urlscan.io logo urlscan.io
SecurityTrails logo

lplfnance.us Open in urlscan Pro
2606:4700:3037::6815:5540  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://u.to/Asi7Hw
Effective URL: https://lplfnance.us/
Submission: On June 22 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 10 domains to perform 26 HTTP transactions. The main IP is 2606:4700:3037::6815:5540, located in United States and belongs to CLOUDFLARENET, US. The main domain is lplfnance.us.
TLS certificate: Issued by GTS CA 1P5 on June 7th 2023. Valid for: 3 months.
This is the only time lplfnance.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    195.216.243.155 (Moscow, Russian Federation)

ASN57724 (DDOS-GUARD, RU)
PTR: s5.uid.me
u.to
1    69.61.26.121 (Atlanta, United States)

ASN141518 (SUBHOST-AS-IN Subhosting Innovations Pvt Ltd, IN)
v.ht
1    2607:f8b0:4006:821::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2607:f8b0:4006:820::2008 (Flushing, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2607:f8b0:4006:824::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    2607:f8b0:4006:80f::200e (Flushing, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2607:f8b0:4006:822::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2607:f8b0:4006:817::2001 (Flushing, United States)

ASN15169 (GOOGLE, US)
e3bf0ff5ac487e533d96bd53b853b03b.safeframe.googlesyndication.com
tpc.googlesyndication.com
1    99.83.245.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: acc5742fcb14a0ac1.awsglobalaccelerator.com
rb.gy
9    2606:4700:3037::6815:5540 (United States)

ASN13335 (CLOUDFLARENET, US)
lplfnance.us
3    2607:f8b0:4006:81c::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2607:f8b0:4006:81c::2004 (Flushing, United States)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
9 lplfnance.us
lplfnance.us
19 KB
6 googlesyndication.com
e3bf0ff5ac487e533d96bd53b853b03b.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 133
tpc.googlesyndication.com — Cisco Umbrella Rank: 155
40 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 60
21 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 219
129 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 107
www.google.com — Cisco Umbrella Rank: 3
2 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 82
142 KB
2 u.to
u.to — Cisco Umbrella Rank: 503549
530 B
1 rb.gy
rb.gy — Cisco Umbrella Rank: 87989
157 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 207
26 KB
1 v.ht
v.ht — Cisco Umbrella Rank: 915107
2 KB
26 10
Domain Requested by
9 lplfnance.us 2 redirects v.ht
lplfnance.us
3 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
2 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 www.googletagmanager.com v.ht
www.googletagmanager.com
2 u.to 2 redirects
1 www.google.com tpc.googlesyndication.com
1 rb.gy 1 redirects
1 e3bf0ff5ac487e533d96bd53b853b03b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 www.googletagservices.com v.ht
1 v.ht
26 13

This site contains no links.

Subject Issuer Validity Valid
www.v.ht
R3		 2023-06-01 -
2023-08-30		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
lplfnance.us
GTS CA 1P5		 2023-06-07 -
2023-09-05		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://lplfnance.us/
Frame ID: 8C327A157DDB7E47EA66DF9950D3EF09
Requests: 16 HTTP requests in this frame

Frame: https://e3bf0ff5ac487e533d96bd53b853b03b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E28B2FA185F38286F385F75F724140E0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8B685FB56F58960FC894850F3816E18C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 78E4C12FCDAF3043D66F9B56F99CC451
Requests: 2 HTTP requests in this frame

Frame: https://lplfnance.us/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js
Frame ID: 95ACD232847BB706F9EE8295A4418FA2
Requests: 2 HTTP requests in this frame

Frame: https://lplfnance.us/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js
Frame ID: F9749F1D4E9103F1281E36192F6E1AD7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

404 Not Found

Page URL History Show full URLs

  1. http://u.to/Asi7Hw HTTP 301
    https://u.to/Asi7Hw HTTP 302
    https://v.ht/W78DG Page URL
  2. https://rb.gy/nede3 HTTP 301
    https://lplfnance.us/ Page URL
  3. https://lplfnance.us/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

