urlscan.io logo urlscan.io
SecurityTrails logo

www.usasavingcenter.com Open in urlscan Pro
18.210.237.202  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.www.www.facebook.xn--xgb.com/
Effective URL: https://www.usasavingcenter.com/
Submission: On August 21 via automatic, source certstream-suspicious — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 12 domains to perform 27 HTTP transactions. The main IP is 18.210.237.202, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.usasavingcenter.com.
TLS certificate: Issued by E5 on July 19th 2024. Valid for: 3 months.
This is the only time www.usasavingcenter.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 104.247.81.112 206834 (TEAMINTER...)
1 2600:9000:220... 16509 (AMAZON-02)
1 2 52.202.166.43 14618 (AMAZON-AES)
1 2 3.33.192.145 16509 (AMAZON-02)
1 130.211.29.114 396982 (GOOGLE-CL...)
2 35.241.15.240 396982 (GOOGLE-CL...)
1 1 173.239.53.32 27257 (WEBAIR-IN...)
1 1 95.217.202.210 24940 (HETZNER-AS)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 18.210.237.202 14618 (AMAZON-AES)
10 18.119.253.61 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
27 11
4    104.247.81.112 (Canada)

ASN206834 (TEAMINTERNET-CA-AS, DE)
www.www.www.facebook.xn--xgb.com
1    2600:9000:2209:8000:1d:4618:5c80:21 (United States)

ASN16509 (AMAZON-02, US)
d38psrni17bvxu.cloudfront.net
2    52.202.166.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-166-43.compute-1.amazonaws.com
alfar-fur.com
2    3.33.192.145 (United States)

ASN16509 (AMAZON-02, US)
PTR: ab226b763647f1870.awsglobalaccelerator.com
starchoice-1.online
1    130.211.29.114 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 114.29.211.130.bc.googleusercontent.com
cdn.perfdrive.com
2    35.241.15.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.15.241.35.bc.googleusercontent.com
cas.avalon.perfdrive.com
1    173.239.53.32 (New York, United States)

ASN27257 (WEBAIR-INTERNET, US)
xml-v4.setlitescmode-3.online
1    95.217.202.210 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: server.zeep.ly
zeep.ly
1    2606:4700:20::681a:956 (United States)

ASN13335 (CLOUDFLARENET, US)
tny.sh
2    18.210.237.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-237-202.compute-1.amazonaws.com
www.usasavingcenter.com
10    18.119.253.61 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-119-253-61.us-east-2.compute.amazonaws.com
o.b5z.net
1    2607:f8b0:4006:80b::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2607:f8b0:4006:81e::200a (United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2607:f8b0:4006:820::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
10 b5z.net
o.b5z.net
54 KB
4 xn--xgb.com
www.www.www.facebook.xn--xgb.com
4 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
ajax.googleapis.com — Cisco Umbrella Rank: 641
102 KB
3 perfdrive.com
cdn.perfdrive.com — Cisco Umbrella Rank: 61574
cas.avalon.perfdrive.com — Cisco Umbrella Rank: 17559
90 KB
2 gstatic.com
fonts.gstatic.com
29 KB
2 usasavingcenter.com
www.usasavingcenter.com
6 KB
2 starchoice-1.online
starchoice-1.online — Cisco Umbrella Rank: 316472
21 KB
2 alfar-fur.com
alfar-fur.com
4 KB
1 tny.sh
tny.sh
837 B
1 zeep.ly
zeep.ly — Cisco Umbrella Rank: 450429
509 B
1 setlitescmode-3.online
xml-v4.setlitescmode-3.online
175 B
1 cloudfront.net
d38psrni17bvxu.cloudfront.net
1 KB
27 12
Domain Requested by
10 o.b5z.net www.usasavingcenter.com
o.b5z.net
4 www.www.www.facebook.xn--xgb.com d38psrni17bvxu.cloudfront.net
www.www.www.facebook.xn--xgb.com
2 fonts.gstatic.com fonts.googleapis.com
2 ajax.googleapis.com www.usasavingcenter.com
2 www.usasavingcenter.com starchoice-1.online
2 cas.avalon.perfdrive.com cdn.perfdrive.com
2 starchoice-1.online 1 redirects alfar-fur.com
2 alfar-fur.com 1 redirects www.www.www.facebook.xn--xgb.com
1 fonts.googleapis.com www.usasavingcenter.com
1 tny.sh 1 redirects
1 zeep.ly 1 redirects
1 xml-v4.setlitescmode-3.online 1 redirects
1 cdn.perfdrive.com starchoice-1.online
1 d38psrni17bvxu.cloudfront.net www.www.www.facebook.xn--xgb.com
27 14

This site contains links to these domains. Also see Links.

