreemembership.com/js/jquery.js
Requested by
Host: todaysfreemembership.com
URL: https://todaysfreemembership.com/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.8.99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24262baafef17092927c3dafe764aaa52a2a371b83ed2249cca7e414df99fac1

Request headers

Referer
https://todaysfreemembership.com/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Jun 2020 00:26:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 17 Mar 2017 00:28:49 GMT
server
cloudflare
age
1740
etag
W/"58cb2dc1-17629"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
5a8250ee6d22e8ef-MXP
cf-request-id
038550e9030000e8ef31174200000001
iframeResizer.min.js
todaysfreemembership.com/common/js/iframeResizer/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://todaysfreemembership.com/common/js/iframeResizer/iframeResizer.min.js
Requested by
Host: todaysfreemembership.com
URL: https://todaysfreemembership.com/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.8.99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35a59efb7049b51b061c5b4a00d2cb1a648a047a3406d55e500f3d6349052d33

Request headers

Referer
https://todaysfreemembership.com/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Jun 2020 00:26:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 04 Jan 2018 18:22:27 GMT
server
cloudflare
age
1741
etag
W/"5a4e70e3-2e17"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
5a8250eead6ee8ef-MXP
cf-request-id
038550e92c0000e8ef3117a200000001
bootstrap.min.js
todaysfreemembership.com/js/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://todaysfreemembership.com/js/bootstrap.min.js
Requested by
Host: todaysfreemembership.com
URL: https://todaysfreemembership.com/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.8.99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8

Request headers

Referer
https://todaysfreemembership.com/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Jun 2020 00:26:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 17 Mar 2017 00:28:49 GMT
server
cloudflare
age
1740
etag
W/"58cb2dc1-8c6f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
5a8250eeddade8ef-MXP
cf-request-id
038550e9490000e8ef3117c200000001
css
fonts.googleapis.com/ 		3 KB
724 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oleo+Script|Open+Sans
Requested by
Host: todaysfreemembership.com
URL: https://todaysfreemembership.com/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
878f913cadf3b2401d32f81408b1d2f294715d2880ed6464f4beb17eb9e82e8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://todaysfreemembership.com/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 24 Jun 2020 00:26:14 GMT
server
ESF
date
Wed, 24 Jun 2020 00:26:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 Jun 2020 00:26:14 GMT
media.mp4
todaysfreemembership.com/assets/daily/tuesday/video/ 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://todaysfreemembership.com/assets/daily/tuesday/video/media.mp4
Requested by
Host: todaysfreemembership.com
URL: https://todaysfreemembership.com/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.8.99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd420edbd05738a3d1775dc2b52aabc6b3d1ac42b5b6e3764347fe83129ddfb4

Request headers

Referer
https://todaysfreemembership.com/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 24 Jun 2020 00:26:15 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 03 Apr 2017 14:10:58 GMT
server
cloudflare
etag
"58e257f2-23f370"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
206
content-type
video/mp4
Content-Range
bytes 0-2356079/2356080
cf-ray
5a8250f2cb05e8ef-MXP
Content-Length
2356080
cf-request-id
038550ebba0000e8ef311a1200000001
/
rhsfty.com/newuser/ Frame A3DF
Redirect Chain
  • https://joinsafelyonline.com/routes/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171&a_sid=1897&autoun=1&autopw=1
  • https://rhsfty.com/newuser/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171&a_sid=1897&sitekey=2ac3d37350e83b7e&...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://rhsfty.com/newuser/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171&a_sid=1897&sitekey=2ac3d37350e83b7e&ts=1592958376&tsc=aabd0b29a2b721f61e38b8c8886c4425&rtr=1
Requested by
Host: todaysfreemembership.com
URL: https://todaysfreemembership.com/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.146.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
rhsfty.com
:scheme
https
:path
/newuser/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171&a_sid=1897&sitekey=2ac3d37350e83b7e&ts=1592958376&tsc=aabd0b29a2b721f61e38b8c8886c4425&rtr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://todaysfreemembership.com/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://todaysfreemembership.com/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171