26
Requests

88 %
HTTPS

75 %
IPv6

10
Domains

13
Subdomains

11
IPs

2
Countries

379 kB
Transfer

1045 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://u.to/Asi7Hw HTTP 301
    https://u.to/Asi7Hw HTTP 302
    https://v.ht/W78DG Page URL
  2. https://rb.gy/nede3 HTTP 301
    https://lplfnance.us/ Page URL
  3. https://lplfnance.us/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://u.to/Asi7Hw HTTP 301
  • https://u.to/Asi7Hw HTTP 302
  • https://v.ht/W78DG
Request Chain 12
  • https://rb.gy/nede3 HTTP 301
  • https://lplfnance.us/
Request Chain 21
  • https://lplfnance.us/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://lplfnance.us/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js
Request Chain 23
  • https://lplfnance.us/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://lplfnance.us/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
W78DG
v.ht/
Redirect Chain
  • http://u.to/Asi7Hw
  • https://u.to/Asi7Hw
  • https://v.ht/W78DG
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://v.ht/W78DG
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.61.26.121 Atlanta, United States, ASN141518 (SUBHOST-AS-IN Subhosting Innovations Pvt Ltd, IN),
Reverse DNS
Software
Hotcores.com /
Resource Hash
d5bf9328f353e1ade30b3805e97882917f2e22bd2f1f3fe7ee3594c56146999e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; Charset=UTF-8;charset=UTF-8
Date
Thu, 22 Jun 2023 20:56:15 GMT
I-AM
Alpha
Pragma
no-cache
Server
Hotcores.com
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Robots-Tag
noindex, nofollow

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 22 Jun 2023 20:54:35 GMT
Keep-Alive
timeout=15
Location
https://v.ht/W78DG
Server
nginx/1.8.0
Transfer-Encoding
chunked
gpt.js
www.googletagservices.com/tag/js/ 		77 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: v.ht
URL: https://v.ht/W78DG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c101cd6c69cbd0d89663c70277594874925e6c4f12923f07c837e332c57e25d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 21:02:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26416
x-xss-protection
0
server
cafe
etag
58 / 19530 / m202306150101 / config-hash: 11591319961802778394
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 22 Jun 2023 21:02:38 GMT
js
www.googletagmanager.com/gtag/ 		174 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-31510493-3
Requested by
Host: v.ht
URL: https://v.ht/W78DG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
101e2c588f664db361c242a2b1cae15e9abd5f67bd2fa36f0c6efffb8647c844
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 21:02:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
65037
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 22 Jun 2023 21:02:38 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/ 		411 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f295fdb1019a3c2ff2479582f5eda1915c67e8d8634f8b089920f86b6cc4fb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 18:51:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
7848
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129960
x-xss-protection
0
server
cafe
etag
10643696450713337328
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 21 Jun 2024 18:51:50 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		26 B
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=v.ht
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19dc99a8224767e303208b156949a2c7b99e67dbe02ef9aa078fecaa28d3616e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 21:02:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30
x-xss-protection
0
expires
Thu, 22 Jun 2023 21:02:38 GMT
js
www.googletagmanager.com/gtag/ 		217 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8TV54DGHNR&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-31510493-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2f992b03974b195cb770b0c69772a5cfb47fa34f21ca1869c00d28a02e9fe09d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 21:02:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79423
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 22 Jun 2023 21:02:38 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-31510493-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 22 Jun 2023 20:11:08 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3090
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 22 Jun 2023 22:11:08 GMT
collect
www.google-analytics.com/j/ 		1 B
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1859220907&t=pageview&_s=1&dl=https%3A%2F%2Fv.ht%2FW78DG&ul=en-us&de=UTF-8&dt=W78DG&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=524434574&gjid=608544939&cid=70327700.1687467759&tid=UA-31510493-3&_gid=1058915002.1687467759&_r=1&gtm=457e36l0&jsscut=1&z=634881013
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://v.ht/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 21:02:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://v.ht
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-8TV54DGHNR&gtm=45je36l0&_p=1859220907&cid=70327700.1687467759&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1687467759&sct=1&seg=0&dl=https%3A%2F%2Fv.ht%2FW78DG&dt=W78DG&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8TV54DGHNR&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 21:02:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://v.ht
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=v.ht
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 21:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		654 B
690 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1468802123730485&correlator=2224149754895688&output=ldjh&gdfp_req=1&vrg=202306150101&ptt=17&impl=fif&iu_parts=5837603%2CVht_360&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x360&ifi=1&adks=495576698&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1687467759131&lmt=1687467759&dlt=1687467758480&idt=597&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fv.ht%2FW78DG&frm=20&vis=1&psz=300x63&msz=0x0&fws=128&ohw=0&ga_vid=70327700.1687467759&ga_sid=1687467759&ga_hid=1859220907&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7cc30dc982534a4717e0b921cb7601649a277ec78ce630acff1c1ebdecaec57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 21:02:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://v.ht
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e3bf0ff5ac487e533d96bd53b853b03b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E28B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e3bf0ff5ac487e533d96bd53b853b03b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://v.ht/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Jun 2023 21:02:39 GMT
expires
Fri, 21 Jun 2024 21:02:39 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
lplfnance.us/
Redirect Chain
  • https://rb.gy/nede3
  • https://lplfnance.us/
7 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lplfnance.us/
Requested by
Host: v.ht
URL: https://v.ht/W78DG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:5540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f489a96ee724e8cd1ec7880a1ddd7ffed55d4af74500170d45be8066bf890f94
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Referer
https://v.ht/W78DG
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
7db76efa1e4b0cb4-EWR
content-type
text/html; charset=utf-8
date
Thu, 22 Jun 2023 21:02:39 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iCGAttnymbJQNwcakHoqrSeU6LwJRqo04HXkhA4fgduLg9GEvNqclbCKl00Dv0Im4bHfOQit6wAazvBTi8ym%2Fy9FgP%2BCsD55NRefvw7Gp2rocNzODCHUA%2B9a2MocZnnW7My%2FX%2FG3Flap7tA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block 1; mode=block