Domain
www.creditkarma.com
www.fharateguide.com
www.makeaneasywebsite.com
Subject Issuer Validity Valid
www.www.www.facebook.xn--xgb.com
R10		 2024-08-21 -
2024-11-19		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
alfar-fur.com
Amazon RSA 2048 M02		 2024-08-07 -
2025-09-05		 a year crt.sh
starchoice-1.online
Amazon RSA 2048 M02		 2024-07-03 -
2025-08-01		 a year crt.sh
*.perfdrive.com
Go Daddy Secure Certificate Authority - G2		 2023-09-21 -
2024-09-26		 a year crt.sh
cas.avalon.perfdrive.com
Go Daddy Secure Certificate Authority - G2		 2024-07-26 -
2025-08-05		 a year crt.sh
www.usasavingcenter.com
E5		 2024-07-19 -
2024-10-17		 3 months crt.sh
*.b5z.net
R10		 2024-06-27 -
2024-09-25		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.usasavingcenter.com/
Frame ID: CBB8B37EEFDDA6619F079D1A401C6D93
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home

Page URL History Show full URLs

  1. https://www.www.www.facebook.xn--xgb.com/ Page URL
  2. http://alfar-fur.com/zclkvisitor/9e63a0c1-600f-11ef-8d31-0afff9f2dd6d/1304ac30-8585-11eb-af9e-0a5... HTTP 307
    https://alfar-fur.com/zclkvisitor/9e63a0c1-600f-11ef-8d31-0afff9f2dd6d/1304ac30-8585-11eb-af9e-0a5... Page URL
  3. https://alfar-fur.com/zclkredirect?visitid=9e63a0c1-600f-11ef-8d31-0afff9f2dd6d&type=js&browserWid... HTTP 302
    http://starchoice-1.online/api/v1/px?xmlid=Z1ger8bwAoCSvz0NeiLEjnFlB47DCbVvWVzHZOv1 HTTP 307
    https://starchoice-1.online/api/v1/px?xmlid=Z1ger8bwAoCSvz0NeiLEjnFlB47DCbVvWVzHZOv1 Page URL
  4. https://starchoice-1.online/api/v1/pxcheck?impId=Z1ger8bwAoCSvz0NeiLEjnFlB47DCbVvWVzHZOv1&minfo=eyJjb29r... HTTP 302
    http://xml-v4.setlitescmode-3.online/click?seat=3010596&i=PS9TtHI7HqI_0 HTTP 307
    https://xml-v4.setlitescmode-3.online/click?seat=3010596&i=PS9TtHI7HqI_0 HTTP 302
    https://zeep.ly/wkDJX HTTP 301
    http://tny.sh/grQjg1y HTTP 307
    https://tny.sh/grQjg1y HTTP 302
    http://www.usasavingcenter.com/ HTTP 307
    https://www.usasavingcenter.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