Response headers

status
200
date
Wed, 24 Jun 2020 00:26:16 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=da7d263e96ed36297b1fe8c8e445229841592958376; expires=Fri, 24-Jul-20 00:26:16 GMT; path=/; domain=.rhsfty.com; HttpOnly; SameSite=Lax; Secure PHPSESSID=b2fb6acc2c42bb281fc7ca486f227ac2; path=/; secure; SameSite=None
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
expires
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cf-cache-status
DYNAMIC
cf-request-id
038550f0fd0000d8ed18a48200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5a8250fb2cb2d8ed-AMS
content-encoding
br

Redirect headers

status
302
date
Wed, 24 Jun 2020 00:26:16 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=ddd52aded3e02c4b4cf69c5fd7b219fcd1592958374; expires=Fri, 24-Jul-20 00:26:14 GMT; path=/; domain=.joinsafelyonline.com; HttpOnly; SameSite=Lax; Secure PHPSESSID=49d53cbe90c7ede6f53d6a384d7e9cdb; path=/; secure; SameSite=None
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
expires
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://rhsfty.com/newuser/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171&a_sid=1897&sitekey=2ac3d37350e83b7e&ts=1592958376&tsc=aabd0b29a2b721f61e38b8c8886c4425&rtr=1
cf-cache-status
DYNAMIC
cf-request-id
038550ebf10000d614d0146200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5a8250f31cc1d614-MXP
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: todaysfreemembership.com
URL: https://todaysfreemembership.com/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://todaysfreemembership.com/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
5395
date
Tue, 23 Jun 2020 22:56:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Wed, 24 Jun 2020 00:56:19 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: todaysfreemembership.com
URL: https://todaysfreemembership.com/js/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Oleo+Script|Open+Sans
Origin
https://todaysfreemembership.com

Response headers

date
Tue, 09 Jun 2020 22:05:52 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
1218022
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Wed, 09 Jun 2021 22:05:52 GMT
rax5HieDvtMOe0iICsUccChdu0_y8zac.woff2
fonts.gstatic.com/s/oleoscript/v8/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oleoscript/v8/rax5HieDvtMOe0iICsUccChdu0_y8zac.woff2
Requested by
Host: todaysfreemembership.com
URL: https://todaysfreemembership.com/js/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a8fa64052ca144061a70622bbac56e630d73be314e369d99b6f7b1e39f9efa9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Oleo+Script|Open+Sans
Origin
https://todaysfreemembership.com

Response headers

date
Wed, 10 Jun 2020 11:30:27 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 03:07:22 GMT
server
sffe
age
1169747
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12484
x-xss-protection
0
expires
Thu, 10 Jun 2021 11:30:27 GMT
collect
www.google-analytics.com/r/ 		35 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j83&a=528348048&t=pageview&_s=1&dl=https%3A%2F%2Ftodaysfreemembership.com%2F%3Fofid%3D71%26autoun%3D1%26autopw%3D1%26a_aid%3Djeronimo20%26a_bid%3Deef74d22%26x_hash%3D3889c7281a55100b8ec1d969e83c9154%26x_affiliate_id%3D1897%26x_offer_id%3D171&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=794283264&gjid=38023269&cid=1768825947.1592958375&tid=UA-92720013-6&_gid=1043463219.1592958375&_r=1&z=60052231
Requested by
Host: todaysfreemembership.com
URL: https://todaysfreemembership.com/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://todaysfreemembership.com/?ofid=71&autoun=1&autopw=1&a_aid=jeronimo20&a_bid=eef74d22&x_hash=3889c7281a55100b8ec1d969e83c9154&x_affiliate_id=1897&x_offer_id=171
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Jun 2020 00:26:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020061611&jk=142958988334463&bg=!NDelNy9YpWMOo9DF-XwCAAAARFIAAAAMmQF4HTRAknxJNAAhb3ghHX4Hx29iYyfZaYAd7UgBDpQxREP8IAqyVGqOl2XS85mDQtXpE8wgLqYVla2wHznDf8PLoG7wJNDaErpOQMfLu5ioibLKLusJwjB6v8vZ0iVJhmXCxm_5c6xDXJG7u1CJq9DwVOK_EcQEI3GnaTxAX9Z0LJjw8KW_AGkY4EV90XzBbX-U4kkV3i6r85e-0Ugoi_WoSG6lHo4dl_Z3SkVGY5T4C-MEhNdOj2hsqZ-cCEU4Oqhg_6Kpk15WWsS9xgZK6DB2r7VXzAbQx2VhUXkuHG_rL6FyrQALHK6indS3OFZlQKgmbFWALcWwzxPPr4pmUnq3EW0IHmoLuvHobxSf-orAVyhGQ9wgx6ynqHU9HTTUxuNeD3CvNCGLwAzInkKuoty10il5zT7BL_2lIu0b-hQED4u4UUqHzuclkv6B01jWRaniWXljsjF_4G8ZhbCIqsANUObp6_RW-x8EtMwL20pt-oY3ozc0B5ZIGA