Redirect headers

cache-control
no-cache, no-store
content-length
0
date
Thu, 22 Jun 2023 21:02:39 GMT
engine
Rebrandly.redirect, version 2.1
expires
-1
location
https://lplfnance.us/
strict-transport-security
max-age=15552000
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306150101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 21:02:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11374
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 21:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Jun 2023 21:02:39 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8B68 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://v.ht/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
23267
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Jun 2023 14:34:52 GMT
expires
Fri, 21 Jun 2024 14:34:52 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 78E4 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-J6Vgy1ch0epqrsy_RZGNIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://v.ht/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-J6Vgy1ch0epqrsy_RZGNIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 22 Jun 2023 21:02:39 GMT
expires
Thu, 22 Jun 2023 21:02:39 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
qZsn1HeCCcmFdGByhVB6w33s6gTjWS7DN31yxJZZZvY.js
pagead2.googlesyndication.com/bg/ Frame 8B68 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/qZsn1HeCCcmFdGByhVB6w33s6gTjWS7DN31yxJZZZvY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 13:28:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
27231
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14515
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 21 Jun 2024 13:28:48 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 78E4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306150101&jk=1468802123730485&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 8B68 		0
0
/
lplfnance.us/ 		0
735 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lplfnance.us/
Requested by
Host: v.ht
URL: https://v.ht/W78DG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:5540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

X-Requested-TimeStamp-Expire
accept-language
en-US,en;q=0.9
X-Requested-TimeStamp-Combination
X-Requested-Type-Combination
GET
D-rTyh40vIESTOBK7hllOTw61xc
Tdy2SoOxW1TAi-LwjukzCKkm4eE
Content-type
application/x-www-form-urlencoded
8qTNnXHFCxoWkNWSXBuWTkMnGOk
41292644
X-Requested-Type
GET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Referer
https://lplfnance.us/
X-Requested-with
XMLHttpRequest
X-Requested-TimeStamp