27
Requests

100 %
HTTPS

36 %
IPv6

12
Domains

14
Subdomains

11
IPs

3
Countries

312 kB
Transfer

925 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.www.www.facebook.xn--xgb.com/ Page URL
  2. http://alfar-fur.com/zclkvisitor/9e63a0c1-600f-11ef-8d31-0afff9f2dd6d/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=9e76daa3-600f-11ef-8d31-0afff9f2dd6d HTTP 307
    https://alfar-fur.com/zclkvisitor/9e63a0c1-600f-11ef-8d31-0afff9f2dd6d/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=9e76daa3-600f-11ef-8d31-0afff9f2dd6d Page URL
  3. https://alfar-fur.com/zclkredirect?visitid=9e63a0c1-600f-11ef-8d31-0afff9f2dd6d&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC-10%3A00&timezoneName=Pacific%2FHonolulu HTTP 302
    http://starchoice-1.online/api/v1/px?xmlid=Z1ger8bwAoCSvz0NeiLEjnFlB47DCbVvWVzHZOv1 HTTP 307
    https://starchoice-1.online/api/v1/px?xmlid=Z1ger8bwAoCSvz0NeiLEjnFlB47DCbVvWVzHZOv1 Page URL
  4. https://starchoice-1.online/api/v1/pxcheck?impId=Z1ger8bwAoCSvz0NeiLEjnFlB47DCbVvWVzHZOv1&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTI3LjAuMC4wIFNhZmFyaS81MzcuMzYiLCJpZnJhbWUiOmZhbHNlLCJkZXZpY2VQaXhlbFJhdGlvIjoxLCJ3bmRMb2NIcmVmIjoiaHR0cHM6Ly9zdGFyY2hvaWNlLTEub25saW5lL2FwaS92MS9weD94bWxpZD1aMWdlcjhid0FvQ1N2ejBOZWlMRWpuRmxCNDdEQ2JWdldWekhaT3YxIiwiZGV2aWNlU3JlZW5TaXplIjoiMTIwMHgxNjAwIiwiZGV2aWNlV2luZG93U2l6ZSI6IjEyMDB4MTYwMCIsInduZDJzcmNSYXRpb0x3cjA2IjpmYWxzZSwiZWZmZWN0aXZlVHlwZSI6IjRnIiwiaXNCb3QiOmZhbHNlLCJmQm90TmFtZSI6IiIsImZSZWFzb25zIjoiIn0= HTTP 302
    http://xml-v4.setlitescmode-3.online/click?seat=3010596&i=PS9TtHI7HqI_0 HTTP 307
    https://xml-v4.setlitescmode-3.online/click?seat=3010596&i=PS9TtHI7HqI_0 HTTP 302
    https://zeep.ly/wkDJX HTTP 301
    http://tny.sh/grQjg1y HTTP 307
    https://tny.sh/grQjg1y HTTP 302
    http://www.usasavingcenter.com/ HTTP 307
    https://www.usasavingcenter.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • http://alfar-fur.com/zclkvisitor/9e63a0c1-600f-11ef-8d31-0afff9f2dd6d/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=9e76daa3-600f-11ef-8d31-0afff9f2dd6d HTTP 307
  • https://alfar-fur.com/zclkvisitor/9e63a0c1-600f-11ef-8d31-0afff9f2dd6d/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=9e76daa3-600f-11ef-8d31-0afff9f2dd6d
Request Chain 6
  • https://alfar-fur.com/zclkredirect?visitid=9e63a0c1-600f-11ef-8d31-0afff9f2dd6d&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC-10%3A00&timezoneName=Pacific%2FHonolulu HTTP 302
  • http://starchoice-1.online/api/v1/px?xmlid=Z1ger8bwAoCSvz0NeiLEjnFlB47DCbVvWVzHZOv1 HTTP 307
  • https://starchoice-1.online/api/v1/px?xmlid=Z1ger8bwAoCSvz0NeiLEjnFlB47DCbVvWVzHZOv1

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.www.www.facebook.xn--xgb.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.www.www.facebook.xn--xgb.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.247.81.112 , Canada, ASN206834 (TEAMINTERNET-CA-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
667fcaeb762d5a45cf4b45790ae389e68d16132f1d7255da5252ac1bcffddd78

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Accept-Ch
viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
Accept-Ch-Lifetime
30
Content-Encoding
gzip
Content-Length
1337
Content-Type
text/html; charset=UTF-8
Date
Wed, 21 Aug 2024 22:49:27 GMT
Server
nginx
Vary
Accept-Encoding
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_j4Gw+LjMm5WEMUXoi+9zRSSRnOPMpW9f1oyL3RviMKXBWR1uLt/JNmNnU6lroQrN9zmxFhwx9JjsIUGOAoR5XQ==
X-Buckets
bucket105,bucket077
X-Domain
xn--xgb.com
X-Language
english
X-Redirect
zeropark_zeroclick
X-Subdomain
www.www.www.facebook
X-Template
tpl_CleanPeppermintBlack_twoclick
js3.js
d38psrni17bvxu.cloudfront.net/scripts/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Requested by
Host: www.www.www.facebook.xn--xgb.com
URL: https://www.www.www.facebook.xn--xgb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:8000:1d:4618:5c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9

Request headers

Referer
https://www.www.www.facebook.xn--xgb.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 23:10:38 GMT
via
1.1 3f65d34f6010e326e59d2f311de6e202.cloudfront.net (CloudFront)
last-modified
Thu, 21 Mar 2024 11:48:11 GMT
server
nginx
x-amz-cf-pop
EWR53-P1
age
85129
etag
"65fc1e7b-448"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
1096
x-amz-cf-id
WvQ6hxifSPL-TsvVPEY-J9cEMhd9bOKVyjtcVnvwIQ9WkciztJyQGg==
track.php
www.www.www.facebook.xn--xgb.com/ 		0
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.www.www.facebook.xn--xgb.com/track.php?domain=xn--xgb.com&toggle=browserjs&uid=MTcyNDI4MDU2Ni45MjQ3OjQzZDNlZDU2YjcxMTlkNjIwN2IzNzZjMGNmMmExNjdiMDE0M2UzYWM5ZGFlMDViOWUzZDRhNzFhYjlhZGVmNTY6NjZjNjZlZjZlMWMyYg%3D%3D
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.247.81.112 , Canada, ASN206834 (TEAMINTERNET-CA-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

device-memory
8
rtt
150
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://www.www.www.facebook.xn--xgb.com/
dpr
1
downlink
10
ect
4g