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| geoip_country_code function| geoip_country_name function| geoip_city function| geoip_region function| geoip_region_name function| geoip_latitude function| geoip_longitude function| geoip_postal_code function| geoip_resolved_ip function| $ function| jQuery function| iFrameResize string| GoogleAnalyticsObject function| ga object| jQuery1111013320784077868963 object| google_tag_data object| gaplugins object| gaGlobal object| gaData

10 Cookies

Domain/Path Name / Value
.rhsfty.com/ Name: __utmb
Value: 69496403.1.10.1592958378
.rhsfty.com/ Name: __utmt
Value: 1
.rhsfty.com/ Name: __utmc
Value: 69496403
.rhsfty.com/ Name: __utma
Value: 69496403.1343401287.1592958378.1592958378.1592958378.1
rhsfty.com/ Name: PHPSESSID
Value: b2fb6acc2c42bb281fc7ca486f227ac2
.todaysfreemembership.com/ Name: _gat
Value: 1
.rhsfty.com/ Name: __utmz
Value: 69496403.1592958378.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.todaysfreemembership.com/ Name: _ga
Value: GA1.2.1768825947.1592958375
.todaysfreemembership.com/ Name: _gid
Value: GA1.2.1043463219.1592958375
.todaysfreemembership.com/ Name: __cfduid
Value: d9bbfe6405ab52cb0816400a6b38e8dd71592958373

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0eaa1a272027c34cb29083b935dd810c.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
cdnjs.cloudflare.com
cutt.us
fonts.googleapis.com
fonts.gstatic.com
geoip.joinsafelyonline.com
go.clix-trak.com
joinsafelyonline.com
pagead2.googlesyndication.com
rhsfty.com
securepubads.g.doubleclick.net
todaysfreemembership.com
tpc.googlesyndication.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
pagead2.googlesyndication.com
104.28.8.99
104.31.74.224
172.217.22.34
172.67.146.235
18.194.231.23
2606:4700::6810:85e5
2a00:1450:4001:802::2008
2a00:1450:4001:802::200e
2a00:1450:4001:808::2001
2a00:1450:4001:808::2002
2a00:1450:4001:808::200a
2a00:1450:4001:817::2001
2a00:1450:4001:817::2002
2a00:1450:4001:81d::2003
69.61.26.122
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06818b2c41364e70021d420e1cc98f4bbcc0a082f6dbd02bb5a272c12b7764b2
24262baafef17092927c3dafe764aaa52a2a371b83ed2249cca7e414df99fac1
2623afeb361b483a8a4d17cb5da5afe4b0cbba1c3bcf13e5073e7b2f70e784b3
33c2dcc05cb1ef5686e10917a399b1bcdaad3dd11be966c5fcfbd474b83507b6
35a59efb7049b51b061c5b4a00d2cb1a648a047a3406d55e500f3d6349052d33
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
481244f0f150fce5cdd3ddd4c2f9725a103162d0bc2a5bb11d3309a048dc9ebd
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
878f913cadf3b2401d32f81408b1d2f294715d2880ed6464f4beb17eb9e82e8e
8a8fa64052ca144061a70622bbac56e630d73be314e369d99b6f7b1e39f9efa9
936655003b417a05ca28b5483be94da72f77d859e868f12723a9275523d39fe5
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
b3cf1bbae93d960427206165a123e1b309b92cea5364175eddaad27d2d49d690
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
e05b20dec07fd82d59a6647b8c1ecbd359728c5d70aa852077fd64e95a0387bf
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
f1b02005050278da974b23093295d0d413a80ee9af3d7a4ba2032ad4fb882cfe
f7b18bea47dc4dfc9318cb54aa2860d86b6d858c94c581009ccab77193c88d69
fa85dcb00a408381b7639601205d10c5482f850365cee1632fba0ec4bdc55875
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
fd420edbd05738a3d1775dc2b52aabc6b3d1ac42b5b6e3764347fe83129ddfb4