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 21:02:40 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff, nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bMk9jEDNGk3g%2B4fF%2FHTeKAx2hT9VP%2FAL%2B6Zp7KQc%2Fx9%2FM93fsOahiVCT72ce08SUYX%2BPmBQiBxVXIVLw5M%2Bc%2FHdBxt3afTeQ5pshVjStkDNV%2B5dzHjXDyEG%2BGWo0Emm5FzK8f7Zu8TvwRgw%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7db76efbefe20cb4-EWR
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
expires
0
invisible.js
lplfnance.us/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/ Frame 95AC
Redirect Chain
  • https://lplfnance.us/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://lplfnance.us/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lplfnance.us/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js
Protocol
H2
Server
2606:4700:3037::6815:5540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3730add9149f54c63c96e685df092ddeafa16be8ba3408cfa912a3de78a71b6a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 21:02:40 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LwY%2BIuA6Emfl95WEmsI31mqOnCLISFTnfkj9%2BsevxioU%2FXmI3BPCYdEB%2FNOf1PZH3Kss6ynJxMJ%2Br1LEmtJZc8DwvcDI%2B8Zt9z3YxoRHZKTMfRTlTjh5%2B75WvegqhGKr86c3GLhgBHBfRbM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7db76efc381d0cb4-EWR
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 22 Jun 2023 21:02:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r888iD2jUHCiguaoGP1sZmqgc3uNWyr8FKe38geR7gTezIRjMJfDMiYVJbsq727uwBp1F%2Beo0OdBQQjsGChp0ejVcCDv%2FMm3WzzPjRYw%2BG2obZYzCIlRb7MX3xyfo7h1BM29KNPQUl18B%2Fk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js
cache-control
max-age=300, public
cf-ray
7db76efbffec0cb4-EWR
alt-svc
h3=":443"; ma=86400
7db76efa1e4b0cb4
lplfnance.us/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 95AC 		0
618 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lplfnance.us/cdn-cgi/challenge-platform/h/g/cv/result/7db76efa1e4b0cb4
Requested by
Host: lplfnance.us
URL: https://lplfnance.us/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:5540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 22 Jun 2023 21:02:40 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tv8896q4%2Fz5cp64sga3rJvc7UWS79KZNN%2BH9guDGf3A8j2IHYzBYXWX5fBMi5reXGiyk32vQgBR%2BrzP9bn9K2dZHv5PxilDibUaa%2BB%2FGSgvu%2FxxH1Lx0zt2EuSlrHcP84XE%2FrZV8ydGDhOM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7db76efddda20f3f-EWR
alt-svc
h3=":443"; ma=86400
Primary Request /
lplfnance.us/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lplfnance.us/
Requested by
Host: v.ht
URL: https://v.ht/W78DG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:5540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc5cbc738ab592b90a4dc3e4d5fd7b9015b9cb86f643e5871f68a2f34b962d75
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Referer
https://lplfnance.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7db76efdedad0f3f-EWR
content-encoding
br
content-type
text/html
date
Thu, 22 Jun 2023 21:02:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2BfYnClDAjeuaM6wwsYbZTI62ZNmpOZXZ7UxbjUbA3JuX68REEJ2KQMDEX%2BQB0dI9HEGNuNPKHWmIMsrPtzQ6ZcfaWzTEMxPOVB%2FF%2BmEFQ7SBBEZlSce8j3RNoW5vaPKmCuqFU23QoHzSoA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-xss-protection
1; mode=block 1; mode=block
invisible.js
lplfnance.us/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/ Frame F974
Redirect Chain
  • https://lplfnance.us/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://lplfnance.us/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lplfnance.us/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js
Protocol
H3
Server
2606:4700:3037::6815:5540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9464a8544aa72fe7812560d2c5ac4278b667b7c423c6353f5e34ff2709122be7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 21:02:40 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=esosXnbImIqyTyR9J1%2BNMiR7otSpP4w1LcGxZGjMjaXUSL3ErcwMmLVaZSpEXwfvsxQkAoM39R91X4Gyp0ROJ7jzbeVeGcQZxx%2BqRapqfqCAS1mPldWShGvDKnE%2Frs%2BIzexYdtmtauMaT4k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7db76effdf6c0f3f-EWR
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 22 Jun 2023 21:02:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fHg5SC2yUZ7GS%2FLTf3MVUCNpUPM7EX5VAhrgw2F%2B4EXZcC0pVTm371hoo9FJN8TY5sHzD0sSpJDLNG8MO9sVlO1GRqT6GDbGKW10zLjyHvob1UZZdnBQDb3bAyitb1a50ukFp6R%2FrQSnPCU%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
7db76effaf390f3f-EWR
alt-svc
h3=":443"; ma=86400
7db76efdedad0f3f
lplfnance.us/cdn-cgi/challenge-platform/h/g/cv/result/ Frame F974 		0
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lplfnance.us/cdn-cgi/challenge-platform/h/g/cv/result/7db76efdedad0f3f
Requested by
Host: lplfnance.us
URL: https://lplfnance.us/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:5540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 22 Jun 2023 21:02:40 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2BcmPuNNkXUHw3MzZqqmEU0hTxj6W6mTEeLwNxRa2Bnvo8hkIPSw8%2B3M%2FoFfrNpv2Z3g63YSacuZy%2BlD351YnbSJfIDIVGgTi2nH7vaGnTC83mE4xQ2OWx4Mcrecwt%2FQq9aupvYibaX%2BTuo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7db76f0128750f3f-EWR
alt-svc
h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/generate_204?nScINw