Response headers

Date
Wed, 21 Aug 2024 22:49:27 GMT
Content-Encoding
gzip
Accept-Ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Server
nginx
X-Custom-Track
browserjs
Vary
Accept-Encoding
Accept-Ch-Lifetime
30
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Content-Length
20
ls.php
www.www.www.facebook.xn--xgb.com/ 		16 B
863 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.www.www.facebook.xn--xgb.com/ls.php?t=66c66ef7&token=a2301611b1185533dd80cb48902e93ab23d0c46e
Requested by
Host: www.www.www.facebook.xn--xgb.com
URL: https://www.www.www.facebook.xn--xgb.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.247.81.112 , Canada, ASN206834 (TEAMINTERNET-CA-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

device-memory
8
rtt
150
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://www.www.www.facebook.xn--xgb.com/
dpr
1
downlink
10
ect
4g

Response headers

Date
Wed, 21 Aug 2024 22:49:28 GMT
Accept-Ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Server
nginx
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
POST, OPTIONS
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
Accept-Ch-Lifetime
30
Charset
utf-8
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_RGwta5GNaHHTZ080HusnprtcMThwMkRB/blsMeJZV0sv2jdXdaJuZOORmrKUmicqS1RfqBSggk0i3cd2l3X9bQ==
X-Log-Success
66c66ef840b28f2edd0cde76
Content-Length
16
track.php
www.www.www.facebook.xn--xgb.com/ 		0
580 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.www.www.facebook.xn--xgb.com/track.php?click=6ee181273573c3872f77c2a57862c189c3f70cd3&domain=xn--xgb.com&uid=MTcyNDI4MDU2Ni45MjQ3OjQzZDNlZDU2YjcxMTlkNjIwN2IzNzZjMGNmMmExNjdiMDE0M2UzYWM5ZGFlMDViOWUzZDRhNzFhYjlhZGVmNTY6NjZjNjZlZjZlMWMyYg%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDUsYnVja2V0MDc3fHx8fHx8NjZjNjZlZjZlMWJlOXx8fDE3MjQyODA1NjcuMTQwNXxkY2RjNjY5NTQwYTc1N2M2NDdmYjBjNmY4YzVlNzk5YzI4NWViMGFmfHx8fHwxfHwwfDB8fHx8MXx8fHx8MHwwfHx8fHx8fHx8fDB8MHx8MHx8fDB8MHxXMTA9fHwxfFcxMD18YTIzMDE2MTFiMTE4NTUzM2RkODBjYjQ4OTAyZTkzYWIyM2QwYzQ2ZXwwfHwwfDB8fHw%3D&kw=&search=&pcat=&bucket=&clientID=&adtest=off
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.247.81.112 , Canada, ASN206834 (TEAMINTERNET-CA-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

device-memory
8
rtt
150
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://www.www.www.facebook.xn--xgb.com/
dpr
1
downlink
10
ect
4g

Response headers

Date
Wed, 21 Aug 2024 22:49:29 GMT
Content-Encoding
gzip
Accept-Ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Server
nginx
X-Custom-Track
none
Vary
Accept-Encoding
Accept-Ch-Lifetime
30
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
X-View-Match
true
Content-Length
20
1304ac30-8585-11eb-af9e-0a51339b19df
alfar-fur.com/zclkvisitor/9e63a0c1-600f-11ef-8d31-0afff9f2dd6d/
Redirect Chain
  • http://alfar-fur.com/zclkvisitor/9e63a0c1-600f-11ef-8d31-0afff9f2dd6d/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=9e76daa3-600f-11ef-8d31-0afff9f2dd6d
  • https://alfar-fur.com/zclkvisitor/9e63a0c1-600f-11ef-8d31-0afff9f2dd6d/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=9e76daa3-600f-11ef-8d31-0afff9f2dd6d
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://alfar-fur.com/zclkvisitor/9e63a0c1-600f-11ef-8d31-0afff9f2dd6d/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=9e76daa3-600f-11ef-8d31-0afff9f2dd6d
Requested by
Host: www.www.www.facebook.xn--xgb.com
URL: https://www.www.www.facebook.xn--xgb.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.166.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-166-43.compute-1.amazonaws.com
Software
/
Resource Hash
40cb257d563f459aa28d341b067235fad9373b0ff8bfbb8231562f0f00f1554c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
https://www.www.www.facebook.xn--xgb.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
X-Requested-With,Content-Type
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
3088
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
content-type
text/html;charset=UTF-8
date
Wed, 21 Aug 2024 22:49:31 GMT

Redirect headers

Location
https://alfar-fur.com/zclkvisitor/9e63a0c1-600f-11ef-8d31-0afff9f2dd6d/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=9e76daa3-600f-11ef-8d31-0afff9f2dd6d
Non-Authoritative-Reason
HttpsUpgrades
px
starchoice-1.online/api/v1/
Redirect Chain
  • https://alfar-fur.com/zclkredirect?visitid=9e63a0c1-600f-11ef-8d31-0afff9f2dd6d&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel...
  • http://starchoice-1.online/api/v1/px?xmlid=Z1ger8bwAoCSvz0NeiLEjnFlB47DCbVvWVzHZOv1
  • https://starchoice-1.online/api/v1/px?xmlid=Z1ger8bwAoCSvz0NeiLEjnFlB47DCbVvWVzHZOv1
114 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://starchoice-1.online/api/v1/px?xmlid=Z1ger8bwAoCSvz0NeiLEjnFlB47DCbVvWVzHZOv1
Requested by
Host: alfar-fur.com
URL: https://alfar-fur.com/zclkvisitor/9e63a0c1-600f-11ef-8d31-0afff9f2dd6d/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=9e76daa3-600f-11ef-8d31-0afff9f2dd6d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.192.145 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ab226b763647f1870.awsglobalaccelerator.com
Software
/
Resource Hash
b659494089785af0008a0dfd97b3d16d95a41477a11abaac5c55a2ed7612b82d

Request headers

Referer
https://alfar-fur.com/zclkvisitor/9e63a0c1-600f-11ef-8d31-0afff9f2dd6d/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=9e76daa3-600f-11ef-8d31-0afff9f2dd6d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 21 Aug 2024 22:49:32 GMT
etag
W/"1c8ff-Dnjg1yV6+gjrOWa6vQmwaYaZ0kY"
vary
Accept-Encoding

Redirect headers

Location
https://starchoice-1.online/api/v1/px?xmlid=Z1ger8bwAoCSvz0NeiLEjnFlB47DCbVvWVzHZOv1
Non-Authoritative-Reason
HttpsUpgrades
stormcaster.js
cdn.perfdrive.com/advanced/ 		240 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.perfdrive.com/advanced/stormcaster.js
Requested by
Host: starchoice-1.online
URL: https://starchoice-1.online/api/v1/px?xmlid=Z1ger8bwAoCSvz0NeiLEjnFlB47DCbVvWVzHZOv1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.29.114 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
114.29.211.130.bc.googleusercontent.com
Software
nginx/1.10.1 /
Resource Hash
c173f098b4b70eb05e032286120bb713b7acb7e469105d5c2b636620f2336f1c

Request headers

Referer
https://starchoice-1.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 22:16:12 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 02 Aug 2024 04:50:38 GMT
server
nginx/1.10.1
age
2000
etag
W/"66ac659e-3bf08"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
91316
jsdata
cas.avalon.perfdrive.com/ 		360 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cas.avalon.perfdrive.com/jsdata?
Requested by
Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/advanced/stormcaster.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.15.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.15.241.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
https://starchoice-1.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
x-response-time
1ms
date
Wed, 21 Aug 2024 22:49:32 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
360
content-type
text/plain; charset=UTF-8
jsdata
cas.avalon.perfdrive.com/ 		255 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cas.avalon.perfdrive.com/jsdata?
Requested by
Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/advanced/stormcaster.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.15.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.15.241.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
https://starchoice-1.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
x-response-time
2ms
date
Wed, 21 Aug 2024 22:49:32 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
content-type
text/plain; charset=UTF-8
Primary Request /
www.usasavingcenter.com/
Redirect Chain
  • https://starchoice-1.online/api/v1/pxcheck?impId=Z1ger8bwAoCSvz0NeiLEjnFlB47DCbVvWVzHZOv1&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81M...
  • http://xml-v4.setlitescmode-3.online/click?seat=3010596&i=PS9TtHI7HqI_0
  • https://xml-v4.setlitescmode-3.online/click?seat=3010596&i=PS9TtHI7HqI_0
  • https://zeep.ly/wkDJX
  • http://tny.sh/grQjg1y
  • https://tny.sh/grQjg1y
  • http://www.usasavingcenter.com/
  • https://www.usasavingcenter.com/
17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.usasavingcenter.com/
Requested by
Host: starchoice-1.online
URL: https://starchoice-1.online/api/v1/px?xmlid=Z1ger8bwAoCSvz0NeiLEjnFlB47DCbVvWVzHZOv1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.210.237.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-237-202.compute-1.amazonaws.com
Software
e/3 /
Resource Hash
a1841666cc7aff344d1260438786f1eb041d72f2be50b88c907eeb8007352e56
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000
content-encoding
zstd
content-type
text/html
date
Wed, 21-Aug-2024 23:49:33 GMT
server
e/3
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