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend

19 Cookies

Domain/Path Name / Value
.u.to/ Name: lng
Value: en
.v.ht/ Name: _gid
Value: GA1.2.1058915002.1687467759
.v.ht/ Name: _gat_gtag_UA_31510493_3
Value: 1
.v.ht/ Name: _ga_8TV54DGHNR
Value: GS1.1.1687467759.1.0.1687467759.0.0.0
.v.ht/ Name: _ga
Value: GA1.1.70327700.1687467759
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.v.ht/ Name: __gads
Value: ID=843798394c5b4418:T=1687467759:RT=1687467759:S=ALNI_MYgLMWNQ3Esz3pMgEMs84dMmcpbUg
.v.ht/ Name: __gpi
Value: UID=00000c5f3cef0240:T=1687467759:RT=1687467759:S=ALNI_MbnFLhQX6Eg-C_1u9csVimNmCmDYg
lplfnance.us/ Name: jyYwAL02ept30RFRYUOP5HLHSPY
Value: dgtu39hkr4xfOhccGEEuMy1y3K8
lplfnance.us/ Name: RqLw-MjfiHH87azs15Fhfo0OyDE
Value: 1687467757
lplfnance.us/ Name: y9uFfClELpbZwMrl5B_HKKEqUYw
Value: 1687554157
lplfnance.us/ Name: NBqIqRG1ZbthUYJqEAqCNKAmamk
Value: eSBYxE7rjXxLw8dwSX0AXClCN9A
lplfnance.us/ Name: 3ho-oTGDL0YpFVEbmViMJQm5QYs
Value: zc16ffHRAdjpK0d9JZ-UcZk-M30
lplfnance.us/ Name: gamzjVK3bv96FZh-bCSIMoFJnPM
Value: K9nvFBCSJ0dFvtMsdSclsjxJoLo
lplfnance.us/ Name: PX-0UK1efeGfLzTaIj5Ns9E61F8
Value: 1687467759
lplfnance.us/ Name: nfWs80kOou8TmjMylP-1EXi4FwY
Value: 1687554159
lplfnance.us/ Name: T4NzyxE8xBDnPR4Z6gPNjFcZQk4
Value: olrrIPqPX4433n481t7SH2YQcbE
lplfnance.us/ Name: PFgBUz4YDyybgjpjHMLnLfbZMwc
Value: 1_XeJ1jzpRKadGFZrzWS6UvQW_M
.lplfnance.us/ Name: __cf_bm
Value: ALM0bYQ9ekTLemoWedR6QZbcISHNJhovU3j496IyuIc-1687467760-0-ASREJFJr5XjGgwsZFpV6EHIwPwYgqisxJej9m5svb8gYV5qzOKt4zQ8Im//rsJ6JFA==

2 Console Messages

Source Level URL
Text
network error URL: https://lplfnance.us/
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://lplfnance.us/
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
e3bf0ff5ac487e533d96bd53b853b03b.safeframe.googlesyndication.com
lplfnance.us
pagead2.googlesyndication.com
rb.gy
securepubads.g.doubleclick.net
tpc.googlesyndication.com
u.to
v.ht
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
tpc.googlesyndication.com
195.216.243.155
2606:4700:3037::6815:5540
2607:f8b0:4006:80f::200e
2607:f8b0:4006:817::2001
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81c::2004
2607:f8b0:4006:820::2008
2607:f8b0:4006:821::2002
2607:f8b0:4006:822::2002
2607:f8b0:4006:824::2002
69.61.26.121
99.83.245.29
101e2c588f664db361c242a2b1cae15e9abd5f67bd2fa36f0c6efffb8647c844
19dc99a8224767e303208b156949a2c7b99e67dbe02ef9aa078fecaa28d3616e
2f992b03974b195cb770b0c69772a5cfb47fa34f21ca1869c00d28a02e9fe09d
3730add9149f54c63c96e685df092ddeafa16be8ba3408cfa912a3de78a71b6a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7f295fdb1019a3c2ff2479582f5eda1915c67e8d8634f8b089920f86b6cc4fb7
9464a8544aa72fe7812560d2c5ac4278b667b7c423c6353f5e34ff2709122be7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
c101cd6c69cbd0d89663c70277594874925e6c4f12923f07c837e332c57e25d6
cc5cbc738ab592b90a4dc3e4d5fd7b9015b9cb86f643e5871f68a2f34b962d75
d5bf9328f353e1ade30b3805e97882917f2e22bd2f1f3fe7ee3594c56146999e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7cc30dc982534a4717e0b921cb7601649a277ec78ce630acff1c1ebdecaec57
f489a96ee724e8cd1ec7880a1ddd7ffed55d4af74500170d45be8066bf890f94