Location
https://www.usasavingcenter.com/
Non-Authoritative-Reason
HttpsUpgrades
sx.css
o.b5z.net/zirw/24/i/u/10252762/i/menu/ 		129 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://o.b5z.net/zirw/24/i/u/10252762/i/menu/sx.css
Requested by
Host: www.usasavingcenter.com
URL: https://www.usasavingcenter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.119.253.61 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-253-61.us-east-2.compute.amazonaws.com
Software
e/3 /
Resource Hash
7d61fe21694fcdef08e46a03d8543365e8f62800f91436783807b37463ac2c3b

Request headers

Referer
https://www.usasavingcenter.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 22:49:34 GMT
content-encoding
zstd
last-modified
Wed, 21 Aug 2024 21:19:28 GMT
server
e/3
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000
expires
Sun, 09 Sep 2027 05:00:00 GMT
css
fonts.googleapis.com/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lora|Poppins
Requested by
Host: www.usasavingcenter.com
URL: https://www.usasavingcenter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d0c2732c18a6b96a1046b13a6c17dcdbbaee3218ebf6d9b21acb4bf178443e8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.usasavingcenter.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 21 Aug 2024 22:49:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 21 Aug 2024 22:49:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 21 Aug 2024 22:49:34 GMT
rnddot.gif
o.b5z.net/zirw/24/i/t/w/ 		44 B
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://o.b5z.net/zirw/24/i/t/w/rnddot.gif
Requested by
Host: www.usasavingcenter.com
URL: https://www.usasavingcenter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.119.253.61 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-253-61.us-east-2.compute.amazonaws.com
Software
e/3 /
Resource Hash
fe3b0f1ca2ecfdaabdebda7df1dad6de0f1f169b648ee949b52782c9670ee81d

Request headers

Referer
https://www.usasavingcenter.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 22:49:35 GMT
last-modified
Wed, 21 Aug 2024 22:49:33 GMT
server
e/3
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
44
expires
Sun, 09 Sep 2027 05:00:00 GMT
em_32x32.png
o.b5z.net/zirw/h499b4/i/t/w/integration/social/icons/fcsq1/ 		813 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://o.b5z.net/zirw/h499b4/i/t/w/integration/social/icons/fcsq1/em_32x32.png
Requested by
Host: www.usasavingcenter.com
URL: https://www.usasavingcenter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.119.253.61 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-253-61.us-east-2.compute.amazonaws.com
Software
e/3 /
Resource Hash
fc7343799c439a63e1470faf643259ba510da590e8df59a13dfdeda95e77b9a9

Request headers

Referer
https://www.usasavingcenter.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 22:49:34 GMT
last-modified
Wed, 21 Aug 2024 22:48:39 GMT
server
e/3
content-type
image/avif
access-control-allow-origin
*
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
813
expires
Sun, 09 Sep 2027 05:00:00 GMT
logo_8900.jpg
o.b5z.net/i/u/10252762/i/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://o.b5z.net/i/u/10252762/i/logo_8900.jpg
Requested by
Host: www.usasavingcenter.com
URL: https://www.usasavingcenter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.119.253.61 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-253-61.us-east-2.compute.amazonaws.com
Software
e/3 /
Resource Hash
ae374db8e1a02b4317ea5f51d8c7d41ed66a103fc97af315106961753f951f1e

Request headers

Referer
https://www.usasavingcenter.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 22:49:34 GMT
last-modified
Wed, 21 Aug 2024 21:19:28 GMT
server
e/3
content-type
image/avif
access-control-allow-origin
*
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
1904
a1.jpg
o.b5z.net/zirw/24/i/u/10252762/i/menu/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://o.b5z.net/zirw/24/i/u/10252762/i/menu/a1.jpg
Requested by
Host: www.usasavingcenter.com
URL: https://www.usasavingcenter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.119.253.61 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-253-61.us-east-2.compute.amazonaws.com
Software
e/3 /
Resource Hash
ffbbbdacd1ec75c24eadb0d220bf2c36488a1606f484c18c59a7f245b574cbff

Request headers

Referer
https://www.usasavingcenter.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 22:49:34 GMT
last-modified
Wed, 21 Aug 2024 21:19:28 GMT
server
e/3
content-type
image/avif
access-control-allow-origin
*
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
13362
expires
Sun, 09 Sep 2027 05:00:00 GMT
Screenshot_2022-01-17_094455.jpg
o.b5z.net/i/u/10252762/i/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://o.b5z.net/i/u/10252762/i/Screenshot_2022-01-17_094455.jpg
Requested by
Host: www.usasavingcenter.com
URL: https://www.usasavingcenter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.119.253.61 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-253-61.us-east-2.compute.amazonaws.com
Software
e/3 /
Resource Hash
f6d3bd5cd28d0e9766385594103b1e4f44ba1fdbf2d446d9ebf16c2a48179bf2

Request headers

Referer
https://www.usasavingcenter.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 22:49:34 GMT
last-modified
Wed, 21 Aug 2024 21:19:28 GMT
server
e/3
content-type
image/avif
access-control-allow-origin
*
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
8270
em_20x20.png
o.b5z.net/zirw/h499b4/i/t/w/integration/social/icons/fcsq1/ 		673 B
820 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://o.b5z.net/zirw/h499b4/i/t/w/integration/social/icons/fcsq1/em_20x20.png
Requested by
Host: www.usasavingcenter.com
URL: https://www.usasavingcenter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.119.253.61 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-253-61.us-east-2.compute.amazonaws.com
Software
e/3 /
Resource Hash
a9044ad0e39a7834217437ec5b5dacfe5d4d1cc5a53ba0ac4a4823b54ba308e0

Request headers

Referer
https://www.usasavingcenter.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 22:49:34 GMT
last-modified
Wed, 21 Aug 2024 22:48:39 GMT
server
e/3
content-type
image/avif
access-control-allow-origin
*
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
673
expires
Sun, 09 Sep 2027 05:00:00 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: www.usasavingcenter.com
URL: https://www.usasavingcenter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.usasavingcenter.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 14:14:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
203733
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Aug 2025 14:14:01 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/ 		248 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
Requested by
Host: www.usasavingcenter.com
URL: https://www.usasavingcenter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.usasavingcenter.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 14:39:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
461411
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67948
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Aug 2025 14:39:23 GMT
bootstrap-ezot-min.js
o.b5z.net/zirw/h499b4/i/t/w/lib/boot/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://o.b5z.net/zirw/h499b4/i/t/w/lib/boot/js/bootstrap-ezot-min.js
Requested by
Host: www.usasavingcenter.com
URL: https://www.usasavingcenter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.119.253.61 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-253-61.us-east-2.compute.amazonaws.com
Software
e/3 /
Resource Hash
1626eae26c5a602dba16f9fdb4f034b405223222b835775b07a48eeed865622e

Request headers

Referer
https://www.usasavingcenter.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 22:49:35 GMT
content-encoding
zstd
last-modified
Wed, 21 Aug 2024 22:48:39 GMT
server
e/3
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000
expires
Sun, 09 Sep 2027 05:00:00 GMT
bkgrnd.jpg
o.b5z.net/zirw/24/i/u/10252762/i/menu/ 		309 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://o.b5z.net/zirw/24/i/u/10252762/i/menu/bkgrnd.jpg
Requested by
Host: www.usasavingcenter.com
URL: https://www.usasavingcenter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.119.253.61 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-253-61.us-east-2.compute.amazonaws.com
Software
e/3 /
Resource Hash
d89d27bd1bfe38ca46aa1df79ae13b866a202b7deced7d29700b5b4ccb9bb089

Request headers

Referer
https://www.usasavingcenter.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 22:49:35 GMT
last-modified
Wed, 21 Aug 2024 21:19:28 GMT
server
e/3
content-type
image/avif
access-control-allow-origin
*
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
309
expires
Sun, 09 Sep 2027 05:00:00 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora|Poppins
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.usasavingcenter.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 13:04:55 GMT
x-content-type-options
nosniff
age
467080
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Aug 2025 13:04:55 GMT
nav-arr1.png
o.b5z.net/i/t/w/btn/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://o.b5z.net/i/t/w/btn/nav-arr1.png
Requested by
Host: o.b5z.net
URL: https://o.b5z.net/zirw/24/i/u/10252762/i/menu/sx.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.119.253.61 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-253-61.us-east-2.compute.amazonaws.com
Software
e/3 /
Resource Hash
a563301eabe81befad11a8795c469c1acbc32b1b26a1873095725eb67f78b803

Request headers

Referer
https://o.b5z.net/zirw/24/i/u/10252762/i/menu/sx.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 22:49:35 GMT
last-modified
Wed, 21 Aug 2024 22:49:21 GMT
server
e/3
content-type
image/avif
access-control-allow-origin
*
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
3730
0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2
fonts.gstatic.com/s/lora/v35/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lora/v35/0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora|Poppins
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5aaa941328e6c9b4c140a8dfb8ab73187627cbf522c4b3309c71ec68be0b6325
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.usasavingcenter.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 23:23:41 GMT
x-content-type-options
nosniff
age
602754
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21108
x-xss-protection
0
last-modified
Wed, 31 Jan 2024 23:12:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Aug 2025 23:23:41 GMT
favicon.ico
www.usasavingcenter.com/ 		78 B
130 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.usasavingcenter.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.210.237.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-237-202.compute-1.amazonaws.com
Software
e/3 /
Resource Hash
9dfc748639df83a9f99d6e1eff55ab84f3cb568d9be2fbe2424445a717d08701
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.usasavingcenter.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 21-Aug-2024 23:49:34 GMT
server
e/3
alt-svc
h3=":443"; ma=2592000
content-length
78
x-frame-options
SAMEORIGIN
content-type
text/html

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| irootsite string| siteurl boolean| msetm object| dii function| mset function| ovp function| ot function| ov function| ezPOpen function| ezgu function| loadjs function| dki function| mbset function| mbseti function| ezMobResize function| esbTogMobm function| onWinLoad function| fixLazy function| setLazy function| bsSearchSubmit function| $ function| jQuery function| j$ object| jQuery1124012983586235715894 number| mainbottom object| dropdownSelectors function| dropdownEffectData function| dropdownEffectStart function| dropdownEffectEnd

12 Cookies

Domain/Path Name / Value
.starchoice-1.online/ Name: __ssds
Value: 2
.starchoice-1.online/ Name: __ssuzjsr2
Value: a9be0cd8e
.starchoice-1.online/ Name: __uzmaj2
Value: 15a8d206-5165-46fd-9cdb-cfc918d12a2b
.starchoice-1.online/ Name: __uzmbj2
Value: 1724280572
.starchoice-1.online/ Name: __uzmcj2
Value: 225041026828
.starchoice-1.online/ Name: __uzmdj2
Value: 1724280572
.starchoice-1.online/ Name: __uzmlj2
Value: SXurLEAXhBz/KNvq5y+ClC+k+izMVtODLy+IxAyP8Sg=
.starchoice-1.online/ Name: __uzmfj2
Value: 7f6000b3c3141a-c6df-45c9-9df0-68f5a61bd72a17242805729880-137776826fbdbb6410
zeep.ly/ Name: PHPSESSID
Value: 7c685dd69685bef0a834bc8519ce04a7
zeep.ly/ Name: short_474326
Value: 1
.usasavingcenter.com/ Name: ss
Value: ANNCQQSOAJVLJCPTIGNZDCMDU
.usasavingcenter.com/ Name: ezstida
Value: BPHTCITUNQGNEORPEQYBGA

1 Console Messages

Source Level URL
Text
network error URL: https://www.usasavingcenter.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
alfar-fur.com
cas.avalon.perfdrive.com
cdn.perfdrive.com
d38psrni17bvxu.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
o.b5z.net
starchoice-1.online
tny.sh
www.usasavingcenter.com
www.www.www.facebook.xn--xgb.com
xml-v4.setlitescmode-3.online
zeep.ly
104.247.81.112
130.211.29.114
173.239.53.32
18.119.253.61
18.210.237.202
2600:9000:2209:8000:1d:4618:5c80:21
2606:4700:20::681a:956
2607:f8b0:4006:80b::200a
2607:f8b0:4006:81e::200a
2607:f8b0:4006:820::2003
3.33.192.145
35.241.15.240
52.202.166.43
95.217.202.210
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9
1626eae26c5a602dba16f9fdb4f034b405223222b835775b07a48eeed865622e
40cb257d563f459aa28d341b067235fad9373b0ff8bfbb8231562f0f00f1554c
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
5aaa941328e6c9b4c140a8dfb8ab73187627cbf522c4b3309c71ec68be0b6325
667fcaeb762d5a45cf4b45790ae389e68d16132f1d7255da5252ac1bcffddd78
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
7d61fe21694fcdef08e46a03d8543365e8f62800f91436783807b37463ac2c3b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
9dfc748639df83a9f99d6e1eff55ab84f3cb568d9be2fbe2424445a717d08701
a1841666cc7aff344d1260438786f1eb041d72f2be50b88c907eeb8007352e56
a563301eabe81befad11a8795c469c1acbc32b1b26a1873095725eb67f78b803
a9044ad0e39a7834217437ec5b5dacfe5d4d1cc5a53ba0ac4a4823b54ba308e0
ae374db8e1a02b4317ea5f51d8c7d41ed66a103fc97af315106961753f951f1e
b659494089785af0008a0dfd97b3d16d95a41477a11abaac5c55a2ed7612b82d
c173f098b4b70eb05e032286120bb713b7acb7e469105d5c2b636620f2336f1c
d0c2732c18a6b96a1046b13a6c17dcdbbaee3218ebf6d9b21acb4bf178443e8a
d89d27bd1bfe38ca46aa1df79ae13b866a202b7deced7d29700b5b4ccb9bb089
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6d3bd5cd28d0e9766385594103b1e4f44ba1fdbf2d446d9ebf16c2a48179bf2
fc7343799c439a63e1470faf643259ba510da590e8df59a13dfdeda95e77b9a9
fe3b0f1ca2ecfdaabdebda7df1dad6de0f1f169b648ee949b52782c9670ee81d
ffbbbdacd1ec75c24eadb0d220bf2c36488a1606f484c18c59a7f245b574cbff